[ 1258.505097][ C2] ==================================================================
[ 1258.505360][ C2] BUG: KASAN: null-ptr-deref in sock_def_write_space_wfree+0x210/0x360
[ 1258.505593][ C2] Read of size 8 at addr 0000000000000008 by task fq_band_pktlimi/10243
[ 1258.505812][ C2]
[ 1258.505898][ C2] CPU: 2 PID: 10243 Comm: fq_band_pktlimi Not tainted 6.9.0-rc2-virtme #1
[ 1258.506122][ C2] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
[ 1258.506458][ C2] Call Trace:
[ 1258.506579][ C2]
[ 1258.506657][ C2] dump_stack_lvl+0x82/0xd0
[ 1258.506814][ C2] kasan_report+0xbd/0xf0
[ 1258.506933][ C2] ? sock_def_write_space_wfree+0x210/0x360
[ 1258.507121][ C2] kasan_check_range+0x39/0x1c0
[ 1258.507272][ C2] sock_def_write_space_wfree+0x210/0x360
[ 1258.507422][ C2] sock_wfree+0x25f/0x3e0
[ 1258.507534][ C2] skb_release_head_state+0x7a/0x1e0
[ 1258.507690][ C2] consume_skb+0x76/0x110
[ 1258.507801][ C2] dummy_xmit+0x106/0x170
[ 1258.507914][ C2] ? trace_net_dev_start_xmit+0xff/0x170
[ 1258.508061][ C2] dev_hard_start_xmit+0x10e/0x360
[ 1258.508212][ C2] sch_direct_xmit+0x203/0x11c0
[ 1258.508366][ C2] ? __pfx_sch_direct_xmit+0x10/0x10
[ 1258.508517][ C2] __qdisc_run+0x1cd/0x3d0
[ 1258.508664][ C2] ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1258.508817][ C2] ? __pfx___qdisc_run+0x10/0x10
[ 1258.508964][ C2] ? do_raw_spin_lock+0x131/0x270
[ 1258.509110][ C2] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1258.509256][ C2] ? lock_acquire+0x32/0xc0
[ 1258.509403][ C2] ? net_tx_action+0x3a5/0x680
[ 1258.509550][ C2] net_tx_action+0x3f6/0x680
[ 1258.509698][ C2] __do_softirq+0x1f8/0x5df
[ 1258.509847][ C2] irq_exit_rcu+0x97/0xc0
[ 1258.509959][ C2] sysvec_apic_timer_interrupt+0x75/0x80
[ 1258.510110][ C2]
[ 1258.510188][ C2]
[ 1258.510264][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1258.510448][ C2] RIP: 0010:stack_depot_save_flags+0xa7/0x530
[ 1258.510638][ C2] Code: 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 44 89 f2 48 8d 04 12 89 c6 8d 3c 85 7b 71 f5 75 83 f8 03 0f 86 1c 03 00 00 <41> 89 fc 89 f8 48 89 e9 44 8b 01 44 03 61 08 83 ee 03 48 83 c1 0c
[ 1258.511177][ C2] RSP: 0018:ffffc90000bdf7b0 EFLAGS: 00000202
[ 1258.511374][ C2] RAX: 0000000000000016 RBX: 0000000000002800 RCX: 0000000000000001
[ 1258.511594][ C2] RDX: 000000000000000b RSI: 0000000000000016 RDI: 0000000075f571d3
[ 1258.511813][ C2] RBP: ffffc90000bdf810 R08: ffffffffb6bc8d4c R09: fffffbfff75b2bea
[ 1258.512030][ C2] R10: ffffffffbad95f57 R11: ffffc90000bdf719 R12: 0000000000000000
[ 1258.512249][ C2] R13: 0000000000000000 R14: 000000000000000b R15: 0000000000000001
[ 1258.512473][ C2] ? is_bpf_text_address+0x6c/0x120
[ 1258.512625][ C2] set_track_prepare+0x40/0x70
[ 1258.512773][ C2] ? kasan_quarantine_reduce+0x192/0x1e0
[ 1258.512920][ C2] ? __kasan_slab_alloc+0x49/0x70
[ 1258.513067][ C2] ? kmem_cache_alloc+0xef/0x270
[ 1258.513214][ C2] ? anon_vma_fork+0xc8/0x430
[ 1258.513362][ C2] ? dup_mmap+0xe84/0x1820
[ 1258.513516][ C2] ? copy_mm+0x267/0x5c0
[ 1258.513626][ C2] ? copy_process+0x1ab2/0x51d0
[ 1258.513774][ C2] ? kernel_clone+0xc2/0x510
[ 1258.513921][ C2] ? __do_sys_clone+0xa1/0xe0
[ 1258.514069][ C2] ? do_syscall_64+0xc6/0x1e0
[ 1258.514215][ C2] ? entry_SYSCALL_64_after_hwframe+0x72/0x7a
[ 1258.514397][ C2] ? mark_held_locks+0x9e/0xe0
[ 1258.514544][ C2] free_to_partial_list+0x1db/0x340
[ 1258.514692][ C2] ? qlist_free_all+0x47/0x140
[ 1258.514843][ C2] qlist_free_all+0x4c/0x140
[ 1258.514990][ C2] kasan_quarantine_reduce+0x192/0x1e0
[ 1258.515137][ C2] __kasan_slab_alloc+0x49/0x70
[ 1258.515284][ C2] kmem_cache_alloc+0xef/0x270
[ 1258.515433][ C2] anon_vma_fork+0xc8/0x430
[ 1258.515581][ C2] ? __init_rwsem+0x132/0x1b0
[ 1258.515730][ C2] dup_mmap+0xe84/0x1820
[ 1258.515843][ C2] ? __pfx_dup_mmap+0x10/0x10
[ 1258.515995][ C2] ? mm_init.isra.0+0x889/0xd20
[ 1258.516145][ C2] ? __raw_spin_lock_init+0x3f/0x110
[ 1258.516293][ C2] copy_mm+0x267/0x5c0
[ 1258.516403][ C2] copy_process+0x1ab2/0x51d0
[ 1258.516552][ C2] ? hlock_class+0x4e/0x130
[ 1258.516700][ C2] ? __pfx_copy_process+0x10/0x10
[ 1258.516851][ C2] ? call_rcu_zapped+0x51/0xc0
[ 1258.517000][ C2] kernel_clone+0xc2/0x510
[ 1258.517146][ C2] ? find_held_lock+0x2c/0x110
[ 1258.517298][ C2] ? __pfx_kernel_clone+0x10/0x10
[ 1258.517452][ C2] ? __lock_release+0x103/0x460
[ 1258.517600][ C2] ? __might_fault+0x11b/0x170
[ 1258.517749][ C2] ? __pfx___lock_release+0x10/0x10
[ 1258.517896][ C2] ? trace_lock_acquire+0x135/0x1c0
[ 1258.518041][ C2] ? lockdep_hardirqs_on_prepare.part.0+0x1af/0x370
[ 1258.518224][ C2] ? __might_fault+0xc3/0x170
[ 1258.518371][ C2] ? lock_acquire+0x32/0xc0
[ 1258.518519][ C2] ? __might_fault+0xc3/0x170
[ 1258.518670][ C2] __do_sys_clone+0xa1/0xe0
[ 1258.518815][ C2] ? __pfx___do_sys_clone+0x10/0x10
[ 1258.518965][ C2] ? lockdep_hardirqs_on_prepare.part.0+0x1af/0x370
[ 1258.519148][ C2] do_syscall_64+0xc6/0x1e0
[ 1258.519294][ C2] entry_SYSCALL_64_after_hwframe+0x72/0x7a
[ 1258.519474][ C2] RIP: 0033:0x7f9d21f0fa17
[ 1258.519625][ C2] Code: 00 00 00 f3 0f 1e fa 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 39 41 89 c0 85 c0 75 2a 64 48 8b 04 25 10 00
[ 1258.520142][ C2] RSP: 002b:00007ffd37e87cf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1258.520364][ C2] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f9d21f0fa17
[ 1258.520582][ C2] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1258.520805][ C2] RBP: 0000000000000000 R08: 0000000000000000 R09: 0027746e6553205c
[ 1258.521035][ C2] R10: 00007f9d21df4a10 R11: 0000000000000246 R12: 0000000000000000
[ 1258.521253][ C2] R13: 00007ffd37e87e30 R14: 00005647c6009f27 R15: 00005647fab4eba0
[ 1258.521473][ C2]
[ 1258.521585][ C2] ==================================================================
[ 1258.521830][ C2] Disabling lock debugging due to kernel taint
[ 1258.522054][ C2] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI
[ 1258.522374][ C2] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[ 1258.522587][ C2] CPU: 2 PID: 10243 Comm: fq_band_pktlimi Tainted: G B 6.9.0-rc2-virtme #1
[ 1258.522875][ C2] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
[ 1258.523196][ C2] RIP: 0010:sock_def_write_space_wfree+0x221/0x360
[ 1258.523383][ C2] Code: 00 4c 8b bb a0 01 00 00 be 08 00 00 00 4d 8d 77 08 4c 89 f7 e8 e0 0e 8b fe 4c 89 f2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 fe 00 00 00 49 8b 47 08 a8 04 0f 85 dc fe ff ff
[ 1258.523905][ C2] RSP: 0018:ffffc90000230c30 EFLAGS: 00010202
[ 1258.524099][ C2] RAX: dffffc0000000000 RBX: ffff888012617740 RCX: ffffffffb679564a
[ 1258.524320][ C2] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffffffbbcfda00
[ 1258.524536][ C2] RBP: ffff8880126177a0 R08: 0000000000000001 R09: fffffbfff779fb40
[ 1258.524753][ C2] R10: ffffffffbbcfda07 R11: 205d324320202020 R12: 0000000000000000
[ 1258.524967][ C2] R13: ffff8880126178c0 R14: 0000000000000008 R15: 0000000000000000
[ 1258.525188][ C2] FS: 00007f9d21df4740(0000) GS:ffff888036100000(0000) knlGS:0000000000000000
[ 1258.525444][ C2] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1258.525628][ C2] CR2: 00005647c6036054 CR3: 0000000005f08004 CR4: 0000000000770ef0
[ 1258.525842][ C2] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1258.526058][ C2] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1258.526275][ C2] PKRU: 55555554
[ 1258.526385][ C2] Call Trace:
[ 1258.526496][ C2]
[ 1258.526573][ C2] ? die_addr+0x41/0xa0
[ 1258.526685][ C2] ? exc_general_protection+0x149/0x220
[ 1258.526834][ C2] ? asm_exc_general_protection+0x26/0x30
[ 1258.526980][ C2] ? add_taint+0x2a/0x90
[ 1258.527092][ C2] ? sock_def_write_space_wfree+0x221/0x360
[ 1258.527272][ C2] sock_wfree+0x25f/0x3e0
[ 1258.527388][ C2] skb_release_head_state+0x7a/0x1e0
[ 1258.527533][ C2] consume_skb+0x76/0x110
[ 1258.527642][ C2] dummy_xmit+0x106/0x170
[ 1258.527751][ C2] ? trace_net_dev_start_xmit+0xff/0x170
[ 1258.527896][ C2] dev_hard_start_xmit+0x10e/0x360
[ 1258.528041][ C2] sch_direct_xmit+0x203/0x11c0
[ 1258.528188][ C2] ? __pfx_sch_direct_xmit+0x10/0x10
[ 1258.528333][ C2] __qdisc_run+0x1cd/0x3d0
[ 1258.528483][ C2] ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1258.528628][ C2] ? __pfx___qdisc_run+0x10/0x10
[ 1258.528772][ C2] ? do_raw_spin_lock+0x131/0x270
[ 1258.528917][ C2] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1258.529062][ C2] ? lock_acquire+0x32/0xc0
[ 1258.529205][ C2] ? net_tx_action+0x3a5/0x680
[ 1258.529350][ C2] net_tx_action+0x3f6/0x680
[ 1258.529494][ C2] __do_softirq+0x1f8/0x5df
[ 1258.529640][ C2] irq_exit_rcu+0x97/0xc0
[ 1258.529755][ C2] sysvec_apic_timer_interrupt+0x75/0x80
[ 1258.529901][ C2]
[ 1258.529976][ C2]
[ 1258.530050][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1258.530230][ C2] RIP: 0010:stack_depot_save_flags+0xa7/0x530
[ 1258.530422][ C2] Code: 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 44 89 f2 48 8d 04 12 89 c6 8d 3c 85 7b 71 f5 75 83 f8 03 0f 86 1c 03 00 00 <41> 89 fc 89 f8 48 89 e9 44 8b 01 44 03 61 08 83 ee 03 48 83 c1 0c
[ 1258.530941][ C2] RSP: 0018:ffffc90000bdf7b0 EFLAGS: 00000202
[ 1258.531123][ C2] RAX: 0000000000000016 RBX: 0000000000002800 RCX: 0000000000000001
[ 1258.531337][ C2] RDX: 000000000000000b RSI: 0000000000000016 RDI: 0000000075f571d3
[ 1258.531552][ C2] RBP: ffffc90000bdf810 R08: ffffffffb6bc8d4c R09: fffffbfff75b2bea
[ 1258.531766][ C2] R10: ffffffffbad95f57 R11: ffffc90000bdf719 R12: 0000000000000000
[ 1258.531983][ C2] R13: 0000000000000000 R14: 000000000000000b R15: 0000000000000001
[ 1258.532291][ C2] ? is_bpf_text_address+0x6c/0x120
[ 1258.532438][ C2] set_track_prepare+0x40/0x70
[ 1258.532581][ C2] ? kasan_quarantine_reduce+0x192/0x1e0
[ 1258.532725][ C2] ? __kasan_slab_alloc+0x49/0x70
[ 1258.532871][ C2] ? kmem_cache_alloc+0xef/0x270
[ 1258.533110][ C2] ? anon_vma_fork+0xc8/0x430
[ 1258.533260][ C2] ? dup_mmap+0xe84/0x1820
[ 1258.533403][ C2] ? copy_mm+0x267/0x5c0
[ 1258.533510][ C2] ? copy_process+0x1ab2/0x51d0
[ 1258.533652][ C2] ? kernel_clone+0xc2/0x510
[ 1258.533796][ C2] ? __do_sys_clone+0xa1/0xe0
[ 1258.533939][ C2] ? do_syscall_64+0xc6/0x1e0
[ 1258.534084][ C2] ? entry_SYSCALL_64_after_hwframe+0x72/0x7a
[ 1258.534266][ C2] ? mark_held_locks+0x9e/0xe0
[ 1258.534410][ C2] free_to_partial_list+0x1db/0x340
[ 1258.534556][ C2] ? qlist_free_all+0x47/0x140
[ 1258.534701][ C2] qlist_free_all+0x4c/0x140
[ 1258.534952][ C2] kasan_quarantine_reduce+0x192/0x1e0
[ 1258.535095][ C2] __kasan_slab_alloc+0x49/0x70
[ 1258.535239][ C2] kmem_cache_alloc+0xef/0x270
[ 1258.535383][ C2] anon_vma_fork+0xc8/0x430
[ 1258.535527][ C2] ? __init_rwsem+0x132/0x1b0
[ 1258.535673][ C2] dup_mmap+0xe84/0x1820
[ 1258.535785][ C2] ? __pfx_dup_mmap+0x10/0x10
[ 1258.535929][ C2] ? mm_init.isra.0+0x889/0xd20
[ 1258.536076][ C2] ? __raw_spin_lock_init+0x3f/0x110
[ 1258.536219][ C2] copy_mm+0x267/0x5c0
[ 1258.536327][ C2] copy_process+0x1ab2/0x51d0
[ 1258.536472][ C2] ? hlock_class+0x4e/0x130
[ 1258.536621][ C2] ? __pfx_copy_process+0x10/0x10
[ 1258.536769][ C2] ? call_rcu_zapped+0x51/0xc0
[ 1258.536913][ C2] kernel_clone+0xc2/0x510
[ 1258.537058][ C2] ? find_held_lock+0x2c/0x110
[ 1258.537202][ C2] ? __pfx_kernel_clone+0x10/0x10
[ 1258.537344][ C2] ? __lock_release+0x103/0x460
[ 1258.537573][ C2] ? __might_fault+0x11b/0x170
[ 1258.537717][ C2] ? __pfx___lock_release+0x10/0x10
[ 1258.537860][ C2] ? trace_lock_acquire+0x135/0x1c0
[ 1258.538003][ C2] ? lockdep_hardirqs_on_prepare.part.0+0x1af/0x370
[ 1258.538267][ C2] ? __might_fault+0xc3/0x170
[ 1258.538414][ C2] ? lock_acquire+0x32/0xc0
[ 1258.538556][ C2] ? __might_fault+0xc3/0x170
[ 1258.538699][ C2] __do_sys_clone+0xa1/0xe0
[ 1258.538940][ C2] ? __pfx___do_sys_clone+0x10/0x10
[ 1258.539086][ C2] ? lockdep_hardirqs_on_prepare.part.0+0x1af/0x370
[ 1258.539266][ C2] do_syscall_64+0xc6/0x1e0
[ 1258.539411][ C2] entry_SYSCALL_64_after_hwframe+0x72/0x7a
[ 1258.539588][ C2] RIP: 0033:0x7f9d21f0fa17
[ 1258.539738][ C2] Code: 00 00 00 f3 0f 1e fa 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 39 41 89 c0 85 c0 75 2a 64 48 8b 04 25 10 00
[ 1258.540244][ C2] RSP: 002b:00007ffd37e87cf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1258.540460][ C2] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f9d21f0fa17
[ 1258.540671][ C2] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1258.540987][ C2] RBP: 0000000000000000 R08: 0000000000000000 R09: 0027746e6553205c
[ 1258.541199][ C2] R10: 00007f9d21df4a10 R11: 0000000000000246 R12: 0000000000000000
[ 1258.541409][ C2] R13: 00007ffd37e87e30 R14: 00005647c6009f27 R15: 00005647fab4eba0
[ 1258.541713][ C2]
[ 1258.541821][ C2] Modules linked in: dccp_ipv6 dccp_ipv4 dccp act_mirred cls_matchall ip6_gre gre sch_fq xt_HL amt xt_conntrack sctp_diag sctp nft_chain_nat xt_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nft_compat nf_tables libcrc32c poly1305_generic libpoly1305 chacha_generic libchacha chacha20poly1305 tls act_gact cls_flower sch_ingress vxlan
[ 1258.542797][ C2] ---[ end trace 0000000000000000 ]---
[ 1258.543066][ C2] RIP: 0010:sock_def_write_space_wfree+0x221/0x360
[ 1258.543270][ C2] Code: 00 4c 8b bb a0 01 00 00 be 08 00 00 00 4d 8d 77 08 4c 89 f7 e8 e0 0e 8b fe 4c 89 f2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 fe 00 00 00 49 8b 47 08 a8 04 0f 85 dc fe ff ff
[ 1258.543791][ C2] RSP: 0018:ffffc90000230c30 EFLAGS: 00010202
[ 1258.543977][ C2] RAX: dffffc0000000000 RBX: ffff888012617740 RCX: ffffffffb679564a
[ 1258.544287][ C2] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffffffffbbcfda00
[ 1258.544596][ C2] RBP: ffff8880126177a0 R08: 0000000000000001 R09: fffffbfff779fb40
[ 1258.544906][ C2] R10: ffffffffbbcfda07 R11: 205d324320202020 R12: 0000000000000000
[ 1258.545307][ C2] R13: ffff8880126178c0 R14: 0000000000000008 R15: 0000000000000000
[ 1258.545523][ C2] FS: 00007f9d21df4740(0000) GS:ffff888036100000(0000) knlGS:0000000000000000
[ 1258.545778][ C2] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1258.545971][ C2] CR2: 00005647c6036054 CR3: 0000000005f08004 CR4: 0000000000770ef0
[ 1258.546277][ C2] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1258.546494][ C2] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1258.546734][ C2] PKRU: 55555554
[ 1258.546851][ C2] Kernel panic - not syncing: Fatal exception in interrupt
[ 1258.547298][ C2] Kernel Offset: 0x35400000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[ 1258.547724][ C2] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
WAIT TIMEOUT stderr
Ctrl-C stderr
Ctrl-C stderr
WAIT TIMEOUT stderr