Warning: Permanently added '10.128.1.91' (ED25519) to the list of known hosts.
2024/04/23 07:58:46 ignoring optional flag "sandboxArg"="0"
2024/04/23 07:58:46 parsed 1 programs
2024/04/23 07:58:48 executed programs: 0
[   90.044178][ T5427] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   90.098893][ T4480] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   90.107243][ T4480] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   90.115072][ T4480] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   90.123487][ T4480] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   90.132040][ T4480] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   90.139915][ T4480] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   90.254621][ T5434] chnl_net:caif_netlink_parms(): no params data found
[   90.306159][ T5434] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.313407][ T5434] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.320837][ T5434] bridge_slave_0: entered allmulticast mode
[   90.327541][ T5434] bridge_slave_0: entered promiscuous mode
[   90.335639][ T5434] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.343089][ T5434] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.350422][ T5434] bridge_slave_1: entered allmulticast mode
[   90.357144][ T5434] bridge_slave_1: entered promiscuous mode
[   90.381015][ T5434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.393492][ T5434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.419776][ T5434] team0: Port device team_slave_0 added
[   90.427611][ T5434] team0: Port device team_slave_1 added
[   90.450519][ T5434] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.457478][ T5434] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.483495][ T5434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.495763][ T5434] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.503337][ T5434] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.529381][ T5434] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.564703][ T5434] hsr_slave_0: entered promiscuous mode
[   90.572165][ T5434] hsr_slave_1: entered promiscuous mode
[   91.147668][ T5434] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   91.162556][ T5434] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   91.173816][ T5434] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   91.185411][ T5434] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   91.215608][ T5434] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.222842][ T5434] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.230625][ T5434] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.238703][ T5434] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.308549][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.318850][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.350990][ T5434] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.376751][ T5434] 8021q: adding VLAN 0 to HW filter on device team0
[   91.393079][   T44] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.400380][   T44] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.422402][   T44] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.429623][   T44] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.653580][ T5434] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.703451][ T5434] veth0_vlan: entered promiscuous mode
[   91.718407][ T5434] veth1_vlan: entered promiscuous mode
[   91.754577][ T5434] veth0_macvtap: entered promiscuous mode
[   91.766102][ T5434] veth1_macvtap: entered promiscuous mode
[   91.792214][ T5434] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.811693][ T5434] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.825354][ T5434] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.837230][ T5434] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.847820][ T5434] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.858990][ T5434] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.961628][ T5094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.971910][ T5094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.011298][ T1056] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.024077][ T1056] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.070011][ T5500] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   92.089649][ T5500] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   92.106339][ T5500] Zero length message leads to an empty skb
[   92.138174][ T5504] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   92.149005][ T5504] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   92.183440][ T4480] Bluetooth: hci0: command tx timeout
[   92.197979][ T5508] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   92.208874][ T5508] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   92.252626][ T5510] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   92.262904][ T5510] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   92.316639][ T5514] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   92.341675][ T5514] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   94.260706][ T4480] Bluetooth: hci0: command tx timeout
2024/04/23 07:58:53 executed programs: 65
[   96.339459][ T4480] Bluetooth: hci0: command tx timeout
[   97.094023][ T5862] __nla_validate_parse: 210 callbacks suppressed
[   97.094043][ T5862] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   97.112215][ T5862] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   97.148743][ T5865] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   97.158850][ T5865] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   97.208871][ T5868] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   97.220136][ T5868] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   97.264958][ T5870] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   97.275479][ T5870] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   97.343592][ T5876] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   97.354560][ T5876] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[   98.314996][ T5946] ==================================================================
[   98.323172][ T5946] BUG: KASAN: slab-use-after-free in taprio_dump+0x857/0xd50
[   98.330553][ T5946] Read of size 4 at addr ffff888015776cc0 by task syz-executor.0/5946
[   98.338695][ T5946] 
[   98.341004][ T5946] CPU: 0 PID: 5946 Comm: syz-executor.0 Not tainted 6.9.0-rc5-syzkaller-00031-g71b1543c83d6 #0
[   98.351476][ T5946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   98.361517][ T5946] Call Trace:
[   98.364834][ T5946]  <TASK>
[   98.367754][ T5946]  dump_stack_lvl+0x241/0x360
[   98.372443][ T5946]  ? __pfx_dump_stack_lvl+0x10/0x10
[   98.377725][ T5946]  ? __pfx__printk+0x10/0x10
[   98.382319][ T5946]  ? _printk+0xd5/0x120
[   98.386467][ T5946]  ? __virt_addr_valid+0x183/0x520
[   98.391582][ T5946]  ? __virt_addr_valid+0x183/0x520
[   98.396692][ T5946]  print_report+0x169/0x550
[   98.401188][ T5946]  ? __virt_addr_valid+0x183/0x520
[   98.406290][ T5946]  ? __virt_addr_valid+0x183/0x520
[   98.411393][ T5946]  ? __virt_addr_valid+0x44e/0x520
[   98.416507][ T5946]  ? __phys_addr+0xba/0x170
[   98.421001][ T5946]  ? taprio_dump+0x857/0xd50
[   98.425577][ T5946]  kasan_report+0x143/0x180
[   98.430068][ T5946]  ? taprio_dump+0x857/0xd50
[   98.434652][ T5946]  taprio_dump+0x857/0xd50
[   98.439054][ T5946]  ? __alloc_skb+0x1f3/0x440
[   98.443641][ T5946]  ? __pfx_taprio_dump+0x10/0x10
[   98.448666][ T5946]  ? __asan_memcpy+0x40/0x70
[   98.453342][ T5946]  ? nla_put+0x131/0x1e0
[   98.457581][ T5946]  tc_fill_qdisc+0x6a9/0x1210
[   98.462344][ T5946]  ? __alloc_skb+0x1f3/0x440
[   98.466934][ T5946]  ? __pfx_tc_fill_qdisc+0x10/0x10
[   98.472057][ T5946]  ? __build_skb_around+0x245/0x3d0
[   98.477350][ T5946]  ? __pfx___alloc_skb+0x10/0x10
[   98.482293][ T5946]  qdisc_notify+0x2ec/0x4b0
[   98.486878][ T5946]  tc_modify_qdisc+0x1c58/0x1e40
[   98.491831][ T5946]  ? __pfx_tc_modify_qdisc+0x10/0x10
[   98.497129][ T5946]  ? __pfx_tc_modify_qdisc+0x10/0x10
[   98.502428][ T5946]  rtnetlink_rcv_msg+0x89b/0x10d0
[   98.507461][ T5946]  ? rtnetlink_rcv_msg+0x208/0x10d0
[   98.512673][ T5946]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   98.519022][ T5946]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   98.524579][ T5946]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   98.530556][ T5946]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   98.536874][ T5946]  ? __local_bh_enable_ip+0x168/0x200
[   98.542236][ T5946]  ? lockdep_hardirqs_on+0x99/0x150
[   98.547429][ T5946]  ? __local_bh_enable_ip+0x168/0x200
[   98.552789][ T5946]  ? dev_hard_start_xmit+0x773/0x7e0
[   98.558066][ T5946]  ? __dev_queue_xmit+0x2c7/0x3ca0
[   98.563167][ T5946]  ? __pfx___local_bh_enable_ip+0x10/0x10
[   98.568875][ T5946]  ? __dev_queue_xmit+0x2c7/0x3ca0
[   98.573982][ T5946]  ? __dev_queue_xmit+0x1697/0x3ca0
[   98.579257][ T5946]  ? __dev_queue_xmit+0x2c7/0x3ca0
[   98.584447][ T5946]  ? ref_tracker_free+0x643/0x7e0
[   98.589461][ T5946]  netlink_rcv_skb+0x1e3/0x430
[   98.594216][ T5946]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   98.599665][ T5946]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   98.604948][ T5946]  ? netlink_deliver_tap+0x2e/0x1b0
[   98.610135][ T5946]  netlink_unicast+0x7ea/0x980
[   98.614899][ T5946]  ? __pfx_netlink_unicast+0x10/0x10
[   98.620347][ T5946]  ? __virt_addr_valid+0x44e/0x520
[   98.625453][ T5946]  ? __phys_addr_symbol+0x2f/0x70
[   98.630470][ T5946]  ? __check_object_size+0x4bc/0xa00
[   98.635744][ T5946]  ? bpf_lsm_netlink_send+0x9/0x10
[   98.640865][ T5946]  netlink_sendmsg+0x8e1/0xcb0
[   98.645626][ T5946]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.650899][ T5946]  ? __import_iovec+0x361/0x820
[   98.655852][ T5946]  ? aa_sock_msg_perm+0x91/0x160
[   98.660797][ T5946]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   98.666441][ T5946]  ? security_socket_sendmsg+0x87/0xb0
[   98.671940][ T5946]  ? __pfx_netlink_sendmsg+0x10/0x10
[   98.677231][ T5946]  __sock_sendmsg+0x221/0x270
[   98.681912][ T5946]  ____sys_sendmsg+0x525/0x7d0
[   98.686684][ T5946]  ? __pfx_____sys_sendmsg+0x10/0x10
[   98.691969][ T5946]  __sys_sendmmsg+0x3b2/0x740
[   98.696650][ T5946]  ? __pfx___sys_sendmmsg+0x10/0x10
[   98.701858][ T5946]  ? __pfx___might_resched+0x10/0x10
[   98.707222][ T5946]  ? __might_fault+0xaa/0x120
[   98.711920][ T5946]  ? __pfx_lock_release+0x10/0x10
[   98.717113][ T5946]  ? do_futex+0x33b/0x560
[   98.721462][ T5946]  ? __rseq_handle_notify_resume+0x353/0x14e0
[   98.727557][ T5946]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   98.733531][ T5946]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   98.739853][ T5946]  ? do_syscall_64+0x102/0x240
[   98.744611][ T5946]  __x64_sys_sendmmsg+0xa0/0xb0
[   98.749457][ T5946]  do_syscall_64+0xf5/0x240
[   98.753955][ T5946]  ? clear_bhb_loop+0x35/0x90
[   98.758714][ T5946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.764603][ T5946] RIP: 0033:0x7fe78707dda9
[   98.769011][ T5946] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   98.788626][ T5946] RSP: 002b:00007fe787d440c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   98.797056][ T5946] RAX: ffffffffffffffda RBX: 00007fe7871abf80 RCX: 00007fe78707dda9
[   98.805035][ T5946] RDX: 0492492492492856 RSI: 0000000020000140 RDI: 0000000000000003
[   98.813055][ T5946] RBP: 00007fe7870ca47a R08: 0000000000000000 R09: 0000000000000000
[   98.821124][ T5946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   98.829106][ T5946] R13: 000000000000000b R14: 00007fe7871abf80 R15: 00007ffde6169dd8
[   98.837122][ T5946]  </TASK>
[   98.840138][ T5946] 
[   98.842451][ T5946] Allocated by task 5942:
[   98.846767][ T5946]  kasan_save_track+0x3f/0x80
[   98.851629][ T5946]  __kasan_kmalloc+0x98/0xb0
[   98.856219][ T5946]  kmalloc_trace+0x1db/0x360
[   98.860805][ T5946]  taprio_change+0x1030/0x42d0
[   98.865558][ T5946]  tc_modify_qdisc+0x190d/0x1e40
[   98.870491][ T5946]  rtnetlink_rcv_msg+0x89b/0x10d0
[   98.875512][ T5946]  netlink_rcv_skb+0x1e3/0x430
[   98.880351][ T5946]  netlink_unicast+0x7ea/0x980
[   98.885128][ T5946]  netlink_sendmsg+0x8e1/0xcb0
[   98.889883][ T5946]  __sock_sendmsg+0x221/0x270
[   98.894564][ T5946]  ____sys_sendmsg+0x525/0x7d0
[   98.899407][ T5946]  __sys_sendmmsg+0x3b2/0x740
[   98.904074][ T5946]  __x64_sys_sendmmsg+0xa0/0xb0
[   98.908909][ T5946]  do_syscall_64+0xf5/0x240
[   98.913410][ T5946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.919294][ T5946] 
[   98.921603][ T5946] Freed by task 5944:
[   98.925565][ T5946]  kasan_save_track+0x3f/0x80
[   98.930244][ T5946]  kasan_save_free_info+0x40/0x50
[   98.935255][ T5946]  poison_slab_object+0xa6/0xe0
[   98.940102][ T5946]  __kasan_slab_free+0x37/0x60
[   98.944858][ T5946]  kfree+0x153/0x3a0
[   98.948739][ T5946]  rcu_core+0xafd/0x1830
[   98.953011][ T5946]  __do_softirq+0x2c6/0x980
[   98.957509][ T5946] 
[   98.959820][ T5946] Last potentially related work creation:
[   98.965865][ T5946]  kasan_save_stack+0x3f/0x60
[   98.970533][ T5946]  __kasan_record_aux_stack+0xac/0xc0
[   98.975892][ T5946]  call_rcu+0x167/0xa70
[   98.980045][ T5946]  taprio_change+0x32d9/0x42d0
[   98.984885][ T5946]  tc_modify_qdisc+0x190d/0x1e40
[   98.989822][ T5946]  rtnetlink_rcv_msg+0x89b/0x10d0
[   98.994833][ T5946]  netlink_rcv_skb+0x1e3/0x430
[   98.999585][ T5946]  netlink_unicast+0x7ea/0x980
[   99.004337][ T5946]  netlink_sendmsg+0x8e1/0xcb0
[   99.009105][ T5946]  __sock_sendmsg+0x221/0x270
[   99.013859][ T5946]  ____sys_sendmsg+0x525/0x7d0
[   99.018705][ T5946]  __sys_sendmmsg+0x3b2/0x740
[   99.023368][ T5946]  __x64_sys_sendmmsg+0xa0/0xb0
[   99.028205][ T5946]  do_syscall_64+0xf5/0x240
[   99.032699][ T5946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.038582][ T5946] 
[   99.040981][ T5946] The buggy address belongs to the object at ffff888015776c00
[   99.040981][ T5946]  which belongs to the cache kmalloc-512 of size 512
[   99.055106][ T5946] The buggy address is located 192 bytes inside of
[   99.055106][ T5946]  freed 512-byte region [ffff888015776c00, ffff888015776e00)
[   99.068892][ T5946] 
[   99.071224][ T5946] The buggy address belongs to the physical page:
[   99.077616][ T5946] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x15774
[   99.086360][ T5946] head: order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   99.093894][ T5946] anon flags: 0xfff80000000840(slab|head|node=0|zone=1|lastcpupid=0xfff)
[   99.102298][ T5946] page_type: 0xffffffff()
[   99.106702][ T5946] raw: 00fff80000000840 ffff888015041c80 0000000000000000 dead000000000001
[   99.115272][ T5946] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   99.123937][ T5946] head: 00fff80000000840 ffff888015041c80 0000000000000000 dead000000000001
[   99.132606][ T5946] head: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   99.141263][ T5946] head: 00fff80000000002 ffffea000055dd01 ffffea000055dd48 00000000ffffffff
[   99.149925][ T5946] head: 0000000400000000 0000000000000000 00000000ffffffff 0000000000000000
[   99.158665][ T5946] page dumped because: kasan: bad access detected
[   99.165068][ T5946] page_owner tracks the page as allocated
[   99.170766][ T5946] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4537, tgid -960859137 (udevadm), ts 4537, free_ts 20475970218
[   99.191596][ T5946]  post_alloc_hook+0x1ea/0x210
[   99.196353][ T5946]  get_page_from_freelist+0x3410/0x35b0
[   99.201984][ T5946]  __alloc_pages+0x256/0x6c0
[   99.206564][ T5946]  alloc_slab_page+0x5f/0x160
[   99.211233][ T5946]  new_slab+0x84/0x2f0
[   99.215291][ T5946]  ___slab_alloc+0xc73/0x1260
[   99.219964][ T5946]  kmalloc_trace+0x269/0x360
[   99.224631][ T5946]  kernfs_fop_open+0x3e0/0xd10
[   99.229394][ T5946]  do_dentry_open+0x907/0x15a0
[   99.234146][ T5946]  path_openat+0x2860/0x3240
[   99.238730][ T5946]  do_filp_open+0x235/0x490
[   99.243223][ T5946]  do_sys_openat2+0x13e/0x1d0
[   99.247892][ T5946]  __x64_sys_openat+0x247/0x2a0
[   99.252735][ T5946]  do_syscall_64+0xf5/0x240
[   99.257317][ T5946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.263295][ T5946] page last free pid 4536 tgid 4536 stack trace:
[   99.269604][ T5946]  free_unref_page_prepare+0x986/0xab0
[   99.275080][ T5946]  free_unref_page+0x37/0x3f0
[   99.279830][ T5946]  __put_partials+0xeb/0x130
[   99.284412][ T5946]  put_cpu_partial+0x17c/0x250
[   99.289170][ T5946]  __slab_free+0x2ea/0x3d0
[   99.293585][ T5946]  qlist_free_all+0x5e/0xc0
[   99.298091][ T5946]  kasan_quarantine_reduce+0x14f/0x170
[   99.303543][ T5946]  __kasan_slab_alloc+0x23/0x80
[   99.308475][ T5946]  kmem_cache_alloc+0x174/0x340
[   99.313316][ T5946]  vm_area_dup+0x27/0x290
[   99.317641][ T5946]  copy_mm+0xd7f/0x2180
[   99.321785][ T5946]  copy_process+0x187a/0x3df0
[   99.326559][ T5946]  kernel_clone+0x226/0x8f0
[   99.331049][ T5946]  __x64_sys_clone+0x258/0x2a0
[   99.335801][ T5946]  do_syscall_64+0xf5/0x240
[   99.340306][ T5946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.346191][ T5946] 
[   99.348671][ T5946] Memory state around the buggy address:
[   99.354286][ T5946]  ffff888015776b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   99.362336][ T5946]  ffff888015776c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   99.370490][ T5946] >ffff888015776c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   99.378563][ T5946]                                            ^
[   99.384706][ T5946]  ffff888015776d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   99.392756][ T5946]  ffff888015776d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   99.400804][ T5946] ==================================================================
[   99.419644][ T5946] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   99.426873][ T5946] CPU: 1 PID: 5946 Comm: syz-executor.0 Not tainted 6.9.0-rc5-syzkaller-00031-g71b1543c83d6 #0
[   99.437193][ T5946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   99.447415][ T5946] Call Trace:
[   99.450717][ T5946]  <TASK>
[   99.453641][ T5946]  dump_stack_lvl+0x241/0x360
[   99.458328][ T5946]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.463523][ T5946]  ? __pfx__printk+0x10/0x10
[   99.468107][ T5946]  ? preempt_schedule+0xe1/0xf0
[   99.473139][ T5946]  ? vscnprintf+0x5d/0x90
[   99.477465][ T5946]  panic+0x349/0x860
[   99.481359][ T5946]  ? check_panic_on_warn+0x21/0xb0
[   99.486465][ T5946]  ? __pfx_panic+0x10/0x10
[   99.490877][ T5946]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[   99.497210][ T5946]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   99.503540][ T5946]  ? print_report+0x502/0x550
[   99.508208][ T5946]  check_panic_on_warn+0x86/0xb0
[   99.513232][ T5946]  ? taprio_dump+0x857/0xd50
[   99.517820][ T5946]  end_report+0x77/0x160
[   99.522139][ T5946]  kasan_report+0x154/0x180
[   99.526633][ T5946]  ? taprio_dump+0x857/0xd50
[   99.531997][ T5946]  taprio_dump+0x857/0xd50
[   99.536403][ T5946]  ? __alloc_skb+0x1f3/0x440
[   99.541012][ T5946]  ? __pfx_taprio_dump+0x10/0x10
[   99.545943][ T5946]  ? __asan_memcpy+0x40/0x70
[   99.550545][ T5946]  ? nla_put+0x131/0x1e0
[   99.554876][ T5946]  tc_fill_qdisc+0x6a9/0x1210
[   99.559583][ T5946]  ? __alloc_skb+0x1f3/0x440
[   99.564180][ T5946]  ? __pfx_tc_fill_qdisc+0x10/0x10
[   99.569292][ T5946]  ? __build_skb_around+0x245/0x3d0
[   99.574506][ T5946]  ? __pfx___alloc_skb+0x10/0x10
[   99.579453][ T5946]  qdisc_notify+0x2ec/0x4b0
[   99.584044][ T5946]  tc_modify_qdisc+0x1c58/0x1e40
[   99.588983][ T5946]  ? __pfx_tc_modify_qdisc+0x10/0x10
[   99.594271][ T5946]  ? __pfx_tc_modify_qdisc+0x10/0x10
[   99.599551][ T5946]  rtnetlink_rcv_msg+0x89b/0x10d0
[   99.604577][ T5946]  ? rtnetlink_rcv_msg+0x208/0x10d0
[   99.609771][ T5946]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   99.616088][ T5946]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   99.621545][ T5946]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   99.627524][ T5946]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   99.633842][ T5946]  ? __local_bh_enable_ip+0x168/0x200
[   99.639206][ T5946]  ? lockdep_hardirqs_on+0x99/0x150
[   99.644398][ T5946]  ? __local_bh_enable_ip+0x168/0x200
[   99.649761][ T5946]  ? dev_hard_start_xmit+0x773/0x7e0
[   99.655122][ T5946]  ? __dev_queue_xmit+0x2c7/0x3ca0
[   99.660226][ T5946]  ? __pfx___local_bh_enable_ip+0x10/0x10
[   99.666028][ T5946]  ? __dev_queue_xmit+0x2c7/0x3ca0
[   99.671132][ T5946]  ? __dev_queue_xmit+0x1697/0x3ca0
[   99.676340][ T5946]  ? __dev_queue_xmit+0x2c7/0x3ca0
[   99.681472][ T5946]  ? ref_tracker_free+0x643/0x7e0
[   99.686493][ T5946]  netlink_rcv_skb+0x1e3/0x430
[   99.691248][ T5946]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   99.697748][ T5946]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   99.703117][ T5946]  ? netlink_deliver_tap+0x2e/0x1b0
[   99.708398][ T5946]  netlink_unicast+0x7ea/0x980
[   99.713166][ T5946]  ? __pfx_netlink_unicast+0x10/0x10
[   99.718447][ T5946]  ? __virt_addr_valid+0x44e/0x520
[   99.723556][ T5946]  ? __phys_addr_symbol+0x2f/0x70
[   99.728574][ T5946]  ? __check_object_size+0x4bc/0xa00
[   99.733850][ T5946]  ? bpf_lsm_netlink_send+0x9/0x10
[   99.739130][ T5946]  netlink_sendmsg+0x8e1/0xcb0
[   99.743918][ T5946]  ? __pfx_netlink_sendmsg+0x10/0x10
[   99.749216][ T5946]  ? __import_iovec+0x361/0x820
[   99.754070][ T5946]  ? aa_sock_msg_perm+0x91/0x160
[   99.759007][ T5946]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[   99.764298][ T5946]  ? security_socket_sendmsg+0x87/0xb0
[   99.769931][ T5946]  ? __pfx_netlink_sendmsg+0x10/0x10
[   99.775208][ T5946]  __sock_sendmsg+0x221/0x270
[   99.779889][ T5946]  ____sys_sendmsg+0x525/0x7d0
[   99.784827][ T5946]  ? __pfx_____sys_sendmsg+0x10/0x10
[   99.790110][ T5946]  __sys_sendmmsg+0x3b2/0x740
[   99.794786][ T5946]  ? __pfx___sys_sendmmsg+0x10/0x10
[   99.800082][ T5946]  ? __pfx___might_resched+0x10/0x10
[   99.805367][ T5946]  ? __might_fault+0xaa/0x120
[   99.810042][ T5946]  ? __pfx_lock_release+0x10/0x10
[   99.815059][ T5946]  ? do_futex+0x33b/0x560
[   99.819387][ T5946]  ? __rseq_handle_notify_resume+0x353/0x14e0
[   99.825469][ T5946]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   99.831440][ T5946]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   99.837757][ T5946]  ? do_syscall_64+0x102/0x240
[   99.842516][ T5946]  __x64_sys_sendmmsg+0xa0/0xb0
[   99.847359][ T5946]  do_syscall_64+0xf5/0x240
[   99.851857][ T5946]  ? clear_bhb_loop+0x35/0x90
[   99.856525][ T5946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.862407][ T5946] RIP: 0033:0x7fe78707dda9
[   99.866815][ T5946] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   99.886420][ T5946] RSP: 002b:00007fe787d440c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   99.894921][ T5946] RAX: ffffffffffffffda RBX: 00007fe7871abf80 RCX: 00007fe78707dda9
[   99.902886][ T5946] RDX: 0492492492492856 RSI: 0000000020000140 RDI: 0000000000000003
[   99.910852][ T5946] RBP: 00007fe7870ca47a R08: 0000000000000000 R09: 0000000000000000
[   99.918811][ T5946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   99.926772][ T5946] R13: 000000000000000b R14: 00007fe7871abf80 R15: 00007ffde6169dd8
[   99.934742][ T5946]  </TASK>
[   99.938035][ T5946] Kernel Offset: disabled
[   99.942357][ T5946] Rebooting in 86400 seconds..