[    0.000000] Linux version 4.8.15-ab+ (root@localhost.localdomain) (gcc version 5.4.0 (GCC) ) #5 SMP Thu May 11 20:06:10 MSK 2017
[    0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-4.8.15-ab+ root=UUID=c6fd2578-db8d-42e5-a1eb-ff6b4aa51fc0 ro text console=tty0 console=ttyS0,115200n8 net.ifnames=0 crashkernel=512M
[    0.000000] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers'
[    0.000000] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
[    0.000000] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
[    0.000000] x86/fpu: xstate_offset[2]:  576, xstate_sizes[2]:  256
[    0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using 'standard' format.
[    0.000000] x86/fpu: Using 'eager' FPU context switches.
[    0.000000] e820: BIOS-provided physical RAM map:
[    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
[    0.000000] BIOS-e820: [mem 0x000000000009fc00-0x000000000009ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000000f0000-0x00000000000fffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000bffdffff] usable
[    0.000000] BIOS-e820: [mem 0x00000000bffe0000-0x00000000bfffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000feffc000-0x00000000feffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fffc0000-0x00000000ffffffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000043fffffff] usable
[    0.000000] NX (Execute Disable) protection: active
[    0.000000] SMBIOS 2.8 present.
[    0.000000] DMI: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[    0.000000] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
[    0.000000] e820: remove [mem 0x000a0000-0x000fffff] usable
[    0.000000] e820: last_pfn = 0x440000 max_arch_pfn = 0x400000000
[    0.000000] MTRR default type: write-back
[    0.000000] MTRR fixed ranges enabled:
[    0.000000]   00000-9FFFF write-back
[    0.000000]   A0000-BFFFF uncachable
[    0.000000]   C0000-FFFFF write-protect
[    0.000000] MTRR variable ranges enabled:
[    0.000000]   0 base 00C0000000 mask FFC0000000 uncachable
[    0.000000]   1 disabled
[    0.000000]   2 disabled
[    0.000000]   3 disabled
[    0.000000]   4 disabled
[    0.000000]   5 disabled
[    0.000000]   6 disabled
[    0.000000]   7 disabled
[    0.000000] x86/PAT: Configuration [0-7]: WB  WC  UC- UC  WB  WC  UC- WT  
[    0.000000] e820: last_pfn = 0xbffe0 max_arch_pfn = 0x400000000
[    0.000000] found SMP MP-table at [mem 0x000f6620-0x000f662f] mapped at [ffff8800000f6620]
[    0.000000] Base memory trampoline at [ffff880000099000] 99000 size 24576
[    0.000000] Using GB pages for direct mapping
[    0.000000] BRK [0x04d20000, 0x04d20fff] PGTABLE
[    0.000000] BRK [0x04d21000, 0x04d21fff] PGTABLE
[    0.000000] BRK [0x04d22000, 0x04d22fff] PGTABLE
[    0.000000] RAMDISK: [mem 0x35faa000-0x36fccfff]
[    0.000000] ACPI: Early table checksum verification disabled
[    0.000000] ACPI: RSDP 0x00000000000F6420 000014 (v00 BOCHS )
[    0.000000] ACPI: RSDT 0x00000000BFFE17D1 000034 (v01 BOCHS  BXPCRSDT 00000001 BXPC 00000001)
[    0.000000] ACPI: FACP 0x00000000BFFE0C14 000074 (v01 BOCHS  BXPCFACP 00000001 BXPC 00000001)
[    0.000000] ACPI: DSDT 0x00000000BFFE0040 000BD4 (v01 BOCHS  BXPCDSDT 00000001 BXPC 00000001)
[    0.000000] ACPI: FACS 0x00000000BFFE0000 000040
[    0.000000] ACPI: SSDT 0x00000000BFFE0C88 000A81 (v01 BOCHS  BXPCSSDT 00000001 BXPC 00000001)
[    0.000000] ACPI: APIC 0x00000000BFFE1709 000090 (v01 BOCHS  BXPCAPIC 00000001 BXPC 00000001)
[    0.000000] ACPI: HPET 0x00000000BFFE1799 000038 (v01 BOCHS  BXPCHPET 00000001 BXPC 00000001)
[    0.000000] ACPI: Local APIC address 0xfee00000
[    0.000000] No NUMA configuration found
[    0.000000] Faking a node at [mem 0x0000000000000000-0x000000043fffffff]
[    0.000000] NODE_DATA(0) allocated [mem 0x43fffc000-0x43fffdfff]
[    0.000000] Reserving 512MB of memory at 336MB for crashkernel (System RAM: 16383MB)
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000000001000-0x0000000000ffffff]
[    0.000000]   DMA32    [mem 0x0000000001000000-0x00000000ffffffff]
[    0.000000]   Normal   [mem 0x0000000100000000-0x000000043fffffff]
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000000001000-0x000000000009efff]
[    0.000000]   node   0: [mem 0x0000000000100000-0x00000000bffdffff]
[    0.000000]   node   0: [mem 0x0000000100000000-0x000000043fffffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000000001000-0x000000043fffffff]
[    0.000000] On node 0 totalpages: 4194174
[    0.000000]   DMA zone: 64 pages used for memmap
[    0.000000]   DMA zone: 21 pages reserved
[    0.000000]   DMA zone: 3998 pages, LIFO batch:0
[    0.000000]   DMA32 zone: 12224 pages used for memmap
[    0.000000]   DMA32 zone: 782304 pages, LIFO batch:31
[    0.000000]   Normal zone: 53248 pages used for memmap
[    0.000000]   Normal zone: 3407872 pages, LIFO batch:31
[    0.000000] kmemleak: Kernel memory leak detector disabled
[    0.000000] kasan: KernelAddressSanitizer initialized
[    0.000000] ACPI: PM-Timer IO Port: 0x608
[    0.000000] ACPI: Local APIC address 0xfee00000
[    0.000000] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
[    0.000000] IOAPIC[0]: apic_id 0, version 17, address 0xfec00000, GSI 0-23
[    0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
[    0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
[    0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
[    0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
[    0.000000] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
[    0.000000] ACPI: IRQ0 used by override.
[    0.000000] ACPI: IRQ5 used by override.
[    0.000000] ACPI: IRQ9 used by override.
[    0.000000] ACPI: IRQ10 used by override.
[    0.000000] ACPI: IRQ11 used by override.
[    0.000000] Using ACPI (MADT) for SMP configuration information
[    0.000000] ACPI: HPET id: 0x8086a201 base: 0xfed00000
[    0.000000] smpboot: Allowing 4 CPUs, 0 hotplug CPUs
[    0.000000] PM: Registered nosave memory: [mem 0x00000000-0x00000fff]
[    0.000000] PM: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
[    0.000000] PM: Registered nosave memory: [mem 0x000a0000-0x000effff]
[    0.000000] PM: Registered nosave memory: [mem 0x000f0000-0x000fffff]
[    0.000000] PM: Registered nosave memory: [mem 0xbffe0000-0xbfffffff]
[    0.000000] PM: Registered nosave memory: [mem 0xc0000000-0xfeffbfff]
[    0.000000] PM: Registered nosave memory: [mem 0xfeffc000-0xfeffffff]
[    0.000000] PM: Registered nosave memory: [mem 0xff000000-0xfffbffff]
[    0.000000] PM: Registered nosave memory: [mem 0xfffc0000-0xffffffff]
[    0.000000] e820: [mem 0xc0000000-0xfeffbfff] available for PCI devices
[    0.000000] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns
[    0.000000] setup_percpu: NR_CPUS:32 nr_cpumask_bits:32 nr_cpu_ids:4 nr_node_ids:1
[    0.000000] percpu: Embedded 44 pages/cpu @ffff8803aee00000 s140680 r8192 d31352 u524288
[    0.000000] pcpu-alloc: s140680 r8192 d31352 u524288 alloc=1*2097152
[    0.000000] pcpu-alloc: [0] 0 1 2 3 
[    0.000000] Built 1 zonelists in Node order, mobility grouping on.  Total pages: 4128617
[    0.000000] Policy zone: Normal
[    0.000000] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-4.8.15-ab+ root=UUID=c6fd2578-db8d-42e5-a1eb-ff6b4aa51fc0 ro text console=tty0 console=ttyS0,115200n8 net.ifnames=0 crashkernel=512M
[    0.000000] log_buf_len individual max cpu contribution: 131072 bytes
[    0.000000] log_buf_len total cpu_extra contributions: 393216 bytes
[    0.000000] log_buf_len min size: 524288 bytes
[    0.000000] log_buf_len: 1048576 bytes
[    0.000000] early log buf free: 516248(98%)
[    0.000000] PID hash table entries: 4096 (order: 3, 32768 bytes)
[    0.000000] Memory: 13735288K/16776696K available (19367K kernel code, 3941K rwdata, 4776K rodata, 9944K init, 22044K bss, 3041408K reserved, 0K cma-reserved)
[    0.000000] Tempesta: allocated huge pages space ffff88038ec00000 512MB at node 0
[    0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=4, Nodes=1
[    0.000000] Running RCU self tests
[    0.000000] Hierarchical RCU implementation.
[    0.000000] 	RCU lockdep checking is enabled.
[    0.000000] 	Build-time adjustment of leaf fanout to 64.
[    0.000000] 	RCU restricting CPUs from NR_CPUS=32 to nr_cpu_ids=4.
[    0.000000] RCU: Adjusting geometry for rcu_fanout_leaf=64, nr_cpu_ids=4
[    0.000000] NR_IRQS:4352 nr_irqs:456 16
[    0.000000] Console: colour VGA+ 80x25
[    0.000000] console [tty0] enabled
[    0.000000] console [ttyS0] enabled
[    0.000000] Lock dependency validator: Copyright (c) 2006 Red Hat, Inc., Ingo Molnar
[    0.000000] ... MAX_LOCKDEP_SUBCLASSES:  8
[    0.000000] ... MAX_LOCK_DEPTH:          48
[    0.000000] ... MAX_LOCKDEP_KEYS:        8191
[    0.000000] ... CLASSHASH_SIZE:          4096
[    0.000000] ... MAX_LOCKDEP_ENTRIES:     32768
[    0.000000] ... MAX_LOCKDEP_CHAINS:      65536
[    0.000000] ... CHAINHASH_SIZE:          32768
[    0.000000]  memory used by lock dependency info: 8159 kB
[    0.000000]  per task-struct memory footprint: 1920 bytes
[    0.000000] kmemleak: Early log buffer exceeded (2659), please increase DEBUG_KMEMLEAK_EARLY_LOG_SIZE
[    0.000000] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns
[    0.000000] hpet clockevent registered
[    0.000000] tsc: Fast TSC calibration using PIT
[    0.000000] tsc: Detected 3400.204 MHz processor
[    0.003005] Calibrating delay loop (skipped), value calculated using timer frequency.. 6800.40 BogoMIPS (lpj=3400204)
[    0.004493] pid_max: default: 32768 minimum: 301
[    0.005088] ACPI: Core revision 20160422
[    0.136153] ACPI: 2 ACPI AML tables successfully acquired and loaded
[    0.136978] 
[    0.137272] Security Framework initialized
[    0.139476] Dentry cache hash table entries: 2097152 (order: 12, 16777216 bytes)
[    0.146724] Inode-cache hash table entries: 1048576 (order: 11, 8388608 bytes)
[    0.150708] Mount-cache hash table entries: 32768 (order: 6, 262144 bytes)
[    0.151078] Mountpoint-cache hash table entries: 32768 (order: 6, 262144 bytes)
[    0.156905] CPU: Physical Processor ID: 0
[    0.157004] CPU: Processor Core ID: 0
[    0.158004] mce: CPU supports 10 MCE banks
[    0.158662] numa_add_cpu cpu 0 node 0: mask now 0
[    0.158666] Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0
[    0.159003] Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0, 1GB 0
[    0.161250] Freeing SMP alternatives memory: 24K (ffffffff83791000 - ffffffff83797000)
[    0.162012] ftrace: allocating 23496 entries in 92 pages
[    0.169531] smpboot: APIC(0) Converting physical 0 to logical package 0
[    0.170006] smpboot: Max logical packages: 1
[    0.172000] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
[    0.181410] TSC deadline timer enabled
[    0.181424] smpboot: CPU0: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz (family: 0x6, model: 0x3c, stepping: 0x3)
[    0.182424] Performance Events: Haswell events, Intel PMU driver.
[    0.183044] ... version:                2
[    0.183627] ... bit width:              48
[    0.184009] ... generic registers:      8
[    0.184615] ... value mask:             0000ffffffffffff
[    0.185003] ... max period:             000000007fffffff
[    0.185709] ... fixed-purpose events:   3
[    0.186003] ... event mask:             00000007000000ff
[    0.192413] NMI watchdog: enabled on all CPUs, permanently consumes one hw-PMU counter.
[    0.194881] x86: Booting SMP configuration:
[    0.195006] .... node  #0, CPUs:      #1
[    0.004000] numa_add_cpu cpu 1 node 0: mask now 0-1
[    0.257829]  #2
[    0.004000] numa_add_cpu cpu 2 node 0: mask now 0-2
[    0.320869]  #3
[    0.004000] numa_add_cpu cpu 3 node 0: mask now 0-3
[    0.382211] x86: Booted up 1 node, 4 CPUs
[    0.383005] smpboot: Total of 4 processors activated (27326.60 BogoMIPS)
[    0.395036] devtmpfs: initialized
[    0.404892] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns
[    0.407723] NET: Registered protocol family 16
[    0.414040] cpuidle: using governor ladder
[    0.418013] cpuidle: using governor menu
[    0.418948] ACPI: bus type PCI registered
[    0.420836] PCI: Using configuration type 1 for base access
[    0.421122] core: PMU erratum BJ122, BV98, HSD29 workaround disabled, HT off
[    0.422094] NMI watchdog: enabled on all CPUs, permanently consumes one hw-PMU counter.
[    0.476741] HugeTLB registered 1 GB page size, pre-allocated 0 pages
[    0.477005] HugeTLB registered 2 MB page size, pre-allocated 0 pages
[    0.482078] ACPI: Added _OSI(Module Device)
[    0.482678] ACPI: Added _OSI(Processor Device)
[    0.483005] ACPI: Added _OSI(3.0 _SCP Extensions)
[    0.483630] ACPI: Added _OSI(Processor Aggregator Device)
[    0.547688] ACPI: Interpreter enabled
[    0.548419] ACPI: (supports S0 S3 S4 S5)
[    0.548995] ACPI: Using IOAPIC for interrupt routing
[    0.549476] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
[    0.846503] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
[    0.847100] acpi PNP0A03:00: _OSC: OS supports [ASPM ClockPM Segments MSI]
[    0.848402] acpi PNP0A03:00: _OSC failed (AE_NOT_FOUND); disabling ASPM
[    0.849694] acpi PNP0A03:00: fail to add MMCONFIG information, can't access extended PCI configuration space under this bridge.
[    0.880533] PCI host bridge to bus 0000:00
[    0.881041] pci_bus 0000:00: root bus resource [io  0x0000-0x0cf7 window]
[    0.881846] pci_bus 0000:00: root bus resource [io  0x0d00-0xffff window]
[    0.882036] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
[    0.883036] pci_bus 0000:00: root bus resource [mem 0xc0000000-0xfebfffff window]
[    0.884038] pci_bus 0000:00: root bus resource [bus 00-ff]
[    0.884893] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000
[    0.894954] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100
[    0.904755] pci 0000:00:01.1: [8086:7010] type 00 class 0x010180
[    0.906009] pci 0000:00:01.1: reg 0x20: [io  0xc0e0-0xc0ef]
[    0.906615] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io  0x01f0-0x01f7]
[    0.907006] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io  0x03f6]
[    0.907772] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io  0x0170-0x0177]
[    0.908005] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io  0x0376]
[    0.917638] pci 0000:00:01.3: [8086:7113] type 00 class 0x068000
[    0.918079] pci 0000:00:01.3: quirk: [io  0x0600-0x063f] claimed by PIIX4 ACPI
[    0.919011] pci 0000:00:01.3: quirk: [io  0x0700-0x070f] claimed by PIIX4 SMB
[    0.929092] pci 0000:00:02.0: [1234:1111] type 00 class 0x030000
[    0.930442] pci 0000:00:02.0: reg 0x10: [mem 0xfd000000-0xfdffffff pref]
[    0.931815] pci 0000:00:02.0: reg 0x18: [mem 0xfebf0000-0xfebf0fff]
[    0.934505] pci 0000:00:02.0: reg 0x30: [mem 0xfebe0000-0xfebeffff pref]
[    0.944635] pci 0000:00:03.0: [8086:100e] type 00 class 0x020000
[    0.945009] pci 0000:00:03.0: reg 0x10: [mem 0xfebc0000-0xfebdffff]
[    0.945529] pci 0000:00:03.0: reg 0x14: [io  0xc000-0xc03f]
[    0.948356] pci 0000:00:03.0: reg 0x30: [mem 0xfeb80000-0xfebbffff pref]
[    0.958576] pci 0000:00:04.0: [1af4:1002] type 00 class 0x00ff00
[    0.958913] pci 0000:00:04.0: reg 0x10: [io  0xc0c0-0xc0df]
[    0.970148] pci 0000:00:05.0: [1af4:1009] type 00 class 0x000200
[    0.970695] pci 0000:00:05.0: reg 0x10: [io  0xc040-0xc07f]
[    0.971007] pci 0000:00:05.0: reg 0x14: [mem 0xfebf1000-0xfebf1fff]
[    0.983066] pci 0000:00:06.0: [1af4:1009] type 00 class 0x000200
[    0.983606] pci 0000:00:06.0: reg 0x10: [io  0xc080-0xc0bf]
[    0.984007] pci 0000:00:06.0: reg 0x14: [mem 0xfebf2000-0xfebf2fff]
[    1.025229] ACPI: PCI Interrupt Link [LNKA] (IRQs 5 *10 11)
[    1.031875] ACPI: PCI Interrupt Link [LNKB] (IRQs 5 *10 11)
[    1.038437] ACPI: PCI Interrupt Link [LNKC] (IRQs 5 10 *11)
[    1.045191] ACPI: PCI Interrupt Link [LNKD] (IRQs 5 10 *11)
[    1.048395] ACPI: PCI Interrupt Link [LNKS] (IRQs *9)
[    1.081302] ACPI: Enabled 16 GPEs in block 00 to 0F
[    1.084275] vgaarb: setting as boot device: PCI:0000:00:02.0
[    1.084836] vgaarb: device added: PCI:0000:00:02.0,decodes=io+mem,owns=io+mem,locks=none
[    1.085011] vgaarb: loaded
[    1.085504] vgaarb: bridge control possible 0000:00:02.0
[    1.089434] SCSI subsystem initialized
[    1.090406] libata version 3.00 loaded.
[    1.093024] PCI: Using ACPI for IRQ routing
[    1.093630] PCI: pci_cache_line_size set to 64 bytes
[    1.093723] e820: reserve RAM buffer [mem 0x0009fc00-0x0009ffff]
[    1.093765] e820: reserve RAM buffer [mem 0xbffe0000-0xbfffffff]
[    1.098604] NetLabel: Initializing
[    1.099005] NetLabel:  domain hash size = 128
[    1.099609] NetLabel:  protocols = UNLABELED CIPSOv4
[    1.100239] NetLabel:  unlabeled traffic allowed by default
[    1.101356] hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0
[    1.102401] hpet0: 3 comparators, 64-bit 100.000000 MHz counter
[    1.113787] clocksource: Switched to clocksource hpet
[    1.324298] VFS: Disk quotas dquot_6.6.0
[    1.325039] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
[    1.327382] pnp: PnP ACPI init
[    1.330065] pnp 00:00: Plug and Play ACPI device, IDs PNP0b00 (active)
[    1.331824] pnp 00:01: Plug and Play ACPI device, IDs PNP0303 (active)
[    1.333511] pnp 00:02: Plug and Play ACPI device, IDs PNP0f13 (active)
[    1.334940] pnp 00:03: [dma 2]
[    1.335893] pnp 00:03: Plug and Play ACPI device, IDs PNP0700 (active)
[    1.338299] pnp 00:04: Plug and Play ACPI device, IDs PNP0400 (active)
[    1.340736] pnp 00:05: Plug and Play ACPI device, IDs PNP0501 (active)
[    1.343202] pnp 00:06: Plug and Play ACPI device, IDs PNP0501 (active)
[    1.354157] pnp: PnP ACPI: found 7 devices
[    1.425474] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns
[    1.426696] pci_bus 0000:00: resource 4 [io  0x0000-0x0cf7 window]
[    1.426698] pci_bus 0000:00: resource 5 [io  0x0d00-0xffff window]
[    1.426699] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window]
[    1.426700] pci_bus 0000:00: resource 7 [mem 0xc0000000-0xfebfffff window]
[    1.427106] NET: Registered protocol family 2
[    1.430831] TCP established hash table entries: 131072 (order: 8, 1048576 bytes)
[    1.432911] TCP bind hash table entries: 65536 (order: 10, 4194304 bytes)
[    1.440133] TCP: Hash tables configured (established 131072 bind 65536)
[    1.441315] UDP hash table entries: 8192 (order: 8, 1310720 bytes)
[    1.443536] UDP-Lite hash table entries: 8192 (order: 8, 1310720 bytes)
[    1.447040] NET: Registered protocol family 1
[    1.447768] pci 0000:00:00.0: Limiting direct PCI/PCI transfers
[    1.448509] pci 0000:00:01.0: PIIX3: Enabling Passive Release
[    1.449244] pci 0000:00:01.0: Activating ISA DMA hang workarounds
[    1.449998] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff]
[    1.451161] PCI: CLS 0 bytes, default 64
[    1.452341] Trying to unpack rootfs image as initramfs...
[    2.071886] Freeing initrd memory: 16524K (ffff880035faa000 - ffff880036fcd000)
[    2.073023] PCI-DMA: Using software bounce buffering for IO (SWIOTLB)
[    2.073773] software IO TLB [mem 0xbbfe0000-0xbffe0000] (64MB) mapped at [ffff8800bbfe0000-ffff8800bffdffff]
[    2.100982] futex hash table entries: 1024 (order: 5, 131072 bytes)
[    2.102036] audit: initializing netlink subsys (disabled)
[    2.103040] audit: type=2000 audit(1494581512.102:1): initialized
[    2.111916] workingset: timestamp_bits=59 max_order=22 bucket_order=0
[    2.275694] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251)
[    2.277167] io scheduler noop registered
[    2.277748] io scheduler deadline registered
[    2.280884] io scheduler cfq registered (default)
[    2.289939] intel_idle: does not run on family 6 model 60
[    2.292394] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0
[    2.293588] ACPI: Power Button [PWRF]
[    2.300191] GHES: HEST is not enabled!
[    2.301763] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
[    2.325145] 00:05: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A
[    2.351682] 00:06: ttyS1 at I/O 0x2f8 (irq = 3, base_baud = 115200) is a 16550A
[    2.364646] Non-volatile memory driver v1.3
[    2.366319] Linux agpgart interface v0.103
[    2.459277] brd: module loaded
[    2.516318] loop: module loaded
[    2.520437] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12
[    2.523665] serio: i8042 KBD port at 0x60,0x64 irq 1
[    2.524533] serio: i8042 AUX port at 0x60,0x64 irq 12
[    2.529603] mousedev: PS/2 mouse device common for all mice
[    2.536479] drop_monitor: Initializing network drop monitor service
[    2.538394] Initializing XFRM netlink socket
[    2.539138] NET: Registered protocol family 17
[    2.539780] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
[    2.548521] microcode: sig=0x306c3, pf=0x1, revision=0x1
[    2.550517] microcode: Microcode Update Driver: v2.01 <tigran@aivazian.fsnet.co.uk>, Peter Oruba
[    2.555049] registered taskstats version 1
[    2.555698] page_owner is disabled
[    2.556921] ima: No TPM chip found, activating TPM-bypass!
[    2.562199] hctosys: unable to open rtc device (rtc0)
[    2.579059] Freeing unused kernel memory: 9944K (ffffffff82ddb000 - ffffffff83791000)
[    2.580171] Write protecting the kernel read-only data: 26624k
[    2.582036] Freeing unused kernel memory: 1092K (ffff8800022ef000 - ffff880002400000)
[    2.586110] Freeing unused kernel memory: 1368K (ffff8800028aa000 - ffff880002a00000)
[    2.603213] systemd[1]: Inserted module 'autofs4'
[    2.630863] NET: Registered protocol family 10
[    2.645193] systemd[1]: Inserted module 'ipv6'
[    2.653080] random: systemd: uninitialized urandom read (16 bytes read)
[    2.657138] random: systemd: uninitialized urandom read (16 bytes read)
[    2.674923] systemd[1]: systemd 219 running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
[    2.677217] systemd[1]: Detected virtualization kvm.
[    2.677904] systemd[1]: Detected architecture x86-64.
[    2.678610] systemd[1]: Running in initial RAM disk.
[    2.680994] systemd[1]: Set hostname to <localhost.localdomain>.
[    2.799361] random: systemd: uninitialized urandom read (16 bytes read)
[    2.800236] random: systemd: uninitialized urandom read (16 bytes read)
[    2.801125] random: systemd: uninitialized urandom read (16 bytes read)
[    2.801964] random: systemd: uninitialized urandom read (16 bytes read)
[    2.805681] random: systemd: uninitialized urandom read (16 bytes read)
[    2.806772] random: systemd: uninitialized urandom read (16 bytes read)
[    2.807896] random: systemd: uninitialized urandom read (16 bytes read)
[    2.809739] random: systemd: uninitialized urandom read (16 bytes read)
[    2.820471] systemd[1]: Reached target Timers.
[    2.821175] systemd[1]: Starting Timers.
[    2.823441] systemd[1]: Reached target Local File Systems.
[    2.824187] systemd[1]: Starting Local File Systems.
[    2.831164] systemd[1]: Created slice -.slice.
[    3.103207] tsc: Refined TSC clocksource calibration: 3399.987 MHz
[    3.124873] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x310242702b2, max_idle_ns: 440795263614 ns
[    3.468414] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input3
[    3.742490] ata_piix 0000:00:01.1: version 2.13
[    3.775002] Floppy drive(s): fd0 is 1.44M
[    3.796084] scsi host0: ata_piix
[    3.803669] FDC 0 is a S82078B
[    3.827230] e1000: Intel(R) PRO/1000 Network Driver - version 7.3.21-k8-NAPI
[    3.828055] e1000: Copyright (c) 1999-2006 Intel Corporation.
[    3.852792] random: fast init done
[    3.873235] scsi host1: ata_piix
[    3.891632] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc0e0 irq 14
[    3.892460] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc0e8 irq 15
[    4.055759] ata1.01: NODEV after polling detection
[    4.055953] ata1.00: ATA-7: QEMU HARDDISK, 2.5+, max UDMA/100
[    4.058100] ata1.00: 41943040 sectors, multi 16: LBA48 
[    4.060435] ata1.00: configured for MWDMA2
[    4.063437] ata2.01: NODEV after polling detection
[    4.063636] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100
[    4.068323] scsi 0:0:0:0: Direct-Access     ATA      QEMU HARDDISK    2.5+ PQ: 0 ANSI: 5
[    4.075817] ata2.00: configured for MWDMA2
[    4.112030] sd 0:0:0:0: [sda] 41943040 512-byte logical blocks: (21.5 GB/20.0 GiB)
[    4.114835] sd 0:0:0:0: [sda] Write Protect is off
[    4.116145] sd 0:0:0:0: [sda] Mode Sense: 00 3a 00 00
[    4.116623] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[    4.126435] sd 0:0:0:0: Attached scsi generic sg0 type 0
[    4.136091] clocksource: Switched to clocksource tsc
[    4.149786] scsi 1:0:0:0: CD-ROM            QEMU     QEMU DVD-ROM     2.5+ PQ: 0 ANSI: 5
[    4.153528]  sda: sda1
[    4.171661] sd 0:0:0:0: [sda] Attached SCSI disk
[    4.179126] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray
[    4.181496] cdrom: Uniform CD-ROM driver Revision: 3.20
[    4.202983] sr 1:0:0:0: Attached scsi CD-ROM sr0
[    4.206885] sr 1:0:0:0: Attached scsi generic sg1 type 5
[   11.576440] ACPI: PCI Interrupt Link [LNKD] enabled at IRQ 11
[   11.577240] virtio-pci 0000:00:04.0: virtio_pci: leaving for legacy driver
[   15.252008] perf: interrupt took too long (2571 > 2500), lowering kernel.perf_event_max_sample_rate to 77000
[   18.666250] perf: interrupt took too long (3245 > 3213), lowering kernel.perf_event_max_sample_rate to 61000
[   19.137728] ACPI: PCI Interrupt Link [LNKA] enabled at IRQ 10
[   19.138524] virtio-pci 0000:00:05.0: virtio_pci: leaving for legacy driver
[   22.555007] perf: interrupt took too long (4057 > 4056), lowering kernel.perf_event_max_sample_rate to 49000
[   26.685231] ACPI: PCI Interrupt Link [LNKB] enabled at IRQ 10
[   26.692274] virtio-pci 0000:00:06.0: virtio_pci: leaving for legacy driver
[   34.619068] ACPI: PCI Interrupt Link [LNKC] enabled at IRQ 11
[   34.922501] e1000 0000:00:03.0 eth0: (PCI:33MHz:32-bit) 52:54:00:f1:cb:48
[   34.923426] e1000 0000:00:03.0 eth0: Intel(R) PRO/1000 Network Connection
[   37.134735] perf: interrupt took too long (5095 > 5071), lowering kernel.perf_event_max_sample_rate to 39000
[   42.627752] EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: (null)
[   43.390343] systemd-journald[118]: Received SIGTERM from PID 1 (systemd).
[   43.460060] systemd: 23 output lines suppressed due to ratelimiting
[   43.472245] random: crng init done
[   43.720069] ip_tables: (C) 2000-2006 Netfilter Core Team
[   43.721374] systemd[1]: Inserted module 'ip_tables'
[   44.260279] EXT4-fs (sda1): re-mounted. Opts: (null)
[   44.410253] systemd-journald[371]: Received request to flush runtime journal from PID 1
[   44.836186] audit: type=1305 audit(1494581554.835:2): audit_pid=408 old=0 auid=4294967295 ses=4294967295 res=1
[   45.630048] parport_pc 00:04: reported by Plug and Play ACPI
[   45.632470] parport0: PC-style at 0x378, irq 7 [PCSPP,TRISTATE]
[   45.680727] input: PC Speaker as /devices/platform/pcspkr/input/input4
[   45.749685] 9pnet: Installing 9P2000 support
[   45.967589] piix4_smbus 0000:00:01.3: SMBus Host Controller at 0x700, revision 0
[   46.165358] ppdev: user-space parallel port driver
[   46.288691] AVX2 version of gcm_enc/dec engaged.
[   46.289987] AES CTR mode by8 optimization enabled
[   46.628769] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[   46.632712] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[   46.647761] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[   46.651624] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
[   55.718235] perf: interrupt took too long (6416 > 6368), lowering kernel.perf_event_max_sample_rate to 31000
[  100.325931] perf: interrupt took too long (8031 > 8020), lowering kernel.perf_event_max_sample_rate to 24000
[  353.258133] perf: interrupt took too long (10043 > 10038), lowering kernel.perf_event_max_sample_rate to 19000
[  601.827713] tempesta_tls: loading out-of-tree module taints kernel.
[  605.339646] [tdb] Start Tempesta DB
[  605.360718] [tempesta] Initializing Tempesta FW kernel module...
[  605.437907] [tempesta] Registering new scheduler: hash
[  605.447384] [tempesta] Registering new scheduler: http
[  605.456698] [tempesta] Registering new scheduler: round-robin
[  605.496278] [tempesta] Starting all modules...
[  605.518760] [tdb] Opened table /opt/tempesta/db/filter.tdb: size=16777216 rec_size=20 base=ffff8803adc00000
[  605.824774] [tdb] Opened table /opt/tempesta/db/cache.tdb: size=268435456 rec_size=0 base=ffff88039dc00000
[  605.826372] [tempesta] Open listen socket on: 0.0.0.0
[  605.827656] [tempesta] modules are started
[  664.513244] perf: interrupt took too long (12559 > 12553), lowering kernel.perf_event_max_sample_rate to 15000
[ 1283.286004] ==================================================================
[ 1283.286004] BUG: KASAN: use-after-free in tcp_rearm_rto.part.59+0x24a/0x2a0 at addr ffff880389e56014
[ 1283.286004] Read of size 4 by task ksoftirqd/2/22
[ 1283.286004] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1283.286004] flags: 0x1000000000000000()
[ 1283.286004] page dumped because: kasan: bad access detected
[ 1283.286004] CPU: 2 PID: 22 Comm: ksoftirqd/2 Tainted: G           O    4.8.15-ab+ #5
[ 1283.286004] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1283.286004]  ffff880389e56000 ffff88038c9af870 ffffffff8199f263 ffff88038c9af900
[ 1283.286004]  ffff880389e56014 ffff88038c9af8f0 ffffffff8151c33e ffff880312156cf8
[ 1283.286004]  0000000000000000 ffff88038c9af9b8 0000000000000282 00000001000f00d3
[ 1283.286004] Call Trace:
[ 1283.286004]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1283.286004]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1283.286004]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1283.286004]  [<ffffffff81f60800>] ? skb_page_frag_refill+0x280/0x330
[ 1283.286004]  [<ffffffff820fc7aa>] ? tcp_rearm_rto.part.59+0x24a/0x2a0
[ 1283.286004]  [<ffffffff820fc7aa>] tcp_rearm_rto.part.59+0x24a/0x2a0
[ 1283.286004]  [<ffffffff82113942>] tcp_rearm_rto+0x72/0xc0
[ 1283.286004]  [<ffffffff82126775>] tcp_event_new_data_sent+0x225/0x2c0
[ 1283.286004]  [<ffffffff8212ee46>] tcp_write_xmit+0x596/0x4d10
[ 1283.286004]  [<ffffffff82142ad3>] ? tcp_v4_md5_lookup+0x13/0x20
[ 1283.286004]  [<ffffffff82124414>] ? tcp_established_options+0x94/0x3f0
[ 1283.286004]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1283.286004]  [<ffffffff82128000>] ? tcp_sync_mss+0x540/0x5b0
[ 1283.286004]  [<ffffffff82133d4d>] __tcp_push_pending_frames+0x8d/0x2a0
[ 1283.286004]  [<ffffffff820dcf50>] tcp_push+0x460/0x740
[ 1283.286004]  [<ffffffff820dd424>] ? tcp_send_mss+0x24/0x2b0
[ 1283.286004]  [<ffffffffa094e592>] ss_tx_action+0x962/0x1210 [tempesta_fw]
[ 1283.286004]  [<ffffffffa094dc30>] ? ss_send+0x5b0/0x5b0 [tempesta_fw]
[ 1283.286004]  [<ffffffffa094dc30>] ? ss_send+0x5b0/0x5b0 [tempesta_fw]
[ 1283.286004]  [<ffffffff81fbc2f4>] net_tx_action+0x244/0x9d0
[ 1283.286004]  [<ffffffff81fbc290>] ? net_tx_action+0x1e0/0x9d0
[ 1283.286004]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 1283.286004]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1283.286004]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 1283.286004]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 1283.286004]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 1283.286004]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 1283.286004]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 1283.286004]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 1283.286004]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 1283.286004]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 1283.286004]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 1283.286004]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 1283.286004]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 1283.286004]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 1283.286004] Memory state around the buggy address:
[ 1283.286004]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.286004]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.286004] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.286004]                          ^
[ 1283.286004]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.286004]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.286004] ==================================================================
[ 1283.286004] Disabling lock debugging due to kernel taint
[ 1283.335552] ==================================================================
[ 1283.336060] BUG: KASAN: use-after-free in tcp_rearm_rto.part.59+0x24a/0x2a0 at addr ffff880389e56014
[ 1283.336060] Read of size 4 by task ksoftirqd/2/22
[ 1283.336060] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1283.336060] flags: 0x1000000000000000()
[ 1283.339925] page dumped because: kasan: bad access detected
[ 1283.339925] CPU: 2 PID: 22 Comm: ksoftirqd/2 Tainted: G    B      O    4.8.15-ab+ #5
[ 1283.339925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1283.339925]  ffff880389e56000 ffff88038c9af870 ffffffff8199f263 ffff88038c9af900
[ 1283.339925]  ffff880389e56014 ffff88038c9af8f0 ffffffff8151c33e ffff880383c368f8
[ 1283.339925]  0000000000000000 ffff88038c9af9b8 0000000000000282 00000001000f00d3
[ 1283.339925] Call Trace:
[ 1283.339925]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1283.339925]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1283.339925]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1283.339925]  [<ffffffff81f60800>] ? skb_page_frag_refill+0x280/0x330
[ 1283.339925]  [<ffffffff820fc7aa>] ? tcp_rearm_rto.part.59+0x24a/0x2a0
[ 1283.339925]  [<ffffffff820fc7aa>] tcp_rearm_rto.part.59+0x24a/0x2a0
[ 1283.339925]  [<ffffffff82113942>] tcp_rearm_rto+0x72/0xc0
[ 1283.339925]  [<ffffffff82126775>] tcp_event_new_data_sent+0x225/0x2c0
[ 1283.339925]  [<ffffffff8212ee46>] tcp_write_xmit+0x596/0x4d10
[ 1283.339925]  [<ffffffff82142ad3>] ? tcp_v4_md5_lookup+0x13/0x20
[ 1283.339925]  [<ffffffff82124414>] ? tcp_established_options+0x94/0x3f0
[ 1283.339925]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1283.339925]  [<ffffffff82128000>] ? tcp_sync_mss+0x540/0x5b0
[ 1283.339925]  [<ffffffff82133d4d>] __tcp_push_pending_frames+0x8d/0x2a0
[ 1283.339925]  [<ffffffff820dcf50>] tcp_push+0x460/0x740
[ 1283.339925]  [<ffffffff820dd424>] ? tcp_send_mss+0x24/0x2b0
[ 1283.339925]  [<ffffffffa094e592>] ss_tx_action+0x962/0x1210 [tempesta_fw]
[ 1283.339925]  [<ffffffffa094dc30>] ? ss_send+0x5b0/0x5b0 [tempesta_fw]
[ 1283.339925]  [<ffffffffa094dc30>] ? ss_send+0x5b0/0x5b0 [tempesta_fw]
[ 1283.339925]  [<ffffffff81fbc2f4>] net_tx_action+0x244/0x9d0
[ 1283.339925]  [<ffffffff81fbc290>] ? net_tx_action+0x1e0/0x9d0
[ 1283.339925]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 1283.339925]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1283.339925]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 1283.339925]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 1283.339925]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 1283.339925]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 1283.339925]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 1283.339925]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 1283.339925]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 1283.339925]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 1283.339925]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 1283.339925]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 1283.339925]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 1283.339925]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 1283.339925] Memory state around the buggy address:
[ 1283.339925]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.339925]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.339925] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.339925]                          ^
[ 1283.339925]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.339925]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.339925] ==================================================================
[ 1283.381625] ==================================================================
[ 1283.382579] BUG: KASAN: use-after-free in tcp_rearm_rto.part.59+0x24a/0x2a0 at addr ffff880389e56014
[ 1283.383031] Read of size 4 by task ksoftirqd/2/22
[ 1283.383031] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1283.383031] flags: 0x1000000000000000()
[ 1283.383031] page dumped because: kasan: bad access detected
[ 1283.383031] CPU: 2 PID: 22 Comm: ksoftirqd/2 Tainted: G    B      O    4.8.15-ab+ #5
[ 1283.383031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1283.383031]  ffff880389e56000 ffff88038c9af870 ffffffff8199f263 ffff88038c9af900
[ 1283.383031]  ffff880389e56014 ffff88038c9af8f0 ffffffff8151c33e ffff8803144f50f8
[ 1283.383031]  0000000000000000 ffff88038c9af9b8 0000000000000282 00000001000f00d3
[ 1283.383031] Call Trace:
[ 1283.383031]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1283.383031]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1283.383031]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1283.383031]  [<ffffffff81f60800>] ? skb_page_frag_refill+0x280/0x330
[ 1283.383031]  [<ffffffff820fc7aa>] ? tcp_rearm_rto.part.59+0x24a/0x2a0
[ 1283.383031]  [<ffffffff820fc7aa>] tcp_rearm_rto.part.59+0x24a/0x2a0
[ 1283.383031]  [<ffffffff82113942>] tcp_rearm_rto+0x72/0xc0
[ 1283.383031]  [<ffffffff82126775>] tcp_event_new_data_sent+0x225/0x2c0
[ 1283.383031]  [<ffffffff8212ee46>] tcp_write_xmit+0x596/0x4d10
[ 1283.383031]  [<ffffffff82142ad3>] ? tcp_v4_md5_lookup+0x13/0x20
[ 1283.383031]  [<ffffffff82124414>] ? tcp_established_options+0x94/0x3f0
[ 1283.383031]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1283.383031]  [<ffffffff82128000>] ? tcp_sync_mss+0x540/0x5b0
[ 1283.383031]  [<ffffffff82133d4d>] __tcp_push_pending_frames+0x8d/0x2a0
[ 1283.383031]  [<ffffffff820dcf50>] tcp_push+0x460/0x740
[ 1283.383031]  [<ffffffff820dd424>] ? tcp_send_mss+0x24/0x2b0
[ 1283.383031]  [<ffffffffa094e592>] ss_tx_action+0x962/0x1210 [tempesta_fw]
[ 1283.383031]  [<ffffffffa094dc30>] ? ss_send+0x5b0/0x5b0 [tempesta_fw]
[ 1283.383031]  [<ffffffffa094dc30>] ? ss_send+0x5b0/0x5b0 [tempesta_fw]
[ 1283.383031]  [<ffffffff81fbc2f4>] net_tx_action+0x244/0x9d0
[ 1283.383031]  [<ffffffff81fbc290>] ? net_tx_action+0x1e0/0x9d0
[ 1283.383031]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 1283.383031]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1283.383031]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 1283.383031]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 1283.383031]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 1283.383031]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 1283.383031]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 1283.383031]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 1283.383031]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 1283.383031]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 1283.383031]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 1283.383031]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 1283.383031]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 1283.383031]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 1283.383031] Memory state around the buggy address:
[ 1283.383031]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.383031]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.383031] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.383031]                          ^
[ 1283.383031]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.383031]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.383031] ==================================================================
[ 1283.438117] ==================================================================
[ 1283.439010] BUG: KASAN: use-after-free in tcp_rearm_rto.part.59+0x24a/0x2a0 at addr ffff880389e56014
[ 1283.439010] Read of size 4 by task ksoftirqd/2/22
[ 1283.439010] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1283.439010] flags: 0x1000000000000000()
[ 1283.439010] page dumped because: kasan: bad access detected
[ 1283.439010] CPU: 2 PID: 22 Comm: ksoftirqd/2 Tainted: G    B      O    4.8.15-ab+ #5
[ 1283.439010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1283.439010]  ffff880389e56000 ffff88038c9af870 ffffffff8199f263 ffff88038c9af900
[ 1283.439010]  ffff880389e56014 ffff88038c9af8f0 ffffffff8151c33e ffff88037e28b0f8
[ 1283.439010]  0000000000000000 ffff88038c9af9b8 0000000000000282 0000000000000292
[ 1283.439010] Call Trace:
[ 1283.439010]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1283.439010]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1283.439010]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1283.439010]  [<ffffffff81f60800>] ? skb_page_frag_refill+0x280/0x330
[ 1283.439010]  [<ffffffff820fc7aa>] ? tcp_rearm_rto.part.59+0x24a/0x2a0
[ 1283.439010]  [<ffffffff820fc7aa>] tcp_rearm_rto.part.59+0x24a/0x2a0
[ 1283.439010]  [<ffffffff82113942>] tcp_rearm_rto+0x72/0xc0
[ 1283.439010]  [<ffffffff82126775>] tcp_event_new_data_sent+0x225/0x2c0
[ 1283.439010]  [<ffffffff8212ee46>] tcp_write_xmit+0x596/0x4d10
[ 1283.439010]  [<ffffffff82142ad3>] ? tcp_v4_md5_lookup+0x13/0x20
[ 1283.439010]  [<ffffffff82124414>] ? tcp_established_options+0x94/0x3f0
[ 1283.439010]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1283.439010]  [<ffffffff82128000>] ? tcp_sync_mss+0x540/0x5b0
[ 1283.439010]  [<ffffffff82133d4d>] __tcp_push_pending_frames+0x8d/0x2a0
[ 1283.439010]  [<ffffffff820dcf50>] tcp_push+0x460/0x740
[ 1283.439010]  [<ffffffff820dd424>] ? tcp_send_mss+0x24/0x2b0
[ 1283.439010]  [<ffffffffa094e592>] ss_tx_action+0x962/0x1210 [tempesta_fw]
[ 1283.439010]  [<ffffffffa094dc30>] ? ss_send+0x5b0/0x5b0 [tempesta_fw]
[ 1283.439010]  [<ffffffffa094dc30>] ? ss_send+0x5b0/0x5b0 [tempesta_fw]
[ 1283.439010]  [<ffffffff81fbc2f4>] net_tx_action+0x244/0x9d0
[ 1283.439010]  [<ffffffff81fbc290>] ? net_tx_action+0x1e0/0x9d0
[ 1283.439010]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 1283.439010]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1283.439010]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 1283.439010]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 1283.439010]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 1283.439010]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 1283.439010]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 1283.439010]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 1283.439010]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 1283.439010]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 1283.439010]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 1283.439010]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 1283.439010]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 1283.439010]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 1283.439010] Memory state around the buggy address:
[ 1283.439010]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.439010]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.439010] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.439010]                          ^
[ 1283.439010]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.439010]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.439010] ==================================================================
[ 1283.488183] ==================================================================
[ 1283.489005] BUG: KASAN: use-after-free in tcp_rearm_rto.part.59+0x24a/0x2a0 at addr ffff880389e56014
[ 1283.489005] Read of size 4 by task httpd/819
[ 1283.489005] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1283.489005] flags: 0x1000000000000000()
[ 1283.489005] page dumped because: kasan: bad access detected
[ 1283.489005] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1283.489005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1283.489005]  ffff880389e56000 ffff8803aef07448 ffffffff8199f263 ffff8803aef074d8
[ 1283.489005]  ffff880389e56014 ffff8803aef074c8 ffffffff8151c33e 0000000000000046
[ 1283.489005]  0000000000000000 ffffffff812714f9 0000000000000296 ffff8803aef07530
[ 1283.489005] Call Trace:
[ 1283.489005]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1283.489005]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1283.489005]  [<ffffffff812714f9>] ? lock_timer_base+0xf9/0x190
[ 1283.489005]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1283.489005]  [<ffffffff820fc7aa>] ? tcp_rearm_rto.part.59+0x24a/0x2a0
[ 1283.489005]  [<ffffffff820fc7aa>] tcp_rearm_rto.part.59+0x24a/0x2a0
[ 1283.489005]  [<ffffffff82111649>] tcp_ack+0x22a9/0x2e60
[ 1283.489005]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.489005]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1283.489005]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.489005]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1283.489005]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1283.489005]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1283.489005]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1283.489005]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1283.489005]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1283.489005]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1283.489005]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1283.489005]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1283.489005]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1283.489005]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1283.489005]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1283.489005]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1283.489005]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1283.489005]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1283.489005]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1283.489005]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1283.489005]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1283.525020]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1283.525020]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1283.525020]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1283.525020]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.525020]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.525020]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1283.525020]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1283.525020]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1283.525020]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1283.525020]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1283.525020]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1283.525020]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1283.525020]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1283.525020]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1283.525020]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1283.525020]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1283.525020]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1283.525020]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1283.525020]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1283.525020]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1283.525020]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1283.525020]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1283.525020]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1283.525020]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1283.525020]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1283.525020]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1283.525020]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1283.525020]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1283.525020]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1283.525020]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1283.525020]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1283.525020]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1283.525020]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1283.525020]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1283.525020]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1283.525020]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1283.525020]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1283.525020]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1283.525020]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1283.525020]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1283.525020]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1283.525020]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1283.525020]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1283.525020]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.525020]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1283.525020]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1283.525020]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.525020]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1283.525020]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1283.525020]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1283.525020]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.525020]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.525020]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1283.525020]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1283.525020]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1283.525020]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1283.525020]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.525020]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1283.525020]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1283.525020]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1283.525020]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1283.525020]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1283.525020]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1283.525020]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1283.525020]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1283.525020]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1283.525020]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1283.525020]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1283.525020]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1283.525020]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1283.525020] Memory state around the buggy address:
[ 1283.525020]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.525020]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.525020] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.525020]                          ^
[ 1283.525020]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.525020]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.525020] ==================================================================
[ 1283.634069] ==================================================================
[ 1283.635060] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2bbc/0x2ce0 at addr ffff880389e56035
[ 1283.635060] Read of size 1 by task httpd/819
[ 1283.635060] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1283.635060] flags: 0x1000000000000000()
[ 1283.635060] page dumped because: kasan: bad access detected
[ 1283.635060] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1283.635060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1283.635060]  dffffc0000000000 ffff8803aef07350 ffffffff8199f263 ffff8803aef073e0
[ 1283.635060]  ffff880389e56035 ffff8803aef073d0 ffffffff8151c33e ffff88038093b4f8
[ 1283.635060]  ffff8803aef17d00 000000001ec00002 0000000000000282 ffffffff822e3d7b
[ 1283.635060] Call Trace:
[ 1283.635060]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1283.635060]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1283.635060]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 1283.635060]  [<ffffffff8127aa0e>] ? mod_timer+0x56e/0xe30
[ 1283.635060]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 1283.635060]  [<ffffffff821001ec>] ? tcp_clean_rtx_queue+0x2bbc/0x2ce0
[ 1283.635060]  [<ffffffff821001ec>] tcp_clean_rtx_queue+0x2bbc/0x2ce0
[ 1283.635060]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1283.635060]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1283.635060]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.635060]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1283.635060]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.635060]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1283.635060]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1283.635060]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1283.635060]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1283.635060]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1283.635060]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1283.635060]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1283.635060]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1283.635060]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1283.635060]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1283.635060]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1283.635060]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1283.635060]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1283.635060]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1283.635060]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1283.635060]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1283.635060]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1283.635060]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1283.635060]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1283.635060]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1283.635060]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1283.635060]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.635060]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.635060]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1283.635060]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1283.635060]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1283.635060]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1283.635060]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1283.635060]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1283.635060]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1283.635060]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1283.635060]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1283.635060]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1283.635060]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1283.635060]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1283.635060]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1283.635060]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1283.635060]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1283.635060]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1283.635060]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1283.635060]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1283.635060]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1283.635060]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1283.635060]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1283.635060]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1283.635060]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1283.635060]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1283.635060]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1283.635060]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1283.635060]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1283.635060]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1283.635060]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1283.635060]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1283.635060]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1283.635060]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1283.635060]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1283.635060]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1283.635060]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1283.635060]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1283.635060]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1283.635060]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1283.635060]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.635060]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1283.635060]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1283.635060]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.635060]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1283.635060]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1283.635060]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1283.635060]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.635060]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.635060]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1283.635060]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1283.635060]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1283.635060]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1283.635060]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.635060]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1283.635060]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1283.635060]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1283.635060]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1283.635060]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1283.635060]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1283.635060]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1283.635060]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1283.635060]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1283.635060]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1283.635060]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1283.635060]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1283.635060]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1283.635060] Memory state around the buggy address:
[ 1283.635060]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.635060]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.635060] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.635060]                                      ^
[ 1283.635060]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.635060]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.635060] ==================================================================
[ 1283.754576] ==================================================================
[ 1283.755568] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2a29/0x2ce0 at addr ffff880389e56037
[ 1283.755568] Read of size 1 by task httpd/819
[ 1283.755568] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1283.755568] flags: 0x1000000000000000()
[ 1283.755568] page dumped because: kasan: bad access detected
[ 1283.755568] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1283.755568] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1283.755568]  dffffc0000000000 ffff8803aef07350 ffffffff8199f263 ffff8803aef073e0
[ 1283.755568]  ffff880389e56037 ffff8803aef073d0 ffffffff8151c33e 0000000000000010
[ 1283.755568]  ffff880300000000 ffffed00713cac06 0000000000000282 ffffffff822e3d7b
[ 1283.755568] Call Trace:
[ 1283.755568]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1283.755568]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1283.755568]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 1283.755568]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 1283.755568]  [<ffffffff82100059>] ? tcp_clean_rtx_queue+0x2a29/0x2ce0
[ 1283.755568]  [<ffffffff82100059>] tcp_clean_rtx_queue+0x2a29/0x2ce0
[ 1283.755568]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1283.755568]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1283.755568]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.755568]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1283.755568]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.755568]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1283.755568]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1283.755568]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1283.755568]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1283.755568]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1283.755568]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1283.755568]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1283.755568]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1283.755568]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1283.755568]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1283.755568]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1283.755568]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1283.755568]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1283.755568]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1283.755568]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1283.755568]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1283.755568]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1283.755568]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1283.755568]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1283.755568]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1283.755568]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1283.755568]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.755568]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.755568]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1283.755568]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1283.755568]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1283.755568]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1283.755568]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1283.755568]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1283.755568]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1283.755568]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1283.755568]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1283.755568]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1283.755568]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1283.755568]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1283.755568]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1283.755568]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1283.755568]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1283.755568]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1283.755568]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1283.755568]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1283.755568]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1283.755568]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1283.755568]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1283.755568]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1283.755568]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1283.755568]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1283.755568]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1283.755568]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1283.755568]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1283.755568]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1283.755568]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1283.755568]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1283.755568]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1283.755568]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1283.755568]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1283.755568]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1283.755568]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1283.755568]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1283.755568]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1283.755568]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1283.755568]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.755568]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1283.755568]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1283.755568]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.755568]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1283.755568]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1283.755568]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1283.755568]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.755568]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.755568]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1283.755568]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1283.755568]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1283.755568]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1283.755568]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.755568]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1283.755568]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1283.755568]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1283.755568]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1283.755568]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1283.755568]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1283.755568]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1283.755568]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1283.755568]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1283.755568]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1283.755568]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1283.755568]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1283.755568]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1283.755568] Memory state around the buggy address:
[ 1283.755568]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.755568]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.755568] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.755568]                                      ^
[ 1283.755568]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.755568]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.755568] ==================================================================
[ 1283.840584] ==================================================================
[ 1283.841566] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2a60/0x2ce0 at addr ffff880389e5602c
[ 1283.841570] Read of size 4 by task httpd/819
[ 1283.841570] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1283.841570] flags: 0x1000000000000000()
[ 1283.841570] page dumped because: kasan: bad access detected
[ 1283.841570] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1283.841570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1283.841570]  dffffc0000000000 ffff8803aef07350 ffffffff8199f263 ffff8803aef073e0
[ 1283.841570]  ffff880389e5602c ffff8803aef073d0 ffffffff8151c33e 0000000000000010
[ 1283.841570]  ffff880300000000 ffffed00713cac06 0000000000000282 ffffffff822e3d7b
[ 1283.841570] Call Trace:
[ 1283.841570]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1283.841570]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1283.841570]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 1283.841570]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1283.841570]  [<ffffffff82100090>] ? tcp_clean_rtx_queue+0x2a60/0x2ce0
[ 1283.841570]  [<ffffffff82100090>] tcp_clean_rtx_queue+0x2a60/0x2ce0
[ 1283.841570]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1283.841570]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1283.841570]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.841570]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1283.841570]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.841570]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1283.841570]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1283.841570]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1283.841570]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1283.841570]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1283.841570]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1283.841570]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1283.841570]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1283.841570]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1283.841570]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1283.841570]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1283.841570]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1283.841570]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1283.841570]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1283.841570]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1283.841570]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1283.841570]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1283.841570]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1283.841570]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1283.841570]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1283.841570]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1283.841570]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.841570]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.841570]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1283.841570]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1283.841570]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1283.841570]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1283.841570]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1283.841570]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1283.841570]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1283.841570]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1283.841570]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1283.841570]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1283.841570]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1283.841570]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1283.841570]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1283.841570]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1283.841570]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1283.841570]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1283.841570]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1283.841570]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1283.841570]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1283.841570]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1283.841570]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1283.841570]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1283.841570]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1283.841570]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1283.841570]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1283.841570]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1283.841570]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1283.841570]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1283.841570]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1283.841570]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1283.841570]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1283.841570]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1283.841570]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1283.841570]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1283.841570]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1283.841570]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1283.841570]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1283.841570]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1283.841570]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.841570]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1283.841570]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1283.841570]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.841570]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1283.841570]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1283.841570]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1283.841570]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.841570]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.841570]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1283.841570]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1283.841570]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1283.841570]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1283.841570]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.841570]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1283.841570]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1283.841570]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1283.841570]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1283.841570]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1283.841570]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1283.841570]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1283.841570]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1283.841570]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1283.841570]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1283.841570]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1283.841570]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1283.841570]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1283.841570] Memory state around the buggy address:
[ 1283.841570]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.841570]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.841570] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.841570]                                   ^
[ 1283.841570]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.841570]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.841570] ==================================================================
[ 1283.936855] ==================================================================
[ 1283.937848] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2c13/0x2ce0 at addr ffff880389e56000
[ 1283.937848] Read of size 8 by task httpd/819
[ 1283.937848] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1283.937848] flags: 0x1000000000000000()
[ 1283.937848] page dumped because: kasan: bad access detected
[ 1283.937848] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1283.937848] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1283.937848]  dffffc0000000000 ffff8803aef07350 ffffffff8199f263 ffff8803aef073e0
[ 1283.937848]  ffff880389e56000 ffff8803aef073d0 ffffffff8151c33e 0000000000000010
[ 1283.937848]  ffff880300000000 ffffed00713cac05 0000000000000282 ffffffff822e3d7b
[ 1283.937848] Call Trace:
[ 1283.937848]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1283.937848]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1283.937848]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 1283.937848]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 1283.937848]  [<ffffffff82100243>] ? tcp_clean_rtx_queue+0x2c13/0x2ce0
[ 1283.937848]  [<ffffffff82100243>] tcp_clean_rtx_queue+0x2c13/0x2ce0
[ 1283.937848]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1283.937848]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1283.937848]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.937848]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1283.937848]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.937848]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1283.937848]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1283.937848]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1283.937848]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1283.937848]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1283.937848]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1283.937848]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1283.937848]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1283.937848]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1283.937848]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1283.937848]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1283.937848]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1283.937848]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1283.937848]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1283.937848]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1283.937848]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1283.937848]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1283.937848]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1283.937848]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1283.937848]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1283.937848]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1283.937848]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.937848]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.937848]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1283.937848]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1283.937848]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1283.937848]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1283.937848]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1283.937848]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1283.937848]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1283.937848]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1283.937848]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1283.937848]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1283.937848]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1283.937848]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1283.937848]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1283.937848]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1283.937848]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1283.937848]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1283.937848]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1283.937848]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1283.937848]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1283.937848]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1283.937848]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1283.937848]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1283.937848]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1283.937848]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1283.937848]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1283.937848]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1283.937848]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1283.937848]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1283.937848]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1283.937848]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1283.937848]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1283.937848]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1283.937848]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1283.937848]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1283.937848]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1283.937848]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1283.937848]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1283.937848]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1283.937848]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.937848]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1283.937848]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1283.937848]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.937848]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1283.937848]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1283.937848]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1283.937848]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1283.937848]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.937848]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1283.937848]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1283.937848]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1283.937848]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1283.937848]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1283.937848]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1283.937848]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1283.937848]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1283.937848]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1283.937848]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1283.937848]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1283.937848]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1283.937848]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1283.937848]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1283.937848]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1283.937848]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1283.937848]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1283.937848]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1283.937848] Memory state around the buggy address:
[ 1283.937848]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.937848]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1283.937848] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.937848]                    ^
[ 1283.937848]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.937848]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1283.937848] ==================================================================
[ 1284.030233] ==================================================================
[ 1284.031225] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x1bf1/0x2ce0 at addr ffff880389e56030
[ 1284.031225] Read of size 2 by task httpd/819
[ 1284.031225] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1284.031225] flags: 0x1000000000000000()
[ 1284.031225] page dumped because: kasan: bad access detected
[ 1284.031225] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1284.031225] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1284.031225]  dffffc0000000000 ffff8803aef07350 ffffffff8199f263 ffff8803aef073e0
[ 1284.031225]  ffff880389e56030 ffff8803aef073d0 ffffffff8151c33e 0000000000000010
[ 1284.031225]  ffff880300000000 ffffed00713cac00 0000000000000282 ffffffff822e3d7b
[ 1284.031225] Call Trace:
[ 1284.031225]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1284.031225]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1284.031225]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 1284.031225]  [<ffffffff8151c403>] __asan_report_load2_noabort+0x43/0x50
[ 1284.031225]  [<ffffffff820ff221>] ? tcp_clean_rtx_queue+0x1bf1/0x2ce0
[ 1284.031225]  [<ffffffff820ff221>] tcp_clean_rtx_queue+0x1bf1/0x2ce0
[ 1284.031225]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1284.031225]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1284.031225]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.031225]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1284.031225]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.031225]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1284.031225]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1284.031225]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1284.031225]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1284.031225]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1284.031225]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1284.031225]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1284.031225]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1284.031225]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1284.031225]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1284.031225]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1284.031225]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1284.031225]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1284.031225]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1284.031225]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1284.031225]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1284.031225]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1284.031225]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.031225]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1284.031225]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.031225]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1284.031225]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.031225]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.031225]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1284.031225]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1284.031225]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1284.031225]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.031225]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1284.031225]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1284.031225]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.031225]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1284.031225]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1284.031225]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1284.031225]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1284.031225]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1284.031225]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1284.031225]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1284.031225]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1284.031225]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1284.031225]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1284.031225]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1284.031225]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1284.031225]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1284.031225]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1284.031225]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1284.031225]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1284.031225]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1284.031225]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1284.031225]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1284.031225]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1284.031225]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1284.031225]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1284.031225]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1284.031225]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1284.031225]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1284.031225]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1284.031225]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1284.031225]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1284.031225]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.031225]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.031225]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1284.031225]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.031225]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1284.031225]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1284.031225]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.031225]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1284.031225]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1284.031225]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1284.031225]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.031225]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.031225]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1284.031225]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1284.031225]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1284.031225]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1284.031225]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.031225]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1284.031225]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1284.031225]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1284.031225]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1284.031225]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1284.031225]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1284.031225]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.031225]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1284.031225]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1284.031225]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.031225]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1284.031225]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1284.031225]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1284.031225] Memory state around the buggy address:
[ 1284.031225]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.031225]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.031225] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.031225]                                      ^
[ 1284.031225]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.031225]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.031225] ==================================================================
[ 1284.122384] ==================================================================
[ 1284.123376] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x1ebd/0x2ce0 at addr ffff880389e56035
[ 1284.123376] Read of size 1 by task httpd/819
[ 1284.123376] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1284.123376] flags: 0x1000000000000000()
[ 1284.123376] page dumped because: kasan: bad access detected
[ 1284.123376] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1284.123376] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1284.123376]  dffffc0000000000 ffff8803aef07350 ffffffff8199f263 ffff8803aef073e0
[ 1284.123376]  ffff880389e56035 ffff8803aef073d0 ffffffff8151c33e 0000000000000010
[ 1284.123376]  ffff880300000000 ffffed00713cac06 0000000000000282 ffffffff822e3d7b
[ 1284.123376] Call Trace:
[ 1284.123376]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1284.123376]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1284.123376]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 1284.123376]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 1284.123376]  [<ffffffff820ff4ed>] ? tcp_clean_rtx_queue+0x1ebd/0x2ce0
[ 1284.123376]  [<ffffffff820ff4ed>] tcp_clean_rtx_queue+0x1ebd/0x2ce0
[ 1284.123376]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1284.123376]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1284.123376]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.123376]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1284.123376]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.123376]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1284.123376]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1284.123376]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1284.123376]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1284.123376]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1284.123376]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1284.123376]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1284.123376]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1284.123376]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1284.123376]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1284.123376]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1284.123376]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1284.123376]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1284.123376]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1284.123376]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1284.123376]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1284.123376]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1284.123376]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.123376]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1284.123376]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.123376]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1284.123376]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.123376]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.123376]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1284.123376]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1284.123376]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1284.123376]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.123376]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1284.123376]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1284.123376]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.123376]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1284.123376]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1284.123376]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1284.123376]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1284.123376]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1284.123376]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1284.123376]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1284.123376]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1284.123376]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1284.123376]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1284.123376]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1284.123376]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1284.123376]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1284.123376]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1284.123376]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1284.123376]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1284.123376]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1284.123376]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1284.123376]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1284.123376]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1284.123376]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1284.123376]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1284.123376]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1284.123376]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1284.123376]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1284.123376]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1284.123376]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1284.123376]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1284.123376]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.123376]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.123376]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1284.123376]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.123376]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1284.123376]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1284.123376]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.123376]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1284.123376]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1284.123376]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1284.123376]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.123376]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.123376]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1284.123376]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1284.123376]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1284.123376]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1284.123376]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.123376]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1284.123376]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1284.123376]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1284.123376]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1284.123376]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1284.123376]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1284.123376]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.123376]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1284.123376]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1284.123376]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.123376]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1284.123376]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1284.123376]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1284.123376] Memory state around the buggy address:
[ 1284.123376]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.123376]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.123376] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.123376]                                      ^
[ 1284.123376]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.123376]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.123376] ==================================================================
[ 1284.205676] ==================================================================
[ 1284.206660] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2803/0x2ce0 at addr ffff880389e56014
[ 1284.206668] Read of size 4 by task httpd/819
[ 1284.206668] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1284.206668] flags: 0x1000000000000000()
[ 1284.206668] page dumped because: kasan: bad access detected
[ 1284.206668] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1284.206668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1284.206668]  dffffc0000000000 ffff8803aef07350 ffffffff8199f263 ffff8803aef073e0
[ 1284.206668]  ffff880389e56014 ffff8803aef073d0 ffffffff8151c33e 0000000000000010
[ 1284.206668]  ffff880300000000 ffffed00713cac06 0000000000000282 ffffffff822e3d7b
[ 1284.206668] Call Trace:
[ 1284.206668]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1284.206668]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1284.206668]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 1284.206668]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1284.206668]  [<ffffffff820ffe33>] ? tcp_clean_rtx_queue+0x2803/0x2ce0
[ 1284.206668]  [<ffffffff820ffe33>] tcp_clean_rtx_queue+0x2803/0x2ce0
[ 1284.206668]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1284.206668]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1284.206668]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.206668]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1284.206668]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.206668]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1284.206668]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1284.206668]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1284.206668]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1284.206668]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1284.206668]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1284.206668]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1284.206668]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1284.206668]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1284.206668]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1284.206668]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1284.206668]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1284.206668]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1284.206668]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1284.206668]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1284.206668]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1284.206668]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1284.206668]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.206668]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1284.206668]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.206668]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1284.206668]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.206668]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.206668]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1284.206668]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1284.206668]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1284.206668]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.206668]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1284.206668]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1284.206668]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.206668]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1284.206668]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1284.206668]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1284.206668]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1284.206668]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1284.206668]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1284.206668]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1284.206668]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1284.206668]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1284.206668]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1284.206668]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1284.206668]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1284.206668]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1284.206668]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1284.206668]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1284.206668]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1284.206668]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1284.206668]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1284.206668]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1284.206668]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1284.206668]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1284.206668]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1284.206668]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1284.206668]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1284.206668]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1284.206668]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1284.206668]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1284.206668]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1284.206668]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.206668]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.206668]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1284.206668]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.206668]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1284.206668]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1284.206668]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.206668]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1284.206668]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1284.206668]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1284.206668]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.206668]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.206668]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1284.206668]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1284.206668]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1284.206668]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1284.206668]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.206668]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1284.206668]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1284.206668]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1284.206668]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1284.206668]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1284.206668]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1284.206668]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.206668]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1284.206668]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1284.206668]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.206668]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1284.206668]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1284.206668]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1284.206668] Memory state around the buggy address:
[ 1284.206668]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.206668]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.206668] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.206668]                          ^
[ 1284.206668]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.206668]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.206668] ==================================================================
[ 1284.296090] ==================================================================
[ 1284.297075] BUG: KASAN: use-after-free in tcp_rack_advance+0x2c3/0x3a0 at addr ffff880389e56014
[ 1284.297082] Read of size 4 by task httpd/819
[ 1284.297082] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1284.297082] flags: 0x1000000000000000()
[ 1284.297082] page dumped because: kasan: bad access detected
[ 1284.297082] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1284.297082] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1284.297082]  ffff88038093b748 ffff8803aef07310 ffffffff8199f263 ffff8803aef073a0
[ 1284.297082]  ffff880389e56014 ffff8803aef07390 ffffffff8151c33e 0000000000000282
[ 1284.297082]  ffff8803aef07378 ffffed00713cac30 0000000000000282 ffffffff8151be77
[ 1284.297082] Call Trace:
[ 1284.297082]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1284.297082]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1284.297082]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 1284.297082]  [<ffffffff8151c2bd>] ? kasan_report_error+0x42d/0x4e0
[ 1284.297082]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1284.297082]  [<ffffffff821688f3>] ? tcp_rack_advance+0x2c3/0x3a0
[ 1284.297082]  [<ffffffff821688f3>] tcp_rack_advance+0x2c3/0x3a0
[ 1284.297082]  [<ffffffff820fe76e>] tcp_clean_rtx_queue+0x113e/0x2ce0
[ 1284.297082]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1284.297082]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1284.297082]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.297082]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1284.297082]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.297082]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1284.297082]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1284.297082]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1284.297082]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1284.297082]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1284.297082]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1284.297082]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1284.297082]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1284.297082]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1284.297082]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1284.297082]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1284.297082]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1284.297082]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1284.297082]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1284.297082]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1284.297082]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1284.297082]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1284.297082]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.297082]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1284.297082]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.297082]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1284.297082]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.297082]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.297082]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1284.297082]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1284.297082]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1284.297082]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.297082]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1284.297082]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1284.297082]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.297082]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1284.297082]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1284.297082]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1284.297082]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1284.297082]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1284.297082]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1284.297082]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1284.297082]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1284.297082]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1284.297082]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1284.297082]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1284.297082]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1284.297082]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1284.297082]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1284.297082]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1284.297082]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1284.297082]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1284.297082]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1284.297082]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1284.297082]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1284.297082]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1284.297082]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1284.297082]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1284.297082]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1284.297082]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1284.297082]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1284.297082]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1284.297082]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1284.297082]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.297082]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.297082]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1284.297082]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.297082]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1284.297082]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1284.297082]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.297082]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1284.297082]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1284.297082]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1284.297082]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.297082]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.297082]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1284.297082]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1284.297082]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1284.297082]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1284.297082]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.297082]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1284.297082]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1284.297082]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1284.297082]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1284.297082]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1284.297082]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1284.297082]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.297082]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1284.297082]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1284.297082]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.297082]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1284.297082]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1284.297082]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1284.297082] Memory state around the buggy address:
[ 1284.297082]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.297082]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.297082] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.297082]                          ^
[ 1284.297082]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.297082]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.297082] ==================================================================
[ 1284.389100] ==================================================================
[ 1284.390093] BUG: KASAN: use-after-free in tcp_rack_advance+0x311/0x3a0 at addr ffff880389e56010
[ 1284.390093] Read of size 4 by task httpd/819
[ 1284.390093] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1284.390093] flags: 0x1000000000000000()
[ 1284.390093] page dumped because: kasan: bad access detected
[ 1284.390093] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1284.390093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1284.390093]  ffff88038093b748 ffff8803aef07310 ffffffff8199f263 ffff8803aef073a0
[ 1284.390093]  ffff880389e56010 ffff8803aef07390 ffffffff8151c33e ffffed0075de43b8
[ 1284.390093]  ffff8803aef07378 ffffffff811af0c3 0000000000000282 ffffffff8151be77
[ 1284.390093] Call Trace:
[ 1284.390093]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1284.390093]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1284.390093]  [<ffffffff811af0c3>] ? sched_clock_local+0x43/0x120
[ 1284.390093]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 1284.390093]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1284.390093]  [<ffffffff82168941>] ? tcp_rack_advance+0x311/0x3a0
[ 1284.390093]  [<ffffffff82168941>] tcp_rack_advance+0x311/0x3a0
[ 1284.390093]  [<ffffffff820fe76e>] tcp_clean_rtx_queue+0x113e/0x2ce0
[ 1284.390093]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1284.390093]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1284.390093]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.390093]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1284.390093]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.390093]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1284.390093]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1284.390093]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1284.390093]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1284.390093]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1284.390093]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1284.390093]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1284.390093]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1284.390093]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1284.390093]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1284.390093]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1284.390093]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1284.390093]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1284.390093]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1284.390093]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1284.390093]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1284.390093]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1284.390093]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.390093]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1284.390093]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.390093]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1284.390093]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.390093]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.390093]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1284.390093]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1284.390093]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1284.390093]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.390093]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1284.390093]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1284.390093]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.390093]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1284.390093]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1284.390093]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1284.390093]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1284.390093]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1284.390093]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1284.390093]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1284.390093]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1284.390093]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1284.390093]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1284.390093]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1284.390093]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1284.390093]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1284.390093]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1284.390093]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1284.390093]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1284.390093]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1284.390093]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1284.390093]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1284.390093]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1284.390093]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1284.390093]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1284.390093]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1284.390093]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1284.390093]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1284.390093]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1284.390093]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1284.390093]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1284.390093]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.390093]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.390093]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1284.390093]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.390093]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1284.390093]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1284.390093]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.390093]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1284.390093]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1284.390093]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1284.390093]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.390093]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.390093]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1284.390093]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1284.390093]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1284.390093]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1284.390093]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.390093]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1284.390093]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1284.390093]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1284.390093]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1284.390093]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1284.390093]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1284.390093]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.390093]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1284.390093]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1284.390093]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.390093]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1284.390093]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1284.390093]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1284.390093] Memory state around the buggy address:
[ 1284.390093]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.390093]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.390093] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.390093]                          ^
[ 1284.390093]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.390093]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.390093] ==================================================================
[ 1284.482409] ==================================================================
[ 1284.483397] BUG: KASAN: use-after-free in tcp_rack_advance+0x326/0x3a0 at addr ffff880389e56014
[ 1284.483397] Read of size 4 by task httpd/819
[ 1284.483397] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1284.483397] flags: 0x1000000000000000()
[ 1284.483397] page dumped because: kasan: bad access detected
[ 1284.483397] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1284.483397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1284.483397]  ffff88038093b748 ffff8803aef07310 ffffffff8199f263 ffff8803aef073a0
[ 1284.483397]  ffff880389e56014 ffff8803aef07390 ffffffff8151c33e 0000000000000010
[ 1284.483397]  ffff880300000000 ffffed00713cac02 0000000000000282 ffffffff8151be77
[ 1284.483397] Call Trace:
[ 1284.483397]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1284.483397]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1284.483397]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 1284.483397]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1284.483397]  [<ffffffff82168956>] ? tcp_rack_advance+0x326/0x3a0
[ 1284.483397]  [<ffffffff82168956>] tcp_rack_advance+0x326/0x3a0
[ 1284.483397]  [<ffffffff820fe76e>] tcp_clean_rtx_queue+0x113e/0x2ce0
[ 1284.483397]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1284.483397]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1284.483397]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.483397]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1284.483397]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.483397]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1284.483397]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1284.483397]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1284.483397]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1284.483397]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1284.483397]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1284.483397]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1284.483397]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1284.483397]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1284.483397]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1284.483397]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1284.483397]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1284.483397]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1284.483397]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1284.483397]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1284.483397]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1284.483397]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1284.483397]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.483397]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1284.483397]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.483397]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1284.483397]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.483397]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.483397]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1284.483397]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1284.483397]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1284.483397]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.483397]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1284.483397]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1284.483397]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.483397]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1284.483397]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1284.483397]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1284.483397]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1284.483397]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1284.483397]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1284.483397]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1284.483397]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1284.483397]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1284.483397]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1284.483397]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1284.483397]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1284.483397]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1284.483397]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1284.483397]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1284.483397]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1284.483397]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1284.483397]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1284.483397]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1284.483397]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1284.483397]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1284.483397]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1284.483397]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1284.483397]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1284.483397]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1284.483397]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1284.483397]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1284.483397]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1284.483397]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.483397]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.483397]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1284.483397]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.483397]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1284.483397]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1284.483397]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.483397]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1284.483397]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1284.483397]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1284.483397]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.483397]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.483397]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1284.483397]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1284.483397]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1284.483397]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1284.483397]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.483397]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1284.483397]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1284.483397]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1284.483397]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1284.483397]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1284.483397]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1284.483397]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.483397]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1284.483397]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1284.483397]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.483397]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1284.483397]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1284.483397]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1284.483397] Memory state around the buggy address:
[ 1284.483397]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.483397]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.483397] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.483397]                          ^
[ 1284.483397]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.483397]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.483397] ==================================================================
[ 1284.568640] ==================================================================
[ 1284.569632] BUG: KASAN: use-after-free in tcp_rack_advance+0x356/0x3a0 at addr ffff880389e56010
[ 1284.569632] Read of size 8 by task httpd/819
[ 1284.569632] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1284.569632] flags: 0x1000000000000000()
[ 1284.569632] page dumped because: kasan: bad access detected
[ 1284.569632] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1284.569632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1284.569632]  ffff88038093b748 ffff8803aef07310 ffffffff8199f263 ffff8803aef073a0
[ 1284.569632]  ffff880389e56010 ffff8803aef07390 ffffffff8151c33e 0000000000000010
[ 1284.569632]  ffff880300000000 ffffed00713cac02 0000000000000282 ffffffff8151be77
[ 1284.569632] Call Trace:
[ 1284.569632]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1284.569632]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1284.569632]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 1284.569632]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 1284.569632]  [<ffffffff82168986>] ? tcp_rack_advance+0x356/0x3a0
[ 1284.569632]  [<ffffffff82168986>] tcp_rack_advance+0x356/0x3a0
[ 1284.569632]  [<ffffffff820fe76e>] tcp_clean_rtx_queue+0x113e/0x2ce0
[ 1284.569632]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1284.569632]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1284.569632]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.569632]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1284.569632]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.569632]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1284.569632]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1284.569632]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1284.569632]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1284.569632]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1284.569632]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1284.569632]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1284.569632]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1284.569632]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1284.569632]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1284.569632]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1284.569632]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1284.569632]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1284.569632]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1284.569632]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1284.569632]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1284.569632]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1284.569632]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.569632]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1284.569632]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.569632]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1284.569632]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.569632]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.569632]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1284.569632]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1284.569632]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1284.569632]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.569632]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1284.569632]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1284.569632]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.569632]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1284.569632]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1284.569632]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1284.569632]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1284.569632]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1284.569632]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1284.569632]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1284.569632]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1284.569632]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1284.569632]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1284.569632]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1284.569632]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1284.569632]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1284.569632]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1284.569632]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1284.569632]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1284.569632]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1284.569632]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1284.569632]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1284.569632]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1284.569632]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1284.569632]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1284.569632]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1284.569632]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1284.569632]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1284.569632]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1284.569632]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1284.569632]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1284.569632]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.569632]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.569632]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1284.569632]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.569632]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1284.569632]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1284.569632]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.569632]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1284.569632]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1284.569632]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1284.569632]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.569632]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.569632]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1284.569632]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1284.569632]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1284.569632]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1284.569632]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.569632]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1284.569632]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1284.569632]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1284.569632]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1284.569632]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1284.569632]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1284.569632]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.569632]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1284.569632]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1284.569632]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.569632]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1284.569632]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1284.569632]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1284.569632] Memory state around the buggy address:
[ 1284.569632]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.569632]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.569632] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.569632]                          ^
[ 1284.569632]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.569632]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.569632] ==================================================================
[ 1284.658797] ==================================================================
[ 1284.659777] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2afc/0x2ce0 at addr ffff880389e56034
[ 1284.659789] Read of size 1 by task httpd/819
[ 1284.659789] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1284.659789] flags: 0x1000000000000000()
[ 1284.659789] page dumped because: kasan: bad access detected
[ 1284.659789] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1284.659789] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1284.659789]  dffffc0000000000 ffff8803aef07350 ffffffff8199f263 ffff8803aef073e0
[ 1284.659789]  ffff880389e56034 ffff8803aef073d0 ffffffff8151c33e 00203a3030313635
[ 1284.659789]  ffff88038093af40 00000001000f0546 0000000000000282 000000004c8e38ec
[ 1284.659789] Call Trace:
[ 1284.659789]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1284.659789]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1284.659789]  [<ffffffff8151c4a3>] ? __asan_report_load8_noabort+0x43/0x50
[ 1284.659789]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 1284.659789]  [<ffffffff8210012c>] ? tcp_clean_rtx_queue+0x2afc/0x2ce0
[ 1284.659789]  [<ffffffff8210012c>] tcp_clean_rtx_queue+0x2afc/0x2ce0
[ 1284.659789]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1284.659789]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1284.659789]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.659789]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1284.659789]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.659789]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1284.659789]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1284.659789]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1284.659789]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1284.659789]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1284.659789]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1284.659789]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1284.659789]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1284.659789]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1284.659789]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1284.659789]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1284.659789]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1284.659789]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1284.659789]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1284.659789]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1284.659789]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1284.659789]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1284.659789]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.659789]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1284.659789]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.659789]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1284.659789]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.659789]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.659789]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1284.659789]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1284.659789]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1284.659789]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.659789]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1284.659789]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1284.659789]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.659789]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1284.659789]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1284.659789]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1284.659789]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1284.659789]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1284.659789]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1284.659789]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1284.659789]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1284.659789]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1284.659789]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1284.659789]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1284.659789]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1284.659789]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1284.659789]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1284.659789]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1284.659789]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1284.659789]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1284.659789]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1284.659789]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1284.659789]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1284.659789]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1284.659789]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1284.659789]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1284.659789]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1284.659789]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1284.659789]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1284.659789]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1284.659789]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1284.659789]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.659789]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.659789]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1284.659789]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.659789]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1284.659789]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1284.659789]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.659789]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1284.659789]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1284.659789]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1284.659789]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.659789]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.659789]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1284.659789]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1284.659789]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1284.659789]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1284.659789]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.659789]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1284.659789]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1284.659789]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1284.659789]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1284.659789]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1284.659789]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1284.659789]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.659789]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1284.659789]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1284.659789]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.659789]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1284.659789]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1284.659789]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1284.659789] Memory state around the buggy address:
[ 1284.659789]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.659789]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.659789] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.659789]                                      ^
[ 1284.659789]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.659789]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.659789] ==================================================================
[ 1284.748858] ==================================================================
[ 1284.749850] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2c97/0x2ce0 at addr ffff880389e56000
[ 1284.749850] Read of size 8 by task httpd/819
[ 1284.749850] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1284.749850] flags: 0x1000000000000000()
[ 1284.749850] page dumped because: kasan: bad access detected
[ 1284.749850] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1284.749850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1284.749850]  dffffc0000000000 ffff8803aef07350 ffffffff8199f263 ffff8803aef073e0
[ 1284.749850]  ffff880389e56000 ffff8803aef073d0 ffffffff8151c33e 0000000000000010
[ 1284.749850]  ffff880300000000 ffffed00713cac06 0000000000000282 ffffffff4c8e38ec
[ 1284.749850] Call Trace:
[ 1284.749850]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1284.749850]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1284.749850]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 1284.749850]  [<ffffffff821002c7>] ? tcp_clean_rtx_queue+0x2c97/0x2ce0
[ 1284.749850]  [<ffffffff821002c7>] tcp_clean_rtx_queue+0x2c97/0x2ce0
[ 1284.749850]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1284.749850]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1284.749850]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.749850]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1284.749850]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.749850]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1284.749850]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1284.749850]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1284.749850]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1284.749850]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1284.749850]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1284.749850]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1284.749850]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1284.749850]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1284.749850]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1284.749850]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1284.749850]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1284.749850]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1284.749850]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1284.749850]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1284.749850]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1284.749850]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1284.749850]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.749850]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1284.749850]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.749850]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1284.749850]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.749850]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.749850]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1284.749850]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1284.749850]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1284.749850]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.749850]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1284.749850]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1284.749850]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.749850]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1284.749850]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1284.749850]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1284.749850]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1284.749850]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1284.749850]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1284.749850]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1284.749850]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1284.749850]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1284.749850]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1284.749850]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1284.749850]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1284.749850]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1284.749850]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1284.749850]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1284.749850]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1284.749850]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1284.749850]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1284.749850]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1284.749850]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1284.749850]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1284.749850]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1284.749850]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1284.749850]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1284.749850]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1284.749850]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1284.749850]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1284.749850]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1284.749850]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.749850]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.749850]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1284.749850]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.749850]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1284.749850]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1284.749850]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.749850]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1284.749850]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1284.749850]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1284.749850]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.749850]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.749850]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1284.749850]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1284.749850]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1284.749850]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1284.749850]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.749850]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1284.749850]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1284.749850]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1284.749850]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1284.749850]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1284.749850]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1284.749850]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.749850]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1284.749850]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1284.749850]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.749850]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1284.749850]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1284.749850]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1284.749850] Memory state around the buggy address:
[ 1284.749850]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.749850]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.749850] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.749850]                    ^
[ 1284.749850]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.749850]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.749850] ==================================================================
[ 1284.839908] ==================================================================
[ 1284.840892] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2b73/0x2ce0 at addr ffff880389e56008
[ 1284.840900] Read of size 8 by task httpd/819
[ 1284.840900] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1284.840900] flags: 0x1000000000000000()
[ 1284.840900] page dumped because: kasan: bad access detected
[ 1284.840900] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1284.840900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1284.840900]  dffffc0000000000 ffff8803aef07350 ffffffff8199f263 ffff8803aef073e0
[ 1284.840900]  ffff880389e56008 ffff8803aef073d0 ffffffff8151c33e 0000000000000010
[ 1284.840900]  ffff880300000000 ffffed00713cac00 0000000000000282 ffffffff4c8e38ec
[ 1284.840900] Call Trace:
[ 1284.840900]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1284.840900]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1284.840900]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 1284.840900]  [<ffffffff821001a3>] ? tcp_clean_rtx_queue+0x2b73/0x2ce0
[ 1284.840900]  [<ffffffff821001a3>] tcp_clean_rtx_queue+0x2b73/0x2ce0
[ 1284.840900]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1284.840900]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1284.840900]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.840900]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1284.840900]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.840900]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1284.840900]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1284.840900]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1284.840900]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1284.840900]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1284.840900]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1284.840900]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1284.840900]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1284.840900]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1284.840900]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1284.840900]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1284.840900]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1284.840900]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1284.840900]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1284.840900]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1284.840900]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1284.840900]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1284.840900]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.840900]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1284.840900]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.840900]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1284.840900]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.840900]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.840900]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1284.840900]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1284.840900]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1284.840900]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.840900]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1284.840900]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1284.840900]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.840900]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1284.840900]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1284.840900]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1284.840900]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1284.840900]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1284.840900]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1284.840900]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1284.840900]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1284.840900]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1284.840900]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1284.840900]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1284.840900]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1284.840900]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1284.840900]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1284.840900]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1284.840900]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1284.840900]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1284.840900]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1284.840900]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1284.840900]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1284.840900]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1284.840900]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1284.840900]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1284.840900]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1284.840900]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1284.840900]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1284.840900]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1284.840900]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1284.840900]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.840900]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.840900]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1284.840900]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.840900]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1284.840900]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1284.840900]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.840900]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1284.840900]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1284.840900]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1284.840900]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.840900]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.840900]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1284.840900]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1284.840900]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1284.840900]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1284.840900]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.840900]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1284.840900]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1284.840900]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1284.840900]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1284.840900]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1284.840900]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1284.840900]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.840900]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1284.840900]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1284.840900]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.840900]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1284.840900]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1284.840900]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1284.840900] Memory state around the buggy address:
[ 1284.840900]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.840900]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.840900] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.840900]                       ^
[ 1284.840900]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.840900]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.840900] ==================================================================
[ 1284.924745] ==================================================================
[ 1284.925736] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x1ba5/0x2ce0 at addr ffff880389e560f0
[ 1284.925736] Read of size 4 by task httpd/819
[ 1284.925736] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1284.925736] flags: 0x1000000000000000()
[ 1284.925736] page dumped because: kasan: bad access detected
[ 1284.925736] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1284.925736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1284.925736]  dffffc0000000000 ffff8803aef07350 ffffffff8199f263 ffff8803aef073e0
[ 1284.925736]  ffff880389e560f0 ffff8803aef073d0 ffffffff8151c33e 0000000000000010
[ 1284.925736]  ffff880300000000 ffffed00713cac01 0000000000000282 ffffffff4c8e38ec
[ 1284.925736] Call Trace:
[ 1284.925736]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1284.925736]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1284.925736]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1284.925736]  [<ffffffff820ff1d5>] ? tcp_clean_rtx_queue+0x1ba5/0x2ce0
[ 1284.925736]  [<ffffffff820ff1d5>] tcp_clean_rtx_queue+0x1ba5/0x2ce0
[ 1284.925736]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1284.925736]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1284.925736]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.925736]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1284.925736]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.925736]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1284.925736]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1284.925736]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1284.925736]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1284.925736]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1284.925736]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1284.925736]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1284.925736]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1284.925736]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1284.925736]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1284.925736]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1284.925736]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1284.925736]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1284.925736]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1284.925736]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1284.925736]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1284.925736]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1284.925736]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.925736]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1284.925736]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1284.925736]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1284.925736]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.925736]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.925736]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1284.925736]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1284.925736]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1284.925736]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.925736]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1284.925736]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1284.925736]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1284.925736]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1284.925736]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1284.925736]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1284.925736]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1284.925736]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1284.925736]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1284.925736]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1284.925736]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1284.925736]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1284.925736]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1284.925736]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1284.925736]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1284.925736]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1284.925736]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1284.925736]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1284.925736]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1284.925736]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1284.925736]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1284.925736]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1284.925736]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1284.925736]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1284.925736]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1284.925736]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1284.925736]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1284.925736]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1284.925736]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1284.925736]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1284.925736]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1284.925736]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.925736]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1284.925736]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1284.925736]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.925736]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1284.925736]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1284.925736]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.925736]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1284.925736]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1284.925736]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1284.925736]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1284.925736]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.925736]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1284.925736]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1284.925736]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1284.925736]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1284.925736]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1284.925736]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1284.925736]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1284.925736]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1284.925736]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1284.925736]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1284.925736]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1284.925736]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.925736]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1284.925736]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1284.925736]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1284.925736]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1284.925736]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1284.925736]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1284.925736] Memory state around the buggy address:
[ 1284.925736]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1284.925736]  ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.925736] >ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.925736]                                                              ^
[ 1284.925736]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.925736]  ffff880389e56180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1284.925736] ==================================================================
[ 1285.015502] ==================================================================
[ 1285.016493] BUG: KASAN: use-after-free in skb_release_head_state+0x1bc/0x1f0 at addr ffff880389e56068
[ 1285.016494] Read of size 8 by task httpd/819
[ 1285.016494] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1285.016494] flags: 0x1000000000000000()
[ 1285.016494] page dumped because: kasan: bad access detected
[ 1285.016494] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1285.016494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1285.016494]  dffffc0000000000 ffff8803aef07300 ffffffff8199f263 ffff8803aef07390
[ 1285.016494]  ffff880389e56068 ffff8803aef07380 ffffffff8151c33e ffff8803aef07328
[ 1285.016494]  0000000000000018 0000000000000282 0000000000000282 ffffed00713cac40
[ 1285.016494] Call Trace:
[ 1285.016494]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1285.016494]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1285.016494]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 1285.016494]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 1285.016494]  [<ffffffff81f6dddc>] ? skb_release_head_state+0x1bc/0x1f0
[ 1285.016494]  [<ffffffff81f6dddc>] skb_release_head_state+0x1bc/0x1f0
[ 1285.016494]  [<ffffffff81f7ea62>] skb_release_all+0x12/0x50
[ 1285.016494]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 1285.016494]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1285.016494]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1285.016494]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1285.016494]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.016494]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1285.016494]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.016494]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1285.016494]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1285.016494]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1285.016494]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1285.016494]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1285.016494]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1285.016494]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1285.016494]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1285.016494]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1285.016494]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1285.016494]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1285.016494]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1285.016494]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1285.016494]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1285.016494]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1285.016494]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1285.016494]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1285.016494]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.016494]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1285.016494]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.016494]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1285.016494]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.016494]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.016494]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1285.016494]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1285.016494]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1285.016494]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.016494]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1285.016494]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1285.016494]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.016494]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1285.016494]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1285.016494]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1285.016494]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1285.016494]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1285.016494]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1285.016494]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1285.016494]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1285.016494]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1285.016494]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1285.016494]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1285.016494]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1285.016494]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1285.016494]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1285.016494]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1285.016494]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1285.016494]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1285.016494]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1285.016494]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1285.016494]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1285.016494]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1285.016494]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1285.016494]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1285.016494]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1285.016494]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1285.016494]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1285.016494]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1285.016494]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1285.016494]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.016494]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.016494]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1285.016494]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.016494]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1285.016494]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1285.016494]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.016494]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1285.016494]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1285.016494]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1285.016494]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.016494]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.016494]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1285.016494]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1285.016494]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1285.016494]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1285.016494]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.016494]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1285.016494]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1285.016494]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1285.016494]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1285.016494]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1285.016494]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1285.016494]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.016494]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1285.016494]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1285.016494]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.016494]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1285.016494]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1285.016494]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1285.016494] Memory state around the buggy address:
[ 1285.016494]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.016494]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.016494] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.016494]                                                           ^
[ 1285.016494]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.016494]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.016494] ==================================================================
[ 1285.108793] ==================================================================
[ 1285.109785] BUG: KASAN: use-after-free in skb_release_head_state+0x1c6/0x1f0 at addr ffff880389e56078
[ 1285.109785] Read of size 8 by task httpd/819
[ 1285.109785] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1285.109785] flags: 0x1000000000000000()
[ 1285.109785] page dumped because: kasan: bad access detected
[ 1285.109785] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1285.109785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1285.109785]  dffffc0000000000 ffff8803aef07300 ffffffff8199f263 ffff8803aef07390
[ 1285.109785]  ffff880389e56078 ffff8803aef07380 ffffffff8151c33e 0000000000000010
[ 1285.109785]  0000000000000000 ffffed00713cac0d 0000000000000282 ffffffff713cac40
[ 1285.109785] Call Trace:
[ 1285.109785]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1285.109785]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1285.109785]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 1285.109785]  [<ffffffff81f6dde6>] ? skb_release_head_state+0x1c6/0x1f0
[ 1285.109785]  [<ffffffff81f6dde6>] skb_release_head_state+0x1c6/0x1f0
[ 1285.109785]  [<ffffffff81f7ea62>] skb_release_all+0x12/0x50
[ 1285.109785]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 1285.109785]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1285.109785]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1285.109785]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1285.109785]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.109785]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1285.109785]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.109785]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1285.109785]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1285.109785]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1285.109785]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1285.109785]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1285.109785]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1285.109785]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1285.109785]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1285.109785]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1285.109785]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1285.109785]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1285.109785]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1285.109785]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1285.109785]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1285.109785]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1285.109785]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1285.109785]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1285.109785]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.109785]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1285.109785]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.109785]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1285.109785]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.109785]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.109785]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1285.109785]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1285.109785]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1285.109785]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.109785]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1285.109785]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1285.109785]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.109785]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1285.109785]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1285.109785]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1285.109785]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1285.109785]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1285.109785]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1285.109785]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1285.109785]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1285.109785]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1285.109785]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1285.109785]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1285.109785]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1285.109785]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1285.109785]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1285.109785]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1285.109785]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1285.109785]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1285.109785]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1285.109785]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1285.109785]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1285.109785]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1285.109785]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1285.109785]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1285.109785]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1285.109785]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1285.109785]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1285.109785]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1285.109785]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1285.109785]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.109785]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.109785]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1285.109785]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.109785]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1285.109785]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1285.109785]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.109785]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1285.109785]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1285.109785]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1285.109785]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.109785]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.109785]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1285.109785]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1285.109785]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1285.109785]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1285.109785]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.109785]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1285.109785]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1285.109785]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1285.109785]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1285.109785]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1285.109785]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1285.109785]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.109785]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1285.109785]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1285.109785]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.109785]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1285.109785]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1285.109785]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1285.109785] Memory state around the buggy address:
[ 1285.109785]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.109785]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.109785] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.109785]                                                                 ^
[ 1285.109785]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.109785]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.109785] ==================================================================
[ 1285.201230] ==================================================================
[ 1285.202222] BUG: KASAN: use-after-free in skb_release_head_state+0x1af/0x1f0 at addr ffff880389e56070
[ 1285.202222] Read of size 8 by task httpd/819
[ 1285.202222] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1285.202222] flags: 0x1000000000000000()
[ 1285.202222] page dumped because: kasan: bad access detected
[ 1285.202222] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1285.202222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1285.202222]  dffffc0000000000 ffff8803aef07300 ffffffff8199f263 ffff8803aef07390
[ 1285.202222]  ffff880389e56070 ffff8803aef07380 ffffffff8151c33e 0000000000000010
[ 1285.202222]  0000000000000000 ffffed00713cac0f 0000000000000282 ffffffff713cac40
[ 1285.202222] Call Trace:
[ 1285.202222]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1285.202222]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1285.202222]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 1285.202222]  [<ffffffff81f6ddcf>] ? skb_release_head_state+0x1af/0x1f0
[ 1285.202222]  [<ffffffff81f6ddcf>] skb_release_head_state+0x1af/0x1f0
[ 1285.202222]  [<ffffffff81f7ea62>] skb_release_all+0x12/0x50
[ 1285.202222]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 1285.202222]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1285.202222]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1285.202222]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1285.202222]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.202222]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1285.202222]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.202222]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1285.202222]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1285.202222]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1285.202222]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1285.202222]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1285.202222]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1285.202222]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1285.202222]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1285.202222]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1285.202222]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1285.202222]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1285.202222]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1285.202222]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1285.202222]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1285.202222]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1285.202222]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1285.202222]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1285.202222]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.202222]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1285.202222]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.202222]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1285.202222]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.202222]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.202222]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1285.202222]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1285.202222]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1285.202222]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.202222]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1285.202222]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1285.202222]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.202222]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1285.202222]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1285.202222]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1285.202222]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1285.202222]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1285.202222]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1285.202222]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1285.202222]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1285.202222]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1285.202222]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1285.202222]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1285.202222]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1285.202222]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1285.202222]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1285.202222]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1285.202222]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1285.202222]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1285.202222]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1285.202222]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1285.202222]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1285.202222]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1285.202222]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1285.202222]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1285.202222]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1285.202222]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1285.202222]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1285.202222]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1285.202222]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1285.202222]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.202222]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.202222]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1285.202222]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.202222]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1285.202222]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1285.202222]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.202222]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1285.202222]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1285.202222]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1285.202222]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.202222]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.202222]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1285.202222]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1285.202222]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1285.202222]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1285.202222]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.202222]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1285.202222]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1285.202222]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1285.202222]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1285.202222]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1285.202222]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1285.202222]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.202222]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1285.202222]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1285.202222]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.202222]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1285.202222]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1285.202222]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1285.202222] Memory state around the buggy address:
[ 1285.202222]  ffff880389e55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.202222]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.202222] >ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.202222]                                                              ^
[ 1285.202222]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.202222]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.202222] ==================================================================
[ 1285.286245] ==================================================================
[ 1285.287231] BUG: KASAN: use-after-free in skb_release_head_state+0x1da/0x1f0 at addr ffff880389e56080
[ 1285.287237] Read of size 8 by task httpd/819
[ 1285.287237] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1285.287237] flags: 0x1000000000000000()
[ 1285.287237] page dumped because: kasan: bad access detected
[ 1285.287237] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1285.287237] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1285.287237]  dffffc0000000000 ffff8803aef07300 ffffffff8199f263 ffff8803aef07390
[ 1285.287237]  ffff880389e56080 ffff8803aef07380 ffffffff8151c33e 0000000000000010
[ 1285.287237]  0000000000000000 ffffed00713cac0e 0000000000000282 ffffffff713cac40
[ 1285.287237] Call Trace:
[ 1285.287237]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1285.287237]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1285.287237]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 1285.287237]  [<ffffffff81f6ddfa>] ? skb_release_head_state+0x1da/0x1f0
[ 1285.287237]  [<ffffffff81f6ddfa>] skb_release_head_state+0x1da/0x1f0
[ 1285.287237]  [<ffffffff81f7ea62>] skb_release_all+0x12/0x50
[ 1285.287237]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 1285.287237]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1285.287237]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1285.287237]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1285.287237]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.287237]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1285.287237]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.287237]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1285.287237]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1285.287237]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1285.287237]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1285.287237]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1285.287237]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1285.287237]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1285.287237]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1285.287237]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1285.287237]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1285.287237]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1285.287237]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1285.287237]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1285.287237]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1285.287237]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1285.287237]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1285.287237]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1285.287237]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.287237]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1285.287237]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.287237]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1285.287237]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.287237]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.287237]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1285.287237]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1285.287237]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1285.287237]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.287237]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1285.287237]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1285.287237]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.287237]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1285.287237]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1285.287237]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1285.287237]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1285.287237]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1285.287237]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1285.287237]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1285.287237]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1285.287237]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1285.287237]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1285.287237]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1285.287237]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1285.287237]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1285.287237]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1285.287237]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1285.287237]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1285.287237]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1285.287237]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1285.287237]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1285.287237]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1285.287237]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1285.287237]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1285.287237]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1285.287237]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1285.287237]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1285.287237]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1285.287237]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1285.287237]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1285.287237]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.287237]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.287237]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1285.287237]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.287237]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1285.287237]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1285.287237]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.287237]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1285.287237]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1285.287237]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1285.287237]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.287237]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.287237]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1285.287237]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1285.287237]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1285.287237]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1285.287237]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.287237]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1285.287237]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1285.287237]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1285.287237]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1285.287237]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1285.287237]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1285.287237]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.287237]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1285.287237]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1285.287237]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.287237]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1285.287237]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1285.287237]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1285.287237] Memory state around the buggy address:
[ 1285.287237]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.287237]  ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.287237] >ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.287237]                    ^
[ 1285.287237]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.287237]  ffff880389e56180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.287237] ==================================================================
[ 1285.377825] ==================================================================
[ 1285.378813] BUG: KASAN: use-after-free in skb_release_head_state+0x1d0/0x1f0 at addr ffff880389e56088
[ 1285.378815] Read of size 8 by task httpd/819
[ 1285.378815] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1285.378815] flags: 0x1000000000000000()
[ 1285.378815] page dumped because: kasan: bad access detected
[ 1285.378815] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1285.378815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1285.378815]  dffffc0000000000 ffff8803aef07300 ffffffff8199f263 ffff8803aef07390
[ 1285.378815]  ffff880389e56088 ffff8803aef07380 ffffffff8151c33e 0000000000000010
[ 1285.378815]  0000000000000000 ffffed00713cac10 0000000000000282 ffffffff713cac40
[ 1285.378815] Call Trace:
[ 1285.378815]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1285.378815]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1285.378815]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 1285.378815]  [<ffffffff81f6ddf0>] ? skb_release_head_state+0x1d0/0x1f0
[ 1285.378815]  [<ffffffff81f6ddf0>] skb_release_head_state+0x1d0/0x1f0
[ 1285.378815]  [<ffffffff81f7ea62>] skb_release_all+0x12/0x50
[ 1285.378815]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 1285.378815]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1285.378815]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1285.378815]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1285.378815]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.378815]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1285.378815]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.378815]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1285.378815]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1285.378815]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1285.378815]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1285.378815]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1285.378815]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1285.378815]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1285.378815]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1285.378815]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1285.378815]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1285.378815]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1285.378815]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1285.378815]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1285.378815]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1285.378815]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1285.378815]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1285.378815]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1285.378815]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.378815]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1285.378815]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.378815]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1285.378815]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.378815]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.378815]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1285.378815]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1285.378815]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1285.378815]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.378815]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1285.378815]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1285.378815]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.378815]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1285.378815]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1285.378815]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1285.378815]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1285.378815]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1285.378815]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1285.378815]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1285.378815]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1285.378815]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1285.378815]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1285.378815]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1285.378815]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1285.378815]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1285.378815]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1285.378815]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1285.378815]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1285.378815]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1285.378815]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1285.378815]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1285.378815]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1285.378815]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1285.378815]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1285.378815]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1285.378815]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1285.378815]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1285.378815]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1285.378815]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1285.378815]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1285.378815]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.378815]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.378815]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1285.378815]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.378815]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1285.378815]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1285.378815]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.378815]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1285.378815]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1285.378815]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1285.378815]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.378815]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.378815]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1285.378815]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1285.378815]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1285.378815]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1285.378815]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.378815]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1285.378815]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1285.378815]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1285.378815]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1285.378815]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1285.378815]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1285.378815]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.378815]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1285.378815]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1285.378815]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.378815]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1285.378815]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1285.378815]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1285.378815] Memory state around the buggy address:
[ 1285.378815]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.378815]  ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.378815] >ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.378815]                       ^
[ 1285.378815]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.378815]  ffff880389e56180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.378815] ==================================================================
[ 1285.471185] ==================================================================
[ 1285.472176] BUG: KASAN: use-after-free in skb_release_all+0x4a/0x50 at addr ffff880389e560e0
[ 1285.472176] Read of size 8 by task httpd/819
[ 1285.472176] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1285.472176] flags: 0x1000000000000000()
[ 1285.472176] page dumped because: kasan: bad access detected
[ 1285.472176] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1285.472176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1285.472176]  dffffc0000000000 ffff8803aef07320 ffffffff8199f263 ffff8803aef073b0
[ 1285.472176]  ffff880389e560e0 ffff8803aef073a0 ffffffff8151c33e ffffffff713cac40
[ 1285.472176]  ffffffffffffffff 66666620ffffffff 0000000000000286 00203a3038313635
[ 1285.472176] Call Trace:
[ 1285.472176]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1285.472176]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1285.472176]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 1285.472176]  [<ffffffff81f7ea9a>] ? skb_release_all+0x4a/0x50
[ 1285.472176]  [<ffffffff81f7ea9a>] skb_release_all+0x4a/0x50
[ 1285.472176]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 1285.472176]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1285.472176]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1285.472176]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1285.472176]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.472176]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1285.472176]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.472176]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1285.472176]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1285.472176]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1285.472176]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1285.472176]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1285.472176]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1285.472176]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1285.472176]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1285.472176]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1285.472176]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1285.472176]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1285.472176]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1285.472176]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1285.472176]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1285.472176]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1285.472176]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1285.472176]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1285.472176]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.472176]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1285.472176]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.472176]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1285.472176]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.472176]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.472176]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1285.472176]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1285.472176]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1285.472176]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.472176]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1285.472176]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1285.472176]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.472176]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1285.472176]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1285.472176]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1285.472176]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1285.472176]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1285.472176]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1285.472176]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1285.472176]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1285.472176]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1285.472176]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1285.472176]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1285.472176]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1285.472176]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1285.472176]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1285.472176]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1285.472176]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1285.472176]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1285.472176]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1285.472176]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1285.472176]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1285.472176]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1285.472176]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1285.472176]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1285.472176]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1285.472176]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1285.472176]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1285.472176]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1285.472176]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1285.472176]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.472176]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.472176]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1285.472176]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.472176]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1285.472176]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1285.472176]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.472176]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1285.472176]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1285.472176]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1285.472176]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.472176]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.472176]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1285.472176]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1285.472176]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1285.472176]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1285.472176]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.472176]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1285.472176]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1285.472176]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1285.472176]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1285.472176]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1285.472176]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1285.472176]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.472176]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1285.472176]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1285.472176]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.472176]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1285.472176]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1285.472176]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1285.472176] Memory state around the buggy address:
[ 1285.472176]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.472176]  ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.472176] >ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.472176]                                                        ^
[ 1285.472176]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.472176]  ffff880389e56180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.472176] ==================================================================
[ 1285.576271] ==================================================================
[ 1285.577263] BUG: KASAN: use-after-free in skb_release_data+0x2fb/0x320 at addr ffff880389e560dc
[ 1285.577263] Read of size 4 by task httpd/819
[ 1285.577263] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1285.577263] flags: 0x1000000000000000()
[ 1285.577263] page dumped because: kasan: bad access detected
[ 1285.577263] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1285.577263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1285.577263]  dffffc0000000000 ffff8803aef072e0 ffffffff8199f263 ffff8803aef07370
[ 1285.577263]  ffff880389e560dc ffff8803aef07360 ffffffff8151c33e 0000000000000286
[ 1285.577263]  ffff8803aef07348 ffffed00713cac40 0000000000000282 ffffffff8151be77
[ 1285.577263] Call Trace:
[ 1285.577263]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1285.577263]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1285.577263]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 1285.577263]  [<ffffffff8151c2bd>] ? kasan_report_error+0x42d/0x4e0
[ 1285.577263]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1285.577263]  [<ffffffff81f7ea2b>] ? skb_release_data+0x2fb/0x320
[ 1285.577263]  [<ffffffff81f7ea2b>] skb_release_data+0x2fb/0x320
[ 1285.577263]  [<ffffffff81f7ea92>] skb_release_all+0x42/0x50
[ 1285.577263]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 1285.577263]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1285.577263]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1285.577263]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1285.577263]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.577263]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1285.577263]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.577263]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1285.577263]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1285.577263]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1285.577263]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1285.577263]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1285.577263]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1285.577263]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1285.577263]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1285.577263]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1285.577263]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1285.577263]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1285.577263]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1285.577263]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1285.577263]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1285.577263]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1285.577263]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1285.577263]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1285.577263]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.577263]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1285.577263]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.577263]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1285.577263]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.577263]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.577263]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1285.577263]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1285.577263]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1285.577263]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.577263]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1285.577263]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1285.577263]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.577263]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1285.577263]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1285.577263]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1285.577263]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1285.577263]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1285.577263]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1285.577263]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1285.577263]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1285.577263]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1285.577263]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1285.577263]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1285.577263]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1285.577263]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1285.577263]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1285.577263]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1285.577263]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1285.577263]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1285.577263]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1285.577263]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1285.577263]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1285.577263]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1285.577263]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1285.577263]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1285.577263]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1285.577263]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1285.577263]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1285.577263]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1285.577263]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1285.577263]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.577263]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.577263]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1285.577263]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.577263]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1285.577263]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1285.577263]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.577263]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1285.577263]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1285.577263]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1285.577263]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.577263]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.577263]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1285.577263]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1285.577263]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1285.577263]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1285.577263]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.577263]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1285.577263]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1285.577263]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1285.577263]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1285.577263]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1285.577263]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1285.577263]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.577263]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1285.577263]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1285.577263]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.577263]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1285.577263]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1285.577263]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1285.577263] Memory state around the buggy address:
[ 1285.577263]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.577263]  ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.577263] >ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.577263]                                                     ^
[ 1285.577263]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.577263]  ffff880389e56180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.577263] ==================================================================
[ 1285.667059] ==================================================================
[ 1285.668012] BUG: KASAN: use-after-free in skb_release_data+0x2f1/0x320 at addr ffff880389e560e0
[ 1285.668050] Read of size 8 by task httpd/819
[ 1285.668050] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1285.668050] flags: 0x1000000000000000()
[ 1285.668050] page dumped because: kasan: bad access detected
[ 1285.668050] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1285.668050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1285.668050]  dffffc0000000000 ffff8803aef072e0 ffffffff8199f263 ffff8803aef07370
[ 1285.668050]  ffff880389e560e0 ffff8803aef07360 ffffffff8151c33e 0000000000000010
[ 1285.668050]  ffff880300000000 ffffed00713cac1b 0000000000000282 ffffffff8151be77
[ 1285.668050] Call Trace:
[ 1285.668050]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1285.668050]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1285.668050]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 1285.668050]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 1285.668050]  [<ffffffff81f7ea21>] ? skb_release_data+0x2f1/0x320
[ 1285.668050]  [<ffffffff81f7ea21>] skb_release_data+0x2f1/0x320
[ 1285.668050]  [<ffffffff81f7ea92>] skb_release_all+0x42/0x50
[ 1285.668050]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 1285.668050]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1285.668050]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1285.668050]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1285.668050]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.668050]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1285.668050]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.668050]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1285.668050]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1285.668050]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1285.668050]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1285.668050]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1285.668050]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1285.668050]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1285.668050]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1285.668050]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1285.668050]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1285.668050]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1285.668050]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1285.668050]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1285.668050]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1285.668050]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1285.668050]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1285.668050]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1285.668050]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.668050]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1285.668050]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.668050]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1285.668050]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.668050]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.668050]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1285.668050]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1285.668050]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1285.668050]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.668050]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1285.668050]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1285.668050]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.668050]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1285.668050]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1285.668050]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1285.668050]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1285.668050]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1285.668050]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1285.668050]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1285.668050]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1285.668050]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1285.668050]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1285.668050]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1285.668050]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1285.668050]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1285.668050]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1285.668050]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1285.668050]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1285.668050]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1285.668050]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1285.668050]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1285.668050]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1285.668050]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1285.668050]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1285.668050]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1285.668050]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1285.668050]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1285.668050]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1285.668050]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1285.668050]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1285.668050]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.668050]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.668050]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1285.668050]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.668050]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1285.668050]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1285.668050]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.668050]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1285.668050]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1285.668050]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1285.668050]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.668050]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.668050]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1285.668050]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1285.668050]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1285.668050]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1285.668050]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.668050]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1285.668050]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1285.668050]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1285.668050]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1285.668050]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1285.668050]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1285.668050]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.668050]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1285.668050]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1285.668050]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.668050]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1285.668050]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1285.668050]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1285.668050] Memory state around the buggy address:
[ 1285.668050]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.668050]  ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.668050] >ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.668050]                                                        ^
[ 1285.668050]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.668050]  ffff880389e56180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.668050] ==================================================================
[ 1285.762952] ==================================================================
[ 1285.763927] BUG: KASAN: use-after-free in skb_release_data+0x2d0/0x320 at addr ffff880389e5609e
[ 1285.763943] Read of size 1 by task httpd/819
[ 1285.763943] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1285.763943] flags: 0x1000000000000000()
[ 1285.763943] page dumped because: kasan: bad access detected
[ 1285.763943] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1285.763943] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1285.763943]  dffffc0000000000 ffff8803aef072e0 ffffffff8199f263 ffff8803aef07370
[ 1285.763943]  ffff880389e5609e ffff8803aef07360 ffffffff8151c33e 0000000000000010
[ 1285.763943]  ffff880300000000 ffffed00713cac1c 0000000000000282 ffffffff8151be77
[ 1285.763943] Call Trace:
[ 1285.763943]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1285.763943]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1285.763943]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 1285.763943]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 1285.763943]  [<ffffffff81f7ea00>] ? skb_release_data+0x2d0/0x320
[ 1285.763943]  [<ffffffff81f7ea00>] skb_release_data+0x2d0/0x320
[ 1285.763943]  [<ffffffff81f7ea92>] skb_release_all+0x42/0x50
[ 1285.763943]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 1285.763943]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1285.763943]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1285.763943]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1285.763943]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.763943]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1285.763943]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.763943]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1285.763943]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1285.763943]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1285.763943]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1285.763943]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1285.763943]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1285.763943]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1285.763943]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1285.763943]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1285.763943]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1285.763943]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1285.763943]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1285.763943]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1285.763943]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1285.763943]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1285.763943]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1285.763943]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1285.763943]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.763943]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1285.763943]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.763943]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1285.763943]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.763943]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.763943]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1285.763943]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1285.763943]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1285.763943]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.763943]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1285.763943]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1285.763943]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.763943]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1285.763943]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1285.763943]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1285.763943]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1285.763943]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1285.763943]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1285.763943]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1285.763943]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1285.763943]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1285.763943]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1285.763943]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1285.763943]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1285.763943]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1285.763943]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1285.763943]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1285.763943]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1285.763943]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1285.763943]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1285.763943]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1285.763943]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1285.763943]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1285.763943]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1285.763943]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1285.763943]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1285.763943]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1285.763943]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1285.763943]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1285.763943]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1285.763943]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.763943]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.763943]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1285.763943]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.763943]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1285.763943]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1285.763943]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.763943]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1285.763943]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1285.763943]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1285.763943]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.763943]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.763943]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1285.763943]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1285.763943]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1285.763943]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1285.763943]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.763943]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1285.763943]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1285.763943]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1285.763943]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1285.763943]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1285.763943]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1285.763943]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.763943]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1285.763943]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1285.763943]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.763943]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1285.763943]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1285.763943]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1285.763943] Memory state around the buggy address:
[ 1285.763943]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.763943]  ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.763943] >ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.763943]                             ^
[ 1285.763943]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.763943]  ffff880389e56180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.763943] ==================================================================
[ 1285.857091] ==================================================================
[ 1285.858064] BUG: KASAN: use-after-free in skb_free_head+0x8a/0x90 at addr ffff880389e560e0
[ 1285.858080] Read of size 8 by task httpd/819
[ 1285.858080] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1285.858080] flags: 0x1000000000000000()
[ 1285.858080] page dumped because: kasan: bad access detected
[ 1285.858080] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1285.858080] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1285.858080]  0000000000000004 ffff8803aef072c0 ffffffff8199f263 ffff8803aef07350
[ 1285.858080]  ffff880389e560e0 ffff8803aef07340 ffffffff8151c33e ffffffff8151be77
[ 1285.858080]  ffffed00713cac30 ffff8803aef07360 0000000000000286 0000000000000010
[ 1285.858080] Call Trace:
[ 1285.858080]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1285.858080]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1285.858080]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 1285.858080]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 1285.858080]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 1285.858080]  [<ffffffff8151c300>] ? kasan_report_error+0x470/0x4e0
[ 1285.858080]  [<ffffffff81f6de9a>] ? skb_free_head+0x8a/0x90
[ 1285.858080]  [<ffffffff81f6de9a>] skb_free_head+0x8a/0x90
[ 1285.858080]  [<ffffffff81f7e95c>] skb_release_data+0x22c/0x320
[ 1285.858080]  [<ffffffff81f7ea92>] skb_release_all+0x42/0x50
[ 1285.858080]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 1285.858080]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1285.858080]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1285.858080]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1285.858080]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.858080]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1285.858080]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.858080]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1285.858080]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1285.858080]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1285.858080]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1285.858080]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1285.858080]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1285.858080]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1285.858080]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1285.858080]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1285.858080]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1285.858080]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1285.858080]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1285.858080]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1285.858080]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1285.858080]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1285.858080]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1285.858080]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1285.858080]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.858080]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1285.858080]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.858080]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1285.858080]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.858080]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.858080]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1285.858080]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1285.858080]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1285.858080]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.858080]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1285.858080]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1285.858080]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.858080]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1285.858080]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1285.858080]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1285.858080]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1285.858080]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1285.858080]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1285.858080]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1285.858080]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1285.858080]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1285.858080]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1285.858080]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1285.858080]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1285.858080]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1285.858080]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1285.858080]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1285.858080]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1285.858080]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1285.858080]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1285.858080]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1285.858080]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1285.858080]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1285.858080]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1285.858080]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1285.858080]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1285.858080]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1285.858080]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1285.858080]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1285.858080]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1285.858080]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.858080]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.858080]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1285.858080]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.858080]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1285.858080]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1285.858080]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.858080]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1285.858080]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1285.858080]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1285.858080]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.858080]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.858080]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1285.858080]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1285.858080]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1285.858080]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1285.858080]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.858080]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1285.858080]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1285.858080]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1285.858080]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1285.858080]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1285.858080]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1285.858080]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.858080]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1285.858080]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1285.858080]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.858080]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1285.858080]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1285.858080]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1285.858080] Memory state around the buggy address:
[ 1285.858080]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.858080]  ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.858080] >ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.858080]                                                        ^
[ 1285.858080]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.858080]  ffff880389e56180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.858080] ==================================================================
[ 1285.953248] ==================================================================
[ 1285.954212] BUG: KASAN: use-after-free in skb_free_head+0x83/0x90 at addr ffff880389e5609e
[ 1285.954238] Read of size 1 by task httpd/819
[ 1285.954238] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1285.954238] flags: 0x1000000000000000()
[ 1285.954238] page dumped because: kasan: bad access detected
[ 1285.954238] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1285.954238] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1285.954238]  0000000000000004 ffff8803aef072c0 ffffffff8199f263 ffff8803aef07350
[ 1285.954238]  ffff880389e5609e ffff8803aef07340 ffffffff8151c33e 0000000000000010
[ 1285.954238]  ffffed0000000000 ffffed00713cac1c 0000000000000286 ffffffff00000010
[ 1285.954238] Call Trace:
[ 1285.954238]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1285.954238]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1285.954238]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 1285.954238]  [<ffffffff8151c300>] ? kasan_report_error+0x470/0x4e0
[ 1285.954238]  [<ffffffff81f6de93>] ? skb_free_head+0x83/0x90
[ 1285.954238]  [<ffffffff81f6de93>] skb_free_head+0x83/0x90
[ 1285.954238]  [<ffffffff81f7e95c>] skb_release_data+0x22c/0x320
[ 1285.954238]  [<ffffffff81f7ea92>] skb_release_all+0x42/0x50
[ 1285.954238]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 1285.954238]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1285.954238]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1285.954238]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1285.954238]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.954238]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1285.954238]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.954238]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1285.954238]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1285.954238]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1285.954238]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1285.954238]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1285.954238]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1285.954238]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1285.954238]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1285.954238]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1285.954238]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1285.954238]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1285.954238]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1285.954238]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1285.954238]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1285.954238]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1285.954238]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1285.954238]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1285.954238]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.954238]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1285.954238]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1285.954238]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1285.954238]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.954238]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.954238]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1285.954238]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1285.954238]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1285.954238]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.954238]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1285.954238]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1285.954238]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1285.954238]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1285.954238]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1285.954238]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1285.954238]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1285.954238]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1285.954238]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1285.954238]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1285.954238]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1285.954238]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1285.954238]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1285.954238]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1285.954238]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1285.954238]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1285.954238]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1285.954238]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1285.954238]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1285.954238]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1285.954238]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1285.954238]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1285.954238]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1285.954238]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1285.954238]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1285.954238]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1285.954238]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1285.954238]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1285.954238]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1285.954238]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1285.954238]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1285.954238]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.954238]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1285.954238]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1285.954238]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.954238]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1285.954238]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1285.954238]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.954238]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1285.954238]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1285.954238]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1285.954238]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1285.954238]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.954238]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1285.954238]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1285.954238]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1285.954238]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1285.954238]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1285.954238]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1285.954238]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1285.954238]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1285.954238]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1285.954238]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1285.954238]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1285.954238]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.954238]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1285.954238]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1285.954238]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1285.954238]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1285.954238]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1285.954238]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1285.954238] Memory state around the buggy address:
[ 1285.954238]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1285.954238]  ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.954238] >ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.954238]                             ^
[ 1285.954238]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.954238]  ffff880389e56180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1285.954238] ==================================================================
[ 1286.047833] ==================================================================
[ 1286.048793] BUG: KASAN: use-after-free in kfree_skbmem+0x2ae/0x330 at addr ffff880389e5609e
[ 1286.048823] Read of size 1 by task httpd/819
[ 1286.048823] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1286.048823] flags: 0x1000000000000000()
[ 1286.048823] page dumped because: kasan: bad access detected
[ 1286.048823] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1286.048823] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1286.048823]  dffffc0000000000 ffff8803aef07318 ffffffff8199f263 ffff8803aef073a8
[ 1286.048823]  ffff880389e5609e ffff8803aef07398 ffffffff8151c33e 0000000000000004
[ 1286.048823]  dffffc0000000000 dffffc0000000000 0000000000000296 ffffffff8151c3b3
[ 1286.048823] Call Trace:
[ 1286.048823]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1286.048823]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1286.048823]  [<ffffffff8151c3b3>] ? __asan_report_load1_noabort+0x43/0x50
[ 1286.048823]  [<ffffffff8151c300>] ? kasan_report_error+0x470/0x4e0
[ 1286.048823]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 1286.048823]  [<ffffffff81f7e30e>] ? kfree_skbmem+0x2ae/0x330
[ 1286.048823]  [<ffffffff81f7e30e>] kfree_skbmem+0x2ae/0x330
[ 1286.048823]  [<ffffffff81f7e3aa>] __kfree_skb+0x1a/0x20
[ 1286.048823]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1286.048823]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1286.048823]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1286.048823]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1286.048823]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1286.048823]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1286.048823]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1286.048823]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1286.048823]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1286.048823]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1286.048823]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1286.048823]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1286.048823]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1286.048823]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1286.048823]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1286.048823]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1286.048823]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1286.048823]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1286.048823]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1286.048823]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1286.048823]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1286.048823]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1286.048823]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1286.048823]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1286.048823]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1286.048823]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1286.048823]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1286.048823]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1286.048823]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1286.048823]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1286.048823]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1286.048823]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1286.048823]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1286.048823]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1286.048823]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1286.048823]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1286.048823]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1286.048823]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1286.048823]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1286.048823]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1286.048823]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1286.048823]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1286.048823]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1286.048823]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1286.048823]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1286.048823]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1286.048823]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1286.048823]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1286.048823]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1286.048823]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1286.048823]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1286.048823]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1286.048823]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1286.048823]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1286.048823]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1286.048823]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1286.048823]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1286.048823]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1286.048823]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1286.048823]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1286.048823]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1286.048823]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1286.048823]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1286.048823]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1286.048823]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1286.048823]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1286.048823]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1286.048823]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1286.048823]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1286.048823]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1286.048823]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1286.048823]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1286.048823]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1286.048823]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1286.048823]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1286.048823]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1286.048823]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1286.048823]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1286.048823]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1286.048823]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1286.048823]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1286.048823]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1286.048823]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1286.048823]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1286.048823]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1286.048823]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1286.048823]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1286.048823]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1286.048823]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1286.048823]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1286.048823]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1286.048823]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1286.048823]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1286.048823]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1286.048823] Memory state around the buggy address:
[ 1286.048823]  ffff880389e55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1286.048823]  ffff880389e56000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1286.048823] >ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1286.048823]                             ^
[ 1286.048823]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1286.048823]  ffff880389e56180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1286.048823] ==================================================================
[ 1286.134992] ==================================================================
[ 1286.135942] BUG: KASAN: use-after-free in kfree_skbmem+0x2dc/0x330 at addr ffff880389e561f0
[ 1286.135984] Read of size 4 by task httpd/819
[ 1286.135984] page:ffffea000e279580 count:0 mapcount:0 mapping:          (null) index:0x0
[ 1286.135984] flags: 0x1000000000000000()
[ 1286.135984] page dumped because: kasan: bad access detected
[ 1286.135984] CPU: 2 PID: 819 Comm: httpd Tainted: G    B      O    4.8.15-ab+ #5
[ 1286.135984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1286.135984]  dffffc0000000000 ffff8803aef07318 ffffffff8199f263 ffff8803aef073a8
[ 1286.135984]  ffff880389e561f0 ffff8803aef07398 ffffffff8151c33e 0000000000000010
[ 1286.135984]  dffffc0000000000 ffffed00713cac13 0000000000000296 ffffffff8151c3b3
[ 1286.135984] Call Trace:
[ 1286.135984]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1286.135984]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1286.135984]  [<ffffffff8151c3b3>] ? __asan_report_load1_noabort+0x43/0x50
[ 1286.135984]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1286.135984]  [<ffffffff81f7e33c>] ? kfree_skbmem+0x2dc/0x330
[ 1286.135984]  [<ffffffff81f7e33c>] kfree_skbmem+0x2dc/0x330
[ 1286.135984]  [<ffffffff81f7e3aa>] __kfree_skb+0x1a/0x20
[ 1286.135984]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 1286.135984]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 1286.135984]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 1286.135984]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1286.135984]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1286.135984]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1286.135984]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1286.135984]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1286.135984]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1286.135984]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1286.135984]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1286.135984]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1286.135984]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1286.135984]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1286.135984]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1286.135984]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1286.135984]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1286.135984]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1286.135984]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1286.135984]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1286.135984]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1286.135984]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1286.135984]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1286.135984]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1286.135984]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1286.135984]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1286.135984]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1286.135984]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1286.135984]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1286.135984]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1286.135984]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 1286.135984]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 1286.135984]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1286.135984]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1286.135984]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1286.135984]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1286.135984]  [<ffffffff819e5d95>] ? find_next_bit+0x15/0x20
[ 1286.135984]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1286.135984]  [<ffffffff8127f0a4>] ? enqueue_hrtimer+0x134/0x3a0
[ 1286.135984]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1286.135984]  [<ffffffff8120e4ad>] ? trace_hardirqs_off+0xd/0x10
[ 1286.135984]  [<ffffffff81291bf6>] ? ktime_get+0x96/0x130
[ 1286.135984]  [<ffffffff812a077f>] ? clockevents_program_event+0x1cf/0x300
[ 1286.135984]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1286.135984]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1286.135984]  [<ffffffff81281f9c>] ? hrtimer_interrupt+0x1bc/0x440
[ 1286.135984]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1286.135984]  [<ffffffff822e6ce0>] smp_apic_timer_interrupt+0x80/0xa0
[ 1286.135984]  [<ffffffff822e5ee9>] apic_timer_interrupt+0x89/0x90
[ 1286.135984]  <EOI>  [<ffffffff822e3f84>] ? _raw_spin_unlock_irq+0x34/0x40
[ 1286.135984]  [<ffffffff8118a88a>] finish_task_switch+0x1fa/0x5a0
[ 1286.135984]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 1286.135984]  [<ffffffff822d4c8c>] __schedule+0x90c/0x1b60
[ 1286.135984]  [<ffffffff822d5f7c>] schedule+0x9c/0x1c0
[ 1286.135984]  [<ffffffff822e3432>] schedule_hrtimeout_range_clock+0x222/0x5f0
[ 1286.135984]  [<ffffffff822e3210>] ? hrtimer_nanosleep_restart+0x440/0x440
[ 1286.135984]  [<ffffffff8127e7a0>] ? __hrtimer_init+0x170/0x170
[ 1286.135984]  [<ffffffff822e3425>] ? schedule_hrtimeout_range_clock+0x215/0x5f0
[ 1286.135984]  [<ffffffff822e3813>] schedule_hrtimeout_range+0x13/0x20
[ 1286.135984]  [<ffffffff8158cfb4>] poll_schedule_timeout+0xf4/0x1f0
[ 1286.135984]  [<ffffffff8158cec0>] ? poll_freewait+0x220/0x220
[ 1286.135984]  [<ffffffff8158deb3>] ? do_select+0x433/0x1390
[ 1286.135984]  [<ffffffff8158e896>] do_select+0xe16/0x1390
[ 1286.135984]  [<ffffffff8158db39>] ? do_select+0xb9/0x1390
[ 1286.135984]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1286.135984]  [<ffffffff816204d2>] ? ep_poll_callback+0x1d2/0x6e0
[ 1286.135984]  [<ffffffff822e3fc6>] ? _raw_spin_unlock_irqrestore+0x36/0x50
[ 1286.135984]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1286.135984]  [<ffffffff8158da80>] ? poll_select_set_timeout+0xc0/0xc0
[ 1286.135984]  [<ffffffff810630fb>] ? print_context_stack+0x8b/0x100
[ 1286.135984]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1286.135984]  [<ffffffff8134a3e9>] ? is_ftrace_trampoline+0x99/0xe0
[ 1286.135984]  [<ffffffff81217966>] ? __lock_acquire+0xaa6/0x3a90
[ 1286.135984]  [<ffffffff81062403>] ? dump_trace+0x113/0x2d0
[ 1286.135984]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1286.135984]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1286.135984]  [<ffffffff8158ef80>] ? core_sys_select+0x170/0x690
[ 1286.135984]  [<ffffffff8158f1b6>] core_sys_select+0x3a6/0x690
[ 1286.135984]  [<ffffffff8158ee85>] ? core_sys_select+0x75/0x690
[ 1286.135984]  [<ffffffff8158ee10>] ? do_select+0x1390/0x1390
[ 1286.135984]  [<ffffffff8125b8c7>] ? debug_lockdep_rcu_enabled+0x77/0x90
[ 1286.135984]  [<ffffffff812924dc>] ? ktime_get_ts64+0x8c/0x220
[ 1286.135984]  [<ffffffff81216809>] ? trace_hardirqs_on_caller+0x3f9/0x580
[ 1286.135984]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 1286.135984]  [<ffffffff81292512>] ? ktime_get_ts64+0xc2/0x220
[ 1286.135984]  [<ffffffff8158da47>] ? poll_select_set_timeout+0x87/0xc0
[ 1286.135984]  [<ffffffff8158f5d2>] SyS_select+0x132/0x1a0
[ 1286.135984]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1286.135984]  [<ffffffff81318f9e>] ? __audit_syscall_exit+0x6ae/0x930
[ 1286.135984]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1286.135984]  [<ffffffff8158f4a0>] ? core_sys_select+0x690/0x690
[ 1286.135984]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1286.135984]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1286.135984]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1286.135984] Memory state around the buggy address:
[ 1286.135984]  ffff880389e56080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1286.135984]  ffff880389e56100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1286.135984] >ffff880389e56180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1286.135984]                                                              ^
[ 1286.135984]  ffff880389e56200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1286.135984]  ffff880389e56280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1286.135984] ==================================================================
[ 1828.192739] ==================================================================
[ 1828.193287] BUG: KASAN: use-after-free in tcp_rearm_rto.part.59+0x24a/0x2a0 at addr ffff880380e17c14
[ 1828.193287] Read of size 4 by task nginx/887
[ 1828.193287] page:ffffea000e0385c0 count:2 mapcount:0 mapping:          (null) index:0x0
[ 1828.193287] flags: 0x1000000000000000()
[ 1828.193287] page dumped because: kasan: bad access detected
[ 1828.193287] CPU: 1 PID: 887 Comm: nginx Tainted: G    B      O    4.8.15-ab+ #5
[ 1828.193287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1828.193287]  ffff880380e17c00 ffff8803aee87450 ffffffff8199f263 ffff8803aee874e0
[ 1828.193287]  ffff880380e17c14 ffff8803aee874d0 ffffffff8151c33e ffffffff81216ec0
[ 1828.193287]  0000000000000046 0000000000000000 0000000000000282 ffff880300000000
[ 1828.193287] Call Trace:
[ 1828.193287]  <IRQ>  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 1828.193287]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 1828.193287]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1828.193287]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 1828.193287]  [<ffffffff820fc7aa>] ? tcp_rearm_rto.part.59+0x24a/0x2a0
[ 1828.193287]  [<ffffffff820fc7aa>] tcp_rearm_rto.part.59+0x24a/0x2a0
[ 1828.193287]  [<ffffffff82111649>] tcp_ack+0x22a9/0x2e60
[ 1828.193287]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 1828.223784]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1828.223784]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 1828.223784]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 1828.223784]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 1828.223784]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 1828.223784]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 1828.223784]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 1828.223784]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 1828.223784]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 1828.223784]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 1828.223784]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 1828.223784]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 1828.223784]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 1828.223784]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 1828.223784]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 1828.223784]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 1828.223784]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 1828.223784]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 1828.223784]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1828.223784]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 1828.223784]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 1828.223784]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 1828.223784]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1828.223784]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 1828.223784]  [<ffffffff81f608c8>] ? sk_reset_timer+0x18/0x30
[ 1828.223784]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 1828.223784]  [<ffffffff8212ef9b>] ? tcp_write_xmit+0x6eb/0x4d10
[ 1828.223784]  [<ffffffff82142ad3>] ? tcp_v4_md5_lookup+0x13/0x20
[ 1828.223784]  [<ffffffff82124414>] ? tcp_established_options+0x94/0x3f0
[ 1828.223784]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1828.223784]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 1828.223784]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 1828.223784]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 1828.223784]  [<ffffffffa0969e0a>] ? tfw_wq_pop+0x14a/0x290 [tempesta_fw]
[ 1828.223784]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 1828.223784]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 1828.223784]  [<ffffffff81077288>] ? __kernel_fpu_end_bh+0x98/0x170
[ 1828.223784]  [<ffffffff8112932c>] ? irq_exit+0x15c/0x190
[ 1828.223784]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 1828.223784]  [<ffffffff8112970c>] ? __raise_softirq_irqoff+0x12c/0x220
[ 1828.223784]  [<ffffffff8112932c>] irq_exit+0x15c/0x190
[ 1828.223784]  [<ffffffff810b74c0>] smp_call_function_single_interrupt+0x70/0x90
[ 1828.223784]  [<ffffffff822e6489>] call_function_single_interrupt+0x89/0x90
[ 1828.223784]  <EOI>  [<ffffffff815e9011>] ? generic_file_splice_read+0x61/0x1e0
[ 1828.223784]  [<ffffffff8155065d>] ? rw_verify_area+0xbd/0x2b0
[ 1828.223784]  [<ffffffff815e4fa8>] do_splice_to+0xe8/0x140
[ 1828.223784]  [<ffffffff815e523a>] splice_direct_to_actor+0x23a/0x7c0
[ 1828.223784]  [<ffffffff815e3c80>] ? generic_pipe_buf_nosteal+0x10/0x10
[ 1828.223784]  [<ffffffff815e5000>] ? do_splice_to+0x140/0x140
[ 1828.223784]  [<ffffffff8155065d>] ? rw_verify_area+0xbd/0x2b0
[ 1828.223784]  [<ffffffff815e5913>] do_splice_direct+0x153/0x270
[ 1828.223784]  [<ffffffff815e57c0>] ? splice_direct_to_actor+0x7c0/0x7c0
[ 1828.223784]  [<ffffffff8155065d>] ? rw_verify_area+0xbd/0x2b0
[ 1828.223784]  [<ffffffff81553235>] do_sendfile+0x4c5/0xe40
[ 1828.223784]  [<ffffffff81552d70>] ? do_compat_pwritev64.isra.25+0xc0/0xc0
[ 1828.223784]  [<ffffffff8149cb7b>] ? __might_fault+0xcb/0x1b0
[ 1828.223784]  [<ffffffff8149cba6>] ? __might_fault+0xf6/0x1b0
[ 1828.223784]  [<ffffffff81554eab>] SyS_sendfile64+0xbb/0x130
[ 1828.223784]  [<ffffffff81554df0>] ? SyS_sendfile+0x120/0x120
[ 1828.223784]  [<ffffffff81004c11>] ? syscall_trace_enter+0x351/0x8e0
[ 1828.223784]  [<ffffffff8100481e>] ? syscall_slow_exit_work+0x25e/0x300
[ 1828.223784]  [<ffffffff81554df0>] ? SyS_sendfile+0x120/0x120
[ 1828.223784]  [<ffffffff810062f6>] do_syscall_64+0x196/0x440
[ 1828.223784]  [<ffffffff8100301a>] ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1828.223784]  [<ffffffff822e469a>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1828.223784] Memory state around the buggy address:
[ 1828.223784]  ffff880380e17b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1828.223784]  ffff880380e17b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1828.223784] >ffff880380e17c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1828.223784]                          ^
[ 1828.223784]  ffff880380e17c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1828.223784]  ffff880380e17d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1828.223784] ==================================================================
[ 2825.146723] INFO: NMI handler (perf_event_nmi_handler) took too long to run: 1.544 msecs
[ 2825.146723] perf: interrupt took too long (25954 > 15698), lowering kernel.perf_event_max_sample_rate to 7000
[ 2834.958773] [tempesta] Warning: Unable to find a back end server
[ 2834.961302] [tempesta] Warning: Unable to find a back end server
[ 2872.625407] ==================================================================
[ 2872.626012] BUG: KASAN: use-after-free in tcp_rearm_rto.part.59+0x24a/0x2a0 at addr ffff8803795bb014
[ 2872.626012] Read of size 4 by task ksoftirqd/3/28
[ 2872.626012] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2872.626012] flags: 0x1000000000000000()
[ 2872.626012] page dumped because: kasan: bad access detected
[ 2872.626012] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2872.626012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2872.626012]  ffff8803795bb000 ffff88038ca17208 ffffffff8199f263 ffff88038ca17298
[ 2872.626012]  ffff8803795bb014 ffff88038ca17288 ffffffff8151c33e ffffffff8211b9ba
[ 2872.626012]  ffffffff82150069 ffffffff8215494e 0000000000000296 ffffffff820a4abd
[ 2872.626012] Call Trace:
[ 2872.626012]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2872.626012]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2872.626012]  [<ffffffff8211b9ba>] ? tcp_rcv_established+0x10ca/0x2de0
[ 2872.626012]  [<ffffffff82150069>] ? tcp_v4_do_rcv+0x529/0x8c0
[ 2872.626012]  [<ffffffff8215494e>] ? tcp_v4_rcv+0x213e/0x3420
[ 2872.626012]  [<ffffffff820a4abd>] ? ip_local_deliver+0x24d/0x330
[ 2872.626012]  [<ffffffff820a26d9>] ? ip_rcv_finish+0x599/0x1870
[ 2872.626012]  [<ffffffff820a543b>] ? ip_rcv+0x89b/0x11d0
[ 2872.626012]  [<ffffffff81fbe110>] ? __netif_receive_skb_core+0x1690/0x2bc0
[ 2872.626012]  [<ffffffff81fbf69a>] ? __netif_receive_skb+0x5a/0x190
[ 2872.626012]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 2872.626012]  [<ffffffff820fc7aa>] ? tcp_rearm_rto.part.59+0x24a/0x2a0
[ 2872.626012]  [<ffffffff820fc7aa>] tcp_rearm_rto.part.59+0x24a/0x2a0
[ 2872.626012]  [<ffffffff82111649>] tcp_ack+0x22a9/0x2e60
[ 2872.626012]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.626012]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2872.626012]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.626012]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2872.626012]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2872.626012]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2872.626012]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2872.626012]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2872.626012]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2872.626012]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2872.626012]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2872.626012]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2872.626012]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2872.626012]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2872.626012]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2872.626012]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2872.626012]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2872.626012]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2872.626012]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2872.626012]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2872.626012]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2872.626012]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2872.626012]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2872.626012]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2872.626012]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.626012]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.626012]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2872.626012]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2872.626012]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2872.626012]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2872.626012]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2872.626012]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2872.626012]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2872.626012]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2872.626012]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2872.626012]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2872.626012]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2872.626012]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2872.626012]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2872.626012]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2872.626012]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2872.626012]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2872.626012]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2872.626012]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.626012]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2872.626012]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2872.626012]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.626012]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.626012]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2872.626012]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2872.626012]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2872.626012]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2872.626012] Memory state around the buggy address:
[ 2872.626012]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2872.626012]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2872.626012] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.626012]                          ^
[ 2872.626012]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.626012]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.626012] ==================================================================
[ 2872.692442] ==================================================================
[ 2872.693402] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2bbc/0x2ce0 at addr ffff8803795bb035
[ 2872.693431] Read of size 1 by task ksoftirqd/3/28
[ 2872.693431] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2872.693431] flags: 0x1000000000000000()
[ 2872.696426] page dumped because: kasan: bad access detected
[ 2872.696426] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2872.696426] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2872.696426]  dffffc0000000000 ffff88038ca17110 ffffffff8199f263 ffff88038ca171a0
[ 2872.696426]  ffff8803795bb035 ffff88038ca17190 ffffffff8151c33e ffff8802f6d6b4f8
[ 2872.696426]  ffff8803aee17d00 0000000009400000 0000000000000282 ffffffff822e3d7b
[ 2872.696426] Call Trace:
[ 2872.696426]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2872.696426]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2872.696426]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 2872.696426]  [<ffffffff8127aa0e>] ? mod_timer+0x56e/0xe30
[ 2872.696426]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 2872.696426]  [<ffffffff821001ec>] ? tcp_clean_rtx_queue+0x2bbc/0x2ce0
[ 2872.696426]  [<ffffffff821001ec>] tcp_clean_rtx_queue+0x2bbc/0x2ce0
[ 2872.696426]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2872.696426]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2872.696426]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.696426]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2872.696426]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.696426]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2872.696426]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2872.696426]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2872.696426]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2872.696426]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2872.696426]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2872.696426]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2872.696426]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2872.696426]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2872.696426]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2872.696426]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2872.696426]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2872.696426]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2872.696426]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2872.696426]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2872.696426]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2872.696426]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2872.696426]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2872.696426]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2872.696426]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2872.696426]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2872.696426]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.696426]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.696426]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2872.696426]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2872.696426]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2872.696426]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2872.696426]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2872.696426]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2872.696426]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2872.696426]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2872.696426]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2872.696426]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2872.696426]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2872.696426]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2872.696426]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2872.696426]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2872.696426]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2872.696426]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2872.696426]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2872.696426]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.696426]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2872.696426]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2872.696426]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.696426]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.696426]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2872.696426]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2872.696426]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2872.696426]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2872.696426] Memory state around the buggy address:
[ 2872.696426]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2872.696426]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2872.696426] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.696426]                                      ^
[ 2872.696426]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.696426]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.696426] ==================================================================
[ 2872.759975] ==================================================================
[ 2872.760968] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2a29/0x2ce0 at addr ffff8803795bb037
[ 2872.760968] Read of size 1 by task ksoftirqd/3/28
[ 2872.760968] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2872.763047] flags: 0x1000000000000000()
[ 2872.763047] page dumped because: kasan: bad access detected
[ 2872.763047] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2872.763047] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2872.763047]  dffffc0000000000 ffff88038ca17110 ffffffff8199f263 ffff88038ca171a0
[ 2872.763047]  ffff8803795bb037 ffff88038ca17190 ffffffff8151c33e 0000000000000010
[ 2872.763047]  ffff880300000000 ffffed006f2b7606 0000000000000282 ffffffff822e3d7b
[ 2872.763047] Call Trace:
[ 2872.763047]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2872.763047]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2872.763047]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 2872.763047]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 2872.763047]  [<ffffffff82100059>] ? tcp_clean_rtx_queue+0x2a29/0x2ce0
[ 2872.763047]  [<ffffffff82100059>] tcp_clean_rtx_queue+0x2a29/0x2ce0
[ 2872.763047]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2872.763047]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2872.763047]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.763047]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2872.763047]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.763047]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2872.763047]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2872.763047]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2872.763047]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2872.763047]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2872.763047]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2872.763047]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2872.763047]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2872.763047]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2872.763047]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2872.763047]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2872.763047]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2872.763047]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2872.763047]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2872.763047]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2872.763047]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2872.763047]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2872.763047]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2872.763047]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2872.763047]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2872.763047]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2872.763047]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.763047]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.763047]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2872.763047]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2872.763047]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2872.763047]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2872.763047]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2872.763047]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2872.763047]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2872.763047]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2872.763047]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2872.763047]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2872.763047]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2872.763047]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2872.763047]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2872.763047]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2872.763047]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2872.763047]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2872.763047]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2872.763047]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.763047]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2872.763047]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2872.763047]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.763047]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.763047]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2872.763047]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2872.763047]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2872.763047]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2872.763047] Memory state around the buggy address:
[ 2872.763047]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2872.763047]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2872.763047] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.763047]                                      ^
[ 2872.763047]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.763047]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.763047] ==================================================================
[ 2872.820134] ==================================================================
[ 2872.821127] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2a60/0x2ce0 at addr ffff8803795bb02c
[ 2872.821127] Read of size 4 by task ksoftirqd/3/28
[ 2872.821127] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2872.821127] flags: 0x1000000000000000()
[ 2872.821127] page dumped because: kasan: bad access detected
[ 2872.821127] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2872.821127] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2872.821127]  dffffc0000000000 ffff88038ca17110 ffffffff8199f263 ffff88038ca171a0
[ 2872.821127]  ffff8803795bb02c ffff88038ca17190 ffffffff8151c33e 0000000000000010
[ 2872.821127]  ffff880300000000 ffffed006f2b7606 0000000000000282 ffffffff822e3d7b
[ 2872.821127] Call Trace:
[ 2872.821127]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2872.821127]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2872.821127]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 2872.821127]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 2872.821127]  [<ffffffff82100090>] ? tcp_clean_rtx_queue+0x2a60/0x2ce0
[ 2872.821127]  [<ffffffff82100090>] tcp_clean_rtx_queue+0x2a60/0x2ce0
[ 2872.821127]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2872.821127]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2872.821127]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.821127]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2872.821127]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.821127]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2872.821127]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2872.821127]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2872.821127]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2872.821127]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2872.821127]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2872.821127]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2872.821127]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2872.821127]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2872.821127]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2872.821127]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2872.821127]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2872.821127]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2872.821127]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2872.821127]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2872.821127]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2872.821127]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2872.821127]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2872.821127]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2872.821127]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2872.821127]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2872.821127]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.821127]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.821127]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2872.821127]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2872.821127]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2872.821127]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2872.821127]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2872.821127]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2872.821127]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2872.821127]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2872.821127]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2872.821127]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2872.821127]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2872.821127]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2872.821127]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2872.821127]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2872.821127]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2872.821127]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2872.821127]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2872.821127]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.821127]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2872.821127]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2872.821127]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.821127]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.821127]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2872.821127]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2872.821127]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2872.821127]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2872.821127] Memory state around the buggy address:
[ 2872.821127]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2872.821127]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2872.821127] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.821127]                                   ^
[ 2872.821127]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.821127]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.821127] ==================================================================
[ 2872.886756] ==================================================================
[ 2872.887749] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2c13/0x2ce0 at addr ffff8803795bb000
[ 2872.887749] Read of size 8 by task ksoftirqd/3/28
[ 2872.887749] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2872.887749] flags: 0x1000000000000000()
[ 2872.887749] page dumped because: kasan: bad access detected
[ 2872.887749] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2872.887749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2872.887749]  dffffc0000000000 ffff88038ca17110 ffffffff8199f263 ffff88038ca171a0
[ 2872.887749]  ffff8803795bb000 ffff88038ca17190 ffffffff8151c33e 0000000000000010
[ 2872.887749]  ffff880300000000 ffffed006f2b7605 0000000000000282 ffffffff822e3d7b
[ 2872.887749] Call Trace:
[ 2872.887749]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2872.887749]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2872.887749]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 2872.887749]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 2872.887749]  [<ffffffff82100243>] ? tcp_clean_rtx_queue+0x2c13/0x2ce0
[ 2872.887749]  [<ffffffff82100243>] tcp_clean_rtx_queue+0x2c13/0x2ce0
[ 2872.887749]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2872.887749]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2872.887749]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.887749]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2872.887749]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.887749]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2872.887749]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2872.887749]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2872.887749]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2872.887749]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2872.887749]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2872.887749]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2872.887749]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2872.887749]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2872.887749]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2872.887749]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2872.887749]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2872.887749]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2872.887749]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2872.887749]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2872.887749]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2872.887749]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2872.887749]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2872.887749]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2872.887749]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2872.887749]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2872.887749]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.887749]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.887749]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2872.887749]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2872.887749]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2872.887749]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2872.887749]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2872.887749]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2872.887749]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2872.887749]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2872.887749]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2872.887749]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2872.887749]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2872.887749]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2872.887749]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2872.887749]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2872.887749]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2872.887749]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2872.887749]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2872.887749]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.887749]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2872.887749]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2872.887749]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.887749]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.887749]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2872.887749]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2872.887749]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2872.887749]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2872.887749] Memory state around the buggy address:
[ 2872.887749]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2872.887749]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2872.887749] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.887749]                    ^
[ 2872.887749]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.887749]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.887749] ==================================================================
[ 2872.946259] ==================================================================
[ 2872.947215] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x1bf1/0x2ce0 at addr ffff8803795bb030
[ 2872.947252] Read of size 2 by task ksoftirqd/3/28
[ 2872.947252] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2872.947252] flags: 0x1000000000000000()
[ 2872.947252] page dumped because: kasan: bad access detected
[ 2872.947252] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2872.947252] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2872.947252]  dffffc0000000000 ffff88038ca17110 ffffffff8199f263 ffff88038ca171a0
[ 2872.947252]  ffff8803795bb030 ffff88038ca17190 ffffffff8151c33e 0000000000000010
[ 2872.947252]  ffff880300000000 ffffed006f2b7600 0000000000000282 ffffffff822e3d7b
[ 2872.947252] Call Trace:
[ 2872.947252]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2872.947252]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2872.947252]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 2872.947252]  [<ffffffff8151c403>] __asan_report_load2_noabort+0x43/0x50
[ 2872.947252]  [<ffffffff820ff221>] ? tcp_clean_rtx_queue+0x1bf1/0x2ce0
[ 2872.947252]  [<ffffffff820ff221>] tcp_clean_rtx_queue+0x1bf1/0x2ce0
[ 2872.947252]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2872.947252]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2872.947252]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.947252]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2872.947252]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.947252]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2872.947252]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2872.947252]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2872.947252]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2872.947252]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2872.947252]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2872.947252]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2872.947252]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2872.947252]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2872.947252]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2872.947252]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2872.947252]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2872.947252]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2872.947252]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2872.947252]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2872.947252]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2872.947252]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2872.947252]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2872.947252]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2872.947252]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2872.947252]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2872.947252]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.947252]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2872.947252]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2872.947252]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2872.947252]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2872.947252]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2872.947252]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2872.947252]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2872.947252]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2872.947252]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2872.947252]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2872.947252]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2872.947252]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2872.947252]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2872.947252]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2872.947252]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2872.947252]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2872.947252]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2872.947252]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2872.947252]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.947252]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2872.947252]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2872.947252]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.947252]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2872.947252]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2872.947252]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2872.947252]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2872.947252]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2872.947252] Memory state around the buggy address:
[ 2872.947252]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2872.947252]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2872.947252] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.947252]                                      ^
[ 2872.947252]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.947252]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2872.947252] ==================================================================
[ 2873.012062] ==================================================================
[ 2873.013011] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x1ebd/0x2ce0 at addr ffff8803795bb035
[ 2873.013055] Read of size 1 by task ksoftirqd/3/28
[ 2873.013055] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.013055] flags: 0x1000000000000000()
[ 2873.013055] page dumped because: kasan: bad access detected
[ 2873.013055] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.013055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.013055]  dffffc0000000000 ffff88038ca17110 ffffffff8199f263 ffff88038ca171a0
[ 2873.013055]  ffff8803795bb035 ffff88038ca17190 ffffffff8151c33e 0000000000000010
[ 2873.013055]  ffff880300000000 ffffed006f2b7606 0000000000000282 ffffffff822e3d7b
[ 2873.013055] Call Trace:
[ 2873.013055]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.013055]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.013055]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 2873.013055]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 2873.013055]  [<ffffffff820ff4ed>] ? tcp_clean_rtx_queue+0x1ebd/0x2ce0
[ 2873.013055]  [<ffffffff820ff4ed>] tcp_clean_rtx_queue+0x1ebd/0x2ce0
[ 2873.013055]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.013055]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.013055]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.013055]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.013055]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.013055]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.013055]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.013055]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.013055]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.013055]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.013055]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.013055]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.013055]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.013055]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.013055]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.013055]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.013055]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.013055]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.013055]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.013055]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.013055]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.013055]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.013055]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.013055]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.013055]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.013055]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.013055]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.013055]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.013055]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.013055]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.013055]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.013055]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.013055]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.013055]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.013055]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.013055]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.013055]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.013055]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.013055]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.013055]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.013055]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.013055]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.013055]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.013055]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.013055]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.013055]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.013055]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.013055]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.013055]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.013055]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.013055]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.013055]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.013055]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.013055]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.013055] Memory state around the buggy address:
[ 2873.013055]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.013055]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.013055] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.013055]                                      ^
[ 2873.013055]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.013055]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.013055] ==================================================================
[ 2873.078071] ==================================================================
[ 2873.079063] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2803/0x2ce0 at addr ffff8803795bb014
[ 2873.079063] Read of size 4 by task ksoftirqd/3/28
[ 2873.079063] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.079063] flags: 0x1000000000000000()
[ 2873.079063] page dumped because: kasan: bad access detected
[ 2873.079063] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.079063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.079063]  dffffc0000000000 ffff88038ca17110 ffffffff8199f263 ffff88038ca171a0
[ 2873.079063]  ffff8803795bb014 ffff88038ca17190 ffffffff8151c33e 0000000000000010
[ 2873.079063]  ffff880300000000 ffffed006f2b7606 0000000000000282 ffffffff822e3d7b
[ 2873.079063] Call Trace:
[ 2873.079063]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.079063]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.079063]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 2873.079063]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 2873.079063]  [<ffffffff820ffe33>] ? tcp_clean_rtx_queue+0x2803/0x2ce0
[ 2873.079063]  [<ffffffff820ffe33>] tcp_clean_rtx_queue+0x2803/0x2ce0
[ 2873.079063]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.079063]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.079063]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.079063]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.079063]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.079063]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.079063]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.079063]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.079063]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.079063]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.079063]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.079063]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.079063]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.079063]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.079063]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.079063]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.079063]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.079063]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.079063]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.079063]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.079063]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.079063]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.079063]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.079063]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.079063]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.079063]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.079063]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.079063]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.079063]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.079063]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.079063]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.079063]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.079063]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.079063]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.079063]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.079063]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.079063]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.079063]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.079063]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.079063]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.079063]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.079063]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.079063]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.079063]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.079063]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.079063]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.079063]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.079063]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.079063]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.079063]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.079063]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.079063]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.079063]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.079063]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.079063] Memory state around the buggy address:
[ 2873.079063]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.079063]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.079063] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.079063]                          ^
[ 2873.079063]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.079063]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.079063] ==================================================================
[ 2873.137511] ==================================================================
[ 2873.138505] BUG: KASAN: use-after-free in tcp_rack_advance+0x2c3/0x3a0 at addr ffff8803795bb014
[ 2873.138505] Read of size 4 by task ksoftirqd/3/28
[ 2873.138505] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.138505] flags: 0x1000000000000000()
[ 2873.138505] page dumped because: kasan: bad access detected
[ 2873.138505] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.138505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.138505]  ffff8802f6d6b748 ffff88038ca170d0 ffffffff8199f263 ffff88038ca17160
[ 2873.138505]  ffff8803795bb014 ffff88038ca17150 ffffffff8151c33e 0000000000000282
[ 2873.138505]  ffff88038ca17138 ffffed006f2b7630 0000000000000286 ffffffff8151be77
[ 2873.138505] Call Trace:
[ 2873.138505]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.138505]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.138505]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 2873.138505]  [<ffffffff8151c2bd>] ? kasan_report_error+0x42d/0x4e0
[ 2873.138505]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 2873.138505]  [<ffffffff821688f3>] ? tcp_rack_advance+0x2c3/0x3a0
[ 2873.138505]  [<ffffffff821688f3>] tcp_rack_advance+0x2c3/0x3a0
[ 2873.138505]  [<ffffffff820fe76e>] tcp_clean_rtx_queue+0x113e/0x2ce0
[ 2873.138505]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.138505]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.138505]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.138505]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.138505]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.138505]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.138505]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.138505]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.138505]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.138505]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.138505]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.138505]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.138505]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.138505]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.138505]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.138505]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.138505]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.138505]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.138505]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.138505]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.138505]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.138505]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.138505]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.138505]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.138505]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.138505]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.138505]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.138505]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.138505]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.138505]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.138505]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.138505]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.138505]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.138505]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.138505]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.138505]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.138505]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.138505]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.138505]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.138505]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.138505]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.138505]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.138505]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.138505]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.138505]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.138505]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.138505]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.138505]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.138505]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.138505]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.138505]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.138505]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.138505]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.138505]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.138505] Memory state around the buggy address:
[ 2873.138505]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.138505]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.138505] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.138505]                          ^
[ 2873.138505]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.138505]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.138505] ==================================================================
[ 2873.204639] ==================================================================
[ 2873.205627] BUG: KASAN: use-after-free in tcp_rack_advance+0x311/0x3a0 at addr ffff8803795bb010
[ 2873.205627] Read of size 4 by task ksoftirqd/3/28
[ 2873.207015] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.207015] flags: 0x1000000000000000()
[ 2873.207015] page dumped because: kasan: bad access detected
[ 2873.207015] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.207015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.207015]  ffff8802f6d6b748 ffff88038ca170d0 ffffffff8199f263 ffff88038ca17160
[ 2873.207015]  ffff8803795bb010 ffff88038ca17150 ffffffff8151c33e ffffed0075df43b8
[ 2873.207015]  ffff88038ca17138 ffffffff811af0c3 0000000000000286 ffffffff8151be77
[ 2873.207015] Call Trace:
[ 2873.207015]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.207015]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.207015]  [<ffffffff811af0c3>] ? sched_clock_local+0x43/0x120
[ 2873.207015]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 2873.207015]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 2873.207015]  [<ffffffff82168941>] ? tcp_rack_advance+0x311/0x3a0
[ 2873.207015]  [<ffffffff82168941>] tcp_rack_advance+0x311/0x3a0
[ 2873.207015]  [<ffffffff820fe76e>] tcp_clean_rtx_queue+0x113e/0x2ce0
[ 2873.207015]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.207015]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.207015]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.207015]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.207015]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.207015]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.207015]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.207015]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.207015]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.207015]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.207015]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.207015]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.207015]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.207015]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.207015]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.207015]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.207015]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.207015]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.207015]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.207015]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.207015]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.207015]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.207015]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.207015]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.207015]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.207015]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.207015]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.207015]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.207015]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.207015]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.207015]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.207015]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.207015]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.207015]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.207015]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.207015]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.207015]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.207015]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.207015]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.207015]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.207015]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.207015]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.207015]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.207015]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.207015]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.207015]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.207015]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.207015]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.207015]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.207015]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.207015]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.207015]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.207015]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.207015]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.207015] Memory state around the buggy address:
[ 2873.207015]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.207015]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.207015] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.207015]                          ^
[ 2873.207015]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.207015]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.207015] ==================================================================
[ 2873.265280] ==================================================================
[ 2873.266269] BUG: KASAN: use-after-free in tcp_rack_advance+0x326/0x3a0 at addr ffff8803795bb014
[ 2873.267012] Read of size 4 by task ksoftirqd/3/28
[ 2873.267012] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.267012] flags: 0x1000000000000000()
[ 2873.267012] page dumped because: kasan: bad access detected
[ 2873.267012] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.267012] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.267012]  ffff8802f6d6b748 ffff88038ca170d0 ffffffff8199f263 ffff88038ca17160
[ 2873.267012]  ffff8803795bb014 ffff88038ca17150 ffffffff8151c33e 0000000000000010
[ 2873.267012]  ffff880300000000 ffffed006f2b7602 0000000000000286 ffffffff8151be77
[ 2873.267012] Call Trace:
[ 2873.267012]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.267012]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.267012]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 2873.267012]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 2873.267012]  [<ffffffff82168956>] ? tcp_rack_advance+0x326/0x3a0
[ 2873.267012]  [<ffffffff82168956>] tcp_rack_advance+0x326/0x3a0
[ 2873.267012]  [<ffffffff820fe76e>] tcp_clean_rtx_queue+0x113e/0x2ce0
[ 2873.267012]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.267012]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.267012]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.267012]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.267012]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.267012]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.267012]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.267012]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.267012]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.267012]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.267012]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.267012]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.267012]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.267012]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.267012]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.267012]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.267012]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.267012]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.267012]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.267012]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.267012]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.267012]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.267012]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.267012]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.267012]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.267012]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.267012]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.267012]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.267012]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.267012]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.267012]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.267012]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.267012]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.267012]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.267012]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.267012]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.267012]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.267012]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.267012]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.267012]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.267012]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.267012]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.267012]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.267012]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.267012]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.267012]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.267012]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.267012]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.267012]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.267012]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.267012]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.267012]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.267012]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.267012]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.267012] Memory state around the buggy address:
[ 2873.267012]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.267012]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.267012] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.267012]                          ^
[ 2873.267012]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.267012]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.267012] ==================================================================
[ 2873.331289] ==================================================================
[ 2873.332283] BUG: KASAN: use-after-free in tcp_rack_advance+0x356/0x3a0 at addr ffff8803795bb010
[ 2873.332283] Read of size 8 by task ksoftirqd/3/28
[ 2873.332283] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.332283] flags: 0x1000000000000000()
[ 2873.332283] page dumped because: kasan: bad access detected
[ 2873.332283] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.332283] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.332283]  ffff8802f6d6b748 ffff88038ca170d0 ffffffff8199f263 ffff88038ca17160
[ 2873.332283]  ffff8803795bb010 ffff88038ca17150 ffffffff8151c33e 0000000000000010
[ 2873.332283]  ffff880300000000 ffffed006f2b7602 0000000000000286 ffffffff8151be77
[ 2873.332283] Call Trace:
[ 2873.332283]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.332283]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.332283]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 2873.332283]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 2873.332283]  [<ffffffff82168986>] ? tcp_rack_advance+0x356/0x3a0
[ 2873.332283]  [<ffffffff82168986>] tcp_rack_advance+0x356/0x3a0
[ 2873.332283]  [<ffffffff820fe76e>] tcp_clean_rtx_queue+0x113e/0x2ce0
[ 2873.332283]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.332283]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.332283]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.332283]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.332283]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.332283]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.332283]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.332283]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.332283]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.332283]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.332283]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.332283]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.332283]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.332283]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.332283]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.332283]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.332283]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.332283]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.332283]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.332283]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.332283]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.332283]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.332283]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.332283]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.332283]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.332283]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.332283]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.332283]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.332283]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.332283]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.332283]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.332283]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.332283]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.332283]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.332283]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.332283]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.332283]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.332283]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.332283]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.332283]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.332283]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.332283]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.332283]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.332283]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.332283]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.332283]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.332283]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.332283]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.332283]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.332283]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.332283]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.332283]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.332283]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.332283]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.332283] Memory state around the buggy address:
[ 2873.332283]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.332283]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.332283] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.332283]                          ^
[ 2873.332283]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.332283]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.332283] ==================================================================
[ 2873.391354] ==================================================================
[ 2873.392299] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2afc/0x2ce0 at addr ffff8803795bb034
[ 2873.392348] Read of size 1 by task ksoftirqd/3/28
[ 2873.392348] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.392348] flags: 0x1000000000000000()
[ 2873.392348] page dumped because: kasan: bad access detected
[ 2873.392348] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.392348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.392348]  dffffc0000000000 ffff88038ca17110 ffffffff8199f263 ffff88038ca171a0
[ 2873.392348]  ffff8803795bb034 ffff88038ca17190 ffffffff8151c33e 00203a3030316262
[ 2873.392348]  ffff8802f6d6af40 0000000100274395 0000000000000282 00000000ab419f9e
[ 2873.392348] Call Trace:
[ 2873.392348]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.392348]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.392348]  [<ffffffff8151c4a3>] ? __asan_report_load8_noabort+0x43/0x50
[ 2873.392348]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 2873.392348]  [<ffffffff8210012c>] ? tcp_clean_rtx_queue+0x2afc/0x2ce0
[ 2873.392348]  [<ffffffff8210012c>] tcp_clean_rtx_queue+0x2afc/0x2ce0
[ 2873.392348]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.392348]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.392348]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.392348]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.392348]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.392348]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.392348]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.392348]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.392348]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.392348]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.392348]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.392348]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.392348]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.392348]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.392348]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.392348]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.392348]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.392348]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.392348]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.392348]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.392348]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.392348]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.392348]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.392348]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.392348]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.392348]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.392348]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.392348]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.392348]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.392348]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.392348]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.392348]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.392348]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.392348]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.392348]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.392348]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.392348]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.392348]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.392348]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.392348]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.392348]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.392348]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.392348]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.392348]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.392348]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.392348]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.392348]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.392348]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.392348]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.392348]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.392348]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.392348]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.392348]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.392348]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.392348] Memory state around the buggy address:
[ 2873.392348]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.392348]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.392348] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.392348]                                      ^
[ 2873.392348]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.392348]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.392348] ==================================================================
[ 2873.456231] ==================================================================
[ 2873.457190] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2c97/0x2ce0 at addr ffff8803795bb000
[ 2873.457225] Read of size 8 by task ksoftirqd/3/28
[ 2873.457225] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.457225] flags: 0x1000000000000000()
[ 2873.457225] page dumped because: kasan: bad access detected
[ 2873.457225] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.457225] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.457225]  dffffc0000000000 ffff88038ca17110 ffffffff8199f263 ffff88038ca171a0
[ 2873.457225]  ffff8803795bb000 ffff88038ca17190 ffffffff8151c33e 0000000000000010
[ 2873.457225]  ffff880200000000 ffffed006f2b7606 0000000000000282 ffffffffab419f9e
[ 2873.457225] Call Trace:
[ 2873.457225]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.457225]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.457225]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 2873.457225]  [<ffffffff821002c7>] ? tcp_clean_rtx_queue+0x2c97/0x2ce0
[ 2873.457225]  [<ffffffff821002c7>] tcp_clean_rtx_queue+0x2c97/0x2ce0
[ 2873.457225]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.457225]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.457225]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.457225]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.457225]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.457225]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.457225]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.457225]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.457225]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.457225]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.457225]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.457225]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.457225]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.457225]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.457225]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.457225]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.457225]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.457225]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.457225]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.457225]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.457225]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.457225]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.457225]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.457225]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.457225]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.457225]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.457225]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.457225]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.457225]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.457225]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.457225]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.457225]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.457225]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.457225]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.457225]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.457225]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.457225]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.457225]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.457225]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.457225]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.457225]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.457225]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.457225]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.457225]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.457225]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.457225]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.457225]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.457225]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.457225]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.457225]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.457225]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.457225]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.457225]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.457225]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.457225] Memory state around the buggy address:
[ 2873.457225]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.457225]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.457225] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.457225]                    ^
[ 2873.457225]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.457225]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.457225] ==================================================================
[ 2873.514810] ==================================================================
[ 2873.515772] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x2b73/0x2ce0 at addr ffff8803795bb008
[ 2873.515802] Read of size 8 by task ksoftirqd/3/28
[ 2873.515802] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.515802] flags: 0x1000000000000000()
[ 2873.515802] page dumped because: kasan: bad access detected
[ 2873.515802] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.515802] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.515802]  dffffc0000000000 ffff88038ca17110 ffffffff8199f263 ffff88038ca171a0
[ 2873.515802]  ffff8803795bb008 ffff88038ca17190 ffffffff8151c33e 0000000000000010
[ 2873.515802]  ffff880200000000 ffffed006f2b7600 0000000000000282 ffffffffab419f9e
[ 2873.515802] Call Trace:
[ 2873.515802]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.515802]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.515802]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 2873.515802]  [<ffffffff821001a3>] ? tcp_clean_rtx_queue+0x2b73/0x2ce0
[ 2873.515802]  [<ffffffff821001a3>] tcp_clean_rtx_queue+0x2b73/0x2ce0
[ 2873.515802]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.515802]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.515802]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.515802]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.515802]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.515802]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.515802]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.515802]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.515802]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.515802]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.515802]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.515802]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.515802]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.515802]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.515802]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.515802]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.515802]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.515802]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.515802]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.515802]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.515802]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.515802]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.515802]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.515802]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.515802]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.515802]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.515802]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.515802]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.515802]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.515802]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.515802]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.515802]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.515802]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.515802]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.515802]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.515802]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.515802]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.515802]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.515802]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.515802]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.515802]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.515802]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.515802]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.515802]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.515802]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.515802]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.515802]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.515802]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.515802]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.515802]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.515802]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.515802]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.515802]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.515802]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.515802] Memory state around the buggy address:
[ 2873.515802]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.515802]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.515802] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.515802]                       ^
[ 2873.515802]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.515802]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.515802] ==================================================================
[ 2873.580207] ==================================================================
[ 2873.581153] BUG: KASAN: use-after-free in tcp_clean_rtx_queue+0x1ba5/0x2ce0 at addr ffff8803795bb0f0
[ 2873.581200] Read of size 4 by task ksoftirqd/3/28
[ 2873.581200] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.581200] flags: 0x1000000000000000()
[ 2873.581200] page dumped because: kasan: bad access detected
[ 2873.581200] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.581200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.581200]  dffffc0000000000 ffff88038ca17110 ffffffff8199f263 ffff88038ca171a0
[ 2873.581200]  ffff8803795bb0f0 ffff88038ca17190 ffffffff8151c33e 0000000000000010
[ 2873.581200]  ffff880200000000 ffffed006f2b7601 0000000000000282 ffffffffab419f9e
[ 2873.581200] Call Trace:
[ 2873.581200]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.581200]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.581200]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 2873.581200]  [<ffffffff820ff1d5>] ? tcp_clean_rtx_queue+0x1ba5/0x2ce0
[ 2873.581200]  [<ffffffff820ff1d5>] tcp_clean_rtx_queue+0x1ba5/0x2ce0
[ 2873.581200]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.581200]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.581200]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.581200]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.581200]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.581200]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.581200]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.581200]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.581200]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.581200]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.581200]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.581200]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.581200]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.581200]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.581200]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.581200]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.581200]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.581200]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.581200]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.581200]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.581200]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.581200]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.581200]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.581200]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.581200]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.581200]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.581200]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.581200]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.581200]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.581200]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.581200]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.581200]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.581200]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.581200]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.581200]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.581200]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.581200]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.581200]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.581200]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.581200]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.581200]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.581200]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.581200]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.581200]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.581200]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.581200]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.581200]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.581200]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.581200]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.581200]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.581200]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.581200]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.581200]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.581200]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.581200] Memory state around the buggy address:
[ 2873.581200]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.581200]  ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.581200] >ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.581200]                                                              ^
[ 2873.581200]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.581200]  ffff8803795bb180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.581200] ==================================================================
[ 2873.639254] ==================================================================
[ 2873.640248] BUG: KASAN: use-after-free in skb_release_head_state+0x1bc/0x1f0 at addr ffff8803795bb068
[ 2873.640248] Read of size 8 by task ksoftirqd/3/28
[ 2873.640248] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.640248] flags: 0x1000000000000000()
[ 2873.640248] page dumped because: kasan: bad access detected
[ 2873.640248] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.640248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.640248]  dffffc0000000000 ffff88038ca170c0 ffffffff8199f263 ffff88038ca17150
[ 2873.640248]  ffff8803795bb068 ffff88038ca17140 ffffffff8151c33e ffff88038ca170e8
[ 2873.640248]  0000000000000018 0000000000000282 0000000000000286 ffffed006f2b7640
[ 2873.640248] Call Trace:
[ 2873.640248]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.640248]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.640248]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 2873.640248]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 2873.640248]  [<ffffffff81f6dddc>] ? skb_release_head_state+0x1bc/0x1f0
[ 2873.640248]  [<ffffffff81f6dddc>] skb_release_head_state+0x1bc/0x1f0
[ 2873.640248]  [<ffffffff81f7ea62>] skb_release_all+0x12/0x50
[ 2873.640248]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 2873.640248]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2873.640248]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.640248]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.640248]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.640248]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.640248]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.640248]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.640248]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.640248]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.640248]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.640248]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.640248]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.640248]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.640248]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.640248]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.640248]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.640248]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.640248]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.640248]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.640248]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.640248]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.640248]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.640248]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.640248]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.640248]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.640248]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.640248]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.640248]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.640248]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.640248]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.640248]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.640248]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.640248]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.640248]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.640248]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.640248]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.640248]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.640248]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.640248]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.640248]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.640248]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.640248]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.640248]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.640248]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.640248]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.640248]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.640248]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.640248]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.640248]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.640248]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.640248]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.640248]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.640248]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.640248]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.640248]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.640248] Memory state around the buggy address:
[ 2873.640248]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.640248]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.640248] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.640248]                                                           ^
[ 2873.640248]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.640248]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.640248] ==================================================================
[ 2873.707447] ==================================================================
[ 2873.708394] BUG: KASAN: use-after-free in skb_release_head_state+0x1c6/0x1f0 at addr ffff8803795bb078
[ 2873.708441] Read of size 8 by task ksoftirqd/3/28
[ 2873.708441] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.708441] flags: 0x1000000000000000()
[ 2873.708441] page dumped because: kasan: bad access detected
[ 2873.708441] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.708441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.708441]  dffffc0000000000 ffff88038ca170c0 ffffffff8199f263 ffff88038ca17150
[ 2873.708441]  ffff8803795bb078 ffff88038ca17140 ffffffff8151c33e 0000000000000010
[ 2873.708441]  0000000000000000 ffffed006f2b760d 0000000000000286 ffffffff6f2b7640
[ 2873.708441] Call Trace:
[ 2873.708441]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.708441]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.708441]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 2873.708441]  [<ffffffff81f6dde6>] ? skb_release_head_state+0x1c6/0x1f0
[ 2873.708441]  [<ffffffff81f6dde6>] skb_release_head_state+0x1c6/0x1f0
[ 2873.708441]  [<ffffffff81f7ea62>] skb_release_all+0x12/0x50
[ 2873.708441]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 2873.708441]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2873.708441]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.708441]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.708441]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.708441]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.708441]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.708441]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.708441]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.708441]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.708441]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.708441]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.708441]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.708441]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.708441]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.708441]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.708441]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.708441]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.708441]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.708441]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.708441]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.708441]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.708441]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.708441]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.708441]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.708441]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.708441]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.708441]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.708441]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.708441]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.708441]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.708441]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.708441]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.708441]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.708441]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.708441]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.708441]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.708441]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.708441]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.708441]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.708441]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.708441]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.708441]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.708441]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.708441]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.708441]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.708441]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.708441]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.708441]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.708441]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.708441]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.708441]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.708441]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.708441]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.708441]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.708441]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.708441] Memory state around the buggy address:
[ 2873.708441]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.708441]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.708441] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.708441]                                                                 ^
[ 2873.708441]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.708441]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.708441] ==================================================================
[ 2873.776175] ==================================================================
[ 2873.777128] BUG: KASAN: use-after-free in skb_release_head_state+0x1af/0x1f0 at addr ffff8803795bb070
[ 2873.777168] Read of size 8 by task ksoftirqd/3/28
[ 2873.777168] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.777168] flags: 0x1000000000000000()
[ 2873.777168] page dumped because: kasan: bad access detected
[ 2873.777168] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.777168] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.777168]  dffffc0000000000 ffff88038ca170c0 ffffffff8199f263 ffff88038ca17150
[ 2873.777168]  ffff8803795bb070 ffff88038ca17140 ffffffff8151c33e 0000000000000010
[ 2873.777168]  0000000000000000 ffffed006f2b760f 0000000000000286 ffffffff6f2b7640
[ 2873.777168] Call Trace:
[ 2873.777168]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.777168]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.777168]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 2873.777168]  [<ffffffff81f6ddcf>] ? skb_release_head_state+0x1af/0x1f0
[ 2873.777168]  [<ffffffff81f6ddcf>] skb_release_head_state+0x1af/0x1f0
[ 2873.777168]  [<ffffffff81f7ea62>] skb_release_all+0x12/0x50
[ 2873.777168]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 2873.777168]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2873.777168]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.777168]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.777168]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.777168]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.777168]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.777168]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.777168]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.777168]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.777168]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.777168]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.777168]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.777168]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.777168]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.777168]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.777168]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.777168]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.777168]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.777168]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.777168]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.777168]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.777168]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.777168]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.777168]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.777168]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.777168]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.777168]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.777168]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.777168]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.777168]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.777168]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.777168]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.777168]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.777168]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.777168]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.777168]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.777168]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.777168]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.777168]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.777168]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.777168]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.777168]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.777168]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.777168]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.777168]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.777168]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.777168]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.777168]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.777168]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.777168]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.777168]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.777168]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.777168]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.777168]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.777168]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.777168] Memory state around the buggy address:
[ 2873.777168]  ffff8803795baf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.777168]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.777168] >ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.777168]                                                              ^
[ 2873.777168]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.777168]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.777168] ==================================================================
[ 2873.837106] ==================================================================
[ 2873.838053] BUG: KASAN: use-after-free in skb_release_head_state+0x1da/0x1f0 at addr ffff8803795bb080
[ 2873.838100] Read of size 8 by task ksoftirqd/3/28
[ 2873.838100] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.838100] flags: 0x1000000000000000()
[ 2873.838100] page dumped because: kasan: bad access detected
[ 2873.838100] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.838100] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.838100]  dffffc0000000000 ffff88038ca170c0 ffffffff8199f263 ffff88038ca17150
[ 2873.838100]  ffff8803795bb080 ffff88038ca17140 ffffffff8151c33e 0000000000000010
[ 2873.838100]  0000000000000000 ffffed006f2b760e 0000000000000286 ffffffff6f2b7640
[ 2873.838100] Call Trace:
[ 2873.838100]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.838100]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.838100]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 2873.838100]  [<ffffffff81f6ddfa>] ? skb_release_head_state+0x1da/0x1f0
[ 2873.838100]  [<ffffffff81f6ddfa>] skb_release_head_state+0x1da/0x1f0
[ 2873.838100]  [<ffffffff81f7ea62>] skb_release_all+0x12/0x50
[ 2873.838100]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 2873.838100]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2873.838100]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.838100]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.838100]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.838100]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.838100]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.838100]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.838100]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.838100]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.838100]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.838100]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.838100]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.838100]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.838100]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.838100]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.838100]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.838100]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.838100]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.838100]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.838100]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.838100]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.838100]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.838100]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.838100]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.838100]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.838100]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.838100]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.838100]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.838100]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.838100]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.838100]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.838100]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.838100]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.838100]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.838100]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.838100]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.838100]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.838100]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.838100]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.838100]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.838100]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.838100]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.838100]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.838100]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.838100]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.838100]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.838100]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.838100]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.838100]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.838100]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.838100]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.838100]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.838100]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.838100]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.838100]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.838100] Memory state around the buggy address:
[ 2873.838100]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.838100]  ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.838100] >ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.838100]                    ^
[ 2873.838100]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.838100]  ffff8803795bb180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.838100] ==================================================================
[ 2873.904281] ==================================================================
[ 2873.905227] BUG: KASAN: use-after-free in skb_release_head_state+0x1d0/0x1f0 at addr ffff8803795bb088
[ 2873.905275] Read of size 8 by task ksoftirqd/3/28
[ 2873.905275] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.905275] flags: 0x1000000000000000()
[ 2873.905275] page dumped because: kasan: bad access detected
[ 2873.905275] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.905275] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.905275]  dffffc0000000000 ffff88038ca170c0 ffffffff8199f263 ffff88038ca17150
[ 2873.905275]  ffff8803795bb088 ffff88038ca17140 ffffffff8151c33e 0000000000000010
[ 2873.905275]  0000000000000000 ffffed006f2b7610 0000000000000286 ffffffff6f2b7640
[ 2873.905275] Call Trace:
[ 2873.905275]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.905275]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.905275]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 2873.905275]  [<ffffffff81f6ddf0>] ? skb_release_head_state+0x1d0/0x1f0
[ 2873.905275]  [<ffffffff81f6ddf0>] skb_release_head_state+0x1d0/0x1f0
[ 2873.905275]  [<ffffffff81f7ea62>] skb_release_all+0x12/0x50
[ 2873.905275]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 2873.905275]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2873.905275]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.905275]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.905275]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.905275]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.905275]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.905275]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.905275]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.905275]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.905275]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.905275]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.905275]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.905275]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.905275]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.905275]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.905275]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.905275]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.905275]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.905275]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.905275]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.905275]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.905275]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.905275]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.905275]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.905275]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.905275]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.905275]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.905275]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.905275]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.905275]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.905275]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.905275]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.905275]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.905275]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.905275]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.905275]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.905275]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.905275]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.905275]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.905275]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.905275]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.905275]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.905275]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.905275]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.905275]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.905275]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.905275]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.905275]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.905275]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.905275]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.905275]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.905275]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.905275]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.905275]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.905275]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.905275] Memory state around the buggy address:
[ 2873.905275]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.905275]  ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.905275] >ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.905275]                       ^
[ 2873.905275]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.905275]  ffff8803795bb180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.905275] ==================================================================
[ 2873.967605] ==================================================================
[ 2873.968549] BUG: KASAN: use-after-free in skb_release_all+0x4a/0x50 at addr ffff8803795bb0e0
[ 2873.968599] Read of size 8 by task ksoftirqd/3/28
[ 2873.968599] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2873.968599] flags: 0x1000000000000000()
[ 2873.968599] page dumped because: kasan: bad access detected
[ 2873.968599] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2873.968599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2873.968599]  dffffc0000000000 ffff88038ca170e0 ffffffff8199f263 ffff88038ca17170
[ 2873.968599]  ffff8803795bb0e0 ffff88038ca17160 ffffffff8151c33e ffffffff6f2b7640
[ 2873.968599]  ffffffffffffffff 66666620ffffffff 0000000000000282 00203a3038316262
[ 2873.968599] Call Trace:
[ 2873.968599]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2873.968599]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2873.968599]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 2873.968599]  [<ffffffff81f7ea9a>] ? skb_release_all+0x4a/0x50
[ 2873.968599]  [<ffffffff81f7ea9a>] skb_release_all+0x4a/0x50
[ 2873.968599]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 2873.968599]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2873.968599]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2873.968599]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2873.968599]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.968599]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2873.968599]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.968599]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2873.968599]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2873.968599]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2873.968599]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2873.968599]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2873.968599]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2873.968599]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2873.968599]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2873.968599]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2873.968599]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2873.968599]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2873.968599]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2873.968599]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2873.968599]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2873.968599]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2873.968599]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2873.968599]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2873.968599]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.968599]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2873.968599]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2873.968599]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2873.968599]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.968599]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2873.968599]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2873.968599]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2873.968599]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2873.968599]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.968599]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2873.968599]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2873.968599]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2873.968599]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2873.968599]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2873.968599]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2873.968599]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2873.968599]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2873.968599]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2873.968599]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2873.968599]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2873.968599]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2873.968599]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2873.968599]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.968599]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2873.968599]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2873.968599]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.968599]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2873.968599]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2873.968599]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.968599]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2873.968599]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2873.968599] Memory state around the buggy address:
[ 2873.968599]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2873.968599]  ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.968599] >ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.968599]                                                        ^
[ 2873.968599]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.968599]  ffff8803795bb180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2873.968599] ==================================================================
[ 2874.033936] ==================================================================
[ 2874.034930] BUG: KASAN: use-after-free in skb_release_data+0x2fb/0x320 at addr ffff8803795bb0dc
[ 2874.034930] Read of size 4 by task ksoftirqd/3/28
[ 2874.034930] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2874.034930] flags: 0x1000000000000000()
[ 2874.034930] page dumped because: kasan: bad access detected
[ 2874.034930] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2874.034930] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2874.034930]  dffffc0000000000 ffff88038ca170a0 ffffffff8199f263 ffff88038ca17130
[ 2874.034930]  ffff8803795bb0dc ffff88038ca17120 ffffffff8151c33e 0000000000000282
[ 2874.034930]  ffff88038ca17108 ffffed006f2b7640 0000000000000282 ffffffff8151be77
[ 2874.034930] Call Trace:
[ 2874.034930]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2874.034930]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2874.034930]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 2874.034930]  [<ffffffff8151c2bd>] ? kasan_report_error+0x42d/0x4e0
[ 2874.034930]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 2874.034930]  [<ffffffff81f7ea2b>] ? skb_release_data+0x2fb/0x320
[ 2874.034930]  [<ffffffff81f7ea2b>] skb_release_data+0x2fb/0x320
[ 2874.034930]  [<ffffffff81f7ea92>] skb_release_all+0x42/0x50
[ 2874.034930]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 2874.034930]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2874.034930]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2874.034930]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2874.034930]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.034930]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2874.034930]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.034930]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2874.034930]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2874.034930]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2874.034930]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2874.034930]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2874.034930]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2874.034930]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2874.034930]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2874.034930]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2874.034930]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2874.034930]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2874.034930]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2874.034930]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2874.034930]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2874.034930]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2874.034930]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2874.034930]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2874.034930]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.034930]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2874.034930]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.034930]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2874.034930]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.034930]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.034930]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2874.034930]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2874.034930]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2874.034930]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.034930]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2874.034930]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2874.034930]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.034930]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2874.034930]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2874.034930]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2874.034930]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2874.034930]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2874.034930]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2874.034930]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2874.034930]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2874.034930]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2874.034930]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2874.034930]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.034930]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2874.034930]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2874.034930]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.034930]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.034930]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2874.034930]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.034930]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2874.034930]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.034930] Memory state around the buggy address:
[ 2874.034930]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2874.034930]  ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.034930] >ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.034930]                                                     ^
[ 2874.034930]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.034930]  ffff8803795bb180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.034930] ==================================================================
[ 2874.096156] ==================================================================
[ 2874.097104] BUG: KASAN: use-after-free in skb_release_data+0x2f1/0x320 at addr ffff8803795bb0e0
[ 2874.097150] Read of size 8 by task ksoftirqd/3/28
[ 2874.097150] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2874.097150] flags: 0x1000000000000000()
[ 2874.097150] page dumped because: kasan: bad access detected
[ 2874.097150] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2874.097150] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2874.097150]  dffffc0000000000 ffff88038ca170a0 ffffffff8199f263 ffff88038ca17130
[ 2874.097150]  ffff8803795bb0e0 ffff88038ca17120 ffffffff8151c33e 0000000000000010
[ 2874.097150]  ffff880300000000 ffffed006f2b761b 0000000000000282 ffffffff8151be77
[ 2874.097150] Call Trace:
[ 2874.097150]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2874.097150]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2874.097150]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 2874.097150]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 2874.097150]  [<ffffffff81f7ea21>] ? skb_release_data+0x2f1/0x320
[ 2874.097150]  [<ffffffff81f7ea21>] skb_release_data+0x2f1/0x320
[ 2874.097150]  [<ffffffff81f7ea92>] skb_release_all+0x42/0x50
[ 2874.097150]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 2874.097150]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2874.097150]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2874.097150]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2874.097150]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.097150]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2874.097150]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.097150]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2874.097150]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2874.097150]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2874.097150]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2874.097150]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2874.097150]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2874.097150]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2874.097150]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2874.097150]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2874.097150]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2874.097150]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2874.097150]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2874.097150]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2874.097150]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2874.097150]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2874.097150]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2874.097150]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2874.097150]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.097150]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2874.097150]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.097150]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2874.097150]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.097150]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.097150]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2874.097150]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2874.097150]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2874.097150]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.097150]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2874.097150]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2874.097150]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.097150]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2874.097150]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2874.097150]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2874.097150]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2874.097150]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2874.097150]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2874.097150]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2874.097150]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2874.097150]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2874.097150]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2874.097150]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.097150]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2874.097150]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2874.097150]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.097150]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.097150]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2874.097150]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.097150]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2874.097150]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.097150] Memory state around the buggy address:
[ 2874.097150]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2874.097150]  ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.097150] >ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.097150]                                                        ^
[ 2874.097150]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.097150]  ffff8803795bb180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.097150] ==================================================================
[ 2874.163818] ==================================================================
[ 2874.164764] BUG: KASAN: use-after-free in skb_release_data+0x2d0/0x320 at addr ffff8803795bb09e
[ 2874.164812] Read of size 1 by task ksoftirqd/3/28
[ 2874.164812] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2874.164812] flags: 0x1000000000000000()
[ 2874.164812] page dumped because: kasan: bad access detected
[ 2874.164812] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2874.164812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2874.164812]  dffffc0000000000 ffff88038ca170a0 ffffffff8199f263 ffff88038ca17130
[ 2874.164812]  ffff8803795bb09e ffff88038ca17120 ffffffff8151c33e 0000000000000010
[ 2874.164812]  ffff880300000000 ffffed006f2b761c 0000000000000282 ffffffff8151be77
[ 2874.164812] Call Trace:
[ 2874.164812]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2874.164812]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2874.164812]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 2874.164812]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 2874.164812]  [<ffffffff81f7ea00>] ? skb_release_data+0x2d0/0x320
[ 2874.164812]  [<ffffffff81f7ea00>] skb_release_data+0x2d0/0x320
[ 2874.164812]  [<ffffffff81f7ea92>] skb_release_all+0x42/0x50
[ 2874.164812]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 2874.164812]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2874.164812]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2874.164812]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2874.164812]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.164812]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2874.164812]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.164812]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2874.164812]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2874.164812]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2874.164812]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2874.164812]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2874.164812]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2874.164812]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2874.164812]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2874.164812]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2874.164812]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2874.164812]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2874.164812]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2874.164812]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2874.164812]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2874.164812]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2874.164812]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2874.164812]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2874.164812]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.164812]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2874.164812]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.164812]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2874.164812]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.164812]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.164812]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2874.164812]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2874.164812]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2874.164812]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.164812]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2874.164812]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2874.164812]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.164812]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2874.164812]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2874.164812]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2874.164812]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2874.164812]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2874.164812]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2874.164812]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2874.164812]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2874.164812]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2874.164812]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2874.164812]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.164812]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2874.164812]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2874.164812]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.164812]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.164812]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2874.164812]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.164812]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2874.164812]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.164812] Memory state around the buggy address:
[ 2874.164812]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2874.164812]  ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.164812] >ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.164812]                             ^
[ 2874.164812]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.164812]  ffff8803795bb180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.164812] ==================================================================
[ 2874.231765] ==================================================================
[ 2874.232758] BUG: KASAN: use-after-free in skb_free_head+0x8a/0x90 at addr ffff8803795bb0e0
[ 2874.232758] Read of size 8 by task ksoftirqd/3/28
[ 2874.232758] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2874.232758] flags: 0x1000000000000000()
[ 2874.232758] page dumped because: kasan: bad access detected
[ 2874.232758] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2874.232758] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2874.232758]  0000000000000004 ffff88038ca17080 ffffffff8199f263 ffff88038ca17110
[ 2874.232758]  ffff8803795bb0e0 ffff88038ca17100 ffffffff8151c33e ffffffff8151be77
[ 2874.232758]  ffffed006f2b7630 ffff88038ca17120 0000000000000286 0000000000000010
[ 2874.232758] Call Trace:
[ 2874.232758]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2874.232758]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2874.232758]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 2874.232758]  [<ffffffff8151be77>] ? kasan_end_report+0x37/0x50
[ 2874.232758]  [<ffffffff8151c4a3>] __asan_report_load8_noabort+0x43/0x50
[ 2874.232758]  [<ffffffff8151c300>] ? kasan_report_error+0x470/0x4e0
[ 2874.232758]  [<ffffffff81f6de9a>] ? skb_free_head+0x8a/0x90
[ 2874.232758]  [<ffffffff81f6de9a>] skb_free_head+0x8a/0x90
[ 2874.232758]  [<ffffffff81f7e95c>] skb_release_data+0x22c/0x320
[ 2874.232758]  [<ffffffff81f7ea92>] skb_release_all+0x42/0x50
[ 2874.232758]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 2874.232758]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2874.232758]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2874.232758]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2874.232758]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.232758]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2874.232758]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.232758]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2874.232758]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2874.232758]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2874.232758]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2874.232758]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2874.232758]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2874.232758]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2874.232758]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2874.232758]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2874.232758]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2874.232758]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2874.232758]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2874.232758]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2874.232758]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2874.232758]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2874.232758]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2874.232758]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2874.232758]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.232758]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2874.232758]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.232758]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2874.232758]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.232758]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.232758]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2874.232758]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2874.232758]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2874.232758]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.232758]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2874.232758]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2874.232758]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.232758]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2874.232758]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2874.232758]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2874.232758]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2874.232758]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2874.232758]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2874.232758]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2874.232758]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2874.232758]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2874.232758]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2874.232758]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.232758]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2874.232758]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2874.232758]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.232758]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.232758]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2874.232758]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.232758]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2874.232758]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.232758] Memory state around the buggy address:
[ 2874.232758]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2874.232758]  ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.232758] >ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.232758]                                                        ^
[ 2874.232758]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.232758]  ffff8803795bb180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.232758] ==================================================================
[ 2874.299495] ==================================================================
[ 2874.300448] BUG: KASAN: use-after-free in skb_free_head+0x83/0x90 at addr ffff8803795bb09e
[ 2874.300487] Read of size 1 by task ksoftirqd/3/28
[ 2874.300487] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2874.300487] flags: 0x1000000000000000()
[ 2874.300487] page dumped because: kasan: bad access detected
[ 2874.300487] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2874.300487] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2874.300487]  0000000000000004 ffff88038ca17080 ffffffff8199f263 ffff88038ca17110
[ 2874.300487]  ffff8803795bb09e ffff88038ca17100 ffffffff8151c33e 0000000000000010
[ 2874.300487]  ffffed0000000000 ffffed006f2b761c 0000000000000286 ffffffff00000010
[ 2874.300487] Call Trace:
[ 2874.300487]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2874.300487]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2874.300487]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 2874.300487]  [<ffffffff8151c300>] ? kasan_report_error+0x470/0x4e0
[ 2874.300487]  [<ffffffff81f6de93>] ? skb_free_head+0x83/0x90
[ 2874.300487]  [<ffffffff81f6de93>] skb_free_head+0x83/0x90
[ 2874.300487]  [<ffffffff81f7e95c>] skb_release_data+0x22c/0x320
[ 2874.300487]  [<ffffffff81f7ea92>] skb_release_all+0x42/0x50
[ 2874.300487]  [<ffffffff81f7e3a2>] __kfree_skb+0x12/0x20
[ 2874.300487]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2874.300487]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2874.300487]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2874.300487]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.300487]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2874.300487]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.300487]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2874.300487]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2874.300487]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2874.300487]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2874.300487]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2874.300487]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2874.300487]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2874.300487]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2874.300487]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2874.300487]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2874.300487]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2874.300487]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2874.300487]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2874.300487]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2874.300487]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2874.300487]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2874.300487]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2874.300487]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.300487]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2874.300487]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.300487]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2874.300487]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.300487]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.300487]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2874.300487]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2874.300487]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2874.300487]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.300487]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2874.300487]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2874.300487]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.300487]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2874.300487]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2874.300487]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2874.300487]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2874.300487]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2874.300487]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2874.300487]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2874.300487]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2874.300487]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2874.300487]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2874.300487]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.300487]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2874.300487]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2874.300487]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.300487]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.300487]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2874.300487]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.300487]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2874.300487]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.300487] Memory state around the buggy address:
[ 2874.300487]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2874.300487]  ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.300487] >ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.300487]                             ^
[ 2874.300487]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.300487]  ffff8803795bb180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.300487] ==================================================================
[ 2874.367806] ==================================================================
[ 2874.368754] BUG: KASAN: use-after-free in kfree_skbmem+0x2ae/0x330 at addr ffff8803795bb09e
[ 2874.368799] Read of size 1 by task ksoftirqd/3/28
[ 2874.368799] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2874.368799] flags: 0x1000000000000000()
[ 2874.368799] page dumped because: kasan: bad access detected
[ 2874.368799] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2874.368799] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2874.368799]  dffffc0000000000 ffff88038ca170d8 ffffffff8199f263 ffff88038ca17168
[ 2874.368799]  ffff8803795bb09e ffff88038ca17158 ffffffff8151c33e 0000000000000004
[ 2874.368799]  dffffc0000000000 dffffc0000000000 0000000000000292 ffffffff8151c3b3
[ 2874.368799] Call Trace:
[ 2874.368799]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2874.368799]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2874.368799]  [<ffffffff8151c3b3>] ? __asan_report_load1_noabort+0x43/0x50
[ 2874.368799]  [<ffffffff8151c300>] ? kasan_report_error+0x470/0x4e0
[ 2874.368799]  [<ffffffff8151c3b3>] __asan_report_load1_noabort+0x43/0x50
[ 2874.368799]  [<ffffffff81f7e30e>] ? kfree_skbmem+0x2ae/0x330
[ 2874.368799]  [<ffffffff81f7e30e>] kfree_skbmem+0x2ae/0x330
[ 2874.368799]  [<ffffffff81f7e3aa>] __kfree_skb+0x1a/0x20
[ 2874.368799]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2874.368799]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2874.368799]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2874.368799]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.368799]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2874.368799]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.368799]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2874.368799]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2874.368799]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2874.368799]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2874.368799]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2874.368799]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2874.368799]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2874.368799]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2874.368799]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2874.368799]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2874.368799]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2874.368799]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2874.368799]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2874.368799]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2874.368799]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2874.368799]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2874.368799]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2874.368799]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.368799]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2874.368799]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.368799]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2874.368799]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.368799]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.368799]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2874.368799]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2874.368799]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2874.368799]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.368799]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2874.368799]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2874.368799]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.368799]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2874.368799]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2874.368799]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2874.368799]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2874.368799]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2874.368799]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2874.368799]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2874.368799]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2874.368799]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2874.368799]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2874.368799]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.368799]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2874.368799]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2874.368799]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.368799]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.368799]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2874.368799]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.368799]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2874.368799]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.368799] Memory state around the buggy address:
[ 2874.368799]  ffff8803795baf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2874.368799]  ffff8803795bb000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.368799] >ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.368799]                             ^
[ 2874.368799]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.368799]  ffff8803795bb180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.368799] ==================================================================
[ 2874.429502] ==================================================================
[ 2874.430455] BUG: KASAN: use-after-free in kfree_skbmem+0x2dc/0x330 at addr ffff8803795bb1f0
[ 2874.430496] Read of size 4 by task ksoftirqd/3/28
[ 2874.430496] page:ffffea000de56ec0 count:0 mapcount:0 mapping:          (null) index:0x0
[ 2874.430496] flags: 0x1000000000000000()
[ 2874.430496] page dumped because: kasan: bad access detected
[ 2874.430496] CPU: 3 PID: 28 Comm: ksoftirqd/3 Tainted: G    B      O    4.8.15-ab+ #5
[ 2874.430496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 2874.430496]  dffffc0000000000 ffff88038ca170d8 ffffffff8199f263 ffff88038ca17168
[ 2874.430496]  ffff8803795bb1f0 ffff88038ca17158 ffffffff8151c33e 0000000000000010
[ 2874.430496]  dffffc0000000000 ffffed006f2b7613 0000000000000292 ffffffff8151c3b3
[ 2874.430496] Call Trace:
[ 2874.430496]  [<ffffffff8199f263>] dump_stack+0x67/0x94
[ 2874.430496]  [<ffffffff8151c33e>] kasan_report_error+0x4ae/0x4e0
[ 2874.430496]  [<ffffffff8151c3b3>] ? __asan_report_load1_noabort+0x43/0x50
[ 2874.430496]  [<ffffffff8151c453>] __asan_report_load4_noabort+0x43/0x50
[ 2874.430496]  [<ffffffff81f7e33c>] ? kfree_skbmem+0x2dc/0x330
[ 2874.430496]  [<ffffffff81f7e33c>] kfree_skbmem+0x2dc/0x330
[ 2874.430496]  [<ffffffff81f7e3aa>] __kfree_skb+0x1a/0x20
[ 2874.430496]  [<ffffffff820fdc33>] tcp_clean_rtx_queue+0x603/0x2ce0
[ 2874.430496]  [<ffffffff820fd630>] ? tcp_rtt_estimator+0x7f0/0x7f0
[ 2874.430496]  [<ffffffff82110827>] tcp_ack+0x1487/0x2e60
[ 2874.430496]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.430496]  [<ffffffff8210f3a0>] ? tcp_fastretrans_alert+0x2f50/0x2f50
[ 2874.430496]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.430496]  [<ffffffff8211ae7c>] tcp_rcv_established+0x58c/0x2de0
[ 2874.430496]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 2874.430496]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 2874.430496]  [<ffffffff8211a8f0>] ? tcp_data_queue+0x4ed0/0x4ed0
[ 2874.430496]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 2874.430496]  [<ffffffff82150069>] tcp_v4_do_rcv+0x529/0x8c0
[ 2874.430496]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 2874.430496]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 2874.430496]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 2874.430496]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 2874.430496]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 2874.430496]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 2874.430496]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 2874.430496]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 2874.430496]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 2874.430496]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 2874.430496]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 2874.430496]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.430496]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 2874.430496]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 2874.430496]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 2874.430496]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.430496]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 2874.430496]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 2874.430496]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 2874.430496]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 2874.430496]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.430496]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 2874.430496]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 2874.430496]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 2874.430496]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 2874.430496]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 2874.430496]  [<ffffffff8121699d>] ? trace_hardirqs_on+0xd/0x10
[ 2874.430496]  [<ffffffff8118a88a>] ? finish_task_switch+0x1fa/0x5a0
[ 2874.430496]  [<ffffffff8118a85e>] ? finish_task_switch+0x1ce/0x5a0
[ 2874.430496]  [<ffffffff8112908f>] ? run_ksoftirqd+0x1f/0x60
[ 2874.430496]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 2874.430496]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 2874.430496]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 2874.430496]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 2874.430496]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.430496]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 2874.430496]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 2874.430496]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.430496]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 2874.430496]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 2874.430496]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.430496]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 2874.430496]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 2874.430496] Memory state around the buggy address:
[ 2874.430496]  ffff8803795bb080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.430496]  ffff8803795bb100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.430496] >ffff8803795bb180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.430496]                                                              ^
[ 2874.430496]  ffff8803795bb200: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.430496]  ffff8803795bb280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 2874.430496] ==================================================================
[ 3040.251010] INFO: NMI handler (perf_event_nmi_handler) took too long to run: 12.026 msecs
[ 3040.251010] perf: interrupt took too long (108543 > 32442), lowering kernel.perf_event_max_sample_rate to 1000
[ 5278.762292] kasan: CONFIG_KASAN_INLINE enabled
[ 5278.762862] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 5278.763872] general protection fault: 0000 [#1] SMP KASAN
[ 5278.764503] Modules linked in: tfw_sched_rr(O) tfw_sched_http(O) tfw_sched_hash(O) tempesta_fw(O) tempesta_db(O) tempesta_tls(O) ghash_clmulni_intel aesni_intel ppdev aes_x86_64 glue_helper lrw gf128mul 9pnet_virtio i2c_piix4 i2c_core ablk_helper cryptd acpi_cpufreq 9pnet input_leds led_class pcspkr virtio_balloon parport_pc parport ip_tables ata_generic pata_acpi crc32c_intel virtio_pci e1000 serio_raw virtio_ring virtio floppy ata_piix ipv6 crc_ccitt autofs4
[ 5278.764861] CPU: 0 PID: 3 Comm: ksoftirqd/0 Tainted: G    B      O    4.8.15-ab+ #5
[ 5278.764861] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 5278.764861] task: ffff88038cff9840 task.stack: ffff88038c878000
[ 5278.764861] RIP: 0010:[<ffffffff8214ace4>]  [<ffffffff8214ace4>] tcp_v4_destroy_sock+0x154/0xc90
[ 5278.764861] RSP: 0018:ffff88038c87f3b0  EFLAGS: 00010206
[ 5278.778103] RAX: 3a726f462d646564 RBX: ffff8802d57c0000 RCX: ffff8802c61d0df0
[ 5278.778103] RDX: 1ffffffff05bb09f RSI: 726177726f462d58 RDI: 726177726f462d60
[ 5278.778103] RBP: ffff88038c87f410 R08: 0000000000000001 R09: 0000000000000001
[ 5278.778103] R10: ffff8802c61d0c60 R11: 0e4c2eee4de8c5ac R12: ffff8802c61d0e00
[ 5278.778103] R13: ffff8802c61d0c00 R14: ffff8802c61d0e44 R15: dffffc0000000000
[ 5278.778103] FS:  0000000000000000(0000) GS:ffff8803aee00000(0000) knlGS:0000000000000000
[ 5278.778103] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 5278.778103] CR2: 00007fb62cb51000 CR3: 0000000374a4c000 CR4: 00000000001406f0
[ 5278.778103] Stack:
[ 5278.778103]  ffffc90001d8cdc0 ffff88038c87f400 ffff8802c61d0d98 ffffed0058c3a1b3
[ 5278.778103]  dffffc0000000000 ffff8802c61d0c28 ffff8802c61d0c00 ffff8802c61d0c00
[ 5278.778103]  ffff8802c61d0c28 ffffffff82d93360 00000000f9937314 ffff8802c61d0c12
[ 5278.778103] Call Trace:
[ 5278.778103]  [<ffffffff820d722b>] inet_csk_destroy_sock+0x14b/0x400
[ 5278.778103]  [<ffffffff820e674f>] tcp_done+0x12f/0x210
[ 5278.778103]  [<ffffffff821207cc>] tcp_rcv_state_process+0x271c/0x4e00
[ 5278.778103]  [<ffffffff8200bb83>] ? sk_filter_trim_cap+0x283/0x700
[ 5278.778103]  [<ffffffff8211e0b0>] ? tcp_finish_connect+0x600/0x600
[ 5278.778103]  [<ffffffff8200bba2>] ? sk_filter_trim_cap+0x2a2/0x700
[ 5278.778103]  [<ffffffff8200b9d6>] ? sk_filter_trim_cap+0xd6/0x700
[ 5278.778103]  [<ffffffff821546f0>] ? tcp_v4_rcv+0x1ee0/0x3420
[ 5278.778103]  [<ffffffff8214fe08>] tcp_v4_do_rcv+0x2c8/0x8c0
[ 5278.778103]  [<ffffffff8215494e>] tcp_v4_rcv+0x213e/0x3420
[ 5278.778103]  [<ffffffffa08fb8a5>] ? tfw_classify_ipv4+0x5/0x190 [tempesta_fw]
[ 5278.778103]  [<ffffffff820a3c7b>] ip_local_deliver_finish+0x2cb/0x9b0
[ 5278.778103]  [<ffffffff820a3ada>] ? ip_local_deliver_finish+0x12a/0x9b0
[ 5278.778103]  [<ffffffff820a4abd>] ip_local_deliver+0x24d/0x330
[ 5278.778103]  [<ffffffff820a4870>] ? ip_call_ra_chain+0x510/0x510
[ 5278.778103]  [<ffffffff8207d516>] ? nf_hook_slow+0x186/0x2a0
[ 5278.778103]  [<ffffffff8207d535>] ? nf_hook_slow+0x1a5/0x2a0
[ 5278.778103]  [<ffffffff8207d395>] ? nf_hook_slow+0x5/0x2a0
[ 5278.778103]  [<ffffffff820a26d9>] ip_rcv_finish+0x599/0x1870
[ 5278.778103]  [<ffffffff820be0b3>] ? ip_queue_xmit+0x823/0x1bc0
[ 5278.778103]  [<ffffffff820bd8ce>] ? ip_queue_xmit+0x3e/0x1bc0
[ 5278.778103]  [<ffffffff820a543b>] ip_rcv+0x89b/0x11d0
[ 5278.778103]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 5278.778103]  [<ffffffff820a2140>] ? inet_del_offload+0x40/0x40
[ 5278.778103]  [<ffffffff822e3d7b>] ? _raw_spin_lock_irqsave+0x4b/0x60
[ 5278.778103]  [<ffffffff820a4ba0>] ? ip_local_deliver+0x330/0x330
[ 5278.778103]  [<ffffffff81fbe110>] __netif_receive_skb_core+0x1690/0x2bc0
[ 5278.778103]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 5278.778103]  [<ffffffff81216ec0>] ? debug_check_no_locks_freed+0x280/0x280
[ 5278.778103]  [<ffffffff81fbca80>] ? net_tx_action+0x9d0/0x9d0
[ 5278.778103]  [<ffffffff810c4015>] ? default_send_IPI_single+0x75/0xa0
[ 5278.778103]  [<ffffffff8213f720>] ? tcp_delack_timer+0x20/0x200
[ 5278.778103]  [<ffffffff810b6190>] ? native_send_call_func_single_ipi+0x60/0x80
[ 5278.778103]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 5278.778103]  [<ffffffff81fbf69a>] __netif_receive_skb+0x5a/0x190
[ 5278.778103]  [<ffffffff81fbf8a8>] process_backlog+0xd8/0x650
[ 5278.778103]  [<ffffffff81fbf9e7>] ? process_backlog+0x217/0x650
[ 5278.778103]  [<ffffffff81fc4955>] net_rx_action+0x655/0xde0
[ 5278.778103]  [<ffffffff81fc4300>] ? sk_busy_loop+0xb90/0xb90
[ 5278.778103]  [<ffffffff811e06fa>] ? run_rebalance_domains+0x48a/0x600
[ 5278.778103]  [<ffffffffa094dc30>] ? ss_send+0x5b0/0x5b0 [tempesta_fw]
[ 5278.778103]  [<ffffffff822e74ec>] __do_softirq+0x22c/0x99f
[ 5278.778103]  [<ffffffff81129070>] ? cpu_callback+0x850/0x850
[ 5278.778103]  [<ffffffff8112908f>] run_ksoftirqd+0x1f/0x60
[ 5278.778103]  [<ffffffff8117f144>] smpboot_thread_fn+0x3c4/0x840
[ 5278.778103]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 5278.778103]  [<ffffffff822d5f7c>] ? schedule+0x9c/0x1c0
[ 5278.778103]  [<ffffffff8117502c>] ? __kthread_parkme+0xdc/0x200
[ 5278.778103]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 5278.778103]  [<ffffffff8117ed80>] ? smpboot_update_cpumask_percpu_thread+0x590/0x590
[ 5278.778103]  [<ffffffff811757ee>] kthread+0x20e/0x2d0
[ 5278.778103]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 5278.778103]  [<ffffffff822e47ff>] ret_from_fork+0x1f/0x40
[ 5278.778103]  [<ffffffff811755e0>] ? kthread_create_on_node+0x390/0x390
[ 5278.778103] Code: e8 03 42 80 3c 38 00 0f 85 54 08 00 00 48 8d 7e 08 48 8b 43 08 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 49 89 fb 49 c1 eb 03 <43> 80 3c 3b 00 0f 85 01 08 00 00 48 89 c7 48 89 46 08 48 c1 ef 
[ 5278.778103] RIP  [<ffffffff8214ace4>] tcp_v4_destroy_sock+0x154/0xc90
[ 5278.778103]  RSP <ffff88038c87f3b0>