[  169.603831][ T3489] IPv6: Can't replace route, no match found
[  172.464829][ T3559] IPv6: Can't replace route, no match found
[  225.663882][ T4473] Mirror/redirect action on
[  322.769671][ T5094] ip (5094) used greatest stack depth: 23456 bytes left
[  323.379257][ T5100] veth2: entered promiscuous mode
[  323.418940][ T5100] veth2: left promiscuous mode
[  353.580316][ T5251] ==================================================================
[  353.580588][ T5251] BUG: KASAN: use-after-free in page_pool_item_uninit+0x100/0x130
[  353.580823][ T5251] Read of size 8 at addr ffff88800590c008 by task ip/5251
[  353.581012][ T5251] 
[  353.581105][ T5251] CPU: 3 UID: 0 PID: 5251 Comm: ip Not tainted 6.13.0-rc5-virtme #1
[  353.581344][ T5251] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[  353.581540][ T5251] Call Trace:
[  353.581659][ T5251]  <TASK>
[  353.581740][ T5251]  dump_stack_lvl+0x82/0xd0
[  353.581899][ T5251]  print_address_description.constprop.0+0x2c/0x3b0
[  353.582092][ T5251]  ? page_pool_item_uninit+0x100/0x130
[  353.582250][ T5251]  print_report+0xb4/0x270
[  353.582404][ T5251]  ? kasan_addr_to_slab+0x25/0x80
[  353.582562][ T5251]  kasan_report+0xbd/0xf0
[  353.582680][ T5251]  ? page_pool_item_uninit+0x100/0x130
[  353.582836][ T5251]  page_pool_item_uninit+0x100/0x130
[  353.582989][ T5251]  page_pool_release+0x44a/0x5b0
[  353.583143][ T5251]  ? __pfx_page_pool_release+0x10/0x10
[  353.583295][ T5251]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[  353.583491][ T5251]  page_pool_destroy+0x11e/0x560
[  353.583646][ T5251]  veth_napi_del_range+0x34d/0x580
[  353.583804][ T5251]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[  353.583994][ T5251]  veth_close+0x104/0x190
[  353.584109][ T5251]  __dev_close_many+0x1a0/0x2d0
[  353.584265][ T5251]  ? __pfx___dev_close_many+0x10/0x10
[  353.584423][ T5251]  dev_close_many+0x202/0x650
[  353.584578][ T5251]  ? __pfx_dev_close_many+0x10/0x10
[  353.584731][ T5251]  ? __mutex_trylock_common+0xfa/0x260
[  353.584890][ T5251]  ? __pfx___mutex_trylock_common+0x10/0x10
[  353.585091][ T5251]  unregister_netdevice_many_notify+0x8ed/0x1580
[  353.585287][ T5251]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  353.585475][ T5251]  ? rtnl_dellink+0x228/0xa40
[  353.585633][ T5251]  ? sock_def_readable+0x11e/0x300
[  353.585790][ T5251]  ? mutex_is_locked+0x1c/0x60
[  353.585941][ T5251]  ? rtnl_is_locked+0x15/0x20
[  353.586096][ T5251]  ? unregister_netdevice_queue+0x70/0x410
[  353.586288][ T5251]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  353.586478][ T5251]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  353.586668][ T5251]  rtnl_dellink+0x348/0xa40
[  353.586820][ T5251]  ? __pfx_rtnl_dellink+0x10/0x10
[  353.586988][ T5251]  ? find_held_lock+0x2c/0x110
[  353.587140][ T5251]  ? __lock_release+0x103/0x460
[  353.587293][ T5251]  ? rtnetlink_rcv_msg+0x6ef/0xc10
[  353.587449][ T5251]  ? __pfx___lock_release+0x10/0x10
[  353.587604][ T5251]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  353.587760][ T5251]  ? rtnetlink_rcv_msg+0x6ef/0xc10
[  353.587913][ T5251]  ? __pfx_rtnl_dellink+0x10/0x10
[  353.588064][ T5251]  rtnetlink_rcv_msg+0x712/0xc10
[  353.588218][ T5251]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  353.588369][ T5251]  ? hlock_class+0x4e/0x130
[  353.588526][ T5251]  ? mark_lock+0x38/0x3e0
[  353.588644][ T5251]  ? __lock_acquire+0xb9a/0x1680
[  353.588802][ T5251]  netlink_rcv_skb+0x130/0x360
[  353.588956][ T5251]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  353.589111][ T5251]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  353.589269][ T5251]  ? netlink_deliver_tap+0x13e/0x340
[  353.589427][ T5251]  ? netlink_deliver_tap+0xc3/0x340
[  353.589585][ T5251]  netlink_unicast+0x44b/0x710
[  353.589739][ T5251]  ? __pfx_netlink_unicast+0x10/0x10
[  353.589890][ T5251]  ? find_held_lock+0x2c/0x110
[  353.590046][ T5251]  netlink_sendmsg+0x723/0xbe0
[  353.590201][ T5251]  ? __pfx_netlink_sendmsg+0x10/0x10
[  353.590358][ T5251]  ____sys_sendmsg+0x7ac/0xa10
[  353.590512][ T5251]  ? __pfx_____sys_sendmsg+0x10/0x10
[  353.590666][ T5251]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  353.590863][ T5251]  ___sys_sendmsg+0xee/0x170
[  353.591016][ T5251]  ? __pfx____sys_sendmsg+0x10/0x10
[  353.591175][ T5251]  ? kasan_save_stack+0x34/0x50
[  353.591328][ T5251]  ? kasan_save_stack+0x24/0x50
[  353.591479][ T5251]  ? __kasan_record_aux_stack+0x8e/0xa0
[  353.591632][ T5251]  ? __call_rcu_common.constprop.0+0xa1/0x4b0
[  353.591822][ T5251]  ? __x64_sys_close+0x7c/0xd0
[  353.591982][ T5251]  ? do_syscall_64+0xc1/0x1d0
[  353.592134][ T5251]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.592324][ T5251]  ? __lock_acquire+0xb9a/0x1680
[  353.592481][ T5251]  ? find_held_lock+0x2c/0x110
[  353.592633][ T5251]  ? __lock_release+0x103/0x460
[  353.592784][ T5251]  ? __virt_addr_valid+0x22b/0x430
[  353.592938][ T5251]  ? __pfx___lock_release+0x10/0x10
[  353.593096][ T5251]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  353.593250][ T5251]  __sys_sendmsg+0x109/0x1a0
[  353.593401][ T5251]  ? __pfx___sys_sendmsg+0x10/0x10
[  353.593551][ T5251]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[  353.593745][ T5251]  do_syscall_64+0xc1/0x1d0
[  353.593895][ T5251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.594080][ T5251] RIP: 0033:0x7f774aeed9a7
[  353.594242][ T5251] Code: 0a 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b9 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[  353.594774][ T5251] RSP: 002b:00007ffd7fec9698 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  353.595004][ T5251] RAX: ffffffffffffffda RBX: 00007ffd7fec9dd0 RCX: 00007f774aeed9a7
[  353.595236][ T5251] RDX: 0000000000000000 RSI: 00007ffd7fec9700 RDI: 0000000000000005
[  353.595463][ T5251] RBP: 0000000000000001 R08: 0000000000000003 R09: 0000000000000078
[  353.595689][ T5251] R10: 00007f774adab4a8 R11: 0000000000000246 R12: 0000000000000001
[  353.595915][ T5251] R13: 00000000677c6041 R14: 0000000000498600 R15: 0000000000000000
[  353.596148][ T5251]  </TASK>
[  353.596264][ T5251] 
[  353.596341][ T5251] The buggy address belongs to the physical page:
[  353.596524][ T5251] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x590c
[  353.596789][ T5251] flags: 0x80000000000000(node=0|zone=1)
[  353.596942][ T5251] page_type: f5(slab)
[  353.597062][ T5251] raw: 0080000000000000 ffff8880010427c0 ffffea000017be10 ffffea0000308f50
[  353.597336][ T5251] raw: 0000000000000000 0000000000190019 00000001f5000000 0000000000000000
[  353.597600][ T5251] page dumped because: kasan: bad access detected
[  353.597785][ T5251] 
[  353.597860][ T5251] Memory state around the buggy address:
[  353.598008][ T5251]  ffff88800590bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  353.598231][ T5251]  ffff88800590bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  353.598449][ T5251] >ffff88800590c000: fc fc fa fb fc fc fc fc fc fc fc fc fc fc fc fc
[  353.598670][ T5251]                       ^
[  353.598782][ T5251]  ffff88800590c080: fc fc fc fc fc fc fa fb fc fc fc fc fc fc fc fc
[  353.598999][ T5251]  ffff88800590c100: fc fc fc fc fc fc fc fc fc fc fa fb fc fc fc fc
[  353.599221][ T5251] ==================================================================
[  353.599723][ T5251] Disabling lock debugging due to kernel taint
[  353.599920][ T5251] Oops: general protection fault, probably for non-canonical address 0xf99995999999999c: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  353.600281][ T5251] KASAN: maybe wild-memory-access in range [0xcccccccccccccce0-0xcccccccccccccce7]
[  353.600539][ T5251] CPU: 3 UID: 0 PID: 5251 Comm: ip Tainted: G    B              6.13.0-rc5-virtme #1
[  353.600797][ T5251] Tainted: [B]=BAD_PAGE
[  353.600909][ T5251] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[  353.601103][ T5251] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[  353.601303][ T5251] Code: 8f 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 ad 6d 63 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[  353.601827][ T5251] RSP: 0018:ffffc90001a46e18 EFLAGS: 00010a06
[  353.602013][ T5251] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffff8e89f6e3
[  353.602235][ T5251] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[  353.602459][ T5251] RBP: fffffbfff1fe4c78 R08: 0000000000000000 R09: fffffbfff23bf688
[  353.602680][ T5251] R10: ffffffff91dfb447 R11: 205d313532355420 R12: ffff88800d291e20
[  353.602903][ T5251] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[  353.603124][ T5251] FS:  00007f774ace1800(0000) GS:ffff88806d180000(0000) knlGS:0000000000000000
[  353.603384][ T5251] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  353.603571][ T5251] CR2: 00000000004e4aa8 CR3: 000000001ed8a002 CR4: 0000000000772ef0
[  353.603793][ T5251] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  353.604014][ T5251] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  353.604237][ T5251] PKRU: 55555554
[  353.604353][ T5251] Call Trace:
[  353.604465][ T5251]  <TASK>
[  353.604542][ T5251]  ? die_addr+0x41/0xa0
[  353.604658][ T5251]  ? exc_general_protection+0x14d/0x230
[  353.604809][ T5251]  ? asm_exc_general_protection+0x26/0x30
[  353.604959][ T5251]  ? page_pool_item_uninit+0x73/0x130
[  353.605109][ T5251]  ? page_pool_item_uninit+0x7a/0x130
[  353.605258][ T5251]  ? page_pool_item_uninit+0x73/0x130
[  353.605409][ T5251]  page_pool_release+0x44a/0x5b0
[  353.605558][ T5251]  ? __pfx_page_pool_release+0x10/0x10
[  353.605704][ T5251]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[  353.605898][ T5251]  page_pool_destroy+0x11e/0x560
[  353.606046][ T5251]  veth_napi_del_range+0x34d/0x580
[  353.606196][ T5251]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[  353.606386][ T5251]  veth_close+0x104/0x190
[  353.606498][ T5251]  __dev_close_many+0x1a0/0x2d0
[  353.606646][ T5251]  ? __pfx___dev_close_many+0x10/0x10
[  353.606796][ T5251]  dev_close_many+0x202/0x650
[  353.606945][ T5251]  ? __pfx_dev_close_many+0x10/0x10
[  353.607095][ T5251]  ? __mutex_trylock_common+0xfa/0x260
[  353.607242][ T5251]  ? __pfx___mutex_trylock_common+0x10/0x10
[  353.607431][ T5251]  unregister_netdevice_many_notify+0x8ed/0x1580
[  353.607618][ T5251]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  353.607802][ T5251]  ? rtnl_dellink+0x228/0xa40
[  353.607949][ T5251]  ? sock_def_readable+0x11e/0x300
[  353.608099][ T5251]  ? mutex_is_locked+0x1c/0x60
[  353.608247][ T5251]  ? rtnl_is_locked+0x15/0x20
[  353.608394][ T5251]  ? unregister_netdevice_queue+0x70/0x410
[  353.608580][ T5251]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  353.608764][ T5251]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  353.608948][ T5251]  rtnl_dellink+0x348/0xa40
[  353.609097][ T5251]  ? __pfx_rtnl_dellink+0x10/0x10
[  353.609257][ T5251]  ? find_held_lock+0x2c/0x110
[  353.609407][ T5251]  ? __lock_release+0x103/0x460
[  353.609554][ T5251]  ? rtnetlink_rcv_msg+0x6ef/0xc10
[  353.609704][ T5251]  ? __pfx___lock_release+0x10/0x10
[  353.609851][ T5251]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  353.610002][ T5251]  ? rtnetlink_rcv_msg+0x6ef/0xc10
[  353.610149][ T5251]  ? __pfx_rtnl_dellink+0x10/0x10
[  353.610295][ T5251]  rtnetlink_rcv_msg+0x712/0xc10
[  353.610444][ T5251]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  353.610593][ T5251]  ? hlock_class+0x4e/0x130
[  353.610742][ T5251]  ? mark_lock+0x38/0x3e0
[  353.610855][ T5251]  ? __lock_acquire+0xb9a/0x1680
[  353.611003][ T5251]  netlink_rcv_skb+0x130/0x360
[  353.611157][ T5251]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  353.611305][ T5251]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  353.611456][ T5251]  ? netlink_deliver_tap+0x13e/0x340
[  353.611603][ T5251]  ? netlink_deliver_tap+0xc3/0x340
[  353.611756][ T5251]  netlink_unicast+0x44b/0x710
[  353.611903][ T5251]  ? __pfx_netlink_unicast+0x10/0x10
[  353.612049][ T5251]  ? find_held_lock+0x2c/0x110
[  353.612196][ T5251]  netlink_sendmsg+0x723/0xbe0
[  353.612346][ T5251]  ? __pfx_netlink_sendmsg+0x10/0x10
[  353.612495][ T5251]  ____sys_sendmsg+0x7ac/0xa10
[  353.612643][ T5251]  ? __pfx_____sys_sendmsg+0x10/0x10
[  353.612789][ T5251]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  353.612979][ T5251]  ___sys_sendmsg+0xee/0x170
[  353.613126][ T5251]  ? __pfx____sys_sendmsg+0x10/0x10
[  353.613274][ T5251]  ? kasan_save_stack+0x34/0x50
[  353.613421][ T5251]  ? kasan_save_stack+0x24/0x50
[  353.613570][ T5251]  ? __kasan_record_aux_stack+0x8e/0xa0
[  353.613721][ T5251]  ? __call_rcu_common.constprop.0+0xa1/0x4b0
[  353.613985][ T5251]  ? __x64_sys_close+0x7c/0xd0
[  353.614136][ T5251]  ? do_syscall_64+0xc1/0x1d0
[  353.614284][ T5251]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.614543][ T5251]  ? __lock_acquire+0xb9a/0x1680
[  353.614692][ T5251]  ? find_held_lock+0x2c/0x110
[  353.614840][ T5251]  ? __lock_release+0x103/0x460
[  353.614995][ T5251]  ? __virt_addr_valid+0x22b/0x430
[  353.615221][ T5251]  ? __pfx___lock_release+0x10/0x10
[  353.615371][ T5251]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  353.615521][ T5251]  __sys_sendmsg+0x109/0x1a0
[  353.615667][ T5251]  ? __pfx___sys_sendmsg+0x10/0x10
[  353.615890][ T5251]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[  353.616076][ T5251]  do_syscall_64+0xc1/0x1d0
[  353.616224][ T5251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.616408][ T5251] RIP: 0033:0x7f774aeed9a7
[  353.616646][ T5251] Code: 0a 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b9 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[  353.617245][ T5251] RSP: 002b:00007ffd7fec9698 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  353.617467][ T5251] RAX: ffffffffffffffda RBX: 00007ffd7fec9dd0 RCX: 00007f774aeed9a7
[  353.617693][ T5251] RDX: 0000000000000000 RSI: 00007ffd7fec9700 RDI: 0000000000000005
[  353.617995][ T5251] RBP: 0000000000000001 R08: 0000000000000003 R09: 0000000000000078
[  353.618215][ T5251] R10: 00007f774adab4a8 R11: 0000000000000246 R12: 0000000000000001
[  353.618436][ T5251] R13: 00000000677c6041 R14: 0000000000498600 R15: 0000000000000000
[  353.618744][ T5251]  </TASK>
[  353.618856][ T5251] Modules linked in: xt_mark nft_compat nf_tables sch_ingress act_mirred cls_basic sch_fq_codel unix_diag vxlan dccp_ipv6 dccp_ipv4 dccp sctp libcrc32c bonding sch_fq [last unloaded: test_blackhole_dev]
[  353.619512][ T5251] ---[ end trace 0000000000000000 ]---
[  353.619661][ T5251] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[  353.619854][ T5251] Code: 8f 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 ad 6d 63 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[  353.620456][ T5251] RSP: 0018:ffffc90001a46e18 EFLAGS: 00010a06
[  353.620719][ T5251] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffff8e89f6e3
[  353.620938][ T5251] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[  353.621172][ T5251] RBP: fffffbfff1fe4c78 R08: 0000000000000000 R09: fffffbfff23bf688
[  353.621470][ T5251] R10: ffffffff91dfb447 R11: 205d313532355420 R12: ffff88800d291e20
[  353.621686][ T5251] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[  353.621982][ T5251] FS:  00007f774ace1800(0000) GS:ffff88806d180000(0000) knlGS:0000000000000000
[  353.622248][ T5251] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  353.622433][ T5251] CR2: 00000000004e4aa8 CR3: 000000001ed8a002 CR4: 0000000000772ef0
[  353.622732][ T5251] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  353.622949][ T5251] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  353.623180][ T5251] PKRU: 55555554
[  353.623369][ T5251] Kernel panic - not syncing: Fatal exception
[  353.623676][ T5251] Kernel Offset: 0xb200000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[  353.624013][ T5251] ---[ end Kernel panic - not syncing: Fatal exception ]---

WAIT TIMEOUT stderr

Ctrl-C stderr

Ctrl-C stderr

WAIT TIMEOUT stderr