[   10.715072][  T253] netdevsim netdevsim7852 eni7852np1: renamed from eth0
[   11.794812][  T265] ==================================================================
[   11.795140][  T265] BUG: KASAN: use-after-free in page_pool_item_uninit+0x100/0x130
[   11.795357][  T265] Read of size 8 at addr ffff88800b4ef008 by task ip/265
[   11.795534][  T265] 
[   11.795609][  T265] CPU: 2 UID: 0 PID: 265 Comm: ip Not tainted 6.13.0-rc5-virtme #1
[   11.795826][  T265] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   11.796008][  T265] Call Trace:
[   11.796120][  T265]  <TASK>
[   11.796195][  T265]  dump_stack_lvl+0x82/0xd0
[   11.796345][  T265]  print_address_description.constprop.0+0x2c/0x3b0
[   11.796528][  T265]  ? page_pool_item_uninit+0x100/0x130
[   11.796683][  T265]  print_report+0xb4/0x270
[   11.796827][  T265]  ? kasan_addr_to_slab+0x25/0x80
[   11.796974][  T265]  kasan_report+0xbd/0xf0
[   11.797084][  T265]  ? page_pool_item_uninit+0x100/0x130
[   11.797233][  T265]  page_pool_item_uninit+0x100/0x130
[   11.797379][  T265]  page_pool_release+0x44a/0x5b0
[   11.797523][  T265]  ? __pfx_autoremove_wake_function+0x10/0x10
[   11.797704][  T265]  ? __pfx_page_pool_release+0x10/0x10
[   11.797849][  T265]  ? napi_disable+0x383/0x5b0
[   11.798001][  T265]  page_pool_destroy+0x11e/0x560
[   11.798147][  T265]  nsim_stop+0x21a/0x390 [netdevsim]
[   11.798308][  T265]  __dev_close_many+0x1a0/0x2d0
[   11.798460][  T265]  ? __pfx___dev_close_many+0x10/0x10
[   11.798606][  T265]  ? mark_held_locks+0x9e/0xe0
[   11.798754][  T265]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   11.798936][  T265]  __dev_change_flags+0x24f/0x6c0
[   11.799082][  T265]  ? __pfx___dev_change_flags+0x10/0x10
[   11.799225][  T265]  ? unwind_get_return_address+0x5e/0xa0
[   11.799374][  T265]  ? __pfx_validate_chain+0x10/0x10
[   11.799521][  T265]  dev_change_flags+0x80/0x160
[   11.799671][  T265]  do_setlink.constprop.0+0x79d/0x2300
[   11.799819][  T265]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[   11.800001][  T265]  ? lock_acquire.part.0+0xeb/0x330
[   11.800148][  T265]  ? rtnl_newlink+0x653/0xa70
[   11.800292][  T265]  ? rtnl_newlink+0xb9/0xa70
[   11.800438][  T265]  ? rtnetlink_rcv_msg+0x712/0xc10
[   11.800584][  T265]  ? __mutex_trylock_common+0xfa/0x260
[   11.800730][  T265]  ? __pfx___mutex_trylock_common+0x10/0x10
[   11.800909][  T265]  ? lock_acquire+0x32/0xc0
[   11.801053][  T265]  ? trace_contention_end+0xef/0x150
[   11.801198][  T265]  ? __mutex_lock+0x190/0xbc0
[   11.801343][  T265]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   11.801487][  T265]  ? rtnl_newlink+0x653/0xa70
[   11.801631][  T265]  ? __pfx___mutex_lock+0x10/0x10
[   11.801777][  T265]  ? __rtnl_newlink+0x40e/0xa40
[   11.801925][  T265]  rtnl_newlink+0x69c/0xa70
[   11.802071][  T265]  ? __pfx_rtnl_newlink+0x10/0x10
[   11.802215][  T265]  ? find_held_lock+0x2c/0x110
[   11.802360][  T265]  ? __pfx___lock_release+0x10/0x10
[   11.802506][  T265]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   11.802653][  T265]  ? rtnetlink_rcv_msg+0x6ef/0xc10
[   11.802797][  T265]  ? __pfx_rtnl_newlink+0x10/0x10
[   11.802941][  T265]  rtnetlink_rcv_msg+0x712/0xc10
[   11.803087][  T265]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   11.803231][  T265]  ? hlock_class+0x4e/0x130
[   11.803374][  T265]  ? mark_lock+0x38/0x3e0
[   11.803486][  T265]  ? __lock_acquire+0xb9a/0x1680
[   11.803632][  T265]  netlink_rcv_skb+0x130/0x360
[   11.803777][  T265]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   11.803923][  T265]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   11.804071][  T265]  ? netlink_deliver_tap+0x13e/0x340
[   11.804220][  T265]  ? netlink_deliver_tap+0xc3/0x340
[   11.804370][  T265]  netlink_unicast+0x44b/0x710
[   11.804513][  T265]  ? __pfx_netlink_unicast+0x10/0x10
[   11.804656][  T265]  ? find_held_lock+0x2c/0x110
[   11.804801][  T265]  netlink_sendmsg+0x723/0xbe0
[   11.804946][  T265]  ? __pfx_netlink_sendmsg+0x10/0x10
[   11.805092][  T265]  ____sys_sendmsg+0x7ac/0xa10
[   11.805237][  T265]  ? __pfx_____sys_sendmsg+0x10/0x10
[   11.805384][  T265]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   11.805564][  T265]  ___sys_sendmsg+0xee/0x170
[   11.805708][  T265]  ? __pfx____sys_sendmsg+0x10/0x10
[   11.805851][  T265]  ? kasan_save_stack+0x34/0x50
[   11.805995][  T265]  ? kasan_save_stack+0x24/0x50
[   11.806137][  T265]  ? __kasan_record_aux_stack+0x8e/0xa0
[   11.806279][  T265]  ? __call_rcu_common.constprop.0+0xa1/0x4b0
[   11.806463][  T265]  ? __x64_sys_close+0x7c/0xd0
[   11.806610][  T265]  ? do_syscall_64+0xc1/0x1d0
[   11.806753][  T265]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   11.806933][  T265]  ? __lock_acquire+0xb9a/0x1680
[   11.807079][  T265]  ? find_held_lock+0x2c/0x110
[   11.807223][  T265]  ? __lock_release+0x103/0x460
[   11.807365][  T265]  ? __virt_addr_valid+0x22b/0x430
[   11.807509][  T265]  ? __pfx___lock_release+0x10/0x10
[   11.807654][  T265]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   11.807801][  T265]  __sys_sendmsg+0x109/0x1a0
[   11.807943][  T265]  ? __pfx___sys_sendmsg+0x10/0x10
[   11.808085][  T265]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[   11.808267][  T265]  do_syscall_64+0xc1/0x1d0
[   11.808410][  T265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   11.808587][  T265] RIP: 0033:0x7f245a1359a7
[   11.808739][  T265] Code: 0a 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b9 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[   11.809246][  T265] RSP: 002b:00007fff9e1bf608 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   11.809466][  T265] RAX: ffffffffffffffda RBX: 00007fff9e1bfd30 RCX: 00007f245a1359a7
[   11.809690][  T265] RDX: 0000000000000000 RSI: 00007fff9e1bf670 RDI: 0000000000000003
[   11.809904][  T265] RBP: 0000000000000003 R08: 0000000000000003 R09: 0000000000000078
[   11.810119][  T265] R10: 00007f2459ff3ef8 R11: 0000000000000246 R12: 0000000000000003
[   11.810331][  T265] R13: 00000000677c632a R14: 0000000000498600 R15: 0000000000000000
[   11.810553][  T265]  </TASK>
[   11.810664][  T265] 
[   11.810739][  T265] The buggy address belongs to the physical page:
[   11.810913][  T265] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xb4ef
[   11.811166][  T265] flags: 0x80000000000000(node=0|zone=1)
[   11.811313][  T265] page_type: f5(slab)
[   11.811427][  T265] raw: 0080000000000000 ffff8880010427c0 ffffea0000143b10 ffffea000008dc10
[   11.811685][  T265] raw: 0000000000000000 0000000000190019 00000001f5000000 0000000000000000
[   11.811940][  T265] page dumped because: kasan: bad access detected
[   11.812116][  T265] 
[   11.812189][  T265] Memory state around the buggy address:
[   11.812330][  T265]  ffff88800b4eef00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   11.812543][  T265]  ffff88800b4eef80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   11.812750][  T265] >ffff88800b4ef000: fc fc fa fb fc fc fc fc fc fc fc fc fc fc fc fc
[   11.812960][  T265]                       ^
[   11.813067][  T265]  ffff88800b4ef080: fc fc fc fc fc fc fa fb fc fc fc fc fc fc fc fc
[   11.813274][  T265]  ffff88800b4ef100: fc fc fc fc fc fc fc fc fc fc fa fb fc fc fc fc
[   11.813487][  T265] ==================================================================
[   11.813750][  T265] Disabling lock debugging due to kernel taint
[   11.813953][  T265] Oops: general protection fault, probably for non-canonical address 0xf99995999999999c: 0000 [#1] PREEMPT SMP KASAN NOPTI
[   11.814298][  T265] KASAN: maybe wild-memory-access in range [0xcccccccccccccce0-0xcccccccccccccce7]
[   11.814542][  T265] CPU: 2 UID: 0 PID: 265 Comm: ip Tainted: G    B              6.13.0-rc5-virtme #1
[   11.814785][  T265] Tainted: [B]=BAD_PAGE
[   11.814893][  T265] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   11.815066][  T265] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[   11.815247][  T265] Code: b5 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 ad 6d 63 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[   11.815734][  T265] RSP: 0018:ffffc900004e6f98 EFLAGS: 00010a06
[   11.815910][  T265] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffffb429f6e3
[   11.816121][  T265] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[   11.816332][  T265] RBP: fffffbfff6b24c78 R08: 0000000000000000 R09: fffffbfff6eff688
[   11.816539][  T265] R10: ffffffffb77fb447 R11: 205d353632542020 R12: ffff888009d89220
[   11.816749][  T265] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[   11.816956][  T265] FS:  00007f2459f29800(0000) GS:ffff888066100000(0000) knlGS:0000000000000000
[   11.817203][  T265] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   11.817379][  T265] CR2: 00000000004e4a70 CR3: 000000000e378004 CR4: 0000000000772ef0
[   11.817587][  T265] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   11.817796][  T265] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   11.818007][  T265] PKRU: 55555554
[   11.818112][  T265] Call Trace:
[   11.818219][  T265]  <TASK>
[   11.818292][  T265]  ? die_addr+0x41/0xa0
[   11.818401][  T265]  ? exc_general_protection+0x14d/0x230
[   11.818545][  T265]  ? asm_exc_general_protection+0x26/0x30
[   11.818687][  T265]  ? page_pool_item_uninit+0x73/0x130
[   11.818829][  T265]  ? page_pool_item_uninit+0x7a/0x130
[   11.818973][  T265]  ? page_pool_item_uninit+0x73/0x130
[   11.819113][  T265]  page_pool_release+0x44a/0x5b0
[   11.819253][  T265]  ? __pfx_autoremove_wake_function+0x10/0x10
[   11.819429][  T265]  ? __pfx_page_pool_release+0x10/0x10
[   11.819575][  T265]  ? napi_disable+0x383/0x5b0
[   11.819718][  T265]  page_pool_destroy+0x11e/0x560
[   11.819859][  T265]  nsim_stop+0x21a/0x390 [netdevsim]
[   11.820016][  T265]  __dev_close_many+0x1a0/0x2d0
[   11.820155][  T265]  ? __pfx___dev_close_many+0x10/0x10
[   11.820293][  T265]  ? mark_held_locks+0x9e/0xe0
[   11.820434][  T265]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   11.820607][  T265]  __dev_change_flags+0x24f/0x6c0
[   11.820746][  T265]  ? __pfx___dev_change_flags+0x10/0x10
[   11.820884][  T265]  ? unwind_get_return_address+0x5e/0xa0
[   11.821028][  T265]  ? __pfx_validate_chain+0x10/0x10
[   11.821168][  T265]  dev_change_flags+0x80/0x160
[   11.821308][  T265]  do_setlink.constprop.0+0x79d/0x2300
[   11.821451][  T265]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[   11.821627][  T265]  ? lock_acquire.part.0+0xeb/0x330
[   11.821766][  T265]  ? rtnl_newlink+0x653/0xa70
[   11.821905][  T265]  ? rtnl_newlink+0xb9/0xa70
[   11.822046][  T265]  ? rtnetlink_rcv_msg+0x712/0xc10
[   11.822187][  T265]  ? __mutex_trylock_common+0xfa/0x260
[   11.822327][  T265]  ? __pfx___mutex_trylock_common+0x10/0x10
[   11.822499][  T265]  ? lock_acquire+0x32/0xc0
[   11.822640][  T265]  ? trace_contention_end+0xef/0x150
[   11.822781][  T265]  ? __mutex_lock+0x190/0xbc0
[   11.822921][  T265]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   11.823062][  T265]  ? rtnl_newlink+0x653/0xa70
[   11.823203][  T265]  ? __pfx___mutex_lock+0x10/0x10
[   11.823343][  T265]  ? __rtnl_newlink+0x40e/0xa40
[   11.823482][  T265]  rtnl_newlink+0x69c/0xa70
[   11.823622][  T265]  ? __pfx_rtnl_newlink+0x10/0x10
[   11.823758][  T265]  ? find_held_lock+0x2c/0x110
[   11.823898][  T265]  ? __pfx___lock_release+0x10/0x10
[   11.824038][  T265]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   11.824181][  T265]  ? rtnetlink_rcv_msg+0x6ef/0xc10
[   11.824319][  T265]  ? __pfx_rtnl_newlink+0x10/0x10
[   11.824457][  T265]  rtnetlink_rcv_msg+0x712/0xc10
[   11.824596][  T265]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   11.824734][  T265]  ? hlock_class+0x4e/0x130
[   11.824870][  T265]  ? mark_lock+0x38/0x3e0
[   11.824979][  T265]  ? __lock_acquire+0xb9a/0x1680
[   11.825121][  T265]  netlink_rcv_skb+0x130/0x360
[   11.825258][  T265]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   11.825395][  T265]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   11.825538][  T265]  ? netlink_deliver_tap+0x13e/0x340
[   11.825677][  T265]  ? netlink_deliver_tap+0xc3/0x340
[   11.825816][  T265]  netlink_unicast+0x44b/0x710
[   11.825956][  T265]  ? __pfx_netlink_unicast+0x10/0x10
[   11.826097][  T265]  ? find_held_lock+0x2c/0x110
[   11.826236][  T265]  netlink_sendmsg+0x723/0xbe0
[   11.826375][  T265]  ? __pfx_netlink_sendmsg+0x10/0x10
[   11.826514][  T265]  ____sys_sendmsg+0x7ac/0xa10
[   11.826656][  T265]  ? __pfx_____sys_sendmsg+0x10/0x10
[   11.826797][  T265]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   11.826970][  T265]  ___sys_sendmsg+0xee/0x170
[   11.827110][  T265]  ? __pfx____sys_sendmsg+0x10/0x10
[   11.827250][  T265]  ? kasan_save_stack+0x34/0x50
[   11.827388][  T265]  ? kasan_save_stack+0x24/0x50
[   11.827526][  T265]  ? __kasan_record_aux_stack+0x8e/0xa0
[   11.827666][  T265]  ? __call_rcu_common.constprop.0+0xa1/0x4b0
[   11.827839][  T265]  ? __x64_sys_close+0x7c/0xd0
[   11.827977][  T265]  ? do_syscall_64+0xc1/0x1d0
[   11.828114][  T265]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   11.828290][  T265]  ? __lock_acquire+0xb9a/0x1680
[   11.828430][  T265]  ? find_held_lock+0x2c/0x110
[   11.828654][  T265]  ? __lock_release+0x103/0x460
[   11.828791][  T265]  ? __virt_addr_valid+0x22b/0x430
[   11.828931][  T265]  ? __pfx___lock_release+0x10/0x10
[   11.829069][  T265]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   11.829291][  T265]  __sys_sendmsg+0x109/0x1a0
[   11.829431][  T265]  ? __pfx___sys_sendmsg+0x10/0x10
[   11.829576][  T265]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[   11.829755][  T265]  do_syscall_64+0xc1/0x1d0
[   11.829975][  T265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   11.830148][  T265] RIP: 0033:0x7f245a1359a7
[   11.830291][  T265] Code: 0a 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b9 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[   11.830872][  T265] RSP: 002b:00007fff9e1bf608 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   11.831167][  T265] RAX: ffffffffffffffda RBX: 00007fff9e1bfd30 RCX: 00007f245a1359a7
[   11.831374][  T265] RDX: 0000000000000000 RSI: 00007fff9e1bf670 RDI: 0000000000000003
[   11.831585][  T265] RBP: 0000000000000003 R08: 0000000000000003 R09: 0000000000000078
[   11.831877][  T265] R10: 00007f2459ff3ef8 R11: 0000000000000246 R12: 0000000000000003
[   11.832083][  T265] R13: 00000000677c632a R14: 0000000000498600 R15: 0000000000000000
[   11.832292][  T265]  </TASK>
[   11.832479][  T265] Modules linked in: netdevsim psample
[   11.832665][  T265] ---[ end trace 0000000000000000 ]---
[   11.832819][  T265] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[   11.833022][  T265] Code: b5 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 ad 6d 63 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[   11.833602][  T265] RSP: 0018:ffffc900004e6f98 EFLAGS: 00010a06
[   11.833873][  T265] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffffb429f6e3
[   11.834102][  T265] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[   11.834318][  T265] RBP: fffffbfff6b24c78 R08: 0000000000000000 R09: fffffbfff6eff688
[   11.834619][  T265] R10: ffffffffb77fb447 R11: 205d353632542020 R12: ffff888009d89220
[   11.834840][  T265] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[   11.835151][  T265] FS:  00007f2459f29800(0000) GS:ffff888066100000(0000) knlGS:0000000000000000
[   11.835404][  T265] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   11.835588][  T265] CR2: 00000000004e4a70 CR3: 000000000e378004 CR4: 0000000000772ef0
[   11.835890][  T265] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   11.836119][  T265] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   11.836337][  T265] PKRU: 55555554
[   11.836538][  T265] Kernel panic - not syncing: Fatal exception
[   11.836832][  T265] Kernel Offset: 0x30c00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[   11.837155][  T265] ---[ end Kernel panic - not syncing: Fatal exception ]---

WAIT TIMEOUT stderr

Ctrl-C stderr

Ctrl-C stderr

WAIT TIMEOUT stderr