[   14.943297][  T282] GACT probability NOT on
[   15.586726][  T290] ip (290) used greatest stack depth: 24208 bytes left
[   22.354502][    C0] ==================================================================
[   22.354904][    C0] BUG: KASAN: slab-use-after-free in dst_dev_put+0x214/0x280
[   22.355196][    C0] Read of size 8 at addr ffff88800f392040 by task swapper/0/0
[   22.355481][    C0] 
[   22.355579][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.18.0-virtme #1 PREEMPT(full) 
[   22.355584][    C0] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   22.355586][    C0] Call Trace:
[   22.355588][    C0]  <IRQ>
[   22.355590][    C0]  dump_stack_lvl+0x82/0xc0
[   22.355596][    C0]  print_address_description.constprop.0+0x2c/0x3a0
[   22.355602][    C0]  ? dst_dev_put+0x214/0x280
[   22.355606][    C0]  print_report+0xb4/0x270
[   22.355610][    C0]  ? dst_dev_put+0x214/0x280
[   22.355613][    C0]  ? kasan_addr_to_slab+0x1d/0x50
[   22.355616][    C0]  ? dst_dev_put+0x214/0x280
[   22.355619][    C0]  kasan_report+0xca/0x100
[   22.355623][    C0]  ? dst_dev_put+0x214/0x280
[   22.355629][    C0]  dst_dev_put+0x214/0x280
[   22.355632][    C0]  rt_fibinfo_free_cpus.part.0+0xd2/0x170
[   22.355638][    C0]  fib_nh_common_release+0xe6/0x2d0
[   22.355642][    C0]  free_fib_info_rcu+0x14c/0x380
[   22.355646][    C0]  ? nexthop_mpath_fill_node.constprop.0+0x2b0/0x2b0
[   22.355650][    C0]  rcu_do_batch+0x27e/0x1120
[   22.355656][    C0]  ? trace_rcu_batch_end+0x270/0x270
[   22.355659][    C0]  ? _raw_spin_unlock_irqrestore+0x59/0x70
[   22.355665][    C0]  ? lockdep_hardirqs_on+0x7c/0x100
[   22.355670][    C0]  ? _raw_spin_unlock_irqrestore+0x46/0x70
[   22.355674][    C0]  rcu_core+0x2bb/0x520
[   22.355678][    C0]  handle_softirqs+0x1c0/0x820
[   22.355686][    C0]  __irq_exit_rcu+0x6c/0xe0
[   22.355689][    C0]  irq_exit_rcu+0xe/0x30
[   22.355692][    C0]  sysvec_apic_timer_interrupt+0xa8/0xc0
[   22.355695][    C0]  </IRQ>
[   22.355697][    C0]  <TASK>
[   22.355698][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   22.355702][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x10
[   22.355706][    C0] Code: 48 8b 3d 34 31 90 02 e8 1f 00 00 00 48 2b 05 28 07 a9 00 c3 0f 1f 80 00 00 00 00 f3 0f 1e fa eb 07 0f 00 2d d3 d6 28 00 fb f4 <c3> 0f 1f 40 d6 41 54 55 53 48 89 fb 48 83 ec 10 8b 17 83 e2 fe 41
[   22.355709][    C0] RSP: 0018:ffffffffb8007de8 EFLAGS: 00000202
[   22.355712][    C0] RAX: 000000000008f05d RBX: 1ffffffff7000fc1 RCX: ffffffffb6e0a255
[   22.355715][    C0] RDX: 0000000000000000 RSI: ffffffffb77fa925 RDI: ffffffffb726a600
[   22.355716][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100da0631a
[   22.355718][    C0] R10: ffff88806d0318d3 R11: ffffffffb8032e50 R12: 0000000000000000
[   22.355720][    C0] R13: ffffffffb8032400 R14: dffffc0000000000 R15: 0000000000014770
[   22.355724][    C0]  ? ct_kernel_exit.constprop.0+0x105/0x150
[   22.355729][    C0]  default_idle+0x9/0x10
[   22.355731][    C0]  default_idle_call+0x6c/0xa0
[   22.355733][    C0]  cpuidle_idle_call+0x23b/0x380
[   22.355738][    C0]  ? arch_cpu_idle_exit+0x40/0x40
[   22.355741][    C0]  ? tsc_verify_tsc_adjust+0x94/0x310
[   22.355746][    C0]  do_idle+0xe1/0x140
[   22.355749][    C0]  cpu_startup_entry+0x54/0x60
[   22.355752][    C0]  rest_init+0x14b/0x260
[   22.355755][    C0]  start_kernel+0x348/0x3f0
[   22.355762][    C0]  x86_64_start_reservations+0x18/0x30
[   22.355765][    C0]  x86_64_start_kernel+0xf8/0x150
[   22.355769][    C0]  common_startup_64+0x13e/0x148
[   22.355778][    C0]  </TASK>
[   22.355779][    C0] 
[   22.366628][    C0] Allocated by task 385:
[   22.366774][    C0]  kasan_save_stack+0x24/0x40
[   22.366969][    C0]  kasan_save_track+0x14/0x30
[   22.367161][    C0]  __kasan_slab_alloc+0x55/0x60
[   22.367347][    C0]  kmem_cache_alloc_noprof+0x291/0x6d0
[   22.367543][    C0]  dst_alloc+0x7a/0x140
[   22.367686][    C0]  rt_dst_alloc+0x31/0x3a0
[   22.367883][    C0]  __mkroute_output+0x425/0x11a0
[   22.368197][    C0]  ip_route_output_key_hash+0xfa/0x220
[   22.368389][    C0]  ip_route_output_flow+0x23/0x140
[   22.368582][    C0]  udp_tunnel_dst_lookup+0x227/0x3a0
[   22.368774][    C0]  vxlan_xmit_one+0x151a/0x4490 [vxlan]
[   22.369105][    C0]  vxlan_xmit+0xf6a/0x1870 [vxlan]
[   22.369306][    C0]  dev_hard_start_xmit+0x132/0x530
[   22.369495][    C0]  __dev_queue_xmit+0x1406/0x1af0
[   22.369688][    C0]  packet_snd+0xd0f/0x1a70
[   22.370002][    C0]  __sys_sendto+0x24b/0x380
[   22.370193][    C0]  __x64_sys_sendto+0xe0/0x1b0
[   22.370384][    C0]  do_syscall_64+0xc1/0xfc0
[   22.370576][    C0]  entry_SYSCALL_64_after_hwframe+0x4b/0x53
[   22.370939][    C0] 
[   22.371037][    C0] Freed by task 12:
[   22.371182][    C0]  kasan_save_stack+0x24/0x40
[   22.371376][    C0]  kasan_save_track+0x14/0x30
[   22.371569][    C0]  __kasan_save_free_info+0x3b/0x60
[   22.371882][    C0]  __kasan_slab_free+0x3f/0x60
[   22.372081][    C0]  kmem_cache_free+0x2e4/0x690
[   22.372270][    C0]  dst_destroy+0x230/0x350
[   22.372464][    C0]  rcu_do_batch+0x27e/0x1120
[   22.372774][    C0]  rcu_core+0x2bb/0x520
[   22.372920][    C0]  handle_softirqs+0x1c0/0x820
[   22.373110][    C0]  __irq_exit_rcu+0x6c/0xe0
[   22.373300][    C0]  irq_exit_rcu+0xe/0x30
[   22.373565][    C0]  sysvec_apic_timer_interrupt+0xa8/0xc0
[   22.373758][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   22.373996][    C0] 
[   22.374094][    C0] Last potentially related work creation:
[   22.374407][    C0]  kasan_save_stack+0x24/0x40
[   22.374605][    C0]  kasan_record_aux_stack+0x8c/0xa0
[   22.374797][    C0]  __call_rcu_common.constprop.0+0xa9/0x950
[   22.375038][    C0]  dst_cache_destroy+0xf7/0x200
[   22.375355][    C0]  vxlan_fdb_free+0x10e/0x1b0 [vxlan]
[   22.375565][    C0]  rcu_do_batch+0x27e/0x1120
[   22.375756][    C0]  rcu_core+0x2bb/0x520
[   22.375903][    C0]  handle_softirqs+0x1c0/0x820
[   22.376220][    C0]  __irq_exit_rcu+0x6c/0xe0
[   22.376413][    C0]  irq_exit_rcu+0xe/0x30
[   22.376559][    C0]  sysvec_apic_timer_interrupt+0xa8/0xc0
[   22.376751][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   22.377115][    C0] 
[   22.377216][    C0] The buggy address belongs to the object at ffff88800f392040
[   22.377216][    C0]  which belongs to the cache rtable of size 184
[   22.377684][    C0] The buggy address is located 0 bytes inside of
[   22.377684][    C0]  freed 184-byte region [ffff88800f392040, ffff88800f3920f8)
[   22.378149][    C0] 
[   22.378246][    C0] The buggy address belongs to the physical page:
[   22.378483][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88800f3921c0 pfn:0xf392
[   22.378868][    C0] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.379158][    C0] flags: 0x80000000000240(workingset|head|node=0|zone=1)
[   22.379529][    C0] page_type: f5(slab)
[   22.379679][    C0] raw: 0080000000000240 ffff888004955e00 ffff88800269d708 ffff88800269d708
[   22.380024][    C0] raw: ffff88800f3921c0 0000000000150001 00000000f5000000 0000000000000000
[   22.380495][    C0] head: 0080000000000240 ffff888004955e00 ffff88800269d708 ffff88800269d708
[   22.380834][    C0] head: ffff88800f3921c0 0000000000150001 00000000f5000000 0000000000000000
[   22.381172][    C0] head: 0080000000000001 ffffea00003ce481 00000000ffffffff 00000000ffffffff
[   22.381514][    C0] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   22.381852][    C0] page dumped because: kasan: bad access detected
[   22.382336][    C0] 
[   22.382432][    C0] Memory state around the buggy address:
[   22.382617][    C0]  ffff88800f391f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.383023][    C0]  ffff88800f391f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.383301][    C0] >ffff88800f392000: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   22.383703][    C0]                                            ^
[   22.383937][    C0]  ffff88800f392080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc
[   22.384456][    C0]  ffff88800f392100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.384734][    C0] ==================================================================
[   22.385138][    C0] Disabling lock debugging due to kernel taint
[   22.385378][    C0] Oops: general protection fault, probably for non-canonical address 0xe05c7c35c0000008: 0000 [#1] SMP KASAN
[   22.385784][    C0] KASAN: maybe wild-memory-access in range [0x02e401ae00000040-0x02e401ae00000047]
[   22.386211][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G    B               6.18.0-virtme #1 PREEMPT(full) 
[   22.386574][    C0] Tainted: [B]=BAD_PAGE
[   22.386830][    C0] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   22.387056][    C0] RIP: 0010:dst_dev_put+0xa0/0x280
[   22.387244][    C0] Code: fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 9c 01 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b 6d 08 48 8d 7d 38 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 6f 01 00 00 48 8b 45 38 48 85 c0 74 08 4c 89 e6
[   22.388012][    C0] RSP: 0018:ffffc90000007d48 EFLAGS: 00010203
[   22.388240][    C0] RAX: dffffc0000000000 RBX: dffffc0000000000 RCX: ffffffffb648b428
[   22.388630][    C0] RDX: 005c8035c0000008 RSI: 0000000000000008 RDI: 02e401ae00000044
[   22.388905][    C0] RBP: 02e401ae0000000c R08: 0000000000000001 R09: fffffbfff72ea8c4
[   22.389176][    C0] R10: ffffffffb9754627 R11: ffffc90000007800 R12: ffff88800c03d118
[   22.389564][    C0] R13: ffff88800f392040 R14: 0000000000000000 R15: ffff88800f392040
[   22.389836][    C0] FS:  0000000000000000(0000) GS:ffff8880b3918000(0000) knlGS:0000000000000000
[   22.390272][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   22.390501][    C0] CR2: 00007fe7562a4000 CR3: 0000000013145001 CR4: 0000000000772ef0
[   22.390774][    C0] PKRU: 55555554
[   22.391027][    C0] Call Trace:
[   22.391165][    C0]  <IRQ>
[   22.391257][    C0]  rt_fibinfo_free_cpus.part.0+0xd2/0x170
[   22.391445][    C0]  fib_nh_common_release+0xe6/0x2d0
[   22.391627][    C0]  free_fib_info_rcu+0x14c/0x380
[   22.391926][    C0]  ? nexthop_mpath_fill_node.constprop.0+0x2b0/0x2b0
[   22.392158][    C0]  rcu_do_batch+0x27e/0x1120
[   22.392342][    C0]  ? trace_rcu_batch_end+0x270/0x270
[   22.392524][    C0]  ? _raw_spin_unlock_irqrestore+0x59/0x70
[   22.392866][    C0]  ? lockdep_hardirqs_on+0x7c/0x100
[   22.393049][    C0]  ? _raw_spin_unlock_irqrestore+0x46/0x70
[   22.393275][    C0]  rcu_core+0x2bb/0x520
[   22.393417][    C0]  handle_softirqs+0x1c0/0x820
[   22.393599][    C0]  __irq_exit_rcu+0x6c/0xe0
[   22.393780][    C0]  irq_exit_rcu+0xe/0x30
[   22.393917][    C0]  sysvec_apic_timer_interrupt+0xa8/0xc0
[   22.394098][    C0]  </IRQ>
[   22.394307][    C0]  <TASK>
[   22.394397][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   22.394619][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x10
[   22.394808][    C0] Code: 48 8b 3d 34 31 90 02 e8 1f 00 00 00 48 2b 05 28 07 a9 00 c3 0f 1f 80 00 00 00 00 f3 0f 1e fa eb 07 0f 00 2d d3 d6 28 00 fb f4 <c3> 0f 1f 40 d6 41 54 55 53 48 89 fb 48 83 ec 10 8b 17 83 e2 fe 41
[   22.395570][    C0] RSP: 0018:ffffffffb8007de8 EFLAGS: 00000202
[   22.395802][    C0] RAX: 000000000008f05d RBX: 1ffffffff7000fc1 RCX: ffffffffb6e0a255
[   22.396188][    C0] RDX: 0000000000000000 RSI: ffffffffb77fa925 RDI: ffffffffb726a600
[   22.396461][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100da0631a
[   22.396849][    C0] R10: ffff88806d0318d3 R11: ffffffffb8032e50 R12: 0000000000000000
[   22.397236][    C0] R13: ffffffffb8032400 R14: dffffc0000000000 R15: 0000000000014770
[   22.397507][    C0]  ? ct_kernel_exit.constprop.0+0x105/0x150
[   22.397861][    C0]  default_idle+0x9/0x10
[   22.397997][    C0]  default_idle_call+0x6c/0xa0
[   22.398179][    C0]  cpuidle_idle_call+0x23b/0x380
[   22.398475][    C0]  ? arch_cpu_idle_exit+0x40/0x40
[   22.398773][    C0]  ? tsc_verify_tsc_adjust+0x94/0x310
[   22.398954][    C0]  do_idle+0xe1/0x140
[   22.399207][    C0]  cpu_startup_entry+0x54/0x60
[   22.399387][    C0]  rest_init+0x14b/0x260
[   22.399527][    C0]  start_kernel+0x348/0x3f0
[   22.399709][    C0]  x86_64_start_reservations+0x18/0x30
[   22.399890][    C0]  x86_64_start_kernel+0xf8/0x150
[   22.400072][    C0]  common_startup_64+0x13e/0x148
[   22.400259][    C0]  </TASK>
[   22.400510][    C0] Modules linked in: vxlan act_gact cls_flower sch_ingress
[   22.400797][    C0] ---[ end trace 0000000000000000 ]---
[   22.400982][    C0] RIP: 0010:dst_dev_put+0xa0/0x280
[   22.401171][    C0] Code: fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 9c 01 00 00 48 b8 00 00 00 00 00 fc ff df 49 8b 6d 08 48 8d 7d 38 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 6f 01 00 00 48 8b 45 38 48 85 c0 74 08 4c 89 e6
[   22.401813][    C0] RSP: 0018:ffffc90000007d48 EFLAGS: 00010203
[   22.402269][    C0] RAX: dffffc0000000000 RBX: dffffc0000000000 RCX: ffffffffb648b428
[   22.402548][    C0] RDX: 005c8035c0000008 RSI: 0000000000000008 RDI: 02e401ae00000044
[   22.402818][    C0] RBP: 02e401ae0000000c R08: 0000000000000001 R09: fffffbfff72ea8c4
[   22.403202][    C0] R10: ffffffffb9754627 R11: ffffc90000007800 R12: ffff88800c03d118
[   22.403587][    C0] R13: ffff88800f392040 R14: 0000000000000000 R15: ffff88800f392040
[   22.403977][    C0] FS:  0000000000000000(0000) GS:ffff8880b3918000(0000) knlGS:0000000000000000
[   22.404291][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   22.404523][    C0] CR2: 00007fe7562a4000 CR3: 0000000013145001 CR4: 0000000000772ef0
[   22.404911][    C0] PKRU: 55555554
[   22.405046][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[   22.405382][    C0] Kernel Offset: 0x33400000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[   22.405921][    C0] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

WAIT TIMEOUT stderr

Ctrl-C stderr

Ctrl-C stderr

WAIT TIMEOUT stderr