lkft/sashal-linus-next - v6.13-rc7-43514-gb6b19ce74be8 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 10, 2025, 6:10 p.m.

Environment
qemu-arm64
qemu-x86_64

[   19.002933] ==================================================================
[   19.003153] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   19.003346] Free of addr fff00000c7958000 by task kunit_try_catch/239
[   19.003454] 
[   19.003622] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   19.003843] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.003972] Hardware name: linux,dummy-virt (DT)
[   19.004128] Call trace:
[   19.004154]  show_stack+0x20/0x38 (C)
[   19.004348]  dump_stack_lvl+0x8c/0xd0
[   19.004552]  print_report+0x118/0x608
[   19.004645]  kasan_report_invalid_free+0xc0/0xe8
[   19.004896]  __kasan_mempool_poison_pages+0xe0/0xe8
[   19.005039]  mempool_free+0x24c/0x328
[   19.005220]  mempool_double_free_helper+0x150/0x2e8
[   19.005373]  mempool_page_alloc_double_free+0xbc/0x118
[   19.005424]  kunit_try_run_case+0x170/0x3f0
[   19.005474]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.005528]  kthread+0x328/0x630
[   19.005569]  ret_from_fork+0x10/0x20
[   19.005619] 
[   19.005639] The buggy address belongs to the physical page:
[   19.005671] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107958
[   19.005768] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   19.005833] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   19.005936] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   19.005979] page dumped because: kasan: bad access detected
[   19.006022] 
[   19.006039] Memory state around the buggy address:
[   19.006073]  fff00000c7957f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.006127]  fff00000c7957f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.006181] >fff00000c7958000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.006220]                    ^
[   19.006260]  fff00000c7958080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.006326]  fff00000c7958100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   19.006373] ==================================================================
[   18.987086] ==================================================================
[   18.987152] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.987216] Free of addr fff00000c7958000 by task kunit_try_catch/237
[   18.987257] 
[   18.987292] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   18.987387] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.987419] Hardware name: linux,dummy-virt (DT)
[   18.987458] Call trace:
[   18.987588]  show_stack+0x20/0x38 (C)
[   18.987852]  dump_stack_lvl+0x8c/0xd0
[   18.987969]  print_report+0x118/0x608
[   18.988170]  kasan_report_invalid_free+0xc0/0xe8
[   18.988370]  __kasan_mempool_poison_object+0x14c/0x150
[   18.988424]  mempool_free+0x28c/0x328
[   18.988497]  mempool_double_free_helper+0x150/0x2e8
[   18.988935]  mempool_kmalloc_large_double_free+0xc0/0x118
[   18.989444]  kunit_try_run_case+0x170/0x3f0
[   18.989936]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.990287]  kthread+0x328/0x630
[   18.990576]  ret_from_fork+0x10/0x20
[   18.990635] 
[   18.990656] The buggy address belongs to the physical page:
[   18.990692] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107958
[   18.990750] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   18.990804] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   18.990859] page_type: f8(unknown)
[   18.990900] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.990976] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.991026] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.991567] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.991625] head: 0bfffe0000000002 ffffc1ffc31e5601 00000000ffffffff 00000000ffffffff
[   18.991674] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   18.991716] page dumped because: kasan: bad access detected
[   18.991760] 
[   18.991782] Memory state around the buggy address:
[   18.991816]  fff00000c7957f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.992176]  fff00000c7957f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.992368] >fff00000c7958000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.992412]                    ^
[   18.992441]  fff00000c7958080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.992485]  fff00000c7958100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.992524] ==================================================================
[   18.957570] ==================================================================
[   18.957778] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.957838] Free of addr fff00000c5a57300 by task kunit_try_catch/235
[   18.957881] 
[   18.957951] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   18.958140] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.958171] Hardware name: linux,dummy-virt (DT)
[   18.958203] Call trace:
[   18.958459]  show_stack+0x20/0x38 (C)
[   18.958540]  dump_stack_lvl+0x8c/0xd0
[   18.958592]  print_report+0x118/0x608
[   18.958641]  kasan_report_invalid_free+0xc0/0xe8
[   18.958703]  check_slab_allocation+0xd4/0x108
[   18.958753]  __kasan_mempool_poison_object+0x78/0x150
[   18.959146]  mempool_free+0x28c/0x328
[   18.959207]  mempool_double_free_helper+0x150/0x2e8
[   18.959476]  mempool_kmalloc_double_free+0xc0/0x118
[   18.959756]  kunit_try_run_case+0x170/0x3f0
[   18.960064]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.960149]  kthread+0x328/0x630
[   18.960441]  ret_from_fork+0x10/0x20
[   18.960692] 
[   18.960712] Allocated by task 235:
[   18.960746]  kasan_save_stack+0x3c/0x68
[   18.960792]  kasan_save_track+0x20/0x40
[   18.960831]  kasan_save_alloc_info+0x40/0x58
[   18.960871]  __kasan_mempool_unpoison_object+0x11c/0x180
[   18.960926]  remove_element+0x130/0x1f8
[   18.960964]  mempool_alloc_preallocated+0x58/0xc0
[   18.961170]  mempool_double_free_helper+0x94/0x2e8
[   18.961370]  mempool_kmalloc_double_free+0xc0/0x118
[   18.961951]  kunit_try_run_case+0x170/0x3f0
[   18.962081]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.962180]  kthread+0x328/0x630
[   18.962220]  ret_from_fork+0x10/0x20
[   18.962257] 
[   18.962275] Freed by task 235:
[   18.962325]  kasan_save_stack+0x3c/0x68
[   18.962376]  kasan_save_track+0x20/0x40
[   18.962414]  kasan_save_free_info+0x4c/0x78
[   18.962456]  __kasan_mempool_poison_object+0xc0/0x150
[   18.962552]  mempool_free+0x28c/0x328
[   18.962743]  mempool_double_free_helper+0x100/0x2e8
[   18.962916]  mempool_kmalloc_double_free+0xc0/0x118
[   18.962974]  kunit_try_run_case+0x170/0x3f0
[   18.963060]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.963106]  kthread+0x328/0x630
[   18.963138]  ret_from_fork+0x10/0x20
[   18.963175] 
[   18.963194] The buggy address belongs to the object at fff00000c5a57300
[   18.963194]  which belongs to the cache kmalloc-128 of size 128
[   18.963306] The buggy address is located 0 bytes inside of
[   18.963306]  128-byte region [fff00000c5a57300, fff00000c5a57380)
[   18.963615] 
[   18.963721] The buggy address belongs to the physical page:
[   18.963803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a57
[   18.963874] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.963921] page_type: f5(slab)
[   18.964025] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   18.964076] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   18.964118] page dumped because: kasan: bad access detected
[   18.964151] 
[   18.964168] Memory state around the buggy address:
[   18.964206]  fff00000c5a57200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.964362]  fff00000c5a57280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.964405] >fff00000c5a57300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.964443]                    ^
[   18.964511]  fff00000c5a57380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.964912]  fff00000c5a57400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.965131] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zh6UUpn8TXCNL7MIo1zG1gJYsm

job_id

TEST:linaro@lkft#2zh6YfNos6w8xohFb8qFQv3OHbb

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zh6YfNos6w8xohFb8qFQv3OHbb

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zh6Vqcc0A9XVY6JZOMLf3Bp13a/Image.gz
sha256sum	5777f0c14b003f9164a55cf9da149f541eebfde18dd695220d32c2a687f9babe

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zh6Vqcc0A9XVY6JZOMLf3Bp13a/modules.tar.xz
sha256sum	3d1cdbe99292ade1bea537f77888a5f86577293975d366777e0dc375bac545b3

durations

tests

boot	0
kunit	172.50

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.189100] ==================================================================
[   14.189874] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.190245] Free of addr ffff888103ac0000 by task kunit_try_catch/256
[   14.190520] 
[   14.190635] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.190680] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.190692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.190713] Call Trace:
[   14.190737]  <TASK>
[   14.190753]  dump_stack_lvl+0x73/0xb0
[   14.190784]  print_report+0xd1/0x650
[   14.190869]  ? __virt_addr_valid+0x1db/0x2d0
[   14.190897]  ? kasan_addr_to_slab+0x11/0xa0
[   14.190918]  ? mempool_double_free_helper+0x184/0x370
[   14.190952]  kasan_report_invalid_free+0x10a/0x130
[   14.190979]  ? mempool_double_free_helper+0x184/0x370
[   14.191006]  ? mempool_double_free_helper+0x184/0x370
[   14.191051]  __kasan_mempool_poison_pages+0x115/0x130
[   14.191077]  mempool_free+0x290/0x380
[   14.191156]  mempool_double_free_helper+0x184/0x370
[   14.191182]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.191221]  ? finish_task_switch.isra.0+0x153/0x700
[   14.191250]  mempool_page_alloc_double_free+0xe8/0x140
[   14.191277]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   14.191317]  ? __kasan_check_write+0x18/0x20
[   14.191339]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   14.191364]  ? __pfx_mempool_free_pages+0x10/0x10
[   14.191391]  ? __pfx_read_tsc+0x10/0x10
[   14.191413]  ? ktime_get_ts64+0x86/0x230
[   14.191435]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.191465]  kunit_try_run_case+0x1a5/0x480
[   14.191490]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.191516]  ? queued_spin_lock_slowpath+0x116/0xb40
[   14.191542]  ? __kthread_parkme+0x82/0x180
[   14.191563]  ? preempt_count_sub+0x50/0x80
[   14.191587]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.191612]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.191638]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.191666]  kthread+0x337/0x6f0
[   14.191686]  ? trace_preempt_on+0x20/0xc0
[   14.191710]  ? __pfx_kthread+0x10/0x10
[   14.191731]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.191754]  ? calculate_sigpending+0x7b/0xa0
[   14.191778]  ? __pfx_kthread+0x10/0x10
[   14.191800]  ret_from_fork+0x116/0x1d0
[   14.191861]  ? __pfx_kthread+0x10/0x10
[   14.191884]  ret_from_fork_asm+0x1a/0x30
[   14.191916]  </TASK>
[   14.191926] 
[   14.201611] The buggy address belongs to the physical page:
[   14.201992] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ac0
[   14.202364] flags: 0x200000000000000(node=0|zone=2)
[   14.202606] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   14.202920] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   14.203272] page dumped because: kasan: bad access detected
[   14.203445] 
[   14.203516] Memory state around the buggy address:
[   14.203669]  ffff888103abff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.204261]  ffff888103abff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.204878] >ffff888103ac0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.205277]                    ^
[   14.205456]  ffff888103ac0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.205738]  ffff888103ac0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.205955] ==================================================================
[   14.118900] ==================================================================
[   14.119906] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.120847] Free of addr ffff888103a11100 by task kunit_try_catch/252
[   14.121586] 
[   14.121914] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.121971] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.121984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.122005] Call Trace:
[   14.122018]  <TASK>
[   14.122157]  dump_stack_lvl+0x73/0xb0
[   14.122199]  print_report+0xd1/0x650
[   14.122235]  ? __virt_addr_valid+0x1db/0x2d0
[   14.122260]  ? kasan_complete_mode_report_info+0x64/0x200
[   14.122290]  ? mempool_double_free_helper+0x184/0x370
[   14.122316]  kasan_report_invalid_free+0x10a/0x130
[   14.122342]  ? mempool_double_free_helper+0x184/0x370
[   14.122368]  ? mempool_double_free_helper+0x184/0x370
[   14.122392]  ? mempool_double_free_helper+0x184/0x370
[   14.122415]  check_slab_allocation+0x101/0x130
[   14.122437]  __kasan_mempool_poison_object+0x91/0x1d0
[   14.122463]  mempool_free+0x2ec/0x380
[   14.122491]  mempool_double_free_helper+0x184/0x370
[   14.122516]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.122545]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.122569]  ? finish_task_switch.isra.0+0x153/0x700
[   14.122596]  mempool_kmalloc_double_free+0xed/0x140
[   14.122620]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   14.122647]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.122671]  ? __pfx_mempool_kfree+0x10/0x10
[   14.122696]  ? __pfx_read_tsc+0x10/0x10
[   14.122717]  ? ktime_get_ts64+0x86/0x230
[   14.122742]  kunit_try_run_case+0x1a5/0x480
[   14.122767]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.122791]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.122844]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.122873]  ? __kthread_parkme+0x82/0x180
[   14.122897]  ? preempt_count_sub+0x50/0x80
[   14.122920]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.122947]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.122971]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.122996]  kthread+0x337/0x6f0
[   14.123015]  ? trace_preempt_on+0x20/0xc0
[   14.123048]  ? __pfx_kthread+0x10/0x10
[   14.123068]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.123090]  ? calculate_sigpending+0x7b/0xa0
[   14.123114]  ? __pfx_kthread+0x10/0x10
[   14.123135]  ret_from_fork+0x116/0x1d0
[   14.123154]  ? __pfx_kthread+0x10/0x10
[   14.123174]  ret_from_fork_asm+0x1a/0x30
[   14.123205]  </TASK>
[   14.123215] 
[   14.138309] Allocated by task 252:
[   14.138453]  kasan_save_stack+0x45/0x70
[   14.138605]  kasan_save_track+0x18/0x40
[   14.138742]  kasan_save_alloc_info+0x3b/0x50
[   14.138904]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.139265]  remove_element+0x11e/0x190
[   14.140007]  mempool_alloc_preallocated+0x4d/0x90
[   14.140468]  mempool_double_free_helper+0x8a/0x370
[   14.140908]  mempool_kmalloc_double_free+0xed/0x140
[   14.141413]  kunit_try_run_case+0x1a5/0x480
[   14.142040]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.142542]  kthread+0x337/0x6f0
[   14.142939]  ret_from_fork+0x116/0x1d0
[   14.143347]  ret_from_fork_asm+0x1a/0x30
[   14.143588] 
[   14.143765] Freed by task 252:
[   14.144098]  kasan_save_stack+0x45/0x70
[   14.144334]  kasan_save_track+0x18/0x40
[   14.144724]  kasan_save_free_info+0x3f/0x60
[   14.145175]  __kasan_mempool_poison_object+0x131/0x1d0
[   14.145353]  mempool_free+0x2ec/0x380
[   14.145486]  mempool_double_free_helper+0x109/0x370
[   14.145650]  mempool_kmalloc_double_free+0xed/0x140
[   14.145931]  kunit_try_run_case+0x1a5/0x480
[   14.146353]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.146941]  kthread+0x337/0x6f0
[   14.147290]  ret_from_fork+0x116/0x1d0
[   14.147642]  ret_from_fork_asm+0x1a/0x30
[   14.148145] 
[   14.148406] The buggy address belongs to the object at ffff888103a11100
[   14.148406]  which belongs to the cache kmalloc-128 of size 128
[   14.149704] The buggy address is located 0 bytes inside of
[   14.149704]  128-byte region [ffff888103a11100, ffff888103a11180)
[   14.150709] 
[   14.150792] The buggy address belongs to the physical page:
[   14.151519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a11
[   14.152157] flags: 0x200000000000000(node=0|zone=2)
[   14.152331] page_type: f5(slab)
[   14.152453] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.152685] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.152925] page dumped because: kasan: bad access detected
[   14.153202] 
[   14.153375] Memory state around the buggy address:
[   14.153567]  ffff888103a11000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.153822]  ffff888103a11080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.154393] >ffff888103a11100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.155015]                    ^
[   14.155156]  ffff888103a11180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.155609]  ffff888103a11200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.156247] ==================================================================
[   14.164110] ==================================================================
[   14.164763] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.165172] Free of addr ffff888103ac0000 by task kunit_try_catch/254
[   14.166027] 
[   14.166256] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.166305] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.166417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.166441] Call Trace:
[   14.166454]  <TASK>
[   14.166471]  dump_stack_lvl+0x73/0xb0
[   14.166506]  print_report+0xd1/0x650
[   14.166528]  ? __virt_addr_valid+0x1db/0x2d0
[   14.166553]  ? kasan_addr_to_slab+0x11/0xa0
[   14.166574]  ? mempool_double_free_helper+0x184/0x370
[   14.166599]  kasan_report_invalid_free+0x10a/0x130
[   14.166625]  ? mempool_double_free_helper+0x184/0x370
[   14.166652]  ? mempool_double_free_helper+0x184/0x370
[   14.166676]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   14.166702]  mempool_free+0x2ec/0x380
[   14.166729]  mempool_double_free_helper+0x184/0x370
[   14.166754]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.166781]  ? __kasan_check_write+0x18/0x20
[   14.166801]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.166835]  ? finish_task_switch.isra.0+0x153/0x700
[   14.166862]  mempool_kmalloc_large_double_free+0xed/0x140
[   14.166888]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.166917]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.166990]  ? __pfx_mempool_kfree+0x10/0x10
[   14.167018]  ? __pfx_read_tsc+0x10/0x10
[   14.167052]  ? ktime_get_ts64+0x86/0x230
[   14.167078]  kunit_try_run_case+0x1a5/0x480
[   14.167104]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.167127]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.167153]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.167177]  ? __kthread_parkme+0x82/0x180
[   14.167198]  ? preempt_count_sub+0x50/0x80
[   14.167222]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.167247]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.167272]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.167298]  kthread+0x337/0x6f0
[   14.167317]  ? trace_preempt_on+0x20/0xc0
[   14.167340]  ? __pfx_kthread+0x10/0x10
[   14.167360]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.167381]  ? calculate_sigpending+0x7b/0xa0
[   14.167405]  ? __pfx_kthread+0x10/0x10
[   14.167427]  ret_from_fork+0x116/0x1d0
[   14.167446]  ? __pfx_kthread+0x10/0x10
[   14.167466]  ret_from_fork_asm+0x1a/0x30
[   14.167497]  </TASK>
[   14.167509] 
[   14.178467] The buggy address belongs to the physical page:
[   14.178723] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103ac0
[   14.179263] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.179732] flags: 0x200000000000040(head|node=0|zone=2)
[   14.179972] page_type: f8(unknown)
[   14.180372] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.180659] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.181189] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.181444] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.181792] head: 0200000000000002 ffffea00040eb001 00000000ffffffff 00000000ffffffff
[   14.182293] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.182616] page dumped because: kasan: bad access detected
[   14.182867] 
[   14.182977] Memory state around the buggy address:
[   14.183275]  ffff888103abff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.183589]  ffff888103abff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.184058] >ffff888103ac0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.184337]                    ^
[   14.184493]  ffff888103ac0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.184743]  ffff888103ac0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.184976] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zh6UUpn8TXCNL7MIo1zG1gJYsm

job_id

TEST:linaro@lkft#2zh6ZNztcGXg2O8uNeKx6V5kr88

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zh6ZNztcGXg2O8uNeKx6V5kr88

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zh6WsWI7Bm0SUy5pTvvvknXRZJ/bzImage
sha256sum	1e1574ecc8c4221677c1bc00b6aa400c5a95520bd7b8881c6e36fd86dc7a4db6

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zh6WsWI7Bm0SUy5pTvvvknXRZJ/modules.tar.xz
sha256sum	56cebba46b14ff78df64e8cde24854df1e7692bca96ad63f09d123563bd0e53d

durations

tests

boot	0
kunit	218.55

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit