[   12.129397][  T225] netdevsim netdevsim9782 eni9782np1: renamed from eth0
[   13.561257][  T240] ip (240) used greatest stack depth: 23848 bytes left
[   14.586427][  T244] ==================================================================
[   14.586731][  T244] BUG: KASAN: use-after-free in page_pool_item_uninit+0x100/0x130
[   14.586973][  T244] Read of size 8 at addr ffff88800c11b008 by task ip/244
[   14.587155][  T244] 
[   14.587236][  T244] CPU: 2 UID: 0 PID: 244 Comm: ip Not tainted 6.13.0-rc5-virtme #1
[   14.587463][  T244] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   14.587648][  T244] Call Trace:
[   14.587766][  T244]  <TASK>
[   14.587844][  T244]  dump_stack_lvl+0x82/0xd0
[   14.588007][  T244]  print_address_description.constprop.0+0x2c/0x3b0
[   14.588203][  T244]  ? page_pool_item_uninit+0x100/0x130
[   14.588359][  T244]  print_report+0xb4/0x270
[   14.588506][  T244]  ? kasan_addr_to_slab+0x25/0x80
[   14.588655][  T244]  kasan_report+0xbd/0xf0
[   14.588767][  T244]  ? page_pool_item_uninit+0x100/0x130
[   14.588931][  T244]  page_pool_item_uninit+0x100/0x130
[   14.589082][  T244]  page_pool_release+0x44a/0x5b0
[   14.589233][  T244]  ? __pfx_autoremove_wake_function+0x10/0x10
[   14.589418][  T244]  ? __pfx_page_pool_release+0x10/0x10
[   14.589566][  T244]  ? napi_disable+0x383/0x5b0
[   14.589719][  T244]  page_pool_destroy+0x11e/0x560
[   14.589868][  T244]  nsim_stop+0x21a/0x390 [netdevsim]
[   14.590033][  T244]  __dev_close_many+0x1a0/0x2d0
[   14.590182][  T244]  ? __pfx___dev_close_many+0x10/0x10
[   14.590334][  T244]  ? mark_held_locks+0x9e/0xe0
[   14.590482][  T244]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   14.590669][  T244]  __dev_change_flags+0x24f/0x6c0
[   14.590821][  T244]  ? __pfx___dev_change_flags+0x10/0x10
[   14.590966][  T244]  ? unwind_get_return_address+0x5e/0xa0
[   14.591117][  T244]  ? __pfx_validate_chain+0x10/0x10
[   14.591269][  T244]  dev_change_flags+0x80/0x160
[   14.591424][  T244]  do_setlink.constprop.0+0x79d/0x2300
[   14.591576][  T244]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[   14.591759][  T244]  ? lock_acquire.part.0+0xeb/0x330
[   14.591905][  T244]  ? rtnl_newlink+0x653/0xa70
[   14.592054][  T244]  ? rtnl_newlink+0xb9/0xa70
[   14.592207][  T244]  ? rtnetlink_rcv_msg+0x712/0xc10
[   14.592358][  T244]  ? __mutex_trylock_common+0xfa/0x260
[   14.592509][  T244]  ? __pfx___mutex_trylock_common+0x10/0x10
[   14.592702][  T244]  ? lock_acquire+0x32/0xc0
[   14.592854][  T244]  ? trace_contention_end+0xef/0x150
[   14.593006][  T244]  ? __mutex_lock+0x190/0xbc0
[   14.593158][  T244]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   14.593307][  T244]  ? rtnl_newlink+0x653/0xa70
[   14.593455][  T244]  ? __pfx___mutex_lock+0x10/0x10
[   14.593601][  T244]  ? __rtnl_newlink+0x40e/0xa40
[   14.593750][  T244]  rtnl_newlink+0x69c/0xa70
[   14.593899][  T244]  ? __pfx_rtnl_newlink+0x10/0x10
[   14.594043][  T244]  ? find_held_lock+0x2c/0x110
[   14.594191][  T244]  ? __pfx___lock_release+0x10/0x10
[   14.594334][  T244]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   14.594484][  T244]  ? rtnetlink_rcv_msg+0x6ef/0xc10
[   14.594632][  T244]  ? __pfx_rtnl_newlink+0x10/0x10
[   14.594780][  T244]  rtnetlink_rcv_msg+0x712/0xc10
[   14.594928][  T244]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   14.595081][  T244]  ? hlock_class+0x4e/0x130
[   14.595232][  T244]  ? mark_lock+0x38/0x3e0
[   14.595344][  T244]  ? __lock_acquire+0xb9a/0x1680
[   14.595494][  T244]  netlink_rcv_skb+0x130/0x360
[   14.595647][  T244]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   14.595795][  T244]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   14.595947][  T244]  ? netlink_deliver_tap+0x13e/0x340
[   14.596093][  T244]  ? netlink_deliver_tap+0xc3/0x340
[   14.596259][  T244]  netlink_unicast+0x44b/0x710
[   14.596408][  T244]  ? __pfx_netlink_unicast+0x10/0x10
[   14.596559][  T244]  ? find_held_lock+0x2c/0x110
[   14.596713][  T244]  netlink_sendmsg+0x723/0xbe0
[   14.596864][  T244]  ? __pfx_netlink_sendmsg+0x10/0x10
[   14.597013][  T244]  ____sys_sendmsg+0x7ac/0xa10
[   14.597176][  T244]  ? __pfx_____sys_sendmsg+0x10/0x10
[   14.597321][  T244]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   14.597509][  T244]  ___sys_sendmsg+0xee/0x170
[   14.597660][  T244]  ? __pfx____sys_sendmsg+0x10/0x10
[   14.597814][  T244]  ? kasan_save_stack+0x34/0x50
[   14.597961][  T244]  ? kasan_save_stack+0x24/0x50
[   14.598109][  T244]  ? __kasan_record_aux_stack+0x8e/0xa0
[   14.598262][  T244]  ? __call_rcu_common.constprop.0+0xa1/0x4b0
[   14.598450][  T244]  ? __x64_sys_close+0x7c/0xd0
[   14.598598][  T244]  ? do_syscall_64+0xc1/0x1d0
[   14.598746][  T244]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   14.598933][  T244]  ? __lock_acquire+0xb9a/0x1680
[   14.599082][  T244]  ? find_held_lock+0x2c/0x110
[   14.599229][  T244]  ? __lock_release+0x103/0x460
[   14.599376][  T244]  ? __virt_addr_valid+0x22b/0x430
[   14.599531][  T244]  ? __pfx___lock_release+0x10/0x10
[   14.599677][  T244]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   14.599825][  T244]  __sys_sendmsg+0x109/0x1a0
[   14.599973][  T244]  ? __pfx___sys_sendmsg+0x10/0x10
[   14.600120][  T244]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[   14.600309][  T244]  do_syscall_64+0xc1/0x1d0
[   14.600456][  T244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   14.600647][  T244] RIP: 0033:0x7fc5d28a69a7
[   14.600804][  T244] Code: 0a 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b9 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[   14.601327][  T244] RSP: 002b:00007ffcccba2e28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   14.601556][  T244] RAX: ffffffffffffffda RBX: 00007ffcccba3550 RCX: 00007fc5d28a69a7
[   14.601779][  T244] RDX: 0000000000000000 RSI: 00007ffcccba2e90 RDI: 0000000000000003
[   14.602002][  T244] RBP: 0000000000000003 R08: 0000000000000003 R09: 0000000000000078
[   14.602220][  T244] R10: 00007fc5d2764ef8 R11: 0000000000000246 R12: 0000000000000003
[   14.602449][  T244] R13: 00000000677c4d12 R14: 0000000000498600 R15: 0000000000000000
[   14.602674][  T244]  </TASK>
[   14.602789][  T244] 
[   14.602867][  T244] The buggy address belongs to the physical page:
[   14.603048][  T244] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xc11b
[   14.603309][  T244] flags: 0x80000000000000(node=0|zone=1)
[   14.603461][  T244] page_type: f5(slab)
[   14.603585][  T244] raw: 0080000000000000 ffff8880010427c0 ffffea000021cc10 ffffea0000240310
[   14.603848][  T244] raw: 0000000000000000 0000000000190019 00000001f5000000 0000000000000000
[   14.604105][  T244] page dumped because: kasan: bad access detected
[   14.604289][  T244] 
[   14.604364][  T244] Memory state around the buggy address:
[   14.604508][  T244]  ffff88800c11af00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.604727][  T244]  ffff88800c11af80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.604939][  T244] >ffff88800c11b000: fc fc fa fb fc fc fc fc fc fc fc fc fc fc fc fc
[   14.605153][  T244]                       ^
[   14.605265][  T244]  ffff88800c11b080: fc fc fc fc fc fc fa fb fc fc fc fc fc fc fc fc
[   14.605482][  T244]  ffff88800c11b100: fc fc fc fc fc fc fc fc fc fc fa fb fc fc fc fc
[   14.605692][  T244] ==================================================================
[   14.606090][  T244] Disabling lock debugging due to kernel taint
[   14.606418][  T244] Oops: general protection fault, probably for non-canonical address 0xf99995999999999c: 0000 [#1] PREEMPT SMP KASAN NOPTI
[   14.606791][  T244] KASAN: maybe wild-memory-access in range [0xcccccccccccccce0-0xcccccccccccccce7]
[   14.607042][  T244] CPU: 2 UID: 0 PID: 244 Comm: ip Tainted: G    B              6.13.0-rc5-virtme #1
[   14.607307][  T244] Tainted: [B]=BAD_PAGE
[   14.607415][  T244] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   14.607593][  T244] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[   14.607781][  T244] Code: bb 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 5d bc 68 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[   14.608283][  T244] RSP: 0018:ffffc900006f6f98 EFLAGS: 00010a06
[   14.608462][  T244] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffffbaa37b43
[   14.608680][  T244] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[   14.608895][  T244] RBP: fffffbfff77d8878 R08: 0000000000000000 R09: fffffbfff7b99888
[   14.609106][  T244] R10: ffffffffbdccc447 R11: ffffc900006f6a80 R12: ffff88800b3ef220
[   14.609321][  T244] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[   14.609536][  T244] FS:  00007fc5d269a800(0000) GS:ffff88802f700000(0000) knlGS:0000000000000000
[   14.609784][  T244] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   14.609961][  T244] CR2: 00000000004e5d90 CR3: 000000000ede8004 CR4: 0000000000772ef0
[   14.610178][  T244] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   14.610390][  T244] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   14.610612][  T244] PKRU: 55555554
[   14.610718][  T244] Call Trace:
[   14.610825][  T244]  <TASK>
[   14.610898][  T244]  ? die_addr+0x41/0xa0
[   14.611009][  T244]  ? exc_general_protection+0x14d/0x230
[   14.611156][  T244]  ? asm_exc_general_protection+0x26/0x30
[   14.611306][  T244]  ? page_pool_item_uninit+0x73/0x130
[   14.611449][  T244]  ? page_pool_item_uninit+0x7a/0x130
[   14.611589][  T244]  ? page_pool_item_uninit+0x73/0x130
[   14.611733][  T244]  page_pool_release+0x44a/0x5b0
[   14.611875][  T244]  ? __pfx_autoremove_wake_function+0x10/0x10
[   14.612058][  T244]  ? __pfx_page_pool_release+0x10/0x10
[   14.612203][  T244]  ? napi_disable+0x383/0x5b0
[   14.612347][  T244]  page_pool_destroy+0x11e/0x560
[   14.612489][  T244]  nsim_stop+0x21a/0x390 [netdevsim]
[   14.612644][  T244]  __dev_close_many+0x1a0/0x2d0
[   14.612786][  T244]  ? __pfx___dev_close_many+0x10/0x10
[   14.612929][  T244]  ? mark_held_locks+0x9e/0xe0
[   14.613073][  T244]  ? lockdep_hardirqs_on_prepare+0x275/0x410
[   14.613247][  T244]  __dev_change_flags+0x24f/0x6c0
[   14.613385][  T244]  ? __pfx___dev_change_flags+0x10/0x10
[   14.613526][  T244]  ? unwind_get_return_address+0x5e/0xa0
[   14.613667][  T244]  ? __pfx_validate_chain+0x10/0x10
[   14.613815][  T244]  dev_change_flags+0x80/0x160
[   14.613958][  T244]  do_setlink.constprop.0+0x79d/0x2300
[   14.614099][  T244]  ? __pfx_do_setlink.constprop.0+0x10/0x10
[   14.614275][  T244]  ? lock_acquire.part.0+0xeb/0x330
[   14.614415][  T244]  ? rtnl_newlink+0x653/0xa70
[   14.614556][  T244]  ? rtnl_newlink+0xb9/0xa70
[   14.614781][  T244]  ? rtnetlink_rcv_msg+0x712/0xc10
[   14.614924][  T244]  ? __mutex_trylock_common+0xfa/0x260
[   14.615064][  T244]  ? __pfx___mutex_trylock_common+0x10/0x10
[   14.615244][  T244]  ? lock_acquire+0x32/0xc0
[   14.615461][  T244]  ? trace_contention_end+0xef/0x150
[   14.615599][  T244]  ? __mutex_lock+0x190/0xbc0
[   14.615747][  T244]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   14.615887][  T244]  ? rtnl_newlink+0x653/0xa70
[   14.616107][  T244]  ? __pfx___mutex_lock+0x10/0x10
[   14.616255][  T244]  ? __rtnl_newlink+0x40e/0xa40
[   14.616395][  T244]  rtnl_newlink+0x69c/0xa70
[   14.616536][  T244]  ? __pfx_rtnl_newlink+0x10/0x10
[   14.616754][  T244]  ? find_held_lock+0x2c/0x110
[   14.616896][  T244]  ? __pfx___lock_release+0x10/0x10
[   14.617043][  T244]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   14.617184][  T244]  ? rtnetlink_rcv_msg+0x6ef/0xc10
[   14.617406][  T244]  ? __pfx_rtnl_newlink+0x10/0x10
[   14.617546][  T244]  rtnetlink_rcv_msg+0x712/0xc10
[   14.617686][  T244]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   14.617824][  T244]  ? hlock_class+0x4e/0x130
[   14.618049][  T244]  ? mark_lock+0x38/0x3e0
[   14.618158][  T244]  ? __lock_acquire+0xb9a/0x1680
[   14.618299][  T244]  netlink_rcv_skb+0x130/0x360
[   14.618439][  T244]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   14.618661][  T244]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   14.618805][  T244]  ? netlink_deliver_tap+0x13e/0x340
[   14.618951][  T244]  ? netlink_deliver_tap+0xc3/0x340
[   14.619092][  T244]  netlink_unicast+0x44b/0x710
[   14.619316][  T244]  ? __pfx_netlink_unicast+0x10/0x10
[   14.619456][  T244]  ? find_held_lock+0x2c/0x110
[   14.619596][  T244]  netlink_sendmsg+0x723/0xbe0
[   14.619734][  T244]  ? __pfx_netlink_sendmsg+0x10/0x10
[   14.619955][  T244]  ____sys_sendmsg+0x7ac/0xa10
[   14.620100][  T244]  ? __pfx_____sys_sendmsg+0x10/0x10
[   14.620239][  T244]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   14.620419][  T244]  ___sys_sendmsg+0xee/0x170
[   14.620644][  T244]  ? __pfx____sys_sendmsg+0x10/0x10
[   14.620785][  T244]  ? kasan_save_stack+0x34/0x50
[   14.620930][  T244]  ? kasan_save_stack+0x24/0x50
[   14.621070][  T244]  ? __kasan_record_aux_stack+0x8e/0xa0
[   14.621295][  T244]  ? __call_rcu_common.constprop.0+0xa1/0x4b0
[   14.621471][  T244]  ? __x64_sys_close+0x7c/0xd0
[   14.621616][  T244]  ? do_syscall_64+0xc1/0x1d0
[   14.621758][  T244]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   14.622012][  T244]  ? __lock_acquire+0xb9a/0x1680
[   14.622153][  T244]  ? find_held_lock+0x2c/0x110
[   14.622308][  T244]  ? __lock_release+0x103/0x460
[   14.622526][  T244]  ? __virt_addr_valid+0x22b/0x430
[   14.622668][  T244]  ? __pfx___lock_release+0x10/0x10
[   14.622807][  T244]  ? __pfx_lock_acquire.part.0+0x10/0x10
[   14.622951][  T244]  __sys_sendmsg+0x109/0x1a0
[   14.623173][  T244]  ? __pfx___sys_sendmsg+0x10/0x10
[   14.623317][  T244]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[   14.623498][  T244]  do_syscall_64+0xc1/0x1d0
[   14.623636][  T244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   14.623887][  T244] RIP: 0033:0x7fc5d28a69a7
[   14.624035][  T244] Code: 0a 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b9 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[   14.624530][  T244] RSP: 002b:00007ffcccba2e28 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   14.624743][  T244] RAX: ffffffffffffffda RBX: 00007ffcccba3550 RCX: 00007fc5d28a69a7
[   14.625039][  T244] RDX: 0000000000000000 RSI: 00007ffcccba2e90 RDI: 0000000000000003
[   14.625252][  T244] RBP: 0000000000000003 R08: 0000000000000003 R09: 0000000000000078
[   14.625467][  T244] R10: 00007fc5d2764ef8 R11: 0000000000000246 R12: 0000000000000003
[   14.625761][  T244] R13: 00000000677c4d12 R14: 0000000000498600 R15: 0000000000000000
[   14.625977][  T244]  </TASK>
[   14.626087][  T244] Modules linked in: netdevsim
[   14.626475][  T244] ---[ end trace 0000000000000000 ]---
[   14.626678][  T244] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[   14.626873][  T244] Code: bb 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 5d bc 68 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[   14.627383][  T244] RSP: 0018:ffffc900006f6f98 EFLAGS: 00010a06
[   14.627575][  T244] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffffbaa37b43
[   14.627881][  T244] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[   14.628100][  T244] RBP: fffffbfff77d8878 R08: 0000000000000000 R09: fffffbfff7b99888
[   14.628322][  T244] R10: ffffffffbdccc447 R11: ffffc900006f6a80 R12: ffff88800b3ef220
[   14.628558][  T244] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[   14.628782][  T244] FS:  00007fc5d269a800(0000) GS:ffff88802f700000(0000) knlGS:0000000000000000
[   14.629119][  T244] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   14.629305][  T244] CR2: 00000000004e5d90 CR3: 000000000ede8004 CR4: 0000000000772ef0
[   14.629534][  T244] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   14.629840][  T244] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   14.630060][  T244] PKRU: 55555554
[   14.630183][  T244] Kernel panic - not syncing: Fatal exception
[   14.630555][  T244] Kernel Offset: 0x37400000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[   14.630883][  T244] ---[ end Kernel panic - not syncing: Fatal exception ]---

WAIT TIMEOUT stderr

Ctrl-C stderr

Ctrl-C stderr

WAIT TIMEOUT stderr