[ 10.354285][ T260] ip (260) used greatest stack depth: 23520 bytes left
[ 22.228234][ T291] ==================================================================
[ 22.228557][ T291] BUG: KASAN: use-after-free in page_pool_item_uninit+0x100/0x130
[ 22.228767][ T291] Read of size 8 at addr ffff88800e484008 by task kworker/0:2/291
[ 22.228960][ T291]
[ 22.229035][ T291] CPU: 0 UID: 0 PID: 291 Comm: kworker/0:2 Not tainted 6.13.0-rc5-virtme #1
[ 22.229273][ T291] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 22.229442][ T291] Workqueue: events page_pool_release_retry
[ 22.229611][ T291] Call Trace:
[ 22.229713][ T291]
[ 22.229791][ T291] dump_stack_lvl+0x82/0xd0
[ 22.229927][ T291] print_address_description.constprop.0+0x2c/0x3b0
[ 22.230091][ T291] ? page_pool_item_uninit+0x100/0x130
[ 22.230234][ T291] print_report+0xb4/0x270
[ 22.230359][ T291] ? kasan_addr_to_slab+0x25/0x80
[ 22.230490][ T291] kasan_report+0xbd/0xf0
[ 22.230588][ T291] ? page_pool_item_uninit+0x100/0x130
[ 22.230717][ T291] page_pool_item_uninit+0x100/0x130
[ 22.230855][ T291] page_pool_release+0x44a/0x5b0
[ 22.230983][ T291] ? __pfx_page_pool_release+0x10/0x10
[ 22.231119][ T291] ? __pfx_lock_acquire.part.0+0x10/0x10
[ 22.231253][ T291] ? trace_lock_acquire+0x14c/0x1f0
[ 22.231390][ T291] ? trace_lock_acquire+0x14c/0x1f0
[ 22.231528][ T291] page_pool_release_retry+0x21/0x290
[ 22.231662][ T291] ? trace_workqueue_execute_start+0xe7/0x150
[ 22.231846][ T291] process_one_work+0xe55/0x16d0
[ 22.231981][ T291] ? __pfx___lock_release+0x10/0x10
[ 22.232118][ T291] ? __pfx_process_one_work+0x10/0x10
[ 22.232246][ T291] ? assign_work+0x16c/0x240
[ 22.232375][ T291] worker_thread+0x58c/0xce0
[ 22.232507][ T291] ? lockdep_hardirqs_on_prepare+0x275/0x410
[ 22.232677][ T291] ? __pfx_worker_thread+0x10/0x10
[ 22.232803][ T291] ? __pfx_worker_thread+0x10/0x10
[ 22.232942][ T291] kthread+0x28a/0x350
[ 22.233049][ T291] ? __pfx_kthread+0x10/0x10
[ 22.233177][ T291] ret_from_fork+0x31/0x70
[ 22.233305][ T291] ? __pfx_kthread+0x10/0x10
[ 22.233433][ T291] ret_from_fork_asm+0x1a/0x30
[ 22.233565][ T291]
[ 22.233663][ T291]
[ 22.233728][ T291] The buggy address belongs to the physical page:
[ 22.233882][ T291] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xe484
[ 22.234108][ T291] flags: 0x80000000000000(node=0|zone=1)
[ 22.234250][ T291] page_type: f5(slab)
[ 22.234351][ T291] raw: 0080000000000000 ffff8880010427c0 ffffea0000162810 ffffea0000377210
[ 22.234577][ T291] raw: 0000000000000000 0000000000190019 00000001f5000000 0000000000000000
[ 22.234793][ T291] page dumped because: kasan: bad access detected
[ 22.234957][ T291]
[ 22.235024][ T291] Memory state around the buggy address:
[ 22.235155][ T291] ffff88800e483f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 22.235341][ T291] ffff88800e483f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 22.235521][ T291] >ffff88800e484000: fc fc fa fb fc fc fc fc fc fc fc fc fc fc fc fc
[ 22.235704][ T291] ^
[ 22.235795][ T291] ffff88800e484080: fc fc fc fc fc fc fa fb fc fc fc fc fc fc fc fc
[ 22.235974][ T291] ffff88800e484100: fc fc fc fc fc fc fc fc fc fc fa fb fc fc fc fc
[ 22.236152][ T291] ==================================================================
[ 22.236351][ T291] Disabling lock debugging due to kernel taint
[ 22.236536][ T291] Oops: general protection fault, probably for non-canonical address 0xf99995999999999c: 0000 [#1] PREEMPT SMP KASAN NOPTI
[ 22.236835][ T291] KASAN: maybe wild-memory-access in range [0xcccccccccccccce0-0xcccccccccccccce7]
[ 22.237059][ T291] CPU: 0 UID: 0 PID: 291 Comm: kworker/0:2 Tainted: G B 6.13.0-rc5-virtme #1
[ 22.237319][ T291] Tainted: [B]=BAD_PAGE
[ 22.237420][ T291] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 22.237579][ T291] Workqueue: events page_pool_release_retry
[ 22.237752][ T291] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[ 22.237913][ T291] Code: a8 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 ad 6d 63 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[ 22.238363][ T291] RSP: 0018:ffffc90000587bc0 EFLAGS: 00010a06
[ 22.238532][ T291] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffffa749f6e3
[ 22.238721][ T291] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[ 22.238904][ T291] RBP: fffffbfff5164c78 R08: 0000000000000000 R09: fffffbfff553f688
[ 22.239103][ T291] R10: ffffffffaa9fb447 R11: 205d313932542020 R12: ffff88800509f220
[ 22.239299][ T291] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: ffffea0000377200
[ 22.239484][ T291] FS: 0000000000000000(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000
[ 22.239708][ T291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 22.239874][ T291] CR2: 0000563348403dec CR3: 000000000bac2006 CR4: 0000000000772ef0
[ 22.240061][ T291] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 22.240255][ T291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 22.240443][ T291] PKRU: 55555554
[ 22.240547][ T291] Call Trace:
[ 22.240639][ T291]
[ 22.240704][ T291] ? die_addr+0x41/0xa0
[ 22.240811][ T291] ? exc_general_protection+0x14d/0x230
[ 22.240938][ T291] ? asm_exc_general_protection+0x26/0x30
[ 22.241077][ T291] ? page_pool_item_uninit+0x73/0x130
[ 22.241203][ T291] ? page_pool_item_uninit+0x7a/0x130
[ 22.241335][ T291] page_pool_release+0x44a/0x5b0
[ 22.241460][ T291] ? __pfx_page_pool_release+0x10/0x10
[ 22.241593][ T291] ? __pfx_lock_acquire.part.0+0x10/0x10
[ 22.241745][ T291] ? trace_lock_acquire+0x14c/0x1f0
[ 22.241871][ T291] ? trace_lock_acquire+0x14c/0x1f0
[ 22.241995][ T291] page_pool_release_retry+0x21/0x290
[ 22.242118][ T291] ? trace_workqueue_execute_start+0xe7/0x150
[ 22.242273][ T291] process_one_work+0xe55/0x16d0
[ 22.242408][ T291] ? __pfx___lock_release+0x10/0x10
[ 22.242533][ T291] ? __pfx_process_one_work+0x10/0x10
[ 22.242656][ T291] ? assign_work+0x16c/0x240
[ 22.242779][ T291] worker_thread+0x58c/0xce0
[ 22.242900][ T291] ? lockdep_hardirqs_on_prepare+0x275/0x410
[ 22.243052][ T291] ? __pfx_worker_thread+0x10/0x10
[ 22.243175][ T291] ? __pfx_worker_thread+0x10/0x10
[ 22.243297][ T291] kthread+0x28a/0x350
[ 22.243393][ T291] ? __pfx_kthread+0x10/0x10
[ 22.243515][ T291] ret_from_fork+0x31/0x70
[ 22.243637][ T291] ? __pfx_kthread+0x10/0x10
[ 22.243757][ T291] ret_from_fork_asm+0x1a/0x30
[ 22.243881][ T291]
[ 22.243975][ T291] Modules linked in: cls_bpf sch_ingress
[ 22.244115][ T291] ---[ end trace 0000000000000000 ]---
[ 22.244238][ T291] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[ 22.244400][ T291] Code: a8 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 ad 6d 63 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[ 22.244831][ T291] RSP: 0018:ffffc90000587bc0 EFLAGS: 00010a06
[ 22.244990][ T291] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffffa749f6e3
[ 22.245175][ T291] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[ 22.245354][ T291] RBP: fffffbfff5164c78 R08: 0000000000000000 R09: fffffbfff553f688
[ 22.245534][ T291] R10: ffffffffaa9fb447 R11: 205d313932542020 R12: ffff88800509f220
[ 22.245713][ T291] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: ffffea0000377200
[ 22.245910][ T291] FS: 0000000000000000(0000) GS:ffff88806d000000(0000) knlGS:0000000000000000
[ 22.246129][ T291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 22.246293][ T291] CR2: 0000563348403dec CR3: 000000000bac2006 CR4: 0000000000772ef0
[ 22.246498][ T291] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 22.246696][ T291] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 22.246881][ T291] PKRU: 55555554
[ 22.246985][ T291] Kernel panic - not syncing: Fatal exception
[ 22.247201][ T291] Kernel Offset: 0x23e00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[ 22.247489][ T291] ---[ end Kernel panic - not syncing: Fatal exception ]---
WAIT TIMEOUT stderr
Ctrl-C stderr
Ctrl-C stderr
WAIT TIMEOUT stderr