====================================== | xx__-> [ 1144.170509][ T12] ================================================================== | [ 1144.170759][ T12] BUG: KASAN: slab-use-after-free in idr_for_each (./include/linux/radix-tree.h:424 lib/idr.c:204) | [ 1144.170922][ T12] Read of size 8 at addr ff11000012a16a70 by task kworker/u16:0/12 | [ 1144.171079][ T12] [ 1144.171137][ T12] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 1144.171139][ T12] Workqueue: netns cleanup_net [ 1144.171145][ T12] Call Trace: [ 1144.171147][ T12] [ 1144.171149][ T12] dump_stack_lvl (lib/dump_stack.c:122) [ 1144.171154][ T12] print_address_description.constprop.0 (mm/kasan/report.c:379) [ 1144.171159][ T12] print_report (mm/kasan/report.c:483) [ 1144.171161][ T12] ? idr_for_each (./include/linux/radix-tree.h:424 lib/idr.c:204) [ 1144.171163][ T12] ? __virt_addr_valid (./include/linux/rcupdate.h:981 (discriminator 3) ./include/linux/mmzone.h:2194 (discriminator 3) arch/x86/mm/physaddr.c:54 (discriminator 3)) [ 1144.171167][ T12] ? idr_for_each (./include/linux/radix-tree.h:424 lib/idr.c:204) [ 1144.171168][ T12] kasan_report (mm/kasan/report.c:597) [ 1144.171172][ T12] ? idr_for_each (./include/linux/radix-tree.h:424 lib/idr.c:204) [ 1144.171174][ T12] ? rtnl_net_notifyid (net/core/net_namespace.c:628) [ 1144.171176][ T12] idr_for_each (./include/linux/radix-tree.h:424 lib/idr.c:204) [ 1144.171178][ T12] ? idr_find (lib/idr.c:199) [ 1144.171180][ T12] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536) [ 1144.171184][ T12] ? __up_write (kernel/locking/rwsem.c:1388 (discriminator 3)) [ 1144.171185][ T12] ? cleanup_net (net/core/net_namespace.c:656 net/core/net_namespace.c:700) [ 1144.171187][ T12] cleanup_net (net/core/net_namespace.c:658 net/core/net_namespace.c:700) [ 1144.171188][ T12] ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870) [ 1144.171190][ T12] ? process_one_work (kernel/workqueue.c:3233 (discriminator 1)) [ 1144.171193][ T12] ? net_passive_dec (net/core/net_namespace.c:668) [ 1144.171194][ T12] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 1144.171197][ T12] ? process_one_work (kernel/workqueue.c:3233 (discriminator 1)) [ 1144.171198][ T12] ? lock_acquire (./include/trace/events/lock.h:24 (discriminator 33) kernel/locking/lockdep.c:5831 (discriminator 33)) [ 1144.171199][ T12] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 1144.171201][ T12] process_one_work (kernel/workqueue.c:3262) [ 1144.171204][ T12] ? pwq_dec_nr_in_flight (kernel/workqueue.c:3159) [ 1144.171205][ T12] ? lock_acquire.part.0 (kernel/locking/lockdep.c:470 kernel/locking/lockdep.c:5870) [ 1144.171208][ T12] ? assign_work (kernel/workqueue.c:1200) [ 1144.171209][ T12] worker_thread (kernel/workqueue.c:3334 (discriminator 2) kernel/workqueue.c:3421 (discriminator 2)) [ 1144.171212][ T12] ? process_one_work (kernel/workqueue.c:3367) [ 1144.171213][ T12] kthread (kernel/kthread.c:463) [ 1144.171215][ T12] ? kthread_is_per_cpu (kernel/kthread.c:412) [ 1144.171217][ T12] ? __lock_release.isra.0 (kernel/locking/lockdep.c:5536) [ 1144.171219][ T12] ? rcu_is_watching (./include/linux/context_tracking.h:128 (discriminator 1) kernel/rcu/tree.c:751 (discriminator 1)) [ 1144.171220][ T12] ? kthread_is_per_cpu (kernel/kthread.c:412) [ 1144.171221][ T12] ret_from_fork (arch/x86/kernel/process.c:164) [ 1144.171225][ T12] ? arch_exit_to_user_mode_prepare.isra.0 (arch/x86/entry/syscall_64.c:37) [ 1144.171228][ T12] ? __switch_to (./arch/x86/include/asm/cpufeature.h:101 arch/x86/kernel/process_64.c:377 arch/x86/kernel/process_64.c:665) [ 1144.171230][ T12] ? kthread_is_per_cpu (kernel/kthread.c:412) Finger prints: print_report:kasan_report:idr_for_each:cleanup_net:process_one_work