rte_eth_rx_burst -> returning same mbuff pointer twice consecutively

Without an explicit mbuf free in your code, the most likely scenarios are that the mbuf is still being effectively returned/reused through another path in the application or shared unsafely across threads/cores, or that a special driver/path-specific buffer handling issue is corrupting lifecycle state.

• Cross-core/shared mbuf ownership issue. One documented case used one CPU for RX and many worker CPUs consuming mbufs from a ring; the mbuf address was then seen reused/overwritten while still referenced elsewhere. NXP specifically asked whether RTE_MBUF_REFCNT_ATOMIC was enabled for multicore access, and the customer said yes, but the issue was still treated as application-level ownership/lifetime handling.,
• Duplicate release or hidden return path in the application pipeline. NXP’s guidance in that case was to instrument buffer allocate/release/packet-send actions to see whether the same address was being released back to the buffer pool more than once.
• PMD/driver returning malformed mbufs to pool in special paths. There is a separate DPAA2 PMD case involving chained mbufs where mbufs returned to the mempool appeared corrupted ( next not cleared), causing sanity-check failures on later allocation. That is not the same symptom as your report, but it does show that special buffer handling paths can lead to later reuse/corruption symptoms.
• Same source and destination mbuf in crypto path. In a DPAA security/IPsec case, NXP noted that if sym->m_dst is NULL , then m_src and m_dst use the same mbuf. That can make packet contents appear rewritten “in place” under load, even though the pointer identity did not change.