[   10.044057][  T260] ip (260) used greatest stack depth: 23808 bytes left
[   13.199034][  T330] ==================================================================
[   13.199318][  T330] BUG: KASAN: use-after-free in page_pool_item_uninit+0x100/0x130
[   13.199580][  T330] Read of size 8 at addr ffff88800fd3c008 by task ethtool/330
[   13.199822][  T330] 
[   13.199910][  T330] CPU: 3 UID: 0 PID: 330 Comm: ethtool Not tainted 6.13.0-rc5-virtme #1
[   13.200161][  T330] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   13.200370][  T330] Call Trace:
[   13.200495][  T330]  <TASK>
[   13.200579][  T330]  dump_stack_lvl+0x82/0xd0
[   13.200750][  T330]  print_address_description.constprop.0+0x2c/0x3b0
[   13.200955][  T330]  ? page_pool_item_uninit+0x100/0x130
[   13.201122][  T330]  print_report+0xb4/0x270
[   13.201284][  T330]  ? kasan_addr_to_slab+0x25/0x80
[   13.201446][  T330]  kasan_report+0xbd/0xf0
[   13.201570][  T330]  ? page_pool_item_uninit+0x100/0x130
[   13.201734][  T330]  page_pool_item_uninit+0x100/0x130
[   13.201900][  T330]  page_pool_release+0x44a/0x5b0
[   13.202065][  T330]  ? __pfx_page_pool_release+0x10/0x10
[   13.202229][  T330]  page_pool_destroy+0x11e/0x560
[   13.202394][  T330]  veth_napi_del_range+0x34d/0x580
[   13.202559][  T330]  ? __pfx_call_netdevice_notifiers+0x10/0x10
[   13.202775][  T330]  veth_set_features+0x13e/0x240
[   13.202933][  T330]  ? netdev_upper_get_next_dev_rcu+0x91/0xc0
[   13.203135][  T330]  __netdev_update_features+0x30f/0xc20
[   13.203300][  T330]  ? __pfx___netdev_update_features+0x10/0x10
[   13.203502][  T330]  ? __pfx_ethnl_parse_header_dev_get.part.0+0x10/0x10
[   13.203710][  T330]  ethnl_set_features+0x31e/0x620
[   13.203879][  T330]  ? __pfx_ethnl_set_features+0x10/0x10
[   13.204044][  T330]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   13.204252][  T330]  ? __nla_validate_parse+0x1bc/0x3d0
[   13.204418][  T330]  ? __nla_parse+0x26/0x30
[   13.204583][  T330]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x162/0x240
[   13.204827][  T330]  genl_family_rcv_msg_doit+0x1d4/0x2b0
[   13.204993][  T330]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   13.205201][  T330]  ? rcu_read_lock_any_held+0x43/0xb0
[   13.205365][  T330]  ? validate_chain+0x1fe/0xae0
[   13.205527][  T330]  genl_family_rcv_msg+0x347/0x5b0
[   13.205688][  T330]  ? __pfx_genl_family_rcv_msg+0x10/0x10
[   13.205868][  T330]  ? __pfx_ethnl_set_features+0x10/0x10
[   13.206032][  T330]  genl_rcv_msg+0xa3/0x140
[   13.206193][  T330]  netlink_rcv_skb+0x130/0x360
[   13.206355][  T330]  ? __pfx_genl_rcv_msg+0x10/0x10
[   13.206518][  T330]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   13.206682][  T330]  ? genl_rcv+0x19/0x40
[   13.206805][  T330]  ? __pfx_down_read+0x10/0x10
[   13.206968][  T330]  ? netlink_deliver_tap+0x13e/0x340
[   13.207134][  T330]  genl_rcv+0x28/0x40
[   13.207255][  T330]  netlink_unicast+0x44b/0x710
[   13.207418][  T330]  ? __pfx_netlink_unicast+0x10/0x10
[   13.207581][  T330]  ? find_held_lock+0x2c/0x110
[   13.207745][  T330]  netlink_sendmsg+0x723/0xbe0
[   13.207909][  T330]  ? __pfx_netlink_sendmsg+0x10/0x10
[   13.208067][  T330]  ? lock_acquire+0x32/0xc0
[   13.208228][  T330]  ? __might_fault+0x11b/0x170
[   13.208397][  T330]  __sys_sendto+0x3c3/0x450
[   13.208562][  T330]  ? __pfx___sys_sendto+0x10/0x10
[   13.208726][  T330]  ? __lock_release+0x103/0x460
[   13.208897][  T330]  ? __sys_recvmsg+0x106/0x190
[   13.209063][  T330]  ? __pfx___sys_recvmsg+0x10/0x10
[   13.209225][  T330]  ? do_user_addr_fault+0x97c/0xe30
[   13.209397][  T330]  __x64_sys_sendto+0xe0/0x1c0
[   13.209562][  T330]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   13.209768][  T330]  do_syscall_64+0xc1/0x1d0
[   13.209935][  T330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   13.210146][  T330] RIP: 0033:0x7fe646747a4a
[   13.210316][  T330] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 7e c3 0f 1f 44 00 00 41 54 48 83 ec 30 44 89
[   13.210888][  T330] RSP: 002b:00007ffe443cd948 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   13.211142][  T330] RAX: ffffffffffffffda RBX: 000000000940b2a0 RCX: 00007fe646747a4a
[   13.211386][  T330] RDX: 0000000000000044 RSI: 000000000940b3b0 RDI: 0000000000000005
[   13.211631][  T330] RBP: 0000000000486020 R08: 00007fe646804200 R09: 000000000000000c
[   13.211879][  T330] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000940b340
[   13.212121][  T330] R13: 0000000000000000 R14: 000000000940b350 R15: 000000000940b2a0
[   13.212366][  T330]  </TASK>
[   13.212488][  T330] 
[   13.212569][  T330] The buggy address belongs to the physical page:
[   13.212767][  T330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xfd3c
[   13.213063][  T330] flags: 0x80000000000000(node=0|zone=1)
[   13.213237][  T330] raw: 0080000000000000 ffffea00003f5c08 ffff88806d1c2fa0 0000000000000000
[   13.213527][  T330] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   13.213811][  T330] page dumped because: kasan: bad access detected
[   13.214013][  T330] 
[   13.214098][  T330] Memory state around the buggy address:
[   13.214258][  T330]  ffff88800fd3bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.214498][  T330]  ffff88800fd3bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.214734][  T330] >ffff88800fd3c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.214977][  T330]                       ^
[   13.215099][  T330]  ffff88800fd3c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.215331][  T330]  ffff88800fd3c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   13.215565][  T330] ==================================================================
[   13.216330][  T330] Disabling lock debugging due to kernel taint