================================================================== BUG: KASAN: use-after-free in mm_cid_get.isra.0+0x147/0x570 Write of size 8 at addr ffff88804bb59ec8 by task systemd-udevd/112 CPU: 1 UID: 0 PID: 112 Comm: systemd-udevd Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary) Tainted: [W]=WARN Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 Call Trace: dump_stack_lvl+0xca/0x120 print_report+0xcb/0x610 kasan_report+0xca/0x100 kasan_check_range+0x39/0x1b0 mm_cid_get.isra.0+0x147/0x570 __schedule+0x1744/0x3590 schedule+0xdb/0x390 exit_to_user_mode_loop+0x69/0x110 do_syscall_64+0x2f7/0x360 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7ff20e09a087 Code: Unable to access opcode bytes at 0x7ff20e09a05d. RSP: 002b:00007fff41582d88 EFLAGS: 00000297 ORIG_RAX: 000000000000003e RAX: 0000000000000000 RBX: 0000556cebc59270 RCX: 00007ff20e09a087 RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000001fdc RBP: 0000556ccab39840 R08: 000000000000000d R09: 0000556cec496270 R10: 00007fff41582d90 R11: 0000000000000297 R12: 0000556cec496270 R13: 0000556cebc59520 R14: 0000000000000703 R15: 0000000000000000 The buggy address belongs to the physical page: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4bb59 flags: 0x100000000000000(node=0|zone=1) raw: 0100000000000000 ffffea00012ed648 ffffea00012ed648 0000000000000000 raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff88804bb59d80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ffff88804bb59e00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff >ffff88804bb59e80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ^ ffff88804bb59f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ffff88804bb59f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ==================================================================