[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <c389e47f-8f82-fd62-8c1d-d9481d2f71ff@I-love.SAKURA.ne.jp>
Date: Sat, 9 Apr 2022 17:19:30 +0900
From: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
To: bpf@...r.kernel.org
Cc: syzbot <syzbot+694120e1002c117747ed@...kaller.appspotmail.com>,
andrii@...nel.org, andriin@...com, ast@...nel.org,
daniel@...earbox.net, davem@...emloft.net, dsahern@...nel.org,
edumazet@...gle.com, john.fastabend@...il.com, kafai@...com,
kpsingh@...nel.org, kuba@...nel.org, kuznet@....inr.ac.ru,
netdev@...r.kernel.org, songliubraving@...com,
syzkaller-bugs@...glegroups.com, tpa@...hospital.com, yhs@...com,
yoshfuji@...ux-ipv6.org
Subject: Re: [syzbot] KASAN: use-after-free Read in tcp_retransmit_timer (5)
Hello, bpf developers.
syzbot is reporting use-after-free increment at __NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPTIMEOUTS).
------------------------------------------------------------
[ 702.730585][ C1] ==================================================================
[ 702.743543][ C1] BUG: KASAN: use-after-free in tcp_retransmit_timer+0x6c0/0x1ba0
[ 702.754301][ C1] Read of size 8 at addr ffff88801eed82b8 by task swapper/1/0
[ 702.765301][ C1]
[ 702.768527][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.17.0 #710
[ 702.778323][ C1] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 702.790444][ C1] Call Trace:
[ 702.794903][ C1] <IRQ>
[ 702.798753][ C1] dump_stack_lvl+0xcd/0x134
[ 702.804962][ C1] print_address_description.constprop.0.cold+0x93/0x35d
[ 702.809861][ C1] ? tcp_retransmit_timer+0x6c0/0x1ba0
[ 702.813344][ C1] ? tcp_retransmit_timer+0x6c0/0x1ba0
[ 702.817099][ C1] kasan_report.cold+0x83/0xdf
[ 702.820010][ C1] ? tcp_retransmit_timer+0x6c0/0x1ba0
[ 702.823666][ C1] tcp_retransmit_timer+0x6c0/0x1ba0
[ 702.827159][ C1] ? tcp_mstamp_refresh+0xf/0x60
[ 702.830448][ C1] ? tcp_delack_timer+0x290/0x290
[ 702.833410][ C1] ? mark_held_locks+0x65/0x90
[ 702.836790][ C1] ? ktime_get+0x365/0x420
[ 702.839893][ C1] ? lockdep_hardirqs_on+0x79/0x100
[ 702.843144][ C1] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 702.846621][ C1] ? ktime_get+0x2e6/0x420
[ 702.849334][ C1] tcp_write_timer_handler+0x32f/0x5f0
[ 702.852597][ C1] tcp_write_timer+0x86/0x250
[ 702.855736][ C1] ? tcp_write_timer_handler+0x5f0/0x5f0
[ 702.859211][ C1] call_timer_fn+0x15d/0x5f0
[ 702.862327][ C1] ? enqueue_timer+0x3b0/0x3b0
[ 702.865295][ C1] ? lock_downgrade+0x3b0/0x3b0
[ 702.868462][ C1] ? mark_held_locks+0x24/0x90
[ 702.871511][ C1] ? tcp_write_timer_handler+0x5f0/0x5f0
[ 702.875369][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 702.878610][ C1] ? tcp_write_timer_handler+0x5f0/0x5f0
[ 702.882085][ C1] ? tcp_write_timer_handler+0x5f0/0x5f0
[ 702.885866][ C1] run_timer_softirq+0xbdb/0xee0
[ 702.889127][ C1] ? call_timer_fn+0x5f0/0x5f0
[ 702.892021][ C1] ? rcu_read_lock_sched_held+0x9c/0xd0
[ 702.895881][ C1] ? rcu_read_lock_bh_held+0xb0/0xb0
[ 702.899151][ C1] __do_softirq+0x117/0x692
[ 702.901960][ C1] irq_exit_rcu+0xdb/0x110
[ 702.904885][ C1] sysvec_apic_timer_interrupt+0x93/0xc0
[ 702.908837][ C1] </IRQ>
[ 702.910666][ C1] <TASK>
[ 702.965995][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 703.023333][ C1] RIP: 0010:default_idle+0xb/0x10
[ 703.076496][ C1] Code: 04 25 28 00 00 00 75 0f 48 83 c4 60 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 f3 08 fe ff cc cc cc eb 07 0f 00 2d a7 45 50 00 fb f4 <c3> 0f 1f 40 00 41 54 be 08 00 00 00 53 65 48 8b 1c 25 00 70 02 00
[ 703.208123][ C1] RSP: 0018:ffffc90000757de0 EFLAGS: 00000202
[ 703.276495][ C1] RAX: 000000000008c3e3 RBX: 0000000000000001 RCX: ffffffff86145f10
[ 703.344388][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 703.411773][ C1] RBP: 0000000000000001 R08: 0000000000000001 R09: ffffed102338758b
[ 703.477687][ C1] R10: ffff888119c3ac53 R11: ffffed102338758a R12: 0000000000000001
[ 703.537679][ C1] R13: ffffffff8a539e50 R14: 0000000000000000 R15: ffff8881003e0000
[ 703.603213][ C1] ? rcu_eqs_enter.constprop.0+0xb0/0x100
[ 703.667293][ C1] default_idle_call+0xb1/0x330
[ 703.728393][ C1] do_idle+0x37f/0x430
[ 703.789414][ C1] ? mark_held_locks+0x24/0x90
[ 703.852441][ C1] ? arch_cpu_idle_exit+0x30/0x30
[ 703.915057][ C1] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 703.971934][ C1] ? lockdep_hardirqs_on+0x79/0x100
[ 704.033376][ C1] ? preempt_count_sub+0xf/0xb0
[ 704.095999][ C1] cpu_startup_entry+0x14/0x20
[ 704.153464][ C1] start_secondary+0x1b7/0x220
[ 704.216128][ C1] ? set_cpu_sibling_map+0x1010/0x1010
[ 704.292706][ C1] secondary_startup_64_no_verify+0xc3/0xcb
[ 704.357456][ C1] </TASK>
[ 704.420920][ C1]
[ 704.483318][ C1] Allocated by task 4577:
[ 704.546652][ C1] kasan_save_stack+0x1e/0x40
[ 704.610435][ C1] __kasan_slab_alloc+0x90/0xc0
[ 704.671983][ C1] kmem_cache_alloc+0x1d7/0x760
[ 704.734249][ C1] copy_net_ns+0xaf/0x4a0
[ 704.795405][ C1] create_new_namespaces.isra.0+0x254/0x660
[ 704.858394][ C1] unshare_nsproxy_namespaces+0xb2/0x160
[ 704.920500][ C1] ksys_unshare+0x372/0x780
[ 704.983267][ C1] __x64_sys_unshare+0x1b/0x20
[ 705.046194][ C1] do_syscall_64+0x35/0xb0
[ 705.107899][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 705.169680][ C1]
[ 705.231276][ C1] Freed by task 8:
[ 705.294349][ C1] kasan_save_stack+0x1e/0x40
[ 705.359217][ C1] kasan_set_track+0x21/0x30
[ 705.422445][ C1] kasan_set_free_info+0x20/0x30
[ 705.481590][ C1] __kasan_slab_free+0x11a/0x160
[ 705.544098][ C1] kmem_cache_free+0xe6/0x6a0
[ 705.605324][ C1] net_free+0x89/0xb0
[ 705.666356][ C1] cleanup_net+0x64a/0x730
[ 705.728952][ C1] process_one_work+0x65c/0xda0
[ 705.792462][ C1] worker_thread+0x7f/0x760
[ 705.858871][ C1] kthread+0x1c6/0x210
[ 705.920770][ C1] ret_from_fork+0x1f/0x30
[ 705.978623][ C1]
[ 706.038487][ C1] The buggy address belongs to the object at ffff88801eed8000
[ 706.038487][ C1] which belongs to the cache net_namespace of size 6528
[ 706.161551][ C1] The buggy address is located 696 bytes inside of
[ 706.161551][ C1] 6528-byte region [ffff88801eed8000, ffff88801eed9980)
[ 706.272381][ C1] The buggy address belongs to the page:
[ 706.334149][ C1] page:ffffea00007bb600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eed8
[ 706.400096][ C1] head:ffffea00007bb600 order:3 compound_mapcount:0 compound_pincount:0
[ 706.460895][ C1] memcg:ffff88801921b441
[ 706.519144][ C1] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 706.585321][ C1] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888100024500
[ 706.652434][ C1] raw: 0000000000000000 0000000080040004 00000001ffffffff ffff88801921b441
[ 706.717358][ C1] page dumped because: kasan: bad access detected
[ 706.783699][ C1] page_owner tracks the page as allocated
[ 706.844889][ C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4577, ts 538093730950, free_ts 446175252650
[ 706.984997][ C1] prep_new_page+0x134/0x170
[ 707.056009][ C1] get_page_from_freelist+0x16c7/0x2510
[ 707.130614][ C1] __alloc_pages+0x29a/0x580
[ 707.204976][ C1] alloc_pages+0xda/0x1a0
[ 707.278364][ C1] new_slab+0x29e/0x3a0
[ 707.350591][ C1] ___slab_alloc+0xb66/0xf60
[ 707.416827][ C1] __slab_alloc.isra.0+0x4d/0xa0
[ 707.487734][ C1] kmem_cache_alloc+0x635/0x760
[ 707.560973][ C1] copy_net_ns+0xaf/0x4a0
[ 707.631583][ C1] create_new_namespaces.isra.0+0x254/0x660
[ 707.704556][ C1] unshare_nsproxy_namespaces+0xb2/0x160
[ 707.778185][ C1] ksys_unshare+0x372/0x780
[ 707.853990][ C1] __x64_sys_unshare+0x1b/0x20
[ 707.927571][ C1] do_syscall_64+0x35/0xb0
[ 707.999337][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 708.073634][ C1] page last free stack trace:
[ 708.145935][ C1] free_pcp_prepare+0x325/0x650
[ 708.219254][ C1] free_unref_page+0x19/0x360
[ 708.290288][ C1] __unfreeze_partials+0x320/0x340
[ 708.359731][ C1] qlist_free_all+0x6d/0x160
[ 708.431552][ C1] kasan_quarantine_reduce+0x13d/0x180
[ 708.505070][ C1] __kasan_slab_alloc+0xa2/0xc0
[ 708.577128][ C1] kmem_cache_alloc+0x1d7/0x760
[ 708.649556][ C1] vm_area_alloc+0x1c/0xa0
[ 708.725996][ C1] mmap_region+0x64f/0xc40
[ 708.786537][ C1] do_mmap+0x66b/0xa40
[ 708.861188][ C1] vm_mmap_pgoff+0x1aa/0x270
[ 708.921977][ C1] ksys_mmap_pgoff+0x357/0x410
[ 708.998067][ C1] do_syscall_64+0x35/0xb0
[ 709.072158][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 709.142294][ C1]
[ 709.210670][ C1] Memory state around the buggy address:
[ 709.286139][ C1] ffff88801eed8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 709.363031][ C1] ffff88801eed8200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 709.429425][ C1] >ffff88801eed8280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 709.496217][ C1] ^
[ 709.560374][ C1] ffff88801eed8300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 709.634175][ C1] ffff88801eed8380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 709.701217][ C1] ==================================================================
[ 709.767019][ C1] Disabling lock debugging due to kernel taint
[ 709.831133][ C1] Kernel panic - not syncing: panic_on_warn set ...
[ 709.890180][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B 5.17.0 #710
[ 709.958293][ C1] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 710.031328][ C1] Call Trace:
[ 710.096636][ C1] <IRQ>
[ 710.165649][ C1] dump_stack_lvl+0xcd/0x134
[ 710.232724][ C1] panic+0x263/0x5fa
[ 710.300396][ C1] ? __warn_printk+0xf3/0xf3
[ 710.362683][ C1] ? tcp_retransmit_timer+0x6c0/0x1ba0
[ 710.425386][ C1] ? preempt_count_sub+0xf/0xb0
[ 710.487806][ C1] ? tcp_retransmit_timer+0x6c0/0x1ba0
[ 710.550567][ C1] ? tcp_retransmit_timer+0x6c0/0x1ba0
[ 710.612008][ C1] end_report.cold+0x63/0x6f
[ 710.671465][ C1] kasan_report.cold+0x71/0xdf
[ 710.731242][ C1] ? tcp_retransmit_timer+0x6c0/0x1ba0
[ 710.792468][ C1] tcp_retransmit_timer+0x6c0/0x1ba0
[ 710.850296][ C1] ? tcp_mstamp_refresh+0xf/0x60
[ 710.911655][ C1] ? tcp_delack_timer+0x290/0x290
[ 710.972588][ C1] ? mark_held_locks+0x65/0x90
[ 711.033775][ C1] ? ktime_get+0x365/0x420
[ 711.091494][ C1] ? lockdep_hardirqs_on+0x79/0x100
[ 711.153223][ C1] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 711.210432][ C1] ? ktime_get+0x2e6/0x420
[ 711.269857][ C1] tcp_write_timer_handler+0x32f/0x5f0
[ 711.331006][ C1] tcp_write_timer+0x86/0x250
[ 711.391916][ C1] ? tcp_write_timer_handler+0x5f0/0x5f0
[ 711.452155][ C1] call_timer_fn+0x15d/0x5f0
[ 711.517305][ C1] ? enqueue_timer+0x3b0/0x3b0
[ 711.580906][ C1] ? lock_downgrade+0x3b0/0x3b0
[ 711.642255][ C1] ? mark_held_locks+0x24/0x90
[ 711.703500][ C1] ? tcp_write_timer_handler+0x5f0/0x5f0
[ 711.766484][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 711.828625][ C1] ? tcp_write_timer_handler+0x5f0/0x5f0
[ 711.889862][ C1] ? tcp_write_timer_handler+0x5f0/0x5f0
[ 711.952756][ C1] run_timer_softirq+0xbdb/0xee0
[ 712.014027][ C1] ? call_timer_fn+0x5f0/0x5f0
[ 712.063350][ C1] ? rcu_read_lock_sched_held+0x9c/0xd0
[ 712.125673][ C1] ? rcu_read_lock_bh_held+0xb0/0xb0
[ 712.183626][ C1] __do_softirq+0x117/0x692
[ 712.245067][ C1] irq_exit_rcu+0xdb/0x110
[ 712.294611][ C1] sysvec_apic_timer_interrupt+0x93/0xc0
[ 712.363854][ C1] </IRQ>
[ 712.426802][ C1] <TASK>
[ 712.482854][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 712.542428][ C1] RIP: 0010:default_idle+0xb/0x10
[ 712.577029][ C1] Code: 04 25 28 00 00 00 75 0f 48 83 c4 60 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 f3 08 fe ff cc cc cc eb 07 0f 00 2d a7 45 50 00 fb f4 <c3> 0f 1f 40 00 41 54 be 08 00 00 00 53 65 48 8b 1c 25 00 70 02 00
[ 712.703886][ C1] RSP: 0018:ffffc90000757de0 EFLAGS: 00000202
[ 712.763854][ C1] RAX: 000000000008c3e3 RBX: 0000000000000001 RCX: ffffffff86145f10
[ 712.829677][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 712.893652][ C1] RBP: 0000000000000001 R08: 0000000000000001 R09: ffffed102338758b
[ 712.956344][ C1] R10: ffff888119c3ac53 R11: ffffed102338758a R12: 0000000000000001
[ 713.020195][ C1] R13: ffffffff8a539e50 R14: 0000000000000000 R15: ffff8881003e0000
[ 713.083426][ C1] ? rcu_eqs_enter.constprop.0+0xb0/0x100
[ 713.144632][ C1] default_idle_call+0xb1/0x330
[ 713.207385][ C1] do_idle+0x37f/0x430
[ 713.269538][ C1] ? mark_held_locks+0x24/0x90
[ 713.332700][ C1] ? arch_cpu_idle_exit+0x30/0x30
[ 713.396223][ C1] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 713.460909][ C1] ? lockdep_hardirqs_on+0x79/0x100
[ 713.527012][ C1] ? preempt_count_sub+0xf/0xb0
[ 713.594736][ C1] cpu_startup_entry+0x14/0x20
[ 713.662751][ C1] start_secondary+0x1b7/0x220
[ 713.718784][ C1] ? set_cpu_sibling_map+0x1010/0x1010
[ 713.785338][ C1] secondary_startup_64_no_verify+0xc3/0xcb
[ 713.851417][ C1] </TASK>
[ 713.916633][ C1] Kernel Offset: disabled
[ 713.981646][ C1] Rebooting in 10 seconds..
------------------------------------------------------------
I managed to convert https://syzkaller.appspot.com/text?tag=ReproC&x=14fcccedb00000
into a single threaded simple reproducer shown below.
------------------------------------------------------------
// https://syzkaller.appspot.com/bug?id=8f0e04b2beffcd42f044d46879cc224f6eb71a99
// autogenerated by syzkaller (https://github.com/google/syzkaller)
#define _GNU_SOURCE
#include <arpa/inet.h>
#include <endian.h>
#include <errno.h>
#include <fcntl.h>
#include <net/if.h>
#include <pthread.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>
#include <linux/bpf.h>
#include <linux/if_ether.h>
#include <linux/netlink.h>
#include <linux/rtnetlink.h>
#ifndef MSG_PROBE
#define MSG_PROBE 0x10
#endif
struct nlmsg {
char* pos;
int nesting;
struct nlattr* nested[8];
char buf[4096];
};
static void netlink_init(struct nlmsg* nlmsg, int typ, int flags,
const void* data, int size)
{
memset(nlmsg, 0, sizeof(*nlmsg));
struct nlmsghdr* hdr = (struct nlmsghdr*)nlmsg->buf;
hdr->nlmsg_type = typ;
hdr->nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK | flags;
memcpy(hdr + 1, data, size);
nlmsg->pos = (char*)(hdr + 1) + NLMSG_ALIGN(size);
}
static void netlink_attr(struct nlmsg* nlmsg, int typ, const void* data,
int size)
{
struct nlattr* attr = (struct nlattr*)nlmsg->pos;
attr->nla_len = sizeof(*attr) + size;
attr->nla_type = typ;
if (size > 0)
memcpy(attr + 1, data, size);
nlmsg->pos += NLMSG_ALIGN(attr->nla_len);
}
static int netlink_send_ext(struct nlmsg* nlmsg, int sock, uint16_t reply_type,
int* reply_len, bool dofail)
{
if (nlmsg->pos > nlmsg->buf + sizeof(nlmsg->buf) || nlmsg->nesting)
exit(1);
struct nlmsghdr* hdr = (struct nlmsghdr*)nlmsg->buf;
hdr->nlmsg_len = nlmsg->pos - nlmsg->buf;
struct sockaddr_nl addr;
memset(&addr, 0, sizeof(addr));
addr.nl_family = AF_NETLINK;
ssize_t n = sendto(sock, nlmsg->buf, hdr->nlmsg_len, 0,
(struct sockaddr*)&addr, sizeof(addr));
if (n != (ssize_t)hdr->nlmsg_len) {
if (dofail)
exit(1);
return -1;
}
n = recv(sock, nlmsg->buf, sizeof(nlmsg->buf), 0);
if (reply_len)
*reply_len = 0;
if (n < 0) {
if (dofail)
exit(1);
return -1;
}
if (n < (ssize_t)sizeof(struct nlmsghdr)) {
errno = EINVAL;
if (dofail)
exit(1);
return -1;
}
if (hdr->nlmsg_type == NLMSG_DONE)
return 0;
if (reply_len && hdr->nlmsg_type == reply_type) {
*reply_len = n;
return 0;
}
if (n < (ssize_t)(sizeof(struct nlmsghdr) + sizeof(struct nlmsgerr))) {
errno = EINVAL;
if (dofail)
exit(1);
return -1;
}
if (hdr->nlmsg_type != NLMSG_ERROR) {
errno = EINVAL;
if (dofail)
exit(1);
return -1;
}
errno = -((struct nlmsgerr*)(hdr + 1))->error;
return -errno;
}
static int netlink_send(struct nlmsg* nlmsg, int sock)
{
return netlink_send_ext(nlmsg, sock, 0, NULL, true);
}
static void netlink_device_change(int sock, const char* name, const void* mac, int macsize)
{
struct nlmsg nlmsg;
struct ifinfomsg hdr;
memset(&hdr, 0, sizeof(hdr));
hdr.ifi_flags = hdr.ifi_change = IFF_UP;
hdr.ifi_index = if_nametoindex(name);
netlink_init(&nlmsg, RTM_NEWLINK, 0, &hdr, sizeof(hdr));
netlink_attr(&nlmsg, IFLA_ADDRESS, mac, macsize);
netlink_send(&nlmsg, sock);
}
static void netlink_add_addr(int sock, const char* dev, const void* addr, int addrsize)
{
struct nlmsg nlmsg;
struct ifaddrmsg hdr;
memset(&hdr, 0, sizeof(hdr));
hdr.ifa_family = addrsize == 4 ? AF_INET : AF_INET6;
hdr.ifa_prefixlen = addrsize == 4 ? 24 : 120;
hdr.ifa_scope = RT_SCOPE_UNIVERSE;
hdr.ifa_index = if_nametoindex(dev);
netlink_init(&nlmsg, RTM_NEWADDR, NLM_F_CREATE | NLM_F_REPLACE, &hdr,
sizeof(hdr));
netlink_attr(&nlmsg, IFA_LOCAL, addr, addrsize);
netlink_attr(&nlmsg, IFA_ADDRESS, addr, addrsize);
netlink_send(&nlmsg, sock);
}
static void netlink_add_addr4(int sock, const char* dev, const char* addr)
{
struct in_addr in_addr;
inet_pton(AF_INET, addr, &in_addr);
netlink_add_addr(sock, dev, &in_addr, sizeof(in_addr));
}
static void netlink_add_addr6(int sock, const char* dev, const char* addr)
{
struct in6_addr in6_addr;
inet_pton(AF_INET6, addr, &in6_addr);
netlink_add_addr(sock, dev, &in6_addr, sizeof(in6_addr));
}
static void initialize_netdevices(void)
{
int fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
uint64_t macaddr = 0x00aaaaaaaaaa;
if (fd == EOF)
exit(1);
netlink_add_addr4(fd, "lo", "172.20.20.10");
netlink_add_addr6(fd, "lo", "fe80::0a");
netlink_device_change(fd, "lo", &macaddr, ETH_ALEN);
close(fd);
}
#ifndef __NR_bpf
#define __NR_bpf 321
#endif
static const char program[2053] =
"\xbf\x16\x00\x00\x00\x00\x00\x00\xb7\x07\x00\x00\x01\x00\xf0\xff\x50\x70"
"\x00\x00\x00\x00\x00\x00\x30\x00\x00\x00\x00\x00\xc0\x00\x95\x00\x00\x00"
"\x00\x00\x00\x00\x2b\xa7\x28\x04\x15\x98\xd6\xfb\xd3\x0c\xb5\x99\xe8\x3d"
"\x24\xbd\x81\x37\xa3\xaa\x81\xe0\xed\x13\x9a\x85\xd3\x6b\xb3\x01\x9c\x13"
"\xbd\x23\x21\xaf\x3c\xf1\xa5\x4f\x26\xfb\xbf\x22\x0b\x71\xd0\xe6\xad\xfe"
"\xfc\xf1\xd8\xf7\xfa\xf7\x5e\x0f\x22\x6b\xd9\x17\x48\x79\x60\x71\x71\x42"
"\xfa\x9e\xa4\x31\x81\x23\x75\x1c\x0a\x0e\x16\x8c\x18\x86\xd0\xd4\xd3\x53"
"\x79\xbd\x22\x3e\xc8\x39\xbc\x16\xee\x98\x8e\x6e\x0d\xc8\xce\xdf\x3c\xeb"
"\x9f\xbf\xbf\x9b\x0a\x4d\xef\x23\xd4\x30\xf6\x09\x6b\x32\xa8\x34\x38\x81"
"\x07\x20\xa1\x59\xcd\xa9\x03\x63\xdb\x3d\x22\x1e\x15\x2d\xdc\xa6\x40\x57"
"\xff\x3c\x47\x44\xae\xac\xcd\x36\x41\x11\x0b\xec\x4e\x90\x27\xa0\xc8\x05"
"\x5b\xbf\xc3\xa9\x6d\x2e\x89\x10\xc2\xc3\x9e\x4b\xab\xe8\x02\xf5\xab\x3e"
"\x89\xcf\x6c\x66\x2e\xd4\x04\x8d\x3b\x3e\x22\x27\x8d\x00\x03\x1e\x53\x88"
"\xee\x5c\x6e\xce\x1c\xcb\x0c\xd2\xb6\xd3\xcf\xfd\x96\x9d\x18\xce\x74\x00"
"\x68\x72\x5c\x37\x07\x4e\x46\x8e\xe2\x07\xd2\xf7\x39\x02\xea\xcf\xcf\x49"
"\x82\x27\x75\x98\x5b\xf3\x1b\x71\x5f\x58\x88\xb2\xfd\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x6d\x60\xdb\xe7\x1c\xce\xee\x10\x00"
"\x00\xdd\xff\xff\xff\x02\x00\x00\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff"
"\x00\x00\xb2\x7c\xf3\xd1\x84\x8a\x54\xd7\x13\x2b\xe1\xff\xb0\xad\xf9\xde"
"\xab\x33\x23\xaa\x9f\xdf\xb5\x2f\xaf\x9c\xb0\x9c\x3b\xfd\x09\x00\x00\x00"
"\xb9\x1a\xb2\x19\xef\xde\xbb\x7b\x3d\xe8\xf6\x75\x81\xcf\x79\x6a\xad\x42"
"\x23\xb9\xff\x7f\xfc\xad\x3f\x6c\x96\x2b\x9f\x03\x00\x00\x00\x00\x00\x00"
"\x00\x1c\xf4\x1a\xb1\x1f\x12\xfb\x1e\x0a\x49\x40\x34\x00\x7d\xe7\xc6\x59"
"\x2d\xf1\xa6\xc6\x4d\x8f\x20\xa6\x77\x45\x40\x9e\x01\x1f\x12\x64\xd4\x3f"
"\x15\x3b\x3d\x34\x89\x9f\x40\x15\x9e\x80\x0e\xa2\x47\x4b\x54\x05\x00\xa3"
"\x0b\x23\xbc\xee\x46\x76\x2c\x20\x93\xbc\xc9\xea\xe5\xee\x3e\x98\x00\x26"
"\xc9\x6f\x80\xee\x1a\x74\xe0\x4b\xde\x74\x07\x50\xfa\x4d\x9a\xaa\x70\x59"
"\x89\xb8\xe6\x73\xe3\x29\x6e\x52\xd3\x37\xc5\x6a\xbf\x11\x28\x74\xec\x51"
"\xd6\xfe\x04\x8b\xa6\x86\x6a\xde\xba\xb5\x31\x68\x77\x0a\x71\xad\x90\x1a"
"\xce\x38\x3e\x41\xd2\x77\xb1\x03\x92\x3a\x9d\x97\x1f\x7a\x25\x91\xdb\xe4"
"\xa9\x12\xff\xaf\x6f\x65\x8f\x3f\x9c\xd1\x62\x86\x74\x4f\x83\xa8\x3f\x13"
"\x8f\x8f\x92\xef\xd9\x22\x39\xea\xfc\xe5\xc1\xb3\xf9\x7a\x29\x7c\x9e\x49"
"\xa0\xc3\x30\x0e\xf7\xb7\xfb\x5f\x09\xe0\xc8\xa8\x68\xa3\x53\x40\x9e\x34"
"\xd3\xe8\x22\x79\x63\x75\x99\xf3\x5a\xd3\xf7\xff\xff\xff\x3c\xac\x39\x4c"
"\x7b\xbd\xcd\x0e\x0e\xb5\x21\x89\x2c\x0f\x32\x01\x5b\xf4\xf2\x26\xa4\xe7"
"\x0f\x03\xcc\x41\x46\xa7\x7a\xf0\x2c\x1d\x4c\xef\xd4\xa2\xb9\x4c\x0a\xed"
"\x84\x77\xdf\xa8\xce\xef\xb4\x67\xf0\x5c\x69\x77\xc7\x8c\xdb\xf3\x77\x04"
"\xec\x73\x75\x55\x39\x2a\x0b\x06\x4b\xda\xba\x71\xf8\x97\x14\x49\x10\xfe"
"\x05\x00\x38\xec\x9e\x47\xde\x89\x29\x8b\x7b\xf4\xd7\x69\xcc\xc1\x8e\xed"
"\xe0\x06\x8c\xa1\x45\x78\x70\xeb\x30\xd2\x11\xe2\x3c\xcc\x8e\x06\xdd\xde"
"\xb6\x17\x99\x25\x7a\xb5\x5f\xf4\x13\xc8\x6b\xa9\xaf\xfb\x12\xec\x75\x7c"
"\x72\x34\xc2\x70\x24\x6c\x87\x8d\x01\x16\x0e\x6c\x07\xbf\x6c\xf8\x80\x9c"
"\x3a\x0d\x06\x23\x57\xba\x25\x15\x56\x72\x30\xad\x1e\x1f\x49\x33\x54\x5f"
"\xc3\xc7\x41\x37\x36\x11\x66\x3f\x6b\x63\xb1\xdd\x04\x4d\xd0\xa2\x76\x8e"
"\x82\x59\x72\xea\x3b\x77\x64\x14\x67\xc8\x9f\xa0\xf8\x2e\x84\x40\x10\x50"
"\x51\xe5\x51\x0a\x33\xdc\xda\x5e\x4e\x20\x2b\xd6\x22\x54\x9c\x4c\xff\x3f"
"\x5e\x50\x1d\x3a\x5d\xd7\x14\x3f\xbf\x22\x1f\xff\x16\x1c\x12\xca\x38\x95"
"\xa3\x00\x00\x00\x00\x00\x00\x0f\xff\x75\x06\x7d\x2a\x21\x4f\x8c\x9d\x9b"
"\x2e\xcf\x63\x01\x6c\x5f\xd9\xc2\x6a\x54\xd4\x3f\xa0\x50\xb8\x8d\x1d\x43"
"\xa8\x64\x5b\xd9\x76\x9b\x7e\x07\x86\x9b\xba\x71\x31\x42\x1c\x0f\x39\x11"
"\x3b\xe7\x66\x4e\x08\xbd\xd7\x11\x5c\x61\xaf\xcb\x71\x8c\xf3\xc4\x68\x0b"
"\x2f\x6c\x7a\x84\x00\xe3\x78\xa9\xb1\x5b\xc2\x0f\x49\xe2\x98\x72\x73\x40"
"\xe8\x7c\xde\xfb\x40\xe5\x6e\x9c\xfa\xd9\x73\x34\x7d\x0d\xe7\xba\x47\x54"
"\xff\x23\x1a\x1b\x93\x3d\x8f\x93\x1b\x8c\x55\x2b\x2c\x7c\x50\x3f\x3d\x0e"
"\x7a\xb0\xe9\x58\xad\xb8\x62\x82\x2e\x40\x00\x99\x95\xae\x16\x6d\xeb\x98"
"\x56\x29\x1a\x43\xa6\xf7\xeb\x2e\x32\xce\xfb\xf4\x63\x78\x9e\xaf\x79\xb8"
"\xd4\xc2\xbf\x0f\x7a\x2c\xb0\x32\xda\xd1\x30\x07\xb8\x2e\x60\xdb\xe9\x86"
"\x4a\x11\x7d\x27\x32\x68\x50\xa7\xc3\xb5\x70\x86\x3f\x53\x2c\x21\x8b\x10"
"\xaf\x13\xd7\xbe\x94\x98\x70\x05\x08\x8a\x83\x88\x0c\xca\xb9\xc9\x92\x0c"
"\x2d\x2a\xf8\xc5\xe1\x3d\x52\xc8\x3a\xc3\xfa\x7c\x3a\xe6\xc0\x83\x84\x86"
"\x5b\x66\xd2\xb4\xdc\xb5\xdd\x9c\xba\x16\xb6\x20\x40\xbf\x87\x02\xae\x12"
"\xc7\x7e\x6e\x34\x99\x1a\xf6\x03\xe3\x85\x6a\x34\x6c\xf7\xf9\xfe\xeb\x70"
"\x88\xae\xda\x89\x0c\xf8\xa4\xa6\xf3\x1b\xa6\xd9\xb8\xcb\x09\x8f\x93\x5b"
"\xdc\xbb\x29\xfd\x0f\x1a\x34\x2c\x01\x00\x00\x00\x00\x00\x00\x00\x48\xa9"
"\xde\xa0\x00\x00\x3a\x85\x67\xa7\x59\x2b\x33\x40\x6f\x1f\x71\xc7\x39\xb5"
"\x5d\xb9\x1d\x23\x09\xdc\x7a\xe4\x01\x00\x5f\x52\x05\x3a\x39\xe7\x30\x7c"
"\x09\xff\x3a\xc3\xe8\x20\xb0\x1c\x57\xdd\x74\xd4\xaa\xfc\x4c\x38\x3a\x17"
"\xbc\x1d\xe5\x34\x7b\xb7\x1c\xa1\x6d\xcb\xbb\xaa\x29\x35\xf6\x02\x32\x59"
"\x84\x38\x6b\x21\xb9\x64\x92\xae\x66\x20\x82\xb5\x6c\xf6\x66\xe6\x3a\x75"
"\x7c\x0e\xf3\xea\x7a\xf6\x88\x15\x13\xbe\x94\xb3\x66\xe1\x5f\xfc\xa8\xec"
"\x45\x3b\x3a\x2a\x67\xbe\xdc\xa1\xc7\x66\x95\x22\xe8\xdf\xf8\xbc\x57\x0a"
"\x93\xfb\xdb\x68\x8c\x3a\xef\xd4\x75\x01\x27\x7a\x6e\xa6\xb1\x11\x63\x39"
"\x2a\x19\xd8\x79\x95\xb5\x1c\x96\xfe\xbd\x5f\x24\xa3\x49\x98\xd2\x01\x0f"
"\xd5\xfa\xcf\x68\xc4\xf8\x4e\x2f\x66\xe2\x7c\x81\xa1\x49\xd7\xb3\x31\x98"
"\x3d\x3b\x74\x44\x49\x53\xfc\x12\x16\xdf\xec\x10\xb7\x24\xbe\x37\x33\xc2"
"\x6f\x12\x53\x83\x76\xe1\x77\xff\xef\x6f\xd2\x60\x3b\xfa\xb9\x68\x31\x95"
"\x7a\x08\xe4\x91\x9a\x46\x3d\x53\x32\xa2\x54\x60\x32\xa3\xc0\x6b\x94\xf1"
"\x68\xe8\xfc\x4b\xda\x0c\x29\x47\x23\xfe\x30\x6f\x26\xc4\x77\xaf\x4b\x92"
"\x66\x44\x67\x29\x85\xfa\xb7\xcc\x67\xbc\x5b\x5f\x5d\x38\xcd\xd8\xdf\x95"
"\x14\x7e\xbe\x1c\xd8\x8b\x0a\x2f\xbb\xde\x99\x51\xbe\x42\x82\x7d\xfd\xdf"
"\xef\xb2\x38\xfa\xc2\x30\x3c\xc8\x98\x2f\x1e\x55\xb0\x05\xaf\xcf\xea\x5e"
"\xb0\x37\x24\x8f\xef\xad\x6b\xb0\x2c\x16\x2c\xe9\x2a\xb1\x27\x13\x52\x2b"
"\x97\x50\x6c\x26\x77\x44\xc8\xec\x3d\x2e\x80\xcf\x32\x05\xd3\x66\x99\xfd"
"\x38\x1b\xc8\x12\x31\xfb\x5e\x12\xe4\x5f\x30\x59\xf3\x61\xd0\x8d\x6a\x6d"
"\x01\xdd\x79\xca\x9b\xfb\x4e\x06\x25\x94\x27\xb0\x29\x44\x7a\x3e\xd7\x0a"
"\x2b\x70\xbe\x52\x1e\xa2\x7d\xc8\xcf\x3c\x9b\xdf\x83\xb9\x34\x05\xdb\x07"
"\xe8\x2e\x2d\xdf\x4c\x4d\x26\xf1\xcd\xd8\xc3\xc9\x73\x6c\xf5\xe5\x08\x6d"
"\xe3\xb4\x84\xf8\x67\x3e\x0e\x97\xdd\x7e\x8a\x87\x21\x48\x61\x3c\x3a\xea"
"\xf2\xd6\x7f\x43\x75\xba\x5c\x7f\x1b\x00\x33\xf8\xdf\xe0\x1d\x9c\xb2\xa7"
"\x08\x01\xf7\x63\x52\x4e\x1d\x79\xd8\x12\xce\xd7\x82\x64\x6b\x5f\x79\xc8"
"\xfc\x08\xbb\x5c\x11\x02\x01\x08\xd7\x02\xed\xd2\xea\x9c\x96\xcf\xcb\x90"
"\x66\x66\x86\x27\x82\x0d\x2d\x48\xaa\x5f\xc0\xa7\xbf\x1b\x51\xaf\xd8\x53"
"\x50\xad\x00\xb7\x8c\x59\x8f\xa8\x70\x1b\x40\x08\x84\xde\x79\x0b\x54\xe5"
"\xab\x2e\x8f\xf0\xc7\xae\x23\xe0\xb6\xee\xac\x95\xc4\xc2\xee\xf2\xe5\xeb"
"\x1d\x01\x9d\x52\x09\x9f\xbd\x40\x4e\x8e\xce\x97\x0f\x67\x73\x6b\xa7\xe9"
"\x60\xbd\x8b\x1e\x41\x05\xce\x7e\x31\xf7\xc9\xc3\xe3\xfa\x61\xaa\xb9\x67"
"\x56\x5e\x04\x00\x00\x00\x00\x00\x00\x00\xa8\xcf\xda\x89\x0a\x98\xb9\x00"
"\x87\xe9\x1d\x70\x3e\x98\x53\x5b\x10\x7b\x8f\x46\x53\xbe\x4c\x46\xa3\xa1"
"\xad\xb0\x7d\x22\x69\x52\xb8\x57\x3b\x41\x70\x18\x31\x6f\xa9\x00\x00\x00"
"\x00\x00\x00\x00\x00\x41\x22\xc8\x63\x70\x9b\x08\xd4\x63\x9a\x2c\xa4\x6a"
"\xc9\x0a\xc4\x29\x13\xee\x9b\xca\xa8\x75\xfc\x70\x0b\xa3\x67\xca\x31\x82"
"\x10\x59\x60\xbe\xf3\x37\x8a\x98\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x25\x03\x18\xa4\x4a\xae\xbd\xe8\x49"
"\x58\x0d\x86\xd1\xaf\xb0\x2a\x49\x6c\x35\xca\x95\x0d\x60\xa3\xd9\x7f\x23"
"\xac\x37\xf8\x80\xdd\xc3\xb1\x7b\x12\x09\xb0\x03\xc3\x33\x4b\x1c\xc0\xdb"
"\x48\x3e\x24\x43\x69\x5f\xc9\x5e\xbb\x83\x20\xc9\xad\xee\x62\x94\x51\x4c"
"\x2c\xa4\x2a\x10\x48\x28\x6d\x70\xd6\x29\x8c\xe1\x4d\x03\x1d\x04\x7b\x08"
"\x0a\x76\x8b\x9d\xc3\x0e\x64\x40\xa1\x03\x0a\xcf\x39\x13\xa5\x78\x65\xa2"
"\x77\xce\x60\xe4\x2c\xe3\xb6\xb4\x3b\x4e\x18\xd5\xb5\x3f\xa1\x9f\x94\x69"
"\x01\x59\x04\xc7\xbb\xde\xf5\xd8\x90\x1f\xff\x46\x14\x77\xe0\x06\xa7\xaa"
"\x3f\x5e\xb4\x80\x09\x82\xcb\x62\x93\x5c\x26\x49\x00\xd9\xb2\xeb\xf2\x7c"
"\xd9\x99\x3f\xce\x0b\x10\x71\xd0\x51\x69\xf3\x38\x60\x91\xcf\xc4\x7d\xe1"
"\x09\xf9\x73\x47\x43\x4b\x79\x06\x40\x76\xe2\xb6\xea\x28\xd6\x9e\xbb\x75"
"\x0d";
static const char license[4] = "GPL";
static void execute_one(void)
{
const union bpf_attr attr = {
.prog_type = BPF_PROG_TYPE_SOCKET_FILTER,
.insn_cnt = 5,
.insns = (unsigned long long) program,
.license = (unsigned long long) license,
};
struct sockaddr_in addr = {
.sin_family = AF_INET,
.sin_port = htons(0x4001),
.sin_addr.s_addr = inet_addr("172.20.20.180")
};
const struct msghdr msg = {
.msg_name = &addr,
.msg_namelen = sizeof(addr),
};
const int bpf_fd = syscall(__NR_bpf, BPF_PROG_LOAD, &attr, 72);
const int sock_fd = socket(PF_INET, SOCK_STREAM, 0);
alarm(3);
while (1) {
sendmsg(sock_fd, &msg, MSG_OOB | MSG_PROBE | MSG_CONFIRM | MSG_FASTOPEN);
setsockopt(sock_fd, SOL_SOCKET, SO_ATTACH_BPF, &bpf_fd, sizeof(bpf_fd));
}
}
int main(int argc, char *argv[])
{
if (unshare(CLONE_NEWNET))
return 1;
initialize_netdevices();
execute_one();
return 0;
}
------------------------------------------------------------
I don't know what this bpf program is doing, but I suspect that this bpf
program somehow involves PF_INET6 socket without taking a reference to
the net namespace which this bpf program runs.
Below is debug printk() patch for 5.17 which I used for tracing.
------------------------------------------------------------
diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
index 5b61c462e534..a2fd96da8e21 100644
--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h
@@ -178,6 +178,7 @@ struct net {
#if IS_ENABLED(CONFIG_SMC)
struct netns_smc smc;
#endif
+ struct list_head struct_net_users;
} __randomize_layout;
#include <linux/seq_file_net.h>
@@ -243,41 +244,16 @@ void ipx_unregister_sysctl(void);
void __put_net(struct net *net);
/* Try using get_net_track() instead */
-static inline struct net *get_net(struct net *net)
-{
- refcount_inc(&net->ns.count);
- return net;
-}
+extern struct net *get_net(struct net *net);
-static inline struct net *maybe_get_net(struct net *net)
-{
- /* Used when we know struct net exists but we
- * aren't guaranteed a previous reference count
- * exists. If the reference count is zero this
- * function fails and returns NULL.
- */
- if (!refcount_inc_not_zero(&net->ns.count))
- net = NULL;
- return net;
-}
+extern struct net *maybe_get_net(struct net *net);
/* Try using put_net_track() instead */
-static inline void put_net(struct net *net)
-{
- if (refcount_dec_and_test(&net->ns.count))
- __put_net(net);
-}
+extern void put_net(struct net *net);
-static inline
-int net_eq(const struct net *net1, const struct net *net2)
-{
- return net1 == net2;
-}
+extern int net_eq(const struct net *net1, const struct net *net2);
-static inline int check_net(const struct net *net)
-{
- return refcount_read(&net->ns.count) != 0;
-}
+extern int check_net(const struct net *net);
void net_drop_ns(void *);
diff --git a/include/net/request_sock.h b/include/net/request_sock.h
index 29e41ff3ec93..df89ff3dfa41 100644
--- a/include/net/request_sock.h
+++ b/include/net/request_sock.h
@@ -118,7 +118,7 @@ static inline void __reqsk_free(struct request_sock *req)
if (req->rsk_listener)
sock_put(req->rsk_listener);
kfree(req->saved_syn);
- kmem_cache_free(req->rsk_ops->slab, req);
+ //kmem_cache_free(req->rsk_ops->slab, req);
}
static inline void reqsk_free(struct request_sock *req)
diff --git a/include/net/sock.h b/include/net/sock.h
index 50aecd28b355..d2f386f9aa73 100644
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -540,6 +540,7 @@ struct sock {
#endif
struct rcu_head sk_rcu;
netns_tracker ns_tracker;
+ struct list_head struct_net_user;
};
enum sk_pacing {
@@ -2704,17 +2705,10 @@ static inline void sk_eat_skb(struct sock *sk, struct sk_buff *skb)
__kfree_skb(skb);
}
-static inline
-struct net *sock_net(const struct sock *sk)
-{
- return read_pnet(&sk->sk_net);
-}
-
-static inline
-void sock_net_set(struct sock *sk, struct net *net)
-{
- write_pnet(&sk->sk_net, net);
-}
+extern struct net *sock_net(const struct sock *sk);
+extern void sock_net_set(struct sock *sk, struct net *net);
+extern void sock_net_start_tracking(struct sock *sk, struct net *net);
+extern void sock_net_end_tracking(struct sock *sk);
static inline bool
skb_sk_is_prefetched(struct sk_buff *skb)
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
index a5b5bb99c644..cf4e8b224654 100644
--- a/net/core/net_namespace.c
+++ b/net/core/net_namespace.c
@@ -26,6 +26,8 @@
#include <net/net_namespace.h>
#include <net/netns/generic.h>
+DEFINE_SPINLOCK(net_users_lock);
+
/*
* Our network namespace constructor/destructor lists
*/
@@ -50,6 +52,7 @@ struct net init_net = {
#ifdef CONFIG_KEYS
.key_domain = &init_net_key_domain,
#endif
+ .struct_net_users = LIST_HEAD_INIT(init_net.struct_net_users),
};
EXPORT_SYMBOL(init_net);
@@ -406,6 +409,7 @@ static struct net *net_alloc(void)
net = kmem_cache_zalloc(net_cachep, GFP_KERNEL);
if (!net)
goto out_free;
+ INIT_LIST_HEAD(&net->struct_net_users);
#ifdef CONFIG_KEYS
net->key_domain = kzalloc(sizeof(struct key_tag), GFP_KERNEL);
@@ -432,7 +436,7 @@ static void net_free(struct net *net)
{
if (refcount_dec_and_test(&net->passive)) {
kfree(rcu_access_pointer(net->gen));
- kmem_cache_free(net_cachep, net);
+ //kmem_cache_free(net_cachep, net);
}
}
@@ -637,8 +641,46 @@ EXPORT_SYMBOL(net_ns_barrier);
static DECLARE_WORK(net_cleanup_work, cleanup_net);
+struct to_be_destroyed_net {
+ struct list_head list;
+ struct net *net;
+};
+
+static LIST_HEAD(to_be_destroyed_net_list);
+static DEFINE_SPINLOCK(to_be_destroyed_net_list_lock);
+
+bool is_to_be_destroyed_net(struct net *net)
+{
+ unsigned long flags;
+ struct to_be_destroyed_net *entry;
+ bool found = false;
+
+ spin_lock_irqsave(&to_be_destroyed_net_list_lock, flags);
+ list_for_each_entry(entry, &to_be_destroyed_net_list, list) {
+ if (entry->net == net) {
+ found = true;
+ break;
+ }
+ }
+ spin_unlock_irqrestore(&to_be_destroyed_net_list_lock, flags);
+ return found;
+}
+EXPORT_SYMBOL(is_to_be_destroyed_net);
+
void __put_net(struct net *net)
{
+ struct to_be_destroyed_net *entry = kzalloc(sizeof(*entry), GFP_ATOMIC | __GFP_NOWARN);
+ unsigned long flags;
+
+ if (entry) {
+ entry->net = net;
+ spin_lock_irqsave(&to_be_destroyed_net_list_lock, flags);
+ list_add_tail(&entry->list, &to_be_destroyed_net_list);
+ spin_unlock_irqrestore(&to_be_destroyed_net_list_lock, flags);
+ }
+ pr_info("Releasing net=%px net->ns.count=%d in_use=%d\n",
+ net, refcount_read(&net->ns.count), sock_inuse_get(net));
+ dump_stack();
ref_tracker_dir_exit(&net->refcnt_tracker);
/* Cleanup the network namespace in process context */
if (llist_add(&net->cleanup_list, &cleanup_list))
@@ -1382,4 +1424,113 @@ const struct proc_ns_operations netns_operations = {
.install = netns_install,
.owner = netns_owner,
};
+
+struct net *get_net(struct net *net)
+{
+ refcount_inc(&net->ns.count);
+ if (net != &init_net) {
+ pr_info("net=%px count=%d\n", net, refcount_read(&net->ns.count));
+ dump_stack();
+ }
+ return net;
+}
+EXPORT_SYMBOL(get_net);
+
+struct net *maybe_get_net(struct net *net)
+{
+ /* Used when we know struct net exists but we
+ * aren't guaranteed a previous reference count
+ * exists. If the reference count is zero this
+ * function fails and returns NULL.
+ */
+ if (!refcount_inc_not_zero(&net->ns.count))
+ net = NULL;
+ else if (net != &init_net) {
+ pr_info("net=%px count=%d\n", net, refcount_read(&net->ns.count));
+ dump_stack();
+ }
+ return net;
+}
+EXPORT_SYMBOL(maybe_get_net);
+
+void put_net(struct net *net)
+{
+ if (net != &init_net) {
+ pr_info("net=%px count=%d\n", net, refcount_read(&net->ns.count));
+ dump_stack();
+ }
+ if (refcount_dec_and_test(&net->ns.count))
+ __put_net(net);
+}
+EXPORT_SYMBOL(put_net);
+
+int net_eq(const struct net *net1, const struct net *net2)
+{
+ return net1 == net2;
+}
+EXPORT_SYMBOL(net_eq);
+
+int check_net(const struct net *net)
+{
+ return refcount_read(&net->ns.count) != 0;
+}
+EXPORT_SYMBOL(check_net);
+
+void sock_net_start_tracking(struct sock *sk, struct net *net)
+{
+ unsigned long flags;
+
+ if (net == &init_net)
+ return;
+ spin_lock_irqsave(&net_users_lock, flags);
+ list_add_tail(&sk->struct_net_user, &net->struct_net_users);
+ spin_unlock_irqrestore(&net_users_lock, flags);
+}
+
+void sock_net_end_tracking(struct sock *sk)
+{
+ unsigned long flags;
+
+ spin_lock_irqsave(&net_users_lock, flags);
+ list_del(&sk->struct_net_user);
+ spin_unlock_irqrestore(&net_users_lock, flags);
+}
+
+struct net *sock_net(const struct sock *sk)
+{
+ struct net *net = read_pnet(&sk->sk_net);
+ unsigned long flags;
+ bool found = false;
+ struct sock *s;
+
+ if (net == &init_net)
+ return net;
+ spin_lock_irqsave(&net_users_lock, flags);
+ BUG_ON(!net->struct_net_users.next);
+ BUG_ON(!net->struct_net_users.prev);
+ list_for_each_entry(s, &net->struct_net_users, struct_net_user) {
+ BUG_ON(!s->struct_net_user.next);
+ BUG_ON(!s->struct_net_user.prev);
+ if (s == sk) {
+ found = true;
+ break;
+ }
+ }
+ spin_unlock_irqrestore(&net_users_lock, flags);
+ if (!found) {
+ pr_info("sock=%px is accessing untracked net=%px\n", sk, net);
+ pr_info("sk->sk_family=%d sk->sk_prot_creator->name=%s sk->sk_state=%d sk->sk_flags=0x%lx net->ns.count=%d\n",
+ sk->sk_family, sk->sk_prot_creator->name, sk->sk_state, sk->sk_flags, refcount_read(&net->ns.count));
+ dump_stack();
+ }
+ return net;
+}
+EXPORT_SYMBOL(sock_net);
+
+void sock_net_set(struct sock *sk, struct net *net)
+{
+ write_pnet(&sk->sk_net, net);
+}
+EXPORT_SYMBOL(sock_net_set);
+
#endif
diff --git a/net/core/sock.c b/net/core/sock.c
index 6eb174805bf0..3c303117e3bb 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -1904,6 +1904,7 @@ static void sock_copy(struct sock *nsk, const struct sock *osk)
nsk->sk_security = sptr;
security_sk_clone(osk, nsk);
#endif
+ sock_net_start_tracking(nsk, read_pnet(&nsk->sk_net));
}
static struct sock *sk_prot_alloc(struct proto *prot, gfp_t priority,
@@ -1953,10 +1954,12 @@ static void sk_prot_free(struct proto *prot, struct sock *sk)
cgroup_sk_free(&sk->sk_cgrp_data);
mem_cgroup_sk_free(sk);
security_sk_free(sk);
+ /*
if (slab != NULL)
kmem_cache_free(slab, sk);
else
kfree(sk);
+ */
module_put(owner);
}
@@ -1989,6 +1992,7 @@ struct sock *sk_alloc(struct net *net, int family, gfp_t priority,
sock_inuse_add(net, 1);
}
+ sock_net_start_tracking(sk, net);
sock_net_set(sk, net);
refcount_set(&sk->sk_wmem_alloc, 1);
diff --git a/net/ipv4/tcp_timer.c b/net/ipv4/tcp_timer.c
index 20cf4a98c69d..412bee1dc9cb 100644
--- a/net/ipv4/tcp_timer.c
+++ b/net/ipv4/tcp_timer.c
@@ -433,6 +433,7 @@ static void tcp_fastopen_synack_timer(struct sock *sk, struct request_sock *req)
TCP_TIMEOUT_INIT << req->num_timeout, TCP_RTO_MAX);
}
+extern bool is_to_be_destroyed_net(struct net *net);
/**
* tcp_retransmit_timer() - The TCP retransmit timeout handler
@@ -453,6 +454,13 @@ void tcp_retransmit_timer(struct sock *sk)
struct request_sock *req;
struct sk_buff *skb;
+ if (is_to_be_destroyed_net(net)) {
+ pr_info("BUG: Trying to access destroyed net=%px sk=%px\n", net, sk);
+ pr_info("sk->sk_family=%d sk->sk_prot_creator->name=%s sk->sk_state=%d sk->sk_flags=0x%lx net->ns.count=%d\n",
+ sk->sk_family, sk->sk_prot_creator->name, sk->sk_state, sk->sk_flags, refcount_read(&net->ns.count));
+ WARN_ON(1);
+ }
+
req = rcu_dereference_protected(tp->fastopen_rsk,
lockdep_sock_is_held(sk));
if (req) {
@@ -636,6 +644,7 @@ static void tcp_write_timer(struct timer_list *t)
struct inet_connection_sock *icsk =
from_timer(icsk, t, icsk_retransmit_timer);
struct sock *sk = &icsk->icsk_inet.sk;
+ struct net *net = sock_net(sk);
bh_lock_sock(sk);
if (!sock_owned_by_user(sk)) {
@@ -647,6 +656,11 @@ static void tcp_write_timer(struct timer_list *t)
}
bh_unlock_sock(sk);
sock_put(sk);
+ if (is_to_be_destroyed_net(net)) {
+ pr_info("INFO: About to destroy net=%px sk=%px\n", net, sk);
+ pr_info("sk->sk_family=%d sk->sk_prot_creator->name=%s sk->sk_state=%d sk->sk_flags=0x%lx net->ns.count=%d\n",
+ sk->sk_family, sk->sk_prot_creator->name, sk->sk_state, sk->sk_flags, refcount_read(&net->ns.count));
+ }
}
void tcp_syn_ack_timeout(const struct request_sock *req)
------------------------------------------------------------
And below is console output with this printk() patch.
------------------------------------------------------------
[ 83.642910][ T2875] net_namespace: net=ffff888036278000 count=2
[ 83.645415][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 83.648311][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 83.651893][ T2875] Call Trace:
[ 83.653239][ T2875] <TASK>
[ 83.654540][ T2875] dump_stack_lvl+0xcd/0x134
[ 83.656428][ T2875] get_net.cold+0x21/0x26
[ 83.658194][ T2875] sk_alloc+0x1ca/0x8a0
[ 83.659979][ T2875] __netlink_create+0x44/0x160
[ 83.662246][ T2875] netlink_create+0x210/0x310
[ 83.664146][ T2875] ? do_set_master+0x100/0x100
[ 83.666538][ T2875] __sock_create+0x20e/0x4f0
[ 83.668648][ T2875] __sys_socket+0x6f/0x140
[ 83.670597][ T2875] __x64_sys_socket+0x1a/0x20
[ 83.672385][ T2875] do_syscall_64+0x35/0xb0
[ 83.674069][ T2875] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 83.676201][ T2875] RIP: 0033:0x7fbbed5067db
[ 83.677873][ T2875] Code: 73 01 c3 48 8b 0d b5 b6 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 85 b6 0c 00 f7 d8 64 89 01 48
[ 83.685279][ T2875] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 83.688515][ T2875] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbbed5067db
[ 83.691782][ T2875] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010
[ 83.694835][ T2875] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007fbbed617d50
[ 83.697960][ T2875] R10: 0000000000000000 R11: 0000000000000246 R12: 000055a16962f410
[ 83.701245][ T2875] R13: 00007ffd7a1e7810 R14: 0000000000000000 R15: 0000000000000000
[ 83.704951][ T2875] </TASK>
[ 83.708603][ T2875] net_namespace: net=ffff888036278000 count=3
[ 83.712187][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 83.715235][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 83.718777][ T2875] Call Trace:
[ 83.720083][ T2875] <TASK>
[ 83.721401][ T2875] dump_stack_lvl+0xcd/0x134
[ 83.723313][ T2875] get_net.cold+0x21/0x26
[ 83.725388][ T2875] get_proc_task_net+0x99/0x1c0
[ 83.727321][ T2875] proc_tgid_net_lookup+0x21/0x60
[ 83.729327][ T2875] __lookup_slow+0x146/0x280
[ 83.731453][ T2875] walk_component+0x1f2/0x2a0
[ 83.733426][ T2875] path_lookupat.isra.0+0xc4/0x270
[ 83.735638][ T2875] filename_lookup+0x103/0x250
[ 83.737518][ T2875] ? unuse_pde+0x50/0x50
[ 83.739230][ T2875] ? simple_attr_release+0x20/0x20
[ 83.741365][ T2875] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 83.746650][ T2875] user_path_at_empty+0x42/0x60
[ 83.748679][ T2875] do_faccessat+0xd5/0x490
[ 83.750698][ T2875] do_syscall_64+0x35/0xb0
[ 83.752750][ T2875] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 83.755147][ T2875] RIP: 0033:0x7fbbed4f416b
[ 83.756987][ T2875] Code: 77 05 c3 0f 1f 40 00 48 8b 15 21 dd 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff c3 0f 1f 40 00 f3 0f 1e fa b8 15 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 f1 dc 0d 00 f7 d8
[ 83.764201][ T2875] RSP: 002b:00007ffd7a1e64e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000015
[ 83.767625][ T2875] RAX: ffffffffffffffda RBX: 00007fbbed5985a0 RCX: 00007fbbed4f416b
[ 83.770815][ T2875] RDX: 0000000000000008 RSI: 0000000000000004 RDI: 00007ffd7a1e64f0
[ 83.773982][ T2875] RBP: 000055a169630004 R08: 000000000000000d R09: 0078696e752f7465
[ 83.777202][ T2875] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fbbed59867c
[ 83.780346][ T2875] R13: 00007ffd7a1e64f0 R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 83.783686][ T2875] </TASK>
[ 83.785743][ T2875] net_namespace: net=ffff888036278000 count=3
[ 83.788711][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 83.791774][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 83.795370][ T2875] Call Trace:
[ 83.796779][ T2875] <TASK>
[ 83.798094][ T2875] dump_stack_lvl+0xcd/0x134
[ 83.800045][ T2875] put_net.cold+0x1f/0x24
[ 83.802444][ T2875] proc_tgid_net_lookup+0x4b/0x60
[ 83.804936][ T2875] __lookup_slow+0x146/0x280
[ 83.806890][ T2875] walk_component+0x1f2/0x2a0
[ 83.808840][ T2875] path_lookupat.isra.0+0xc4/0x270
[ 83.810945][ T2875] filename_lookup+0x103/0x250
[ 83.812928][ T2875] ? unuse_pde+0x50/0x50
[ 83.814760][ T2875] ? simple_attr_release+0x20/0x20
[ 83.817416][ T2875] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 83.819696][ T2875] user_path_at_empty+0x42/0x60
[ 83.822173][ T2875] do_faccessat+0xd5/0x490
[ 83.823958][ T2875] do_syscall_64+0x35/0xb0
[ 83.825808][ T2875] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 83.827975][ T2875] RIP: 0033:0x7fbbed4f416b
[ 83.829676][ T2875] Code: 77 05 c3 0f 1f 40 00 48 8b 15 21 dd 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff c3 0f 1f 40 00 f3 0f 1e fa b8 15 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 f1 dc 0d 00 f7 d8
[ 83.836926][ T2875] RSP: 002b:00007ffd7a1e64e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000015
[ 83.840089][ T2875] RAX: ffffffffffffffda RBX: 00007fbbed5985a0 RCX: 00007fbbed4f416b
[ 83.843171][ T2875] RDX: 0000000000000008 RSI: 0000000000000004 RDI: 00007ffd7a1e64f0
[ 83.846444][ T2875] RBP: 000055a169630004 R08: 000000000000000d R09: 0078696e752f7465
[ 83.849481][ T2875] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fbbed59867c
[ 83.852857][ T2875] R13: 00007ffd7a1e64f0 R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 83.855888][ T2875] </TASK>
[ 83.857759][ T2875] net_namespace: net=ffff888036278000 count=3
[ 83.860508][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 83.863611][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 83.867655][ T2875] Call Trace:
[ 83.869162][ T2875] <TASK>
[ 83.870467][ T2875] dump_stack_lvl+0xcd/0x134
[ 83.872611][ T2875] get_net.cold+0x21/0x26
[ 83.874572][ T2875] sk_alloc+0x1ca/0x8a0
[ 83.876337][ T2875] unix_create1+0x81/0x2c0
[ 83.878159][ T2875] unix_create+0x9a/0x130
[ 83.880015][ T2875] __sock_create+0x20e/0x4f0
[ 83.881874][ T2875] __sys_socket+0x6f/0x140
[ 83.883730][ T2875] __x64_sys_socket+0x1a/0x20
[ 83.886127][ T2875] do_syscall_64+0x35/0xb0
[ 83.888040][ T2875] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 83.890433][ T2875] RIP: 0033:0x7fbbed5067db
[ 83.892409][ T2875] Code: 73 01 c3 48 8b 0d b5 b6 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 85 b6 0c 00 f7 d8 64 89 01 48
[ 83.899534][ T2875] RSP: 002b:00007ffd7a1e64e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 83.903158][ T2875] RAX: ffffffffffffffda RBX: 00007fbbed5985a0 RCX: 00007fbbed5067db
[ 83.906369][ T2875] RDX: 0000000000000000 RSI: 0000000000080002 RDI: 0000000000000001
[ 83.909364][ T2875] RBP: 0000000000000002 R08: 000000000000000d R09: 0078696e752f7465
[ 83.912373][ T2875] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fbbed59867c
[ 83.915860][ T2875] R13: 00007ffd7a1e64f0 R14: 0000000000000001 R15: 0000000000000000
[ 83.919121][ T2875] </TASK>
[ 83.921478][ T2875] net_namespace: net=ffff888036278000 count=3
[ 83.924516][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 83.927520][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 83.931006][ T2875] Call Trace:
[ 83.932385][ T2875] <TASK>
[ 83.933651][ T2875] dump_stack_lvl+0xcd/0x134
[ 83.935827][ T2875] put_net.cold+0x1f/0x24
[ 83.937612][ T2875] __sk_destruct+0x1f9/0x3b0
[ 83.939531][ T2875] sk_destruct+0xa6/0xc0
[ 83.941428][ T2875] __sk_free+0x5a/0x1b0
[ 83.943189][ T2875] sk_free+0x6b/0x90
[ 83.944884][ T2875] unix_release_sock+0x4d4/0x6d0
[ 83.946887][ T2875] unix_release+0x2d/0x40
[ 83.948674][ T2875] __sock_release+0x47/0xd0
[ 83.950652][ T2875] ? __sock_release+0xd0/0xd0
[ 83.952626][ T2875] sock_close+0x18/0x20
[ 83.954491][ T2875] __fput+0x117/0x450
[ 83.956241][ T2875] task_work_run+0x75/0xd0
[ 83.958071][ T2875] exit_to_user_mode_prepare+0x273/0x280
[ 83.960365][ T2875] syscall_exit_to_user_mode+0x19/0x60
[ 83.962612][ T2875] do_syscall_64+0x42/0xb0
[ 83.964521][ T2875] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 83.967103][ T2875] RIP: 0033:0x7fbbed4f937b
[ 83.968976][ T2875] Code: c3 48 8b 15 17 8b 0d 00 f7 d8 64 89 02 b8 ff ff ff ff eb c2 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 e1 8a 0d 00 f7 d8
[ 83.976315][ T2875] RSP: 002b:00007ffd7a1e6538 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 83.979599][ T2875] RAX: 0000000000000000 RBX: 0000000000001802 RCX: 00007fbbed4f937b
[ 83.982751][ T2875] RDX: 00007ffd7a1e6540 RSI: 0000000000008933 RDI: 0000000000000004
[ 83.985979][ T2875] RBP: 0000000000000004 R08: 000000000000000d R09: 0078696e752f7465
[ 83.989107][ T2875] R10: 0000000000000004 R11: 0000000000000246 R12: 00007ffd7a1e6540
[ 83.992365][ T2875] R13: 00007ffd7a1e762c R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 83.995633][ T2875] </TASK>
[ 83.998686][ T2875] net_namespace: net=ffff888036278000 count=3
[ 84.001243][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 84.005041][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 84.008594][ T2875] Call Trace:
[ 84.010029][ T2875] <TASK>
[ 84.011797][ T2875] dump_stack_lvl+0xcd/0x134
[ 84.013820][ T2875] get_net.cold+0x21/0x26
[ 84.016049][ T2875] sk_alloc+0x1ca/0x8a0
[ 84.018006][ T2875] unix_create1+0x81/0x2c0
[ 84.019853][ T2875] unix_create+0x9a/0x130
[ 84.021779][ T2875] __sock_create+0x20e/0x4f0
[ 84.023672][ T2875] __sys_socket+0x6f/0x140
[ 84.025544][ T2875] __x64_sys_socket+0x1a/0x20
[ 84.027473][ T2875] do_syscall_64+0x35/0xb0
[ 84.029310][ T2875] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 84.031710][ T2875] RIP: 0033:0x7fbbed5067db
[ 84.033512][ T2875] Code: 73 01 c3 48 8b 0d b5 b6 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 85 b6 0c 00 f7 d8 64 89 01 48
[ 84.041069][ T2875] RSP: 002b:00007ffd7a1e64e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 84.044342][ T2875] RAX: ffffffffffffffda RBX: 000000000000780a RCX: 00007fbbed5067db
[ 84.047336][ T2875] RDX: 0000000000000000 RSI: 0000000000080002 RDI: 0000000000000001
[ 84.050451][ T2875] RBP: 000055a169630004 R08: 000000000000000d R09: 000055a16963001a
[ 84.053617][ T2875] R10: 0000000000000002 R11: 0000000000000246 R12: 00007ffd7a1e6540
[ 84.056885][ T2875] R13: 00007ffd7a1e7680 R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 84.059933][ T2875] </TASK>
[ 84.061977][ T2875] net_namespace: net=ffff888036278000 count=3
[ 84.064619][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 84.067684][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 84.071207][ T2875] Call Trace:
[ 84.072586][ T2875] <TASK>
[ 84.073835][ T2875] dump_stack_lvl+0xcd/0x134
[ 84.075862][ T2875] put_net.cold+0x1f/0x24
[ 84.077663][ T2875] __sk_destruct+0x1f9/0x3b0
[ 84.079540][ T2875] sk_destruct+0xa6/0xc0
[ 84.081437][ T2875] __sk_free+0x5a/0x1b0
[ 84.085862][ T2875] sk_free+0x6b/0x90
[ 84.087628][ T2875] unix_release_sock+0x4d4/0x6d0
[ 84.089575][ T2875] unix_release+0x2d/0x40
[ 84.091333][ T2875] __sock_release+0x47/0xd0
[ 84.093107][ T2875] ? __sock_release+0xd0/0xd0
[ 84.095003][ T2875] sock_close+0x18/0x20
[ 84.096801][ T2875] __fput+0x117/0x450
[ 84.098375][ T2875] task_work_run+0x75/0xd0
[ 84.100983][ T2875] exit_to_user_mode_prepare+0x273/0x280
[ 84.103425][ T2875] syscall_exit_to_user_mode+0x19/0x60
[ 84.105626][ T2875] do_syscall_64+0x42/0xb0
[ 84.107471][ T2875] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 84.109773][ T2875] RIP: 0033:0x7fbbed4f937b
[ 84.111613][ T2875] Code: c3 48 8b 15 17 8b 0d 00 f7 d8 64 89 02 b8 ff ff ff ff eb c2 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 e1 8a 0d 00 f7 d8
[ 84.118931][ T2875] RSP: 002b:00007ffd7a1e6538 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 84.122539][ T2875] RAX: 0000000000000000 RBX: 000000000000780a RCX: 00007fbbed4f937b
[ 84.125766][ T2875] RDX: 00007ffd7a1e6540 RSI: 0000000000008933 RDI: 0000000000000004
[ 84.129038][ T2875] RBP: 0000000000000004 R08: 000000000000000d R09: 000055a16963001a
[ 84.132217][ T2875] R10: 0000000000000002 R11: 0000000000000246 R12: 00007ffd7a1e6540
[ 84.135522][ T2875] R13: 00007ffd7a1e7680 R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 84.138787][ T2875] </TASK>
[ 84.141378][ T2875] net_namespace: net=ffff888036278000 count=3
[ 84.143692][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 84.146720][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 84.150247][ T2875] Call Trace:
[ 84.151721][ T2875] <TASK>
[ 84.153004][ T2875] dump_stack_lvl+0xcd/0x134
[ 84.154955][ T2875] get_net.cold+0x21/0x26
[ 84.156772][ T2875] sk_alloc+0x1ca/0x8a0
[ 84.158541][ T2875] unix_create1+0x81/0x2c0
[ 84.160417][ T2875] unix_create+0x9a/0x130
[ 84.162226][ T2875] __sock_create+0x20e/0x4f0
[ 84.164112][ T2875] __sys_socket+0x6f/0x140
[ 84.166350][ T2875] __x64_sys_socket+0x1a/0x20
[ 84.168367][ T2875] do_syscall_64+0x35/0xb0
[ 84.170319][ T2875] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 84.172755][ T2875] RIP: 0033:0x7fbbed5067db
[ 84.174630][ T2875] Code: 73 01 c3 48 8b 0d b5 b6 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 85 b6 0c 00 f7 d8 64 89 01 48
[ 84.181843][ T2875] RSP: 002b:00007ffd7a1e64e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 84.185360][ T2875] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbbed5067db
[ 84.188587][ T2875] RDX: 0000000000000000 RSI: 0000000000080002 RDI: 0000000000000001
[ 84.191962][ T2875] RBP: 000055a169630004 R08: 000000000000000d R09: 0000000000000000
[ 84.195151][ T2875] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd7a1e6540
[ 84.198247][ T2875] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 84.201606][ T2875] </TASK>
[ 84.203465][ T2875] net_namespace: net=ffff888036278000 count=3
[ 84.206040][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 84.209034][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 84.212497][ T2875] Call Trace:
[ 84.213878][ T2875] <TASK>
[ 84.215443][ T2875] dump_stack_lvl+0xcd/0x134
[ 84.217370][ T2875] put_net.cold+0x1f/0x24
[ 84.219202][ T2875] __sk_destruct+0x1f9/0x3b0
[ 84.221245][ T2875] sk_destruct+0xa6/0xc0
[ 84.223004][ T2875] __sk_free+0x5a/0x1b0
[ 84.224776][ T2875] sk_free+0x6b/0x90
[ 84.226342][ T2875] unix_release_sock+0x4d4/0x6d0
[ 84.228268][ T2875] unix_release+0x2d/0x40
[ 84.230137][ T2875] __sock_release+0x47/0xd0
[ 84.231923][ T2875] ? __sock_release+0xd0/0xd0
[ 84.233765][ T2875] sock_close+0x18/0x20
[ 84.236000][ T2875] __fput+0x117/0x450
[ 84.237704][ T2875] task_work_run+0x75/0xd0
[ 84.239496][ T2875] exit_to_user_mode_prepare+0x273/0x280
[ 84.242142][ T2875] syscall_exit_to_user_mode+0x19/0x60
[ 84.244474][ T2875] do_syscall_64+0x42/0xb0
[ 84.246441][ T2875] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 84.248704][ T2875] RIP: 0033:0x7fbbed4f937b
[ 84.250500][ T2875] Code: c3 48 8b 15 17 8b 0d 00 f7 d8 64 89 02 b8 ff ff ff ff eb c2 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 e1 8a 0d 00 f7 d8
[ 84.257987][ T2875] RSP: 002b:00007ffd7a1e6538 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 84.261471][ T2875] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fbbed4f937b
[ 84.264691][ T2875] RDX: 00007ffd7a1e6540 RSI: 0000000000008933 RDI: 0000000000000004
[ 84.267780][ T2875] RBP: 0000000000000004 R08: 000000000000000d R09: 0000000000000000
[ 84.271032][ T2875] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd7a1e6540
[ 84.274208][ T2875] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 84.277498][ T2875] </TASK>
[ 84.287045][ T2875] net_namespace: net=ffff888036278000 count=3
[ 84.289271][ T2875] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 84.292514][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 84.296133][ T2875] Call Trace:
[ 84.297568][ T2875] <TASK>
[ 84.298859][ T2875] dump_stack_lvl+0xcd/0x134
[ 84.300918][ T2875] get_net.cold+0x21/0x26
[ 84.302637][ T2875] sk_alloc+0x1ca/0x8a0
[ 84.304653][ T2875] inet_create+0x21e/0x7e0
[ 84.306778][ T2875] __sock_create+0x20e/0x4f0
[ 84.308690][ T2875] __sys_socket+0x6f/0x140
[ 84.310513][ T2875] __x64_sys_socket+0x1a/0x20
[ 84.312659][ T2875] do_syscall_64+0x35/0xb0
[ 84.314573][ T2875] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 84.316905][ T2875] RIP: 0033:0x7fbbed5067db
[ 84.318820][ T2875] Code: 73 01 c3 48 8b 0d b5 b6 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 85 b6 0c 00 f7 d8 64 89 01 48
[ 84.325864][ T2875] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 84.329133][ T2875] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbbed5067db
[ 84.332546][ T2875] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 84.336076][ T2875] RBP: 00007ffd7a1e762c R08: 0000000000000000 R09: 0000000000000000
[ 84.339372][ T2875] R10: 1999999999999999 R11: 0000000000000246 R12: 00007ffd7a1e7630
[ 84.342502][ T2875] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 84.345680][ T2875] </TASK>
[ 84.353592][ C0] net_namespace: sock=ffff88800e6a0000 is accessing untracked net=ffff888036278000
[ 84.358423][ C0] net_namespace: sk->sk_family=10 sk->sk_prot_creator->name=(efault) sk->sk_state=12 sk->sk_flags=0xffff88800bbd8c40 net->ns.count=3
[ 84.363617][ C0] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 84.366717][ C0] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 84.370399][ C0] Call Trace:
[ 84.371855][ C0] <IRQ>
[ 84.373042][ C0] dump_stack_lvl+0xcd/0x134
[ 84.374866][ C0] sock_net+0x118/0x160
[ 84.376672][ C0] inet_ehash_insert+0x98/0x490
[ 84.378737][ C0] inet_csk_reqsk_queue_hash_add+0x5b/0x80
[ 84.381582][ C0] tcp_conn_request+0x1082/0x14a0
[ 84.383746][ C0] ? tcp_v4_conn_request+0x6c/0x120
[ 84.386019][ C0] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 84.388249][ C0] tcp_v4_conn_request+0x6c/0x120
[ 84.390356][ C0] tcp_v6_conn_request+0x157/0x1d0
[ 84.392458][ C0] tcp_rcv_state_process+0x443/0x1f20
[ 84.394725][ C0] ? tcp_v4_do_rcv+0x1b5/0x600
[ 84.396681][ C0] tcp_v4_do_rcv+0x1b5/0x600
[ 84.398620][ C0] tcp_v4_rcv+0x1bad/0x1de0
[ 84.400791][ C0] ip_protocol_deliver_rcu+0x52/0x630
[ 84.403773][ C0] ip_local_deliver_finish+0xb4/0x1d0
[ 84.406060][ C0] ip_local_deliver+0xa7/0x320
[ 84.408075][ C0] ? ip_protocol_deliver_rcu+0x630/0x630
[ 84.410374][ C0] ip_rcv_finish+0x108/0x170
[ 84.412225][ C0] ip_rcv+0x69/0x2f0
[ 84.413859][ C0] ? ip_rcv_finish_core.isra.0+0xbb0/0xbb0
[ 84.416510][ C0] __netif_receive_skb_one_core+0x6a/0xa0
[ 84.418949][ C0] __netif_receive_skb+0x24/0xa0
[ 84.421102][ C0] process_backlog+0x11d/0x320
[ 84.422978][ C0] __napi_poll+0x3d/0x3e0
[ 84.424808][ C0] net_rx_action+0x34e/0x480
[ 84.426713][ C0] __do_softirq+0xde/0x539
[ 84.428458][ C0] ? ip_finish_output2+0x401/0x1060
[ 84.430566][ C0] do_softirq+0xb1/0xf0
[ 84.432611][ C0] </IRQ>
[ 84.433909][ C0] <TASK>
[ 84.435285][ C0] __local_bh_enable_ip+0xbf/0xd0
[ 84.437418][ C0] ip_finish_output2+0x42f/0x1060
[ 84.439382][ C0] ? __ip_finish_output+0x471/0x840
[ 84.443928][ C0] __ip_finish_output+0x471/0x840
[ 84.445988][ C0] ? write_comp_data+0x1c/0x70
[ 84.448014][ C0] ip_finish_output+0x32/0x140
[ 84.449946][ C0] ip_output+0xb2/0x3b0
[ 84.451881][ C0] ? __ip_finish_output+0x840/0x840
[ 84.453979][ C0] ip_local_out+0x6e/0xd0
[ 84.455733][ C0] __ip_queue_xmit+0x306/0x950
[ 84.457580][ C0] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 84.459761][ C0] ? sock_net+0x11d/0x160
[ 84.461577][ C0] __tcp_transmit_skb+0x845/0x1380
[ 84.463573][ C0] tcp_connect+0xb02/0x1c80
[ 84.465713][ C0] ? preempt_schedule_common+0x32/0x80
[ 84.468040][ C0] tcp_v4_connect+0x72c/0x820
[ 84.470357][ C0] __inet_stream_connect+0x157/0x630
[ 84.473029][ C0] ? kmem_cache_alloc_trace+0x556/0x690
[ 84.475392][ C0] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 84.477659][ C0] tcp_sendmsg_locked+0xf16/0x1440
[ 84.479765][ C0] ? __local_bh_enable_ip+0x72/0xd0
[ 84.481880][ C0] tcp_sendmsg+0x2b/0x40
[ 84.483651][ C0] inet_sendmsg+0x45/0x70
[ 84.485640][ C0] ? inet_send_prepare+0x2e0/0x2e0
[ 84.487807][ C0] ____sys_sendmsg+0x390/0x3e0
[ 84.489794][ C0] ? debug_object_activate+0x193/0x210
[ 84.491915][ C0] ___sys_sendmsg+0x97/0xe0
[ 84.493713][ C0] ? __lock_acquire+0x3b2/0x3160
[ 84.495653][ C0] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 84.497772][ C0] ? __fget_light+0x99/0xe0
[ 84.499582][ C0] __sys_sendmsg+0x88/0x100
[ 84.501976][ C0] do_syscall_64+0x35/0xb0
[ 84.503841][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 84.506292][ C0] RIP: 0033:0x7fbbed5ec0f7
[ 84.508154][ C0] Code: 64 89 02 48 c7 c0 ff ff ff ff eb bc 0f 1f 80 00 00 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[ 84.515353][ C0] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 84.518867][ C0] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fbbed5ec0f7
[ 84.522178][ C0] RDX: 0000000020000811 RSI: 00007ffd7a1e7630 RDI: 0000000000000004
[ 84.525355][ C0] RBP: 00007ffd7a1e762c R08: 0000000000000000 R09: 0000000000000000
[ 84.528392][ C0] R10: 1999999999999999 R11: 0000000000000246 R12: 00007ffd7a1e7630
[ 84.531766][ C0] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 84.535012][ C0] </TASK>
[ 84.554710][ C0] net_namespace: net=ffff888036278000 count=3
[ 84.557308][ C0] CPU: 0 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 84.560308][ C0] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 84.563719][ C0] Call Trace:
[ 84.565561][ C0] <IRQ>
[ 84.566936][ C0] dump_stack_lvl+0xcd/0x134
[ 84.569111][ C0] put_net.cold+0x1f/0x24
[ 84.571071][ C0] __sk_destruct+0x1f9/0x3b0
[ 84.572995][ C0] sk_destruct+0xa6/0xc0
[ 84.574855][ C0] __sk_free+0x5a/0x1b0
[ 84.576633][ C0] sk_free+0x6b/0x90
[ 84.578324][ C0] deferred_put_nlk_sk+0xb7/0x150
[ 84.580383][ C0] rcu_core+0x37d/0xa00
[ 84.582144][ C0] ? rcu_core+0x31e/0xa00
[ 84.583970][ C0] __do_softirq+0xde/0x539
[ 84.586435][ C0] ? tcp_sendmsg+0x1d/0x40
[ 84.588290][ C0] do_softirq+0xb1/0xf0
[ 84.590022][ C0] </IRQ>
[ 84.591451][ C0] <TASK>
[ 84.592751][ C0] __local_bh_enable_ip+0xbf/0xd0
[ 84.594866][ C0] tcp_sendmsg+0x1d/0x40
[ 84.596737][ C0] inet_sendmsg+0x45/0x70
[ 84.598573][ C0] ? inet_send_prepare+0x2e0/0x2e0
[ 84.600679][ C0] ____sys_sendmsg+0x390/0x3e0
[ 84.602707][ C0] ___sys_sendmsg+0x97/0xe0
[ 84.604712][ C0] ? __lock_acquire+0x3b2/0x3160
[ 84.607154][ C0] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 84.609429][ C0] ? __fget_light+0x99/0xe0
[ 84.611412][ C0] __sys_sendmsg+0x88/0x100
[ 84.613325][ C0] do_syscall_64+0x35/0xb0
[ 84.615297][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 84.617704][ C0] RIP: 0033:0x7fbbed5ec0f7
[ 84.619846][ C0] Code: 64 89 02 48 c7 c0 ff ff ff ff eb bc 0f 1f 80 00 00 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[ 84.627115][ C0] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 84.630656][ C0] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fbbed5ec0f7
[ 84.633812][ C0] RDX: 0000000020000811 RSI: 00007ffd7a1e7630 RDI: 0000000000000004
[ 84.638113][ C0] RBP: 00007ffd7a1e762c R08: 0000000000000004 R09: 0000000000000000
[ 84.641422][ C0] R10: 00007ffd7a1e762c R11: 0000000000000246 R12: 00007ffd7a1e7630
[ 84.644856][ C0] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 84.648113][ C0] </TASK>
[ 84.745096][ C2] net_namespace: sock=ffff88800e6a0000 is accessing untracked net=ffff888036278000
[ 84.749028][ C2] net_namespace: sk->sk_family=10 sk->sk_prot_creator->name=(efault) sk->sk_state=12 sk->sk_flags=0xffff88800bbd8c40 net->ns.count=2
[ 84.754738][ C2] CPU: 2 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 84.757944][ C2] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 84.761531][ C2] Call Trace:
[ 84.762930][ C2] <IRQ>
[ 84.764209][ C2] dump_stack_lvl+0xcd/0x134
[ 84.766204][ C2] sock_net+0x118/0x160
[ 84.768239][ C2] __inet_lookup_established+0x127/0x360
[ 84.770835][ C2] tcp_v4_rcv+0xbae/0x1de0
[ 84.772780][ C2] ip_protocol_deliver_rcu+0x52/0x630
[ 84.775163][ C2] ip_local_deliver_finish+0xb4/0x1d0
[ 84.777395][ C2] ip_local_deliver+0xa7/0x320
[ 84.779347][ C2] ? ip_protocol_deliver_rcu+0x630/0x630
[ 84.781711][ C2] ip_rcv_finish+0x108/0x170
[ 84.783656][ C2] ip_rcv+0x69/0x2f0
[ 84.785609][ C2] ? ip_rcv_finish_core.isra.0+0xbb0/0xbb0
[ 84.787945][ C2] __netif_receive_skb_one_core+0x6a/0xa0
[ 84.790338][ C2] __netif_receive_skb+0x24/0xa0
[ 84.792346][ C2] process_backlog+0x11d/0x320
[ 84.794431][ C2] __napi_poll+0x3d/0x3e0
[ 84.796592][ C2] net_rx_action+0x34e/0x480
[ 84.798469][ C2] __do_softirq+0xde/0x539
[ 84.800514][ C2] ? sock_setsockopt+0x103/0x19f0
[ 84.803153][ C2] do_softirq+0xb1/0xf0
[ 84.805116][ C2] </IRQ>
[ 84.806534][ C2] <TASK>
[ 84.807900][ C2] __local_bh_enable_ip+0xbf/0xd0
[ 84.810002][ C2] sock_setsockopt+0x103/0x19f0
[ 84.812178][ C2] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 84.814535][ C2] __sys_setsockopt+0x2d1/0x330
[ 84.816496][ C2] __x64_sys_setsockopt+0x22/0x30
[ 84.818633][ C2] do_syscall_64+0x35/0xb0
[ 84.820620][ C2] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 84.823211][ C2] RIP: 0033:0x7fbbed50677e
[ 84.825098][ C2] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 49 89 ca b8 36 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e2 b6 0c 00 f7 d8 64 89 01 48
[ 84.832280][ C2] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000217 ORIG_RAX: 0000000000000036
[ 84.835905][ C2] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fbbed50677e
[ 84.839164][ C2] RDX: 0000000000000032 RSI: 0000000000000001 RDI: 0000000000000004
[ 84.842605][ C2] RBP: 00007ffd7a1e762c R08: 0000000000000004 R09: 0000000000000000
[ 84.845893][ C2] R10: 00007ffd7a1e762c R11: 0000000000000217 R12: 00007ffd7a1e7630
[ 84.849091][ C2] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 84.852527][ C2] </TASK>
[ 84.854068][ C2] net_namespace: sock=ffff88800e6a0000 is accessing untracked net=ffff888036278000
[ 84.858121][ C2] net_namespace: sk->sk_family=10 sk->sk_prot_creator->name=(efault) sk->sk_state=12 sk->sk_flags=0xffff88800bbd8c40 net->ns.count=2
[ 84.863384][ C2] CPU: 2 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 84.866705][ C2] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 84.870581][ C2] Call Trace:
[ 84.872201][ C2] <IRQ>
[ 84.873449][ C2] dump_stack_lvl+0xcd/0x134
[ 84.875838][ C2] sock_net+0x118/0x160
[ 84.877670][ C2] __inet_lookup_established+0x24f/0x360
[ 84.880054][ C2] tcp_v4_rcv+0xbae/0x1de0
[ 84.881976][ C2] ip_protocol_deliver_rcu+0x52/0x630
[ 84.884083][ C2] ip_local_deliver_finish+0xb4/0x1d0
[ 84.886449][ C2] ip_local_deliver+0xa7/0x320
[ 84.888449][ C2] ? ip_protocol_deliver_rcu+0x630/0x630
[ 84.890881][ C2] ip_rcv_finish+0x108/0x170
[ 84.893022][ C2] ip_rcv+0x69/0x2f0
[ 84.894792][ C2] ? ip_rcv_finish_core.isra.0+0xbb0/0xbb0
[ 84.897049][ C2] __netif_receive_skb_one_core+0x6a/0xa0
[ 84.899296][ C2] __netif_receive_skb+0x24/0xa0
[ 84.901420][ C2] process_backlog+0x11d/0x320
[ 84.903470][ C2] __napi_poll+0x3d/0x3e0
[ 84.905410][ C2] net_rx_action+0x34e/0x480
[ 84.907399][ C2] __do_softirq+0xde/0x539
[ 84.909259][ C2] ? sock_setsockopt+0x103/0x19f0
[ 84.914100][ C2] do_softirq+0xb1/0xf0
[ 84.915946][ C2] </IRQ>
[ 84.917252][ C2] <TASK>
[ 84.918598][ C2] __local_bh_enable_ip+0xbf/0xd0
[ 84.920777][ C2] sock_setsockopt+0x103/0x19f0
[ 84.922691][ C2] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 84.924959][ C2] __sys_setsockopt+0x2d1/0x330
[ 84.926866][ C2] __x64_sys_setsockopt+0x22/0x30
[ 84.928837][ C2] do_syscall_64+0x35/0xb0
[ 84.930807][ C2] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 84.933016][ C2] RIP: 0033:0x7fbbed50677e
[ 84.934935][ C2] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 f3 0f 1e fa 49 89 ca b8 36 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e2 b6 0c 00 f7 d8 64 89 01 48
[ 84.942206][ C2] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000217 ORIG_RAX: 0000000000000036
[ 84.945740][ C2] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007fbbed50677e
[ 84.948952][ C2] RDX: 0000000000000032 RSI: 0000000000000001 RDI: 0000000000000004
[ 84.952352][ C2] RBP: 00007ffd7a1e762c R08: 0000000000000004 R09: 0000000000000000
[ 84.955693][ C2] R10: 00007ffd7a1e762c R11: 0000000000000217 R12: 00007ffd7a1e7630
[ 84.958899][ C2] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 84.962649][ C2] </TASK>
[ 87.351519][ T2875] net_namespace: net=ffff888036278000 count=2
[ 87.354530][ T2875] CPU: 1 PID: 2875 Comm: a.out Not tainted 5.17.0-dirty #748
[ 87.357551][ T2875] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 87.361185][ T2875] Call Trace:
[ 87.362550][ T2875] <TASK>
[ 87.363891][ T2875] dump_stack_lvl+0xcd/0x134
[ 87.365794][ T2875] put_net.cold+0x1f/0x24
[ 87.367655][ T2875] free_nsproxy+0x1fe/0x2c0
[ 87.369737][ T2875] switch_task_namespaces+0x83/0x90
[ 87.372158][ T2875] do_exit+0x566/0x13d0
[ 87.374030][ T2875] ? find_held_lock+0x2b/0x80
[ 87.376164][ T2875] ? get_signal+0x1ef/0x16b0
[ 87.378079][ T2875] do_group_exit+0x51/0x100
[ 87.379966][ T2875] get_signal+0x257/0x16b0
[ 87.382106][ T2875] arch_do_signal_or_restart+0xeb/0x7f0
[ 87.384334][ T2875] exit_to_user_mode_prepare+0x189/0x280
[ 87.386547][ T2875] syscall_exit_to_user_mode+0x19/0x60
[ 87.388895][ T2875] do_syscall_64+0x42/0xb0
[ 87.390765][ T2875] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 87.393095][ T2875] RIP: 0033:0x7fbbed5ec0f7
[ 87.395241][ T2875] Code: Unable to access opcode bytes at RIP 0x7fbbed5ec0cd.
[ 87.398613][ T2875] RSP: 002b:00007ffd7a1e7618 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 87.402381][ T2875] RAX: ffffffffffffff96 RBX: 0000000000000004 RCX: 00007fbbed5ec0f7
[ 87.405723][ T2875] RDX: 0000000020000811 RSI: 00007ffd7a1e7630 RDI: 0000000000000004
[ 87.409023][ T2875] RBP: 00007ffd7a1e762c R08: 0000000000000004 R09: 0000000000000000
[ 87.412238][ T2875] R10: 00007ffd7a1e762c R11: 0000000000000246 R12: 00007ffd7a1e7630
[ 87.415477][ T2875] R13: 0000000000000003 R14: 00007ffd7a1e7680 R15: 0000000000000000
[ 87.418590][ T2875] </TASK>
[ 87.427287][ T2875] a.out (2875) used greatest stack depth: 11320 bytes left
[ 234.697150][ C0] net_namespace: net=ffff888036278000 count=1
[ 234.710780][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.17.0-dirty #748
[ 234.720528][ C0] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 234.727887][ C0] Call Trace:
[ 234.730895][ C0] <IRQ>
[ 234.734086][ C0] dump_stack_lvl+0xcd/0x134
[ 234.738276][ C0] put_net.cold+0x1f/0x24
[ 234.742162][ C0] __sk_destruct+0x1f9/0x3b0
[ 234.746326][ C0] sk_destruct+0xa6/0xc0
[ 234.749219][ C0] __sk_free+0x5a/0x1b0
[ 234.751159][ C0] sk_free+0x6b/0x90
[ 234.753239][ C0] tcp_write_timer+0x1ff/0x240
[ 234.755181][ C0] ? tcp_write_timer_handler+0x3f0/0x3f0
[ 234.757290][ C0] call_timer_fn+0xe3/0x4f0
[ 234.759095][ C0] ? tcp_write_timer_handler+0x3f0/0x3f0
[ 234.761341][ C0] run_timer_softirq+0x812/0xac0
[ 234.763337][ C0] __do_softirq+0xde/0x539
[ 234.765104][ C0] irq_exit_rcu+0xb6/0xf0
[ 234.766789][ C0] sysvec_apic_timer_interrupt+0x8e/0xc0
[ 234.769139][ C0] </IRQ>
[ 234.770482][ C0] <TASK>
[ 234.771702][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 234.774065][ C0] RIP: 0010:default_idle+0xb/0x10
[ 234.776010][ C0] Code: 00 00 00 75 09 48 83 c4 18 5b 5d 41 5c c3 e8 5c 96 fe ff cc cc cc cc cc cc cc cc cc cc cc cc eb 07 0f 00 2d 93 09 48 00 fb f4 <c3> 0f 1f 40 00 65 48 8b 04 25 40 af 01 00 f0 80 48 02 20 48 8b 10
[ 234.783374][ C0] RSP: 0018:ffffffff84203e90 EFLAGS: 00000202
[ 234.785849][ C0] RAX: 000000000002246b RBX: 0000000000000000 RCX: ffffffff842622c0
[ 234.789116][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 234.792254][ C0] RBP: ffffffff842622c0 R08: 0000000000000001 R09: 0000000000000001
[ 234.795720][ C0] R10: 0000000000000001 R11: 0000000000080000 R12: 0000000000000000
[ 234.798927][ C0] R13: ffffffff842622c0 R14: 0000000000000000 R15: 0000000000000000
[ 234.802563][ C0] default_idle_call+0x6a/0x260
[ 234.804592][ C0] do_idle+0x20c/0x260
[ 234.806332][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe
[ 234.808693][ C0] cpu_startup_entry+0x14/0x20
[ 234.810686][ C0] start_kernel+0x8f7/0x91e
[ 234.812538][ C0] secondary_startup_64_no_verify+0xc3/0xcb
[ 234.815399][ C0] </TASK>
[ 234.816785][ C0] net_namespace: Releasing net=ffff888036278000 net->ns.count=0 in_use=0
[ 234.820358][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.17.0-dirty #748
[ 234.823664][ C0] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 234.827160][ C0] Call Trace:
[ 234.828540][ C0] <IRQ>
[ 234.829812][ C0] dump_stack_lvl+0xcd/0x134
[ 234.831775][ C0] __put_net+0xc8/0x130
[ 234.834723][ C0] put_net+0x7d/0xb0
[ 234.836516][ C0] __sk_destruct+0x1f9/0x3b0
[ 234.838546][ C0] sk_destruct+0xa6/0xc0
[ 234.840453][ C0] __sk_free+0x5a/0x1b0
[ 234.842217][ C0] sk_free+0x6b/0x90
[ 234.844007][ C0] tcp_write_timer+0x1ff/0x240
[ 234.845938][ C0] ? tcp_write_timer_handler+0x3f0/0x3f0
[ 234.848146][ C0] call_timer_fn+0xe3/0x4f0
[ 234.850145][ C0] ? tcp_write_timer_handler+0x3f0/0x3f0
[ 234.852503][ C0] run_timer_softirq+0x812/0xac0
[ 234.855025][ C0] __do_softirq+0xde/0x539
[ 234.856908][ C0] irq_exit_rcu+0xb6/0xf0
[ 234.858712][ C0] sysvec_apic_timer_interrupt+0x8e/0xc0
[ 234.860980][ C0] </IRQ>
[ 234.862279][ C0] <TASK>
[ 234.863598][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 234.865966][ C0] RIP: 0010:default_idle+0xb/0x10
[ 234.868109][ C0] Code: 00 00 00 75 09 48 83 c4 18 5b 5d 41 5c c3 e8 5c 96 fe ff cc cc cc cc cc cc cc cc cc cc cc cc eb 07 0f 00 2d 93 09 48 00 fb f4 <c3> 0f 1f 40 00 65 48 8b 04 25 40 af 01 00 f0 80 48 02 20 48 8b 10
[ 234.875407][ C0] RSP: 0018:ffffffff84203e90 EFLAGS: 00000202
[ 234.877869][ C0] RAX: 000000000002246b RBX: 0000000000000000 RCX: ffffffff842622c0
[ 234.881349][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 234.885150][ C0] RBP: ffffffff842622c0 R08: 0000000000000001 R09: 0000000000000001
[ 234.888442][ C0] R10: 0000000000000001 R11: 0000000000080000 R12: 0000000000000000
[ 234.891831][ C0] R13: ffffffff842622c0 R14: 0000000000000000 R15: 0000000000000000
[ 234.895041][ C0] default_idle_call+0x6a/0x260
[ 234.897019][ C0] do_idle+0x20c/0x260
[ 234.898782][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe
[ 234.901456][ C0] cpu_startup_entry+0x14/0x20
[ 234.903364][ C0] start_kernel+0x8f7/0x91e
[ 234.905180][ C0] secondary_startup_64_no_verify+0xc3/0xcb
[ 234.907426][ C0] </TASK>
[ 234.909661][ C0] INFO: About to destroy net=ffff888036278000 sk=ffff888036058b80
[ 234.913082][ C0] sk->sk_family=2 sk->sk_prot_creator->name=TCP sk->sk_state=7 sk->sk_flags=0x301 net->ns.count=0
[ 260.295512][ C0] BUG: Trying to access destroyed net=ffff888036278000 sk=ffff88800e2d8000
[ 260.301941][ C0] sk->sk_family=10 sk->sk_prot_creator->name=TCPv6 sk->sk_state=11 sk->sk_flags=0x30b net->ns.count=0
[ 260.317639][ C0] ------------[ cut here ]------------
[ 260.323152][ C0] WARNING: CPU: 0 PID: 0 at net/ipv4/tcp_timer.c:461 tcp_retransmit_timer.cold+0xdf/0xe6
[ 260.334901][ C0] Modules linked in:
[ 260.338356][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.17.0-dirty #748
[ 260.342593][ C0] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 260.346821][ C0] RIP: 0010:tcp_retransmit_timer.cold+0xdf/0xe6
[ 260.349704][ C0] Code: 10 48 c7 c7 60 9d ff 83 48 8b 85 a0 03 00 00 44 8b 8b 4c 01 00 00 4c 8b 45 60 0f b6 4d 12 48 8d 90 88 01 00 00 e8 a8 25 f2 ff <0f> 0b e9 b6 40 5f ff e8 f3 59 ee fd 41 0f b6 d5 4c 89 e6 48 c7 c7
[ 260.359054][ C0] RSP: 0018:ffffc90000003d90 EFLAGS: 00010286
[ 260.362281][ C0] RAX: 0000000000000063 RBX: ffff888036278000 RCX: ffffffff842622c0
[ 260.365646][ C0] RDX: 0000000000000000 RSI: ffffffff842622c0 RDI: 0000000000000002
[ 260.368691][ C0] RBP: ffff88800e2d8000 R08: ffffffff81170398 R09: 0000000000000000
[ 260.371828][ C0] R10: 0000000000000005 R11: 0000000000080000 R12: 0000000000000001
[ 260.375009][ C0] R13: ffff88800e2d8000 R14: ffff88800e2d8098 R15: ffff88800e2d8080
[ 260.378533][ C0] FS: 0000000000000000(0000) GS:ffff88807dc00000(0000) knlGS:0000000000000000
[ 260.382408][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 260.385155][ C0] CR2: 00007fbbed4c8dc0 CR3: 000000000d765000 CR4: 00000000000506f0
[ 260.388406][ C0] Call Trace:
[ 260.389929][ C0] <IRQ>
[ 260.391386][ C0] ? lockdep_hardirqs_on+0x79/0x100
[ 260.393743][ C0] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 260.396147][ C0] ? ktime_get+0x2d3/0x400
[ 260.398064][ C0] tcp_write_timer_handler+0x257/0x3f0
[ 260.400357][ C0] tcp_write_timer+0x19c/0x240
[ 260.402389][ C0] ? tcp_write_timer_handler+0x3f0/0x3f0
[ 260.405068][ C0] call_timer_fn+0xe3/0x4f0
[ 260.407041][ C0] ? tcp_write_timer_handler+0x3f0/0x3f0
[ 260.409308][ C0] run_timer_softirq+0x812/0xac0
[ 260.411613][ C0] __do_softirq+0xde/0x539
[ 260.413646][ C0] irq_exit_rcu+0xb6/0xf0
[ 260.415607][ C0] sysvec_apic_timer_interrupt+0x8e/0xc0
[ 260.417882][ C0] </IRQ>
[ 260.419276][ C0] <TASK>
[ 260.420672][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 260.423039][ C0] RIP: 0010:default_idle+0xb/0x10
[ 260.425291][ C0] Code: 00 00 00 75 09 48 83 c4 18 5b 5d 41 5c c3 e8 5c 96 fe ff cc cc cc cc cc cc cc cc cc cc cc cc eb 07 0f 00 2d 93 09 48 00 fb f4 <c3> 0f 1f 40 00 65 48 8b 04 25 40 af 01 00 f0 80 48 02 20 48 8b 10
[ 260.433105][ C0] RSP: 0018:ffffffff84203e90 EFLAGS: 00000206
[ 260.435589][ C0] RAX: 0000000000024239 RBX: 0000000000000000 RCX: ffffffff842622c0
[ 260.438759][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 260.441945][ C0] RBP: ffffffff842622c0 R08: 0000000000000001 R09: 0000000000000001
[ 260.445777][ C0] R10: 0000000000000001 R11: 0000000000080000 R12: 0000000000000000
[ 260.449093][ C0] R13: ffffffff842622c0 R14: 0000000000000000 R15: 0000000000000000
[ 260.452404][ C0] default_idle_call+0x6a/0x260
[ 260.454562][ C0] do_idle+0x20c/0x260
[ 260.456353][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe
[ 260.458887][ C0] cpu_startup_entry+0x14/0x20
[ 260.461152][ C0] start_kernel+0x8f7/0x91e
[ 260.463226][ C0] secondary_startup_64_no_verify+0xc3/0xcb
[ 260.465718][ C0] </TASK>
[ 260.467111][ C0] Kernel panic - not syncing: panic_on_warn set ...
[ 260.469664][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.17.0-dirty #748
[ 260.472684][ C0] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 260.476355][ C0] Call Trace:
[ 260.477800][ C0] <IRQ>
[ 260.479141][ C0] dump_stack_lvl+0xcd/0x134
[ 260.481197][ C0] panic+0x1d0/0x537
[ 260.482913][ C0] ? __warn.cold+0xb0/0x228
[ 260.484892][ C0] ? tcp_retransmit_timer.cold+0xdf/0xe6
[ 260.487190][ C0] __warn.cold+0xc6/0x228
[ 260.488963][ C0] ? tcp_retransmit_timer.cold+0xdf/0xe6
[ 260.491241][ C0] report_bug+0x188/0x1d0
[ 260.493109][ C0] handle_bug+0x3c/0x60
[ 260.495107][ C0] exc_invalid_op+0x14/0x70
[ 260.497016][ C0] asm_exc_invalid_op+0x12/0x20
[ 260.499037][ C0] RIP: 0010:tcp_retransmit_timer.cold+0xdf/0xe6
[ 260.501651][ C0] Code: 10 48 c7 c7 60 9d ff 83 48 8b 85 a0 03 00 00 44 8b 8b 4c 01 00 00 4c 8b 45 60 0f b6 4d 12 48 8d 90 88 01 00 00 e8 a8 25 f2 ff <0f> 0b e9 b6 40 5f ff e8 f3 59 ee fd 41 0f b6 d5 4c 89 e6 48 c7 c7
[ 260.508760][ C0] RSP: 0018:ffffc90000003d90 EFLAGS: 00010286
[ 260.511211][ C0] RAX: 0000000000000063 RBX: ffff888036278000 RCX: ffffffff842622c0
[ 260.514559][ C0] RDX: 0000000000000000 RSI: ffffffff842622c0 RDI: 0000000000000002
[ 260.517942][ C0] RBP: ffff88800e2d8000 R08: ffffffff81170398 R09: 0000000000000000
[ 260.521127][ C0] R10: 0000000000000005 R11: 0000000000080000 R12: 0000000000000001
[ 260.524366][ C0] R13: ffff88800e2d8000 R14: ffff88800e2d8098 R15: ffff88800e2d8080
[ 260.528260][ C0] ? vprintk+0x88/0x90
[ 260.530145][ C0] ? lockdep_hardirqs_on+0x79/0x100
[ 260.532452][ C0] ? __sanitizer_cov_trace_pc+0x1a/0x40
[ 260.535072][ C0] ? ktime_get+0x2d3/0x400
[ 260.536958][ C0] tcp_write_timer_handler+0x257/0x3f0
[ 260.539214][ C0] tcp_write_timer+0x19c/0x240
[ 260.541237][ C0] ? tcp_write_timer_handler+0x3f0/0x3f0
[ 260.543627][ C0] call_timer_fn+0xe3/0x4f0
[ 260.545677][ C0] ? tcp_write_timer_handler+0x3f0/0x3f0
[ 260.547973][ C0] run_timer_softirq+0x812/0xac0
[ 260.550053][ C0] __do_softirq+0xde/0x539
[ 260.551937][ C0] irq_exit_rcu+0xb6/0xf0
[ 260.553767][ C0] sysvec_apic_timer_interrupt+0x8e/0xc0
[ 260.556439][ C0] </IRQ>
[ 260.557744][ C0] <TASK>
[ 260.559051][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 260.561515][ C0] RIP: 0010:default_idle+0xb/0x10
[ 260.563619][ C0] Code: 00 00 00 75 09 48 83 c4 18 5b 5d 41 5c c3 e8 5c 96 fe ff cc cc cc cc cc cc cc cc cc cc cc cc eb 07 0f 00 2d 93 09 48 00 fb f4 <c3> 0f 1f 40 00 65 48 8b 04 25 40 af 01 00 f0 80 48 02 20 48 8b 10
[ 260.570866][ C0] RSP: 0018:ffffffff84203e90 EFLAGS: 00000206
[ 260.573255][ C0] RAX: 0000000000024239 RBX: 0000000000000000 RCX: ffffffff842622c0
[ 260.577004][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 260.580254][ C0] RBP: ffffffff842622c0 R08: 0000000000000001 R09: 0000000000000001
[ 260.583366][ C0] R10: 0000000000000001 R11: 0000000000080000 R12: 0000000000000000
[ 260.586553][ C0] R13: ffffffff842622c0 R14: 0000000000000000 R15: 0000000000000000
[ 260.589759][ C0] default_idle_call+0x6a/0x260
[ 260.591774][ C0] do_idle+0x20c/0x260
[ 260.593618][ C0] ? trace_init_perf_perm_irq_work_exit+0xe/0xe
[ 260.596736][ C0] cpu_startup_entry+0x14/0x20
[ 260.598736][ C0] start_kernel+0x8f7/0x91e
[ 260.600659][ C0] secondary_startup_64_no_verify+0xc3/0xcb
[ 260.603066][ C0] </TASK>
[ 260.605294][ C0] Kernel Offset: disabled
[ 260.607310][ C0] Rebooting in 10 seconds..
------------------------------------------------------------
Would you check where this PF_INET6 socket is created at and whether
this PF_INET6 socket is taking a reference to the net namespace?
Powered by blists - more mailing lists