[   13.747507][  T266] ip (266) used greatest stack depth: 24088 bytes left
[   14.059006][  T272] ip (272) used greatest stack depth: 23568 bytes left
[   14.776727][  T279] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
[   14.947646][  T281] br0: port 1(veth1) entered blocking state
[   14.948084][  T281] br0: port 1(veth1) entered disabled state
[   14.948800][  T281] veth1: entered allmulticast mode
[   14.950757][  T281] veth1: entered promiscuous mode
[   15.043779][  T282] br0: port 2(veth2) entered blocking state
[   15.044052][  T282] br0: port 2(veth2) entered disabled state
[   15.044332][  T282] veth2: entered allmulticast mode
[   15.046664][  T282] veth2: entered promiscuous mode
[   15.134969][  T283] br0: port 3(veth3) entered blocking state
[   15.135346][  T283] br0: port 3(veth3) entered disabled state
[   15.135645][  T283] veth3: entered allmulticast mode
[   15.137828][  T283] veth3: entered promiscuous mode
[   15.886342][  T291] veth4: entered promiscuous mode
[   15.979009][  T292] br0: port 4(macvlan4) entered blocking state
[   15.979320][  T292] br0: port 4(macvlan4) entered disabled state
[   15.979607][  T292] macvlan4: entered allmulticast mode
[   15.979798][  T292] veth4: entered allmulticast mode
[   15.981653][  T292] macvlan4: entered promiscuous mode
[   16.064407][  T293] br0: entered promiscuous mode
[   16.286157][  T295] Bridge firewalling registered
[   17.667520][  T152] br0: port 1(veth1) entered blocking state
[   17.667983][  T152] br0: port 1(veth1) entered forwarding state
[   17.757556][  T268] br0: port 2(veth2) entered blocking state
[   17.757844][  T268] br0: port 2(veth2) entered forwarding state
[   17.853771][  T268] br0: port 3(veth3) entered blocking state
[   17.854048][  T268] br0: port 3(veth3) entered forwarding state
[   17.962438][  T268] br0: port 4(macvlan4) entered blocking state
[   17.962786][  T268] br0: port 4(macvlan4) entered forwarding state
[   67.029668][   T11] macvlan4: left allmulticast mode
[   67.029997][   T11] veth4: left allmulticast mode
[   67.030228][   T11] macvlan4: left promiscuous mode
[   67.030591][   T11] br0: port 4(macvlan4) entered disabled state
[   67.033665][   T11] veth3: left allmulticast mode
[   67.033880][   T11] veth3: left promiscuous mode
[   67.034311][   T11] br0: port 3(veth3) entered disabled state
[   67.036014][   T11] veth2: left allmulticast mode
[   67.036245][   T11] veth2: left promiscuous mode
[   67.036564][   T11] br0: port 2(veth2) entered disabled state
[   67.038328][   T11] veth1: left allmulticast mode
[   67.038532][   T11] veth1: left promiscuous mode
[   67.038842][   T11] br0: port 1(veth1) entered disabled state
[   67.115377][   T11] veth4: left promiscuous mode
[   67.593240][   T11] ==================================================================
[   67.593466][   T11] BUG: KASAN: slab-use-after-free in cleanup_net+0x932/0xa40
[   67.593660][   T11] Read of size 8 at addr ffff8880092c00f8 by task kworker/u16:0/11
[   67.593858][   T11] 
[   67.593924][   T11] CPU: 3 UID: 0 PID: 11 Comm: kworker/u16:0 Not tainted 6.12.0-virtme #1
[   67.594131][   T11] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   67.594292][   T11] Workqueue: netns cleanup_net
[   67.594439][   T11] Call Trace:
[   67.594548][   T11]  <TASK>
[   67.594616][   T11]  dump_stack_lvl+0x82/0xd0
[   67.594749][   T11]  print_address_description.constprop.0+0x2c/0x3b0
[   67.594910][   T11]  ? cleanup_net+0x932/0xa40
[   67.595036][   T11]  print_report+0xb4/0x270
[   67.595165][   T11]  ? kasan_addr_to_slab+0x25/0x80
[   67.595293][   T11]  kasan_report+0xbd/0xf0
[   67.595391][   T11]  ? cleanup_net+0x932/0xa40
[   67.595516][   T11]  cleanup_net+0x932/0xa40
[   67.595646][   T11]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   67.595776][   T11]  ? __pfx_cleanup_net+0x10/0x10
[   67.595911][   T11]  ? trace_lock_acquire+0x148/0x1f0
[   67.596044][   T11]  ? lock_acquire+0x32/0xc0
[   67.596169][   T11]  ? process_one_work+0xe0b/0x16d0
[   67.596301][   T11]  process_one_work+0xe55/0x16d0
[   67.596428][   T11]  ? __pfx___lock_release+0x10/0x10
[   67.596551][   T11]  ? __pfx_process_one_work+0x10/0x10
[   67.596682][   T11]  ? assign_work+0x16c/0x240
[   67.596814][   T11]  worker_thread+0x58c/0xce0
[   67.596953][   T11]  ? __pfx_worker_thread+0x10/0x10
[   67.597082][   T11]  kthread+0x28a/0x350
[   67.597182][   T11]  ? __pfx_kthread+0x10/0x10
[   67.597316][   T11]  ret_from_fork+0x31/0x70
[   67.597454][   T11]  ? __pfx_kthread+0x10/0x10
[   67.597581][   T11]  ret_from_fork_asm+0x1a/0x30
[   67.597714][   T11]  </TASK>
[   67.597811][   T11] 
[   67.597884][   T11] Allocated by task 249:
[   67.597982][   T11]  kasan_save_stack+0x24/0x50
[   67.598106][   T11]  kasan_save_track+0x14/0x30
[   67.598230][   T11]  __kasan_slab_alloc+0x59/0x70
[   67.598362][   T11]  kmem_cache_alloc_noprof+0x10b/0x350
[   67.598484][   T11]  copy_net_ns+0xc6/0x340
[   67.598581][   T11]  create_new_namespaces+0x35f/0x920
[   67.598711][   T11]  unshare_nsproxy_namespaces+0x8d/0x130
[   67.598841][   T11]  ksys_unshare+0x2a9/0x660
[   67.598965][   T11]  __x64_sys_unshare+0x31/0x40
[   67.599114][   T11]  do_syscall_64+0xc1/0x1d0
[   67.599248][   T11]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.599405][   T11] 
[   67.599467][   T11] Freed by task 11:
[   67.599563][   T11]  kasan_save_stack+0x24/0x50
[   67.599700][   T11]  kasan_save_track+0x14/0x30
[   67.599829][   T11]  kasan_save_free_info+0x3b/0x60
[   67.599954][   T11]  __kasan_slab_free+0x38/0x50
[   67.600079][   T11]  kmem_cache_free+0xf8/0x330
[   67.600199][   T11]  cleanup_net+0x5a8/0xa40
[   67.600321][   T11]  process_one_work+0xe55/0x16d0
[   67.600444][   T11]  worker_thread+0x58c/0xce0
[   67.600565][   T11]  kthread+0x28a/0x350
[   67.600658][   T11]  ret_from_fork+0x31/0x70
[   67.600777][   T11]  ret_from_fork_asm+0x1a/0x30
[   67.600900][   T11] 
[   67.600962][   T11] Last potentially related work creation:
[   67.601082][   T11]  kasan_save_stack+0x24/0x50
[   67.601207][   T11]  __kasan_record_aux_stack+0x8e/0xa0
[   67.601334][   T11]  insert_work+0x34/0x230
[   67.601427][   T11]  __queue_work+0x5fd/0xa40
[   67.601550][   T11]  queue_delayed_work_on+0x8c/0xa0
[   67.601674][   T11]  __inet_insert_ifa+0x751/0xb10
[   67.601802][   T11]  inet_rtm_newaddr+0x833/0xbd0
[   67.601925][   T11]  rtnetlink_rcv_msg+0x712/0xc10
[   67.602050][   T11]  netlink_rcv_skb+0x130/0x360
[   67.602174][   T11]  netlink_unicast+0x44b/0x710
[   67.602300][   T11]  netlink_sendmsg+0x723/0xbe0
[   67.602423][   T11]  ____sys_sendmsg+0x7ac/0xa10
[   67.602546][   T11]  ___sys_sendmsg+0xee/0x170
[   67.602671][   T11]  __sys_sendmsg+0x109/0x1a0
[   67.602796][   T11]  do_syscall_64+0xc1/0x1d0
[   67.602923][   T11]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.603079][   T11] 
[   67.603142][   T11] Second to last potentially related work creation:
[   67.603299][   T11]  kasan_save_stack+0x24/0x50
[   67.603431][   T11]  __kasan_record_aux_stack+0x8e/0xa0
[   67.603556][   T11]  insert_work+0x34/0x230
[   67.603670][   T11]  __queue_work+0x5fd/0xa40
[   67.603794][   T11]  queue_delayed_work_on+0x8c/0xa0
[   67.603917][   T11]  __inet_insert_ifa+0x751/0xb10
[   67.604040][   T11]  inet_rtm_newaddr+0x833/0xbd0
[   67.604164][   T11]  rtnetlink_rcv_msg+0x712/0xc10
[   67.604287][   T11]  netlink_rcv_skb+0x130/0x360
[   67.604413][   T11]  netlink_unicast+0x44b/0x710
[   67.604538][   T11]  netlink_sendmsg+0x723/0xbe0
[   67.604663][   T11]  ____sys_sendmsg+0x7ac/0xa10
[   67.604792][   T11]  ___sys_sendmsg+0xee/0x170
[   67.604917][   T11]  __sys_sendmsg+0x109/0x1a0
[   67.605039][   T11]  do_syscall_64+0xc1/0x1d0
[   67.605163][   T11]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.605318][   T11] 
[   67.605382][   T11] The buggy address belongs to the object at ffff8880092c0040
[   67.605382][   T11]  which belongs to the cache net_namespace of size 6592
[   67.605705][   T11] The buggy address is located 184 bytes inside of
[   67.605705][   T11]  freed 6592-byte region [ffff8880092c0040, ffff8880092c1a00)
[   67.606003][   T11] 
[   67.606068][   T11] The buggy address belongs to the physical page:
[   67.606217][   T11] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x92c0
[   67.606437][   T11] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   67.606623][   T11] flags: 0x80000000000040(head|node=0|zone=1)
[   67.606782][   T11] page_type: f5(slab)
[   67.606883][   T11] raw: 0080000000000040 ffff888001963240 ffff8880019680a8 ffff8880019680a8
[   67.607106][   T11] raw: 0000000000000000 0000000000040004 00000001f5000000 0000000000000000
[   67.607331][   T11] head: 0080000000000040 ffff888001963240 ffff8880019680a8 ffff8880019680a8
[   67.607553][   T11] head: 0000000000000000 0000000000040004 00000001f5000000 0000000000000000
[   67.607773][   T11] head: 0080000000000003 ffffea000024b001 ffffffffffffffff 0000000000000000
[   67.607996][   T11] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[   67.608219][   T11] page dumped because: kasan: bad access detected
[   67.608373][   T11] 
[   67.608437][   T11] Memory state around the buggy address:
[   67.608559][   T11]  ffff8880092bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   67.608739][   T11]  ffff8880092c0000: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   67.608915][   T11] >ffff8880092c0080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   67.609103][   T11]                                                                 ^
[   67.609307][   T11]  ffff8880092c0100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   67.609487][   T11]  ffff8880092c0180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   67.609676][   T11] ==================================================================
[   67.609886][   T11] Disabling lock debugging due to kernel taint