7.177507]  ? __mutex_unlock_slowpath+0xe8/0x6a0
[  397.183839]  __sys_sendmsg+0xd9/0x180
[  397.189568]  ? __ia32_sys_shutdown+0x70/0x70
[  397.194938]  ? __sb_end_write+0xa4/0xd0
[  397.200140]  ? kasan_check_write+0x14/0x20
[  397.205411]  ? fput+0x18/0x120
[  397.209204]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  397.215873]  __x64_sys_sendmsg+0x73/0xb0
[  397.221303]  do_syscall_64+0xd0/0x4e0
[  397.225771]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  397.231953] RIP: 0033:0x463d89
[  397.235600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  397.258432] RSP: 002b:00007f7034126198 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  397.267839] RAX: ffffffffffffffda RBX: 00000000000009fa RCX: 0000000000463d89
[  397.277593] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000008
[  397.286406] RBP: 000000000000002e R08: 0000000000000000 R09: 0000000000000000
[  397.294914] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000053c040
[  397.304279] R13: 00007f70341266bc R14: 0000000000000009 R15: 0000000000000001
[  397.327602] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  397.343209] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  397.365490] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[  397.383917] FAULT_INJECTION: forcing a failure.
[  397.383917] name failslab, interval 1, probability 0, space 0, times 0
[  397.400554] CPU: 1 PID: 13895 Comm: syz-executor.3 Not tainted 4.19.183-syzkaller #0
[  397.409835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  397.421011] Call Trace:
[  397.424231]  dump_stack+0x123/0x171
[  397.428191]  should_fail.cold.4+0x5/0xa
[  397.432820]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[  397.438633]  ? lock_downgrade+0x860/0x860
[  397.443127]  ? ___might_sleep+0x16b/0x270
[  397.448681]  __should_failslab+0xba/0xf0
[  397.453069]  should_failslab+0x9/0x20
[  397.461927]  kmem_cache_alloc_trace+0x2cb/0x740
[  397.469325]  ? qfq_change_class+0xa93/0x14e0
[  397.480731]  ? qfq_change_class+0xa93/0x14e0
[  397.487285]  ? __local_bh_enable_ip+0x160/0x260
[  397.498483]  qfq_change_class+0xad9/0x14e0
[  397.503396]  ? qfq_delete_class+0x2d0/0x2d0
[  397.509272]  ? nla_parse+0x197/0x280
[  397.514735]  tc_ctl_tclass+0x3e9/0xba0
[  397.520740]  ? qdisc_tree_reduce_backlog+0x560/0x560
[  397.528064]  ? find_held_lock+0x36/0x1d0
[  397.533094]  rtnetlink_rcv_msg+0x34f/0x8f0
[  397.538514]  ? rtnetlink_put_metrics+0x490/0x490
[  397.544982]  ? find_held_lock+0x36/0x1d0
[  397.550272]  netlink_rcv_skb+0x13e/0x3d0
[  397.555416]  ? lock_downgrade+0x860/0x860
[  397.561656]  ? rtnetlink_put_metrics+0x490/0x490
[  397.568336]  ? netlink_ack+0xa70/0xa70
[  397.573514]  ? netlink_deliver_tap+0x182/0xb00
[  397.579746]  rtnetlink_rcv+0x10/0x20
[  397.585195]  netlink_unicast+0x443/0x650
[  397.590782]  ? netlink_attachskb+0x6c0/0x6c0
[  397.595896]  ? _copy_from_iter_full+0x182/0x720
[  397.601392]  ? __check_object_size+0x1ef/0x310
[  397.607971]  ? security_socket_getpeersec_dgram+0x53/0xa0
[  397.614769]  netlink_sendmsg+0x764/0xc60
[  397.620103]  ? netlink_unicast+0x650/0x650
[  397.624863]  ? apparmor_socket_sendmsg+0x1b/0x20
[  397.630960]  ? netlink_unicast+0x650/0x650
[  397.636203]  sock_sendmsg+0xb5/0xf0
[  397.640483]  ___sys_sendmsg+0x647/0x950
[  397.645266]  ? find_held_lock+0x36/0x1d0
[  397.650440]  ? copy_msghdr_from_user+0x430/0x430
[  397.656456]  ? __fget+0x278/0x400
[  397.660688]  ? kasan_check_read+0x11/0x20
[  397.665716]  ? __fget+0x295/0x400
[  397.670076]  ? expand_files.part.8+0x700/0x700
[  397.675125]  ? __f_unlock_pos+0xd/0x10
[  397.679429]  ? __fget_light+0x174/0x1e0
[  397.684045]  ? __fdget+0xe/0x10
[  397.687950]  ? __mutex_unlock_slowpath+0xe8/0x6a0
[  397.693653]  __sys_sendmsg+0xd9/0x180
[  397.699404]  ? __ia32_sys_shutdown+0x70/0x70
[  397.709156]  ? __sb_end_write+0xa4/0xd0
[  397.714673]  ? kasan_check_write+0x14/0x20
[  397.720224]  ? fput+0x18/0x120
[  397.723418]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  397.730744]  __x64_sys_sendmsg+0x73/0xb0
[  397.735482]  do_syscall_64+0xd0/0x4e0
[  397.740335]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  397.746676] RIP: 0033:0x463d89
[  397.750057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  397.782266] RSP: 002b:00007fa2ad1a6198 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  397.794177] RAX: ffffffffffffffda RBX: 00000000000009fa RCX: 0000000000463d89
[  397.808352] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000008
[  397.817841] RBP: 000000000000002e R08: 0000000000000000 R09: 0000000000000000
[  397.826713] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000053c040
[  397.835056] R13: 00007fa2ad1a66bc R14: 0000000000000009 R15: 0000000000000001
[  397.844421] FAULT_INJECTION: forcing a failure.
[  397.844421] name failslab, interval 1, probability 0, space 0, times 0
[  397.858572] CPU: 1 PID: 13896 Comm: syz-executor.5 Not tainted 4.19.183-syzkaller #0
[  397.868605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  397.879552] Call Trace:
[  397.882124]  dump_stack+0x123/0x171
[  397.886084]  should_fail.cold.4+0x5/0xa
[  397.890678]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[  397.898023]  ? lock_downgrade+0x860/0x860
[  397.903672]  ? ___might_sleep+0x16b/0x270
[  397.908505]  __should_failslab+0xba/0xf0
[  397.913358]  should_failslab+0x9/0x20
[  397.917503]  kmem_cache_alloc_trace+0x2cb/0x740
[  397.923160]  ? qfq_change_class+0xa93/0x14e0
[  397.929062]  ? qfq_change_class+0xa93/0x14e0
[  397.934385]  ? __local_bh_enable_ip+0x160/0x260
[  397.939941]  qfq_change_class+0xad9/0x14e0
[  397.945111]  ? qfq_delete_class+0x2d0/0x2d0
[  397.951596]  ? nla_parse+0x197/0x280
[  397.956728]  tc_ctl_tclass+0x3e9/0xba0
[  397.961621]  ? qdisc_tree_reduce_backlog+0x560/0x560
[  397.967031]  ? find_held_lock+0x36/0x1d0
[  397.971507]  rtnetlink_rcv_msg+0x34f/0x8f0
[  397.977415]  ? rtnetlink_put_metrics+0x490/0x490
[  397.983700]  ? find_held_lock+0x36/0x1d0
[  397.989148]  netlink_rcv_skb+0x13e/0x3d0
[  397.996240]  ? lock_downgrade+0x860/0x860
[  398.002687]  ? rtnetlink_put_metrics+0x490/0x490
[  398.008363]  ? netlink_ack+0xa70/0xa70
[  398.013731]  ? netlink_deliver_tap+0x182/0xb00
[  398.019479]  rtnetlink_rcv+0x10/0x20
[  398.024765]  netlink_unicast+0x443/0x650
[  398.030755]  ? netlink_attachskb+0x6c0/0x6c0
[  398.036162]  ? _copy_from_iter_full+0x182/0x720
[  398.041814]  ? __check_object_size+0x1ef/0x310
[  398.047696]  ? security_socket_getpeersec_dgram+0x53/0xa0
[  398.055667]  netlink_sendmsg+0x764/0xc60
[  398.062538]  ? netlink_unicast+0x650/0x650
[  398.069171]  ? apparmor_socket_sendmsg+0x1b/0x20
[  398.076982]  ? netlink_unicast+0x650/0x650
[  398.082400]  sock_sendmsg+0xb5/0xf0
[  398.087013]  ___sys_sendmsg+0x647/0x950
[  398.095560]  ? find_held_lock+0x36/0x1d0
[  398.099817]  ? copy_msghdr_from_user+0x430/0x430
[  398.105481]  ? __fget+0x278/0x400
[  398.109943]  ? kasan_check_read+0x11/0x20
[  398.114670]  ? __fget+0x295/0x400
[  398.118667]  ? expand_files.part.8+0x700/0x700
[  398.123926]  ? __f_unlock_pos+0xd/0x10
[  398.128898]  ? __fget_light+0x174/0x1e0
[  398.133776]  ? __fdget+0xe/0x10
[  398.137995]  ? __mutex_unlock_slowpath+0xe8/0x6a0
[  398.144773]  __sys_sendmsg+0xd9/0x180
[  398.149929]  ? __ia32_sys_shutdown+0x70/0x70
[  398.156325]  ? __sb_end_write+0xa4/0xd0
[  398.162875]  ? kasan_check_write+0x14/0x20
[  398.167461]  ? fput+0x18/0x120
[  398.171871]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  398.178263]  __x64_sys_sendmsg+0x73/0xb0
[  398.185718]  do_syscall_64+0xd0/0x4e0
[  398.190703]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  398.196795] RIP: 0033:0x463d89
[  398.200595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  398.223640] RSP: 002b:00007facf21ea198 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  398.233395] RAX: ffffffffffffffda RBX: 00000000000009fa RCX: 0000000000463d89
[  398.242541] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000008
[  398.252085] RBP: 000000000000002e R08: 0000000000000000 R09: 0000000000000000
[  398.261983] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000053c040
[  398.272525] R13: 00007facf21ea6bc R14: 0000000000000009 R15: 0000000000000001
[  398.901460] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  398.920088] batman_adv: batadv0: Removing interface: batadv_slave_0
[  398.930770] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  398.938647] batman_adv: batadv0: Removing interface: batadv_slave_1
[  398.952667] device bridge_slave_1 left promiscuous mode
[  398.959730] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.002133] device bridge_slave_0 left promiscuous mode
[  399.008229] bridge0: port 1(bridge_slave_0) entered disabled state
[  399.044724] device veth1_macvtap left promiscuous mode
[  399.052384] device veth0_macvtap left promiscuous mode
[  399.058560] device veth1_vlan left promiscuous mode
[  399.064722] device veth0_vlan left promiscuous mode
[  399.115477] ==================================================================
[  399.125119] BUG: KASAN: use-after-free in qfq_reset_qdisc+0x216/0x290
[  399.132366] Read of size 8 at addr ffff8881dd4e3d08 by task kworker/u4:1/23
[  399.141552] 
[  399.143608] CPU: 1 PID: 23 Comm: kworker/u4:1 Not tainted 4.19.183-syzkaller #0
[  399.153090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  399.165104] Workqueue: netns cleanup_net
[  399.170119] Call Trace:
[  399.172793]  dump_stack+0x123/0x171
[  399.176854]  print_address_description.cold.8+0x9/0x1ff
[  399.184626]  kasan_report.cold.9+0x242/0x2fe
[  399.189752]  ? qfq_reset_qdisc+0x216/0x290
[  399.195103]  __asan_report_load8_noabort+0x14/0x20
[  399.202091]  qfq_reset_qdisc+0x216/0x290
[  399.207673]  qdisc_destroy+0xfb/0x650
[  399.211829]  ? __lock_is_held+0xb5/0x140
[  399.216080]  dev_shutdown+0x236/0x410
[  399.220414]  rollback_registered_many+0x4b7/0xb50
[  399.226943]  ? kernfs_put+0x2d4/0x540
[  399.231459]  ? netif_set_real_num_tx_queues+0x620/0x620
[  399.238243]  ? kasan_check_write+0x14/0x20
[  399.243317]  ? kernfs_put+0x2e6/0x540
[  399.247635]  ? unregister_netdevice_queue+0xf3/0x240
[  399.253328]  unregister_netdevice_many+0x3e/0x1f0
[  399.259606]  default_device_exit_batch+0x2e4/0x3d0
[  399.265553]  ? unregister_netdevice_many+0x1f0/0x1f0
[  399.271796]  ? rtnl_unlock+0x9/0x10
[  399.275897]  ? default_device_exit+0x1c5/0x260
[  399.280937]  ? do_wait_intr_irq+0x310/0x310
[  399.286283]  ops_exit_list.isra.5+0xd3/0x120
[  399.291725]  cleanup_net+0x368/0x850
[  399.296236]  ? net_drop_ns+0x60/0x60
[  399.300123]  ? __lock_is_held+0xb5/0x140
[  399.305203]  process_one_work+0x830/0x1670
[  399.311235]  ? pwq_dec_nr_in_flight+0x2c0/0x2c0
[  399.317039]  ? lock_acquire+0x173/0x3d0
[  399.321485]  ? kasan_check_write+0x14/0x20
[  399.327094]  ? do_raw_spin_lock+0xd0/0x240
[  399.333062]  worker_thread+0x85/0xb60
[  399.338434]  ? __kthread_parkme+0x37/0x1c0
[  399.343114]  kthread+0x347/0x410
[  399.347541]  ? process_one_work+0x1670/0x1670
[  399.353602]  ? kthread_cancel_delayed_work_sync+0x10/0x10
[  399.360950]  ret_from_fork+0x24/0x30
[  399.368501] 
[  399.370701] Allocated by task 13877:
[  399.375799]  save_stack+0x43/0xd0
[  399.380198]  kasan_kmalloc+0xc7/0xe0
[  399.384639]  kmem_cache_alloc_trace+0x152/0x740
[  399.389661]  qfq_change_class+0x613/0x14e0
[  399.394947]  tc_ctl_tclass+0x3e9/0xba0
[  399.400877]  rtnetlink_rcv_msg+0x34f/0x8f0
[  399.407022]  netlink_rcv_skb+0x13e/0x3d0
[  399.412509]  rtnetlink_rcv+0x10/0x20
[  399.417677]  netlink_unicast+0x443/0x650
[  399.423859]  netlink_sendmsg+0x764/0xc60
[  399.428261]  sock_sendmsg+0xb5/0xf0
[  399.432673]  ___sys_sendmsg+0x647/0x950
[  399.438804]  __sys_sendmsg+0xd9/0x180
[  399.443124]  __x64_sys_sendmsg+0x73/0xb0
[  399.447712]  do_syscall_64+0xd0/0x4e0
[  399.452439]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  399.459073] 
[  399.461144] Freed by task 13877:
[  399.465798]  save_stack+0x43/0xd0
[  399.471858]  __kasan_slab_free+0x102/0x150
[  399.479006]  kasan_slab_free+0xe/0x10
[  399.487299]  kfree+0xcf/0x220
[  399.492488]  qfq_change_class+0xd44/0x14e0
[  399.499880]  tc_ctl_tclass+0x3e9/0xba0
[  399.506611]  rtnetlink_rcv_msg+0x34f/0x8f0
[  399.511575]  netlink_rcv_skb+0x13e/0x3d0
[  399.519726]  rtnetlink_rcv+0x10/0x20
[  399.525777]  netlink_unicast+0x443/0x650
[  399.531605]  netlink_sendmsg+0x764/0xc60
[  399.537168]  sock_sendmsg+0xb5/0xf0
[  399.543185]  ___sys_sendmsg+0x647/0x950
[  399.547586]  __sys_sendmsg+0xd9/0x180
[  399.552569]  __x64_sys_sendmsg+0x73/0xb0
[  399.558198]  do_syscall_64+0xd0/0x4e0
[  399.562611]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  399.569227] 
[  399.570945] The buggy address belongs to the object at ffff8881dd4e3cc0
[  399.570945]  which belongs to the cache kmalloc-128 of size 128
[  399.585841] The buggy address is located 72 bytes inside of
[  399.585841]  128-byte region [ffff8881dd4e3cc0, ffff8881dd4e3d40)
[  399.599179] The buggy address belongs to the page:
[  399.605694] page:ffffea00077538c0 count:1 mapcount:0 mapping:ffff8881f6400640 index:0x0
[  399.615937] flags: 0x17ffe0000000100(slab)
[  399.621572] raw: 017ffe0000000100 ffffea0007758b88 ffffea000775b088 ffff8881f6400640
[  399.631255] raw: 0000000000000000 ffff8881dd4e3000 0000000100000015 0000000000000000
[  399.640327] page dumped because: kasan: bad access detected
[  399.647560] 
[  399.649177] Memory state around the buggy address:
[  399.654857]  ffff8881dd4e3c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  399.664243]  ffff8881dd4e3c80: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[  399.673539] >ffff8881dd4e3d00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  399.682764]                       ^
[  399.687521]  ffff8881dd4e3d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc
[  399.695829]  ffff8881dd4e3e00: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[  399.704498] ==================================================================
[  399.712800] Disabling lock debugging due to kernel taint
[  399.721344] kasan: CONFIG_KASAN_INLINE enabled
[  399.726240] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  399.735779] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[  399.742671] CPU: 1 PID: 23 Comm: kworker/u4:1 Tainted: G    B             4.19.183-syzkaller #0
[  399.753017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  399.764222] Workqueue: netns cleanup_net
[  399.769150] RIP: 0010:qfq_rm_from_agg.isra.18+0x4c/0x2b0
[  399.775114] Code: 08 80 3c 02 00 0f 85 11 02 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 1e 48 c7 06 00 00 00 00 48 8d 7b 40 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e be 01 00 00 8b 53 40 83 fa 01
[  399.797025] RSP: 0018:ffff8881f511f818 EFLAGS: 00010202
[  399.804196] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff8574899a
[  399.813106] RDX: 0000000000000008 RSI: ffff8881dd4e3d20 RDI: 0000000000000040
[  399.822039] RBP: ffff8881f511f840 R08: fffffbfff11351e5 R09: fffffbfff11351e4
[  399.831183] R10: fffffbfff11351e4 R11: ffffffff889a8f23 R12: ffff8881f03e9280
[  399.842061] R13: 0000000000000000 R14: 0000000000000000 R15: ffffed103e07d252
[  399.852672] FS:  0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000
[  399.863034] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  399.870547] CR2: 00007f4d0a4e1018 CR3: 000000000846d002 CR4: 00000000001606e0
[  399.879683] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  399.887660] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  399.895758] Call Trace:
[  399.898332]  qfq_destroy_class+0x18/0x60
[  399.903030]  qfq_destroy_qdisc+0x109/0x1b0
[  399.907759]  qdisc_destroy+0x128/0x650
[  399.912270]  ? __lock_is_held+0xb5/0x140
[  399.917849]  dev_shutdown+0x236/0x410
[  399.921750]  rollback_registered_many+0x4b7/0xb50
[  399.927600]  ? kernfs_put+0x2d4/0x540
[  399.932440]  ? netif_set_real_num_tx_queues+0x620/0x620
[  399.938451]  ? kasan_check_write+0x14/0x20
[  399.943079]  ? kernfs_put+0x2e6/0x540
[  399.947650]  ? unregister_netdevice_queue+0xf3/0x240
[  399.953897]  unregister_netdevice_many+0x3e/0x1f0
[  399.958861]  default_device_exit_batch+0x2e4/0x3d0
[  399.964051]  ? unregister_netdevice_many+0x1f0/0x1f0
[  399.970019]  ? rtnl_unlock+0x9/0x10
[  399.973974]  ? default_device_exit+0x1c5/0x260
[  399.979485]  ? do_wait_intr_irq+0x310/0x310
[  399.985555]  ops_exit_list.isra.5+0xd3/0x120
[  399.990637]  cleanup_net+0x368/0x850
[  399.995707]  ? net_drop_ns+0x60/0x60
[  400.000180]  ? __lock_is_held+0xb5/0x140
[  400.004874]  process_one_work+0x830/0x1670
[  400.009943]  ? pwq_dec_nr_in_flight+0x2c0/0x2c0
[  400.016019]  ? lock_acquire+0x173/0x3d0
[  400.022131]  ? kasan_check_write+0x14/0x20
[  400.026450]  ? do_raw_spin_lock+0xd0/0x240
[  400.031146]  worker_thread+0x85/0xb60
[  400.035726]  ? __kthread_parkme+0x37/0x1c0
[  400.040914]  kthread+0x347/0x410
[  400.045960]  ? process_one_work+0x1670/0x1670
[  400.052205]  ? kthread_cancel_delayed_work_sync+0x10/0x10
[  400.058188]  ret_from_fork+0x24/0x30
[  400.061977] Modules linked in:
[  400.067389] ---[ end trace 625a1f4fd5718a24 ]---
[  400.072466] RIP: 0010:qfq_rm_from_agg.isra.18+0x4c/0x2b0
[  400.079957] Code: 08 80 3c 02 00 0f 85 11 02 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 1e 48 c7 06 00 00 00 00 48 8d 7b 40 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e be 01 00 00 8b 53 40 83 fa 01
[  400.102903] RSP: 0018:ffff8881f511f818 EFLAGS: 00010202
[  400.109897] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff8574899a
[  400.118077] RDX: 0000000000000008 RSI: ffff8881dd4e3d20 RDI: 0000000000000040
[  400.127066] RBP: ffff8881f511f840 R08: fffffbfff11351e5 R09: fffffbfff11351e4
[  400.136287] R10: fffffbfff11351e4 R11: ffffffff889a8f23 R12: ffff8881f03e9280
[  400.145047] R13: 0000000000000000 R14: 0000000000000000 R15: ffffed103e07d252
[  400.153233] FS:  0000000000000000(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000
[  400.163733] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  400.170076] CR2: 00007f4d0a4e1018 CR3: 000000000846d002 CR4: 00000000001606e0
[  400.180047] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  400.191369] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  400.199883] Kernel panic - not syncing: Fatal exception
[  400.210954] Kernel Offset: disabled
[  400.215407] Rebooting in 86400 seconds..