lkft/sashal-linus-next - v6.13-rc7-44054-ga0826ac5bfa4 - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 20, 2025, 8:11 p.m.

Environment
qemu-arm64
qemu-x86_64

[   17.243906] ==================================================================
[   17.243964] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   17.244014] Free of addr fff00000c77e0000 by task kunit_try_catch/238
[   17.244057] 
[   17.244088] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.244170] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.244213] Hardware name: linux,dummy-virt (DT)
[   17.244245] Call trace:
[   17.244268]  show_stack+0x20/0x38 (C)
[   17.244318]  dump_stack_lvl+0x8c/0xd0
[   17.244365]  print_report+0x118/0x5d0
[   17.244479]  kasan_report_invalid_free+0xc0/0xe8
[   17.244858]  __kasan_mempool_poison_object+0x14c/0x150
[   17.245258]  mempool_free+0x28c/0x328
[   17.245456]  mempool_double_free_helper+0x150/0x2e8
[   17.245533]  mempool_kmalloc_large_double_free+0xc0/0x118
[   17.245586]  kunit_try_run_case+0x170/0x3f0
[   17.246285]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.247129]  kthread+0x328/0x630
[   17.247281]  ret_from_fork+0x10/0x20
[   17.247587] 
[   17.247884] The buggy address belongs to the physical page:
[   17.248090] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0
[   17.249370] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.249535] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.249839] page_type: f8(unknown)
[   17.250582] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.250861] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.250975] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.251044] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.251253] head: 0bfffe0000000002 ffffc1ffc31df801 00000000ffffffff 00000000ffffffff
[   17.252049] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.252749] page dumped because: kasan: bad access detected
[   17.252878] 
[   17.252933] Memory state around the buggy address:
[   17.253010]  fff00000c77dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   17.253060]  fff00000c77dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   17.253296] >fff00000c77e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   17.254316]                    ^
[   17.254371]  fff00000c77e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   17.254620]  fff00000c77e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   17.255294] ==================================================================
[   17.291492] ==================================================================
[   17.292091] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   17.292359] Free of addr fff00000c77e0000 by task kunit_try_catch/240
[   17.292403] 
[   17.292437] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.292521] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.293415] Hardware name: linux,dummy-virt (DT)
[   17.293518] Call trace:
[   17.293541]  show_stack+0x20/0x38 (C)
[   17.293620]  dump_stack_lvl+0x8c/0xd0
[   17.293670]  print_report+0x118/0x5d0
[   17.293796]  kasan_report_invalid_free+0xc0/0xe8
[   17.293851]  __kasan_mempool_poison_pages+0xe0/0xe8
[   17.293903]  mempool_free+0x24c/0x328
[   17.294069]  mempool_double_free_helper+0x150/0x2e8
[   17.294156]  mempool_page_alloc_double_free+0xbc/0x118
[   17.294221]  kunit_try_run_case+0x170/0x3f0
[   17.294331]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.294514]  kthread+0x328/0x630
[   17.294557]  ret_from_fork+0x10/0x20
[   17.294627] 
[   17.294649] The buggy address belongs to the physical page:
[   17.294681] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e0
[   17.294737] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.294925] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   17.295146] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   17.295310] page dumped because: kasan: bad access detected
[   17.295343] 
[   17.295361] Memory state around the buggy address:
[   17.295425]  fff00000c77dff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   17.295537]  fff00000c77dff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   17.295675] >fff00000c77e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   17.295714]                    ^
[   17.295767]  fff00000c77e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   17.295919]  fff00000c77e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   17.295991] ==================================================================
[   17.230404] ==================================================================
[   17.230463] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   17.230514] Free of addr fff00000c64d8800 by task kunit_try_catch/236
[   17.230555] 
[   17.230614] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.230704] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.230731] Hardware name: linux,dummy-virt (DT)
[   17.230763] Call trace:
[   17.230784]  show_stack+0x20/0x38 (C)
[   17.230834]  dump_stack_lvl+0x8c/0xd0
[   17.230889]  print_report+0x118/0x5d0
[   17.230943]  kasan_report_invalid_free+0xc0/0xe8
[   17.230992]  check_slab_allocation+0xd4/0x108
[   17.231049]  __kasan_mempool_poison_object+0x78/0x150
[   17.231102]  mempool_free+0x28c/0x328
[   17.231147]  mempool_double_free_helper+0x150/0x2e8
[   17.231207]  mempool_kmalloc_double_free+0xc0/0x118
[   17.231254]  kunit_try_run_case+0x170/0x3f0
[   17.231303]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.231354]  kthread+0x328/0x630
[   17.231397]  ret_from_fork+0x10/0x20
[   17.231444] 
[   17.231782] Allocated by task 236:
[   17.231830]  kasan_save_stack+0x3c/0x68
[   17.231873]  kasan_save_track+0x20/0x40
[   17.231976]  kasan_save_alloc_info+0x40/0x58
[   17.232020]  __kasan_mempool_unpoison_object+0x11c/0x180
[   17.232090]  remove_element+0x130/0x1f8
[   17.232125]  mempool_alloc_preallocated+0x58/0xc0
[   17.232220]  mempool_double_free_helper+0x94/0x2e8
[   17.232288]  mempool_kmalloc_double_free+0xc0/0x118
[   17.232337]  kunit_try_run_case+0x170/0x3f0
[   17.232381]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.232425]  kthread+0x328/0x630
[   17.232467]  ret_from_fork+0x10/0x20
[   17.232771] 
[   17.232803] Freed by task 236:
[   17.232833]  kasan_save_stack+0x3c/0x68
[   17.232876]  kasan_save_track+0x20/0x40
[   17.233075]  kasan_save_free_info+0x4c/0x78
[   17.233130]  __kasan_mempool_poison_object+0xc0/0x150
[   17.233174]  mempool_free+0x28c/0x328
[   17.233285]  mempool_double_free_helper+0x100/0x2e8
[   17.233361]  mempool_kmalloc_double_free+0xc0/0x118
[   17.233412]  kunit_try_run_case+0x170/0x3f0
[   17.233470]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.233545]  kthread+0x328/0x630
[   17.233652]  ret_from_fork+0x10/0x20
[   17.233730] 
[   17.233818] The buggy address belongs to the object at fff00000c64d8800
[   17.233818]  which belongs to the cache kmalloc-128 of size 128
[   17.233906] The buggy address is located 0 bytes inside of
[   17.233906]  128-byte region [fff00000c64d8800, fff00000c64d8880)
[   17.233966] 
[   17.233986] The buggy address belongs to the physical page:
[   17.234016] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064d8
[   17.234277] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.234365] page_type: f5(slab)
[   17.234488] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   17.234565] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.234688] page dumped because: kasan: bad access detected
[   17.234803] 
[   17.234853] Memory state around the buggy address:
[   17.234912]  fff00000c64d8700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.234993]  fff00000c64d8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.235058] >fff00000c64d8800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.235111]                    ^
[   17.235139]  fff00000c64d8880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.235181]  fff00000c64d8900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.235229] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

309aWYwhlSaX86OR0tyxd83BkVP

job_id

TEST:linaro@lkft#309aanSV96FyzA0myvVcjb3yGd6

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/309aanSV96FyzA0myvVcjb3yGd6

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309aXwXoGoTp4GczYC9pgbmH2fu/Image.gz
sha256sum	dd3efc46eaa5f6736b74b81818643c0723c262296650250cc4efcb52f7cb79a7

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309aXwXoGoTp4GczYC9pgbmH2fu/modules.tar.xz
sha256sum	f1c09dfa4ab8134d947ef1ee155c8283abaf591e8ee31c2f7bd7de0ce8dedb59

durations

tests

boot	0
kunit	165.81

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   14.614524] ==================================================================
[   14.615754] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.616090] Free of addr ffff8881039bc000 by task kunit_try_catch/255
[   14.616716] 
[   14.616905] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.616955] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.616968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.616992] Call Trace:
[   14.617005]  <TASK>
[   14.617023]  dump_stack_lvl+0x73/0xb0
[   14.617108]  print_report+0xd1/0x610
[   14.617132]  ? __virt_addr_valid+0x1db/0x2d0
[   14.617157]  ? kasan_addr_to_slab+0x11/0xa0
[   14.617177]  ? mempool_double_free_helper+0x184/0x370
[   14.617202]  kasan_report_invalid_free+0x10a/0x130
[   14.617227]  ? mempool_double_free_helper+0x184/0x370
[   14.617254]  ? mempool_double_free_helper+0x184/0x370
[   14.617278]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   14.617302]  mempool_free+0x2ec/0x380
[   14.617330]  mempool_double_free_helper+0x184/0x370
[   14.617355]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.617378]  ? update_load_avg+0x1be/0x21b0
[   14.617404]  ? dequeue_entities+0x27e/0x1740
[   14.617431]  ? finish_task_switch.isra.0+0x153/0x700
[   14.617457]  mempool_kmalloc_large_double_free+0xed/0x140
[   14.617495]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.617524]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.617547]  ? __pfx_mempool_kfree+0x10/0x10
[   14.617572]  ? __pfx_read_tsc+0x10/0x10
[   14.617594]  ? ktime_get_ts64+0x86/0x230
[   14.617619]  kunit_try_run_case+0x1a5/0x480
[   14.617645]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.617668]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.617693]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.617717]  ? __kthread_parkme+0x82/0x180
[   14.617738]  ? preempt_count_sub+0x50/0x80
[   14.617761]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.617786]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.617810]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.617835]  kthread+0x337/0x6f0
[   14.617854]  ? trace_preempt_on+0x20/0xc0
[   14.617879]  ? __pfx_kthread+0x10/0x10
[   14.617900]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.617922]  ? calculate_sigpending+0x7b/0xa0
[   14.617946]  ? __pfx_kthread+0x10/0x10
[   14.617968]  ret_from_fork+0x116/0x1d0
[   14.617988]  ? __pfx_kthread+0x10/0x10
[   14.618008]  ret_from_fork_asm+0x1a/0x30
[   14.618038]  </TASK>
[   14.618050] 
[   14.630771] The buggy address belongs to the physical page:
[   14.631453] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bc
[   14.631992] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.632528] flags: 0x200000000000040(head|node=0|zone=2)
[   14.632911] page_type: f8(unknown)
[   14.633619] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.633983] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.634640] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.635269] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.635643] head: 0200000000000002 ffffea00040e6f01 00000000ffffffff 00000000ffffffff
[   14.636130] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.636624] page dumped because: kasan: bad access detected
[   14.637021] 
[   14.637341] Memory state around the buggy address:
[   14.637745]  ffff8881039bbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.638356]  ffff8881039bbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.638816] >ffff8881039bc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.639254]                    ^
[   14.639621]  ffff8881039bc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.639978]  ffff8881039bc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.640449] ==================================================================
[   14.645404] ==================================================================
[   14.646031] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.646394] Free of addr ffff8881039f4000 by task kunit_try_catch/257
[   14.646646] 
[   14.646758] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.646810] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.646823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.646850] Call Trace:
[   14.646864]  <TASK>
[   14.646883]  dump_stack_lvl+0x73/0xb0
[   14.646915]  print_report+0xd1/0x610
[   14.646940]  ? __virt_addr_valid+0x1db/0x2d0
[   14.646968]  ? kasan_addr_to_slab+0x11/0xa0
[   14.646990]  ? mempool_double_free_helper+0x184/0x370
[   14.647116]  kasan_report_invalid_free+0x10a/0x130
[   14.647146]  ? mempool_double_free_helper+0x184/0x370
[   14.647173]  ? mempool_double_free_helper+0x184/0x370
[   14.647197]  __kasan_mempool_poison_pages+0x115/0x130
[   14.647223]  mempool_free+0x290/0x380
[   14.647253]  mempool_double_free_helper+0x184/0x370
[   14.647278]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.647305]  ? __kasan_check_write+0x18/0x20
[   14.647325]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.647349]  ? finish_task_switch.isra.0+0x153/0x700
[   14.647378]  mempool_page_alloc_double_free+0xe8/0x140
[   14.647404]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   14.647431]  ? __kasan_check_write+0x18/0x20
[   14.647453]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   14.647490]  ? __pfx_mempool_free_pages+0x10/0x10
[   14.647518]  ? __pfx_read_tsc+0x10/0x10
[   14.647542]  ? ktime_get_ts64+0x86/0x230
[   14.647565]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.647594]  kunit_try_run_case+0x1a5/0x480
[   14.647622]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.647648]  ? queued_spin_lock_slowpath+0x116/0xb40
[   14.647675]  ? __kthread_parkme+0x82/0x180
[   14.647697]  ? preempt_count_sub+0x50/0x80
[   14.647721]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.647747]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.647771]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.647814]  kthread+0x337/0x6f0
[   14.647835]  ? trace_preempt_on+0x20/0xc0
[   14.647861]  ? __pfx_kthread+0x10/0x10
[   14.647881]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.647903]  ? calculate_sigpending+0x7b/0xa0
[   14.647929]  ? __pfx_kthread+0x10/0x10
[   14.647951]  ret_from_fork+0x116/0x1d0
[   14.647971]  ? __pfx_kthread+0x10/0x10
[   14.647992]  ret_from_fork_asm+0x1a/0x30
[   14.648025]  </TASK>
[   14.648077] 
[   14.657985] The buggy address belongs to the physical page:
[   14.658348] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4
[   14.658764] flags: 0x200000000000000(node=0|zone=2)
[   14.659021] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   14.659340] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   14.659691] page dumped because: kasan: bad access detected
[   14.660032] 
[   14.660109] Memory state around the buggy address:
[   14.660346]  ffff8881039f3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.660585]  ffff8881039f3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.660813] >ffff8881039f4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.661040]                    ^
[   14.661207]  ffff8881039f4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.661689]  ffff8881039f4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.662022] ==================================================================
[   14.574182] ==================================================================
[   14.574632] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.574894] Free of addr ffff888103249e00 by task kunit_try_catch/253
[   14.575102] 
[   14.575202] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.575252] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.575265] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.575288] Call Trace:
[   14.575301]  <TASK>
[   14.575320]  dump_stack_lvl+0x73/0xb0
[   14.575351]  print_report+0xd1/0x610
[   14.575374]  ? __virt_addr_valid+0x1db/0x2d0
[   14.575399]  ? kasan_complete_mode_report_info+0x64/0x200
[   14.575422]  ? mempool_double_free_helper+0x184/0x370
[   14.575445]  kasan_report_invalid_free+0x10a/0x130
[   14.576083]  ? mempool_double_free_helper+0x184/0x370
[   14.576129]  ? mempool_double_free_helper+0x184/0x370
[   14.576154]  ? mempool_double_free_helper+0x184/0x370
[   14.576179]  check_slab_allocation+0x101/0x130
[   14.576205]  __kasan_mempool_poison_object+0x91/0x1d0
[   14.576230]  mempool_free+0x2ec/0x380
[   14.576260]  mempool_double_free_helper+0x184/0x370
[   14.576284]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.576311]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.576334]  ? finish_task_switch.isra.0+0x153/0x700
[   14.576361]  mempool_kmalloc_double_free+0xed/0x140
[   14.576385]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   14.576412]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.576435]  ? __pfx_mempool_kfree+0x10/0x10
[   14.576461]  ? __pfx_read_tsc+0x10/0x10
[   14.576494]  ? ktime_get_ts64+0x86/0x230
[   14.576520]  kunit_try_run_case+0x1a5/0x480
[   14.576547]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.576570]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.576596]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.576620]  ? __kthread_parkme+0x82/0x180
[   14.576641]  ? preempt_count_sub+0x50/0x80
[   14.576665]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.576689]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.576712]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.576737]  kthread+0x337/0x6f0
[   14.576756]  ? trace_preempt_on+0x20/0xc0
[   14.576796]  ? __pfx_kthread+0x10/0x10
[   14.576817]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.576838]  ? calculate_sigpending+0x7b/0xa0
[   14.576864]  ? __pfx_kthread+0x10/0x10
[   14.576886]  ret_from_fork+0x116/0x1d0
[   14.576905]  ? __pfx_kthread+0x10/0x10
[   14.576927]  ret_from_fork_asm+0x1a/0x30
[   14.576960]  </TASK>
[   14.576971] 
[   14.591563] Allocated by task 253:
[   14.591718]  kasan_save_stack+0x45/0x70
[   14.592061]  kasan_save_track+0x18/0x40
[   14.592418]  kasan_save_alloc_info+0x3b/0x50
[   14.593004]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.593555]  remove_element+0x11e/0x190
[   14.593969]  mempool_alloc_preallocated+0x4d/0x90
[   14.594484]  mempool_double_free_helper+0x8a/0x370
[   14.594843]  mempool_kmalloc_double_free+0xed/0x140
[   14.595416]  kunit_try_run_case+0x1a5/0x480
[   14.595664]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.595879]  kthread+0x337/0x6f0
[   14.596195]  ret_from_fork+0x116/0x1d0
[   14.596616]  ret_from_fork_asm+0x1a/0x30
[   14.597014] 
[   14.597229] Freed by task 253:
[   14.597561]  kasan_save_stack+0x45/0x70
[   14.597794]  kasan_save_track+0x18/0x40
[   14.597944]  kasan_save_free_info+0x3f/0x60
[   14.598249]  __kasan_mempool_poison_object+0x131/0x1d0
[   14.598728]  mempool_free+0x2ec/0x380
[   14.599154]  mempool_double_free_helper+0x109/0x370
[   14.599533]  mempool_kmalloc_double_free+0xed/0x140
[   14.599707]  kunit_try_run_case+0x1a5/0x480
[   14.599899]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.600427]  kthread+0x337/0x6f0
[   14.600753]  ret_from_fork+0x116/0x1d0
[   14.601182]  ret_from_fork_asm+0x1a/0x30
[   14.601570] 
[   14.601737] The buggy address belongs to the object at ffff888103249e00
[   14.601737]  which belongs to the cache kmalloc-128 of size 128
[   14.602607] The buggy address is located 0 bytes inside of
[   14.602607]  128-byte region [ffff888103249e00, ffff888103249e80)
[   14.602983] 
[   14.603064] The buggy address belongs to the physical page:
[   14.603526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249
[   14.604346] flags: 0x200000000000000(node=0|zone=2)
[   14.604887] page_type: f5(slab)
[   14.605240] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.605619] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.605951] page dumped because: kasan: bad access detected
[   14.606514] 
[   14.606690] Memory state around the buggy address:
[   14.607274]  ffff888103249d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.608195]  ffff888103249d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.608857] >ffff888103249e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.609134]                    ^
[   14.609466]  ffff888103249e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.610231]  ffff888103249f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.610872] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

309aWYwhlSaX86OR0tyxd83BkVP

job_id

TEST:linaro@lkft#309abhHRloGo6mUcqoKlDU4ru3c

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/309abhHRloGo6mUcqoKlDU4ru3c

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309aZB5NzMRrrXvciMs4oS7OUp5/bzImage
sha256sum	5de0322184970aef882697713de6fec8525f446885c5f985efe758dc3916b299

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309aZB5NzMRrrXvciMs4oS7OUp5/modules.tar.xz
sha256sum	864aee9916a5d44816f3b48962b2c1a6fbaa1d2aa14a1b69233d00be09ee20a2

durations

tests

boot	0
kunit	226.46

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit