[   21.730747][  T307] eth1: renamed from tmp
[   74.706375][  T757] eth1: renamed from tmp
[  129.323602][ T1209] eth1: renamed from tmp
[  192.978008][ T1673] eth1: renamed from tmp
[  257.942975][ T2138] eth1: renamed from tmp
[  444.400832][ T3368] eth1: renamed from tmp
[  478.209803][ T3633] eth2: renamed from tmp
[  626.380772][ T4546] eth1: renamed from tmp
[  824.823527][ T6241] eth1: renamed from tmp
[  921.551281][ T7092] eth1: renamed from tmp
[  949.607358][ T7277] eth1: renamed from tmp
[  986.565989][ T7519] eth1: renamed from tmp
[ 1010.712630][ T7649] eth1: renamed from tmp
[ 1032.209699][ T7777] eth1: renamed from tmp
[ 1055.241209][ T7912] eth1: renamed from tmp
[ 1078.580149][ T8047] eth1: renamed from tmp
[ 1101.078664][ T8182] eth1: renamed from tmp
[ 1124.230985][ T8317] eth1: renamed from tmp
[ 1147.197890][ T8452] eth1: renamed from tmp
[ 1164.792872][ T8553] ip (8553) used greatest stack depth: 23536 bytes left
[ 1171.330028][ T8587] eth1: renamed from tmp
[ 1194.178091][ T8721] eth1: renamed from tmp
[ 1214.721307][ T8855] eth1: renamed from tmp
[ 1234.593314][ T8990] eth1: renamed from tmp
[ 1254.625780][ T9125] eth1: renamed from tmp
[ 1274.322813][ T9260] eth1: renamed from tmp
[ 1293.930739][ T9395] eth1: renamed from tmp
[ 1314.095942][ T9530] eth1: renamed from tmp
[ 1334.624015][ T9667] eth1: renamed from tmp
[ 1354.551216][ T9802] eth1: renamed from tmp
[ 1374.437923][ T9937] eth1: renamed from tmp
[ 1393.688867][T10072] eth1: renamed from tmp
[ 1414.580112][T10207] eth1: renamed from tmp
[ 1434.491820][T10343] eth1: renamed from tmp
[ 1453.814788][T10478] eth1: renamed from tmp
[ 1473.635034][T10613] eth1: renamed from tmp
[ 1493.117639][T10747] eth1: renamed from tmp
[ 1512.413824][T10881] eth1: renamed from tmp
[ 1531.829692][T11016] eth1: renamed from tmp
[ 1550.947029][T11151] eth1: renamed from tmp
[ 1570.284874][T11286] eth1: renamed from tmp
[ 1589.880774][T11421] eth1: renamed from tmp
[ 1609.291891][T11556] eth1: renamed from tmp
[ 1628.401133][T11691] eth1: renamed from tmp
[ 1647.723056][T11826] eth1: renamed from tmp
[ 1671.189652][T11989] eth1: renamed from tmp
[ 1694.609865][T12153] eth1: renamed from tmp
[ 1718.193207][T12316] eth1: renamed from tmp
[ 1741.171846][T12479] eth1: renamed from tmp
[ 1763.829603][T12642] eth1: renamed from tmp
[ 1774.887762][    C0] ==================================================================
[ 1774.888140][    C0] BUG: KASAN: slab-use-after-free in __udp_enqueue_schedule_skb+0x179/0xe60
[ 1774.888530][    C0] Read of size 4 at addr ffff888004cad448 by task nettest/12718
[ 1774.888833][    C0] 
[ 1774.888939][    C0] CPU: 0 UID: 0 PID: 12718 Comm: nettest Not tainted 6.17.0-rc6-virtme #1 PREEMPT(full) 
[ 1774.888944][    C0] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 1774.888947][    C0] Call Trace:
[ 1774.888949][    C0]  <IRQ>
[ 1774.888951][    C0]  dump_stack_lvl+0x82/0xc0
[ 1774.888958][    C0]  print_address_description.constprop.0+0x2c/0x3a0
[ 1774.888968][    C0]  ? __udp_enqueue_schedule_skb+0x179/0xe60
[ 1774.888972][    C0]  print_report+0xb4/0x270
[ 1774.888975][    C0]  ? __udp_enqueue_schedule_skb+0x179/0xe60
[ 1774.888978][    C0]  ? kasan_addr_to_slab+0x21/0x70
[ 1774.888981][    C0]  ? __udp_enqueue_schedule_skb+0x179/0xe60
[ 1774.888985][    C0]  kasan_report+0xca/0x100
[ 1774.888989][    C0]  ? __udp_enqueue_schedule_skb+0x179/0xe60
[ 1774.888994][    C0]  kasan_check_range+0x39/0x1b0
[ 1774.888998][    C0]  __udp_enqueue_schedule_skb+0x179/0xe60
[ 1774.889002][    C0]  ? sk_filter_trim_cap+0x2c0/0xa40
[ 1774.889009][    C0]  ? fib_lookup.constprop.0+0x370/0x370
[ 1774.889012][    C0]  ? udp_sendmsg+0x21f0/0x21f0
[ 1774.889015][    C0]  ? udp6_lib_lookup2+0x457/0x4d0
[ 1774.889022][    C0]  ? __xfrm_policy_check2.constprop.0+0x3d/0x680
[ 1774.889026][    C0]  udpv6_queue_rcv_one_skb+0xa35/0x14f0
[ 1774.889029][    C0]  ? __udp6_lib_lookup+0x64e/0xa40
[ 1774.889033][    C0]  ? __xfrm_policy_check2.constprop.0+0x680/0x680
[ 1774.889039][    C0]  udp6_unicast_rcv_skb+0x10b/0x2c0
[ 1774.889043][    C0]  __udp6_lib_rcv+0xa85/0x1650
[ 1774.889048][    C0]  ? udpv6_err+0xe0/0xe0
[ 1774.889053][    C0]  ip6_protocol_deliver_rcu+0x113/0x1340
[ 1774.889062][    C0]  ? rcu_is_watching+0x12/0xb0
[ 1774.889072][    C0]  ip6_input_finish+0x175/0x410
[ 1774.889076][    C0]  ip6_input+0x111/0x4f0
[ 1774.889079][    C0]  ? ip6_input_finish+0x410/0x410
[ 1774.889083][    C0]  ? ip6_rcv_core+0x9e8/0x1930
[ 1774.889089][    C0]  ipv6_rcv+0x3e1/0x5d0
[ 1774.889092][    C0]  ? __xfrm_policy_check2.constprop.0+0x540/0x540
[ 1774.889096][    C0]  ? rcu_read_lock_any_held+0x3f/0xa0
[ 1774.889099][    C0]  ? validate_chain+0x15e/0x4d0
[ 1774.889105][    C0]  ? __lock_acquire+0x449/0x7e0
[ 1774.889109][    C0]  ? __xfrm_policy_check2.constprop.0+0x540/0x540
[ 1774.889112][    C0]  ? process_backlog+0x381/0x13e0
[ 1774.889117][    C0]  __netif_receive_skb_one_core+0x108/0x180
[ 1774.889120][    C0]  ? __netif_receive_skb_list_core+0x980/0x980
[ 1774.889124][    C0]  ? rcu_is_watching+0x12/0xb0
[ 1774.889128][    C0]  ? lock_acquire+0x104/0x160
[ 1774.889130][    C0]  ? process_backlog+0x381/0x13e0
[ 1774.889135][    C0]  process_backlog+0x3c1/0x13e0
[ 1774.889140][    C0]  __napi_poll.constprop.0+0x9f/0x460
[ 1774.889145][    C0]  net_rx_action+0x54f/0xda0
[ 1774.889150][    C0]  ? __lock_release+0x5d/0x170
[ 1774.889154][    C0]  ? __napi_poll.constprop.0+0x460/0x460
[ 1774.889160][    C0]  ? trace_rcu_batch_end+0x2a0/0x2a0
[ 1774.889164][    C0]  ? note_gp_changes+0x17a/0x1d0
[ 1774.889166][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1774.889175][    C0]  handle_softirqs+0x215/0x610
[ 1774.889182][    C0]  ? __dev_queue_xmit+0x97e/0x18e0
[ 1774.889186][    C0]  do_softirq+0xad/0xe0
[ 1774.889189][    C0]  </IRQ>
[ 1774.889190][    C0]  <TASK>
[ 1774.889191][    C0]  __local_bh_enable_ip+0x101/0x120
[ 1774.889194][    C0]  ? __dev_queue_xmit+0x97e/0x18e0
[ 1774.889197][    C0]  __dev_queue_xmit+0x993/0x18e0
[ 1774.889201][    C0]  ? __lock_acquire+0x449/0x7e0
[ 1774.889206][    C0]  ? netdev_core_pick_tx+0x2f0/0x2f0
[ 1774.889209][    C0]  ? ip6_finish_output+0x5b8/0xc70
[ 1774.889214][    C0]  ? neigh_hh_output+0x33a/0x520
[ 1774.889217][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1774.889220][    C0]  ? neigh_hh_output+0x33a/0x520
[ 1774.889227][    C0]  ip6_finish_output+0x5b8/0xc70
[ 1774.889231][    C0]  ip6_output+0x242/0x810
[ 1774.889235][    C0]  ? ip6_finish_output+0xc70/0xc70
[ 1774.889242][    C0]  ip6_send_skb+0xef/0x350
[ 1774.889246][    C0]  udp_v6_send_skb+0x85a/0x1dc0
[ 1774.889249][    C0]  ? jhash.constprop.0+0x101/0x150
[ 1774.889254][    C0]  udpv6_sendmsg+0x1b04/0x24a0
[ 1774.889257][    C0]  ? find_held_lock+0x2b/0x80
[ 1774.889260][    C0]  ? ip_select_ident_segs+0x400/0x400
[ 1774.889267][    C0]  ? udpv6_splice_eof+0x170/0x170
[ 1774.889273][    C0]  ? rcu_read_lock_any_held+0x3f/0xa0
[ 1774.889276][    C0]  ? validate_chain+0x15e/0x4d0
[ 1774.889284][    C0]  ? __might_fault+0x117/0x170
[ 1774.889289][    C0]  ? __lock_release+0x5d/0x170
[ 1774.889294][    C0]  ? __sys_sendto+0x24b/0x380
[ 1774.889299][    C0]  __sys_sendto+0x24b/0x380
[ 1774.889303][    C0]  ? __ia32_sys_getpeername+0xb0/0xb0
[ 1774.889305][    C0]  ? do_pselect.constprop.0+0x191/0x1e0
[ 1774.889310][    C0]  ? __lock_release+0x5d/0x170
[ 1774.889314][    C0]  ? kvm_clock_get_cycles+0x18/0x30
[ 1774.889323][    C0]  ? __sys_recvmsg_sock+0x20/0x20
[ 1774.889326][    C0]  ? kern_select+0x1e0/0x1e0
[ 1774.889333][    C0]  __x64_sys_sendto+0xe0/0x1b0
[ 1774.889336][    C0]  ? do_syscall_64+0x85/0x300
[ 1774.889339][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1774.889342][    C0]  do_syscall_64+0xc1/0x300
[ 1774.889345][    C0]  entry_SYSCALL_64_after_hwframe+0x4b/0x53
[ 1774.889349][    C0] RIP: 0033:0x7f745e54c28a
[ 1774.889353][    C0] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 7e c3 0f 1f 44 00 00 41 54 48 83 ec 30 44 89
[ 1774.889355][    C0] RSP: 002b:00007ffeb3fe31d8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1774.889360][    C0] RAX: ffffffffffffffda RBX: 000000000000001c RCX: 00007f745e54c28a
[ 1774.889362][    C0] RDX: 000000000000000c RSI: 0000000000406752 RDI: 0000000000000005
[ 1774.889364][    C0] RBP: 0000000000000005 R08: 00007ffeb3fe3760 R09: 000000000000001c
[ 1774.889365][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffeb3fe3760
[ 1774.889367][    C0] R13: 000000000000001c R14: 0000000000000002 R15: 0000000000000002
[ 1774.889373][    C0]  </TASK>
[ 1774.889374][    C0] 
[ 1774.910800][    C0] Allocated by task 12683:
[ 1774.911004][    C0]  kasan_save_stack+0x24/0x40
[ 1774.911217][    C0]  kasan_save_track+0x14/0x30
[ 1774.911451][    C0]  __kasan_kmalloc+0x7b/0x90
[ 1774.911648][    C0]  __kmalloc_noprof+0x1d4/0x460
[ 1774.911859][    C0]  udpv6_init_sock+0x237/0x410
[ 1774.912057][    C0]  inet6_create.part.0+0x989/0x10b0
[ 1774.912256][    C0]  __sock_create+0x235/0x690
[ 1774.912453][    C0]  __sys_socket+0x116/0x1d0
[ 1774.912648][    C0]  __x64_sys_socket+0x72/0xb0
[ 1774.912842][    C0]  do_syscall_64+0xc1/0x300
[ 1774.913054][    C0]  entry_SYSCALL_64_after_hwframe+0x4b/0x53
[ 1774.913298][    C0] 
[ 1774.913397][    C0] Freed by task 12683:
[ 1774.913545][    C0]  kasan_save_stack+0x24/0x40
[ 1774.913766][    C0]  kasan_save_track+0x14/0x30
[ 1774.913962][    C0]  kasan_save_free_info+0x3b/0x60
[ 1774.914169][    C0]  __kasan_slab_free+0x3b/0x50
[ 1774.914366][    C0]  kfree+0x144/0x320
[ 1774.914520][    C0]  sk_common_release+0x60/0x300
[ 1774.914720][    C0]  inet_release+0x100/0x220
[ 1774.914928][    C0]  __sock_release+0xa0/0x250
[ 1774.915127][    C0]  sock_close+0x18/0x20
[ 1774.915279][    C0]  __fput+0x35c/0xa70
[ 1774.915431][    C0]  fput_close_sync+0xdd/0x1b0
[ 1774.915631][    C0]  __x64_sys_close+0x7d/0xd0
[ 1774.915828][    C0]  do_syscall_64+0xc1/0x300
[ 1774.916033][    C0]  entry_SYSCALL_64_after_hwframe+0x4b/0x53
[ 1774.916287][    C0] 
[ 1774.916400][    C0] The buggy address belongs to the object at ffff888004cad440
[ 1774.916400][    C0]  which belongs to the cache kmalloc-64 of size 64
[ 1774.916875][    C0] The buggy address is located 8 bytes inside of
[ 1774.916875][    C0]  freed 64-byte region [ffff888004cad440, ffff888004cad480)
[ 1774.917366][    C0] 
[ 1774.917473][    C0] The buggy address belongs to the physical page:
[ 1774.917712][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888004cadd40 pfn:0x4cad
[ 1774.918106][    C0] flags: 0x80000000000200(workingset|node=0|zone=1)
[ 1774.918356][    C0] page_type: f5(slab)
[ 1774.918509][    C0] raw: 0080000000000200 ffff888001042ac0 ffffea00001f4e50 ffffea000012c150
[ 1774.918871][    C0] raw: ffff888004cadd40 000000000010000f 00000000f5000000 0000000000000000
[ 1774.919227][    C0] page dumped because: kasan: bad access detected
[ 1774.919472][    C0] 
[ 1774.919570][    C0] Memory state around the buggy address:
[ 1774.919760][    C0]  ffff888004cad300: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 1774.920049][    C0]  ffff888004cad380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1774.920346][    C0] >ffff888004cad400: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 1774.920632][    C0]                                               ^
[ 1774.920894][    C0]  ffff888004cad480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1774.921180][    C0]  ffff888004cad500: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 1774.921470][    C0] ==================================================================
[ 1774.921791][    C0] Disabling lock debugging due to kernel taint
[ 1783.024652][T12805] eth1: renamed from tmp
[ 1799.728789][T12967] eth1: renamed from tmp
[ 1816.429658][T13129] eth1: renamed from tmp
[ 1833.090712][T13292] eth1: renamed from tmp
[ 1849.664671][T13455] eth1: renamed from tmp
[ 1866.393615][T13618] eth1: renamed from tmp
[ 1882.852874][T13781] eth1: renamed from tmp
[ 1899.230142][T13944] eth1: renamed from tmp
[ 1915.434742][T14107] eth1: renamed from tmp
[ 1932.287804][T14270] eth1: renamed from tmp