lkft/sashal-linus-next - v6.13-rc7-43689-g85c2c095929a - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 16, 2025, 3:10 p.m.

Environment
qemu-arm64
qemu-x86_64

[   18.650281] ==================================================================
[   18.650885] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.650965] Free of addr fff00000c7968000 by task kunit_try_catch/239
[   18.651010] 
[   18.651337] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   18.651522] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.651551] Hardware name: linux,dummy-virt (DT)
[   18.651583] Call trace:
[   18.651871]  show_stack+0x20/0x38 (C)
[   18.652024]  dump_stack_lvl+0x8c/0xd0
[   18.652128]  print_report+0x118/0x5d0
[   18.652528]  kasan_report_invalid_free+0xc0/0xe8
[   18.652691]  __kasan_mempool_poison_pages+0xe0/0xe8
[   18.653195]  mempool_free+0x24c/0x328
[   18.653783]  mempool_double_free_helper+0x150/0x2e8
[   18.653850]  mempool_page_alloc_double_free+0xbc/0x118
[   18.654757]  kunit_try_run_case+0x170/0x3f0
[   18.654824]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.654880]  kthread+0x328/0x630
[   18.654923]  ret_from_fork+0x10/0x20
[   18.654971] 
[   18.654993] The buggy address belongs to the physical page:
[   18.655028] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107968
[   18.655084] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.655150] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   18.655201] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   18.655262] page dumped because: kasan: bad access detected
[   18.655294] 
[   18.655311] Memory state around the buggy address:
[   18.655344]  fff00000c7967f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.655388]  fff00000c7967f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.655431] >fff00000c7968000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.655470]                    ^
[   18.655496]  fff00000c7968080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.655539]  fff00000c7968100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.655577] ==================================================================
[   18.617050] ==================================================================
[   18.617466] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.617705] Free of addr fff00000c5967700 by task kunit_try_catch/235
[   18.617785] 
[   18.617819] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   18.617901] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.617928] Hardware name: linux,dummy-virt (DT)
[   18.618382] Call trace:
[   18.618460]  show_stack+0x20/0x38 (C)
[   18.618589]  dump_stack_lvl+0x8c/0xd0
[   18.618672]  print_report+0x118/0x5d0
[   18.618748]  kasan_report_invalid_free+0xc0/0xe8
[   18.618949]  check_slab_allocation+0xd4/0x108
[   18.619107]  __kasan_mempool_poison_object+0x78/0x150
[   18.619175]  mempool_free+0x28c/0x328
[   18.619225]  mempool_double_free_helper+0x150/0x2e8
[   18.619988]  mempool_kmalloc_double_free+0xc0/0x118
[   18.620150]  kunit_try_run_case+0x170/0x3f0
[   18.620406]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.620487]  kthread+0x328/0x630
[   18.621020]  ret_from_fork+0x10/0x20
[   18.621182] 
[   18.621204] Allocated by task 235:
[   18.621268]  kasan_save_stack+0x3c/0x68
[   18.621695]  kasan_save_track+0x20/0x40
[   18.622064]  kasan_save_alloc_info+0x40/0x58
[   18.622219]  __kasan_mempool_unpoison_object+0x11c/0x180
[   18.622352]  remove_element+0x130/0x1f8
[   18.622402]  mempool_alloc_preallocated+0x58/0xc0
[   18.622451]  mempool_double_free_helper+0x94/0x2e8
[   18.622500]  mempool_kmalloc_double_free+0xc0/0x118
[   18.622575]  kunit_try_run_case+0x170/0x3f0
[   18.622623]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.622667]  kthread+0x328/0x630
[   18.622700]  ret_from_fork+0x10/0x20
[   18.622757] 
[   18.622786] Freed by task 235:
[   18.622814]  kasan_save_stack+0x3c/0x68
[   18.622852]  kasan_save_track+0x20/0x40
[   18.622889]  kasan_save_free_info+0x4c/0x78
[   18.622928]  __kasan_mempool_poison_object+0xc0/0x150
[   18.622984]  mempool_free+0x28c/0x328
[   18.623021]  mempool_double_free_helper+0x100/0x2e8
[   18.623069]  mempool_kmalloc_double_free+0xc0/0x118
[   18.623118]  kunit_try_run_case+0x170/0x3f0
[   18.623156]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.623200]  kthread+0x328/0x630
[   18.623772]  ret_from_fork+0x10/0x20
[   18.623841] 
[   18.623862] The buggy address belongs to the object at fff00000c5967700
[   18.623862]  which belongs to the cache kmalloc-128 of size 128
[   18.623939] The buggy address is located 0 bytes inside of
[   18.623939]  128-byte region [fff00000c5967700, fff00000c5967780)
[   18.624175] 
[   18.624330] The buggy address belongs to the physical page:
[   18.624410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105967
[   18.624470] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.624699] page_type: f5(slab)
[   18.624930] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   18.625243] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   18.625349] page dumped because: kasan: bad access detected
[   18.625426] 
[   18.625461] Memory state around the buggy address:
[   18.625511]  fff00000c5967600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.625768]  fff00000c5967680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.625983] >fff00000c5967700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.626072]                    ^
[   18.626172]  fff00000c5967780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.626497]  fff00000c5967800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.626730] ==================================================================
[   18.636778] ==================================================================
[   18.636839] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   18.637091] Free of addr fff00000c7968000 by task kunit_try_catch/237
[   18.637402] 
[   18.637441] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   18.637831] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.637877] Hardware name: linux,dummy-virt (DT)
[   18.637952] Call trace:
[   18.638064]  show_stack+0x20/0x38 (C)
[   18.638158]  dump_stack_lvl+0x8c/0xd0
[   18.638274]  print_report+0x118/0x5d0
[   18.638328]  kasan_report_invalid_free+0xc0/0xe8
[   18.638406]  __kasan_mempool_poison_object+0x14c/0x150
[   18.638468]  mempool_free+0x28c/0x328
[   18.638513]  mempool_double_free_helper+0x150/0x2e8
[   18.638702]  mempool_kmalloc_large_double_free+0xc0/0x118
[   18.638958]  kunit_try_run_case+0x170/0x3f0
[   18.639092]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.639160]  kthread+0x328/0x630
[   18.639346]  ret_from_fork+0x10/0x20
[   18.639667] 
[   18.639817] The buggy address belongs to the physical page:
[   18.639918] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107968
[   18.639979] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   18.640037] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   18.640448] page_type: f8(unknown)
[   18.640543] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.640720] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.640832] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.640910] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.641038] head: 0bfffe0000000002 ffffc1ffc31e5a01 00000000ffffffff 00000000ffffffff
[   18.641089] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   18.641130] page dumped because: kasan: bad access detected
[   18.641163] 
[   18.641180] Memory state around the buggy address:
[   18.641231]  fff00000c7967f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.641277]  fff00000c7967f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.641331] >fff00000c7968000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.641369]                    ^
[   18.641395]  fff00000c7968080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.641438]  fff00000c7968100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   18.641479] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zxhLvJNzKfC2O2grt7A3kOWC6T

job_id

TEST:linaro@lkft#2zxhPau2yAblffjobEYDaYG9UHu

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zxhPau2yAblffjobEYDaYG9UHu

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zxhN3VTNlTymq56lwQbyJq1gVx/Image.gz
sha256sum	2b0debcad36297881bc624782cf0edc33acb46b91709a8f0c31c1d114a03cebe

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zxhN3VTNlTymq56lwQbyJq1gVx/modules.tar.xz
sha256sum	0b414e42fe2c93d65e38e631ab86e7681d93e88e3b96220c05e8c582fa2dd427

durations

tests

boot	0
kunit	186.41

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.236375] ==================================================================
[   14.236933] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.237378] Free of addr ffff88810307d600 by task kunit_try_catch/252
[   14.237905] 
[   14.238136] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.238185] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.238198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.238221] Call Trace:
[   14.238233]  <TASK>
[   14.238248]  dump_stack_lvl+0x73/0xb0
[   14.238281]  print_report+0xd1/0x610
[   14.238306]  ? __virt_addr_valid+0x1db/0x2d0
[   14.238332]  ? kasan_complete_mode_report_info+0x64/0x200
[   14.238357]  ? mempool_double_free_helper+0x184/0x370
[   14.238384]  kasan_report_invalid_free+0x10a/0x130
[   14.238411]  ? mempool_double_free_helper+0x184/0x370
[   14.238522]  ? mempool_double_free_helper+0x184/0x370
[   14.238721]  ? mempool_double_free_helper+0x184/0x370
[   14.238748]  check_slab_allocation+0x101/0x130
[   14.238787]  __kasan_mempool_poison_object+0x91/0x1d0
[   14.238814]  mempool_free+0x2ec/0x380
[   14.238844]  mempool_double_free_helper+0x184/0x370
[   14.238870]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.238896]  ? update_load_avg+0x1be/0x21b0
[   14.238925]  ? finish_task_switch.isra.0+0x153/0x700
[   14.238951]  mempool_kmalloc_double_free+0xed/0x140
[   14.239048]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   14.239080]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.239104]  ? __pfx_mempool_kfree+0x10/0x10
[   14.239130]  ? __pfx_read_tsc+0x10/0x10
[   14.239153]  ? ktime_get_ts64+0x86/0x230
[   14.239185]  kunit_try_run_case+0x1a5/0x480
[   14.239212]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.239237]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.239263]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.239289]  ? __kthread_parkme+0x82/0x180
[   14.239311]  ? preempt_count_sub+0x50/0x80
[   14.239336]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.239362]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.239388]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.239415]  kthread+0x337/0x6f0
[   14.239436]  ? trace_preempt_on+0x20/0xc0
[   14.239461]  ? __pfx_kthread+0x10/0x10
[   14.239482]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.239505]  ? calculate_sigpending+0x7b/0xa0
[   14.239531]  ? __pfx_kthread+0x10/0x10
[   14.239553]  ret_from_fork+0x116/0x1d0
[   14.239572]  ? __pfx_kthread+0x10/0x10
[   14.239593]  ret_from_fork_asm+0x1a/0x30
[   14.239625]  </TASK>
[   14.239636] 
[   14.253518] Allocated by task 252:
[   14.254104]  kasan_save_stack+0x45/0x70
[   14.254414]  kasan_save_track+0x18/0x40
[   14.254629]  kasan_save_alloc_info+0x3b/0x50
[   14.254961]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.255396]  remove_element+0x11e/0x190
[   14.255710]  mempool_alloc_preallocated+0x4d/0x90
[   14.255958]  mempool_double_free_helper+0x8a/0x370
[   14.256586]  mempool_kmalloc_double_free+0xed/0x140
[   14.256936]  kunit_try_run_case+0x1a5/0x480
[   14.257260]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.257790]  kthread+0x337/0x6f0
[   14.257992]  ret_from_fork+0x116/0x1d0
[   14.258391]  ret_from_fork_asm+0x1a/0x30
[   14.258628] 
[   14.258732] Freed by task 252:
[   14.259134]  kasan_save_stack+0x45/0x70
[   14.259547]  kasan_save_track+0x18/0x40
[   14.259822]  kasan_save_free_info+0x3f/0x60
[   14.260258]  __kasan_mempool_poison_object+0x131/0x1d0
[   14.260596]  mempool_free+0x2ec/0x380
[   14.260787]  mempool_double_free_helper+0x109/0x370
[   14.261397]  mempool_kmalloc_double_free+0xed/0x140
[   14.261605]  kunit_try_run_case+0x1a5/0x480
[   14.261940]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.262505]  kthread+0x337/0x6f0
[   14.262679]  ret_from_fork+0x116/0x1d0
[   14.262844]  ret_from_fork_asm+0x1a/0x30
[   14.263165] 
[   14.263453] The buggy address belongs to the object at ffff88810307d600
[   14.263453]  which belongs to the cache kmalloc-128 of size 128
[   14.264199] The buggy address is located 0 bytes inside of
[   14.264199]  128-byte region [ffff88810307d600, ffff88810307d680)
[   14.264989] 
[   14.265096] The buggy address belongs to the physical page:
[   14.265576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10307d
[   14.266004] flags: 0x200000000000000(node=0|zone=2)
[   14.266319] page_type: f5(slab)
[   14.266715] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.267140] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.267539] page dumped because: kasan: bad access detected
[   14.267871] 
[   14.268062] Memory state around the buggy address:
[   14.268290]  ffff88810307d500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.268908]  ffff88810307d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.269517] >ffff88810307d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.269948]                    ^
[   14.270349]  ffff88810307d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.270789]  ffff88810307d700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.271332] ==================================================================
[   14.307244] ==================================================================
[   14.307825] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.308583] Free of addr ffff8881039b0000 by task kunit_try_catch/256
[   14.309066] 
[   14.309370] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.309422] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.309591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.309619] Call Trace:
[   14.309633]  <TASK>
[   14.309652]  dump_stack_lvl+0x73/0xb0
[   14.309687]  print_report+0xd1/0x610
[   14.309710]  ? __virt_addr_valid+0x1db/0x2d0
[   14.309735]  ? kasan_addr_to_slab+0x11/0xa0
[   14.309769]  ? mempool_double_free_helper+0x184/0x370
[   14.309795]  kasan_report_invalid_free+0x10a/0x130
[   14.309820]  ? mempool_double_free_helper+0x184/0x370
[   14.309848]  ? mempool_double_free_helper+0x184/0x370
[   14.309872]  __kasan_mempool_poison_pages+0x115/0x130
[   14.309898]  mempool_free+0x290/0x380
[   14.309926]  mempool_double_free_helper+0x184/0x370
[   14.309951]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.310034]  ? __kasan_check_write+0x18/0x20
[   14.310057]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.310080]  ? irqentry_exit+0x2a/0x60
[   14.310103]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.310131]  mempool_page_alloc_double_free+0xe8/0x140
[   14.310158]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   14.310189]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   14.310213]  ? __pfx_mempool_free_pages+0x10/0x10
[   14.310239]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   14.310269]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   14.310298]  kunit_try_run_case+0x1a5/0x480
[   14.310324]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.310347]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.310373]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.310398]  ? __kthread_parkme+0x82/0x180
[   14.310419]  ? preempt_count_sub+0x50/0x80
[   14.310444]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.310468]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.310492]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.310518]  kthread+0x337/0x6f0
[   14.310538]  ? trace_preempt_on+0x20/0xc0
[   14.310561]  ? __pfx_kthread+0x10/0x10
[   14.310582]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.310603]  ? calculate_sigpending+0x7b/0xa0
[   14.310629]  ? __pfx_kthread+0x10/0x10
[   14.310651]  ret_from_fork+0x116/0x1d0
[   14.310670]  ? __pfx_kthread+0x10/0x10
[   14.310691]  ret_from_fork_asm+0x1a/0x30
[   14.310722]  </TASK>
[   14.310732] 
[   14.325455] The buggy address belongs to the physical page:
[   14.325970] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b0
[   14.326361] flags: 0x200000000000000(node=0|zone=2)
[   14.326800] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   14.327189] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   14.327789] page dumped because: kasan: bad access detected
[   14.328203] 
[   14.328283] Memory state around the buggy address:
[   14.328737]  ffff8881039aff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.329398]  ffff8881039aff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.329865] >ffff8881039b0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.330297]                    ^
[   14.330771]  ffff8881039b0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.331372]  ffff8881039b0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.331729] ==================================================================
[   14.275237] ==================================================================
[   14.275753] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.276144] Free of addr ffff888102a50000 by task kunit_try_catch/254
[   14.276588] 
[   14.276699] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.277157] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.277175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.277201] Call Trace:
[   14.277214]  <TASK>
[   14.277231]  dump_stack_lvl+0x73/0xb0
[   14.277267]  print_report+0xd1/0x610
[   14.277291]  ? __virt_addr_valid+0x1db/0x2d0
[   14.277317]  ? kasan_addr_to_slab+0x11/0xa0
[   14.277337]  ? mempool_double_free_helper+0x184/0x370
[   14.277364]  kasan_report_invalid_free+0x10a/0x130
[   14.277390]  ? mempool_double_free_helper+0x184/0x370
[   14.277418]  ? mempool_double_free_helper+0x184/0x370
[   14.277441]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   14.277468]  mempool_free+0x2ec/0x380
[   14.277495]  mempool_double_free_helper+0x184/0x370
[   14.277521]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.277547]  ? __kasan_check_write+0x18/0x20
[   14.277568]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.277591]  ? irqentry_exit+0x2a/0x60
[   14.277613]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.277641]  mempool_kmalloc_large_double_free+0xed/0x140
[   14.277668]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.277697]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.277721]  ? __pfx_mempool_kfree+0x10/0x10
[   14.277745]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.277789]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.277818]  kunit_try_run_case+0x1a5/0x480
[   14.277845]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.277869]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.277895]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.277919]  ? __kthread_parkme+0x82/0x180
[   14.277942]  ? preempt_count_sub+0x50/0x80
[   14.277967]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.278040]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.278065]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.278091]  kthread+0x337/0x6f0
[   14.278110]  ? trace_preempt_on+0x20/0xc0
[   14.278135]  ? __pfx_kthread+0x10/0x10
[   14.278156]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.278179]  ? calculate_sigpending+0x7b/0xa0
[   14.278204]  ? __pfx_kthread+0x10/0x10
[   14.278226]  ret_from_fork+0x116/0x1d0
[   14.278247]  ? __pfx_kthread+0x10/0x10
[   14.278267]  ret_from_fork_asm+0x1a/0x30
[   14.278298]  </TASK>
[   14.278308] 
[   14.293108] The buggy address belongs to the physical page:
[   14.293373] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a50
[   14.293950] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.294464] flags: 0x200000000000040(head|node=0|zone=2)
[   14.294948] page_type: f8(unknown)
[   14.295290] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.295852] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.296397] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.296881] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.297412] head: 0200000000000002 ffffea00040a9401 00000000ffffffff 00000000ffffffff
[   14.297952] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.298486] page dumped because: kasan: bad access detected
[   14.298891] 
[   14.299227] Memory state around the buggy address:
[   14.299506]  ffff888102a4ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.299942]  ffff888102a4ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.301027] >ffff888102a50000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.301932]                    ^
[   14.302570]  ffff888102a50080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.303153]  ffff888102a50100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.304039] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zxhLvJNzKfC2O2grt7A3kOWC6T

job_id

TEST:linaro@lkft#2zxhQRPGZHbRb85n8CYDdoCjSy0

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zxhQRPGZHbRb85n8CYDdoCjSy0

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zxhNmGnSWM4SZJ5ZvQ7mQd6mJs/bzImage
sha256sum	94877b9cad13014eacc1b841cafb46b2097b45d947e8687ced9818c2ce733fa2

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zxhNmGnSWM4SZJ5ZvQ7mQd6mJs/modules.tar.xz
sha256sum	6702e05d8ba94a91e49ea6d51a35ae017a4bc99ef9af93b264bfdbdbbf2ed2bf

durations

tests

boot	0
kunit	207.16

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit