======================================
| [  858.281625][ T3993] ==================================================================
| [ 858.282028][ T3993] BUG: KASAN: slab-use-after-free in xsk_bind (net/xdp/xsk.c:1316) 
| [  858.282268][ T3993] Read of size 4 at addr ffff888006b2d17c by task xdp_helper/3993
| [  858.282507][ T3993]
[  858.282599][ T3993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
[  858.282601][ T3993] Call Trace:
[  858.282604][ T3993]  <TASK>
[ 858.282606][ T3993] dump_stack_lvl (lib/dump_stack.c:123) 
[ 858.282611][ T3993] print_address_description.constprop.0 (mm/kasan/report.c:379) 
[ 858.282618][ T3993] ? xsk_bind (net/xdp/xsk.c:1316) 
[ 858.282622][ T3993] print_report (mm/kasan/report.c:481) 
[ 858.282626][ T3993] ? xsk_bind (net/xdp/xsk.c:1316) 
[ 858.282629][ T3993] ? kasan_addr_to_slab (./include/linux/mm.h:1178 mm/kasan/../slab.h:211 mm/kasan/common.c:38) 
[ 858.282633][ T3993] ? xsk_bind (net/xdp/xsk.c:1316) 
[ 858.282636][ T3993] kasan_report (mm/kasan/report.c:595) 
[ 858.282640][ T3993] ? xsk_bind (net/xdp/xsk.c:1316) 
[ 858.282646][ T3993] xsk_bind (net/xdp/xsk.c:1316) 
[ 858.282651][ T3993] ? __pfx_xsk_bind (net/xdp/xsk.c:1157) 
[ 858.282656][ T3993] ? __might_fault (mm/memory.c:6971 mm/memory.c:6965) 
[ 858.282663][ T3993] __sys_bind (net/socket.c:1858 net/socket.c:1889) 
[ 858.282669][ T3993] ? __pfx___sys_bind (net/socket.c:1873) 
[ 858.282673][ T3993] ? vm_mmap_pgoff (mm/util.c:583) 
[ 858.282680][ T3993] ? __sys_setsockopt (./include/linux/file.h:62 ./include/linux/file.h:83 net/socket.c:2361) 
[ 858.282686][ T3993] __x64_sys_bind (net/socket.c:1892) 
[ 858.282689][ T3993] ? lockdep_hardirqs_on (kernel/locking/lockdep.c:4475) 
[ 858.282693][ T3993] do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) 
[ 858.282698][ T3993] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) 
[  858.282702][ T3993] RIP: 0033:0x7f5c6bb8ed3b
[ 858.282706][ T3993] Code: c3 66 0f 1f 44 00 00 48 8b 15 b9 90 0e 00 f7 d8 64 89 02 b8 ff ff ff ff eb bc 0f 1f 44 00 00 f3 0f 1e fa b8 31 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8d 90 0e 00 f7 d8 64 89 01 48
All code
========
   0:	c3                   	ret
   1:	66 0f 1f 44 00 00    	nopw   0x0(%rax,%rax,1)
   7:	48 8b 15 b9 90 0e 00 	mov    0xe90b9(%rip),%rdx        # 0xe90c7
   e:	f7 d8                	neg    %eax
  10:	64 89 02             	mov    %eax,%fs:(%rdx)
  13:	b8 ff ff ff ff       	mov    $0xffffffff,%eax
  18:	eb bc                	jmp    0xffffffffffffffd6
  1a:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  1f:	f3 0f 1e fa          	endbr64
  23:	b8 31 00 00 00       	mov    $0x31,%eax
  28:	0f 05                	syscall
  2a:*	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax		<-- trapping instruction
  30:	73 01                	jae    0x33
  32:	c3                   	ret
  33:	48 8b 0d 8d 90 0e 00 	mov    0xe908d(%rip),%rcx        # 0xe90c7
  3a:	f7 d8                	neg    %eax
  3c:	64 89 01             	mov    %eax,%fs:(%rcx)
  3f:	48                   	rex.W

Code starting with the faulting instruction
===========================================
   0:	48 3d 01 f0 ff ff    	cmp    $0xfffffffffffff001,%rax
   6:	73 01                	jae    0x9
   8:	c3                   	ret
   9:	48 8b 0d 8d 90 0e 00 	mov    0xe908d(%rip),%rcx        # 0xe909d
  10:	f7 d8                	neg    %eax
  12:	64 89 01             	mov    %eax,%fs:(%rcx)
  15:	48                   	rex.W
[  858.282709][ T3993] RSP: 002b:00007ffdb63426c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000031
[  858.282713][ T3993] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5c6bb8ed3b
[  858.282716][ T3993] RDX: 0000000000000010 RSI: 00007ffdb63426e0 RDI: 0000000000000003
[  858.282718][ T3993] RBP: 0000000000000003 R08: 0000000000000004 R09: 0000000000000000
[  858.282720][ T3993] R10: 00007f5c6ba8fd68 R11: 0000000000000202 R12: 0000000000000000


Finger prints:
print_report:kasan_report:xsk_bind:__sys_bind:__x64_sys_bind