Enabling of bearer <udp:syz1> rejected, already enabled
Enabling of bearer <udp:syz1> rejected, already enabled
Enabling of bearer <udp:syz1> rejected, already enabled
Enabling of bearer <udp:syz1> rejected, already enabled
==================================================================
BUG: KASAN: slab-out-of-bounds in atomic_read include/asm-generic/atomic-instrumented.h:21 [inline]
BUG: KASAN: slab-out-of-bounds in queued_spin_trylock include/asm-generic/qspinlock.h:69 [inline]
BUG: KASAN: slab-out-of-bounds in do_raw_spin_trylock+0x6a/0x180 kernel/locking/spinlock_debug.c:119
Read of size 4 at addr ffff88808c6f0bf4 by task ksoftirqd/1/16
CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 5.0.0-rc7+ #90
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x172/0x1f0 lib/dump_stack.c:113
print_address_description.cold+0x7c/0x20d mm/kasan/report.c:187
32-bit node address hash set to aa1414ac
kasan_report.cold+0x1b/0x40 mm/kasan/report.c:317
check_memory_region_inline mm/kasan/generic.c:185 [inline]
check_memory_region+0x123/0x190 mm/kasan/generic.c:191
kasan_check_read+0x11/0x20 mm/kasan/common.c:100
atomic_read include/asm-generic/atomic-instrumented.h:21 [inline]
queued_spin_trylock include/asm-generic/qspinlock.h:69 [inline]
do_raw_spin_trylock+0x6a/0x180 kernel/locking/spinlock_debug.c:119
Enabling of bearer <udp:syz1> rejected, already enabled
__raw_spin_trylock include/linux/spinlock_api_smp.h:89 [inline]
_raw_spin_trylock+0x1c/0x80 kernel/locking/spinlock.c:128
spin_trylock include/linux/spinlock.h:339 [inline]
icmp_xmit_lock net/ipv4/icmp.c:219 [inline]
icmp_send+0x54c/0x1400 net/ipv4/icmp.c:665
Enabling of bearer <udp:syz1> rejected, already enabled
__udp4_lib_rcv+0x1fb2/0x2c50 net/ipv4/udp.c:2323
udp_rcv+0x22/0x30 net/ipv4/udp.c:2482
ip_protocol_deliver_rcu+0x60/0x8e0 net/ipv4/ip_input.c:208
ip_local_deliver_finish+0x23b/0x390 net/ipv4/ip_input.c:234
NF_HOOK include/linux/netfilter.h:289 [inline]
NF_HOOK include/linux/netfilter.h:283 [inline]
ip_local_deliver+0x1e9/0x520 net/ipv4/ip_input.c:255
dst_input include/net/dst.h:450 [inline]
ip_rcv_finish+0x1db/0x2f0 net/ipv4/ip_input.c:414
Enabling of bearer <udp:syz1> rejected, already enabled
NF_HOOK include/linux/netfilter.h:289 [inline]
NF_HOOK include/linux/netfilter.h:283 [inline]
ip_rcv+0xe8/0x3f0 net/ipv4/ip_input.c:524
__netif_receive_skb_one_core+0x115/0x1a0 net/core/dev.c:4973
__netif_receive_skb+0x2c/0x1c0 net/core/dev.c:5083
process_backlog+0x206/0x750 net/core/dev.c:5923
Enabling of bearer <udp:syz1> rejected, already enabled
napi_poll net/core/dev.c:6346 [inline]
net_rx_action+0x4fa/0x1070 net/core/dev.c:6412
Enabling of bearer <udp:syz1> rejected, already enabled
__do_softirq+0x266/0x95a kernel/softirq.c:292
32-bit node address hash set to aa1414ac
run_ksoftirqd kernel/softirq.c:654 [inline]
run_ksoftirqd+0x8e/0x110 kernel/softirq.c:646
smpboot_thread_fn+0x6ab/0xa10 kernel/smpboot.c:164
Enabling of bearer <udp:syz1> rejected, already enabled
kthread+0x357/0x430 kernel/kthread.c:246
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352
Allocated by task 7876:
save_stack+0x45/0xd0 mm/kasan/common.c:73
set_track mm/kasan/common.c:85 [inline]
__kasan_kmalloc mm/kasan/common.c:495 [inline]
__kasan_kmalloc.constprop.0+0xcf/0xe0 mm/kasan/common.c:468
kasan_slab_alloc+0xf/0x20 mm/kasan/common.c:503
slab_post_alloc_hook mm/slab.h:440 [inline]
slab_alloc mm/slab.c:3388 [inline]
kmem_cache_alloc+0x11a/0x6f0 mm/slab.c:3548
sk_prot_alloc+0x67/0x2e0 net/core/sock.c:1587
sk_alloc+0x39/0xf70 net/core/sock.c:1647
32-bit node address hash set to aa1414ac
inet_create net/ipv4/af_inet.c:321 [inline]
inet_create+0x36a/0xe10 net/ipv4/af_inet.c:247
__sock_create+0x3e6/0x750 net/socket.c:1297
sock_create_kern+0x3b/0x50 net/socket.c:1343
inet_ctl_sock_create+0x9d/0x1f0 net/ipv4/af_inet.c:1623
icmp_sk_init+0x11c/0x4c0 net/ipv4/icmp.c:1203
ops_init+0xb6/0x410 net/core/net_namespace.c:129
Enabling of bearer <udp:syz1> rejected, already enabled
setup_net+0x2c5/0x730 net/core/net_namespace.c:314
copy_net_ns+0x1d9/0x340 net/core/net_namespace.c:437
create_new_namespaces+0x400/0x7b0 kernel/nsproxy.c:107
unshare_nsproxy_namespaces+0xc2/0x200 kernel/nsproxy.c:206
ksys_unshare+0x440/0x980 kernel/fork.c:2550
__do_sys_unshare kernel/fork.c:2618 [inline]
__se_sys_unshare kernel/fork.c:2616 [inline]
__x64_sys_unshare+0x31/0x40 kernel/fork.c:2616
Enabling of bearer <udp:syz1> rejected, already enabled
do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
Enabling of bearer <udp:syz1> rejected, already enabled
Freed by task 0:
(stack is not available)
The buggy address belongs to the object at ffff88808c6f0680
which belongs to the cache RAW of size 1328
The buggy address is located 68 bytes to the right of
1328-byte region [ffff88808c6f0680, ffff88808c6f0bb0)
The buggy address belongs to the page:
page:ffffea000231bc00 count:1 mapcount:0 mapping:ffff88821ae1d640 index:0x0 compound_mapcount: 0
flags: 0x1fffc0000010200(slab|head)
raw: 01fffc0000010200 ffffea0002485888 ffffea0002316f88 ffff88821ae1d640
raw: 0000000000000000 ffff88808c6f00c0 0000000100000005 0000000000000000
page dumped because: kasan: bad access detected
Enabling of bearer <udp:syz1> rejected, already enabled
Memory state around the buggy address:
ffff88808c6f0a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffff88808c6f0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff88808c6f0b80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc
^
ffff88808c6f0c00: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
ffff88808c6f0c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================