make -C tools/testing/selftests TARGETS=net TEST_PROGS=test_vxlan_nolocalbbypass.sh TEST_GEN_PROGS="" run_tests make: Entering directory '/home/virtme/testing-3/tools/testing/selftests' make[1]: Entering directory '/home/virtme/testing-3/tools/testing/selftests/net' make[1]: Nothing to be done for 'all'. make[1]: Leaving directory '/home/virtme/testing-3/tools/testing/selftests/net' make[1]: Entering directory '/home/virtme/testing-3/tools/testing/selftests/net' TAP version 13 1..1 # timeout set to 6000 # selftests: net: test_vxlan_nolocalbypass.sh [ 78.859110][ T650] GACT probability NOT on # TEST: localbypass enabled [ OK ] # TEST: Packet received by local VXLAN device - localbypass [ OK ] # TEST: localbypass disabled [ OK ] # TEST: Packet not received by local VXLAN device - nolocalbypass [ OK ] # TEST: localbypass enabled [ OK ] # TEST: Packet received by local VXLAN device - localbypass [ OK ] [ 82.694981][ T11] ================================================================== [ 82.695463][ T11] BUG: KASAN: slab-use-after-free in __mutex_lock+0x922/0xb10 [ 82.695876][ T11] Read of size 8 at addr ffff888006a36868 by task kworker/u8:0/11 [ 82.696315][ T11] [ 82.696439][ T11] CPU: 3 PID: 11 Comm: kworker/u8:0 Not tainted 6.8.0-rc2-virtme #1 [ 82.696858][ T11] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 82.697481][ T11] Workqueue: netns cleanup_net [ 82.697729][ T11] Call Trace: [ 82.697904][ T11] [ 82.698061][ T11] dump_stack_lvl+0x64/0xb0 [ 82.698303][ T11] print_address_description.constprop.0+0x2c/0x3b0 [ 82.698641][ T11] ? __mutex_lock+0x922/0xb10 [ 82.698884][ T11] print_report+0xb5/0x270 [ 82.699123][ T11] ? kasan_addr_to_slab+0x4e/0x90 [ 82.699381][ T11] kasan_report+0xbe/0xf0 [ 82.699602][ T11] ? __mutex_lock+0x922/0xb10 [ 82.699846][ T11] __mutex_lock+0x922/0xb10 [ 82.700087][ T11] ? __lock_release+0x40f/0x880 [ 82.700339][ T11] ? __pfx___lock_release+0x10/0x10 [ 82.700606][ T11] ? refcount_dec_and_mutex_lock+0x35/0x90 [ 82.700931][ T11] ? __pfx___mutex_lock+0x10/0x10 [ 82.701196][ T11] ? __pfx___up_read+0x10/0x10 [ 82.701485][ T11] ? refcount_dec_not_one+0x6b/0x180 [ 82.701764][ T11] ? tc_setup_cb_destroy+0x22b/0x300 [ 82.702049][ T11] ? __pfx_refcount_dec_not_one+0x10/0x10 [ 82.702356][ T11] ? refcount_dec_and_mutex_lock+0x35/0x90 [ 82.702671][ T11] refcount_dec_and_mutex_lock+0x35/0x90 [ 82.702989][ T11] __tcf_action_put+0x3d/0xf0 [ 82.703240][ T11] tcf_action_destroy+0x43/0x130 [ 82.703494][ T11] tcf_exts_destroy+0x3c/0xb0 [ 82.703733][ T11] __fl_destroy_filter+0x54/0x120 [cls_flower] [ 82.704084][ T11] __fl_put+0x21a/0x290 [cls_flower] [ 82.704388][ T11] ? __pfx___fl_put+0x10/0x10 [cls_flower] [ 82.704700][ T11] ? __fl_delete+0x33f/0x750 [cls_flower] [ 82.705008][ T11] __fl_delete+0x4e4/0x750 [cls_flower] [ 82.705304][ T11] ? __pfx___fl_delete+0x10/0x10 [cls_flower] [ 82.705626][ T11] ? __lock_release+0x40f/0x880 [ 82.705875][ T11] ? __mutex_lock+0x26e/0xb10 [ 82.706129][ T11] fl_destroy+0x1ae/0x300 [cls_flower] [ 82.706415][ T11] ? __pfx_fl_destroy+0x10/0x10 [cls_flower] [ 82.706724][ T11] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 82.707035][ T11] tcf_proto_destroy+0x6e/0x2e0 [ 82.707293][ T11] tcf_chain_flush+0x1e0/0x320 [ 82.707539][ T11] __tcf_block_put+0x113/0x270 [ 82.707787][ T11] clsact_destroy+0x1ee/0x800 [sch_ingress] [ 82.708098][ T11] __qdisc_destroy+0xee/0x340 [ 82.708343][ T11] dev_shutdown+0x129/0x350 [ 82.708576][ T11] unregister_netdevice_many_notify+0x4fe/0x1180 [ 82.708901][ T11] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 82.709250][ T11] ? __pfx_tc_action_net_exit_batch_rtnl+0x10/0x10 [ 82.709579][ T11] ? mutex_is_locked+0x17/0x50 [ 82.709824][ T11] ? nexthop_net_exit_batch_rtnl+0x83/0x210 [ 82.710141][ T11] cleanup_net+0x4cf/0xb60 [ 82.710369][ T11] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 82.710659][ T11] ? __pfx_cleanup_net+0x10/0x10 [ 82.710921][ T11] ? lock_acquire+0x1c1/0x220 [ 82.711183][ T11] ? process_one_work+0x714/0x1310 [ 82.711456][ T11] process_one_work+0x78c/0x1310 [ 82.711740][ T11] ? hlock_class+0x4e/0x130 [ 82.711974][ T11] ? __pfx_process_one_work+0x10/0x10 [ 82.712276][ T11] ? assign_work+0x16c/0x240 [ 82.712521][ T11] worker_thread+0x73d/0x1010 [ 82.712772][ T11] ? __pfx_worker_thread+0x10/0x10 [ 82.713047][ T11] kthread+0x28f/0x360 [ 82.713282][ T11] ? __pfx_kthread+0x10/0x10 [ 82.713526][ T11] ret_from_fork+0x31/0x70 [ 82.713771][ T11] ? __pfx_kthread+0x10/0x10 [ 82.714006][ T11] ret_from_fork_asm+0x1b/0x30 [ 82.714276][ T11] [ 82.714452][ T11] [ 82.714574][ T11] Allocated by task 650: [ 82.714815][ T11] kasan_save_stack+0x24/0x50 [ 82.715066][ T11] kasan_save_track+0x14/0x30 [ 82.715331][ T11] __kasan_kmalloc+0x7f/0x90 [ 82.715572][ T11] tc_action_net_init+0x4d/0x250 [ 82.715833][ T11] ops_init+0x9b/0x560 [ 82.716065][ T11] register_pernet_operations+0x2db/0x710 [ 82.716377][ T11] register_pernet_subsys+0x29/0x50 [ 82.716641][ T11] tcf_register_action+0xa3/0x600 [ 82.716917][ T11] do_one_initcall+0xc8/0x3f0 [ 82.717168][ T11] do_init_module+0x233/0x740 [ 82.717409][ T11] load_module+0x16b5/0x2350 [ 82.717663][ T11] init_module_from_file+0xd2/0x130 [ 82.717954][ T11] idempotent_init_module+0x33a/0x610 [ 82.718237][ T11] __x64_sys_finit_module+0xbe/0x130 [ 82.718513][ T11] do_syscall_64+0xc9/0x1e0 [ 82.718758][ T11] entry_SYSCALL_64_after_hwframe+0x6f/0x77 [ 82.719075][ T11] [ 82.719205][ T11] Freed by task 11: [ 82.719408][ T11] kasan_save_stack+0x24/0x50 [ 82.719663][ T11] kasan_save_track+0x14/0x30 [ 82.719907][ T11] kasan_save_free_info+0x3f/0x60 [ 82.720191][ T11] __kasan_slab_free+0xfc/0x1c0 [ 82.720438][ T11] kfree+0xf2/0x2d0 [ 82.720641][ T11] tc_action_net_exit_batch_rtnl+0x292/0x4e0 [ 82.720967][ T11] cleanup_net+0x496/0xb60 [ 82.721209][ T11] process_one_work+0x78c/0x1310 [ 82.721486][ T11] worker_thread+0x73d/0x1010 [ 82.721739][ T11] kthread+0x28f/0x360 [ 82.721952][ T11] ret_from_fork+0x31/0x70 [ 82.722197][ T11] ret_from_fork_asm+0x1b/0x30 [ 82.722442][ T11] [ 82.722579][ T11] The buggy address belongs to the object at ffff888006a36800 [ 82.722579][ T11] which belongs to the cache kmalloc-512 of size 512 [ 82.723322][ T11] The buggy address is located 104 bytes inside of [ 82.723322][ T11] freed 512-byte region [ffff888006a36800, ffff888006a36a00) [ 82.724058][ T11] [ 82.724183][ T11] The buggy address belongs to the physical page: [ 82.724504][ T11] page:ffffea00001a8c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6a30 [ 82.725038][ T11] head:ffffea00001a8c00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 82.725528][ T11] flags: 0x80000000000840(slab|head|node=0|zone=1) [ 82.725873][ T11] page_type: 0xffffffff() [ 82.726136][ T11] raw: 0080000000000840 ffff8880010431c0 ffffea000019b610 ffffea000016a210 [ 82.726589][ T11] raw: 0000000000000000 0000000000150015 00000001ffffffff 0000000000000000 [ 82.727025][ T11] page dumped because: kasan: bad access detected [ 82.727376][ T11] [ 82.727506][ T11] Memory state around the buggy address: [ 82.727807][ T11] ffff888006a36700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 82.728236][ T11] ffff888006a36780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 82.728638][ T11] >ffff888006a36800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 82.729041][ T11] ^ [ 82.729419][ T11] ffff888006a36880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 82.729824][ T11] ffff888006a36900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 82.730240][ T11] ================================================================== [ 82.730791][ T11] Disabling lock debugging due to kernel taint # # Tests passed: 6 # Tests failed: 0 ok 1 selftests: net: test_vxlan_nolocalbypass.sh make[1]: Leaving directory '/home/virtme/testing-3/tools/testing/selftests/net' make: Leaving directory '/home/virtme/testing-3/tools/testing/selftests' xx__-> echo $? 0 xx__->