[ 57.409255][ T2306] ip (2306) used greatest stack depth: 24248 bytes left
[ 174.209164][ T5555] netem: version 1.3
[ 456.417711][ T8761] kmemleak: Found object by alias at 0xff1100000c750b40
[ 456.417719][ T8761] CPU: 0 UID: 0 PID: 8761 Comm: pm_nl_ctl Not tainted 6.19.0-rc5-virtme #1 PREEMPT(full)
[ 456.417723][ T8761] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 456.417725][ T8761] Call Trace:
[ 456.417726][ T8761]
[ 456.417728][ T8761] dump_stack_lvl+0x6f/0xa0
[ 456.417737][ T8761] __lookup_object+0x8c/0xb0
[ 456.417741][ T8761] delete_object_full+0x2b/0x70
[ 456.417744][ T8761] kfree+0x2b7/0x580
[ 456.417748][ T8761] ? mptcp_pm_nl_flush_addrs_doit+0x39e/0x530
[ 456.417754][ T8761] ? mptcp_pm_nl_flush_addrs_doit+0x39e/0x530
[ 456.417756][ T8761] mptcp_pm_nl_flush_addrs_doit+0x39e/0x530
[ 456.417759][ T8761] ? mptcp_pm_nl_del_addr_doit+0x7b0/0x7b0
[ 456.417762][ T8761] ? genl_family_rcv_msg_attrs_parse.isra.0+0x157/0x2b0
[ 456.417768][ T8761] genl_family_rcv_msg_doit+0x1e4/0x2c0
[ 456.417771][ T8761] ? genl_family_rcv_msg_attrs_parse.isra.0+0x2b0/0x2b0
[ 456.417773][ T8761] ? rcu_is_watching+0x15/0xd0
[ 456.417777][ T8761] ? perf_trace_sched_switch+0x6d0/0x6d0
[ 456.417779][ T8761] ? genl_rcv_msg+0x101/0x130
[ 456.417785][ T8761] ? rcu_is_watching+0x15/0xd0
[ 456.417787][ T8761] ? cap_capable+0x181/0x3f0
[ 456.417793][ T8761] genl_family_rcv_msg+0x35a/0x5b0
[ 456.417796][ T8761] ? genl_family_rcv_msg_dumpit+0x320/0x320
[ 456.417799][ T8761] ? mptcp_pm_nl_del_addr_doit+0x7b0/0x7b0
[ 456.417802][ T8761] ? __lock_acquire+0x577/0xc10
[ 456.417807][ T8761] genl_rcv_msg+0xa3/0x130
[ 456.417810][ T8761] netlink_rcv_skb+0x123/0x380
[ 456.417813][ T8761] ? genl_family_rcv_msg+0x5b0/0x5b0
[ 456.417816][ T8761] ? netlink_ack+0xcc0/0xcc0
[ 456.417818][ T8761] ? perf_trace_sched_switch+0x6d0/0x6d0
[ 456.417824][ T8761] ? netlink_deliver_tap+0xc5/0x330
[ 456.417826][ T8761] ? netlink_deliver_tap+0x13f/0x330
[ 456.417829][ T8761] genl_rcv+0x28/0x40
[ 456.417832][ T8761] netlink_unicast+0x4a3/0x770
[ 456.417836][ T8761] ? netlink_attachskb+0x810/0x810
[ 456.417837][ T8761] ? __alloc_skb+0x4cd/0x600
[ 456.417841][ T8761] ? napi_skb_cache_get+0x7a0/0x7a0
[ 456.417843][ T8761] ? __lock_acquire+0x577/0xc10
[ 456.417847][ T8761] netlink_sendmsg+0x735/0xc60
[ 456.417851][ T8761] ? netlink_unicast+0x770/0x770
[ 456.417855][ T8761] ? __might_fault+0x97/0x140
[ 456.417860][ T8761] __sys_sendto+0x265/0x390
[ 456.417864][ T8761] ? __ia32_sys_getpeername+0xd0/0xd0
[ 456.417870][ T8761] ? __lock_release.isra.0+0x59/0x170
[ 456.417877][ T8761] ? update_socket_protocol+0x10/0x10
[ 456.417881][ T8761] __x64_sys_sendto+0xe4/0x1f0
[ 456.417883][ T8761] ? lockdep_hardirqs_on+0x84/0x130
[ 456.417886][ T8761] ? do_syscall_64+0x88/0xfc0
[ 456.417889][ T8761] do_syscall_64+0xbd/0xfc0
[ 456.417891][ T8761] entry_SYSCALL_64_after_hwframe+0x4b/0x53
[ 456.417894][ T8761] RIP: 0033:0x7f596e8e3c5e
[ 456.417898][ T8761] Code: 4d 89 d8 e8 14 bd 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa
[ 456.417899][ T8761] RSP: 002b:00007fffbe582300 EFLAGS: 00000202 ORIG_RAX: 000000000000002c
[ 456.417903][ T8761] RAX: ffffffffffffffda RBX: 00007fffbe5823b0 RCX: 00007f596e8e3c5e
[ 456.417904][ T8761] RDX: 0000000000000014 RSI: 00007fffbe5823b0 RDI: 0000000000000005
[ 456.417906][ T8761] RBP: 00007fffbe582310 R08: 00007fffbe582374 R09: 000000000000000c
[ 456.417906][ T8761] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014
[ 456.417907][ T8761] R13: 0000000000000005 R14: 00007f596eaae000 R15: 0000000000406e00
[ 456.417914][ T8761]
[ 456.417915][ T8761] kmemleak: Object 0xff1100000c750b00 (size 128):
[ 456.417916][ T8761] kmemleak: comm "ip", pid 8688, jiffies 4295120470
[ 456.417917][ T8761] kmemleak: min_count = 1
[ 456.417918][ T8761] kmemleak: count = 0
[ 456.417918][ T8761] kmemleak: flags = 0x1
[ 456.417919][ T8761] kmemleak: checksum = 0
[ 456.417919][ T8761] kmemleak: backtrace:
[ 456.417920][ T8761] __kmalloc_noprof+0x58e/0x820
[ 456.417923][ T8761] ops_init+0x70/0x560
[ 456.417925][ T8761] setup_net+0x100/0x360
[ 456.417926][ T8761] copy_net_ns+0x2bf/0x3f0
[ 456.417927][ T8761] create_new_namespaces+0x35d/0x9e0
[ 456.417929][ T8761] unshare_nsproxy_namespaces+0x89/0x130
[ 456.417931][ T8761] ksys_unshare+0x3f3/0x740
[ 456.417934][ T8761] __x64_sys_unshare+0x34/0x50
[ 456.417935][ T8761] do_syscall_64+0xbd/0xfc0
[ 456.417937][ T8761] entry_SYSCALL_64_after_hwframe+0x4b/0x53
[ 456.417938][ T8761] ==================================================================
[ 456.425160][ T8761] BUG: KASAN: invalid-free in mptcp_pm_nl_flush_addrs_doit+0x39e/0x530
[ 456.425291][ T8761] Free of addr ff1100000c750b40 by task pm_nl_ctl/8761
[ 456.425399][ T8761]
[ 456.425444][ T8761] CPU: 0 UID: 0 PID: 8761 Comm: pm_nl_ctl Not tainted 6.19.0-rc5-virtme #1 PREEMPT(full)
[ 456.425447][ T8761] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 456.425448][ T8761] Call Trace:
[ 456.425448][ T8761]
[ 456.425449][ T8761] dump_stack_lvl+0x6f/0xa0
[ 456.425452][ T8761] print_address_description.constprop.0+0x6e/0x300
[ 456.425456][ T8761] ? mptcp_pm_nl_flush_addrs_doit+0x39e/0x530
[ 456.425458][ T8761] print_report+0xfc/0x1fb
[ 456.425459][ T8761] ? mptcp_pm_nl_flush_addrs_doit+0x39e/0x530
[ 456.425461][ T8761] ? __virt_addr_valid+0x1da/0x430
[ 456.425463][ T8761] ? mptcp_pm_nl_flush_addrs_doit+0x39e/0x530
[ 456.425465][ T8761] ? mptcp_pm_nl_flush_addrs_doit+0x39e/0x530
[ 456.425467][ T8761] kasan_report_invalid_free+0xb8/0x170
[ 456.425470][ T8761] ? mptcp_pm_nl_flush_addrs_doit+0x39e/0x530
[ 456.425472][ T8761] check_slab_allocation+0xd8/0xe0
[ 456.425475][ T8761] kfree+0xe4/0x580
[ 456.425477][ T8761] ? mptcp_pm_nl_flush_addrs_doit+0x39e/0x530
[ 456.425479][ T8761] ? mptcp_pm_nl_flush_addrs_doit+0x39e/0x530
[ 456.425481][ T8761] mptcp_pm_nl_flush_addrs_doit+0x39e/0x530
[ 456.425483][ T8761] ? mptcp_pm_nl_del_addr_doit+0x7b0/0x7b0
[ 456.425484][ T8761] ? genl_family_rcv_msg_attrs_parse.isra.0+0x157/0x2b0
[ 456.425488][ T8761] genl_family_rcv_msg_doit+0x1e4/0x2c0
[ 456.425490][ T8761] ? genl_family_rcv_msg_attrs_parse.isra.0+0x2b0/0x2b0
[ 456.425492][ T8761] ? rcu_is_watching+0x15/0xd0
[ 456.425494][ T8761] ? perf_trace_sched_switch+0x6d0/0x6d0
[ 456.425495][ T8761] ? genl_rcv_msg+0x101/0x130
[ 456.425498][ T8761] ? rcu_is_watching+0x15/0xd0
[ 456.425501][ T8761] ? cap_capable+0x181/0x3f0
[ 456.425503][ T8761] genl_family_rcv_msg+0x35a/0x5b0
[ 456.425505][ T8761] ? genl_family_rcv_msg_dumpit+0x320/0x320
[ 456.425508][ T8761] ? mptcp_pm_nl_del_addr_doit+0x7b0/0x7b0
[ 456.425512][ T8761] ? __lock_acquire+0x577/0xc10
[ 456.425515][ T8761] genl_rcv_msg+0xa3/0x130
[ 456.425517][ T8761] netlink_rcv_skb+0x123/0x380
[ 456.425519][ T8761] ? genl_family_rcv_msg+0x5b0/0x5b0
[ 456.425521][ T8761] ? netlink_ack+0xcc0/0xcc0
[ 456.425523][ T8761] ? perf_trace_sched_switch+0x6d0/0x6d0
[ 456.425526][ T8761] ? netlink_deliver_tap+0xc5/0x330
[ 456.425527][ T8761] ? netlink_deliver_tap+0x13f/0x330
[ 456.425530][ T8761] genl_rcv+0x28/0x40
[ 456.425532][ T8761] netlink_unicast+0x4a3/0x770
[ 456.425534][ T8761] ? netlink_attachskb+0x810/0x810
[ 456.425536][ T8761] ? __alloc_skb+0x4cd/0x600
[ 456.425538][ T8761] ? napi_skb_cache_get+0x7a0/0x7a0
[ 456.425539][ T8761] ? __lock_acquire+0x577/0xc10
[ 456.425542][ T8761] netlink_sendmsg+0x735/0xc60
[ 456.425544][ T8761] ? netlink_unicast+0x770/0x770
[ 456.425547][ T8761] ? __might_fault+0x97/0x140
[ 456.425549][ T8761] __sys_sendto+0x265/0x390
[ 456.425551][ T8761] ? __ia32_sys_getpeername+0xd0/0xd0
[ 456.425554][ T8761] ? __lock_release.isra.0+0x59/0x170
[ 456.425558][ T8761] ? update_socket_protocol+0x10/0x10
[ 456.425560][ T8761] __x64_sys_sendto+0xe4/0x1f0
[ 456.425562][ T8761] ? lockdep_hardirqs_on+0x84/0x130
[ 456.425563][ T8761] ? do_syscall_64+0x88/0xfc0
[ 456.425565][ T8761] do_syscall_64+0xbd/0xfc0
[ 456.425567][ T8761] entry_SYSCALL_64_after_hwframe+0x4b/0x53
[ 456.425568][ T8761] RIP: 0033:0x7f596e8e3c5e
[ 456.425569][ T8761] Code: 4d 89 d8 e8 14 bd 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa
[ 456.425571][ T8761] RSP: 002b:00007fffbe582300 EFLAGS: 00000202 ORIG_RAX: 000000000000002c
[ 456.425573][ T8761] RAX: ffffffffffffffda RBX: 00007fffbe5823b0 RCX: 00007f596e8e3c5e
[ 456.425574][ T8761] RDX: 0000000000000014 RSI: 00007fffbe5823b0 RDI: 0000000000000005
[ 456.425574][ T8761] RBP: 00007fffbe582310 R08: 00007fffbe582374 R09: 000000000000000c
[ 456.425575][ T8761] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000014
[ 456.425576][ T8761] R13: 0000000000000005 R14: 00007f596eaae000 R15: 0000000000406e00
[ 456.425579][ T8761]
[ 456.425579][ T8761]
[ 456.432131][ T8761] Allocated by task 8688:
[ 456.432198][ T8761] kasan_save_stack+0x30/0x50
[ 456.432293][ T8761] kasan_save_track+0x14/0x30
[ 456.432419][ T8761] __kasan_kmalloc+0x7b/0x90
[ 456.432513][ T8761] __kmalloc_noprof+0x2cd/0x820
[ 456.432601][ T8761] ops_init+0x70/0x560
[ 456.432666][ T8761] setup_net+0x100/0x360
[ 456.432733][ T8761] copy_net_ns+0x2bf/0x3f0
[ 456.432861][ T8761] create_new_namespaces+0x35d/0x9e0
[ 456.432950][ T8761] unshare_nsproxy_namespaces+0x89/0x130
[ 456.433037][ T8761] ksys_unshare+0x3f3/0x740
[ 456.433125][ T8761] __x64_sys_unshare+0x34/0x50
[ 456.433253][ T8761] do_syscall_64+0xbd/0xfc0
[ 456.433341][ T8761] entry_SYSCALL_64_after_hwframe+0x4b/0x53
[ 456.433450][ T8761]
[ 456.433496][ T8761] The buggy address belongs to the object at ff1100000c750b00
[ 456.433496][ T8761] which belongs to the cache kmalloc-128 of size 128
[ 456.433752][ T8761] The buggy address is located 64 bytes inside of
[ 456.433752][ T8761] 120-byte region [ff1100000c750b00, ff1100000c750b78)
[ 456.434006][ T8761]
[ 456.434052][ T8761] The buggy address belongs to the physical page:
[ 456.434160][ T8761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xff1100000c751400 pfn:0xc750
[ 456.434385][ T8761] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 456.434520][ T8761] flags: 0x80000000000240(workingset|head|node=0|zone=1)
[ 456.434634][ T8761] page_type: f5(slab)
[ 456.434701][ T8761] raw: 0080000000000240 ff1100000103ce40 ff11000001032a88 ffd4000000272290
[ 456.434905][ T8761] raw: ff1100000c751400 0000000000150014 00000000f5000000 0000000000000000
[ 456.435065][ T8761] head: 0080000000000240 ff1100000103ce40 ff11000001032a88 ffd4000000272290
[ 456.435267][ T8761] head: ff1100000c751400 0000000000150014 00000000f5000000 0000000000000000
[ 456.435424][ T8761] head: 0080000000000001 ffd400000031d401 00000000ffffffff 00000000ffffffff
[ 456.435625][ T8761] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 456.435787][ T8761] page dumped because: kasan: bad access detected
[ 456.435899][ T8761]
[ 456.435943][ T8761] Memory state around the buggy address:
[ 456.436074][ T8761] ff1100000c750a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 456.436203][ T8761] ff1100000c750a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 456.436330][ T8761] >ff1100000c750b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[ 456.436497][ T8761] ^
[ 456.436605][ T8761] ff1100000c750b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 456.436773][ T8761] ff1100000c750c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 456.436902][ T8761] ==================================================================
[ 456.437083][ T8761] Disabling lock debugging due to kernel taint
[ 461.797028][ T12] BUG: unable to handle page fault for address: ffa00000067d7728
[ 461.797184][ T12] #PF: supervisor read access in kernel mode
[ 461.797289][ T12] #PF: error_code(0x0000) - not-present page
[ 461.797390][ T12] PGD 1000067 P4D 18e6067 PUD 18eb067 PMD 10951067 PTE 0
[ 461.797503][ T12] Oops: Oops: 0000 [#1] SMP KASAN
[ 461.797592][ T12] CPU: 3 UID: 0 PID: 12 Comm: kworker/u16:0 Tainted: G B 6.19.0-rc5-virtme #1 PREEMPT(full)
[ 461.797777][ T12] Tainted: [B]=BAD_PAGE
[ 461.797839][ T12] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 461.797942][ T12] Workqueue: netns cleanup_net
[ 461.798030][ T12] RIP: 0010:pm_nl_exit_net+0x16c/0x4b0
[ 461.798121][ T12] Code: 4c 01 fd 80 7d 00 00 0f 85 37 02 00 00 4c 8b 73 40 49 8d 76 08 48 89 f0 48 c1 e8 03 42 80 3c 38 00 0f 85 ed 02 00 00 4c 89 f1 <49> 8b 46 08 48 c1 e9 03 42 80 3c 39 00 0f 85 b6 02 00 00 48 89 c7
[ 461.798441][ T12] RSP: 0018:ffa00000000c7a30 EFLAGS: 00010282
[ 461.798589][ T12] RAX: 0000000000000000 RBX: ff1100000c750b00 RCX: ffa00000067d7720
[ 461.798710][ T12] RDX: 0000000000000000 RSI: ffa00000067d7728 RDI: ffa00000000c79f8
[ 461.798830][ T12] RBP: ffe21c00018ea168 R08: 0000000000000008 R09: 0000000000000000
[ 461.798987][ T12] R10: 0000000000000003 R11: ffffffffa6995140 R12: ff1100000c750b40
[ 461.799108][ T12] R13: dead000000000122 R14: ffa00000067d7720 R15: dffffc0000000000
[ 461.799228][ T12] FS: 0000000000000000(0000) GS:ff1100008d7e4000(0000) knlGS:0000000000000000
[ 461.799408][ T12] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 461.799510][ T12] CR2: ffa00000067d7728 CR3: 0000000019ca0002 CR4: 0000000000771ef0
[ 461.799671][ T12] PKRU: 55555554
[ 461.799732][ T12] Call Trace:
[ 461.799794][ T12]
[ 461.799837][ T12] ops_undo_list+0x2d7/0x8f0
[ 461.799918][ T12] ? rtnl_net_dumpid_one+0x2d0/0x2d0
[ 461.800032][ T12] cleanup_net+0x3bc/0x7d0
[ 461.800115][ T12] ? net_passive_dec+0x190/0x190
[ 461.800198][ T12] ? rcu_is_watching+0x15/0xd0
[ 461.800282][ T12] ? process_one_work+0xd16/0x1390
[ 461.800367][ T12] ? lock_acquire+0x10a/0x150
[ 461.800451][ T12] ? rcu_is_watching+0x15/0xd0
[ 461.800534][ T12] process_one_work+0xd57/0x1390
[ 461.800620][ T12] ? pwq_dec_nr_in_flight+0x700/0x700
[ 461.800701][ T12] ? io_schedule_timeout+0x130/0x130
[ 461.800782][ T12] ? lock_acquire.part.0+0xbc/0x260
[ 461.800868][ T12] ? __rwlock_init+0x150/0x150
[ 461.800947][ T12] ? schedule+0x109/0x260
[ 461.801007][ T12] ? assign_work+0x152/0x380
[ 461.801086][ T12] worker_thread+0x4d6/0xd40
[ 461.801169][ T12] ? process_one_work+0x1390/0x1390
[ 461.801251][ T12] kthread+0x355/0x5b0
[ 461.801313][ T12] ? kthread_is_per_cpu+0xe0/0xe0
[ 461.801395][ T12] ? __lock_release.isra.0+0x59/0x170
[ 461.801474][ T12] ? rcu_is_watching+0x15/0xd0
[ 461.801553][ T12] ? kthread_is_per_cpu+0xe0/0xe0
[ 461.801636][ T12] ret_from_fork+0x3fb/0x510
[ 461.801716][ T12] ? arch_exit_to_user_mode_prepare.isra.0+0x140/0x140
[ 461.801821][ T12] ? __switch_to+0x53c/0xd00
[ 461.801901][ T12] ? kthread_is_per_cpu+0xe0/0xe0
[ 461.801981][ T12] ret_from_fork_asm+0x11/0x20
[ 461.802063][ T12]
[ 461.802123][ T12] Modules linked in: xt_bpf sch_netem ipt_REJECT nf_reject_ipv4 nft_compat nf_tables tcp_diag mptcp_diag inet_diag
[ 461.802310][ T12] CR2: ffa00000067d7728
[ 461.802372][ T12] ---[ end trace 0000000000000000 ]---
[ 461.802458][ T12] RIP: 0010:pm_nl_exit_net+0x16c/0x4b0
[ 461.802543][ T12] Code: 4c 01 fd 80 7d 00 00 0f 85 37 02 00 00 4c 8b 73 40 49 8d 76 08 48 89 f0 48 c1 e8 03 42 80 3c 38 00 0f 85 ed 02 00 00 4c 89 f1 <49> 8b 46 08 48 c1 e9 03 42 80 3c 39 00 0f 85 b6 02 00 00 48 89 c7
[ 461.802828][ T12] RSP: 0018:ffa00000000c7a30 EFLAGS: 00010282
[ 461.802931][ T12] RAX: 0000000000000000 RBX: ff1100000c750b00 RCX: ffa00000067d7720
[ 461.803048][ T12] RDX: 0000000000000000 RSI: ffa00000067d7728 RDI: ffa00000000c79f8
[ 461.803167][ T12] RBP: ffe21c00018ea168 R08: 0000000000000008 R09: 0000000000000000
[ 461.803296][ T12] R10: 0000000000000003 R11: ffffffffa6995140 R12: ff1100000c750b40
[ 461.803417][ T12] R13: dead000000000122 R14: ffa00000067d7720 R15: dffffc0000000000
[ 461.803538][ T12] FS: 0000000000000000(0000) GS:ff1100008d7e4000(0000) knlGS:0000000000000000
[ 461.803682][ T12] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 461.803781][ T12] CR2: ffa00000067d7728 CR3: 0000000019ca0002 CR4: 0000000000771ef0
[ 461.803900][ T12] PKRU: 55555554
[ 461.803960][ T12] Kernel panic - not syncing: Fatal exception
[ 461.804198][ T12] Kernel Offset: 0x22000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[ 461.804383][ T12] ---[ end Kernel panic - not syncing: Fatal exception ]---
WAIT TIMEOUT stderr
Ctrl-C stderr
Ctrl-C stderr
WAIT TIMEOUT stderr