[ 317.953925][ T1921] br0: port 1(s0) entered blocking state [ 317.954345][ T1921] br0: port 1(s0) entered disabled state [ 317.954664][ T1921] s0: entered allmulticast mode [ 317.957665][ T1921] s0: entered promiscuous mode [ 318.085440][ T1922] bond0: (slave eth0): making interface the new active one [ 318.086372][ T1922] bond0: (slave eth0): Enslaving as an active interface with an up link [ 318.087869][ T37] br0: port 1(s0) entered blocking state [ 318.088225][ T37] br0: port 1(s0) entered forwarding state [ 318.709470][ T1926] br0: port 2(s1) entered blocking state [ 318.709959][ T1926] br0: port 2(s1) entered disabled state [ 318.711305][ T1926] s1: entered allmulticast mode [ 318.715000][ T1926] s1: entered promiscuous mode [ 318.863970][ T1927] bond0: (slave eth1): Enslaving as a backup interface with an up link [ 318.865598][ T35] br0: port 2(s1) entered blocking state [ 318.865950][ T35] br0: port 2(s1) entered forwarding state [ 319.985127][ T1935] br0: port 3(c0) entered blocking state [ 319.985493][ T1935] br0: port 3(c0) entered disabled state [ 319.985828][ T1935] c0: entered allmulticast mode [ 319.988602][ T1935] c0: entered promiscuous mode [ 320.114962][ T35] br0: port 3(c0) entered blocking state [ 320.115315][ T35] br0: port 3(c0) entered forwarding state [ 321.150638][ T1945] bond0 (unregistering): (slave eth0): Releasing backup interface [ 321.158162][ T1945] bond0 (unregistering): (slave eth1): Releasing backup interface [ 321.167691][ T1945] bond0 (unregistering): Released all slaves [ 321.184596][ T36] br0: port 1(s0) entered disabled state [ 321.186892][ T36] br0: port 2(s1) entered disabled state [ 321.621825][ T1949] bond0: (slave eth0): making interface the new active one [ 321.623145][ T1949] bond0: (slave eth0): Enslaving as an active interface with an up link [ 321.624229][ T35] br0: port 1(s0) entered blocking state [ 321.624535][ T35] br0: port 1(s0) entered forwarding state [ 321.756272][ T1950] bond0: (slave eth1): Enslaving as a backup interface with an up link [ 321.757053][ T37] br0: port 2(s1) entered blocking state [ 321.757383][ T37] br0: port 2(s1) entered forwarding state [ 324.196524][ T1967] eth0: entered promiscuous mode [ 327.521838][ T1976] ================================================================== [ 327.522173][ T1976] BUG: KASAN: global-out-of-bounds in snmp6_seq_show_item64.constprop.0+0x341/0x500 [ 327.522501][ T1976] Read of size 8 at addr ffffffffb1aed870 by task nstat/1976 [ 327.522763][ T1976] [ 327.522862][ T1976] CPU: 1 UID: 0 PID: 1976 Comm: nstat Not tainted 6.17.0-rc3-virtme #1 PREEMPT(full) [ 327.522867][ T1976] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 327.522871][ T1976] Call Trace: [ 327.522875][ T1976] [ 327.522877][ T1976] dump_stack_lvl+0x82/0xc0 [ 327.522891][ T1976] print_address_description.constprop.0+0x2c/0x3a0 [ 327.522909][ T1976] ? snmp6_seq_show_item64.constprop.0+0x341/0x500 [ 327.522913][ T1976] print_report+0xb4/0x270 [ 327.522917][ T1976] ? snmp6_seq_show_item64.constprop.0+0x341/0x500 [ 327.522920][ T1976] ? kasan_addr_to_slab+0x21/0x70 [ 327.522924][ T1976] ? snmp6_seq_show_item64.constprop.0+0x341/0x500 [ 327.522927][ T1976] kasan_report+0xca/0x100 [ 327.522931][ T1976] ? snmp6_seq_show_item64.constprop.0+0x341/0x500 [ 327.522937][ T1976] snmp6_seq_show_item64.constprop.0+0x341/0x500 [ 327.522942][ T1976] ? sockstat6_seq_show+0x1d0/0x1d0 [ 327.522954][ T1976] ? rcu_is_watching+0x12/0xb0 [ 327.522964][ T1976] ? trace_kmalloc+0x26/0xd0 [ 327.522970][ T1976] ? __kvmalloc_node_noprof+0x23f/0x570 [ 327.522976][ T1976] snmp6_seq_show+0x68/0x190 [ 327.522979][ T1976] seq_read_iter+0x3fa/0x1060 [ 327.522994][ T1976] seq_read+0x2cc/0x4b0 [ 327.522998][ T1976] ? seq_read_iter+0x1060/0x1060 [ 327.523002][ T1976] ? __might_fault+0x117/0x170 [ 327.523012][ T1976] ? __do_cpuid_func+0x2b41/0x2df0 [ 327.523026][ T1976] ? __might_fault+0x117/0x170 [ 327.523031][ T1976] ? cp_new_stat+0x3c6/0x540 [ 327.523037][ T1976] ? inode_set_bytes+0xa0/0xa0 [ 327.523042][ T1976] proc_reg_read+0x1aa/0x270 [ 327.523056][ T1976] vfs_read+0x17e/0xda0 [ 327.523062][ T1976] ? vfs_getattr_nosec+0x2b5/0x3e0 [ 327.523066][ T1976] ? kernel_read+0x1f0/0x1f0 [ 327.523070][ T1976] ? vfs_fstat+0x3f/0x80 [ 327.523073][ T1976] ? __do_sys_newfstat+0x7b/0xc0 [ 327.523077][ T1976] ? __do_sys_fstat+0xc0/0xc0 [ 327.523084][ T1976] ksys_read+0xf7/0x1d0 [ 327.523087][ T1976] ? vfs_write+0x12c0/0x12c0 [ 327.523094][ T1976] do_syscall_64+0xc1/0x370 [ 327.523100][ T1976] entry_SYSCALL_64_after_hwframe+0x4b/0x53 [ 327.523108][ T1976] RIP: 0033:0x7fe7ce463292 [ 327.523112][ T1976] Code: c0 e9 b2 fe ff ff 50 48 8d 3d 6a 15 0c 00 e8 65 e1 01 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24 [ 327.523114][ T1976] RSP: 002b:00007ffdab13cc58 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 327.523122][ T1976] RAX: ffffffffffffffda RBX: 0000000024ab8910 RCX: 00007fe7ce463292 [ 327.523124][ T1976] RDX: 0000000000000400 RSI: 0000000024ab8500 RDI: 0000000000000006 [ 327.523126][ T1976] RBP: 00007fe7ce55b5c0 R08: 0000000000000006 R09: 0000000000000000 [ 327.523128][ T1976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000024ab8910 [ 327.523130][ T1976] R13: 0000000000000d68 R14: 00007fe7ce55a9c0 R15: 0000000000000d68 [ 327.523136][ T1976] [ 327.523138][ T1976] [ 327.531823][ T1976] The buggy address belongs to the variable: [ 327.532023][ T1976] snmp6_ipstats_list+0x210/0x3e0 [ 327.532218][ T1976] [ 327.532303][ T1976] The buggy address belongs to the physical page: [ 327.532503][ T1976] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eced [ 327.532803][ T1976] flags: 0x80000000002000(reserved|node=0|zone=1) [ 327.533027][ T1976] raw: 0080000000002000 ffffea00007b3b48 ffffea00007b3b48 0000000000000000 [ 327.533322][ T1976] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 327.533610][ T1976] page dumped because: kasan: bad access detected [ 327.533808][ T1976] [ 327.533888][ T1976] Memory state around the buggy address: [ 327.534043][ T1976] ffffffffb1aed700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 327.534281][ T1976] ffffffffb1aed780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 327.534509][ T1976] >ffffffffb1aed800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f9 f9 [ 327.534737][ T1976] ^ [ 327.534991][ T1976] ffffffffb1aed880: f9 f9 f9 f9 00 00 00 00 00 01 f9 f9 f9 f9 f9 f9 [ 327.535222][ T1976] ffffffffb1aed900: 00 00 04 f9 f9 f9 f9 f9 00 00 00 01 f9 f9 f9 f9 [ 327.535449][ T1976] ================================================================== [ 327.536305][ T1976] Disabling lock debugging due to kernel taint [ 345.222062][ T2076] eth0: left promiscuous mode [ 345.314584][ T2077] bond0 (unregistering): (slave eth0): Releasing backup interface [ 345.329905][ T2077] bond0 (unregistering): (slave eth1): Releasing backup interface [ 345.339768][ T2077] bond0 (unregistering): Released all slaves [ 345.354822][ T37] br0: port 1(s0) entered disabled state [ 345.356856][ T37] br0: port 2(s1) entered disabled state [ 345.609675][ T2081] bond0: (slave eth0): making interface the new active one [ 345.610593][ T2081] bond0: (slave eth0): Enslaving as an active interface with an up link [ 345.611183][ T37] br0: port 1(s0) entered blocking state [ 345.611421][ T37] br0: port 1(s0) entered forwarding state [ 345.686918][ T2082] bond0: (slave eth1): Enslaving as a backup interface with an up link [ 345.687605][ T35] br0: port 2(s1) entered blocking state [ 345.687908][ T35] br0: port 2(s1) entered forwarding state [ 367.291112][ T2209] bond0 (unregistering): (slave eth0): Releasing backup interface [ 367.297087][ T2209] bond0 (unregistering): (slave eth1): Releasing backup interface [ 367.304692][ T2209] bond0 (unregistering): Released all slaves [ 367.319848][ T56] br0: port 1(s0) entered disabled state [ 367.324332][ T56] br0: port 2(s1) entered disabled state [ 367.560852][ T2213] bond0: (slave eth0): making interface the new active one [ 367.561578][ T2213] bond0: (slave eth0): Enslaving as an active interface with an up link [ 367.562195][ T36] br0: port 1(s0) entered blocking state [ 367.562388][ T36] br0: port 1(s0) entered forwarding state [ 367.652993][ T2214] bond0: (slave eth1): Enslaving as an active interface with an up link [ 367.653610][ T56] br0: port 2(s1) entered blocking state [ 367.653828][ T56] br0: port 2(s1) entered forwarding state [ 369.283337][ T2231] eth0: entered promiscuous mode [ 388.917052][ T2340] eth0: left promiscuous mode [ 389.023474][ T2341] bond0 (unregistering): (slave eth0): Releasing active interface [ 389.039674][ T2341] bond0 (unregistering): (slave eth1): Releasing active interface [ 389.045782][ T2341] bond0 (unregistering): Released all slaves [ 389.053539][ T35] br0: port 1(s0) entered disabled state [ 389.055161][ T35] br0: port 2(s1) entered disabled state [ 389.288263][ T2346] bond0: (slave eth0): making interface the new active one [ 389.288937][ T2346] bond0: (slave eth0): Enslaving as an active interface with an up link [ 389.289476][ T35] br0: port 1(s0) entered blocking state [ 389.289683][ T35] br0: port 1(s0) entered forwarding state [ 389.367277][ T2347] bond0: (slave eth1): Enslaving as an active interface with an up link [ 389.367925][ T56] br0: port 2(s1) entered blocking state [ 389.368158][ T56] br0: port 2(s1) entered forwarding state [ 411.339421][ T2480] bond0 (unregistering): (slave eth0): Releasing active interface [ 411.346541][ T2480] bond0 (unregistering): (slave eth1): Releasing active interface [ 411.353718][ T2480] bond0 (unregistering): Released all slaves [ 411.361654][ T35] br0: port 1(s0) entered disabled state [ 411.362551][ T35] br0: port 2(s1) entered disabled state [ 411.604744][ T2484] bond0: (slave eth0): making interface the new active one [ 411.612882][ T2484] bond0: (slave eth0): Enslaving as an active interface with an up link [ 411.614281][ T37] br0: port 1(s0) entered blocking state [ 411.614545][ T37] br0: port 1(s0) entered forwarding state [ 411.685803][ T2485] bond0: (slave eth1): Enslaving as an active interface with an up link [ 411.686381][ T35] br0: port 2(s1) entered blocking state [ 411.686577][ T35] br0: port 2(s1) entered forwarding state [ 413.526995][ T2505] eth0: entered promiscuous mode [ 432.818330][ T2614] eth0: left promiscuous mode [ 432.903543][ T2615] bond0 (unregistering): (slave eth0): Releasing active interface [ 432.909970][ T2615] bond0 (unregistering): (slave eth1): Releasing active interface [ 432.925466][ T2615] bond0 (unregistering): Released all slaves [ 432.932756][ T56] br0: port 1(s0) entered disabled state [ 432.933829][ T56] br0: port 2(s1) entered disabled state [ 433.199271][ T2619] bond0: (slave eth0): making interface the new active one [ 433.200129][ T2619] bond0: (slave eth0): Enslaving as an active interface with an up link [ 433.200647][ T37] br0: port 1(s0) entered blocking state [ 433.200843][ T37] br0: port 1(s0) entered forwarding state [ 433.276363][ T2620] bond0: (slave eth1): Enslaving as an active interface with an up link [ 433.277055][ T35] br0: port 2(s1) entered blocking state [ 433.277316][ T35] br0: port 2(s1) entered forwarding state [ 454.202550][ T2743] br0: port 3(c0) entered disabled state [ 454.206474][ T2743] c0 (unregistering): left allmulticast mode [ 454.206739][ T2743] c0 (unregistering): left promiscuous mode [ 454.206968][ T2743] br0: port 3(c0) entered disabled state [ 454.532918][ T2750] br0: port 1(s0) entered disabled state [ 454.537729][ T2750] bond0: (slave eth0): Releasing active interface [ 454.538025][ T2750] bond0: (slave eth0): the permanent HWaddr of slave - ae:a8:da:15:1c:47 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 454.538744][ T2750] bond0: (slave eth1): making interface the new active one [ 454.552510][ T2750] s0 (unregistering): left allmulticast mode [ 454.552868][ T2750] s0 (unregistering): left promiscuous mode [ 454.553111][ T2750] br0: port 1(s0) entered disabled state [ 454.645763][ T2751] br0: port 2(s1) entered disabled state [ 454.650044][ T2751] bond0: (slave eth1): Releasing active interface [ 454.674387][ T2751] s1 (unregistering): left allmulticast mode [ 454.674690][ T2751] s1 (unregistering): left promiscuous mode [ 454.674922][ T2751] br0: port 2(s1) entered disabled state [ 454.806488][ T270] bond0 (unregistering): Released all slaves