[   10.600393][  T259] ip (259) used greatest stack depth: 24432 bytes left
[   16.623481][   T65] ==================================================================
[   16.623746][   T65] BUG: KASAN: use-after-free in page_pool_item_uninit+0x100/0x130
[   16.623980][   T65] Read of size 8 at addr ffff88800aec4008 by task kworker/u16:1/65
[   16.624199][   T65] 
[   16.624279][   T65] CPU: 1 UID: 0 PID: 65 Comm: kworker/u16:1 Not tainted 6.13.0-rc5-virtme #1
[   16.624550][   T65] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   16.624739][   T65] Workqueue: netns cleanup_net
[   16.624904][   T65] Call Trace:
[   16.625020][   T65]  <TASK>
[   16.625105][   T65]  dump_stack_lvl+0x82/0xd0
[   16.625268][   T65]  print_address_description.constprop.0+0x2c/0x3b0
[   16.625471][   T65]  ? page_pool_item_uninit+0x100/0x130
[   16.625632][   T65]  print_report+0xb4/0x270
[   16.625792][   T65]  ? kasan_addr_to_slab+0x25/0x80
[   16.625945][   T65]  kasan_report+0xbd/0xf0
[   16.626061][   T65]  ? page_pool_item_uninit+0x100/0x130
[   16.626222][   T65]  page_pool_item_uninit+0x100/0x130
[   16.626376][   T65]  page_pool_release+0x44a/0x5b0
[   16.626530][   T65]  ? __pfx_page_pool_release+0x10/0x10
[   16.626678][   T65]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   16.626873][   T65]  page_pool_destroy+0x11e/0x560
[   16.627023][   T65]  veth_napi_del_range+0x34d/0x580
[   16.627181][   T65]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   16.627374][   T65]  veth_close+0x104/0x190
[   16.627490][   T65]  __dev_close_many+0x1a0/0x2d0
[   16.627641][   T65]  ? __pfx___dev_close_many+0x10/0x10
[   16.627800][   T65]  dev_close_many+0x202/0x650
[   16.627955][   T65]  ? fou_exit_net+0x2f/0xf0
[   16.628108][   T65]  ? __pfx_dev_close_many+0x10/0x10
[   16.628262][   T65]  ? __mutex_trylock_common+0xfa/0x260
[   16.628407][   T65]  ? __pfx___mutex_trylock_common+0x10/0x10
[   16.628592][   T65]  unregister_netdevice_many_notify+0x8ed/0x1580
[   16.628796][   T65]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[   16.628981][   T65]  ? default_device_exit_batch+0x81/0x2e0
[   16.629129][   T65]  ? mutex_is_locked+0x1c/0x60
[   16.629286][   T65]  ? rtnl_is_locked+0x15/0x20
[   16.629435][   T65]  ? unregister_netdevice_queue+0x70/0x410
[   16.629626][   T65]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   16.629814][   T65]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   16.630006][   T65]  default_device_exit_batch+0x241/0x2e0
[   16.630156][   T65]  ? __pfx_default_device_exit_batch+0x10/0x10
[   16.630340][   T65]  ? ops_exit_list+0xb4/0x170
[   16.630494][   T65]  cleanup_net+0x4ef/0xba0
[   16.630646][   T65]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   16.630801][   T65]  ? __pfx_cleanup_net+0x10/0x10
[   16.630951][   T65]  ? trace_lock_acquire+0x14c/0x1f0
[   16.631102][   T65]  ? lock_acquire+0x32/0xc0
[   16.631252][   T65]  ? process_one_work+0xe0b/0x16d0
[   16.631400][   T65]  process_one_work+0xe55/0x16d0
[   16.631548][   T65]  ? __pfx___lock_release+0x10/0x10
[   16.631697][   T65]  ? __pfx_process_one_work+0x10/0x10
[   16.631847][   T65]  ? assign_work+0x16c/0x240
[   16.631993][   T65]  worker_thread+0x58c/0xce0
[   16.632141][   T65]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   16.632329][   T65]  ? __pfx_worker_thread+0x10/0x10
[   16.632557][   T65]  ? __pfx_worker_thread+0x10/0x10
[   16.632705][   T65]  kthread+0x28a/0x350
[   16.632817][   T65]  ? __pfx_kthread+0x10/0x10
[   16.632967][   T65]  ret_from_fork+0x31/0x70
[   16.633192][   T65]  ? __pfx_kthread+0x10/0x10
[   16.633337][   T65]  ret_from_fork_asm+0x1a/0x30
[   16.633491][   T65]  </TASK>
[   16.633606][   T65] 
[   16.633683][   T65] The buggy address belongs to the physical page:
[   16.633939][   T65] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xaec4
[   16.634201][   T65] flags: 0x80000000000000(node=0|zone=1)
[   16.634349][   T65] page_type: f5(slab)
[   16.634542][   T65] raw: 0080000000000000 ffff8880010427c0 ffffea0000233e10 ffffea0000126110
[   16.634805][   T65] raw: 0000000000000000 0000000000190019 00000001f5000000 0000000000000000
[   16.635060][   T65] page dumped because: kasan: bad access detected
[   16.635316][   T65] 
[   16.635392][   T65] Memory state around the buggy address:
[   16.635533][   T65]  ffff88800aec3f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[   16.635820][   T65]  ffff88800aec3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.636031][   T65] >ffff88800aec4000: fc fc fa fb fc fc fc fc fc fc fc fc fc fc fc fc
[   16.636247][   T65]                       ^
[   16.636357][   T65]  ffff88800aec4080: fc fc fc fc fc fc fa fb fc fc fc fc fc fc fc fc
[   16.636641][   T65]  ffff88800aec4100: fc fc fc fc fc fc fc fc fc fc fa fb fc fc fc fc
[   16.636852][   T65] ==================================================================
[   16.637186][   T65] Disabling lock debugging due to kernel taint
[   16.637370][   T65] Oops: general protection fault, probably for non-canonical address 0xf99995999999999c: 0000 [#1] PREEMPT SMP KASAN NOPTI
[   16.637782][   T65] KASAN: maybe wild-memory-access in range [0xcccccccccccccce0-0xcccccccccccccce7]
[   16.638035][   T65] CPU: 1 UID: 0 PID: 65 Comm: kworker/u16:1 Tainted: G    B              6.13.0-rc5-virtme #1
[   16.638308][   T65] Tainted: [B]=BAD_PAGE
[   16.638492][   T65] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   16.638677][   T65] Workqueue: netns cleanup_net
[   16.638840][   T65] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[   16.639099][   T65] Code: af 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 ad 6d 63 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[   16.639603][   T65] RSP: 0000:ffffc90000467698 EFLAGS: 00010a06
[   16.639854][   T65] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffffae29f6e3
[   16.640069][   T65] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[   16.640281][   T65] RBP: fffffbfff5f24c78 R08: 0000000000000000 R09: fffffbfff62ff688
[   16.640573][   T65] R10: ffffffffb17fb447 R11: 205d353654202020 R12: ffff888009281e20
[   16.640780][   T65] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[   16.641070][   T65] FS:  0000000000000000(0000) GS:ffff88806d080000(0000) knlGS:0000000000000000
[   16.641317][   T65] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   16.641493][   T65] CR2: 00007f80ead4f868 CR3: 000000002d53a003 CR4: 0000000000772ef0
[   16.641775][   T65] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   16.641981][   T65] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   16.642191][   T65] PKRU: 55555554
[   16.642379][   T65] Call Trace:
[   16.642483][   T65]  <TASK>
[   16.642555][   T65]  ? die_addr+0x41/0xa0
[   16.642662][   T65]  ? exc_general_protection+0x14d/0x230
[   16.642811][   T65]  ? asm_exc_general_protection+0x26/0x30
[   16.643032][   T65]  ? page_pool_item_uninit+0x73/0x130
[   16.643180][   T65]  ? page_pool_item_uninit+0x7a/0x130
[   16.643323][   T65]  ? page_pool_item_uninit+0x73/0x130
[   16.643460][   T65]  page_pool_release+0x44a/0x5b0
[   16.643607][   T65]  ? __pfx_page_pool_release+0x10/0x10
[   16.643753][   T65]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   16.643928][   T65]  page_pool_destroy+0x11e/0x560
[   16.644071][   T65]  veth_napi_del_range+0x34d/0x580
[   16.644212][   T65]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   16.644389][   T65]  veth_close+0x104/0x190
[   16.644500][   T65]  __dev_close_many+0x1a0/0x2d0
[   16.644642][   T65]  ? __pfx___dev_close_many+0x10/0x10
[   16.644856][   T65]  dev_close_many+0x202/0x650
[   16.644996][   T65]  ? fou_exit_net+0x2f/0xf0
[   16.645137][   T65]  ? __pfx_dev_close_many+0x10/0x10
[   16.645276][   T65]  ? __mutex_trylock_common+0xfa/0x260
[   16.645494][   T65]  ? __pfx___mutex_trylock_common+0x10/0x10
[   16.645667][   T65]  unregister_netdevice_many_notify+0x8ed/0x1580
[   16.645841][   T65]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[   16.646083][   T65]  ? default_device_exit_batch+0x81/0x2e0
[   16.646224][   T65]  ? mutex_is_locked+0x1c/0x60
[   16.646361][   T65]  ? rtnl_is_locked+0x15/0x20
[   16.646504][   T65]  ? unregister_netdevice_queue+0x70/0x410
[   16.646754][   T65]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   16.646924][   T65]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   16.647096][   T65]  default_device_exit_batch+0x241/0x2e0
[   16.647315][   T65]  ? __pfx_default_device_exit_batch+0x10/0x10
[   16.647493][   T65]  ? ops_exit_list+0xb4/0x170
[   16.647631][   T65]  cleanup_net+0x4ef/0xba0
[   16.647770][   T65]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   16.647982][   T65]  ? __pfx_cleanup_net+0x10/0x10
[   16.648119][   T65]  ? trace_lock_acquire+0x14c/0x1f0
[   16.648255][   T65]  ? lock_acquire+0x32/0xc0
[   16.648393][   T65]  ? process_one_work+0xe0b/0x16d0
[   16.648604][   T65]  process_one_work+0xe55/0x16d0
[   16.648747][   T65]  ? __pfx___lock_release+0x10/0x10
[   16.648890][   T65]  ? __pfx_process_one_work+0x10/0x10
[   16.649028][   T65]  ? assign_work+0x16c/0x240
[   16.649240][   T65]  worker_thread+0x58c/0xce0
[   16.649375][   T65]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   16.649543][   T65]  ? __pfx_worker_thread+0x10/0x10
[   16.649679][   T65]  ? __pfx_worker_thread+0x10/0x10
[   16.649889][   T65]  kthread+0x28a/0x350
[   16.649996][   T65]  ? __pfx_kthread+0x10/0x10
[   16.650132][   T65]  ret_from_fork+0x31/0x70
[   16.650268][   T65]  ? __pfx_kthread+0x10/0x10
[   16.650480][   T65]  ret_from_fork_asm+0x1a/0x30
[   16.650621][   T65]  </TASK>
[   16.650724][   T65] Modules linked in:
[   16.650895][   T65] ---[ end trace 0000000000000000 ]---
[   16.651033][   T65] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[   16.651212][   T65] Code: af 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 ad 6d 63 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[   16.651822][   T65] RSP: 0000:ffffc90000467698 EFLAGS: 00010a06
[   16.651995][   T65] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffffae29f6e3
[   16.652200][   T65] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[   16.652484][   T65] RBP: fffffbfff5f24c78 R08: 0000000000000000 R09: fffffbfff62ff688
[   16.652744][   T65] R10: ffffffffb17fb447 R11: 205d353654202020 R12: ffff888009281e20
[   16.652954][   T65] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[   16.653158][   T65] FS:  0000000000000000(0000) GS:ffff88806d080000(0000) knlGS:0000000000000000
[   16.653401][   T65] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   16.653698][   T65] CR2: 00007f80ead4f868 CR3: 000000002d53a003 CR4: 0000000000772ef0
[   16.653903][   T65] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   16.654107][   T65] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   16.654311][   T65] PKRU: 55555554
[   16.654416][   T65] Kernel panic - not syncing: Fatal exception
[   16.654739][   T65] Kernel Offset: 0x2ac00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[   16.655048][   T65] ---[ end Kernel panic - not syncing: Fatal exception ]---

WAIT TIMEOUT stderr

Ctrl-C stderr

Ctrl-C stderr

WAIT TIMEOUT stderr