make -C tools/testing/selftests TARGETS=net/forwarding TEST_PROGS=q_in_vnii.sh TEST_GEN_PROGS="" run_tests make: Entering directory '/home/virtme/testing-4/tools/testing/selftests' make[1]: Entering directory '/home/virtme/testing-4/tools/testing/selftests/net/forwarding' make[1]: Nothing to be done for 'all'. make[1]: Leaving directory '/home/virtme/testing-4/tools/testing/selftests/net/forwarding' make[1]: Entering directory '/home/virtme/testing-4/tools/testing/selftests/net/forwarding' TAP version 13 1..1 # timeout set to 10800 # selftests: net/forwarding: q_in_vni.sh [ 26.421860][ T285] 8021q: 802.1Q VLAN Support v1.8 [ 32.423060][ T331] br1: port 1(vx100) entered blocking state [ 32.423491][ T331] br1: port 1(vx100) entered disabled state [ 32.423904][ T331] vx100: entered allmulticast mode [ 32.426046][ T331] vx100: entered promiscuous mode [ 32.427522][ T331] br1: port 1(vx100) entered blocking state [ 32.427881][ T331] br1: port 1(vx100) entered forwarding state [ 32.763672][ T333] br1: port 2(veth1) entered blocking state [ 32.764012][ T333] br1: port 2(veth1) entered disabled state [ 32.765019][ T333] veth1: entered allmulticast mode [ 32.767033][ T333] veth1: entered promiscuous mode [ 32.928933][ T47] br1: port 2(veth1) entered blocking state [ 32.929333][ T47] br1: port 2(veth1) entered forwarding state [ 33.244110][ T336] br1: port 3(veth2) entered blocking state [ 33.244478][ T336] br1: port 3(veth2) entered disabled state [ 33.244834][ T336] veth2: entered allmulticast mode [ 33.247513][ T336] veth2: entered promiscuous mode [ 33.410958][ T50] br1: port 3(veth2) entered blocking state [ 33.411320][ T50] br1: port 3(veth2) entered forwarding state [ 38.796756][ T378] br2: port 1(w1) entered blocking state [ 38.797095][ T378] br2: port 1(w1) entered disabled state [ 38.797452][ T378] w1: entered allmulticast mode [ 38.800274][ T378] w1: entered promiscuous mode [ 39.894739][ T386] br2: port 2(vx100) entered blocking state [ 39.895082][ T386] br2: port 2(vx100) entered disabled state [ 39.895642][ T386] vx100: entered allmulticast mode [ 39.897670][ T386] vx100: entered promiscuous mode [ 39.898284][ T386] br2: port 2(vx100) entered blocking state [ 39.898590][ T386] br2: port 2(vx100) entered forwarding state [ 41.203480][ T8] br2: port 1(w1) entered blocking state [ 41.204082][ T8] br2: port 1(w1) entered forwarding state [ 45.029598][ T421] br2: port 1(w1) entered blocking state [ 45.029923][ T421] br2: port 1(w1) entered disabled state [ 45.030265][ T421] w1: entered allmulticast mode [ 45.032288][ T421] w1: entered promiscuous mode [ 46.138187][ T428] br2: port 2(vx100) entered blocking state [ 46.138532][ T428] br2: port 2(vx100) entered disabled state [ 46.138880][ T428] vx100: entered allmulticast mode [ 46.140945][ T428] vx100: entered promiscuous mode [ 46.141927][ T428] br2: port 2(vx100) entered blocking state [ 46.142247][ T428] br2: port 2(vx100) entered forwarding state [ 47.381662][ T50] br2: port 1(w1) entered blocking state [ 47.382005][ T50] br2: port 1(w1) entered forwarding state # Running tests with UDP port 4789 # TEST: ping: local->local [ OK ] # TEST: ping: local->remote 1 [ OK ] # TEST: ping: local->remote 2 [ OK ] [ 62.261367][ T11] vx100: left allmulticast mode [ 62.261723][ T11] vx100: left promiscuous mode [ 62.262195][ T11] br2: port 2(vx100) entered disabled state [ 62.276163][ T11] w1: left allmulticast mode [ 62.276453][ T11] w1: left promiscuous mode [ 62.276836][ T11] br2: port 1(w1) entered disabled state [ 62.362182][ T11] ================================================================== [ 62.362643][ T11] BUG: KASAN: slab-use-after-free in vxlan_netdevice_event+0x32f/0x340 [vxlan] [ 62.363194][ T11] Read of size 8 at addr ffff8880092e0bd0 by task kworker/u8:0/11 [ 62.363634][ T11] [ 62.363780][ T11] CPU: 2 PID: 11 Comm: kworker/u8:0 Not tainted 6.8.0-rc2-virtme #1 [ 62.364259][ T11] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 62.364900][ T11] Workqueue: netns cleanup_net [ 62.365180][ T11] Call Trace: [ 62.365347][ T11] <TASK> [ 62.365497][ T11] dump_stack_lvl+0x64/0xb0 [ 62.365726][ T11] print_address_description.constprop.0+0x2c/0x3b0 [ 62.366059][ T11] ? vxlan_netdevice_event+0x32f/0x340 [vxlan] [ 62.366407][ T11] print_report+0xb5/0x270 [ 62.366643][ T11] ? kasan_addr_to_slab+0x4e/0x90 [ 62.366916][ T11] kasan_report+0xbe/0xf0 [ 62.367156][ T11] ? vxlan_netdevice_event+0x32f/0x340 [vxlan] [ 62.367496][ T11] vxlan_netdevice_event+0x32f/0x340 [vxlan] [ 62.367816][ T11] ? __pfx_vlan_device_event+0x10/0x10 [8021q] [ 62.368154][ T11] ? __pfx_vxlan_netdevice_event+0x10/0x10 [vxlan] [ 62.368517][ T11] ? netconsole_netdev_event+0x1b4/0x300 [ 62.368844][ T11] notifier_call_chain+0x9a/0x290 [ 62.369122][ T11] unregister_netdevice_many_notify+0x55a/0x1180 [ 62.369453][ T11] ? mutex_is_locked+0x17/0x50 [ 62.369710][ T11] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 62.370122][ T11] ? vrf_dellink+0x101/0x150 [vrf] [ 62.370434][ T11] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 62.370783][ T11] default_device_exit_batch+0x228/0x2c0 [ 62.371077][ T11] ? __pfx_default_device_exit_batch+0x10/0x10 [ 62.371425][ T11] ? mutex_is_locked+0x17/0x50 [ 62.371693][ T11] ? nexthop_net_exit_batch_rtnl+0x83/0x210 [ 62.372051][ T11] cleanup_net+0x4f3/0xa20 [ 62.372345][ T11] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 62.372652][ T11] ? __pfx_cleanup_net+0x10/0x10 [ 62.372901][ T11] ? lock_acquire+0x1c1/0x220 [ 62.373192][ T11] ? process_one_work+0x714/0x1310 [ 62.373476][ T11] process_one_work+0x78c/0x1310 [ 62.373740][ T11] ? hlock_class+0x4e/0x130 [ 62.373969][ T11] ? __pfx_process_one_work+0x10/0x10 [ 62.374283][ T11] ? assign_work+0x16c/0x240 [ 62.374555][ T11] worker_thread+0x73d/0x1010 [ 62.374802][ T11] ? __pfx_worker_thread+0x10/0x10 [ 62.375082][ T11] kthread+0x28f/0x360 [ 62.375312][ T11] ? __pfx_kthread+0x10/0x10 [ 62.375577][ T11] ret_from_fork+0x31/0x70 [ 62.375819][ T11] ? __pfx_kthread+0x10/0x10 [ 62.376114][ T11] ret_from_fork_asm+0x1b/0x30 [ 62.376410][ T11] </TASK> [ 62.376564][ T11] [ 62.376709][ T11] Allocated by task 11: [ 62.376916][ T11] kasan_save_stack+0x24/0x50 [ 62.377215][ T11] kasan_save_track+0x14/0x30 [ 62.377460][ T11] __kasan_kmalloc+0x7f/0x90 [ 62.377698][ T11] __kmalloc_node_track_caller+0x1fb/0x440 [ 62.378031][ T11] kmalloc_reserve+0xbc/0x1f0 [ 62.378267][ T11] pskb_expand_head+0x1f4/0xff0 [ 62.378526][ T11] netlink_trim+0x198/0x200 [ 62.378753][ T11] netlink_broadcast_filtered+0xcb/0x340 [ 62.379035][ T11] nlmsg_notify+0x6e/0x1e0 [ 62.379257][ T11] rtnetlink_event+0x167/0x1c0 [ 62.379498][ T11] notifier_call_chain+0x9a/0x290 [ 62.379781][ T11] __netdev_upper_dev_unlink+0x115/0x220 [ 62.380063][ T11] netdev_upper_dev_unlink+0x71/0xa0 [ 62.380367][ T11] vrf_dellink+0xbb/0x150 [vrf] [ 62.380639][ T11] default_device_exit_batch+0x16a/0x2c0 [ 62.380931][ T11] cleanup_net+0x4f3/0xa20 [ 62.381155][ T11] process_one_work+0x78c/0x1310 [ 62.381429][ T11] worker_thread+0x73d/0x1010 [ 62.381682][ T11] kthread+0x28f/0x360 [ 62.381896][ T11] ret_from_fork+0x31/0x70 [ 62.382155][ T11] ret_from_fork_asm+0x1b/0x30 [ 62.382394][ T11] [ 62.382528][ T11] Freed by task 11: [ 62.382720][ T11] kasan_save_stack+0x24/0x50 [ 62.382973][ T11] kasan_save_track+0x14/0x30 [ 62.383227][ T11] kasan_save_free_info+0x3f/0x60 [ 62.383503][ T11] __kasan_slab_free+0xfc/0x1c0 [ 62.383746][ T11] kfree+0xf2/0x2d0 [ 62.383938][ T11] skb_release_data+0x544/0x740 [ 62.384190][ T11] consume_skb+0xad/0x110 [ 62.384408][ T11] netlink_broadcast_filtered+0x224/0x340 [ 62.384710][ T11] nlmsg_notify+0x6e/0x1e0 [ 62.384933][ T11] rtnetlink_event+0x167/0x1c0 [ 62.385196][ T11] notifier_call_chain+0x9a/0x290 [ 62.385449][ T11] __netdev_upper_dev_unlink+0x115/0x220 [ 62.385729][ T11] netdev_upper_dev_unlink+0x71/0xa0 [ 62.385992][ T11] vrf_dellink+0xbb/0x150 [vrf] [ 62.386243][ T11] default_device_exit_batch+0x16a/0x2c0 [ 62.386523][ T11] cleanup_net+0x4f3/0xa20 [ 62.386791][ T11] process_one_work+0x78c/0x1310 [ 62.387038][ T11] worker_thread+0x73d/0x1010 [ 62.387273][ T11] kthread+0x28f/0x360 [ 62.387485][ T11] ret_from_fork+0x31/0x70 [ 62.387744][ T11] ret_from_fork_asm+0x1b/0x30 [ 62.387981][ T11] [ 62.388134][ T11] The buggy address belongs to the object at ffff8880092e0800 [ 62.388134][ T11] which belongs to the cache kmalloc-2k of size 2048 [ 62.388873][ T11] The buggy address is located 976 bytes inside of [ 62.388873][ T11] freed 2048-byte region [ffff8880092e0800, ffff8880092e1000) [ 62.389633][ T11] [ 62.389777][ T11] The buggy address belongs to the physical page: [ 62.390103][ T11] page:ffffea000024b800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x92e0 [ 62.390683][ T11] head:ffffea000024b800 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 62.391193][ T11] flags: 0x80000000000840(slab|head|node=0|zone=1) [ 62.391526][ T11] page_type: 0xffffffff() [ 62.391783][ T11] raw: 0080000000000840 ffff888001043540 ffffea000015e410 ffff8880010418f0 [ 62.392303][ T11] raw: 0000000000000000 0000000000050005 00000001ffffffff 0000000000000000 [ 62.392760][ T11] page dumped because: kasan: bad access detected [ 62.393120][ T11] [ 62.393250][ T11] Memory state around the buggy address: [ 62.393571][ T11] ffff8880092e0a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 62.394004][ T11] ffff8880092e0b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 62.394400][ T11] >ffff8880092e0b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 62.394830][ T11] ^ [ 62.395161][ T11] ffff8880092e0c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 62.395596][ T11] ffff8880092e0c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 62.396024][ T11] ================================================================== [ 62.396510][ T11] Disabling lock debugging due to kernel taint [ 62.396882][ T11] general protection fault, probably for non-canonical address 0xdffffc002000007d: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 62.397558][ T11] KASAN: probably user-memory-access in range [0x00000001000003e8-0x00000001000003ef] [ 62.398060][ T11] CPU: 2 PID: 11 Comm: kworker/u8:0 Tainted: G B 6.8.0-rc2-virtme #1 [ 62.398587][ T11] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 62.399218][ T11] Workqueue: netns cleanup_net [ 62.399479][ T11] RIP: 0010:vxlan_netdevice_event+0x19e/0x340 [vxlan] [ 62.399844][ T11] Code: 00 00 00 48 b9 00 00 00 00 00 fc ff df 49 89 c0 48 89 44 24 08 49 c1 e8 03 4d 8d 24 08 eb 2c 48 8d 53 30 48 89 d0 48 c1 e8 03 <80> 3c 08 00 0f 85 e0 00 00 00 48 8b 43 30 49 89 dd 48 83 e8 30 49 [ 62.400916][ T11] RSP: 0018:ffffc900000bf980 EFLAGS: 00010206 [ 62.401235][ T11] RAX: 000000002000007d RBX: 00000001000003b8 RCX: dffffc0000000000 [ 62.401649][ T11] RDX: 00000001000003e8 RSI: 0000000000000004 RDI: ffff8880092e0c24 [ 62.402068][ T11] RBP: 1ffff92000017f33 R08: 1ffff1100770f21a R09: ffffc900000bf9b8 [ 62.402501][ T11] R10: ffffffffa893ca07 R11: 205d313154202020 R12: ffffed100770f21a [ 62.402958][ T11] R13: ffff8880092e0ba0 R14: ffff8880067f9000 R15: ffff88803b879000 [ 62.403368][ T11] FS: 0000000000000000(0000) GS:ffff88802f000000(0000) knlGS:0000000000000000 [ 62.403823][ T11] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 62.404183][ T11] CR2: 000056552608bdec CR3: 00000000082aa002 CR4: 0000000000770ef0 [ 62.404616][ T11] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 62.405081][ T11] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 62.405494][ T11] PKRU: 55555554 [ 62.405685][ T11] Call Trace: [ 62.405867][ T11] <TASK> [ 62.406017][ T11] ? die_addr+0x41/0xa0 [ 62.406243][ T11] ? exc_general_protection+0x149/0x220 [ 62.406554][ T11] ? asm_exc_general_protection+0x26/0x30 [ 62.406879][ T11] ? vxlan_netdevice_event+0x19e/0x340 [vxlan] [ 62.407215][ T11] ? __pfx_vxlan_netdevice_event+0x10/0x10 [vxlan] [ 62.407586][ T11] ? netconsole_netdev_event+0x1b4/0x300 [ 62.407883][ T11] notifier_call_chain+0x9a/0x290 [ 62.408155][ T11] unregister_netdevice_many_notify+0x55a/0x1180 [ 62.408491][ T11] ? mutex_is_locked+0x17/0x50 [ 62.408757][ T11] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 62.409113][ T11] ? vrf_dellink+0x101/0x150 [vrf] [ 62.409407][ T11] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 62.409756][ T11] default_device_exit_batch+0x228/0x2c0 [ 62.410055][ T11] ? __pfx_default_device_exit_batch+0x10/0x10 [ 62.410394][ T11] ? mutex_is_locked+0x17/0x50 [ 62.410658][ T11] ? nexthop_net_exit_batch_rtnl+0x83/0x210 [ 62.410994][ T11] cleanup_net+0x4f3/0xa20 [ 62.411227][ T11] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 62.411543][ T11] ? __pfx_cleanup_net+0x10/0x10 [ 62.411818][ T11] ? lock_acquire+0x1c1/0x220 [ 62.412053][ T11] ? process_one_work+0x714/0x1310 [ 62.412326][ T11] process_one_work+0x78c/0x1310 [ 62.412601][ T11] ? hlock_class+0x4e/0x130 [ 62.412865][ T11] ? __pfx_process_one_work+0x10/0x10 [ 62.413158][ T11] ? assign_work+0x16c/0x240 [ 62.413432][ T11] worker_thread+0x73d/0x1010 [ 62.413693][ T11] ? __pfx_worker_thread+0x10/0x10 [ 62.413957][ T11] kthread+0x28f/0x360 [ 62.414177][ T11] ? __pfx_kthread+0x10/0x10 [ 62.414424][ T11] ret_from_fork+0x31/0x70 [ 62.414654][ T11] ? __pfx_kthread+0x10/0x10 [ 62.414886][ T11] ret_from_fork_asm+0x1b/0x30 [ 62.415128][ T11] </TASK> [ 62.415285][ T11] Modules linked in: vxlan ip6_udp_tunnel udp_tunnel bridge stp llc 8021q sch_ingress vrf veth [ 62.415826][ T11] ---[ end trace 0000000000000000 ]--- [ 62.416098][ T11] RIP: 0010:vxlan_netdevice_event+0x19e/0x340 [vxlan] [ 62.416455][ T11] Code: 00 00 00 48 b9 00 00 00 00 00 fc ff df 49 89 c0 48 89 44 24 08 49 c1 e8 03 4d 8d 24 08 eb 2c 48 8d 53 30 48 89 d0 48 c1 e8 03 <80> 3c 08 00 0f 85 e0 00 00 00 48 8b 43 30 49 89 dd 48 83 e8 30 49 [ 62.418157][ T11] RSP: 0018:ffffc900000bf980 EFLAGS: 00010206 [ 62.418492][ T11] RAX: 000000002000007d RBX: 00000001000003b8 RCX: dffffc0000000000 [ 62.418916][ T11] RDX: 00000001000003e8 RSI: 0000000000000004 RDI: ffff8880092e0c24 [ 62.419479][ T11] RBP: 1ffff92000017f33 R08: 1ffff1100770f21a R09: ffffc900000bf9b8 [ 62.419985][ T11] R10: ffffffffa893ca07 R11: 205d313154202020 R12: ffffed100770f21a [ 62.420507][ T11] R13: ffff8880092e0ba0 R14: ffff8880067f9000 R15: ffff88803b879000 [ 62.420963][ T11] FS: 0000000000000000(0000) GS:ffff88802f000000(0000) knlGS:0000000000000000 [ 62.421408][ T11] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 62.421734][ T11] CR2: 000056552608bdec CR3: 00000000082aa002 CR4: 0000000000770ef0 [ 62.422214][ T11] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 62.422609][ T11] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 62.423011][ T11] PKRU: 55555554 [ 62.423197][ T11] Kernel panic - not syncing: Fatal exception [ 62.423569][ T11] Kernel Offset: 0x22200000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) [ 62.424145][ T11] ---[ end Kernel panic - not syncing: Fatal exception ]--- WAIT TIMEOUT stdout Ctrl-C stdout Ctrl-C stdout WAIT TIMEOUT stdout