[  370.307350][ T5787] netdevsim netdevsim627 eni627np1: renamed from eth0
[  375.783953][ T5840] ==================================================================
[  375.784245][ T5840] BUG: KASAN: use-after-free in page_pool_item_uninit+0x100/0x130
[  375.784497][ T5840] Read of size 8 at addr ffff88800240f008 by task tc-mq-visibilit/5840
[  375.784742][ T5840] 
[  375.784828][ T5840] CPU: 1 UID: 0 PID: 5840 Comm: tc-mq-visibilit Not tainted 6.13.0-rc5-virtme #1
[  375.785112][ T5840] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[  375.785319][ T5840] Call Trace:
[  375.785444][ T5840]  <TASK>
[  375.785529][ T5840]  dump_stack_lvl+0x82/0xd0
[  375.785707][ T5840]  print_address_description.constprop.0+0x2c/0x3b0
[  375.785946][ T5840]  ? page_pool_item_uninit+0x100/0x130
[  375.786112][ T5840]  print_report+0xb4/0x270
[  375.786290][ T5840]  ? kasan_addr_to_slab+0x25/0x80
[  375.786459][ T5840]  kasan_report+0xbd/0xf0
[  375.786582][ T5840]  ? page_pool_item_uninit+0x100/0x130
[  375.786751][ T5840]  page_pool_item_uninit+0x100/0x130
[  375.786917][ T5840]  page_pool_release+0x44a/0x5b0
[  375.787080][ T5840]  ? __pfx_autoremove_wake_function+0x10/0x10
[  375.787284][ T5840]  ? __pfx_page_pool_release+0x10/0x10
[  375.787445][ T5840]  ? napi_disable+0x383/0x5b0
[  375.787610][ T5840]  page_pool_destroy+0x11e/0x560
[  375.787772][ T5840]  nsim_stop+0x21a/0x390 [netdevsim]
[  375.787958][ T5840]  __dev_close_many+0x1a0/0x2d0
[  375.788122][ T5840]  ? __pfx___dev_close_many+0x10/0x10
[  375.788285][ T5840]  ? __pfx_validate_chain+0x10/0x10
[  375.788449][ T5840]  ? hlock_class+0x4e/0x130
[  375.788610][ T5840]  ? mark_lock+0x38/0x3e0
[  375.788732][ T5840]  ? hlock_class+0x4e/0x130
[  375.788896][ T5840]  dev_close_many+0x202/0x650
[  375.789060][ T5840]  ? __pfx_dev_close_many+0x10/0x10
[  375.789227][ T5840]  unregister_netdevice_many_notify+0x8ed/0x1580
[  375.789433][ T5840]  ? __mutex_trylock_common+0xfa/0x260
[  375.789598][ T5840]  ? __pfx___mutex_trylock_common+0x10/0x10
[  375.789801][ T5840]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  375.790006][ T5840]  ? lock_acquire+0x32/0xc0
[  375.790175][ T5840]  ? __mutex_lock+0x190/0xbc0
[  375.790339][ T5840]  ? nsim_destroy+0x6b/0x620 [netdevsim]
[  375.790516][ T5840]  ? __pfx___mutex_lock+0x10/0x10
[  375.790678][ T5840]  unregister_netdevice_queue+0x2a4/0x410
[  375.790843][ T5840]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  375.791011][ T5840]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  375.791220][ T5840]  nsim_destroy+0xe8/0x620 [netdevsim]
[  375.791400][ T5840]  __nsim_dev_port_del+0x17e/0x250 [netdevsim]
[  375.791612][ T5840]  nsim_dev_reload_destroy+0xe0/0x470 [netdevsim]
[  375.791827][ T5840]  nsim_drv_remove+0x51/0x1d0 [netdevsim]
[  375.792006][ T5840]  device_release_driver_internal+0x3bf/0x590
[  375.792210][ T5840]  ? klist_put+0xb1/0x170
[  375.792334][ T5840]  bus_remove_device+0x1f1/0x3f0
[  375.792508][ T5840]  device_del+0x33f/0x8c0
[  375.792640][ T5840]  ? __pfx_device_del+0x10/0x10
[  375.792811][ T5840]  ? lock_acquire.part.0+0xeb/0x330
[  375.792983][ T5840]  ? kernfs_fop_write_iter+0x22e/0x460
[  375.793151][ T5840]  device_unregister+0x17/0xb0
[  375.793322][ T5840]  del_device_store+0x2f3/0x4f0 [netdevsim]
[  375.793542][ T5840]  ? __pfx_del_device_store+0x10/0x10 [netdevsim]
[  375.793756][ T5840]  ? __pfx_sysfs_kf_write+0x10/0x10
[  375.793921][ T5840]  ? sysfs_file_ops+0x11e/0x170
[  375.794089][ T5840]  ? __pfx_sysfs_kf_write+0x10/0x10
[  375.794254][ T5840]  kernfs_fop_write_iter+0x2ba/0x460
[  375.794416][ T5840]  vfs_write+0xa81/0x11e0
[  375.794541][ T5840]  ? __pfx_vfs_write+0x10/0x10
[  375.794704][ T5840]  ? __lock_release+0x103/0x460
[  375.794869][ T5840]  ? do_user_addr_fault+0x972/0xe30
[  375.795046][ T5840]  ? __pfx___up_read+0x10/0x10
[  375.795209][ T5840]  ksys_write+0xf8/0x1d0
[  375.795335][ T5840]  ? __pfx_ksys_write+0x10/0x10
[  375.795496][ T5840]  ? do_user_addr_fault+0x97c/0xe30
[  375.795662][ T5840]  do_syscall_64+0xc1/0x1d0
[  375.795824][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.796058][ T5840] RIP: 0033:0x7f7255ce0b77
[  375.796232][ T5840] Code: 0b 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74 24
[  375.796803][ T5840] RSP: 002b:00007ffe1ddb6388 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  375.797057][ T5840] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f7255ce0b77
[  375.797304][ T5840] RDX: 0000000000000004 RSI: 000055f06265f070 RDI: 0000000000000001
[  375.797545][ T5840] RBP: 000055f06265f070 R08: 0000000000000003 R09: 0000000000000000
[  375.797785][ T5840] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000004
[  375.798032][ T5840] R13: 00007f7255d9c760 R14: 0000000000000004 R15: 00007f7255d979c0
[  375.798284][ T5840]  </TASK>
[  375.798405][ T5840] 
[  375.798487][ T5840] The buggy address belongs to the physical page:
[  375.798685][ T5840] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x240f
[  375.798970][ T5840] flags: 0x80000000000000(node=0|zone=1)
[  375.799138][ T5840] page_type: f5(slab)
[  375.799270][ T5840] raw: 0080000000000000 ffff8880010427c0 ffffea0000131f90 ffff8880010406e8
[  375.799555][ T5840] raw: 0000000000000000 0000000000190019 00000001f5000000 0000000000000000
[  375.799837][ T5840] page dumped because: kasan: bad access detected
[  375.800037][ T5840] 
[  375.800219][ T5840] Memory state around the buggy address:
[  375.800383][ T5840]  ffff88800240ef00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  375.800619][ T5840]  ffff88800240ef80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  375.800951][ T5840] >ffff88800240f000: fc fc fa fb fc fc fc fc fc fc fc fc fc fc fc fc
[  375.801188][ T5840]                       ^
[  375.801309][ T5840]  ffff88800240f080: fc fc fc fc fc fc fa fb fc fc fc fc fc fc fc fc
[  375.801546][ T5840]  ffff88800240f100: fc fc fc fc fc fc fc fc fc fc fa fb fc fc fc fc
[  375.801872][ T5840] ==================================================================
[  375.802154][ T5840] Disabling lock debugging due to kernel taint
[  375.802481][ T5840] Oops: general protection fault, probably for non-canonical address 0xf99995999999999c: 0000 [#1] PREEMPT SMP KASAN NOPTI
[  375.802882][ T5840] KASAN: maybe wild-memory-access in range [0xcccccccccccccce0-0xcccccccccccccce7]
[  375.803255][ T5840] CPU: 1 UID: 0 PID: 5840 Comm: tc-mq-visibilit Tainted: G    B              6.13.0-rc5-virtme #1
[  375.803588][ T5840] Tainted: [B]=BAD_PAGE
[  375.803708][ T5840] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[  375.804017][ T5840] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[  375.804229][ T5840] Code: 95 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 dd 9c 69 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[  375.804887][ T5840] RSP: 0018:ffffc90000b174f0 EFLAGS: 00010a06
[  375.805086][ T5840] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffff94029ac3
[  375.805333][ T5840] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[  375.805665][ T5840] RBP: fffffbfff2a98a78 R08: 0000000000000000 R09: fffffbfff2e5a088
[  375.805901][ T5840] R10: ffffffff972d0447 R11: 205d303438355420 R12: ffff88800ef8b620
[  375.806238][ T5840] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[  375.806497][ T5840] FS:  00007f7255b9f740(0000) GS:ffff888036080000(0000) knlGS:0000000000000000
[  375.806802][ T5840] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  375.807002][ T5840] CR2: 000055f062660078 CR3: 0000000005276006 CR4: 0000000000772ef0
[  375.807239][ T5840] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  375.807471][ T5840] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  375.807712][ T5840] PKRU: 55555554
[  375.807834][ T5840] Call Trace:
[  375.807954][ T5840]  <TASK>
[  375.808038][ T5840]  ? die_addr+0x41/0xa0
[  375.808164][ T5840]  ? exc_general_protection+0x14d/0x230
[  375.808327][ T5840]  ? asm_exc_general_protection+0x26/0x30
[  375.808488][ T5840]  ? page_pool_item_uninit+0x73/0x130
[  375.808649][ T5840]  ? page_pool_item_uninit+0x7a/0x130
[  375.808805][ T5840]  page_pool_release+0x44a/0x5b0
[  375.808966][ T5840]  ? __pfx_autoremove_wake_function+0x10/0x10
[  375.809163][ T5840]  ? __pfx_page_pool_release+0x10/0x10
[  375.809327][ T5840]  ? napi_disable+0x383/0x5b0
[  375.809488][ T5840]  page_pool_destroy+0x11e/0x560
[  375.809648][ T5840]  nsim_stop+0x21a/0x390 [netdevsim]
[  375.809825][ T5840]  __dev_close_many+0x1a0/0x2d0
[  375.809979][ T5840]  ? __pfx___dev_close_many+0x10/0x10
[  375.810137][ T5840]  ? __pfx_validate_chain+0x10/0x10
[  375.810297][ T5840]  ? hlock_class+0x4e/0x130
[  375.810456][ T5840]  ? mark_lock+0x38/0x3e0
[  375.810577][ T5840]  ? hlock_class+0x4e/0x130
[  375.810831][ T5840]  dev_close_many+0x202/0x650
[  375.810989][ T5840]  ? __pfx_dev_close_many+0x10/0x10
[  375.811155][ T5840]  unregister_netdevice_many_notify+0x8ed/0x1580
[  375.811351][ T5840]  ? __mutex_trylock_common+0xfa/0x260
[  375.811604][ T5840]  ? __pfx___mutex_trylock_common+0x10/0x10
[  375.811803][ T5840]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  375.811994][ T5840]  ? lock_acquire+0x32/0xc0
[  375.812149][ T5840]  ? __mutex_lock+0x190/0xbc0
[  375.812405][ T5840]  ? nsim_destroy+0x6b/0x620 [netdevsim]
[  375.812588][ T5840]  ? __pfx___mutex_lock+0x10/0x10
[  375.812744][ T5840]  unregister_netdevice_queue+0x2a4/0x410
[  375.812901][ T5840]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  375.813153][ T5840]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  375.813352][ T5840]  nsim_destroy+0xe8/0x620 [netdevsim]
[  375.813518][ T5840]  __nsim_dev_port_del+0x17e/0x250 [netdevsim]
[  375.813825][ T5840]  nsim_dev_reload_destroy+0xe0/0x470 [netdevsim]
[  375.814035][ T5840]  nsim_drv_remove+0x51/0x1d0 [netdevsim]
[  375.814202][ T5840]  device_release_driver_internal+0x3bf/0x590
[  375.814405][ T5840]  ? klist_put+0xb1/0x170
[  375.814619][ T5840]  bus_remove_device+0x1f1/0x3f0
[  375.814777][ T5840]  device_del+0x33f/0x8c0
[  375.814899][ T5840]  ? __pfx_device_del+0x10/0x10
[  375.815062][ T5840]  ? lock_acquire.part.0+0xeb/0x330
[  375.815315][ T5840]  ? kernfs_fop_write_iter+0x22e/0x460
[  375.815473][ T5840]  device_unregister+0x17/0xb0
[  375.815628][ T5840]  del_device_store+0x2f3/0x4f0 [netdevsim]
[  375.815859][ T5840]  ? __pfx_del_device_store+0x10/0x10 [netdevsim]
[  375.816172][ T5840]  ? __pfx_sysfs_kf_write+0x10/0x10
[  375.816336][ T5840]  ? sysfs_file_ops+0x11e/0x170
[  375.816492][ T5840]  ? __pfx_sysfs_kf_write+0x10/0x10
[  375.816648][ T5840]  kernfs_fop_write_iter+0x2ba/0x460
[  375.816899][ T5840]  vfs_write+0xa81/0x11e0
[  375.817018][ T5840]  ? __pfx_vfs_write+0x10/0x10
[  375.817178][ T5840]  ? __lock_release+0x103/0x460
[  375.817332][ T5840]  ? do_user_addr_fault+0x972/0xe30
[  375.817584][ T5840]  ? __pfx___up_read+0x10/0x10
[  375.817748][ T5840]  ksys_write+0xf8/0x1d0
[  375.817864][ T5840]  ? __pfx_ksys_write+0x10/0x10
[  375.818020][ T5840]  ? do_user_addr_fault+0x97c/0xe30
[  375.818278][ T5840]  do_syscall_64+0xc1/0x1d0
[  375.818438][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.818632][ T5840] RIP: 0033:0x7f7255ce0b77
[  375.818796][ T5840] Code: 0b 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74 24
[  375.819456][ T5840] RSP: 002b:00007ffe1ddb6388 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  375.819794][ T5840] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f7255ce0b77
[  375.820038][ T5840] RDX: 0000000000000004 RSI: 000055f06265f070 RDI: 0000000000000001
[  375.820277][ T5840] RBP: 000055f06265f070 R08: 0000000000000003 R09: 0000000000000000
[  375.820615][ T5840] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000004
[  375.820845][ T5840] R13: 00007f7255d9c760 R14: 0000000000000004 R15: 00007f7255d979c0
[  375.821178][ T5840]  </TASK>
[  375.821300][ T5840] Modules linked in: netdevsim [last unloaded: netdevsim]
[  375.821608][ T5840] ---[ end trace 0000000000000000 ]---
[  375.821767][ T5840] RIP: 0010:page_pool_item_uninit+0x7a/0x130
[  375.821964][ T5840] Code: 95 48 bb 00 00 00 00 00 fc ff df 48 c1 ed 03 48 01 dd 4d 8d 75 1c be 04 00 00 00 4c 89 f7 e8 dd 9c 69 fe 4c 89 f0 48 c1 e8 03 <0f> b6 14 18 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 62 41
[  375.822702][ T5840] RSP: 0018:ffffc90000b174f0 EFLAGS: 00010a06
[  375.822901][ T5840] RAX: 199999999999999c RBX: dffffc0000000000 RCX: ffffffff94029ac3
[  375.823132][ T5840] RDX: 0000000000000000 RSI: 0000000000000004 RDI: cccccccccccccce0
[  375.823480][ T5840] RBP: fffffbfff2a98a78 R08: 0000000000000000 R09: fffffbfff2e5a088
[  375.823714][ T5840] R10: ffffffff972d0447 R11: 205d303438355420 R12: ffff88800ef8b620
[  375.824044][ T5840] R13: ccccccccccccccc4 R14: cccccccccccccce0 R15: 0000000000000000
[  375.824323][ T5840] FS:  00007f7255b9f740(0000) GS:ffff888036080000(0000) knlGS:0000000000000000
[  375.824597][ T5840] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  375.824891][ T5840] CR2: 000055f062660078 CR3: 0000000005276006 CR4: 0000000000772ef0
[  375.825128][ T5840] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  375.825377][ T5840] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  375.825704][ T5840] PKRU: 55555554
[  375.825824][ T5840] Kernel panic - not syncing: Fatal exception
[  375.826100][ T5840] Kernel Offset: 0x10a00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[  375.826566][ T5840] ---[ end Kernel panic - not syncing: Fatal exception ]---

WAIT TIMEOUT stderr

Ctrl-C stderr

Ctrl-C stderr

WAIT TIMEOUT stderr