lkft/sashal-linus-next - v6.13-rc7-43418-g558c6dd4d863 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 5, 2025, 5:09 p.m.

Environment
qemu-arm64
qemu-x86_64

[   20.224258] ==================================================================
[   20.224379] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   20.224452] Free of addr fff00000c7964000 by task kunit_try_catch/237
[   20.224495] 
[   20.224725] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   20.224904] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.224953] Hardware name: linux,dummy-virt (DT)
[   20.225003] Call trace:
[   20.225028]  show_stack+0x20/0x38 (C)
[   20.225163]  dump_stack_lvl+0x8c/0xd0
[   20.225214]  print_report+0x118/0x608
[   20.225262]  kasan_report_invalid_free+0xc0/0xe8
[   20.225469]  __kasan_mempool_poison_object+0x14c/0x150
[   20.225616]  mempool_free+0x28c/0x328
[   20.225711]  mempool_double_free_helper+0x150/0x2e8
[   20.225765]  mempool_kmalloc_large_double_free+0xc0/0x118
[   20.225844]  kunit_try_run_case+0x170/0x3f0
[   20.225993]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.226048]  kthread+0x328/0x630
[   20.226107]  ret_from_fork+0x10/0x20
[   20.226289] 
[   20.226355] The buggy address belongs to the physical page:
[   20.226507] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107964
[   20.226589] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.226731] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.226886] page_type: f8(unknown)
[   20.227042] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.227150] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.227374] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.227589] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.227751] head: 0bfffe0000000002 ffffc1ffc31e5901 00000000ffffffff 00000000ffffffff
[   20.227850] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   20.228018] page dumped because: kasan: bad access detected
[   20.228097] 
[   20.228138] Memory state around the buggy address:
[   20.228277]  fff00000c7963f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.228407]  fff00000c7963f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.228451] >fff00000c7964000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.228676]                    ^
[   20.228759]  fff00000c7964080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.228816]  fff00000c7964100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.229316] ==================================================================
[   20.211678] ==================================================================
[   20.211738] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   20.211794] Free of addr fff00000c6398400 by task kunit_try_catch/235
[   20.211836] 
[   20.211886] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   20.211967] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.211994] Hardware name: linux,dummy-virt (DT)
[   20.212026] Call trace:
[   20.212048]  show_stack+0x20/0x38 (C)
[   20.212097]  dump_stack_lvl+0x8c/0xd0
[   20.212479]  print_report+0x118/0x608
[   20.212545]  kasan_report_invalid_free+0xc0/0xe8
[   20.212606]  check_slab_allocation+0xd4/0x108
[   20.212665]  __kasan_mempool_poison_object+0x78/0x150
[   20.212767]  mempool_free+0x28c/0x328
[   20.212828]  mempool_double_free_helper+0x150/0x2e8
[   20.212889]  mempool_kmalloc_double_free+0xc0/0x118
[   20.212937]  kunit_try_run_case+0x170/0x3f0
[   20.212988]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.213041]  kthread+0x328/0x630
[   20.213082]  ret_from_fork+0x10/0x20
[   20.213149] 
[   20.213166] Allocated by task 235:
[   20.213195]  kasan_save_stack+0x3c/0x68
[   20.213237]  kasan_save_track+0x20/0x40
[   20.213274]  kasan_save_alloc_info+0x40/0x58
[   20.213329]  __kasan_mempool_unpoison_object+0x11c/0x180
[   20.213373]  remove_element+0x130/0x1f8
[   20.213406]  mempool_alloc_preallocated+0x58/0xc0
[   20.213455]  mempool_double_free_helper+0x94/0x2e8
[   20.213493]  mempool_kmalloc_double_free+0xc0/0x118
[   20.213543]  kunit_try_run_case+0x170/0x3f0
[   20.213596]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.213639]  kthread+0x328/0x630
[   20.213671]  ret_from_fork+0x10/0x20
[   20.213707] 
[   20.213736] Freed by task 235:
[   20.213771]  kasan_save_stack+0x3c/0x68
[   20.213808]  kasan_save_track+0x20/0x40
[   20.213845]  kasan_save_free_info+0x4c/0x78
[   20.213894]  __kasan_mempool_poison_object+0xc0/0x150
[   20.213936]  mempool_free+0x28c/0x328
[   20.213970]  mempool_double_free_helper+0x100/0x2e8
[   20.214027]  mempool_kmalloc_double_free+0xc0/0x118
[   20.214067]  kunit_try_run_case+0x170/0x3f0
[   20.214120]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.214163]  kthread+0x328/0x630
[   20.214195]  ret_from_fork+0x10/0x20
[   20.214232] 
[   20.214258] The buggy address belongs to the object at fff00000c6398400
[   20.214258]  which belongs to the cache kmalloc-128 of size 128
[   20.214332] The buggy address is located 0 bytes inside of
[   20.214332]  128-byte region [fff00000c6398400, fff00000c6398480)
[   20.214414] 
[   20.214442] The buggy address belongs to the physical page:
[   20.214479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106398
[   20.214531] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.214578] page_type: f5(slab)
[   20.214629] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   20.214679] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   20.214719] page dumped because: kasan: bad access detected
[   20.214934] 
[   20.215072] Memory state around the buggy address:
[   20.215230]  fff00000c6398300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.215380]  fff00000c6398380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.215478] >fff00000c6398400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.215519]                    ^
[   20.215548]  fff00000c6398480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.215693]  fff00000c6398500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.215735] ==================================================================
[   20.237407] ==================================================================
[   20.237463] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   20.237516] Free of addr fff00000c7964000 by task kunit_try_catch/239
[   20.237555] 
[   20.237794] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   20.237951] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.238010] Hardware name: linux,dummy-virt (DT)
[   20.238060] Call trace:
[   20.238152]  show_stack+0x20/0x38 (C)
[   20.238207]  dump_stack_lvl+0x8c/0xd0
[   20.238265]  print_report+0x118/0x608
[   20.238313]  kasan_report_invalid_free+0xc0/0xe8
[   20.238363]  __kasan_mempool_poison_pages+0xe0/0xe8
[   20.238603]  mempool_free+0x24c/0x328
[   20.238709]  mempool_double_free_helper+0x150/0x2e8
[   20.238773]  mempool_page_alloc_double_free+0xbc/0x118
[   20.238933]  kunit_try_run_case+0x170/0x3f0
[   20.239127]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.239324]  kthread+0x328/0x630
[   20.239465]  ret_from_fork+0x10/0x20
[   20.239635] 
[   20.239715] The buggy address belongs to the physical page:
[   20.239824] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107964
[   20.239943] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.240189] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   20.240356] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.240425] page dumped because: kasan: bad access detected
[   20.240554] 
[   20.240634] Memory state around the buggy address:
[   20.240672]  fff00000c7963f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.240890]  fff00000c7963f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.241075] >fff00000c7964000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.241191]                    ^
[   20.241221]  fff00000c7964080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.241298]  fff00000c7964100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   20.241493] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zSrST9Gzuem1PP5NJnVdpLyEja

job_id

TEST:linaro@lkft#2zSrWDq0bEi1EjtPufprycAKDeO

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zSrWDq0bEi1EjtPufprycAKDeO

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zSrTdUkZ0clW81cymm7tPjaj68/Image.gz
sha256sum	c37d8937dcd7669a560694b12aa880cb8a3fca13f19914a1dd4b319a7759a1c4

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zSrTdUkZ0clW81cymm7tPjaj68/modules.tar.xz
sha256sum	54680ff2ac79b5b7aaf875ee8ccdcad9cb40402efd743a3b1747b89f302da86f

durations

tests

boot	0
kunit	171.85

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   13.254053] ==================================================================
[   13.254667] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   13.254966] Free of addr ffff888102a40000 by task kunit_try_catch/255
[   13.255264] 
[   13.255438] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   13.255498] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.255511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.255534] Call Trace:
[   13.255546]  <TASK>
[   13.255563]  dump_stack_lvl+0x73/0xb0
[   13.255592]  print_report+0xd1/0x650
[   13.255613]  ? __virt_addr_valid+0x1db/0x2d0
[   13.255636]  ? kasan_addr_to_slab+0x11/0xa0
[   13.255657]  ? mempool_double_free_helper+0x184/0x370
[   13.255682]  kasan_report_invalid_free+0x10a/0x130
[   13.255706]  ? mempool_double_free_helper+0x184/0x370
[   13.255734]  ? mempool_double_free_helper+0x184/0x370
[   13.255757]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   13.255781]  mempool_free+0x2ec/0x380
[   13.255804]  mempool_double_free_helper+0x184/0x370
[   13.255828]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   13.255856]  ? finish_task_switch.isra.0+0x153/0x700
[   13.255881]  mempool_kmalloc_large_double_free+0xed/0x140
[   13.255906]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   13.255934]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.255956]  ? __pfx_mempool_kfree+0x10/0x10
[   13.255981]  ? __pfx_read_tsc+0x10/0x10
[   13.256002]  ? ktime_get_ts64+0x86/0x230
[   13.256025]  kunit_try_run_case+0x1a5/0x480
[   13.256049]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.256071]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.256095]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.256118]  ? __kthread_parkme+0x82/0x180
[   13.256138]  ? preempt_count_sub+0x50/0x80
[   13.256161]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.256183]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.256255]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.256278]  kthread+0x337/0x6f0
[   13.256299]  ? trace_preempt_on+0x20/0xc0
[   13.256321]  ? __pfx_kthread+0x10/0x10
[   13.256342]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.256362]  ? calculate_sigpending+0x7b/0xa0
[   13.256387]  ? __pfx_kthread+0x10/0x10
[   13.256409]  ret_from_fork+0x116/0x1d0
[   13.256428]  ? __pfx_kthread+0x10/0x10
[   13.256449]  ret_from_fork_asm+0x1a/0x30
[   13.256490]  </TASK>
[   13.256502] 
[   13.264988] The buggy address belongs to the physical page:
[   13.265431] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a40
[   13.265992] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   13.266230] flags: 0x200000000000040(head|node=0|zone=2)
[   13.266498] page_type: f8(unknown)
[   13.266755] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.267169] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.267627] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.267954] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.268283] head: 0200000000000002 ffffea00040a9001 00000000ffffffff 00000000ffffffff
[   13.268621] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   13.268993] page dumped because: kasan: bad access detected
[   13.269211] 
[   13.269482] Memory state around the buggy address:
[   13.269676]  ffff888102a3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.269990]  ffff888102a3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.270206] >ffff888102a40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.270574]                    ^
[   13.270779]  ffff888102a40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.271101]  ffff888102a40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.271484] ==================================================================
[   13.276803] ==================================================================
[   13.277569] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   13.277928] Free of addr ffff888102a40000 by task kunit_try_catch/257
[   13.278165] 
[   13.278411] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   13.278472] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.278486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.278509] Call Trace:
[   13.278522]  <TASK>
[   13.278538]  dump_stack_lvl+0x73/0xb0
[   13.278567]  print_report+0xd1/0x650
[   13.278590]  ? __virt_addr_valid+0x1db/0x2d0
[   13.278641]  ? kasan_addr_to_slab+0x11/0xa0
[   13.278663]  ? mempool_double_free_helper+0x184/0x370
[   13.278697]  kasan_report_invalid_free+0x10a/0x130
[   13.278722]  ? mempool_double_free_helper+0x184/0x370
[   13.278764]  ? mempool_double_free_helper+0x184/0x370
[   13.278789]  __kasan_mempool_poison_pages+0x115/0x130
[   13.278814]  mempool_free+0x290/0x380
[   13.278852]  mempool_double_free_helper+0x184/0x370
[   13.278876]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   13.278904]  ? __pfx_sched_clock_cpu+0x10/0x10
[   13.278926]  ? finish_task_switch.isra.0+0x153/0x700
[   13.278951]  mempool_page_alloc_double_free+0xe8/0x140
[   13.278978]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   13.279003]  ? __kasan_check_write+0x18/0x20
[   13.279025]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   13.279044]  ? __pfx_mempool_free_pages+0x10/0x10
[   13.279067]  ? __pfx_read_tsc+0x10/0x10
[   13.279088]  ? ktime_get_ts64+0x86/0x230
[   13.279108]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   13.279135]  kunit_try_run_case+0x1a5/0x480
[   13.279160]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.279184]  ? queued_spin_lock_slowpath+0x116/0xb40
[   13.279277]  ? __kthread_parkme+0x82/0x180
[   13.279299]  ? preempt_count_sub+0x50/0x80
[   13.279322]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.279346]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.279369]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.279392]  kthread+0x337/0x6f0
[   13.279412]  ? trace_preempt_on+0x20/0xc0
[   13.279435]  ? __pfx_kthread+0x10/0x10
[   13.279468]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.279489]  ? calculate_sigpending+0x7b/0xa0
[   13.279513]  ? __pfx_kthread+0x10/0x10
[   13.279535]  ret_from_fork+0x116/0x1d0
[   13.279553]  ? __pfx_kthread+0x10/0x10
[   13.279574]  ret_from_fork_asm+0x1a/0x30
[   13.279605]  </TASK>
[   13.279616] 
[   13.290019] The buggy address belongs to the physical page:
[   13.290394] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a40
[   13.290857] flags: 0x200000000000000(node=0|zone=2)
[   13.291090] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   13.291492] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   13.291975] page dumped because: kasan: bad access detected
[   13.292568] 
[   13.292677] Memory state around the buggy address:
[   13.292875]  ffff888102a3ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.293123]  ffff888102a3ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.293750] >ffff888102a40000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.294266]                    ^
[   13.294405]  ffff888102a40080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.294845]  ffff888102a40100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.295248] ==================================================================
[   13.225955] ==================================================================
[   13.226504] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   13.226783] Free of addr ffff8881031c1100 by task kunit_try_catch/253
[   13.227447] 
[   13.227659] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   13.227705] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.227718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.227741] Call Trace:
[   13.227755]  <TASK>
[   13.227772]  dump_stack_lvl+0x73/0xb0
[   13.227803]  print_report+0xd1/0x650
[   13.227826]  ? __virt_addr_valid+0x1db/0x2d0
[   13.227851]  ? kasan_complete_mode_report_info+0x64/0x200
[   13.227874]  ? mempool_double_free_helper+0x184/0x370
[   13.227910]  kasan_report_invalid_free+0x10a/0x130
[   13.227934]  ? mempool_double_free_helper+0x184/0x370
[   13.227960]  ? mempool_double_free_helper+0x184/0x370
[   13.227983]  ? mempool_double_free_helper+0x184/0x370
[   13.228005]  check_slab_allocation+0x101/0x130
[   13.228027]  __kasan_mempool_poison_object+0x91/0x1d0
[   13.228052]  mempool_free+0x2ec/0x380
[   13.228075]  mempool_double_free_helper+0x184/0x370
[   13.228099]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   13.228122]  ? update_load_avg+0x1be/0x21b0
[   13.228146]  ? dequeue_entities+0x27e/0x1740
[   13.228172]  ? finish_task_switch.isra.0+0x153/0x700
[   13.228198]  mempool_kmalloc_double_free+0xed/0x140
[   13.228238]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   13.228267]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.228290]  ? __pfx_mempool_kfree+0x10/0x10
[   13.228316]  ? __pfx_read_tsc+0x10/0x10
[   13.228337]  ? ktime_get_ts64+0x86/0x230
[   13.228363]  kunit_try_run_case+0x1a5/0x480
[   13.228388]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.228411]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.228435]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.228470]  ? __kthread_parkme+0x82/0x180
[   13.228492]  ? preempt_count_sub+0x50/0x80
[   13.228516]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.228540]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.228563]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.228587]  kthread+0x337/0x6f0
[   13.228606]  ? trace_preempt_on+0x20/0xc0
[   13.228630]  ? __pfx_kthread+0x10/0x10
[   13.228651]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.228672]  ? calculate_sigpending+0x7b/0xa0
[   13.228697]  ? __pfx_kthread+0x10/0x10
[   13.228719]  ret_from_fork+0x116/0x1d0
[   13.228738]  ? __pfx_kthread+0x10/0x10
[   13.228759]  ret_from_fork_asm+0x1a/0x30
[   13.228791]  </TASK>
[   13.228804] 
[   13.238373] Allocated by task 253:
[   13.238587]  kasan_save_stack+0x45/0x70
[   13.238912]  kasan_save_track+0x18/0x40
[   13.239092]  kasan_save_alloc_info+0x3b/0x50
[   13.239391]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   13.239618]  remove_element+0x11e/0x190
[   13.239758]  mempool_alloc_preallocated+0x4d/0x90
[   13.239915]  mempool_double_free_helper+0x8a/0x370
[   13.240115]  mempool_kmalloc_double_free+0xed/0x140
[   13.240503]  kunit_try_run_case+0x1a5/0x480
[   13.240787]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.241028]  kthread+0x337/0x6f0
[   13.241152]  ret_from_fork+0x116/0x1d0
[   13.241512]  ret_from_fork_asm+0x1a/0x30
[   13.241702] 
[   13.241811] Freed by task 253:
[   13.241974]  kasan_save_stack+0x45/0x70
[   13.242150]  kasan_save_track+0x18/0x40
[   13.242318]  kasan_save_free_info+0x3f/0x60
[   13.242523]  __kasan_mempool_poison_object+0x131/0x1d0
[   13.242787]  mempool_free+0x2ec/0x380
[   13.242955]  mempool_double_free_helper+0x109/0x370
[   13.243173]  mempool_kmalloc_double_free+0xed/0x140
[   13.243342]  kunit_try_run_case+0x1a5/0x480
[   13.243512]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.243764]  kthread+0x337/0x6f0
[   13.244022]  ret_from_fork+0x116/0x1d0
[   13.244297]  ret_from_fork_asm+0x1a/0x30
[   13.244562] 
[   13.244638] The buggy address belongs to the object at ffff8881031c1100
[   13.244638]  which belongs to the cache kmalloc-128 of size 128
[   13.245291] The buggy address is located 0 bytes inside of
[   13.245291]  128-byte region [ffff8881031c1100, ffff8881031c1180)
[   13.245771] 
[   13.245847] The buggy address belongs to the physical page:
[   13.246248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031c1
[   13.246633] flags: 0x200000000000000(node=0|zone=2)
[   13.246850] page_type: f5(slab)
[   13.247041] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   13.247288] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   13.247638] page dumped because: kasan: bad access detected
[   13.247918] 
[   13.247995] Memory state around the buggy address:
[   13.248346]  ffff8881031c1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.248693]  ffff8881031c1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.248968] >ffff8881031c1100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.249184]                    ^
[   13.249301]  ffff8881031c1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.249559]  ffff8881031c1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.249874] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zSrST9Gzuem1PP5NJnVdpLyEja

job_id

TEST:linaro@lkft#2zSrX3orQWFDB1hBYGYI2ScAyiH

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zSrX3orQWFDB1hBYGYI2ScAyiH

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zSrURTUzYoapFdn0PE0tv507cO/bzImage
sha256sum	4a2ec3783c3fcf44f65d4d40ee2c81be96bf4d87b6db1ab01308c5fbd0723b99

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zSrURTUzYoapFdn0PE0tv507cO/modules.tar.xz
sha256sum	9f0760e2bc35f8a8e1fdf686c304d05bf0ea231e498a0100efa46359e97d8474

durations

tests

boot	0
kunit	205.74

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit