====================================== | xx__-> [ 5567.773889][ T6942] ================================================================== | [ 5567.774235][ T6942] BUG: KASAN: slab-use-after-free in unix_vertex_dead (net/unix/garbage.c:119 net/unix/garbage.c:323) | [ 5567.774496][ T6942] Read of size 8 at addr ffff888004e306d0 by task kworker/u18:3/6942 | [ 5567.774820][ T6942] [ 5567.774913][ T6942] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 5567.774917][ T6942] Workqueue: events_unbound __unix_gc [ 5567.774924][ T6942] Call Trace: [ 5567.774928][ T6942] [ 5567.774930][ T6942] dump_stack_lvl (lib/dump_stack.c:123) [ 5567.774948][ T6942] print_address_description.constprop.0 (mm/kasan/report.c:409) [ 5567.774966][ T6942] ? unix_vertex_dead (net/unix/garbage.c:119 net/unix/garbage.c:323) [ 5567.774970][ T6942] print_report (mm/kasan/report.c:522) [ 5567.774973][ T6942] ? unix_vertex_dead (net/unix/garbage.c:119 net/unix/garbage.c:323) [ 5567.774977][ T6942] ? kasan_addr_to_slab (./include/linux/mm.h:1178 mm/kasan/../slab.h:211 mm/kasan/common.c:38) [ 5567.774980][ T6942] ? unix_vertex_dead (net/unix/garbage.c:119 net/unix/garbage.c:323) [ 5567.774983][ T6942] kasan_report (mm/kasan/report.c:636) [ 5567.774987][ T6942] ? unix_vertex_dead (net/unix/garbage.c:119 net/unix/garbage.c:323) [ 5567.774993][ T6942] unix_vertex_dead (net/unix/garbage.c:119 net/unix/garbage.c:323) [ 5567.774998][ T6942] unix_walk_scc_fast (net/unix/garbage.c:543) [ 5567.775002][ T6942] ? do_raw_spin_lock (./arch/x86/include/asm/atomic.h:107 ./include/linux/atomic/atomic-arch-fallback.h:2170 ./include/linux/atomic/atomic-instrumented.h:1302 ./include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) [ 5567.775015][ T6942] ? __pfx_unix_walk_scc_fast (net/unix/garbage.c:528) [ 5567.775018][ T6942] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) [ 5567.775022][ T6942] ? lock_acquire (./include/trace/events/lock.h:24 kernel/locking/lockdep.c:5834) [ 5567.775025][ T6942] ? __unix_gc (net/unix/garbage.c:566) [ 5567.775030][ T6942] __unix_gc (./include/linux/spinlock.h:391 net/unix/garbage.c:578) [ 5567.775034][ T6942] ? __pfx___unix_gc (net/unix/garbage.c:560) [ 5567.775041][ T6942] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) [ 5567.775052][ T6942] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) [ 5567.775056][ T6942] process_one_work (kernel/workqueue.c:3243) [ 5567.775072][ T6942] ? __pfx_process_one_work (kernel/workqueue.c:3140) [ 5567.775078][ T6942] ? assign_work (kernel/workqueue.c:1200) [ 5567.775085][ T6942] worker_thread (kernel/workqueue.c:3315 kernel/workqueue.c:3402) [ 5567.775092][ T6942] ? __pfx_worker_thread (kernel/workqueue.c:3348) [ 5567.775096][ T6942] kthread (kernel/kthread.c:464) [ 5567.775101][ T6942] ? __pfx_kthread (kernel/kthread.c:413) [ 5567.775103][ T6942] ? ret_from_fork (arch/x86/kernel/process.c:147) [ 5567.775114][ T6942] ? __lock_release (kernel/locking/lockdep.c:5539) [ 5567.775118][ T6942] ? rcu_is_watching (./include/linux/context_tracking.h:128 kernel/rcu/tree.c:745) [ 5567.775121][ T6942] ? __pfx_kthread (kernel/kthread.c:413) [ 5567.775125][ T6942] ret_from_fork (arch/x86/kernel/process.c:148) [ 5567.775128][ T6942] ? __pfx_kthread (kernel/kthread.c:413) Finger prints: print_report:kasan_report:unix_vertex_dead:unix_walk_scc_fast:__unix_gc