[    9.805289][  T223] netdevsim netdevsim177 eni177np1: renamed from eth0
[   10.671086][  T233] ip (233) used greatest stack depth: 24016 bytes left
[   10.869754][  T219] ==================================================================
[   10.870039][  T219] BUG: KASAN: use-after-free in page_pool_item_uninit+0x100/0x130
[   10.870296][  T219] Read of size 8 at addr ffff88800a3d1008 by task python3/219
[   10.870537][  T219] 
[   10.870623][  T219] CPU: 0 UID: 0 PID: 219 Comm: python3 Not tainted 6.13.0-rc5-virtme #1
[   10.870868][  T219] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   10.871075][  T219] Call Trace:
[   10.871206][  T219]  <TASK>
[   10.871291][  T219]  dump_stack_lvl+0x82/0xd0
[   10.871458][  T219]  print_address_description.constprop.0+0x2c/0x3b0
[   10.871667][  T219]  ? page_pool_item_uninit+0x100/0x130
[   10.871830][  T219]  print_report+0xb4/0x270
[   10.871995][  T219]  ? kasan_addr_to_slab+0x25/0x80
[   10.872164][  T219]  kasan_report+0xbd/0xf0
[   10.872288][  T219]  ? page_pool_item_uninit+0x100/0x130
[   10.872454][  T219]  page_pool_item_uninit+0x100/0x130
[   10.872618][  T219]  page_pool_release+0x44a/0x5b0
[   10.872782][  T219]  ? __pfx_autoremove_wake_function+0x10/0x10
[   10.872986][  T219]  ? __pfx_page_pool_release+0x10/0x10
[   10.873154][  T219]  ? napi_disable+0x383/0x5b0
[   10.873319][  T219]  page_pool_destroy+0x11e/0x560
[   10.873484][  T219]  nsim_stop+0x21a/0x390 [netdevsim]
[   10.873662][  T219]  __dev_close_many+0x1a0/0x2d0
[   10.873825][  T219]  ? __pfx___dev_close_many+0x10/0x10
[   10.873988][  T219]  ? __pfx_validate_chain+0x10/0x10
[   10.874156][  T219]  ? hlock_class+0x4e/0x130
[   10.874320][  T219]  ? mark_lock+0x38/0x3e0
[   10.874443][  T219]  ? hlock_class+0x4e/0x130
[   10.874605][  T219]  dev_close_many+0x202/0x650
[   10.874767][  T219]  ? __pfx_dev_close_many+0x10/0x10
[   10.874936][  T219]  unregister_netdevice_many_notify+0x8ed/0x1580
[   10.875141][  T219]  ? __mutex_trylock_common+0xfa/0x260
[   10.875307][  T219]  ? __pfx___mutex_trylock_common+0x10/0x10
[   10.875507][  T219]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[   10.875710][  T219]  ? lock_acquire+0x32/0xc0
[   10.875874][  T219]  ? __mutex_lock+0x190/0xbc0
[   10.876041][  T219]  ? nsim_destroy+0x6b/0x5e0 [netdevsim]
[   10.876217][  T219]  ? __pfx___mutex_lock+0x10/0x10
[   10.876381][  T219]  unregister_netdevice_queue+0x2a4/0x410
[   10.876545][  T219]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   10.876711][  T219]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   10.876919][  T219]  nsim_destroy+0xe8/0x5e0 [netdevsim]
[   10.877094][  T219]  __nsim_dev_port_del+0x17e/0x250 [netdevsim]
[   10.877309][  T219]  nsim_dev_reload_destroy+0xe0/0x460 [netdevsim]
[   10.877523][  T219]  nsim_drv_remove+0x51/0x1d0 [netdevsim]
[   10.877698][  T219]  device_release_driver_internal+0x3bf/0x590
[   10.877902][  T219]  ? klist_put+0xb1/0x170
[   10.878026][  T219]  bus_remove_device+0x1f1/0x3f0
[   10.878190][  T219]  device_del+0x33f/0x8c0
[   10.878315][  T219]  ? __pfx_device_del+0x10/0x10
[   10.878481][  T219]  ? lock_acquire.part.0+0xeb/0x330
[   10.878641][  T219]  ? kernfs_fop_write_iter+0x22e/0x460
[   10.878809][  T219]  device_unregister+0x17/0xb0
[   10.878983][  T219]  del_device_store+0x2f3/0x4f0 [netdevsim]
[   10.879196][  T219]  ? __pfx_del_device_store+0x10/0x10 [netdevsim]
[   10.879407][  T219]  ? __pfx_sysfs_kf_write+0x10/0x10
[   10.879594][  T219]  ? sysfs_file_ops+0x11e/0x170
[   10.879757][  T219]  ? __pfx_sysfs_kf_write+0x10/0x10
[   10.879935][  T219]  kernfs_fop_write_iter+0x2ba/0x460
[   10.880097][  T219]  vfs_write+0xa81/0x11e0
[   10.880220][  T219]  ? __mutex_lock+0x190/0xbc0
[   10.880383][  T219]  ? __pfx_vfs_write+0x10/0x10
[   10.880552][  T219]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   10.880757][  T219]  ksys_write+0xf8/0x1d0
[   10.880880][  T219]  ? __pfx_ksys_write+0x10/0x10
[   10.881043][  T219]  ? kernfs_fop_llseek+0x127/0x1b0
[   10.881209][  T219]  do_syscall_64+0xc1/0x1d0
[   10.881373][  T219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   10.881579][  T219] RIP: 0033:0x7f9c5e60db77
[   10.881749][  T219] Code: 0b 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74 24
[   10.882332][  T219] RSP: 002b:00007fffc1cc4bc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   10.882577][  T219] RAX: ffffffffffffffda RBX: 00007f9c5e3f3140 RCX: 00007f9c5e60db77
[   10.882821][  T219] RDX: 0000000000000003 RSI: 00005561600b71f0 RDI: 0000000000000006
[   10.883063][  T219] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[   10.883308][  T219] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f9c50321880
[   10.883556][  T219] R13: 00005561600b71f0 R14: 0000000000000006 R15: 000055615fe2b980
[   10.883802][  T219]  </TASK>
[   10.883922][  T219] 
[   10.884004][  T219] The buggy address belongs to the physical page:
[   10.884203][  T219] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa3d1
[   10.884490][  T219] flags: 0x80000000000000(node=0|zone=1)
[   10.884660][  T219] page_type: f5(slab)
[   10.884788][  T219] raw: 0080000000000000 ffff8880010427c0 ffffea0000131690 ffff8880010406e8
[   10.885079][  T219] raw: 0000000000000000 0000000000190019 00000001f5000000 0000000000000000
[   10.885361][  T219] page dumped because: kasan: bad access detected
[   10.885559][  T219] 
[   10.885643][  T219] Memory state around the buggy address:
[   10.885804][  T219]  ffff88800a3d0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.886042][  T219]  ffff88800a3d0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   10.886276][  T219] >ffff88800a3d1000: fc fc fa fb fc fc fc fc fc fc fc fc fc fc fc fc
[   10.886513][  T219]                       ^
[   10.886638][  T219]  ffff88800a3d1080: fc fc fc fc fc fc fa fb fc fc fc fc fc fc fc fc
[   10.886876][  T219]  ffff88800a3d1100: fc fc fc fc fc fc fc fc fc fc fa fb fc fc fc fc
[   10.887109][  T219] ==================================================================
[   10.887365][  T219] Disabling lock debugging due to kernel taint
[   10.887578][  T219] Oops: general protection fault, probably for non-canonical address 0xf99995999999999c: 0000 [#1] PREEMPT SMP KASAN NOPTI
[   10.887970][  T219] KASAN: maybe wild-memory-access in range [0xcccccccccccccce0-0xcccccccccccccce7]
[   10.888244][  T219] CPU: 0 UID: 0 PID: 219 Comm: python3 Tainted: G    B              6.13.0-rc5-virtme #1
[   10.888522][  T219] Tainted: [B]=BAD_PAGE
[   10.888644][  T219] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[   10.888844][  T219] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[   10.889059][  T219] Code: 9f 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 5d bc 68 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[   10.889619][  T219] RSP: 0018:ffffc90000b474f0 EFLAGS: 00010a06
[   10.889823][  T219] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffff9e637b43
[   10.890062][  T219] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[   10.890299][  T219] RBP: fffffbfff3f58878 R08: 0000000000000000 R09: fffffbfff4319888
[   10.890538][  T219] R10: ffffffffa18cc447 R11: ffffc90000b46fc0 R12: ffff888005de2a20
[   10.890774][  T219] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[   10.891014][  T219] FS:  00007f9c5e3f31c0(0000) GS:ffff888036000000(0000) knlGS:0000000000000000
[   10.891290][  T219] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   10.891489][  T219] CR2: 00007f9c50e18dd0 CR3: 0000000004d8c005 CR4: 0000000000772ef0
[   10.891730][  T219] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   10.891968][  T219] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   10.892203][  T219] PKRU: 55555554
[   10.892322][  T219] Call Trace:
[   10.892439][  T219]  <TASK>
[   10.892519][  T219]  ? die_addr+0x41/0xa0
[   10.892641][  T219]  ? exc_general_protection+0x14d/0x230
[   10.892801][  T219]  ? asm_exc_general_protection+0x26/0x30
[   10.892963][  T219]  ? page_pool_item_uninit+0x73/0x130
[   10.893121][  T219]  ? page_pool_item_uninit+0x7a/0x130
[   10.893278][  T219]  page_pool_release+0x44a/0x5b0
[   10.893435][  T219]  ? __pfx_autoremove_wake_function+0x10/0x10
[   10.893633][  T219]  ? __pfx_page_pool_release+0x10/0x10
[   10.893788][  T219]  ? napi_disable+0x383/0x5b0
[   10.893946][  T219]  page_pool_destroy+0x11e/0x560
[   10.894104][  T219]  nsim_stop+0x21a/0x390 [netdevsim]
[   10.894276][  T219]  __dev_close_many+0x1a0/0x2d0
[   10.894440][  T219]  ? __pfx___dev_close_many+0x10/0x10
[   10.894595][  T219]  ? __pfx_validate_chain+0x10/0x10
[   10.894753][  T219]  ? hlock_class+0x4e/0x130
[   10.894909][  T219]  ? mark_lock+0x38/0x3e0
[   10.895025][  T219]  ? hlock_class+0x4e/0x130
[   10.895185][  T219]  dev_close_many+0x202/0x650
[   10.895341][  T219]  ? __pfx_dev_close_many+0x10/0x10
[   10.895499][  T219]  unregister_netdevice_many_notify+0x8ed/0x1580
[   10.895697][  T219]  ? __mutex_trylock_common+0xfa/0x260
[   10.895855][  T219]  ? __pfx___mutex_trylock_common+0x10/0x10
[   10.896048][  T219]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[   10.896243][  T219]  ? lock_acquire+0x32/0xc0
[   10.896400][  T219]  ? __mutex_lock+0x190/0xbc0
[   10.896556][  T219]  ? nsim_destroy+0x6b/0x5e0 [netdevsim]
[   10.896722][  T219]  ? __pfx___mutex_lock+0x10/0x10
[   10.896879][  T219]  unregister_netdevice_queue+0x2a4/0x410
[   10.897034][  T219]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   10.897191][  T219]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   10.897386][  T219]  nsim_destroy+0xe8/0x5e0 [netdevsim]
[   10.897555][  T219]  __nsim_dev_port_del+0x17e/0x250 [netdevsim]
[   10.897757][  T219]  nsim_dev_reload_destroy+0xe0/0x460 [netdevsim]
[   10.897959][  T219]  nsim_drv_remove+0x51/0x1d0 [netdevsim]
[   10.898125][  T219]  device_release_driver_internal+0x3bf/0x590
[   10.898318][  T219]  ? klist_put+0xb1/0x170
[   10.898438][  T219]  bus_remove_device+0x1f1/0x3f0
[   10.898595][  T219]  device_del+0x33f/0x8c0
[   10.898715][  T219]  ? __pfx_device_del+0x10/0x10
[   10.898876][  T219]  ? lock_acquire.part.0+0xeb/0x330
[   10.899031][  T219]  ? kernfs_fop_write_iter+0x22e/0x460
[   10.899282][  T219]  device_unregister+0x17/0xb0
[   10.899440][  T219]  del_device_store+0x2f3/0x4f0 [netdevsim]
[   10.899644][  T219]  ? __pfx_del_device_store+0x10/0x10 [netdevsim]
[   10.899848][  T219]  ? __pfx_sysfs_kf_write+0x10/0x10
[   10.900096][  T219]  ? sysfs_file_ops+0x11e/0x170
[   10.900255][  T219]  ? __pfx_sysfs_kf_write+0x10/0x10
[   10.900409][  T219]  kernfs_fop_write_iter+0x2ba/0x460
[   10.900565][  T219]  vfs_write+0xa81/0x11e0
[   10.900778][  T219]  ? __mutex_lock+0x190/0xbc0
[   10.900933][  T219]  ? __pfx_vfs_write+0x10/0x10
[   10.901090][  T219]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   10.901285][  T219]  ksys_write+0xf8/0x1d0
[   10.901496][  T219]  ? __pfx_ksys_write+0x10/0x10
[   10.901651][  T219]  ? kernfs_fop_llseek+0x127/0x1b0
[   10.901807][  T219]  do_syscall_64+0xc1/0x1d0
[   10.901962][  T219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   10.902157][  T219] RIP: 0033:0x7f9c5e60db77
[   10.902318][  T219] Code: 0b 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74 24
[   10.902968][  T219] RSP: 002b:00007fffc1cc4bc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   10.903203][  T219] RAX: ffffffffffffffda RBX: 00007f9c5e3f3140 RCX: 00007f9c5e60db77
[   10.903530][  T219] RDX: 0000000000000003 RSI: 00005561600b71f0 RDI: 0000000000000006
[   10.903770][  T219] RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
[   10.904003][  T219] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f9c50321880
[   10.904336][  T219] R13: 00005561600b71f0 R14: 0000000000000006 R15: 000055615fe2b980
[   10.904572][  T219]  </TASK>
[   10.904694][  T219] Modules linked in: netdevsim
[   10.905020][  T219] ---[ end trace 0000000000000000 ]---
[   10.905189][  T219] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[   10.905390][  T219] Code: 9f 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 5d bc 68 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[   10.906035][  T219] RSP: 0018:ffffc90000b474f0 EFLAGS: 00010a06
[   10.906236][  T219] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffff9e637b43
[   10.906472][  T219] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[   10.906802][  T219] RBP: fffffbfff3f58878 R08: 0000000000000000 R09: fffffbfff4319888
[   10.907036][  T219] R10: ffffffffa18cc447 R11: ffffc90000b46fc0 R12: ffff888005de2a20
[   10.907277][  T219] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[   10.907604][  T219] FS:  00007f9c5e3f31c0(0000) GS:ffff888036000000(0000) knlGS:0000000000000000
[   10.907875][  T219] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   10.908168][  T219] CR2: 00007f9c50e18dd0 CR3: 0000000004d8c005 CR4: 0000000000772ef0
[   10.908450][  T219] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   10.908684][  T219] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   10.909020][  T219] PKRU: 55555554
[   10.909146][  T219] Kernel panic - not syncing: Fatal exception
[   10.909463][  T219] Kernel Offset: 0x1b000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[   10.909919][  T219] ---[ end Kernel panic - not syncing: Fatal exception ]---

WAIT TIMEOUT stderr

Ctrl-C stderr

Ctrl-C stderr

WAIT TIMEOUT stderr