====================================== | Ctrl-C stdout | | WAIT TIMEOUT stdout | [ 804.716920][T16394] kmemleak: Found object by alias at 0xff1100000a43fa40 [ 804.716937][T16394] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 804.716939][T16394] Call Trace: [ 804.716942][T16394] [ 804.716944][T16394] dump_stack_lvl (lib/dump_stack.c:122) [ 804.716955][T16394] __lookup_object (mm/kmemleak.c:447) [ 804.716960][T16394] delete_object_full (mm/kmemleak.c:618 mm/kmemleak.c:636 mm/kmemleak.c:839) [ 804.716964][T16394] kfree (./include/linux/kmemleak.h:50 mm/slub.c:2465 mm/slub.c:6670 mm/slub.c:6878) [ 804.716970][T16394] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 804.716983][T16394] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 804.716986][T16394] mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 804.716991][T16394] ? mptcp_pm_nl_del_addr_doit (net/mptcp/pm_kernel.c:1295) [ 804.716995][T16394] ? genl_family_rcv_msg_attrs_parse.isra.0 (net/netlink/genetlink.c:947) [ 804.717004][T16394] genl_family_rcv_msg_doit (net/netlink/genetlink.c:1117) [ 804.717009][T16394] ? genl_family_rcv_msg_attrs_parse.isra.0 (net/netlink/genetlink.c:1088) [ 804.717012][T16394] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 804.717016][T16394] ? perf_trace_sched_switch (kernel/sched/core.c:8782) [ 804.717019][T16394] ? genl_rcv_msg (net/netlink/genetlink.c:61 net/netlink/genetlink.c:57 net/netlink/genetlink.c:1209) [ 804.717028][T16394] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 804.717031][T16394] ? cap_capable (./include/trace/events/capability.h:26 (discriminator 33) security/commoncap.c:130 (discriminator 33)) [ 804.717039][T16394] genl_family_rcv_msg (net/netlink/genetlink.c:1195) [ 804.717044][T16394] ? genl_family_rcv_msg_dumpit (net/netlink/genetlink.c:1160) [ 804.717049][T16394] ? mptcp_pm_nl_del_addr_doit (net/mptcp/pm_kernel.c:1295) [ 804.717054][T16394] ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1)) [ 804.717062][T16394] genl_rcv_msg (net/netlink/genetlink.c:65 net/netlink/genetlink.c:1211) [ 804.717067][T16394] netlink_rcv_skb (net/netlink/af_netlink.c:2550) [ 804.717071][T16394] ? genl_family_rcv_msg (net/netlink/genetlink.c:1201) [ 804.717076][T16394] ? netlink_ack (net/netlink/af_netlink.c:2527) [ 804.717078][T16394] ? perf_trace_sched_switch (kernel/sched/core.c:8782) [ 804.717089][T16394] ? netlink_deliver_tap (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) ./include/net/netns/generic.h:48 (discriminator 1) net/netlink/af_netlink.c:333 (discriminator 1)) [ 804.717092][T16394] ? netlink_deliver_tap (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) net/netlink/af_netlink.c:340 (discriminator 1)) [ 804.717098][T16394] genl_rcv (net/netlink/genetlink.c:1220) [ 804.717101][T16394] netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) [ 804.717107][T16394] ? netlink_attachskb (net/netlink/af_netlink.c:1329) [ 804.717110][T16394] ? __alloc_skb (./include/linux/bottom_half.h:20 (discriminator 1) net/core/skbuff.c:694 (discriminator 1)) [ 804.717114][T16394] ? napi_skb_cache_get (net/core/skbuff.c:673) [ 804.717118][T16394] ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1)) [ 804.717125][T16394] netlink_sendmsg (net/netlink/af_netlink.c:1894) [ 804.717131][T16394] ? netlink_unicast (net/netlink/af_netlink.c:1813) [ 804.717137][T16394] ? __might_fault (mm/memory.c:7174 (discriminator 4)) [ 804.717145][T16394] __sys_sendto (net/socket.c:730 (discriminator 1) net/socket.c:742 (discriminator 1) net/socket.c:2206 (discriminator 1)) [ 804.717151][T16394] ? __ia32_sys_getpeername (net/socket.c:2173) [ 804.717161][T16394] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536) [ 804.717173][T16394] ? update_socket_protocol+0x10/0x10 [ 804.717180][T16394] __x64_sys_sendto (net/socket.c:2213 (discriminator 1) net/socket.c:2209 (discriminator 1) net/socket.c:2209 (discriminator 1)) [ 804.717184][T16394] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4473) [ 804.717188][T16394] ? do_syscall_64 (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:119 ./include/linux/entry-common.h:108 arch/x86/entry/syscall_64.c:90) [ 804.717190][T16394] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) [ 804.717195][T16394] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131) [ 804.717198][T16394] RIP: 0033:0x7f071e19fc5e [ 804.717203][T16394] Code: 4d 89 d8 e8 14 bd 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa All code ======== 0: 4d 89 d8 mov %r11,%r8 3: e8 14 bd 00 00 call 0xbd1c 8: 4c 8b 5d f8 mov -0x8(%rbp),%r11 c: 41 8b 93 08 03 00 00 mov 0x308(%r11),%edx 13: 59 pop %rcx 14: 5e pop %rsi 15: 48 83 f8 fc cmp $0xfffffffffffffffc,%rax 19: 74 11 je 0x2c 1b: c9 leave 1c: c3 ret 1d: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 24: 48 8b 45 10 mov 0x10(%rbp),%rax 28: 0f 05 syscall 2a:* c9 leave <-- trapping instruction 2b: c3 ret 2c: 83 e2 39 and $0x39,%edx 2f: 83 fa 08 cmp $0x8,%edx 32: 75 e7 jne 0x1b 34: e8 13 ff ff ff call 0xffffffffffffff4c 39: 0f 1f 00 nopl (%rax) 3c: f3 0f 1e fa endbr64 Code starting with the faulting instruction =========================================== 0: c9 leave 1: c3 ret 2: 83 e2 39 and $0x39,%edx 5: 83 fa 08 cmp $0x8,%edx 8: 75 e7 jne 0xfffffffffffffff1 a: e8 13 ff ff ff call 0xffffffffffffff22 f: 0f 1f 00 nopl (%rax) 12: f3 0f 1e fa endbr64 [ 804.717205][T16394] RSP: 002b:00007ffe4444e370 EFLAGS: 00000202 ORIG_RAX: 000000000000002c [ 804.717210][T16394] RAX: ffffffffffffffda RBX: 00007ffe4444e420 RCX: 00007f071e19fc5e [ 804.717212][T16394] RDX: 0000000000000014 RSI: 00007ffe4444e420 RDI: 0000000000000005 [ 804.717214][T16394] RBP: 00007ffe4444e380 R08: 00007ffe4444e3e4 R09: 000000000000000c [ 804.717215][T16394] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 804.717217][T16394] R13: 0000000000000005 R14: 00007f071e36a000 R15: 0000000000406e00 | [ 804.717265][T16394] ================================================================== | [ 804.727552][T16394] BUG: KASAN: invalid-free in mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) | [ 804.727744][T16394] Free of addr ff1100000a43fa40 by task pm_nl_ctl/16394 | [ 804.727900][T16394] [ 804.727968][T16394] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 804.727970][T16394] Call Trace: [ 804.727971][T16394] [ 804.727973][T16394] dump_stack_lvl (lib/dump_stack.c:122) [ 804.727981][T16394] print_address_description.constprop.0 (mm/kasan/report.c:379) [ 804.727986][T16394] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 804.727989][T16394] print_report (mm/kasan/report.c:483) [ 804.727991][T16394] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 804.727994][T16394] ? __virt_addr_valid (./include/linux/rcupdate.h:981 (discriminator 3) ./include/linux/mmzone.h:2193 (discriminator 3) arch/x86/mm/physaddr.c:54 (discriminator 3)) [ 804.727997][T16394] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 804.728000][T16394] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 804.728002][T16394] kasan_report_invalid_free (mm/kasan/report.c:221 mm/kasan/report.c:563) [ 804.728007][T16394] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 804.728011][T16394] check_slab_allocation (mm/kasan/common.c:231) [ 804.728014][T16394] kfree (mm/slub.c:2485 (discriminator 1) mm/slub.c:6670 (discriminator 1) mm/slub.c:6878 (discriminator 1)) [ 804.728017][T16394] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 804.728020][T16394] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 804.728023][T16394] mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 804.728026][T16394] ? mptcp_pm_nl_del_addr_doit (net/mptcp/pm_kernel.c:1295) [ 804.728029][T16394] ? genl_family_rcv_msg_attrs_parse.isra.0 (net/netlink/genetlink.c:947) [ 804.728034][T16394] genl_family_rcv_msg_doit (net/netlink/genetlink.c:1117) [ 804.728037][T16394] ? genl_family_rcv_msg_attrs_parse.isra.0 (net/netlink/genetlink.c:1088) [ 804.728040][T16394] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 804.728043][T16394] ? perf_trace_sched_switch (kernel/sched/core.c:8782) [ 804.728046][T16394] ? genl_rcv_msg (net/netlink/genetlink.c:61 net/netlink/genetlink.c:57 net/netlink/genetlink.c:1209) [ 804.728051][T16394] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 804.728053][T16394] ? cap_capable (./include/trace/events/capability.h:26 (discriminator 33) security/commoncap.c:130 (discriminator 33)) [ 804.728057][T16394] genl_family_rcv_msg (net/netlink/genetlink.c:1195) [ 804.728061][T16394] ? genl_family_rcv_msg_dumpit (net/netlink/genetlink.c:1160) [ 804.728064][T16394] ? mptcp_pm_nl_del_addr_doit (net/mptcp/pm_kernel.c:1295) [ 804.728067][T16394] ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1)) [ 804.728071][T16394] genl_rcv_msg (net/netlink/genetlink.c:65 net/netlink/genetlink.c:1211) [ 804.728075][T16394] netlink_rcv_skb (net/netlink/af_netlink.c:2550) [ 804.728077][T16394] ? genl_family_rcv_msg (net/netlink/genetlink.c:1201) [ 804.728081][T16394] ? netlink_ack (net/netlink/af_netlink.c:2527) [ 804.728083][T16394] ? perf_trace_sched_switch (kernel/sched/core.c:8782) [ 804.728088][T16394] ? netlink_deliver_tap (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) ./include/net/netns/generic.h:48 (discriminator 1) net/netlink/af_netlink.c:333 (discriminator 1)) [ 804.728090][T16394] ? netlink_deliver_tap (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) net/netlink/af_netlink.c:340 (discriminator 1)) [ 804.728093][T16394] genl_rcv (net/netlink/genetlink.c:1220) [ 804.728096][T16394] netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) [ 804.728100][T16394] ? netlink_attachskb (net/netlink/af_netlink.c:1329) [ 804.728102][T16394] ? __alloc_skb (./include/linux/bottom_half.h:20 (discriminator 1) net/core/skbuff.c:694 (discriminator 1)) [ 804.728105][T16394] ? napi_skb_cache_get (net/core/skbuff.c:673) [ 804.728108][T16394] ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1)) [ 804.728112][T16394] netlink_sendmsg (net/netlink/af_netlink.c:1894) [ 804.728116][T16394] ? netlink_unicast (net/netlink/af_netlink.c:1813) [ 804.728119][T16394] ? __might_fault (mm/memory.c:7174 (discriminator 4)) [ 804.728123][T16394] __sys_sendto (net/socket.c:730 (discriminator 1) net/socket.c:742 (discriminator 1) net/socket.c:2206 (discriminator 1)) [ 804.728127][T16394] ? __ia32_sys_getpeername (net/socket.c:2173) [ 804.728131][T16394] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536) [ 804.728136][T16394] ? update_socket_protocol+0x10/0x10 [ 804.728139][T16394] __x64_sys_sendto (net/socket.c:2213 (discriminator 1) net/socket.c:2209 (discriminator 1) net/socket.c:2209 (discriminator 1)) [ 804.728142][T16394] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4473) [ 804.728144][T16394] ? do_syscall_64 (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:119 ./include/linux/entry-common.h:108 arch/x86/entry/syscall_64.c:90) [ 804.728147][T16394] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) [ 804.728150][T16394] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131) [ 804.728153][T16394] RIP: 0033:0x7f071e19fc5e [ 804.728156][T16394] Code: 4d 89 d8 e8 14 bd 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa All code ======== 0: 4d 89 d8 mov %r11,%r8 3: e8 14 bd 00 00 call 0xbd1c 8: 4c 8b 5d f8 mov -0x8(%rbp),%r11 c: 41 8b 93 08 03 00 00 mov 0x308(%r11),%edx 13: 59 pop %rcx 14: 5e pop %rsi 15: 48 83 f8 fc cmp $0xfffffffffffffffc,%rax 19: 74 11 je 0x2c 1b: c9 leave 1c: c3 ret 1d: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 24: 48 8b 45 10 mov 0x10(%rbp),%rax 28: 0f 05 syscall 2a:* c9 leave <-- trapping instruction 2b: c3 ret 2c: 83 e2 39 and $0x39,%edx 2f: 83 fa 08 cmp $0x8,%edx 32: 75 e7 jne 0x1b 34: e8 13 ff ff ff call 0xffffffffffffff4c 39: 0f 1f 00 nopl (%rax) 3c: f3 0f 1e fa endbr64 Code starting with the faulting instruction =========================================== 0: c9 leave 1: c3 ret 2: 83 e2 39 and $0x39,%edx 5: 83 fa 08 cmp $0x8,%edx 8: 75 e7 jne 0xfffffffffffffff1 a: e8 13 ff ff ff call 0xffffffffffffff22 f: 0f 1f 00 nopl (%rax) 12: f3 0f 1e fa endbr64 [ 804.728159][T16394] RSP: 002b:00007ffe4444e370 EFLAGS: 00000202 ORIG_RAX: 000000000000002c [ 804.728163][T16394] RAX: ffffffffffffffda RBX: 00007ffe4444e420 RCX: 00007f071e19fc5e [ 804.728165][T16394] RDX: 0000000000000014 RSI: 00007ffe4444e420 RDI: 0000000000000005 [ 804.728166][T16394] RBP: 00007ffe4444e380 R08: 00007ffe4444e3e4 R09: 000000000000000c [ 804.728168][T16394] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 804.728169][T16394] R13: 0000000000000005 R14: 00007f071e36a000 R15: 0000000000406e00 | [ 804.744007][T16394] Disabling lock debugging due to kernel taint | [ 804.832912][T16399] Oops: general protection fault, probably for non-canonical address 0xfbd59c0000000024: 0000 [#1] SMP KASAN | [ 804.833141][T16399] KASAN: maybe wild-memory-access in range [0xdead000000000120-0xdead000000000127] | [ 804.833488][T16399] Tainted: [B]=BAD_PAGE [ 804.833558][T16399] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 804.833666][T16399] RIP: 0010:mptcp_pm_nl_flush_addrs_doit (net/mptcp/pm_kernel.c:1311) [ 804.833788][T16399] Code: 31 f6 e8 6b 09 5b fe 48 89 df e8 63 ee 0d 00 e8 5e 04 eb fd 48 8b 5c 24 40 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 <80> 3c 02 00 0f 85 e8 02 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 All code ======== 0: 31 f6 xor %esi,%esi 2: e8 6b 09 5b fe call 0xfffffffffe5b0972 7: 48 89 df mov %rbx,%rdi a: e8 63 ee 0d 00 call 0xdee72 f: e8 5e 04 eb fd call 0xfffffffffdeb0472 14: 48 8b 5c 24 40 mov 0x40(%rsp),%rbx 19: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 20: fc ff df 23: 48 89 da mov %rbx,%rdx 26: 48 c1 ea 03 shr $0x3,%rdx 2a:* 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1) <-- trapping instruction 2e: 0f 85 e8 02 00 00 jne 0x31c 34: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 3b: fc ff df 3e: 4c rex.WR 3f: 89 .byte 0x89 Code starting with the faulting instruction =========================================== 0: 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1) 4: 0f 85 e8 02 00 00 jne 0x2f2 a: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 11: fc ff df 14: 4c rex.WR 15: 89 .byte 0x89 [ 804.834093][T16399] RSP: 0018:ffa00000034876e8 EFLAGS: 00010216 [ 804.834201][T16399] RAX: dffffc0000000000 RBX: dead000000000122 RCX: 1ffffffff2c8e1f0 [ 804.834327][T16399] RDX: 1bd5a00000000024 RSI: ffffffff95e6b100 RDI: ffffffff96470f80 [ 804.834450][T16399] RBP: ffa0000003487788 R08: ffffffff93973c84 R09: fffffbfff2e5038a [ 804.834573][T16399] R10: 0000000000000000 R11: ffffffff98b23c18 R12: ff110000116d0580 [ 804.834697][T16399] R13: ffa0000003487720 R14: ff1100000a43fa40 R15: 1ff4000000690ee0 [ 804.834822][T16399] FS: 00007f80cd6bd740(0000) GS:ff1100009d664000(0000) knlGS:0000000000000000 [ 804.834978][T16399] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 804.835092][T16399] CR2: 00007f80cd71f0a0 CR3: 000000001956a006 CR4: 0000000000771ef0 [ 804.835217][T16399] PKRU: 55555554 [ 804.835280][T16399] Call Trace: [ 804.835344][T16399] [ 804.835388][T16399] ? mptcp_pm_nl_del_addr_doit (net/mptcp/pm_kernel.c:1295) [ 804.835497][T16399] ? genl_family_rcv_msg_attrs_parse.isra.0 (net/netlink/genetlink.c:947) [ 804.835603][T16399] genl_family_rcv_msg_doit (net/netlink/genetlink.c:1117) [ 804.835686][T16399] ? genl_family_rcv_msg_attrs_parse.isra.0 (net/netlink/genetlink.c:1088) [ 804.835789][T16399] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 804.835873][T16399] ? perf_trace_sched_switch (kernel/sched/core.c:8782) [ 804.835957][T16399] ? genl_rcv_msg (net/netlink/genetlink.c:61 net/netlink/genetlink.c:57 net/netlink/genetlink.c:1209) [ 804.836051][T16399] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 804.836136][T16399] ? cap_capable (./include/trace/events/capability.h:26 (discriminator 33) security/commoncap.c:130 (discriminator 33)) [ 804.836220][T16399] genl_family_rcv_msg (net/netlink/genetlink.c:1195) [ 804.836304][T16399] ? genl_family_rcv_msg_dumpit (net/netlink/genetlink.c:1160) [ 804.836410][T16399] ? mptcp_pm_nl_del_addr_doit (net/mptcp/pm_kernel.c:1295) [ 804.836512][T16399] ? stack_trace_save (kernel/stacktrace.c:123) [ 804.836599][T16399] genl_rcv_msg (net/netlink/genetlink.c:65 net/netlink/genetlink.c:1211) [ 804.836681][T16399] netlink_rcv_skb (net/netlink/af_netlink.c:2550) [ 804.836766][T16399] ? genl_family_rcv_msg (net/netlink/genetlink.c:1201) [ 804.836849][T16399] ? netlink_ack (net/netlink/af_netlink.c:2527) [ 804.836936][T16399] ? perf_trace_sched_switch (kernel/sched/core.c:8782) [ 804.837026][T16399] ? netlink_deliver_tap (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) ./include/net/netns/generic.h:48 (discriminator 1) net/netlink/af_netlink.c:333 (discriminator 1)) [ 804.837110][T16399] ? lock_acquire (./include/trace/events/lock.h:24 (discriminator 33) kernel/locking/lockdep.c:5831 (discriminator 33)) [ 804.837193][T16399] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 804.837279][T16399] genl_rcv (net/netlink/genetlink.c:1220) [ 804.837344][T16399] netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) [ 804.837427][T16399] ? netlink_attachskb (net/netlink/af_netlink.c:1329) [ 804.837510][T16399] ? __alloc_skb (./include/linux/bottom_half.h:20 (discriminator 1) net/core/skbuff.c:694 (discriminator 1)) [ 804.837596][T16399] ? napi_skb_cache_get (net/core/skbuff.c:673) [ 804.837678][T16399] ? trace_hardirqs_on (kernel/trace/trace_preemptirq.c:79 (discriminator 1)) [ 804.837768][T16399] ? __wake_up (kernel/sched/wait.c:129 kernel/sched/wait.c:146) [ 804.837836][T16399] netlink_sendmsg (net/netlink/af_netlink.c:1894) [ 804.837927][T16399] ? netlink_unicast (net/netlink/af_netlink.c:1813) [ 804.838016][T16399] ? __might_fault (mm/memory.c:7174 (discriminator 4)) [ 804.838106][T16399] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 804.838189][T16399] ? lock_release (./include/trace/events/lock.h:69 (discriminator 33) kernel/locking/lockdep.c:5879 (discriminator 33)) [ 804.838276][T16399] __sys_sendto (net/socket.c:730 (discriminator 1) net/socket.c:742 (discriminator 1) net/socket.c:2206 (discriminator 1)) [ 804.838364][T16399] ? __ia32_sys_getpeername (net/socket.c:2173) [ 804.838450][T16399] ? do_raw_spin_unlock (./arch/x86/include/asm/atomic.h:23 ./include/linux/atomic/atomic-arch-fallback.h:457 ./include/linux/atomic/atomic-instrumented.h:33 ./include/asm-generic/qspinlock.h:57 kernel/locking/spinlock_debug.c:101 kernel/locking/spinlock_debug.c:141) [ 804.838537][T16399] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 804.838623][T16399] ? fd_install (./include/linux/rcupdate.h:331 (discriminator 1) ./include/linux/rcupdate.h:958 (discriminator 1) fs/file.c:688 (discriminator 1)) [ 804.838710][T16399] ? handle_mm_fault (mm/memory.c:6580) [ 804.838794][T16399] ? update_socket_protocol+0x10/0x10 [ 804.838878][T16399] ? lock_release (./include/trace/events/lock.h:69 (discriminator 33) kernel/locking/lockdep.c:5879 (discriminator 33)) [ 804.838964][T16399] __x64_sys_sendto (net/socket.c:2213 (discriminator 1) net/socket.c:2209 (discriminator 1) net/socket.c:2209 (discriminator 1)) [ 804.839060][T16399] ? trace_irq_enable.constprop.0 (./include/trace/events/preemptirq.h:40 (discriminator 33)) [ 804.839207][T16399] ? trace_hardirqs_on (kernel/trace/trace_preemptirq.c:79 (discriminator 1)) [ 804.839304][T16399] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) [ 804.839390][T16399] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131) [ 804.839493][T16399] RIP: 0033:0x7f80cd72ec5e [ 804.839587][T16399] Code: 4d 89 d8 e8 14 bd 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa All code ======== 0: 4d 89 d8 mov %r11,%r8 3: e8 14 bd 00 00 call 0xbd1c 8: 4c 8b 5d f8 mov -0x8(%rbp),%r11 c: 41 8b 93 08 03 00 00 mov 0x308(%r11),%edx 13: 59 pop %rcx 14: 5e pop %rsi 15: 48 83 f8 fc cmp $0xfffffffffffffffc,%rax 19: 74 11 je 0x2c 1b: c9 leave 1c: c3 ret 1d: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 24: 48 8b 45 10 mov 0x10(%rbp),%rax 28: 0f 05 syscall 2a:* c9 leave <-- trapping instruction 2b: c3 ret 2c: 83 e2 39 and $0x39,%edx 2f: 83 fa 08 cmp $0x8,%edx 32: 75 e7 jne 0x1b 34: e8 13 ff ff ff call 0xffffffffffffff4c 39: 0f 1f 00 nopl (%rax) 3c: f3 0f 1e fa endbr64 Code starting with the faulting instruction =========================================== 0: c9 leave 1: c3 ret 2: 83 e2 39 and $0x39,%edx 5: 83 fa 08 cmp $0x8,%edx 8: 75 e7 jne 0xfffffffffffffff1 a: e8 13 ff ff ff call 0xffffffffffffff22 f: 0f 1f 00 nopl (%rax) 12: f3 0f 1e fa endbr64 [ 804.839880][T16399] RSP: 002b:00007fff49287c00 EFLAGS: 00000202 ORIG_RAX: 000000000000002c [ 804.840021][T16399] RAX: ffffffffffffffda RBX: 00007fff49287cb0 RCX: 00007f80cd72ec5e [ 804.840162][T16399] RDX: 0000000000000014 RSI: 00007fff49287cb0 RDI: 0000000000000005 [ 804.840340][T16399] RBP: 00007fff49287c10 R08: 00007fff49287c74 R09: 000000000000000c [ 804.840514][T16399] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 Finger prints: __lookup_object:delete_object_full:kfree:mptcp_pm_nl_flush_addrs_doit:genl_family_rcv_msg_doit print_report:kasan_report_invalid_free:check_slab_allocation:kfree:mptcp_pm_nl_flush_addrs_doit mptcp_pm_nl_flush_addrs_doit:genl_family_rcv_msg_doit:genl_family_rcv_msg:genl_rcv_msg:netlink_rcv_skb