make -C tools/testing/selftests TARGETS=net/forwarding TEST_PROGS=q_in_vnii.sh TEST_GEN_PROGS="" run_tests make: Entering directory '/home/virtme/testing-4/tools/testing/selftests' make[1]: Entering directory '/home/virtme/testing-4/tools/testing/selftests/net/forwarding' make[1]: Nothing to be done for 'all'. make[1]: Leaving directory '/home/virtme/testing-4/tools/testing/selftests/net/forwarding' make[1]: Entering directory '/home/virtme/testing-4/tools/testing/selftests/net/forwarding' TAP version 13 1..1 # timeout set to 10800 # selftests: net/forwarding: q_in_vni.sh [ 396.919333][ T2569] br1: port 1(vx100) entered blocking state [ 396.919753][ T2569] br1: port 1(vx100) entered disabled state [ 396.920198][ T2569] vx100: entered allmulticast mode [ 396.936375][ T2569] vx100: entered promiscuous mode [ 396.937525][ T2569] br1: port 1(vx100) entered blocking state [ 396.937916][ T2569] br1: port 1(vx100) entered forwarding state [ 397.254188][ T2571] br1: port 2(veth1) entered blocking state [ 397.254522][ T2571] br1: port 2(veth1) entered disabled state [ 397.254861][ T2571] veth1: entered allmulticast mode [ 397.257211][ T2571] veth1: entered promiscuous mode [ 397.408317][ T2371] br1: port 2(veth1) entered blocking state [ 397.408645][ T2371] br1: port 2(veth1) entered forwarding state [ 397.686703][ T2574] br1: port 3(veth2) entered blocking state [ 397.687053][ T2574] br1: port 3(veth2) entered disabled state [ 397.687392][ T2574] veth2: entered allmulticast mode [ 397.690358][ T2574] veth2: entered promiscuous mode [ 397.836720][ T2371] br1: port 3(veth2) entered blocking state [ 397.837061][ T2371] br1: port 3(veth2) entered forwarding state [ 402.775488][ T2623] br2: port 1(w1) entered blocking state [ 402.775812][ T2623] br2: port 1(w1) entered disabled state [ 402.776146][ T2623] w1: entered allmulticast mode [ 402.779217][ T2623] w1: entered promiscuous mode [ 403.772549][ T2631] br2: port 2(vx100) entered blocking state [ 403.772885][ T2631] br2: port 2(vx100) entered disabled state [ 403.773244][ T2631] vx100: entered allmulticast mode [ 403.776019][ T2631] vx100: entered promiscuous mode [ 403.776611][ T2631] br2: port 2(vx100) entered blocking state [ 403.776920][ T2631] br2: port 2(vx100) entered forwarding state [ 404.998082][ T50] br2: port 1(w1) entered blocking state [ 404.998417][ T50] br2: port 1(w1) entered forwarding state [ 408.530813][ T2666] br2: port 1(w1) entered blocking state [ 408.531152][ T2666] br2: port 1(w1) entered disabled state [ 408.531477][ T2666] w1: entered allmulticast mode [ 408.533701][ T2666] w1: entered promiscuous mode [ 409.551946][ T2673] br2: port 2(vx100) entered blocking state [ 409.552307][ T2673] br2: port 2(vx100) entered disabled state [ 409.552650][ T2673] vx100: entered allmulticast mode [ 409.554848][ T2673] vx100: entered promiscuous mode [ 409.555445][ T2673] br2: port 2(vx100) entered blocking state [ 409.555751][ T2673] br2: port 2(vx100) entered forwarding state [ 410.743471][ T50] br2: port 1(w1) entered blocking state [ 410.743812][ T50] br2: port 1(w1) entered forwarding state # Running tests with UDP port 4789 # TEST: ping: local->local [ OK ] # TEST: ping: local->remote 1 [ OK ] # TEST: ping: local->remote 2 [ OK ] [ 424.963292][ T72] vx100: left allmulticast mode [ 424.963606][ T72] vx100: left promiscuous mode [ 424.964053][ T72] br2: port 2(vx100) entered disabled state [ 424.976344][ T72] w1: left allmulticast mode [ 424.976604][ T72] w1: left promiscuous mode [ 424.976972][ T72] br2: port 1(w1) entered disabled state [ 425.082757][ T72] ================================================================== [ 425.083227][ T72] BUG: KASAN: slab-use-after-free in vxlan_netdevice_event+0x32f/0x340 [vxlan] [ 425.083742][ T72] Read of size 8 at addr ffff888005bd0bd0 by task kworker/u8:1/72 [ 425.084149][ T72] [ 425.084275][ T72] CPU: 1 PID: 72 Comm: kworker/u8:1 Not tainted 6.8.0-rc2-virtme #1 [ 425.084697][ T72] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 425.085318][ T72] Workqueue: netns cleanup_net [ 425.085572][ T72] Call Trace: [ 425.085752][ T72] <TASK> [ 425.085916][ T72] dump_stack_lvl+0x64/0xb0 [ 425.086164][ T72] print_address_description.constprop.0+0x2c/0x3b0 [ 425.086546][ T72] ? vxlan_netdevice_event+0x32f/0x340 [vxlan] [ 425.086883][ T72] print_report+0xb5/0x270 [ 425.087108][ T72] ? kasan_addr_to_slab+0x4e/0x90 [ 425.087393][ T72] kasan_report+0xbe/0xf0 [ 425.087645][ T72] ? vxlan_netdevice_event+0x32f/0x340 [vxlan] [ 425.087973][ T72] vxlan_netdevice_event+0x32f/0x340 [vxlan] [ 425.088288][ T72] ? __pfx_vlan_device_event+0x10/0x10 [8021q] [ 425.088628][ T72] ? __pfx_vxlan_netdevice_event+0x10/0x10 [vxlan] [ 425.088994][ T72] ? _raw_spin_unlock+0x23/0x40 [ 425.089262][ T72] ? mirred_device_event+0x185/0x210 [act_mirred] [ 425.089589][ T72] notifier_call_chain+0x9a/0x290 [ 425.089850][ T72] unregister_netdevice_many_notify+0x55a/0x1180 [ 425.090174][ T72] ? mutex_is_locked+0x17/0x50 [ 425.090419][ T72] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 425.090760][ T72] ? vrf_dellink+0x101/0x150 [vrf] [ 425.091030][ T72] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 425.091349][ T72] default_device_exit_batch+0x228/0x2c0 [ 425.091634][ T72] ? __pfx_default_device_exit_batch+0x10/0x10 [ 425.091960][ T72] ? mutex_is_locked+0x17/0x50 [ 425.092204][ T72] ? nexthop_net_exit_batch_rtnl+0x83/0x210 [ 425.092504][ T72] cleanup_net+0x4f3/0xa20 [ 425.092731][ T72] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 425.093017][ T72] ? __pfx_cleanup_net+0x10/0x10 [ 425.093269][ T72] ? lock_acquire+0x1c1/0x220 [ 425.093508][ T72] ? process_one_work+0x714/0x1310 [ 425.093771][ T72] process_one_work+0x78c/0x1310 [ 425.094069][ T72] ? hlock_class+0x4e/0x130 [ 425.094300][ T72] ? __pfx_process_one_work+0x10/0x10 [ 425.094581][ T72] ? assign_work+0x16c/0x240 [ 425.094846][ T72] worker_thread+0x73d/0x1010 [ 425.095108][ T72] ? lockdep_hardirqs_on_prepare.part.0+0x1b1/0x370 [ 425.095483][ T72] ? __pfx_worker_thread+0x10/0x10 [ 425.095761][ T72] ? __pfx_worker_thread+0x10/0x10 [ 425.096033][ T72] kthread+0x28f/0x360 [ 425.096269][ T72] ? __pfx_kthread+0x10/0x10 [ 425.096506][ T72] ret_from_fork+0x31/0x70 [ 425.096731][ T72] ? __pfx_kthread+0x10/0x10 [ 425.096966][ T72] ret_from_fork_asm+0x1b/0x30 [ 425.097216][ T72] </TASK> [ 425.097371][ T72] [ 425.097492][ T72] Allocated by task 72: [ 425.097703][ T72] kasan_save_stack+0x24/0x50 [ 425.097941][ T72] kasan_save_track+0x14/0x30 [ 425.098180][ T72] __kasan_kmalloc+0x7f/0x90 [ 425.098422][ T72] __kmalloc_node_track_caller+0x1fb/0x440 [ 425.098716][ T72] kmalloc_reserve+0xbc/0x1f0 [ 425.098955][ T72] pskb_expand_head+0x1f4/0xff0 [ 425.099203][ T72] netlink_trim+0x198/0x200 [ 425.099434][ T72] netlink_broadcast_filtered+0xcb/0x340 [ 425.099718][ T72] nlmsg_notify+0x6e/0x1e0 [ 425.099946][ T72] rtmsg_ifinfo+0x5b/0xa0 [ 425.100167][ T72] dev_close_many+0x2bd/0x650 [ 425.100406][ T72] unregister_netdevice_many_notify+0x3d5/0x1180 [ 425.100726][ T72] default_device_exit_batch+0x228/0x2c0 [ 425.101008][ T72] cleanup_net+0x4f3/0xa20 [ 425.101235][ T72] process_one_work+0x78c/0x1310 [ 425.101486][ T72] worker_thread+0x73d/0x1010 [ 425.101729][ T72] kthread+0x28f/0x360 [ 425.101937][ T72] ret_from_fork+0x31/0x70 [ 425.102161][ T72] ret_from_fork_asm+0x1b/0x30 [ 425.102404][ T72] [ 425.102525][ T72] Freed by task 72: [ 425.102718][ T72] kasan_save_stack+0x24/0x50 [ 425.102957][ T72] kasan_save_track+0x14/0x30 [ 425.103194][ T72] kasan_save_free_info+0x3f/0x60 [ 425.103450][ T72] __kasan_slab_free+0xfc/0x1c0 [ 425.103694][ T72] kfree+0xf2/0x2d0 [ 425.103958][ T72] skb_release_data+0x56b/0x770 [ 425.104203][ T72] consume_skb+0xad/0x110 [ 425.104454][ T72] netlink_broadcast_filtered+0x224/0x340 [ 425.104764][ T72] nlmsg_notify+0x6e/0x1e0 [ 425.105000][ T72] rtmsg_ifinfo+0x5b/0xa0 [ 425.105219][ T72] dev_close_many+0x2bd/0x650 [ 425.105492][ T72] unregister_netdevice_many_notify+0x3d5/0x1180 [ 425.105858][ T72] default_device_exit_batch+0x228/0x2c0 [ 425.106162][ T72] cleanup_net+0x4f3/0xa20 [ 425.106387][ T72] process_one_work+0x78c/0x1310 [ 425.106657][ T72] worker_thread+0x73d/0x1010 [ 425.106922][ T72] kthread+0x28f/0x360 [ 425.107129][ T72] ret_from_fork+0x31/0x70 [ 425.107355][ T72] ret_from_fork_asm+0x1b/0x30 [ 425.107612][ T72] [ 425.107734][ T72] The buggy address belongs to the object at ffff888005bd0800 [ 425.107734][ T72] which belongs to the cache kmalloc-2k of size 2048 [ 425.108480][ T72] The buggy address is located 976 bytes inside of [ 425.108480][ T72] freed 2048-byte region [ffff888005bd0800, ffff888005bd1000) [ 425.109200][ T72] [ 425.109358][ T72] The buggy address belongs to the physical page: [ 425.109697][ T72] page:ffffea000016f400 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888005bd6800 pfn:0x5bd0 [ 425.110310][ T72] head:ffffea000016f400 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 425.110758][ T72] flags: 0x80000000000a40(workingset|slab|head|node=0|zone=1) [ 425.111137][ T72] page_type: 0xffffffff() [ 425.111356][ T72] raw: 0080000000000a40 ffff888001043540 ffff8880010418d0 ffff8880010418d0 [ 425.111827][ T72] raw: ffff888005bd6800 0000000000050004 00000001ffffffff 0000000000000000 [ 425.112281][ T72] page dumped because: kasan: bad access detected [ 425.112612][ T72] [ 425.112733][ T72] Memory state around the buggy address: [ 425.113051][ T72] ffff888005bd0a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 425.113493][ T72] ffff888005bd0b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 425.113925][ T72] >ffff888005bd0b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 425.114352][ T72] ^ [ 425.114687][ T72] ffff888005bd0c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 425.115106][ T72] ffff888005bd0c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 425.115535][ T72] ================================================================== [ 425.116486][ T72] Disabling lock debugging due to kernel taint [ 425.116841][ T72] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 425.117545][ T72] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 425.118009][ T72] CPU: 1 PID: 72 Comm: kworker/u8:1 Tainted: G B 6.8.0-rc2-virtme #1 [ 425.118512][ T72] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 425.119168][ T72] Workqueue: netns cleanup_net [ 425.119435][ T72] RIP: 0010:vxlan_netdevice_event+0x19e/0x340 [vxlan] [ 425.119827][ T72] Code: 00 00 00 48 b9 00 00 00 00 00 fc ff df 49 89 c0 48 89 44 24 08 49 c1 e8 03 4d 8d 24 08 eb 2c 48 8d 53 30 48 89 d0 48 c1 e8 03 <80> 3c 08 00 0f 85 e0 00 00 00 48 8b 43 30 49 89 dd 48 83 e8 30 49 [ 425.120893][ T72] RSP: 0018:ffffc9000052f980 EFLAGS: 00010246 [ 425.121198][ T72] RAX: 0000000000000000 RBX: ffffffffffffffd0 RCX: dffffc0000000000 [ 425.121595][ T72] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff888005bd0c24 [ 425.121997][ T72] RBP: 1ffff920000a5f33 R08: 1ffff11000ca021a R09: ffffc9000052f9b8 [ 425.122392][ T72] R10: ffffffff8a73ca07 R11: 205d323754202020 R12: ffffed1000ca021a [ 425.122786][ T72] R13: ffff888005bd0ba0 R14: ffff88800944c000 R15: ffff888006501000 [ 425.123183][ T72] FS: 0000000000000000(0000) GS:ffff88802ea00000(0000) knlGS:0000000000000000 [ 425.123661][ T72] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 425.124025][ T72] CR2: 00007f1e0e0a8270 CR3: 0000000007d5e006 CR4: 0000000000770ef0 [ 425.124443][ T72] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 425.124853][ T72] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 425.125262][ T72] PKRU: 55555554 [ 425.125454][ T72] Call Trace: [ 425.125636][ T72] <TASK> [ 425.125799][ T72] ? die_addr+0x41/0xa0 [ 425.126027][ T72] ? exc_general_protection+0x149/0x220 [ 425.126324][ T72] ? asm_exc_general_protection+0x26/0x30 [ 425.126627][ T72] ? vxlan_netdevice_event+0x19e/0x340 [vxlan] [ 425.126955][ T72] ? __pfx_vxlan_netdevice_event+0x10/0x10 [vxlan] [ 425.127349][ T72] ? _raw_spin_unlock+0x23/0x40 [ 425.127611][ T72] ? mirred_device_event+0x185/0x210 [act_mirred] [ 425.127961][ T72] notifier_call_chain+0x9a/0x290 [ 425.128219][ T72] unregister_netdevice_many_notify+0x55a/0x1180 [ 425.128558][ T72] ? mutex_is_locked+0x17/0x50 [ 425.128825][ T72] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 425.129185][ T72] ? vrf_dellink+0x101/0x150 [vrf] [ 425.129458][ T72] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 425.129795][ T72] default_device_exit_batch+0x228/0x2c0 [ 425.130112][ T72] ? __pfx_default_device_exit_batch+0x10/0x10 [ 425.130454][ T72] ? mutex_is_locked+0x17/0x50 [ 425.130723][ T72] ? nexthop_net_exit_batch_rtnl+0x83/0x210 [ 425.131050][ T72] cleanup_net+0x4f3/0xa20 [ 425.131292][ T72] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 425.131583][ T72] ? __pfx_cleanup_net+0x10/0x10 [ 425.131885][ T72] ? lock_acquire+0x1c1/0x220 [ 425.132153][ T72] ? process_one_work+0x714/0x1310 [ 425.132457][ T72] process_one_work+0x78c/0x1310 [ 425.132759][ T72] ? hlock_class+0x4e/0x130 [ 425.133015][ T72] ? __pfx_process_one_work+0x10/0x10 [ 425.133312][ T72] ? assign_work+0x16c/0x240 [ 425.133558][ T72] worker_thread+0x73d/0x1010 [ 425.133812][ T72] ? lockdep_hardirqs_on_prepare.part.0+0x1b1/0x370 [ 425.134172][ T72] ? __pfx_worker_thread+0x10/0x10 [ 425.134448][ T72] ? __pfx_worker_thread+0x10/0x10 [ 425.134743][ T72] kthread+0x28f/0x360 [ 425.134973][ T72] ? __pfx_kthread+0x10/0x10 [ 425.135208][ T72] ret_from_fork+0x31/0x70 [ 425.135460][ T72] ? __pfx_kthread+0x10/0x10 [ 425.135715][ T72] ret_from_fork_asm+0x1b/0x30 [ 425.135961][ T72] </TASK> [ 425.136128][ T72] Modules linked in: vxlan ip6_udp_tunnel udp_tunnel 8021q act_mirred cls_flower bridge stp llc ip6_gre ip6_tunnel tunnel6 act_gact cls_matchall ip_gre gre sch_ingress vrf veth [ 425.137078][ T72] ---[ end trace 0000000000000000 ]--- [ 425.137376][ T72] RIP: 0010:vxlan_netdevice_event+0x19e/0x340 [vxlan] [ 425.137729][ T72] Code: 00 00 00 48 b9 00 00 00 00 00 fc ff df 49 89 c0 48 89 44 24 08 49 c1 e8 03 4d 8d 24 08 eb 2c 48 8d 53 30 48 89 d0 48 c1 e8 03 <80> 3c 08 00 0f 85 e0 00 00 00 48 8b 43 30 49 89 dd 48 83 e8 30 49 [ 425.139182][ T72] RSP: 0018:ffffc9000052f980 EFLAGS: 00010246 [ 425.139511][ T72] RAX: 0000000000000000 RBX: ffffffffffffffd0 RCX: dffffc0000000000 [ 425.139965][ T72] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff888005bd0c24 [ 425.140413][ T72] RBP: 1ffff920000a5f33 R08: 1ffff11000ca021a R09: ffffc9000052f9b8 [ 425.140872][ T72] R10: ffffffff8a73ca07 R11: 205d323754202020 R12: ffffed1000ca021a [ 425.141328][ T72] R13: ffff888005bd0ba0 R14: ffff88800944c000 R15: ffff888006501000 [ 425.141799][ T72] FS: 0000000000000000(0000) GS:ffff88802ea00000(0000) knlGS:0000000000000000 [ 425.142299][ T72] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 425.142705][ T72] CR2: 00007f1e0e0a8270 CR3: 0000000007d5e006 CR4: 0000000000770ef0 [ 425.143151][ T72] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 425.143590][ T72] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 425.144014][ T72] PKRU: 55555554 [ 425.144214][ T72] Kernel panic - not syncing: Fatal exception [ 425.144667][ T72] Kernel Offset: 0x4000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 425.145241][ T72] ---[ end Kernel panic - not syncing: Fatal exception ]--- WAIT TIMEOUT stdout Ctrl-C stdout Ctrl-C stdout WAIT TIMEOUT stdout