[ 5851.828699][T31763] ==================================================================
[ 5851.829057][T31763] BUG: KASAN: global-out-of-bounds in snmp6_seq_show_item64.constprop.0+0x341/0x500
[ 5851.829360][T31763] Read of size 8 at addr ffffffffa88e84b0 by task nstat/31763
[ 5851.829612][T31763] 
[ 5851.829706][T31763] CPU: 3 UID: 0 PID: 31763 Comm: nstat Not tainted 6.17.0-rc3-virtme #1 PREEMPT(full) 
[ 5851.829711][T31763] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 5851.829714][T31763] Call Trace:
[ 5851.829716][T31763]  <TASK>
[ 5851.829718][T31763]  dump_stack_lvl+0x82/0xc0
[ 5851.829727][T31763]  print_address_description.constprop.0+0x2c/0x3a0
[ 5851.829735][T31763]  ? snmp6_seq_show_item64.constprop.0+0x341/0x500
[ 5851.829738][T31763]  print_report+0xb4/0x270
[ 5851.829742][T31763]  ? snmp6_seq_show_item64.constprop.0+0x341/0x500
[ 5851.829744][T31763]  ? kasan_addr_to_slab+0x21/0x70
[ 5851.829748][T31763]  ? snmp6_seq_show_item64.constprop.0+0x341/0x500
[ 5851.829751][T31763]  kasan_report+0xca/0x100
[ 5851.829754][T31763]  ? snmp6_seq_show_item64.constprop.0+0x341/0x500
[ 5851.829759][T31763]  snmp6_seq_show_item64.constprop.0+0x341/0x500
[ 5851.829764][T31763]  ? sockstat6_seq_show+0x1d0/0x1d0
[ 5851.829775][T31763]  ? rcu_is_watching+0x12/0xb0
[ 5851.829782][T31763]  ? trace_kmalloc+0x26/0xd0
[ 5851.829789][T31763]  ? __kvmalloc_node_noprof+0x23f/0x570
[ 5851.829793][T31763]  snmp6_seq_show+0x68/0x190
[ 5851.829796][T31763]  seq_read_iter+0x3fa/0x1060
[ 5851.829806][T31763]  seq_read+0x2cc/0x4b0
[ 5851.829810][T31763]  ? seq_read_iter+0x1060/0x1060
[ 5851.829813][T31763]  ? __might_fault+0x117/0x170
[ 5851.829818][T31763]  ? __lock_release+0x5d/0x170
[ 5851.829824][T31763]  ? __might_fault+0x117/0x170
[ 5851.829829][T31763]  ? cp_old_stat+0x6c0/0x6c0
[ 5851.829835][T31763]  proc_reg_read+0x1aa/0x270
[ 5851.829842][T31763]  vfs_read+0x17e/0xda0
[ 5851.829847][T31763]  ? vfs_getattr_nosec+0x2b5/0x3e0
[ 5851.829850][T31763]  ? kernel_read+0x1f0/0x1f0
[ 5851.829854][T31763]  ? __do_sys_newfstat+0x7b/0xc0
[ 5851.829857][T31763]  ? __do_sys_fstat+0xc0/0xc0
[ 5851.829864][T31763]  ksys_read+0xf7/0x1d0
[ 5851.829867][T31763]  ? vfs_write+0x12c0/0x12c0
[ 5851.829872][T31763]  do_syscall_64+0xc1/0x370
[ 5851.829877][T31763]  entry_SYSCALL_64_after_hwframe+0x4b/0x53
[ 5851.829882][T31763] RIP: 0033:0x7f76c992c292
[ 5851.829886][T31763] Code: c0 e9 b2 fe ff ff 50 48 8d 3d 6a 15 0c 00 e8 65 e1 01 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24
[ 5851.829889][T31763] RSP: 002b:00007ffed84d9628 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 5851.829894][T31763] RAX: ffffffffffffffda RBX: 0000000005a61910 RCX: 00007f76c992c292
[ 5851.829896][T31763] RDX: 0000000000000400 RSI: 0000000005a61500 RDI: 0000000000000006
[ 5851.829898][T31763] RBP: 00007f76c9a245c0 R08: 0000000000000006 R09: 0000000000000000
[ 5851.829900][T31763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000005a61910
[ 5851.829902][T31763] R13: 0000000000000d68 R14: 00007f76c9a239c0 R15: 0000000000000d68
[ 5851.829908][T31763]  </TASK>
[ 5851.829909][T31763] 
[ 5851.838395][T31763] The buggy address belongs to the variable:
[ 5851.838604][T31763]  snmp6_ipstats_list+0x210/0x3e0
[ 5851.838776][T31763] 
[ 5851.838863][T31763] The buggy address belongs to the physical page:
[ 5851.839071][T31763] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe6e8
[ 5851.839379][T31763] flags: 0x80000000002000(reserved|node=0|zone=1)
[ 5851.839601][T31763] raw: 0080000000002000 ffffea000039ba08 ffffea000039ba08 0000000000000000
[ 5851.839912][T31763] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 5851.840214][T31763] page dumped because: kasan: bad access detected
[ 5851.840424][T31763] 
[ 5851.840512][T31763] Memory state around the buggy address:
[ 5851.840682][T31763]  ffffffffa88e8380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 5851.840934][T31763]  ffffffffa88e8400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 5851.841185][T31763] >ffffffffa88e8480: 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00
[ 5851.841434][T31763]                                      ^
[ 5851.841604][T31763]  ffffffffa88e8500: 00 01 f9 f9 f9 f9 f9 f9 00 00 04 f9 f9 f9 f9 f9
[ 5851.841852][T31763]  ffffffffa88e8580: 00 00 00 01 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9
[ 5851.842097][T31763] ==================================================================
[ 5851.842481][T31763] Disabling lock debugging due to kernel taint