[ 908.469121][T10108] br0: port 1(s0) entered blocking state [ 908.469714][T10108] br0: port 1(s0) entered disabled state [ 908.470096][T10108] s0: entered allmulticast mode [ 908.472328][T10108] s0: entered promiscuous mode [ 908.612764][T10109] bond0: (slave eth0): making interface the new active one [ 908.613717][T10109] bond0: (slave eth0): Enslaving as an active interface with an up link [ 908.616540][ T38] br0: port 1(s0) entered blocking state [ 908.617013][ T38] br0: port 1(s0) entered forwarding state [ 909.215846][T10113] br0: port 2(s1) entered blocking state [ 909.216236][T10113] br0: port 2(s1) entered disabled state [ 909.216592][T10113] s1: entered allmulticast mode [ 909.218798][T10113] s1: entered promiscuous mode [ 909.371329][T10114] bond0: (slave eth1): Enslaving as a backup interface with an up link [ 909.372869][ T38] br0: port 2(s1) entered blocking state [ 909.373217][ T38] br0: port 2(s1) entered forwarding state [ 910.668779][T10122] br0: port 3(c0) entered blocking state [ 910.669279][T10122] br0: port 3(c0) entered disabled state [ 910.669807][T10122] c0: entered allmulticast mode [ 910.674167][T10122] c0: entered promiscuous mode [ 910.851771][ T5216] br0: port 3(c0) entered blocking state [ 910.852129][ T5216] br0: port 3(c0) entered forwarding state [ 911.975794][T10132] bond0 (unregistering): (slave eth0): Releasing backup interface [ 911.985834][T10132] bond0 (unregistering): (slave eth1): Releasing backup interface [ 911.994783][T10132] bond0 (unregistering): Released all slaves [ 912.021456][ T46] br0: port 1(s0) entered disabled state [ 912.023906][ T46] br0: port 2(s1) entered disabled state [ 912.464167][T10136] bond0: (slave eth0): making interface the new active one [ 912.466371][T10136] bond0: (slave eth0): Enslaving as an active interface with an up link [ 912.467606][ T46] br0: port 1(s0) entered blocking state [ 912.468109][ T46] br0: port 1(s0) entered forwarding state [ 912.605738][T10137] bond0: (slave eth1): Enslaving as a backup interface with an up link [ 912.607085][ T37] br0: port 2(s1) entered blocking state [ 912.607602][ T37] br0: port 2(s1) entered forwarding state [ 914.701794][T10151] eth0: entered promiscuous mode [ 918.134926][T10160] ================================================================== [ 918.135274][T10160] BUG: KASAN: global-out-of-bounds in snmp6_seq_show_item64.constprop.0+0x341/0x500 [ 918.135635][T10160] Read of size 8 at addr ffffffffa08ed870 by task nstat/10160 [ 918.135997][T10160] [ 918.136107][T10160] CPU: 1 UID: 0 PID: 10160 Comm: nstat Not tainted 6.17.0-rc3-virtme #1 PREEMPT(full) [ 918.136114][T10160] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 918.136118][T10160] Call Trace: [ 918.136121][T10160] [ 918.136124][T10160] dump_stack_lvl+0x82/0xc0 [ 918.136134][T10160] print_address_description.constprop.0+0x2c/0x3a0 [ 918.136150][T10160] ? snmp6_seq_show_item64.constprop.0+0x341/0x500 [ 918.136155][T10160] print_report+0xb4/0x270 [ 918.136159][T10160] ? snmp6_seq_show_item64.constprop.0+0x341/0x500 [ 918.136162][T10160] ? kasan_addr_to_slab+0x21/0x70 [ 918.136166][T10160] ? snmp6_seq_show_item64.constprop.0+0x341/0x500 [ 918.136171][T10160] kasan_report+0xca/0x100 [ 918.136176][T10160] ? snmp6_seq_show_item64.constprop.0+0x341/0x500 [ 918.136184][T10160] snmp6_seq_show_item64.constprop.0+0x341/0x500 [ 918.136190][T10160] ? sockstat6_seq_show+0x1d0/0x1d0 [ 918.136202][T10160] ? rcu_is_watching+0x12/0xb0 [ 918.136206][T10160] ? trace_kmalloc+0x26/0xd0 [ 918.136212][T10160] ? __kvmalloc_node_noprof+0x23f/0x570 [ 918.136219][T10160] snmp6_seq_show+0x68/0x190 [ 918.136224][T10160] seq_read_iter+0x3fa/0x1060 [ 918.136242][T10160] seq_read+0x2cc/0x4b0 [ 918.136249][T10160] ? seq_read_iter+0x1060/0x1060 [ 918.136254][T10160] ? __might_fault+0x117/0x170 [ 918.136265][T10160] ? memtype_check_insert+0x781/0x7a0 [ 918.136271][T10160] ? __might_fault+0x117/0x170 [ 918.136276][T10160] ? cp_new_stat+0x3c6/0x540 [ 918.136281][T10160] ? inode_set_bytes+0xa0/0xa0 [ 918.136286][T10160] proc_reg_read+0x1aa/0x270 [ 918.136298][T10160] vfs_read+0x17e/0xda0 [ 918.136305][T10160] ? vfs_getattr_nosec+0x2b5/0x3e0 [ 918.136309][T10160] ? kernel_read+0x1f0/0x1f0 [ 918.136313][T10160] ? vfs_fstat+0x3f/0x80 [ 918.136317][T10160] ? __do_sys_newfstat+0x7b/0xc0 [ 918.136320][T10160] ? __do_sys_fstat+0xc0/0xc0 [ 918.136327][T10160] ksys_read+0xf7/0x1d0 [ 918.136331][T10160] ? vfs_write+0x12c0/0x12c0 [ 918.136337][T10160] do_syscall_64+0xc1/0x370 [ 918.136343][T10160] entry_SYSCALL_64_after_hwframe+0x4b/0x53 [ 918.136352][T10160] RIP: 0033:0x7f9eb3ae4292 [ 918.136356][T10160] Code: c0 e9 b2 fe ff ff 50 48 8d 3d 6a 15 0c 00 e8 65 e1 01 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24 [ 918.136359][T10160] RSP: 002b:00007fffd6e0b108 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 918.136367][T10160] RAX: ffffffffffffffda RBX: 0000000018998910 RCX: 00007f9eb3ae4292 [ 918.136371][T10160] RDX: 0000000000000400 RSI: 0000000018998500 RDI: 0000000000000006 [ 918.136374][T10160] RBP: 00007f9eb3bdc5c0 R08: 0000000000000006 R09: 0000000000000000 [ 918.136376][T10160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000018998910 [ 918.136379][T10160] R13: 0000000000000d68 R14: 00007f9eb3bdb9c0 R15: 0000000000000d68 [ 918.136389][T10160] [ 918.136391][T10160] [ 918.146298][T10160] The buggy address belongs to the variable: [ 918.146527][T10160] snmp6_ipstats_list+0x210/0x3e0 [ 918.146740][T10160] [ 918.146841][T10160] The buggy address belongs to the physical page: [ 918.147056][T10160] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ed [ 918.147441][T10160] flags: 0x80000000002000(reserved|node=0|zone=1) [ 918.147674][T10160] raw: 0080000000002000 ffffea0000403b48 ffffea0000403b48 0000000000000000 [ 918.148020][T10160] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 918.148343][T10160] page dumped because: kasan: bad access detected [ 918.148574][T10160] [ 918.148686][T10160] Memory state around the buggy address: [ 918.148860][T10160] ffffffffa08ed700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 918.149188][T10160] ffffffffa08ed780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 918.149432][T10160] >ffffffffa08ed800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f9 f9 [ 918.149669][T10160] ^ [ 918.149993][T10160] ffffffffa08ed880: f9 f9 f9 f9 00 00 00 00 00 01 f9 f9 f9 f9 f9 f9 [ 918.150238][T10160] ffffffffa08ed900: 00 00 04 f9 f9 f9 f9 f9 00 00 00 01 f9 f9 f9 f9 [ 918.150469][T10160] ================================================================== [ 918.151447][T10160] Disabling lock debugging due to kernel taint [ 936.160535][T10260] eth0: left promiscuous mode [ 936.252286][T10261] bond0 (unregistering): (slave eth0): Releasing backup interface [ 936.264146][T10261] bond0 (unregistering): (slave eth1): Releasing backup interface [ 936.270125][T10261] bond0 (unregistering): Released all slaves [ 936.282277][ T46] br0: port 1(s0) entered disabled state [ 936.284235][ T46] br0: port 2(s1) entered disabled state [ 936.549544][T10265] bond0: (slave eth0): making interface the new active one [ 936.550638][T10265] bond0: (slave eth0): Enslaving as an active interface with an up link [ 936.551736][ T37] br0: port 1(s0) entered blocking state [ 936.551989][ T37] br0: port 1(s0) entered forwarding state [ 936.645245][T10266] bond0: (slave eth1): Enslaving as a backup interface with an up link [ 936.645882][ T46] br0: port 2(s1) entered blocking state [ 936.646138][ T46] br0: port 2(s1) entered forwarding state [ 959.535483][T10393] bond0 (unregistering): (slave eth0): Releasing backup interface [ 959.544263][T10393] bond0 (unregistering): (slave eth1): Releasing backup interface [ 959.551214][T10393] bond0 (unregistering): Released all slaves [ 959.560118][ T38] br0: port 1(s0) entered disabled state [ 959.561051][ T38] br0: port 2(s1) entered disabled state [ 959.838368][T10397] bond0: (slave eth0): making interface the new active one [ 959.839099][T10397] bond0: (slave eth0): Enslaving as an active interface with an up link [ 959.840156][ T46] br0: port 1(s0) entered blocking state [ 959.840344][ T46] br0: port 1(s0) entered forwarding state [ 959.926822][T10398] bond0: (slave eth1): Enslaving as an active interface with an up link [ 959.927371][ T46] br0: port 2(s1) entered blocking state [ 959.927583][ T46] br0: port 2(s1) entered forwarding state [ 962.393122][T10421] eth0: entered promiscuous mode [ 983.980061][T10530] eth0: left promiscuous mode [ 984.074097][T10531] bond0 (unregistering): (slave eth0): Releasing active interface [ 984.096209][T10531] bond0 (unregistering): (slave eth1): Releasing active interface [ 984.106765][T10531] bond0 (unregistering): Released all slaves [ 984.114773][ T37] br0: port 1(s0) entered disabled state [ 984.116186][ T37] br0: port 2(s1) entered disabled state [ 984.384880][T10536] bond0: (slave eth0): making interface the new active one [ 984.385686][T10536] bond0: (slave eth0): Enslaving as an active interface with an up link [ 984.386413][ T5216] br0: port 1(s0) entered blocking state [ 984.386723][ T5216] br0: port 1(s0) entered forwarding state [ 984.491274][T10537] bond0: (slave eth1): Enslaving as an active interface with an up link [ 984.492076][ T38] br0: port 2(s1) entered blocking state [ 984.492349][ T38] br0: port 2(s1) entered forwarding state [ 1008.227571][T10667] bond0 (unregistering): (slave eth0): Releasing active interface [ 1008.243149][T10667] bond0 (unregistering): (slave eth1): Releasing active interface [ 1008.253796][T10667] bond0 (unregistering): Released all slaves [ 1008.272804][ T37] br0: port 1(s0) entered disabled state [ 1008.273808][ T37] br0: port 2(s1) entered disabled state [ 1008.547389][T10671] bond0: (slave eth0): making interface the new active one [ 1008.548244][T10671] bond0: (slave eth0): Enslaving as an active interface with an up link [ 1008.548794][ T38] br0: port 1(s0) entered blocking state [ 1008.548998][ T38] br0: port 1(s0) entered forwarding state [ 1008.636351][T10672] bond0: (slave eth1): Enslaving as an active interface with an up link [ 1008.636969][ T37] br0: port 2(s1) entered blocking state [ 1008.637183][ T37] br0: port 2(s1) entered forwarding state [ 1010.400630][T10689] eth0: entered promiscuous mode [ 1031.420255][T10798] eth0: left promiscuous mode [ 1031.524591][T10799] bond0 (unregistering): (slave eth0): Releasing active interface [ 1031.535651][T10799] bond0 (unregistering): (slave eth1): Releasing active interface [ 1031.545237][T10799] bond0 (unregistering): Released all slaves [ 1031.563305][ T38] br0: port 1(s0) entered disabled state [ 1031.564655][ T38] br0: port 2(s1) entered disabled state [ 1031.809585][T10803] bond0: (slave eth0): making interface the new active one [ 1031.810506][T10803] bond0: (slave eth0): Enslaving as an active interface with an up link [ 1031.811096][ T46] br0: port 1(s0) entered blocking state [ 1031.811342][ T46] br0: port 1(s0) entered forwarding state [ 1031.917111][T10804] bond0: (slave eth1): Enslaving as an active interface with an up link [ 1031.918182][ T46] br0: port 2(s1) entered blocking state [ 1031.918482][ T46] br0: port 2(s1) entered forwarding state [ 1054.787364][T10930] br0: port 3(c0) entered disabled state [ 1054.790847][T10930] c0 (unregistering): left allmulticast mode [ 1054.791154][T10930] c0 (unregistering): left promiscuous mode [ 1054.791431][T10930] br0: port 3(c0) entered disabled state [ 1055.128204][T10937] br0: port 1(s0) entered disabled state [ 1055.132386][T10937] bond0: (slave eth0): Releasing active interface [ 1055.132671][T10937] bond0: (slave eth0): the permanent HWaddr of slave - 22:11:9a:5f:e7:8c - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts [ 1055.133200][T10937] bond0: (slave eth1): making interface the new active one [ 1055.154378][T10937] s0 (unregistering): left allmulticast mode [ 1055.154724][T10937] s0 (unregistering): left promiscuous mode [ 1055.154992][T10937] br0: port 1(s0) entered disabled state [ 1055.244845][T10938] br0: port 2(s1) entered disabled state [ 1055.249086][T10938] bond0: (slave eth1): Releasing active interface [ 1055.263388][T10938] s1 (unregistering): left allmulticast mode [ 1055.263681][T10938] s1 (unregistering): left promiscuous mode [ 1055.263892][T10938] br0: port 2(s1) entered disabled state [ 1055.417699][ T69] bond0 (unregistering): Released all slaves