Warning: Permanently added '10.128.1.168' (ED25519) to the list of known hosts.
2024/10/12 19:21:20 ignoring optional flag "sandboxArg"="0"
2024/10/12 19:21:20 ignoring optional flag "type"="gce"
2024/10/12 19:21:20 parsed 1 programs
2024/10/12 19:21:22 executed programs: 0
[   65.432805][ T3767] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k FS
[   65.608497][ T3869] chnl_net:caif_netlink_parms(): no params data found
[   65.646397][ T3869] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.653658][ T3869] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.661384][ T3869] device bridge_slave_0 entered promiscuous mode
[   65.670056][ T3869] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.677214][ T3869] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.685333][ T3869] device bridge_slave_1 entered promiscuous mode
[   65.704641][ T3869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.715671][ T3869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.737204][ T3869] team0: Port device team_slave_0 added
[   65.744465][ T3869] team0: Port device team_slave_1 added
[   65.760963][ T3869] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.768020][ T3869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.794129][ T3869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.805851][ T3869] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.812839][ T3869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.839149][ T3869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.866527][ T3869] device hsr_slave_0 entered promiscuous mode
[   65.873575][ T3869] device hsr_slave_1 entered promiscuous mode
[   66.374766][ T3869] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   66.386966][ T3869] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   66.415437][ T3869] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   66.453051][ T3869] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   66.497835][ T3869] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.504953][ T3869] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.512355][ T3869] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.519441][ T3869] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.607271][ T1215] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.615760][ T1215] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.650069][ T3869] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.664925][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   66.676001][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   66.687911][ T3869] 8021q: adding VLAN 0 to HW filter on device team0
[   66.700182][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   66.710227][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   66.720251][ T1215] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.727702][ T1215] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.748730][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   66.759029][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   66.768141][ T1215] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.775270][ T1215] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.788134][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   66.797181][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   66.807959][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   66.817618][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   66.836237][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   66.844319][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   66.854532][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   66.863520][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   66.873019][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   66.886071][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   66.896107][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   66.907530][ T3869] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   67.004032][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   67.011530][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   67.027020][ T3869] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.048576][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   67.060230][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   67.085350][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   67.094917][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   67.106049][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   67.115351][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   67.126390][ T3869] device veth0_vlan entered promiscuous mode
[   67.140178][ T3869] device veth1_vlan entered promiscuous mode
[   67.166227][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   67.175415][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   67.186342][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   67.195318][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   67.207585][ T3869] device veth0_macvtap entered promiscuous mode
[   67.219053][ T3869] device veth1_macvtap entered promiscuous mode
[   67.237098][ T3869] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.247784][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   67.256406][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   67.265024][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   67.275438][ T1215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   67.287487][ T3869] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.299882][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   67.309249][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   67.321653][ T3869] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.331016][ T3869] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.340565][ T3869] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.350223][ T3869] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.419650][ T1215] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.432199][ T1215] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.450816][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   67.467202][ T1121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.476679][ T1121] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.488230][ T1121] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   67.543768][ T3977] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   67.563240][ T3931] Bluetooth: hci0: command 0x0409 tx timeout
[   67.593994][ T3981] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   67.631954][ T3987] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   67.665306][ T3989] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   67.707114][ T3993] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   67.773142][ T4000] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   67.801088][ T4002] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   67.830038][ T4005] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   67.867182][ T4008] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   67.925300][ T4012] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   69.636210][ T3570] Bluetooth: hci0: command 0x041b tx timeout
2024/10/12 19:21:27 executed programs: 98
[   71.412967][ T1389] ieee802154 phy0 wpan0: encryption failed: -22
[   71.419681][ T1389] ieee802154 phy1 wpan1: encryption failed: -22
[   71.712665][ T3588] Bluetooth: hci0: command 0x040f tx timeout
[   72.572759][ T4518] __nla_validate_parse: 150 callbacks suppressed
[   72.572774][ T4518] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   72.607169][ T4521] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   72.646019][ T4524] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   72.685419][ T4527] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   72.726497][ T4532] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   72.767277][ T4536] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   72.809932][ T4541] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   72.859946][ T4546] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   72.899224][ T4550] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   72.961913][ T4556] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   73.791915][ T3570] Bluetooth: hci0: command 0x0419 tx timeout
2024/10/12 19:21:32 executed programs: 313
[   76.517149][ T1073] cfg80211: failed to load regulatory.db
[   77.596324][ T5096] __nla_validate_parse: 265 callbacks suppressed
[   77.596334][ T5096] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   77.626791][ T5098] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   77.653201][ T5100] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   77.677541][ T5102] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   77.702192][ T5104] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   77.729273][ T5106] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   77.752758][ T5108] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   77.775286][ T5110] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   77.798135][ T5112] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   77.822512][ T5114] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   78.138467][ T5150] ==================================================================
[   78.146848][ T5150] BUG: KASAN: use-after-free in dump_schedule+0xbd/0x940
[   78.153876][ T5150] Read of size 8 at addr ffff888148464840 by task syz-executor.0/5150
[   78.162099][ T5150] 
[   78.164513][ T5150] CPU: 1 PID: 5150 Comm: syz-executor.0 Not tainted 5.15.167-syzkaller #0
[   78.173071][ T5150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   78.183112][ T5150] Call Trace:
[   78.186374][ T5150]  <TASK>
[   78.189487][ T5150]  dump_stack_lvl+0x1e3/0x2d0
[   78.194149][ T5150]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   78.199761][ T5150]  ? _printk+0xd1/0x120
[   78.203904][ T5150]  ? __wake_up_klogd+0xcc/0x100
[   78.208732][ T5150]  ? panic+0x860/0x860
[   78.212866][ T5150]  ? _raw_spin_lock_irqsave+0xdd/0x120
[   78.218408][ T5150]  print_address_description+0x63/0x3b0
[   78.223933][ T5150]  ? dump_schedule+0xbd/0x940
[   78.228808][ T5150]  kasan_report+0x16b/0x1c0
[   78.233310][ T5150]  ? dump_schedule+0xbd/0x940
[   78.237976][ T5150]  dump_schedule+0xbd/0x940
[   78.242479][ T5150]  ? read_lock_is_recursive+0x10/0x10
[   78.247864][ T5150]  ? arch_stack_walk+0xf3/0x140
[   78.252696][ T5150]  ? taprio_offload_config_changed+0x220/0x220
[   78.258835][ T5150]  ? skb_put+0x110/0x1f0
[   78.263085][ T5150]  ? nla_put+0x12d/0x1e0
[   78.267312][ T5150]  ? memcpy+0x3c/0x60
[   78.271269][ T5150]  ? nla_put+0x12d/0x1e0
[   78.275589][ T5150]  taprio_dump+0xa85/0xeb0
[   78.280004][ T5150]  ? taprio_attach+0x420/0x420
[   78.284758][ T5150]  ? ____kasan_kmalloc+0xba/0xf0
[   78.289699][ T5150]  ? __kmalloc_node_track_caller+0x195/0x390
[   78.295692][ T5150]  ? qdisc_notify+0x75/0x380
[   78.300288][ T5150]  ? rtnetlink_rcv_msg+0x993/0xee0
[   78.305387][ T5150]  ? sock_common_setsockopt+0x80/0xc0
[   78.310769][ T5150]  ? skb_put+0x110/0x1f0
[   78.315448][ T5150]  ? nla_put+0x12d/0x1e0
[   78.319855][ T5150]  ? memcpy+0x3c/0x60
[   78.323819][ T5150]  ? nla_put+0x12d/0x1e0
[   78.328274][ T5150]  tc_fill_qdisc+0x698/0x11d0
[   78.333259][ T5150]  ? qdisc_root_sleeping_running+0xb0/0xb0
[   78.339205][ T5150]  ? __alloc_skb+0x397/0x590
[   78.343839][ T5150]  qdisc_notify+0x1e4/0x380
[   78.348910][ T5150]  tc_modify_qdisc+0x1573/0x1760
[   78.354036][ T5150]  ? rcu_lock_release+0x20/0x20
[   78.358889][ T5150]  ? rcu_lock_release+0x20/0x20
[   78.363737][ T5150]  rtnetlink_rcv_msg+0x993/0xee0
[   78.369089][ T5150]  ? rtnetlink_bind+0x80/0x80
[   78.373791][ T5150]  ? __local_bh_enable_ip+0x164/0x1f0
[   78.379337][ T5150]  ? lockdep_hardirqs_on+0x94/0x130
[   78.384559][ T5150]  ? __local_bh_enable_ip+0x164/0x1f0
[   78.390114][ T5150]  ? local_bh_enable+0x5/0x20
[   78.394805][ T5150]  ? _local_bh_enable+0xa0/0xa0
[   78.399842][ T5150]  ? __dev_queue_xmit+0x1c56/0x3230
[   78.405044][ T5150]  ? __copy_skb_header+0x47b/0x600
[   78.410157][ T5150]  ? dev_queue_xmit+0x20/0x20
[   78.414815][ T5150]  ? memcpy+0x3c/0x60
[   78.418792][ T5150]  ? __copy_skb_header+0x47b/0x600
[   78.424153][ T5150]  netlink_rcv_skb+0x1cf/0x410
[   78.429177][ T5150]  ? rtnetlink_bind+0x80/0x80
[   78.433831][ T5150]  ? netlink_ack+0xb10/0xb10
[   78.438405][ T5150]  netlink_unicast+0x7b6/0x980
[   78.443166][ T5150]  ? netlink_detachskb+0x90/0x90
[   78.448121][ T5150]  ? __virt_addr_valid+0x3bb/0x460
[   78.453214][ T5150]  ? 0xffffffff81000000
[   78.457349][ T5150]  ? __check_object_size+0x300/0x410
[   78.462618][ T5150]  ? bpf_lsm_netlink_send+0x5/0x10
[   78.467795][ T5150]  netlink_sendmsg+0xa30/0xd60
[   78.472717][ T5150]  ? netlink_getsockopt+0x5b0/0x5b0
[   78.477986][ T5150]  ? plist_check_list+0x20d/0x220
[   78.483092][ T5150]  ? aa_sock_msg_perm+0x91/0x150
[   78.488042][ T5150]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[   78.493318][ T5150]  ? security_socket_sendmsg+0x7d/0xa0
[   78.498804][ T5150]  ? netlink_getsockopt+0x5b0/0x5b0
[   78.504015][ T5150]  ____sys_sendmsg+0x59e/0x8f0
[   78.508862][ T5150]  ? iovec_from_user+0x300/0x390
[   78.513907][ T5150]  ? __sys_sendmsg_sock+0x30/0x30
[   78.518947][ T5150]  ___sys_sendmsg+0x252/0x2e0
[   78.523884][ T5150]  ? __sys_sendmsg+0x260/0x260
[   78.528659][ T5150]  ? __fdget+0x191/0x220
[   78.532991][ T5150]  __se_sys_sendmsg+0x19a/0x260
[   78.537826][ T5150]  ? __x64_sys_sendmsg+0x80/0x80
[   78.542764][ T5150]  ? syscall_enter_from_user_mode+0x2e/0x240
[   78.548749][ T5150]  ? lockdep_hardirqs_on+0x94/0x130
[   78.554014][ T5150]  ? syscall_enter_from_user_mode+0x2e/0x240
[   78.560112][ T5150]  do_syscall_64+0x3b/0xb0
[   78.564510][ T5150]  ? clear_bhb_loop+0x15/0x70
[   78.569216][ T5150]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   78.575232][ T5150] RIP: 0033:0x7fdc0e739da9
[   78.579644][ T5150] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   78.599342][ T5150] RSP: 002b:00007fdc0daba0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.607748][ T5150] RAX: ffffffffffffffda RBX: 00007fdc0e867f80 RCX: 00007fdc0e739da9
[   78.615714][ T5150] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004
[   78.623665][ T5150] RBP: 00007fdc0e78647a R08: 0000000000000000 R09: 0000000000000000
[   78.631615][ T5150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   78.639559][ T5150] R13: 000000000000000b R14: 00007fdc0e867f80 R15: 00007ffc4a02ca18
[   78.647608][ T5150]  </TASK>
[   78.650622][ T5150] 
[   78.652923][ T5150] Allocated by task 5144:
[   78.657222][ T5150]  ____kasan_kmalloc+0xba/0xf0
[   78.662002][ T5150]  kmem_cache_alloc_trace+0x143/0x290
[   78.667378][ T5150]  taprio_change+0x439/0x5010
[   78.672141][ T5150]  qdisc_change+0x274/0x600
[   78.676628][ T5150]  tc_modify_qdisc+0x151f/0x1760
[   78.681545][ T5150]  rtnetlink_rcv_msg+0x993/0xee0
[   78.686478][ T5150]  netlink_rcv_skb+0x1cf/0x410
[   78.691246][ T5150]  netlink_unicast+0x7b6/0x980
[   78.696111][ T5150]  netlink_sendmsg+0xa30/0xd60
[   78.700861][ T5150]  ____sys_sendmsg+0x59e/0x8f0
[   78.705603][ T5150]  ___sys_sendmsg+0x252/0x2e0
[   78.710339][ T5150]  __se_sys_sendmsg+0x19a/0x260
[   78.715198][ T5150]  do_syscall_64+0x3b/0xb0
[   78.719605][ T5150]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   78.725483][ T5150] 
[   78.727785][ T5150] Freed by task 14:
[   78.731560][ T5150]  kasan_set_track+0x4b/0x80
[   78.736131][ T5150]  kasan_set_free_info+0x1f/0x40
[   78.741047][ T5150]  ____kasan_slab_free+0xd8/0x120
[   78.746042][ T5150]  slab_free_freelist_hook+0xdd/0x160
[   78.751406][ T5150]  kfree+0xf1/0x270
[   78.755209][ T5150]  rcu_core+0xa15/0x1650
[   78.759431][ T5150]  handle_softirqs+0x3a7/0x930
[   78.764185][ T5150]  run_ksoftirqd+0xc6/0x120
[   78.768781][ T5150]  smpboot_thread_fn+0x51b/0x9d0
[   78.773705][ T5150]  kthread+0x3f6/0x4f0
[   78.777763][ T5150]  ret_from_fork+0x1f/0x30
[   78.782165][ T5150] 
[   78.784469][ T5150] Last potentially related work creation:
[   78.790181][ T5150]  kasan_save_stack+0x36/0x60
[   78.794858][ T5150]  kasan_record_aux_stack+0xba/0x100
[   78.800146][ T5150]  call_rcu+0x1c4/0xa70
[   78.804301][ T5150]  taprio_change+0x41e1/0x5010
[   78.809052][ T5150]  qdisc_change+0x274/0x600
[   78.813553][ T5150]  tc_modify_qdisc+0x151f/0x1760
[   78.818482][ T5150]  rtnetlink_rcv_msg+0x993/0xee0
[   78.823488][ T5150]  netlink_rcv_skb+0x1cf/0x410
[   78.828288][ T5150]  netlink_unicast+0x7b6/0x980
[   78.833070][ T5150]  netlink_sendmsg+0xa30/0xd60
[   78.838187][ T5150]  ____sys_sendmsg+0x59e/0x8f0
[   78.843043][ T5150]  ___sys_sendmsg+0x252/0x2e0
[   78.847911][ T5150]  __se_sys_sendmsg+0x19a/0x260
[   78.852838][ T5150]  do_syscall_64+0x3b/0xb0
[   78.857271][ T5150]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   78.863237][ T5150] 
[   78.865605][ T5150] The buggy address belongs to the object at ffff888148464800
[   78.865605][ T5150]  which belongs to the cache kmalloc-96 of size 96
[   78.879740][ T5150] The buggy address is located 64 bytes inside of
[   78.879740][ T5150]  96-byte region [ffff888148464800, ffff888148464860)
[   78.892844][ T5150] The buggy address belongs to the page:
[   78.898567][ T5150] page:ffffea0005211900 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x148464
[   78.908793][ T5150] flags: 0x57ff00000000200(slab|node=1|zone=2|lastcpupid=0x7ff)
[   78.916409][ T5150] raw: 057ff00000000200 ffffea00007c5e40 0000001600000016 ffff888017041780
[   78.925059][ T5150] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000
[   78.933612][ T5150] page dumped because: kasan: bad access detected
[   78.940014][ T5150] page_owner tracks the page as allocated
[   78.945836][ T5150] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 1, ts 8092317198, free_ts 0
[   78.960693][ T5150]  get_page_from_freelist+0x322a/0x33c0
[   78.966228][ T5150]  __alloc_pages+0x272/0x700
[   78.970801][ T5150]  alloc_page_interleave+0x22/0x1c0
[   78.976071][ T5150]  new_slab+0xbb/0x4b0
[   78.980135][ T5150]  ___slab_alloc+0x6f6/0xe10
[   78.984768][ T5150]  kmem_cache_alloc_trace+0x1a0/0x290
[   78.990156][ T5150]  usb_hub_create_port_device+0xbf/0xb20
[   78.995886][ T5150]  hub_probe+0x23d3/0x3480
[   79.000291][ T5150]  usb_probe_interface+0x5c0/0xaf0
[   79.005430][ T5150]  really_probe+0x24e/0xb60
[   79.009929][ T5150]  __driver_probe_device+0x1a2/0x3d0
[   79.015221][ T5150]  driver_probe_device+0x50/0x420
[   79.020244][ T5150]  __device_attach_driver+0x2b9/0x500
[   79.025603][ T5150]  bus_for_each_drv+0x183/0x200
[   79.030466][ T5150]  __device_attach+0x359/0x570
[   79.035323][ T5150]  bus_probe_device+0xba/0x1e0
[   79.040087][ T5150] page_owner free stack trace missing
[   79.045519][ T5150] 
[   79.047936][ T5150] Memory state around the buggy address:
[   79.053540][ T5150]  ffff888148464700: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   79.061698][ T5150]  ffff888148464780: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   79.069748][ T5150] >ffff888148464800: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   79.077813][ T5150]                                            ^
[   79.083947][ T5150]  ffff888148464880: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[   79.092083][ T5150]  ffff888148464900: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   79.100234][ T5150] ==================================================================
[   79.108277][ T5150] Disabling lock debugging due to kernel taint
[   79.116289][ T5150] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   79.123500][ T5150] CPU: 1 PID: 5150 Comm: syz-executor.0 Tainted: G    B             5.15.167-syzkaller #0
[   79.133383][ T5150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   79.143423][ T5150] Call Trace:
[   79.146698][ T5150]  <TASK>
[   79.149611][ T5150]  dump_stack_lvl+0x1e3/0x2d0
[   79.154287][ T5150]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   79.159922][ T5150]  ? panic+0x860/0x860
[   79.163970][ T5150]  ? rcu_is_watching+0x11/0xa0
[   79.168723][ T5150]  ? preempt_schedule_common+0xa6/0xd0
[   79.174173][ T5150]  panic+0x318/0x860
[   79.178063][ T5150]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[   79.184304][ T5150]  ? check_panic_on_warn+0x1d/0xa0
[   79.189401][ T5150]  ? fb_is_primary_device+0xd0/0xd0
[   79.194587][ T5150]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[   79.200563][ T5150]  ? _raw_spin_unlock+0x40/0x40
[   79.205505][ T5150]  check_panic_on_warn+0x7e/0xa0
[   79.210529][ T5150]  ? dump_schedule+0xbd/0x940
[   79.215188][ T5150]  end_report+0x6d/0xf0
[   79.219333][ T5150]  kasan_report+0x18e/0x1c0
[   79.223813][ T5150]  ? dump_schedule+0xbd/0x940
[   79.228495][ T5150]  dump_schedule+0xbd/0x940
[   79.232996][ T5150]  ? read_lock_is_recursive+0x10/0x10
[   79.238346][ T5150]  ? arch_stack_walk+0xf3/0x140
[   79.243265][ T5150]  ? taprio_offload_config_changed+0x220/0x220
[   79.249411][ T5150]  ? skb_put+0x110/0x1f0
[   79.253661][ T5150]  ? nla_put+0x12d/0x1e0
[   79.257907][ T5150]  ? memcpy+0x3c/0x60
[   79.261873][ T5150]  ? nla_put+0x12d/0x1e0
[   79.266286][ T5150]  taprio_dump+0xa85/0xeb0
[   79.270686][ T5150]  ? taprio_attach+0x420/0x420
[   79.275434][ T5150]  ? ____kasan_kmalloc+0xba/0xf0
[   79.280359][ T5150]  ? __kmalloc_node_track_caller+0x195/0x390
[   79.286331][ T5150]  ? qdisc_notify+0x75/0x380
[   79.290911][ T5150]  ? rtnetlink_rcv_msg+0x993/0xee0
[   79.296006][ T5150]  ? sock_common_setsockopt+0x80/0xc0
[   79.301452][ T5150]  ? skb_put+0x110/0x1f0
[   79.305697][ T5150]  ? nla_put+0x12d/0x1e0
[   79.309939][ T5150]  ? memcpy+0x3c/0x60
[   79.314011][ T5150]  ? nla_put+0x12d/0x1e0
[   79.318249][ T5150]  tc_fill_qdisc+0x698/0x11d0
[   79.322921][ T5150]  ? qdisc_root_sleeping_running+0xb0/0xb0
[   79.328737][ T5150]  ? __alloc_skb+0x397/0x590
[   79.333403][ T5150]  qdisc_notify+0x1e4/0x380
[   79.338117][ T5150]  tc_modify_qdisc+0x1573/0x1760
[   79.343064][ T5150]  ? rcu_lock_release+0x20/0x20
[   79.347903][ T5150]  ? rcu_lock_release+0x20/0x20
[   79.352756][ T5150]  rtnetlink_rcv_msg+0x993/0xee0
[   79.357777][ T5150]  ? rtnetlink_bind+0x80/0x80
[   79.362448][ T5150]  ? __local_bh_enable_ip+0x164/0x1f0
[   79.367812][ T5150]  ? lockdep_hardirqs_on+0x94/0x130
[   79.372995][ T5150]  ? __local_bh_enable_ip+0x164/0x1f0
[   79.378356][ T5150]  ? local_bh_enable+0x5/0x20
[   79.383032][ T5150]  ? _local_bh_enable+0xa0/0xa0
[   79.387865][ T5150]  ? __dev_queue_xmit+0x1c56/0x3230
[   79.393177][ T5150]  ? __copy_skb_header+0x47b/0x600
[   79.398278][ T5150]  ? dev_queue_xmit+0x20/0x20
[   79.402956][ T5150]  ? memcpy+0x3c/0x60
[   79.406920][ T5150]  ? __copy_skb_header+0x47b/0x600
[   79.412021][ T5150]  netlink_rcv_skb+0x1cf/0x410
[   79.416768][ T5150]  ? rtnetlink_bind+0x80/0x80
[   79.421900][ T5150]  ? netlink_ack+0xb10/0xb10
[   79.426895][ T5150]  netlink_unicast+0x7b6/0x980
[   79.431749][ T5150]  ? netlink_detachskb+0x90/0x90
[   79.436848][ T5150]  ? __virt_addr_valid+0x3bb/0x460
[   79.441986][ T5150]  ? 0xffffffff81000000
[   79.446220][ T5150]  ? __check_object_size+0x300/0x410
[   79.451486][ T5150]  ? bpf_lsm_netlink_send+0x5/0x10
[   79.456606][ T5150]  netlink_sendmsg+0xa30/0xd60
[   79.461360][ T5150]  ? netlink_getsockopt+0x5b0/0x5b0
[   79.466560][ T5150]  ? plist_check_list+0x20d/0x220
[   79.471585][ T5150]  ? aa_sock_msg_perm+0x91/0x150
[   79.476522][ T5150]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[   79.481806][ T5150]  ? security_socket_sendmsg+0x7d/0xa0
[   79.487278][ T5150]  ? netlink_getsockopt+0x5b0/0x5b0
[   79.492488][ T5150]  ____sys_sendmsg+0x59e/0x8f0
[   79.497252][ T5150]  ? iovec_from_user+0x300/0x390
[   79.502258][ T5150]  ? __sys_sendmsg_sock+0x30/0x30
[   79.507268][ T5150]  ___sys_sendmsg+0x252/0x2e0
[   79.512018][ T5150]  ? __sys_sendmsg+0x260/0x260
[   79.516786][ T5150]  ? __fdget+0x191/0x220
[   79.521011][ T5150]  __se_sys_sendmsg+0x19a/0x260
[   79.525846][ T5150]  ? __x64_sys_sendmsg+0x80/0x80
[   79.530769][ T5150]  ? syscall_enter_from_user_mode+0x2e/0x240
[   79.536757][ T5150]  ? lockdep_hardirqs_on+0x94/0x130
[   79.541942][ T5150]  ? syscall_enter_from_user_mode+0x2e/0x240
[   79.547900][ T5150]  do_syscall_64+0x3b/0xb0
[   79.552296][ T5150]  ? clear_bhb_loop+0x15/0x70
[   79.556978][ T5150]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   79.562868][ T5150] RIP: 0033:0x7fdc0e739da9
[   79.567294][ T5150] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   79.587059][ T5150] RSP: 002b:00007fdc0daba0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.595460][ T5150] RAX: ffffffffffffffda RBX: 00007fdc0e867f80 RCX: 00007fdc0e739da9
[   79.603436][ T5150] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004
[   79.611389][ T5150] RBP: 00007fdc0e78647a R08: 0000000000000000 R09: 0000000000000000
[   79.619360][ T5150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   79.627320][ T5150] R13: 000000000000000b R14: 00007fdc0e867f80 R15: 00007ffc4a02ca18
[   79.635281][ T5150]  </TASK>
[   79.638565][ T5150] Kernel Offset: disabled
[   79.642902][ T5150] Rebooting in 86400 seconds..