Warning: Permanently added '10.128.1.91' (ED25519) to the list of known hosts.
2024/04/23 07:58:46 ignoring optional flag "sandboxArg"="0"
2024/04/23 07:58:46 parsed 1 programs
2024/04/23 07:58:48 executed programs: 0
[ 90.044178][ T5427] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 90.098893][ T4480] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 90.107243][ T4480] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 90.115072][ T4480] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 90.123487][ T4480] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 90.132040][ T4480] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 90.139915][ T4480] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 90.254621][ T5434] chnl_net:caif_netlink_parms(): no params data found
[ 90.306159][ T5434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 90.313407][ T5434] bridge0: port 1(bridge_slave_0) entered disabled state
[ 90.320837][ T5434] bridge_slave_0: entered allmulticast mode
[ 90.327541][ T5434] bridge_slave_0: entered promiscuous mode
[ 90.335639][ T5434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 90.343089][ T5434] bridge0: port 2(bridge_slave_1) entered disabled state
[ 90.350422][ T5434] bridge_slave_1: entered allmulticast mode
[ 90.357144][ T5434] bridge_slave_1: entered promiscuous mode
[ 90.381015][ T5434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 90.393492][ T5434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 90.419776][ T5434] team0: Port device team_slave_0 added
[ 90.427611][ T5434] team0: Port device team_slave_1 added
[ 90.450519][ T5434] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 90.457478][ T5434] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 90.483495][ T5434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 90.495763][ T5434] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 90.503337][ T5434] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 90.529381][ T5434] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 90.564703][ T5434] hsr_slave_0: entered promiscuous mode
[ 90.572165][ T5434] hsr_slave_1: entered promiscuous mode
[ 91.147668][ T5434] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 91.162556][ T5434] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 91.173816][ T5434] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 91.185411][ T5434] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 91.215608][ T5434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.222842][ T5434] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 91.230625][ T5434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.238703][ T5434] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 91.308549][ T56] bridge0: port 1(bridge_slave_0) entered disabled state
[ 91.318850][ T56] bridge0: port 2(bridge_slave_1) entered disabled state
[ 91.350990][ T5434] 8021q: adding VLAN 0 to HW filter on device bond0
[ 91.376751][ T5434] 8021q: adding VLAN 0 to HW filter on device team0
[ 91.393079][ T44] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.400380][ T44] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 91.422402][ T44] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.429623][ T44] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 91.653580][ T5434] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 91.703451][ T5434] veth0_vlan: entered promiscuous mode
[ 91.718407][ T5434] veth1_vlan: entered promiscuous mode
[ 91.754577][ T5434] veth0_macvtap: entered promiscuous mode
[ 91.766102][ T5434] veth1_macvtap: entered promiscuous mode
[ 91.792214][ T5434] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 91.811693][ T5434] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 91.825354][ T5434] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.837230][ T5434] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.847820][ T5434] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.858990][ T5434] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 91.961628][ T5094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 91.971910][ T5094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.011298][ T1056] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.024077][ T1056] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.070011][ T5500] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 92.089649][ T5500] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 92.106339][ T5500] Zero length message leads to an empty skb
[ 92.138174][ T5504] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 92.149005][ T5504] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 92.183440][ T4480] Bluetooth: hci0: command tx timeout
[ 92.197979][ T5508] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 92.208874][ T5508] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 92.252626][ T5510] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 92.262904][ T5510] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 92.316639][ T5514] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 92.341675][ T5514] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 94.260706][ T4480] Bluetooth: hci0: command tx timeout
2024/04/23 07:58:53 executed programs: 65
[ 96.339459][ T4480] Bluetooth: hci0: command tx timeout
[ 97.094023][ T5862] __nla_validate_parse: 210 callbacks suppressed
[ 97.094043][ T5862] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 97.112215][ T5862] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 97.148743][ T5865] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 97.158850][ T5865] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 97.208871][ T5868] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 97.220136][ T5868] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 97.264958][ T5870] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 97.275479][ T5870] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 97.343592][ T5876] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 97.354560][ T5876] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 98.314996][ T5946] ==================================================================
[ 98.323172][ T5946] BUG: KASAN: slab-use-after-free in taprio_dump+0x857/0xd50
[ 98.330553][ T5946] Read of size 4 at addr ffff888015776cc0 by task syz-executor.0/5946
[ 98.338695][ T5946]
[ 98.341004][ T5946] CPU: 0 PID: 5946 Comm: syz-executor.0 Not tainted 6.9.0-rc5-syzkaller-00031-g71b1543c83d6 #0
[ 98.351476][ T5946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 98.361517][ T5946] Call Trace:
[ 98.364834][ T5946]
[ 98.367754][ T5946] dump_stack_lvl+0x241/0x360
[ 98.372443][ T5946] ? __pfx_dump_stack_lvl+0x10/0x10
[ 98.377725][ T5946] ? __pfx__printk+0x10/0x10
[ 98.382319][ T5946] ? _printk+0xd5/0x120
[ 98.386467][ T5946] ? __virt_addr_valid+0x183/0x520
[ 98.391582][ T5946] ? __virt_addr_valid+0x183/0x520
[ 98.396692][ T5946] print_report+0x169/0x550
[ 98.401188][ T5946] ? __virt_addr_valid+0x183/0x520
[ 98.406290][ T5946] ? __virt_addr_valid+0x183/0x520
[ 98.411393][ T5946] ? __virt_addr_valid+0x44e/0x520
[ 98.416507][ T5946] ? __phys_addr+0xba/0x170
[ 98.421001][ T5946] ? taprio_dump+0x857/0xd50
[ 98.425577][ T5946] kasan_report+0x143/0x180
[ 98.430068][ T5946] ? taprio_dump+0x857/0xd50
[ 98.434652][ T5946] taprio_dump+0x857/0xd50
[ 98.439054][ T5946] ? __alloc_skb+0x1f3/0x440
[ 98.443641][ T5946] ? __pfx_taprio_dump+0x10/0x10
[ 98.448666][ T5946] ? __asan_memcpy+0x40/0x70
[ 98.453342][ T5946] ? nla_put+0x131/0x1e0
[ 98.457581][ T5946] tc_fill_qdisc+0x6a9/0x1210
[ 98.462344][ T5946] ? __alloc_skb+0x1f3/0x440
[ 98.466934][ T5946] ? __pfx_tc_fill_qdisc+0x10/0x10
[ 98.472057][ T5946] ? __build_skb_around+0x245/0x3d0
[ 98.477350][ T5946] ? __pfx___alloc_skb+0x10/0x10
[ 98.482293][ T5946] qdisc_notify+0x2ec/0x4b0
[ 98.486878][ T5946] tc_modify_qdisc+0x1c58/0x1e40
[ 98.491831][ T5946] ? __pfx_tc_modify_qdisc+0x10/0x10
[ 98.497129][ T5946] ? __pfx_tc_modify_qdisc+0x10/0x10
[ 98.502428][ T5946] rtnetlink_rcv_msg+0x89b/0x10d0
[ 98.507461][ T5946] ? rtnetlink_rcv_msg+0x208/0x10d0
[ 98.512673][ T5946] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 98.519022][ T5946] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 98.524579][ T5946] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 98.530556][ T5946] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 98.536874][ T5946] ? __local_bh_enable_ip+0x168/0x200
[ 98.542236][ T5946] ? lockdep_hardirqs_on+0x99/0x150
[ 98.547429][ T5946] ? __local_bh_enable_ip+0x168/0x200
[ 98.552789][ T5946] ? dev_hard_start_xmit+0x773/0x7e0
[ 98.558066][ T5946] ? __dev_queue_xmit+0x2c7/0x3ca0
[ 98.563167][ T5946] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 98.568875][ T5946] ? __dev_queue_xmit+0x2c7/0x3ca0
[ 98.573982][ T5946] ? __dev_queue_xmit+0x1697/0x3ca0
[ 98.579257][ T5946] ? __dev_queue_xmit+0x2c7/0x3ca0
[ 98.584447][ T5946] ? ref_tracker_free+0x643/0x7e0
[ 98.589461][ T5946] netlink_rcv_skb+0x1e3/0x430
[ 98.594216][ T5946] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 98.599665][ T5946] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 98.604948][ T5946] ? netlink_deliver_tap+0x2e/0x1b0
[ 98.610135][ T5946] netlink_unicast+0x7ea/0x980
[ 98.614899][ T5946] ? __pfx_netlink_unicast+0x10/0x10
[ 98.620347][ T5946] ? __virt_addr_valid+0x44e/0x520
[ 98.625453][ T5946] ? __phys_addr_symbol+0x2f/0x70
[ 98.630470][ T5946] ? __check_object_size+0x4bc/0xa00
[ 98.635744][ T5946] ? bpf_lsm_netlink_send+0x9/0x10
[ 98.640865][ T5946] netlink_sendmsg+0x8e1/0xcb0
[ 98.645626][ T5946] ? __pfx_netlink_sendmsg+0x10/0x10
[ 98.650899][ T5946] ? __import_iovec+0x361/0x820
[ 98.655852][ T5946] ? aa_sock_msg_perm+0x91/0x160
[ 98.660797][ T5946] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 98.666441][ T5946] ? security_socket_sendmsg+0x87/0xb0
[ 98.671940][ T5946] ? __pfx_netlink_sendmsg+0x10/0x10
[ 98.677231][ T5946] __sock_sendmsg+0x221/0x270
[ 98.681912][ T5946] ____sys_sendmsg+0x525/0x7d0
[ 98.686684][ T5946] ? __pfx_____sys_sendmsg+0x10/0x10
[ 98.691969][ T5946] __sys_sendmmsg+0x3b2/0x740
[ 98.696650][ T5946] ? __pfx___sys_sendmmsg+0x10/0x10
[ 98.701858][ T5946] ? __pfx___might_resched+0x10/0x10
[ 98.707222][ T5946] ? __might_fault+0xaa/0x120
[ 98.711920][ T5946] ? __pfx_lock_release+0x10/0x10
[ 98.717113][ T5946] ? do_futex+0x33b/0x560
[ 98.721462][ T5946] ? __rseq_handle_notify_resume+0x353/0x14e0
[ 98.727557][ T5946] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 98.733531][ T5946] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 98.739853][ T5946] ? do_syscall_64+0x102/0x240
[ 98.744611][ T5946] __x64_sys_sendmmsg+0xa0/0xb0
[ 98.749457][ T5946] do_syscall_64+0xf5/0x240
[ 98.753955][ T5946] ? clear_bhb_loop+0x35/0x90
[ 98.758714][ T5946] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 98.764603][ T5946] RIP: 0033:0x7fe78707dda9
[ 98.769011][ T5946] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 98.788626][ T5946] RSP: 002b:00007fe787d440c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 98.797056][ T5946] RAX: ffffffffffffffda RBX: 00007fe7871abf80 RCX: 00007fe78707dda9
[ 98.805035][ T5946] RDX: 0492492492492856 RSI: 0000000020000140 RDI: 0000000000000003
[ 98.813055][ T5946] RBP: 00007fe7870ca47a R08: 0000000000000000 R09: 0000000000000000
[ 98.821124][ T5946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 98.829106][ T5946] R13: 000000000000000b R14: 00007fe7871abf80 R15: 00007ffde6169dd8
[ 98.837122][ T5946]
[ 98.840138][ T5946]
[ 98.842451][ T5946] Allocated by task 5942:
[ 98.846767][ T5946] kasan_save_track+0x3f/0x80
[ 98.851629][ T5946] __kasan_kmalloc+0x98/0xb0
[ 98.856219][ T5946] kmalloc_trace+0x1db/0x360
[ 98.860805][ T5946] taprio_change+0x1030/0x42d0
[ 98.865558][ T5946] tc_modify_qdisc+0x190d/0x1e40
[ 98.870491][ T5946] rtnetlink_rcv_msg+0x89b/0x10d0
[ 98.875512][ T5946] netlink_rcv_skb+0x1e3/0x430
[ 98.880351][ T5946] netlink_unicast+0x7ea/0x980
[ 98.885128][ T5946] netlink_sendmsg+0x8e1/0xcb0
[ 98.889883][ T5946] __sock_sendmsg+0x221/0x270
[ 98.894564][ T5946] ____sys_sendmsg+0x525/0x7d0
[ 98.899407][ T5946] __sys_sendmmsg+0x3b2/0x740
[ 98.904074][ T5946] __x64_sys_sendmmsg+0xa0/0xb0
[ 98.908909][ T5946] do_syscall_64+0xf5/0x240
[ 98.913410][ T5946] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 98.919294][ T5946]
[ 98.921603][ T5946] Freed by task 5944:
[ 98.925565][ T5946] kasan_save_track+0x3f/0x80
[ 98.930244][ T5946] kasan_save_free_info+0x40/0x50
[ 98.935255][ T5946] poison_slab_object+0xa6/0xe0
[ 98.940102][ T5946] __kasan_slab_free+0x37/0x60
[ 98.944858][ T5946] kfree+0x153/0x3a0
[ 98.948739][ T5946] rcu_core+0xafd/0x1830
[ 98.953011][ T5946] __do_softirq+0x2c6/0x980
[ 98.957509][ T5946]
[ 98.959820][ T5946] Last potentially related work creation:
[ 98.965865][ T5946] kasan_save_stack+0x3f/0x60
[ 98.970533][ T5946] __kasan_record_aux_stack+0xac/0xc0
[ 98.975892][ T5946] call_rcu+0x167/0xa70
[ 98.980045][ T5946] taprio_change+0x32d9/0x42d0
[ 98.984885][ T5946] tc_modify_qdisc+0x190d/0x1e40
[ 98.989822][ T5946] rtnetlink_rcv_msg+0x89b/0x10d0
[ 98.994833][ T5946] netlink_rcv_skb+0x1e3/0x430
[ 98.999585][ T5946] netlink_unicast+0x7ea/0x980
[ 99.004337][ T5946] netlink_sendmsg+0x8e1/0xcb0
[ 99.009105][ T5946] __sock_sendmsg+0x221/0x270
[ 99.013859][ T5946] ____sys_sendmsg+0x525/0x7d0
[ 99.018705][ T5946] __sys_sendmmsg+0x3b2/0x740
[ 99.023368][ T5946] __x64_sys_sendmmsg+0xa0/0xb0
[ 99.028205][ T5946] do_syscall_64+0xf5/0x240
[ 99.032699][ T5946] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 99.038582][ T5946]
[ 99.040981][ T5946] The buggy address belongs to the object at ffff888015776c00
[ 99.040981][ T5946] which belongs to the cache kmalloc-512 of size 512
[ 99.055106][ T5946] The buggy address is located 192 bytes inside of
[ 99.055106][ T5946] freed 512-byte region [ffff888015776c00, ffff888015776e00)
[ 99.068892][ T5946]
[ 99.071224][ T5946] The buggy address belongs to the physical page:
[ 99.077616][ T5946] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x15774
[ 99.086360][ T5946] head: order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 99.093894][ T5946] anon flags: 0xfff80000000840(slab|head|node=0|zone=1|lastcpupid=0xfff)
[ 99.102298][ T5946] page_type: 0xffffffff()
[ 99.106702][ T5946] raw: 00fff80000000840 ffff888015041c80 0000000000000000 dead000000000001
[ 99.115272][ T5946] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 99.123937][ T5946] head: 00fff80000000840 ffff888015041c80 0000000000000000 dead000000000001
[ 99.132606][ T5946] head: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 99.141263][ T5946] head: 00fff80000000002 ffffea000055dd01 ffffea000055dd48 00000000ffffffff
[ 99.149925][ T5946] head: 0000000400000000 0000000000000000 00000000ffffffff 0000000000000000
[ 99.158665][ T5946] page dumped because: kasan: bad access detected
[ 99.165068][ T5946] page_owner tracks the page as allocated
[ 99.170766][ T5946] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4537, tgid -960859137 (udevadm), ts 4537, free_ts 20475970218
[ 99.191596][ T5946] post_alloc_hook+0x1ea/0x210
[ 99.196353][ T5946] get_page_from_freelist+0x3410/0x35b0
[ 99.201984][ T5946] __alloc_pages+0x256/0x6c0
[ 99.206564][ T5946] alloc_slab_page+0x5f/0x160
[ 99.211233][ T5946] new_slab+0x84/0x2f0
[ 99.215291][ T5946] ___slab_alloc+0xc73/0x1260
[ 99.219964][ T5946] kmalloc_trace+0x269/0x360
[ 99.224631][ T5946] kernfs_fop_open+0x3e0/0xd10
[ 99.229394][ T5946] do_dentry_open+0x907/0x15a0
[ 99.234146][ T5946] path_openat+0x2860/0x3240
[ 99.238730][ T5946] do_filp_open+0x235/0x490
[ 99.243223][ T5946] do_sys_openat2+0x13e/0x1d0
[ 99.247892][ T5946] __x64_sys_openat+0x247/0x2a0
[ 99.252735][ T5946] do_syscall_64+0xf5/0x240
[ 99.257317][ T5946] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 99.263295][ T5946] page last free pid 4536 tgid 4536 stack trace:
[ 99.269604][ T5946] free_unref_page_prepare+0x986/0xab0
[ 99.275080][ T5946] free_unref_page+0x37/0x3f0
[ 99.279830][ T5946] __put_partials+0xeb/0x130
[ 99.284412][ T5946] put_cpu_partial+0x17c/0x250
[ 99.289170][ T5946] __slab_free+0x2ea/0x3d0
[ 99.293585][ T5946] qlist_free_all+0x5e/0xc0
[ 99.298091][ T5946] kasan_quarantine_reduce+0x14f/0x170
[ 99.303543][ T5946] __kasan_slab_alloc+0x23/0x80
[ 99.308475][ T5946] kmem_cache_alloc+0x174/0x340
[ 99.313316][ T5946] vm_area_dup+0x27/0x290
[ 99.317641][ T5946] copy_mm+0xd7f/0x2180
[ 99.321785][ T5946] copy_process+0x187a/0x3df0
[ 99.326559][ T5946] kernel_clone+0x226/0x8f0
[ 99.331049][ T5946] __x64_sys_clone+0x258/0x2a0
[ 99.335801][ T5946] do_syscall_64+0xf5/0x240
[ 99.340306][ T5946] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 99.346191][ T5946]
[ 99.348671][ T5946] Memory state around the buggy address:
[ 99.354286][ T5946] ffff888015776b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 99.362336][ T5946] ffff888015776c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 99.370490][ T5946] >ffff888015776c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 99.378563][ T5946] ^
[ 99.384706][ T5946] ffff888015776d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 99.392756][ T5946] ffff888015776d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 99.400804][ T5946] ==================================================================
[ 99.419644][ T5946] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 99.426873][ T5946] CPU: 1 PID: 5946 Comm: syz-executor.0 Not tainted 6.9.0-rc5-syzkaller-00031-g71b1543c83d6 #0
[ 99.437193][ T5946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[ 99.447415][ T5946] Call Trace:
[ 99.450717][ T5946]
[ 99.453641][ T5946] dump_stack_lvl+0x241/0x360
[ 99.458328][ T5946] ? __pfx_dump_stack_lvl+0x10/0x10
[ 99.463523][ T5946] ? __pfx__printk+0x10/0x10
[ 99.468107][ T5946] ? preempt_schedule+0xe1/0xf0
[ 99.473139][ T5946] ? vscnprintf+0x5d/0x90
[ 99.477465][ T5946] panic+0x349/0x860
[ 99.481359][ T5946] ? check_panic_on_warn+0x21/0xb0
[ 99.486465][ T5946] ? __pfx_panic+0x10/0x10
[ 99.490877][ T5946] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 99.497210][ T5946] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 99.503540][ T5946] ? print_report+0x502/0x550
[ 99.508208][ T5946] check_panic_on_warn+0x86/0xb0
[ 99.513232][ T5946] ? taprio_dump+0x857/0xd50
[ 99.517820][ T5946] end_report+0x77/0x160
[ 99.522139][ T5946] kasan_report+0x154/0x180
[ 99.526633][ T5946] ? taprio_dump+0x857/0xd50
[ 99.531997][ T5946] taprio_dump+0x857/0xd50
[ 99.536403][ T5946] ? __alloc_skb+0x1f3/0x440
[ 99.541012][ T5946] ? __pfx_taprio_dump+0x10/0x10
[ 99.545943][ T5946] ? __asan_memcpy+0x40/0x70
[ 99.550545][ T5946] ? nla_put+0x131/0x1e0
[ 99.554876][ T5946] tc_fill_qdisc+0x6a9/0x1210
[ 99.559583][ T5946] ? __alloc_skb+0x1f3/0x440
[ 99.564180][ T5946] ? __pfx_tc_fill_qdisc+0x10/0x10
[ 99.569292][ T5946] ? __build_skb_around+0x245/0x3d0
[ 99.574506][ T5946] ? __pfx___alloc_skb+0x10/0x10
[ 99.579453][ T5946] qdisc_notify+0x2ec/0x4b0
[ 99.584044][ T5946] tc_modify_qdisc+0x1c58/0x1e40
[ 99.588983][ T5946] ? __pfx_tc_modify_qdisc+0x10/0x10
[ 99.594271][ T5946] ? __pfx_tc_modify_qdisc+0x10/0x10
[ 99.599551][ T5946] rtnetlink_rcv_msg+0x89b/0x10d0
[ 99.604577][ T5946] ? rtnetlink_rcv_msg+0x208/0x10d0
[ 99.609771][ T5946] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 99.616088][ T5946] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 99.621545][ T5946] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 99.627524][ T5946] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 99.633842][ T5946] ? __local_bh_enable_ip+0x168/0x200
[ 99.639206][ T5946] ? lockdep_hardirqs_on+0x99/0x150
[ 99.644398][ T5946] ? __local_bh_enable_ip+0x168/0x200
[ 99.649761][ T5946] ? dev_hard_start_xmit+0x773/0x7e0
[ 99.655122][ T5946] ? __dev_queue_xmit+0x2c7/0x3ca0
[ 99.660226][ T5946] ? __pfx___local_bh_enable_ip+0x10/0x10
[ 99.666028][ T5946] ? __dev_queue_xmit+0x2c7/0x3ca0
[ 99.671132][ T5946] ? __dev_queue_xmit+0x1697/0x3ca0
[ 99.676340][ T5946] ? __dev_queue_xmit+0x2c7/0x3ca0
[ 99.681472][ T5946] ? ref_tracker_free+0x643/0x7e0
[ 99.686493][ T5946] netlink_rcv_skb+0x1e3/0x430
[ 99.691248][ T5946] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 99.697748][ T5946] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 99.703117][ T5946] ? netlink_deliver_tap+0x2e/0x1b0
[ 99.708398][ T5946] netlink_unicast+0x7ea/0x980
[ 99.713166][ T5946] ? __pfx_netlink_unicast+0x10/0x10
[ 99.718447][ T5946] ? __virt_addr_valid+0x44e/0x520
[ 99.723556][ T5946] ? __phys_addr_symbol+0x2f/0x70
[ 99.728574][ T5946] ? __check_object_size+0x4bc/0xa00
[ 99.733850][ T5946] ? bpf_lsm_netlink_send+0x9/0x10
[ 99.739130][ T5946] netlink_sendmsg+0x8e1/0xcb0
[ 99.743918][ T5946] ? __pfx_netlink_sendmsg+0x10/0x10
[ 99.749216][ T5946] ? __import_iovec+0x361/0x820
[ 99.754070][ T5946] ? aa_sock_msg_perm+0x91/0x160
[ 99.759007][ T5946] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 99.764298][ T5946] ? security_socket_sendmsg+0x87/0xb0
[ 99.769931][ T5946] ? __pfx_netlink_sendmsg+0x10/0x10
[ 99.775208][ T5946] __sock_sendmsg+0x221/0x270
[ 99.779889][ T5946] ____sys_sendmsg+0x525/0x7d0
[ 99.784827][ T5946] ? __pfx_____sys_sendmsg+0x10/0x10
[ 99.790110][ T5946] __sys_sendmmsg+0x3b2/0x740
[ 99.794786][ T5946] ? __pfx___sys_sendmmsg+0x10/0x10
[ 99.800082][ T5946] ? __pfx___might_resched+0x10/0x10
[ 99.805367][ T5946] ? __might_fault+0xaa/0x120
[ 99.810042][ T5946] ? __pfx_lock_release+0x10/0x10
[ 99.815059][ T5946] ? do_futex+0x33b/0x560
[ 99.819387][ T5946] ? __rseq_handle_notify_resume+0x353/0x14e0
[ 99.825469][ T5946] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 99.831440][ T5946] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 99.837757][ T5946] ? do_syscall_64+0x102/0x240
[ 99.842516][ T5946] __x64_sys_sendmmsg+0xa0/0xb0
[ 99.847359][ T5946] do_syscall_64+0xf5/0x240
[ 99.851857][ T5946] ? clear_bhb_loop+0x35/0x90
[ 99.856525][ T5946] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 99.862407][ T5946] RIP: 0033:0x7fe78707dda9
[ 99.866815][ T5946] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 99.886420][ T5946] RSP: 002b:00007fe787d440c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 99.894921][ T5946] RAX: ffffffffffffffda RBX: 00007fe7871abf80 RCX: 00007fe78707dda9
[ 99.902886][ T5946] RDX: 0492492492492856 RSI: 0000000020000140 RDI: 0000000000000003
[ 99.910852][ T5946] RBP: 00007fe7870ca47a R08: 0000000000000000 R09: 0000000000000000
[ 99.918811][ T5946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 99.926772][ T5946] R13: 000000000000000b R14: 00007fe7871abf80 R15: 00007ffde6169dd8
[ 99.934742][ T5946]
[ 99.938035][ T5946] Kernel Offset: disabled
[ 99.942357][ T5946] Rebooting in 86400 seconds..