====================================== | Ctrl-C stdout | | WAIT TIMEOUT stdout | [ 27.534919][ T774] kmemleak: Found object by alias at 0xff1100000c651740 [ 27.534932][ T774] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 27.534933][ T774] Call Trace: [ 27.534935][ T774] [ 27.534937][ T774] dump_stack_lvl (lib/dump_stack.c:122) [ 27.534946][ T774] __lookup_object (mm/kmemleak.c:447) [ 27.534950][ T774] delete_object_full (mm/kmemleak.c:618 mm/kmemleak.c:636 mm/kmemleak.c:839) [ 27.534953][ T774] kfree (./include/linux/kmemleak.h:50 mm/slub.c:2465 mm/slub.c:6670 mm/slub.c:6878) [ 27.534956][ T774] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 27.534962][ T774] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 27.534964][ T774] mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 27.534967][ T774] ? mptcp_pm_nl_del_addr_doit (net/mptcp/pm_kernel.c:1295) [ 27.534970][ T774] ? genl_family_rcv_msg_attrs_parse.isra.0 (net/netlink/genetlink.c:947) [ 27.534976][ T774] genl_family_rcv_msg_doit (net/netlink/genetlink.c:1117) [ 27.534979][ T774] ? genl_family_rcv_msg_attrs_parse.isra.0 (net/netlink/genetlink.c:1088) [ 27.534981][ T774] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 27.534984][ T774] ? perf_trace_sched_switch (kernel/sched/core.c:8782) [ 27.534987][ T774] ? genl_rcv_msg (net/netlink/genetlink.c:61 net/netlink/genetlink.c:57 net/netlink/genetlink.c:1209) [ 27.534992][ T774] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 27.534994][ T774] ? cap_capable (./include/trace/events/capability.h:26 (discriminator 33) security/commoncap.c:130 (discriminator 33)) [ 27.534999][ T774] genl_family_rcv_msg (net/netlink/genetlink.c:1195) [ 27.535003][ T774] ? genl_family_rcv_msg_dumpit (net/netlink/genetlink.c:1160) [ 27.535006][ T774] ? mptcp_pm_nl_del_addr_doit (net/mptcp/pm_kernel.c:1295) [ 27.535008][ T774] ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1)) [ 27.535013][ T774] genl_rcv_msg (net/netlink/genetlink.c:65 net/netlink/genetlink.c:1211) [ 27.535016][ T774] netlink_rcv_skb (net/netlink/af_netlink.c:2550) [ 27.535019][ T774] ? genl_family_rcv_msg (net/netlink/genetlink.c:1201) [ 27.535022][ T774] ? netlink_ack (net/netlink/af_netlink.c:2527) [ 27.535024][ T774] ? perf_trace_sched_switch (kernel/sched/core.c:8782) [ 27.535029][ T774] ? netlink_deliver_tap (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) ./include/net/netns/generic.h:48 (discriminator 1) net/netlink/af_netlink.c:333 (discriminator 1)) [ 27.535031][ T774] ? netlink_deliver_tap (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) net/netlink/af_netlink.c:340 (discriminator 1)) [ 27.535035][ T774] genl_rcv (net/netlink/genetlink.c:1220) [ 27.535037][ T774] netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) [ 27.535041][ T774] ? netlink_attachskb (net/netlink/af_netlink.c:1329) [ 27.535042][ T774] ? __alloc_skb (./include/linux/bottom_half.h:20 (discriminator 1) net/core/skbuff.c:694 (discriminator 1)) [ 27.535046][ T774] ? napi_skb_cache_get (net/core/skbuff.c:673) [ 27.535048][ T774] ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1)) [ 27.535052][ T774] netlink_sendmsg (net/netlink/af_netlink.c:1894) [ 27.535056][ T774] ? netlink_unicast (net/netlink/af_netlink.c:1813) [ 27.535059][ T774] ? __might_fault (mm/memory.c:7174 (discriminator 4)) [ 27.535065][ T774] __sys_sendto (net/socket.c:730 (discriminator 1) net/socket.c:742 (discriminator 1) net/socket.c:2206 (discriminator 1)) [ 27.535068][ T774] ? __ia32_sys_getpeername (net/socket.c:2173) [ 27.535074][ T774] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536) [ 27.535080][ T774] ? update_socket_protocol+0x10/0x10 [ 27.535084][ T774] __x64_sys_sendto (net/socket.c:2213 (discriminator 1) net/socket.c:2209 (discriminator 1) net/socket.c:2209 (discriminator 1)) [ 27.535087][ T774] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4473) [ 27.535090][ T774] ? do_syscall_64 (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:119 ./include/linux/entry-common.h:108 arch/x86/entry/syscall_64.c:90) [ 27.535092][ T774] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) [ 27.535095][ T774] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131) [ 27.535097][ T774] RIP: 0033:0x7fddbf84dc5e [ 27.535101][ T774] Code: 4d 89 d8 e8 14 bd 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa All code ======== 0: 4d 89 d8 mov %r11,%r8 3: e8 14 bd 00 00 call 0xbd1c 8: 4c 8b 5d f8 mov -0x8(%rbp),%r11 c: 41 8b 93 08 03 00 00 mov 0x308(%r11),%edx 13: 59 pop %rcx 14: 5e pop %rsi 15: 48 83 f8 fc cmp $0xfffffffffffffffc,%rax 19: 74 11 je 0x2c 1b: c9 leave 1c: c3 ret 1d: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 24: 48 8b 45 10 mov 0x10(%rbp),%rax 28: 0f 05 syscall 2a:* c9 leave <-- trapping instruction 2b: c3 ret 2c: 83 e2 39 and $0x39,%edx 2f: 83 fa 08 cmp $0x8,%edx 32: 75 e7 jne 0x1b 34: e8 13 ff ff ff call 0xffffffffffffff4c 39: 0f 1f 00 nopl (%rax) 3c: f3 0f 1e fa endbr64 Code starting with the faulting instruction =========================================== 0: c9 leave 1: c3 ret 2: 83 e2 39 and $0x39,%edx 5: 83 fa 08 cmp $0x8,%edx 8: 75 e7 jne 0xfffffffffffffff1 a: e8 13 ff ff ff call 0xffffffffffffff22 f: 0f 1f 00 nopl (%rax) 12: f3 0f 1e fa endbr64 [ 27.535103][ T774] RSP: 002b:00007fffcba0fdb0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c [ 27.535106][ T774] RAX: ffffffffffffffda RBX: 00007fffcba0fe60 RCX: 00007fddbf84dc5e [ 27.535107][ T774] RDX: 0000000000000014 RSI: 00007fffcba0fe60 RDI: 0000000000000005 [ 27.535108][ T774] RBP: 00007fffcba0fdc0 R08: 00007fffcba0fe24 R09: 000000000000000c [ 27.535109][ T774] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 27.535110][ T774] R13: 0000000000000005 R14: 00007fddbfa18000 R15: 0000000000406e00 | [ 27.535141][ T774] ================================================================== | [ 27.542309][ T774] BUG: KASAN: invalid-free in mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) | [ 27.542442][ T774] Free of addr ff1100000c651740 by task pm_nl_ctl/774 | [ 27.542553][ T774] [ 27.542600][ T774] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 27.542601][ T774] Call Trace: [ 27.542602][ T774] [ 27.542603][ T774] dump_stack_lvl (lib/dump_stack.c:122) [ 27.542606][ T774] print_address_description.constprop.0 (mm/kasan/report.c:379) [ 27.542609][ T774] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 27.542611][ T774] print_report (mm/kasan/report.c:483) [ 27.542612][ T774] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 27.542614][ T774] ? __virt_addr_valid (./include/linux/rcupdate.h:981 (discriminator 3) ./include/linux/mmzone.h:2193 (discriminator 3) arch/x86/mm/physaddr.c:54 (discriminator 3)) [ 27.542617][ T774] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 27.542618][ T774] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 27.542620][ T774] kasan_report_invalid_free (mm/kasan/report.c:221 mm/kasan/report.c:563) [ 27.542623][ T774] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 27.542625][ T774] check_slab_allocation (mm/kasan/common.c:231) [ 27.542628][ T774] kfree (mm/slub.c:2485 (discriminator 1) mm/slub.c:6670 (discriminator 1) mm/slub.c:6878 (discriminator 1)) [ 27.542629][ T774] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 27.542631][ T774] ? mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 27.542633][ T774] mptcp_pm_nl_flush_addrs_doit (./include/linux/list.h:381 (discriminator 2) net/mptcp/pm_kernel.c:1276 (discriminator 2) net/mptcp/pm_kernel.c:1315 (discriminator 2)) [ 27.542635][ T774] ? mptcp_pm_nl_del_addr_doit (net/mptcp/pm_kernel.c:1295) [ 27.542637][ T774] ? genl_family_rcv_msg_attrs_parse.isra.0 (net/netlink/genetlink.c:947) [ 27.542640][ T774] genl_family_rcv_msg_doit (net/netlink/genetlink.c:1117) [ 27.542642][ T774] ? genl_family_rcv_msg_attrs_parse.isra.0 (net/netlink/genetlink.c:1088) [ 27.542644][ T774] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 27.542646][ T774] ? perf_trace_sched_switch (kernel/sched/core.c:8782) [ 27.542647][ T774] ? genl_rcv_msg (net/netlink/genetlink.c:61 net/netlink/genetlink.c:57 net/netlink/genetlink.c:1209) [ 27.542650][ T774] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 27.542652][ T774] ? cap_capable (./include/trace/events/capability.h:26 (discriminator 33) security/commoncap.c:130 (discriminator 33)) [ 27.542654][ T774] genl_family_rcv_msg (net/netlink/genetlink.c:1195) [ 27.542656][ T774] ? genl_family_rcv_msg_dumpit (net/netlink/genetlink.c:1160) [ 27.542658][ T774] ? mptcp_pm_nl_del_addr_doit (net/mptcp/pm_kernel.c:1295) [ 27.542660][ T774] ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1)) [ 27.542663][ T774] genl_rcv_msg (net/netlink/genetlink.c:65 net/netlink/genetlink.c:1211) [ 27.542665][ T774] netlink_rcv_skb (net/netlink/af_netlink.c:2550) [ 27.542667][ T774] ? genl_family_rcv_msg (net/netlink/genetlink.c:1201) [ 27.542669][ T774] ? netlink_ack (net/netlink/af_netlink.c:2527) [ 27.542671][ T774] ? perf_trace_sched_switch (kernel/sched/core.c:8782) [ 27.542673][ T774] ? netlink_deliver_tap (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) ./include/net/netns/generic.h:48 (discriminator 1) net/netlink/af_netlink.c:333 (discriminator 1)) [ 27.542675][ T774] ? netlink_deliver_tap (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) net/netlink/af_netlink.c:340 (discriminator 1)) [ 27.542677][ T774] genl_rcv (net/netlink/genetlink.c:1220) [ 27.542679][ T774] netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) [ 27.542684][ T774] ? netlink_attachskb (net/netlink/af_netlink.c:1329) [ 27.542686][ T774] ? __alloc_skb (./include/linux/bottom_half.h:20 (discriminator 1) net/core/skbuff.c:694 (discriminator 1)) [ 27.542688][ T774] ? napi_skb_cache_get (net/core/skbuff.c:673) [ 27.542689][ T774] ? __lock_acquire (kernel/locking/lockdep.c:5237 (discriminator 1)) [ 27.542692][ T774] netlink_sendmsg (net/netlink/af_netlink.c:1894) [ 27.542694][ T774] ? netlink_unicast (net/netlink/af_netlink.c:1813) [ 27.542696][ T774] ? __might_fault (mm/memory.c:7174 (discriminator 4)) [ 27.542699][ T774] __sys_sendto (net/socket.c:730 (discriminator 1) net/socket.c:742 (discriminator 1) net/socket.c:2206 (discriminator 1)) [ 27.542701][ T774] ? __ia32_sys_getpeername (net/socket.c:2173) [ 27.542703][ T774] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536) [ 27.542706][ T774] ? update_socket_protocol+0x10/0x10 [ 27.542708][ T774] __x64_sys_sendto (net/socket.c:2213 (discriminator 1) net/socket.c:2209 (discriminator 1) net/socket.c:2209 (discriminator 1)) [ 27.542710][ T774] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4473) [ 27.542711][ T774] ? do_syscall_64 (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:119 ./include/linux/entry-common.h:108 arch/x86/entry/syscall_64.c:90) [ 27.542713][ T774] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) [ 27.542715][ T774] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131) [ 27.542716][ T774] RIP: 0033:0x7fddbf84dc5e [ 27.542718][ T774] Code: 4d 89 d8 e8 14 bd 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa All code ======== 0: 4d 89 d8 mov %r11,%r8 3: e8 14 bd 00 00 call 0xbd1c 8: 4c 8b 5d f8 mov -0x8(%rbp),%r11 c: 41 8b 93 08 03 00 00 mov 0x308(%r11),%edx 13: 59 pop %rcx 14: 5e pop %rsi 15: 48 83 f8 fc cmp $0xfffffffffffffffc,%rax 19: 74 11 je 0x2c 1b: c9 leave 1c: c3 ret 1d: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 24: 48 8b 45 10 mov 0x10(%rbp),%rax 28: 0f 05 syscall 2a:* c9 leave <-- trapping instruction 2b: c3 ret 2c: 83 e2 39 and $0x39,%edx 2f: 83 fa 08 cmp $0x8,%edx 32: 75 e7 jne 0x1b 34: e8 13 ff ff ff call 0xffffffffffffff4c 39: 0f 1f 00 nopl (%rax) 3c: f3 0f 1e fa endbr64 Code starting with the faulting instruction =========================================== 0: c9 leave 1: c3 ret 2: 83 e2 39 and $0x39,%edx 5: 83 fa 08 cmp $0x8,%edx 8: 75 e7 jne 0xfffffffffffffff1 a: e8 13 ff ff ff call 0xffffffffffffff22 f: 0f 1f 00 nopl (%rax) 12: f3 0f 1e fa endbr64 [ 27.542719][ T774] RSP: 002b:00007fffcba0fdb0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c [ 27.542721][ T774] RAX: ffffffffffffffda RBX: 00007fffcba0fe60 RCX: 00007fddbf84dc5e [ 27.542722][ T774] RDX: 0000000000000014 RSI: 00007fffcba0fe60 RDI: 0000000000000005 [ 27.542722][ T774] RBP: 00007fffcba0fdc0 R08: 00007fffcba0fe24 R09: 000000000000000c [ 27.542723][ T774] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 [ 27.542724][ T774] R13: 0000000000000005 R14: 00007fddbfa18000 R15: 0000000000406e00 | [ 27.553528][ T774] Disabling lock debugging due to kernel taint | [ 27.618922][ T779] Oops: general protection fault, probably for non-canonical address 0xfbd59c0000000024: 0000 [#1] SMP KASAN | [ 27.619132][ T779] KASAN: maybe wild-memory-access in range [0xdead000000000120-0xdead000000000127] | [ 27.619463][ T779] Tainted: [B]=BAD_PAGE [ 27.619526][ T779] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 27.619628][ T779] RIP: 0010:mptcp_pm_nl_flush_addrs_doit (net/mptcp/pm_kernel.c:1311) [ 27.619743][ T779] Code: 31 f6 e8 6b 09 5b fe 48 89 df e8 63 ee 0d 00 e8 5e 04 eb fd 48 8b 5c 24 40 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 <80> 3c 02 00 0f 85 e8 02 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 All code ======== 0: 31 f6 xor %esi,%esi 2: e8 6b 09 5b fe call 0xfffffffffe5b0972 7: 48 89 df mov %rbx,%rdi a: e8 63 ee 0d 00 call 0xdee72 f: e8 5e 04 eb fd call 0xfffffffffdeb0472 14: 48 8b 5c 24 40 mov 0x40(%rsp),%rbx 19: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 20: fc ff df 23: 48 89 da mov %rbx,%rdx 26: 48 c1 ea 03 shr $0x3,%rdx 2a:* 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1) <-- trapping instruction 2e: 0f 85 e8 02 00 00 jne 0x31c 34: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 3b: fc ff df 3e: 4c rex.WR 3f: 89 .byte 0x89 Code starting with the faulting instruction =========================================== 0: 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1) 4: 0f 85 e8 02 00 00 jne 0x2f2 a: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 11: fc ff df 14: 4c rex.WR 15: 89 .byte 0x89 [ 27.620036][ T779] RSP: 0018:ffa0000002a676e8 EFLAGS: 00010216 [ 27.620140][ T779] RAX: dffffc0000000000 RBX: dead000000000122 RCX: 1ffffffff2f8e1f2 [ 27.620266][ T779] RDX: 1bd5a00000000024 RSI: ffffffff9766b100 RDI: ffffffff97c70f90 [ 27.620389][ T779] RBP: ffa0000002a67788 R08: ffffffff95173c84 R09: fffffbfff315038a [ 27.620513][ T779] R10: 0000000000000002 R11: ffffffff9a313a78 R12: ff11000004f3de00 [ 27.620636][ T779] R13: ffa0000002a67720 R14: ff1100000c651740 R15: 1ff400000054cee0 [ 27.620765][ T779] FS: 00007fad273a8740(0000) GS:ff1100009bf64000(0000) knlGS:0000000000000000 [ 27.620914][ T779] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 27.621019][ T779] CR2: 00007fad2740a0a0 CR3: 000000000e36c006 CR4: 0000000000771ef0 [ 27.621143][ T779] PKRU: 55555554 [ 27.621206][ T779] Call Trace: [ 27.621268][ T779] [ 27.621311][ T779] ? mptcp_pm_nl_del_addr_doit (net/mptcp/pm_kernel.c:1295) [ 27.621418][ T779] ? genl_family_rcv_msg_attrs_parse.isra.0 (net/netlink/genetlink.c:947) [ 27.621521][ T779] genl_family_rcv_msg_doit (net/netlink/genetlink.c:1117) [ 27.621605][ T779] ? genl_family_rcv_msg_attrs_parse.isra.0 (net/netlink/genetlink.c:1088) [ 27.621709][ T779] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 27.621792][ T779] ? perf_trace_sched_switch (kernel/sched/core.c:8782) [ 27.621874][ T779] ? genl_rcv_msg (net/netlink/genetlink.c:61 net/netlink/genetlink.c:57 net/netlink/genetlink.c:1209) [ 27.621960][ T779] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 27.622041][ T779] ? cap_capable (./include/trace/events/capability.h:26 (discriminator 33) security/commoncap.c:130 (discriminator 33)) [ 27.622126][ T779] genl_family_rcv_msg (net/netlink/genetlink.c:1195) [ 27.622209][ T779] ? genl_family_rcv_msg_dumpit (net/netlink/genetlink.c:1160) [ 27.622312][ T779] ? mptcp_pm_nl_del_addr_doit (net/mptcp/pm_kernel.c:1295) [ 27.622414][ T779] ? stack_trace_save (kernel/stacktrace.c:123) [ 27.622497][ T779] genl_rcv_msg (net/netlink/genetlink.c:65 net/netlink/genetlink.c:1211) [ 27.622580][ T779] netlink_rcv_skb (net/netlink/af_netlink.c:2550) [ 27.622664][ T779] ? genl_family_rcv_msg (net/netlink/genetlink.c:1201) [ 27.622748][ T779] ? netlink_ack (net/netlink/af_netlink.c:2527) [ 27.622829][ T779] ? perf_trace_sched_switch (kernel/sched/core.c:8782) [ 27.622912][ T779] ? netlink_deliver_tap (./include/linux/rcupdate.h:341 (discriminator 1) ./include/linux/rcupdate.h:897 (discriminator 1) ./include/net/netns/generic.h:48 (discriminator 1) net/netlink/af_netlink.c:333 (discriminator 1)) [ 27.622994][ T779] ? lock_acquire (./include/trace/events/lock.h:24 (discriminator 33) kernel/locking/lockdep.c:5831 (discriminator 33)) [ 27.623076][ T779] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 27.623158][ T779] genl_rcv (net/netlink/genetlink.c:1220) [ 27.623222][ T779] netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) [ 27.623304][ T779] ? netlink_attachskb (net/netlink/af_netlink.c:1329) [ 27.623386][ T779] ? __alloc_skb (./include/linux/bottom_half.h:20 (discriminator 1) net/core/skbuff.c:694 (discriminator 1)) [ 27.623470][ T779] ? napi_skb_cache_get (net/core/skbuff.c:673) [ 27.623552][ T779] ? trace_hardirqs_on (kernel/trace/trace_preemptirq.c:79 (discriminator 1)) [ 27.623636][ T779] ? __wake_up (kernel/sched/wait.c:129 kernel/sched/wait.c:146) [ 27.623702][ T779] netlink_sendmsg (net/netlink/af_netlink.c:1894) [ 27.623786][ T779] ? netlink_unicast (net/netlink/af_netlink.c:1813) [ 27.623868][ T779] ? __might_fault (mm/memory.c:7174 (discriminator 4)) [ 27.623951][ T779] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 27.624031][ T779] ? lock_release (./include/trace/events/lock.h:69 (discriminator 33) kernel/locking/lockdep.c:5879 (discriminator 33)) [ 27.624114][ T779] __sys_sendto (net/socket.c:730 (discriminator 1) net/socket.c:742 (discriminator 1) net/socket.c:2206 (discriminator 1)) [ 27.624194][ T779] ? __ia32_sys_getpeername (net/socket.c:2173) [ 27.624277][ T779] ? do_raw_spin_unlock (./arch/x86/include/asm/atomic.h:23 ./include/linux/atomic/atomic-arch-fallback.h:457 ./include/linux/atomic/atomic-instrumented.h:33 ./include/asm-generic/qspinlock.h:57 kernel/locking/spinlock_debug.c:101 kernel/locking/spinlock_debug.c:141) [ 27.624358][ T779] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 27.624440][ T779] ? fd_install (./include/linux/rcupdate.h:331 (discriminator 1) ./include/linux/rcupdate.h:958 (discriminator 1) fs/file.c:688 (discriminator 1)) [ 27.624524][ T779] ? handle_mm_fault (mm/memory.c:6580) [ 27.624605][ T779] ? update_socket_protocol+0x10/0x10 [ 27.624687][ T779] ? lock_release (./include/trace/events/lock.h:69 (discriminator 33) kernel/locking/lockdep.c:5879 (discriminator 33)) [ 27.624769][ T779] __x64_sys_sendto (net/socket.c:2213 (discriminator 1) net/socket.c:2209 (discriminator 1) net/socket.c:2209 (discriminator 1)) [ 27.624853][ T779] ? trace_irq_enable.constprop.0 (./include/trace/events/preemptirq.h:40 (discriminator 33)) [ 27.624955][ T779] ? trace_hardirqs_on (kernel/trace/trace_preemptirq.c:79 (discriminator 1)) [ 27.625035][ T779] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) [ 27.625120][ T779] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131) [ 27.625221][ T779] RIP: 0033:0x7fad27419c5e [ 27.625308][ T779] Code: 4d 89 d8 e8 14 bd 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa All code ======== 0: 4d 89 d8 mov %r11,%r8 3: e8 14 bd 00 00 call 0xbd1c 8: 4c 8b 5d f8 mov -0x8(%rbp),%r11 c: 41 8b 93 08 03 00 00 mov 0x308(%r11),%edx 13: 59 pop %rcx 14: 5e pop %rsi 15: 48 83 f8 fc cmp $0xfffffffffffffffc,%rax 19: 74 11 je 0x2c 1b: c9 leave 1c: c3 ret 1d: 0f 1f 80 00 00 00 00 nopl 0x0(%rax) 24: 48 8b 45 10 mov 0x10(%rbp),%rax 28: 0f 05 syscall 2a:* c9 leave <-- trapping instruction 2b: c3 ret 2c: 83 e2 39 and $0x39,%edx 2f: 83 fa 08 cmp $0x8,%edx 32: 75 e7 jne 0x1b 34: e8 13 ff ff ff call 0xffffffffffffff4c 39: 0f 1f 00 nopl (%rax) 3c: f3 0f 1e fa endbr64 Code starting with the faulting instruction =========================================== 0: c9 leave 1: c3 ret 2: 83 e2 39 and $0x39,%edx 5: 83 fa 08 cmp $0x8,%edx 8: 75 e7 jne 0xfffffffffffffff1 a: e8 13 ff ff ff call 0xffffffffffffff22 f: 0f 1f 00 nopl (%rax) 12: f3 0f 1e fa endbr64 [ 27.625596][ T779] RSP: 002b:00007fff4f9c8dc0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c [ 27.625726][ T779] RAX: ffffffffffffffda RBX: 00007fff4f9c8e70 RCX: 00007fad27419c5e [ 27.625849][ T779] RDX: 0000000000000014 RSI: 00007fff4f9c8e70 RDI: 0000000000000005 [ 27.625972][ T779] RBP: 00007fff4f9c8dd0 R08: 00007fff4f9c8e34 R09: 000000000000000c [ 27.626094][ T779] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014 Finger prints: __lookup_object:delete_object_full:kfree:mptcp_pm_nl_flush_addrs_doit:genl_family_rcv_msg_doit print_report:kasan_report_invalid_free:check_slab_allocation:kfree:mptcp_pm_nl_flush_addrs_doit mptcp_pm_nl_flush_addrs_doit:genl_family_rcv_msg_doit:genl_family_rcv_msg:genl_rcv_msg:netlink_rcv_skb