[  354.795627][ T7983] br1: port 1(vx1) entered blocking state
[  354.795881][ T7983] br1: port 1(vx1) entered disabled state
[  354.796131][ T7983] vx1: entered allmulticast mode
[  354.798245][ T7983] vx1: entered promiscuous mode
[  354.799581][ T7983] br1: port 1(vx1) entered blocking state
[  354.799846][ T7983] br1: port 1(vx1) entered forwarding state
[  354.892532][ T7984] br1: port 2(veth1) entered blocking state
[  354.892951][ T7984] br1: port 2(veth1) entered disabled state
[  354.893326][ T7984] veth1: entered allmulticast mode
[  354.895544][ T7984] veth1: entered promiscuous mode
[  354.986468][   T37] br1: port 2(veth1) entered blocking state
[  354.986935][   T37] br1: port 2(veth1) entered forwarding state
[  355.213830][ T7987] br1: port 3(veth2) entered blocking state
[  355.214202][ T7987] br1: port 3(veth2) entered disabled state
[  355.214505][ T7987] veth2: entered allmulticast mode
[  355.216862][ T7987] veth2: entered promiscuous mode
[  355.309322][   T37] br1: port 3(veth2) entered blocking state
[  355.309635][   T37] br1: port 3(veth2) entered forwarding state
[  358.897688][ T8033] br2: port 1(w1) entered blocking state
[  358.897977][ T8033] br2: port 1(w1) entered disabled state
[  358.898678][ T8033] w1: entered allmulticast mode
[  358.900908][ T8033] w1: entered promiscuous mode
[  359.455316][ T8039] br2: port 2(vx2) entered blocking state
[  359.456069][ T8039] br2: port 2(vx2) entered disabled state
[  359.456355][ T8039] vx2: entered allmulticast mode
[  359.458297][ T8039] vx2: entered promiscuous mode
[  359.459214][ T8039] br2: port 2(vx2) entered blocking state
[  359.459477][ T8039] br2: port 2(vx2) entered forwarding state
[  360.323047][   T40] br2: port 1(w1) entered blocking state
[  360.323414][   T40] br2: port 1(w1) entered forwarding state
[  362.614736][ T8073] br2: port 1(w1) entered blocking state
[  362.615046][ T8073] br2: port 1(w1) entered disabled state
[  362.615308][ T8073] w1: entered allmulticast mode
[  362.617314][ T8073] w1: entered promiscuous mode
[  363.185347][ T8079] br2: port 2(vx2) entered blocking state
[  363.185617][ T8079] br2: port 2(vx2) entered disabled state
[  363.185911][ T8079] vx2: entered allmulticast mode
[  363.188188][ T8079] vx2: entered promiscuous mode
[  363.189116][ T8079] br2: port 2(vx2) entered blocking state
[  363.189324][ T8079] br2: port 2(vx2) entered forwarding state
[  363.886313][   T39] br2: port 1(w1) entered blocking state
[  363.886620][   T39] br2: port 1(w1) entered forwarding state
[  373.610795][ T8152] GACT probability NOT on
[  432.334195][ T8419] veth3: entered promiscuous mode
[  464.670413][ T8908] veth3: left promiscuous mode
[  489.826027][    C2] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  489.928078][    C2] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  490.029328][    C2] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  490.130347][    C2] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  490.231447][    C2] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  490.332423][    C2] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  490.433496][    C2] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  490.534443][    C2] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  490.635480][    C2] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  490.736714][    C2] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  494.900364][    C3] net_ratelimit: 1 callbacks suppressed
[  494.900807][    C3] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  495.001682][    C3] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  495.102615][    C3] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  495.203508][    C3] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  495.304512][    C3] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  495.405607][    C3] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  495.506717][    C3] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  495.607652][    C3] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  495.708536][    C3] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  558.797595][    C0] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  558.899052][    C0] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  559.000092][    C0] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  559.101046][    C0] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  559.202042][    C0] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  559.303128][    C0] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  559.404170][    C0] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  559.505233][    C0] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  559.606324][    C0] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  559.707309][    C0] vxlan: non-ECT from 2001:0db8:0004:0000:0000:0000:0000:0001
[  561.388732][ T9877] vx1: left allmulticast mode
[  561.388973][ T9877] vx1: left promiscuous mode
[  561.389354][ T9877] br1: port 1(vx1) entered disabled state
[  566.842167][ T9882] br1: port 1(vx1) entered blocking state
[  566.842428][ T9882] br1: port 1(vx1) entered disabled state
[  566.842658][ T9882] vx1: entered allmulticast mode
[  566.844802][ T9882] vx1: entered promiscuous mode
[  566.845577][ T9882] br1: port 1(vx1) entered blocking state
[  566.845775][ T9882] br1: port 1(vx1) entered forwarding state
[  632.363224][T10169] veth3: entered promiscuous mode
[  663.061122][T10658] veth3: left promiscuous mode
[  663.862038][   T11] vx2: left allmulticast mode
[  663.862585][   T11] vx2: left promiscuous mode
[  663.863144][   T11] br2: port 2(vx2) entered disabled state
[  663.870115][   T11] w1: left allmulticast mode
[  663.870431][   T11] w1: left promiscuous mode
[  663.870841][   T11] br2: port 1(w1) entered disabled state
[  664.303630][   T11] vx2: left allmulticast mode
[  664.303894][   T11] vx2: left promiscuous mode
[  664.304243][   T11] br2: port 2(vx2) entered disabled state
[  664.306168][   T11] w1: left allmulticast mode
[  664.307410][   T11] w1: left promiscuous mode
[  664.307913][   T11] br2: port 1(w1) entered disabled state
[  664.740783][   T11] ==================================================================
[  664.741019][   T11] BUG: KASAN: slab-use-after-free in cleanup_net+0x932/0xa40
[  664.741217][   T11] Read of size 8 at addr ffff888009811a38 by task kworker/u16:0/11
[  664.741415][   T11] 
[  664.741508][   T11] CPU: 1 UID: 0 PID: 11 Comm: kworker/u16:0 Not tainted 6.12.0-virtme #1
[  664.741731][   T11] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[  664.741929][   T11] Workqueue: netns cleanup_net
[  664.742069][   T11] Call Trace:
[  664.742168][   T11]  <TASK>
[  664.742255][   T11]  dump_stack_lvl+0x82/0xd0
[  664.742408][   T11]  print_address_description.constprop.0+0x2c/0x3b0
[  664.742593][   T11]  ? cleanup_net+0x932/0xa40
[  664.742761][   T11]  print_report+0xb4/0x270
[  664.742920][   T11]  ? kasan_addr_to_slab+0x25/0x80
[  664.743055][   T11]  kasan_report+0xbd/0xf0
[  664.743183][   T11]  ? cleanup_net+0x932/0xa40
[  664.743332][   T11]  cleanup_net+0x932/0xa40
[  664.743458][   T11]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  664.743606][   T11]  ? __pfx_cleanup_net+0x10/0x10
[  664.743758][   T11]  ? trace_lock_acquire+0x148/0x1f0
[  664.743915][   T11]  ? lock_acquire+0x32/0xc0
[  664.744041][   T11]  ? process_one_work+0xe0b/0x16d0
[  664.744177][   T11]  process_one_work+0xe55/0x16d0
[  664.744301][   T11]  ? __pfx___lock_release+0x10/0x10
[  664.744431][   T11]  ? __pfx_process_one_work+0x10/0x10
[  664.744565][   T11]  ? assign_work+0x16c/0x240
[  664.744718][   T11]  worker_thread+0x58c/0xce0
[  664.744846][   T11]  ? __pfx_worker_thread+0x10/0x10
[  664.744973][   T11]  kthread+0x28a/0x350
[  664.745068][   T11]  ? __pfx_kthread+0x10/0x10
[  664.745192][   T11]  ret_from_fork+0x31/0x70
[  664.745318][   T11]  ? __pfx_kthread+0x10/0x10
[  664.745444][   T11]  ret_from_fork_asm+0x1a/0x30
[  664.745581][   T11]  </TASK>
[  664.745682][   T11] 
[  664.745748][   T11] Allocated by task 8051:
[  664.745843][   T11]  kasan_save_stack+0x24/0x50
[  664.745975][   T11]  kasan_save_track+0x14/0x30
[  664.746099][   T11]  __kasan_slab_alloc+0x59/0x70
[  664.746225][   T11]  kmem_cache_alloc_noprof+0x10b/0x350
[  664.746349][   T11]  copy_net_ns+0xc6/0x340
[  664.746459][   T11]  create_new_namespaces+0x35f/0x920
[  664.746617][   T11]  unshare_nsproxy_namespaces+0x8d/0x130
[  664.746768][   T11]  ksys_unshare+0x2a9/0x660
[  664.746897][   T11]  __x64_sys_unshare+0x31/0x40
[  664.747023][   T11]  do_syscall_64+0xc1/0x1d0
[  664.747149][   T11]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  664.747305][   T11] 
[  664.747405][   T11] Freed by task 11:
[  664.747501][   T11]  kasan_save_stack+0x24/0x50
[  664.747677][   T11]  kasan_save_track+0x14/0x30
[  664.747824][   T11]  kasan_save_free_info+0x3b/0x60
[  664.747957][   T11]  __kasan_slab_free+0x38/0x50
[  664.748099][   T11]  kmem_cache_free+0xf8/0x330
[  664.748243][   T11]  cleanup_net+0x5a8/0xa40
[  664.748381][   T11]  process_one_work+0xe55/0x16d0
[  664.748522][   T11]  worker_thread+0x58c/0xce0
[  664.748676][   T11]  kthread+0x28a/0x350
[  664.748826][   T11]  ret_from_fork+0x31/0x70
[  664.748990][   T11]  ret_from_fork_asm+0x1a/0x30
[  664.749128][   T11] 
[  664.749198][   T11] Last potentially related work creation:
[  664.749330][   T11]  kasan_save_stack+0x24/0x50
[  664.749470][   T11]  __kasan_record_aux_stack+0x8e/0xa0
[  664.749661][   T11]  insert_work+0x34/0x230
[  664.749768][   T11]  __queue_work+0x2ff/0xa40
[  664.749914][   T11]  call_timer_fn+0x13b/0x230
[  664.750097][   T11]  __run_timers+0x3ff/0x810
[  664.750238][   T11]  run_timer_softirq+0x154/0x1c0
[  664.750379][   T11]  handle_softirqs+0x1f6/0x5c0
[  664.750558][   T11]  __irq_exit_rcu+0xc4/0x100
[  664.750717][   T11]  irq_exit_rcu+0xe/0x20
[  664.750846][   T11]  sysvec_apic_timer_interrupt+0x78/0x90
[  664.751024][   T11]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  664.751214][   T11] 
[  664.751288][   T11] Second to last potentially related work creation:
[  664.751467][   T11]  kasan_save_stack+0x24/0x50
[  664.751662][   T11]  __kasan_record_aux_stack+0x8e/0xa0
[  664.751810][   T11]  insert_work+0x34/0x230
[  664.751924][   T11]  __queue_work+0x5fd/0xa40
[  664.752119][   T11]  call_timer_fn+0x13b/0x230
[  664.752274][   T11]  __run_timers+0x3ff/0x810
[  664.752448][   T11]  run_timer_softirq+0x154/0x1c0
[  664.752598][   T11]  handle_softirqs+0x1f6/0x5c0
[  664.752742][   T11]  __irq_exit_rcu+0xc4/0x100
[  664.752883][   T11]  irq_exit_rcu+0xe/0x20
[  664.752986][   T11]  sysvec_apic_timer_interrupt+0x78/0x90
[  664.753126][   T11]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  664.753305][   T11] 
[  664.753377][   T11] The buggy address belongs to the object at ffff888009811980
[  664.753377][   T11]  which belongs to the cache net_namespace of size 6080
[  664.753760][   T11] The buggy address is located 184 bytes inside of
[  664.753760][   T11]  freed 6080-byte region [ffff888009811980, ffff888009813140)
[  664.754111][   T11] 
[  664.754183][   T11] The buggy address belongs to the physical page:
[  664.754358][   T11] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880098132c0 pfn:0x9810
[  664.754654][   T11] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  664.754864][   T11] flags: 0x80000000000240(workingset|head|node=0|zone=1)
[  664.755059][   T11] page_type: f5(slab)
[  664.755170][   T11] raw: 0080000000000240 ffff888001963240 ffff888001968088 ffff888001968088
[  664.755433][   T11] raw: ffff8880098132c0 0000000000050002 00000001f5000000 0000000000000000
[  664.755664][   T11] head: 0080000000000240 ffff888001963240 ffff888001968088 ffff888001968088
[  664.755894][   T11] head: ffff8880098132c0 0000000000050002 00000001f5000000 0000000000000000
[  664.756128][   T11] head: 0080000000000003 ffffea0000260401 ffffffffffffffff 0000000000000000
[  664.756351][   T11] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  664.756576][   T11] page dumped because: kasan: bad access detected
[  664.756734][   T11] 
[  664.756801][   T11] Memory state around the buggy address:
[  664.756923][   T11]  ffff888009811900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  664.757103][   T11]  ffff888009811980: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  664.757286][   T11] >ffff888009811a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  664.757465][   T11]                                         ^
[  664.757622][   T11]  ffff888009811a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  664.757803][   T11]  ffff888009811b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  664.757991][   T11] ==================================================================
[  664.758263][   T11] Disabling lock debugging due to kernel taint
[  665.993960][T10698] br1: port 3(veth2) entered disabled state
[  666.071194][T10699] veth2: left allmulticast mode
[  666.071402][T10699] veth2: left promiscuous mode
[  666.071679][T10699] br1: port 3(veth2) entered disabled state
[  666.231588][T10701] br1: port 2(veth1) entered disabled state
[  666.296184][T10702] veth1: left allmulticast mode
[  666.296749][T10702] veth1: left promiscuous mode
[  666.297014][T10702] br1: port 2(veth1) entered disabled state
[  666.355293][T10703] vx1: left allmulticast mode
[  666.356827][T10703] vx1: left promiscuous mode
[  666.357351][T10703] br1: port 1(vx1) entered disabled state