[   10.153717][  T223] netdevsim netdevsim24918 eni24918np1: renamed from eth0
[   11.338005][  T238] ip (238) used greatest stack depth: 24568 bytes left
[   12.107238][  T242] ==================================================================
[   12.107559][  T242] BUG: KASAN: use-after-free in page_pool_item_uninit+0x100/0x130
[   12.107781][  T242] Read of size 8 at addr ffff888012697008 by task ip/242
[   12.107964][  T242] 
[   12.108038][  T242] CPU: 2 UID: 0 PID: 242 Comm: ip Not tainted 6.13.0-rc5-virtme #1
[   12.108252][  T242] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   12.108442][  T242] Call Trace:
[   12.108556][  T242]  <TASK>
[   12.108632][  T242]  dump_stack_lvl+0x82/0xd0
[   12.108780][  T242]  print_address_description.constprop.0+0x2c/0x3b0
[   12.108962][  T242]  ? page_pool_item_uninit+0x100/0x130
[   12.109111][  T242]  print_report+0xb4/0x270
[   12.109253][  T242]  ? kasan_addr_to_slab+0x25/0x80
[   12.109398][  T242]  kasan_report+0xbd/0xf0
[   12.109506][  T242]  ? page_pool_item_uninit+0x100/0x130
[   12.109656][  T242]  page_pool_item_uninit+0x100/0x130
[   12.109802][  T242]  page_pool_release+0x44a/0x5b0
[   12.109946][  T242]  ? __pfx_autoremove_wake_function+0x10/0x10
[   12.110124][  T242]  ? __pfx_page_pool_release+0x10/0x10
[   12.110275][  T242]  ? napi_disable+0x383/0x5b0
[   12.110429][  T242]  page_pool_destroy+0x11e/0x560
[   12.110573][  T242]  nsim_stop+0x21a/0x390 [netdevsim]
[   12.110728][  T242]  __dev_close_many+0x1a0/0x2d0
[   12.110876][  T242]  ? __pfx___dev_close_many+0x10/0x10
[   12.111024][  T242]  ? mark_held_locks+0x9e/0xe0
[   12.111174][  T242]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   12.111352][  T242]  __dev_change_flags+0x24f/0x6c0
[   12.111500][  T242]  ? __pfx___dev_change_flags+0x10/0x10
[   12.111645][  T242]  ? unwind_get_return_address+0x5e/0xa0
[   12.111794][  T242]  ? __pfx_validate_chain+0x10/0x10
[   12.111939][  T242]  dev_change_flags+0x80/0x160
[   12.112084][  T242]  do_setlink.constprop.0+0x79d/0x2300
[   12.112229][  T242]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[   12.112405][  T242]  ? lock_acquire.part.0+0xeb/0x330
[   12.112547][  T242]  ? rtnl_newlink+0x653/0xa70
[   12.112693][  T242]  ? rtnl_newlink+0xb9/0xa70
[   12.112833][  T242]  ? rtnetlink_rcv_msg+0x712/0xc10
[   12.112976][  T242]  ? __mutex_trylock_common+0xfa/0x260
[   12.113121][  T242]  ? __pfx___mutex_trylock_common+0x10/0x10
[   12.113299][  T242]  ? lock_acquire+0x32/0xc0
[   12.113441][  T242]  ? trace_contention_end+0xef/0x150
[   12.113584][  T242]  ? __mutex_lock+0x190/0xbc0
[   12.113733][  T242]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   12.113876][  T242]  ? rtnl_newlink+0x653/0xa70
[   12.114017][  T242]  ? __pfx___mutex_lock+0x10/0x10
[   12.114161][  T242]  ? __rtnl_newlink+0x40e/0xa40
[   12.114307][  T242]  rtnl_newlink+0x69c/0xa70
[   12.114451][  T242]  ? __pfx_rtnl_newlink+0x10/0x10
[   12.114595][  T242]  ? find_held_lock+0x2c/0x110
[   12.114739][  T242]  ? __pfx___lock_release+0x10/0x10
[   12.114888][  T242]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   12.115033][  T242]  ? rtnetlink_rcv_msg+0x6ef/0xc10
[   12.115176][  T242]  ? __pfx_rtnl_newlink+0x10/0x10
[   12.115319][  T242]  rtnetlink_rcv_msg+0x712/0xc10
[   12.115462][  T242]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   12.115614][  T242]  ? hlock_class+0x4e/0x130
[   12.115755][  T242]  ? mark_lock+0x38/0x3e0
[   12.115864][  T242]  ? __lock_acquire+0xb9a/0x1680
[   12.116011][  T242]  netlink_rcv_skb+0x130/0x360
[   12.116154][  T242]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   12.116296][  T242]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   12.116449][  T242]  ? netlink_deliver_tap+0x13e/0x340
[   12.116595][  T242]  ? netlink_deliver_tap+0xc3/0x340
[   12.116740][  T242]  netlink_unicast+0x44b/0x710
[   12.116882][  T242]  ? __pfx_netlink_unicast+0x10/0x10
[   12.117027][  T242]  ? find_held_lock+0x2c/0x110
[   12.117172][  T242]  netlink_sendmsg+0x723/0xbe0
[   12.117317][  T242]  ? __pfx_netlink_sendmsg+0x10/0x10
[   12.117466][  T242]  ____sys_sendmsg+0x7ac/0xa10
[   12.117615][  T242]  ? __pfx_____sys_sendmsg+0x10/0x10
[   12.117760][  T242]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   12.117943][  T242]  ___sys_sendmsg+0xee/0x170
[   12.118087][  T242]  ? __pfx____sys_sendmsg+0x10/0x10
[   12.118231][  T242]  ? kasan_save_stack+0x34/0x50
[   12.118378][  T242]  ? kasan_save_stack+0x24/0x50
[   12.118520][  T242]  ? __kasan_record_aux_stack+0x8e/0xa0
[   12.118666][  T242]  ? __call_rcu_common.constprop.0+0xa1/0x4b0
[   12.118842][  T242]  ? __x64_sys_close+0x7c/0xd0
[   12.118986][  T242]  ? do_syscall_64+0xc1/0x1d0
[   12.119127][  T242]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   12.119308][  T242]  ? __lock_acquire+0xb9a/0x1680
[   12.119451][  T242]  ? find_held_lock+0x2c/0x110
[   12.119593][  T242]  ? __lock_release+0x103/0x460
[   12.119733][  T242]  ? __virt_addr_valid+0x22b/0x430
[   12.119878][  T242]  ? __pfx___lock_release+0x10/0x10
[   12.120019][  T242]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   12.120163][  T242]  __sys_sendmsg+0x109/0x1a0
[   12.120307][  T242]  ? __pfx___sys_sendmsg+0x10/0x10
[   12.120450][  T242]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[   12.120635][  T242]  do_syscall_64+0xc1/0x1d0
[   12.120781][  T242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   12.120957][  T242] RIP: 0033:0x7f64ceb3a9a7
[   12.121108][  T242] Code: 0a 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b9 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[   12.121618][  T242] RSP: 002b:00007fff8be6b1c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   12.121837][  T242] RAX: ffffffffffffffda RBX: 00007fff8be6b8f0 RCX: 00007f64ceb3a9a7
[   12.122052][  T242] RDX: 0000000000000000 RSI: 00007fff8be6b230 RDI: 0000000000000003
[   12.122267][  T242] RBP: 0000000000000003 R08: 0000000000000003 R09: 0000000000000078
[   12.122480][  T242] R10: 00007f64ce9f8ef8 R11: 0000000000000246 R12: 0000000000000003
[   12.122695][  T242] R13: 00000000677c5431 R14: 0000000000498600 R15: 0000000000000000
[   12.122912][  T242]  </TASK>
[   12.123022][  T242] 
[   12.123094][  T242] The buggy address belongs to the physical page:
[   12.123267][  T242] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12697
[   12.123518][  T242] flags: 0x80000000000000(node=0|zone=1)
[   12.123667][  T242] page_type: f5(slab)
[   12.123778][  T242] raw: 0080000000000000 ffff8880010427c0 ffffea0000080350 ffffea0000129910
[   12.124033][  T242] raw: 0000000000000000 0000000000190019 00000001f5000000 0000000000000000
[   12.124284][  T242] page dumped because: kasan: bad access detected
[   12.124461][  T242] 
[   12.124533][  T242] Memory state around the buggy address:
[   12.124675][  T242]  ffff888012696f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.124885][  T242]  ffff888012696f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.125089][  T242] >ffff888012697000: fc fc fa fb fc fc fc fc fc fc fc fc fc fc fc fc
[   12.125297][  T242]                       ^
[   12.125403][  T242]  ffff888012697080: fc fc fc fc fc fc fa fb fc fc fc fc fc fc fc fc
[   12.125610][  T242]  ffff888012697100: fc fc fc fc fc fc fc fc fc fc fa fb fc fc fc fc
[   12.125817][  T242] ==================================================================
[   12.126075][  T242] Disabling lock debugging due to kernel taint
[   12.126290][  T242] Oops: general protection fault, probably for non-canonical address 0xf99995999999999c: 0000 [#1] PREEMPT SMP KASAN NOPTI
[   12.126641][  T242] KASAN: maybe wild-memory-access in range [0xcccccccccccccce0-0xcccccccccccccce7]
[   12.126882][  T242] CPU: 2 UID: 0 PID: 242 Comm: ip Tainted: G    B              6.13.0-rc5-virtme #1
[   12.127125][  T242] Tainted: [B]=BAD_PAGE
[   12.127233][  T242] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   12.127406][  T242] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[   12.127590][  T242] Code: 9b 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 5d bc 68 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[   12.128082][  T242] RSP: 0018:ffffc90000666f98 EFLAGS: 00010a06
[   12.128257][  T242] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffff9a037b43
[   12.128470][  T242] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[   12.128688][  T242] RBP: fffffbfff3698878 R08: 0000000000000000 R09: fffffbfff3a59888
[   12.128897][  T242] R10: ffffffff9d2cc447 R11: ffffc90000666a80 R12: ffff8880155f2a20
[   12.129105][  T242] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[   12.129315][  T242] FS:  00007f64ce92e800(0000) GS:ffff888036100000(0000) knlGS:0000000000000000
[   12.129570][  T242] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   12.129745][  T242] CR2: 00000000004e6358 CR3: 0000000010650004 CR4: 0000000000772ef0
[   12.130039][  T242] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   12.130253][  T242] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   12.130461][  T242] PKRU: 55555554
[   12.130650][  T242] Call Trace:
[   12.130763][  T242]  <TASK>
[   12.130834][  T242]  ? die_addr+0x41/0xa0
[   12.130945][  T242]  ? exc_general_protection+0x14d/0x230
[   12.131088][  T242]  ? asm_exc_general_protection+0x26/0x30
[   12.131318][  T242]  ? page_pool_item_uninit+0x73/0x130
[   12.131459][  T242]  ? page_pool_item_uninit+0x7a/0x130
[   12.131597][  T242]  ? page_pool_item_uninit+0x73/0x130
[   12.131738][  T242]  page_pool_release+0x44a/0x5b0
[   12.131962][  T242]  ? __pfx_autoremove_wake_function+0x10/0x10
[   12.132135][  T242]  ? __pfx_page_pool_release+0x10/0x10
[   12.132273][  T242]  ? napi_disable+0x383/0x5b0
[   12.132413][  T242]  page_pool_destroy+0x11e/0x560
[   12.132634][  T242]  nsim_stop+0x21a/0x390 [netdevsim]
[   12.132787][  T242]  __dev_close_many+0x1a0/0x2d0
[   12.132925][  T242]  ? __pfx___dev_close_many+0x10/0x10
[   12.133063][  T242]  ? mark_held_locks+0x9e/0xe0
[   12.133283][  T242]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   12.133456][  T242]  __dev_change_flags+0x24f/0x6c0
[   12.133594][  T242]  ? __pfx___dev_change_flags+0x10/0x10
[   12.133734][  T242]  ? unwind_get_return_address+0x5e/0xa0
[   12.133956][  T242]  ? __pfx_validate_chain+0x10/0x10
[   12.134095][  T242]  dev_change_flags+0x80/0x160
[   12.134232][  T242]  do_setlink.constprop.0+0x79d/0x2300
[   12.134372][  T242]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[   12.134624][  T242]  ? lock_acquire.part.0+0xeb/0x330
[   12.134763][  T242]  ? rtnl_newlink+0x653/0xa70
[   12.134901][  T242]  ? rtnl_newlink+0xb9/0xa70
[   12.135037][  T242]  ? rtnetlink_rcv_msg+0x712/0xc10
[   12.135258][  T242]  ? __mutex_trylock_common+0xfa/0x260
[   12.135398][  T242]  ? __pfx___mutex_trylock_common+0x10/0x10
[   12.135570][  T242]  ? lock_acquire+0x32/0xc0
[   12.135787][  T242]  ? trace_contention_end+0xef/0x150
[   12.135927][  T242]  ? __mutex_lock+0x190/0xbc0
[   12.136069][  T242]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   12.136206][  T242]  ? rtnl_newlink+0x653/0xa70
[   12.136345][  T242]  ? __pfx___mutex_lock+0x10/0x10
[   12.136483][  T242]  ? __rtnl_newlink+0x40e/0xa40
[   12.136622][  T242]  rtnl_newlink+0x69c/0xa70
[   12.136764][  T242]  ? __pfx_rtnl_newlink+0x10/0x10
[   12.136983][  T242]  ? find_held_lock+0x2c/0x110
[   12.137123][  T242]  ? __pfx___lock_release+0x10/0x10
[   12.137263][  T242]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   12.137403][  T242]  ? rtnetlink_rcv_msg+0x6ef/0xc10
[   12.137622][  T242]  ? __pfx_rtnl_newlink+0x10/0x10
[   12.137759][  T242]  rtnetlink_rcv_msg+0x712/0xc10
[   12.137900][  T242]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   12.138038][  T242]  ? hlock_class+0x4e/0x130
[   12.138256][  T242]  ? mark_lock+0x38/0x3e0
[   12.138364][  T242]  ? __lock_acquire+0xb9a/0x1680
[   12.138502][  T242]  netlink_rcv_skb+0x130/0x360
[   12.138640][  T242]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   12.138781][  T242]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   12.139003][  T242]  ? netlink_deliver_tap+0x13e/0x340
[   12.139142][  T242]  ? netlink_deliver_tap+0xc3/0x340
[   12.139280][  T242]  netlink_unicast+0x44b/0x710
[   12.139422][  T242]  ? __pfx_netlink_unicast+0x10/0x10
[   12.139642][  T242]  ? find_held_lock+0x2c/0x110
[   12.139781][  T242]  netlink_sendmsg+0x723/0xbe0
[   12.139923][  T242]  ? __pfx_netlink_sendmsg+0x10/0x10
[   12.140062][  T242]  ____sys_sendmsg+0x7ac/0xa10
[   12.140282][  T242]  ? __pfx_____sys_sendmsg+0x10/0x10
[   12.140420][  T242]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   12.140597][  T242]  ___sys_sendmsg+0xee/0x170
[   12.140817][  T242]  ? __pfx____sys_sendmsg+0x10/0x10
[   12.140960][  T242]  ? kasan_save_stack+0x34/0x50
[   12.141101][  T242]  ? kasan_save_stack+0x24/0x50
[   12.141245][  T242]  ? __kasan_record_aux_stack+0x8e/0xa0
[   12.141466][  T242]  ? __call_rcu_common.constprop.0+0xa1/0x4b0
[   12.141637][  T242]  ? __x64_sys_close+0x7c/0xd0
[   12.141783][  T242]  ? do_syscall_64+0xc1/0x1d0
[   12.141923][  T242]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   12.142180][  T242]  ? __lock_acquire+0xb9a/0x1680
[   12.142320][  T242]  ? find_held_lock+0x2c/0x110
[   12.142459][  T242]  ? __lock_release+0x103/0x460
[   12.142595][  T242]  ? __virt_addr_valid+0x22b/0x430
[   12.142814][  T242]  ? __pfx___lock_release+0x10/0x10
[   12.142953][  T242]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   12.143094][  T242]  __sys_sendmsg+0x109/0x1a0
[   12.143234][  T242]  ? __pfx___sys_sendmsg+0x10/0x10
[   12.143453][  T242]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[   12.143630][  T242]  do_syscall_64+0xc1/0x1d0
[   12.143770][  T242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   12.144022][  T242] RIP: 0033:0x7f64ceb3a9a7
[   12.144172][  T242] Code: 0a 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b9 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[   12.144744][  T242] RSP: 002b:00007fff8be6b1c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   12.144951][  T242] RAX: ffffffffffffffda RBX: 00007fff8be6b8f0 RCX: 00007f64ceb3a9a7
[   12.145163][  T242] RDX: 0000000000000000 RSI: 00007fff8be6b230 RDI: 0000000000000003
[   12.145454][  T242] RBP: 0000000000000003 R08: 0000000000000003 R09: 0000000000000078
[   12.145661][  T242] R10: 00007f64ce9f8ef8 R11: 0000000000000246 R12: 0000000000000003
[   12.145949][  T242] R13: 00000000677c5431 R14: 0000000000498600 R15: 0000000000000000
[   12.146172][  T242]  </TASK>
[   12.146276][  T242] Modules linked in: netdevsim
[   12.147018][  T242] ---[ end trace 0000000000000000 ]---
[   12.147223][  T242] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[   12.147482][  T242] Code: 9b 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 5d bc 68 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[   12.148007][  T242] RSP: 0018:ffffc90000666f98 EFLAGS: 00010a06
[   12.148193][  T242] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffff9a037b43
[   12.148424][  T242] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[   12.148645][  T242] RBP: fffffbfff3698878 R08: 0000000000000000 R09: fffffbfff3a59888
[   12.148867][  T242] R10: ffffffff9d2cc447 R11: ffffc90000666a80 R12: ffff8880155f2a20
[   12.149087][  T242] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[   12.149310][  T242] FS:  00007f64ce92e800(0000) GS:ffff888036100000(0000) knlGS:0000000000000000
[   12.149570][  T242] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   12.149760][  T242] CR2: 00000000004e6358 CR3: 0000000010650004 CR4: 0000000000772ef0
[   12.149981][  T242] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   12.150200][  T242] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   12.150422][  T242] PKRU: 55555554
[   12.150543][  T242] Kernel panic - not syncing: Fatal exception
[   12.150865][  T242] Kernel Offset: 0x16a00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[   12.151284][  T242] ---[ end Kernel panic - not syncing: Fatal exception ]---

WAIT TIMEOUT stderr

Ctrl-C stderr

Ctrl-C stderr

WAIT TIMEOUT stderr