[  398.301973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  398.322366] RSP: 002b:00007f0cf2b0c198 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  398.330602] RAX: ffffffffffffffda RBX: 00000000000009fa RCX: 0000000000463d89
[  398.338729] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000008
[  398.346655] RBP: 000000000000002e R08: 0000000000000000 R09: 0000000000000000
[  398.354701] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000053bf00
[  398.362477] R13: 00007f0cf2b0c6bc R14: 0000000000000009 R15: 0000000000000001
[  398.375533] FAULT_INJECTION: forcing a failure.
[  398.375533] name failslab, interval 1, probability 0, space 0, times 0
[  398.398445] CPU: 0 PID: 13899 Comm: syz-executor.2 Not tainted 4.19.176-syzkaller #0
[  398.407829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  398.417988] Call Trace:
[  398.421029]  dump_stack+0x123/0x171
[  398.424933]  should_fail.cold.4+0x5/0xa
[  398.430923]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[  398.436122]  ? lock_downgrade+0x860/0x860
[  398.440362]  ? ___might_sleep+0x16b/0x270
[  398.444688]  __should_failslab+0xba/0xf0
[  398.448906]  should_failslab+0x9/0x20
[  398.453327]  kmem_cache_alloc_trace+0x2cb/0x740
[  398.458395]  ? qfq_change_class+0xa93/0x14e0
[  398.463252]  ? qfq_change_class+0xa93/0x14e0
[  398.468297]  ? __local_bh_enable_ip+0x160/0x260
[  398.473483]  qfq_change_class+0xad9/0x14e0
[  398.478111]  ? qfq_delete_class+0x2d0/0x2d0
[  398.483203]  ? nla_parse+0x197/0x280
[  398.486937]  tc_ctl_tclass+0x3e9/0xba0
[  398.490858]  ? qdisc_tree_reduce_backlog+0x560/0x560
[  398.496580]  ? find_held_lock+0x36/0x1d0
[  398.501331]  rtnetlink_rcv_msg+0x34f/0x8f0
[  398.505567]  ? rtnetlink_put_metrics+0x490/0x490
[  398.510907]  ? find_held_lock+0x36/0x1d0
[  398.515488]  netlink_rcv_skb+0x13e/0x3d0
[  398.519593]  ? lock_downgrade+0x860/0x860
[  398.523964]  ? rtnetlink_put_metrics+0x490/0x490
[  398.529335]  ? netlink_ack+0xa70/0xa70
[  398.533240]  ? netlink_deliver_tap+0x182/0xb00
[  398.538576]  rtnetlink_rcv+0x10/0x20
[  398.542816]  netlink_unicast+0x443/0x650
[  398.547690]  ? netlink_attachskb+0x6c0/0x6c0
[  398.552567]  ? _copy_from_iter_full+0x182/0x720
[  398.557693]  ? __check_object_size+0x1ef/0x310
[  398.562731]  ? security_socket_getpeersec_dgram+0x53/0xa0
[  398.568716]  netlink_sendmsg+0x764/0xc60
[  398.573077]  ? netlink_unicast+0x650/0x650
[  398.577404]  ? apparmor_socket_sendmsg+0x1b/0x20
[  398.582844]  ? netlink_unicast+0x650/0x650
[  398.587252]  sock_sendmsg+0xb5/0xf0
[  398.591146]  ___sys_sendmsg+0x647/0x950
[  398.595849]  ? find_held_lock+0x36/0x1d0
[  398.600185]  ? copy_msghdr_from_user+0x430/0x430
[  398.605542]  ? __fget+0x278/0x400
[  398.609763]  ? kasan_check_read+0x11/0x20
[  398.614359]  ? __fget+0x295/0x400
[  398.618099]  ? expand_files.part.8+0x700/0x700
[  398.623276]  ? __f_unlock_pos+0xd/0x10
[  398.627652]  ? __fget_light+0x174/0x1e0
[  398.632096]  ? __fdget+0xe/0x10
[  398.635460]  ? __mutex_unlock_slowpath+0xe8/0x6a0
[  398.641150]  __sys_sendmsg+0xd9/0x180
[  398.645949]  ? __ia32_sys_shutdown+0x70/0x70
[  398.650972]  ? __sb_end_write+0xa4/0xd0
[  398.655490]  ? kasan_check_write+0x14/0x20
[  398.660080]  ? fput+0x18/0x120
[  398.663546]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  398.669612]  __x64_sys_sendmsg+0x73/0xb0
[  398.674024]  do_syscall_64+0xd0/0x4e0
[  398.678521]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  398.683874] RIP: 0033:0x463d89
[  398.687366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  398.708638] RSP: 002b:00007f861c6af198 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  398.716881] RAX: ffffffffffffffda RBX: 00000000000009fa RCX: 0000000000463d89
[  398.725637] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000008
[  398.734674] RBP: 000000000000002e R08: 0000000000000000 R09: 0000000000000000
[  398.743563] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000053bf00
[  398.752056] R13: 00007f861c6af6bc R14: 0000000000000009 R15: 0000000000000001
[  398.767200] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'.
[  398.786092] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  398.803217] FAULT_INJECTION: forcing a failure.
[  398.803217] name failslab, interval 1, probability 0, space 0, times 0
[  398.817568] CPU: 1 PID: 13918 Comm: syz-executor.5 Not tainted 4.19.176-syzkaller #0
[  398.825873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  398.836960] Call Trace:
[  398.839863]  dump_stack+0x123/0x171
[  398.843596]  should_fail.cold.4+0x5/0xa
[  398.848044]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[  398.853338]  ? lock_downgrade+0x860/0x860
[  398.857910]  ? ___might_sleep+0x16b/0x270
[  398.862232]  __should_failslab+0xba/0xf0
[  398.866642]  should_failslab+0x9/0x20
[  398.870660]  kmem_cache_alloc_trace+0x2cb/0x740
[  398.876328]  ? qfq_change_class+0xa93/0x14e0
[  398.880916]  ? qfq_change_class+0xa93/0x14e0
[  398.885535]  ? __local_bh_enable_ip+0x160/0x260
[  398.890599]  qfq_change_class+0xad9/0x14e0
[  398.894898]  ? qfq_delete_class+0x2d0/0x2d0
[  398.899543]  ? nla_parse+0x197/0x280
[  398.904100]  tc_ctl_tclass+0x3e9/0xba0
[  398.908568]  ? qdisc_tree_reduce_backlog+0x560/0x560
[  398.914183]  ? find_held_lock+0x36/0x1d0
[  398.918618]  rtnetlink_rcv_msg+0x34f/0x8f0
[  398.923363]  ? rtnetlink_put_metrics+0x490/0x490
[  398.928991]  ? find_held_lock+0x36/0x1d0
[  398.934001]  netlink_rcv_skb+0x13e/0x3d0
[  398.938257]  ? lock_downgrade+0x860/0x860
[  398.943062]  ? rtnetlink_put_metrics+0x490/0x490
[  398.948416]  ? netlink_ack+0xa70/0xa70
[  398.952829]  ? netlink_deliver_tap+0x182/0xb00
[  398.957812]  rtnetlink_rcv+0x10/0x20
[  398.962144]  netlink_unicast+0x443/0x650
[  398.967102]  ? netlink_attachskb+0x6c0/0x6c0
[  398.971766]  ? _copy_from_iter_full+0x182/0x720
[  398.977893]  ? __check_object_size+0x1ef/0x310
[  398.982860]  ? security_socket_getpeersec_dgram+0x53/0xa0
[  398.988823]  netlink_sendmsg+0x764/0xc60
[  398.993817]  ? netlink_unicast+0x650/0x650
[  398.998215]  ? apparmor_socket_sendmsg+0x1b/0x20
[  399.003560]  ? netlink_unicast+0x650/0x650
[  399.008615]  sock_sendmsg+0xb5/0xf0
[  399.012494]  ___sys_sendmsg+0x647/0x950
[  399.017103]  ? find_held_lock+0x36/0x1d0
[  399.022021]  ? copy_msghdr_from_user+0x430/0x430
[  399.027139]  ? __fget+0x278/0x400
[  399.031121]  ? kasan_check_read+0x11/0x20
[  399.035555]  ? __fget+0x295/0x400
[  399.039563]  ? expand_files.part.8+0x700/0x700
[  399.044949]  ? __f_unlock_pos+0xd/0x10
[  399.049105]  ? __fget_light+0x174/0x1e0
[  399.053802]  ? __fdget+0xe/0x10
[  399.057315]  ? __mutex_unlock_slowpath+0xe8/0x6a0
[  399.062871]  __sys_sendmsg+0xd9/0x180
[  399.067001]  ? __ia32_sys_shutdown+0x70/0x70
[  399.071814]  ? __sb_end_write+0xa4/0xd0
[  399.075906]  ? kasan_check_write+0x14/0x20
[  399.080739]  ? fput+0x18/0x120
[  399.084248]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  399.089726]  __x64_sys_sendmsg+0x73/0xb0
[  399.094041]  do_syscall_64+0xd0/0x4e0
[  399.097969]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  399.103476] RIP: 0033:0x463d89
[  399.106801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  399.129302] RSP: 002b:00007f676f876198 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  399.138794] RAX: ffffffffffffffda RBX: 00000000000009fa RCX: 0000000000463d89
[  399.147040] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000008
[  399.155294] RBP: 000000000000002e R08: 0000000000000000 R09: 0000000000000000
[  399.162933] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000053c040
[  399.171661] R13: 00007f676f8766bc R14: 0000000000000009 R15: 0000000000000001
[  399.181820] FAULT_INJECTION: forcing a failure.
[  399.181820] name failslab, interval 1, probability 0, space 0, times 0
[  399.195246] CPU: 1 PID: 13919 Comm: syz-executor.4 Not tainted 4.19.176-syzkaller #0
[  399.203758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  399.214173] Call Trace:
[  399.217417]  dump_stack+0x123/0x171
[  399.221789]  should_fail.cold.4+0x5/0xa
[  399.227006]  ? fault_create_debugfs_attr+0x1a0/0x1a0
[  399.232850]  ? lock_downgrade+0x860/0x860
[  399.237337]  ? ___might_sleep+0x16b/0x270
[  399.242472]  __should_failslab+0xba/0xf0
[  399.247138]  should_failslab+0x9/0x20
[  399.251137]  kmem_cache_alloc_trace+0x2cb/0x740
[  399.256491]  ? qfq_change_class+0xa93/0x14e0
[  399.261455]  ? qfq_change_class+0xa93/0x14e0
[  399.266349]  ? __local_bh_enable_ip+0x160/0x260
[  399.272163]  qfq_change_class+0xad9/0x14e0
[  399.277198]  ? qfq_delete_class+0x2d0/0x2d0
[  399.282317]  ? nla_parse+0x197/0x280
[  399.286528]  tc_ctl_tclass+0x3e9/0xba0
[  399.290781]  ? qdisc_tree_reduce_backlog+0x560/0x560
[  399.297272]  ? find_held_lock+0x36/0x1d0
[  399.301952]  rtnetlink_rcv_msg+0x34f/0x8f0
[  399.306776]  ? rtnetlink_put_metrics+0x490/0x490
[  399.312495]  ? find_held_lock+0x36/0x1d0
[  399.317202]  netlink_rcv_skb+0x13e/0x3d0
[  399.321435]  ? lock_downgrade+0x860/0x860
[  399.325808]  ? rtnetlink_put_metrics+0x490/0x490
[  399.331030]  ? netlink_ack+0xa70/0xa70
[  399.335191]  ? netlink_deliver_tap+0x182/0xb00
[  399.340643]  rtnetlink_rcv+0x10/0x20
[  399.344376]  netlink_unicast+0x443/0x650
[  399.349107]  ? netlink_attachskb+0x6c0/0x6c0
[  399.353919]  ? _copy_from_iter_full+0x182/0x720
[  399.359149]  ? __check_object_size+0x1ef/0x310
[  399.364296]  ? security_socket_getpeersec_dgram+0x53/0xa0
[  399.370276]  netlink_sendmsg+0x764/0xc60
[  399.374818]  ? netlink_unicast+0x650/0x650
[  399.379841]  ? apparmor_socket_sendmsg+0x1b/0x20
[  399.385147]  ? netlink_unicast+0x650/0x650
[  399.389802]  sock_sendmsg+0xb5/0xf0
[  399.393718]  ___sys_sendmsg+0x647/0x950
[  399.398115]  ? find_held_lock+0x36/0x1d0
[  399.402282]  ? copy_msghdr_from_user+0x430/0x430
[  399.407291]  ? __fget+0x278/0x400
[  399.411316]  ? kasan_check_read+0x11/0x20
[  399.415465]  ? __fget+0x295/0x400
[  399.419014]  ? expand_files.part.8+0x700/0x700
[  399.423843]  ? __f_unlock_pos+0xd/0x10
[  399.427864]  ? __fget_light+0x174/0x1e0
[  399.431914]  ? __fdget+0xe/0x10
[  399.435293]  ? __mutex_unlock_slowpath+0xe8/0x6a0
[  399.441064]  __sys_sendmsg+0xd9/0x180
[  399.445189]  ? __ia32_sys_shutdown+0x70/0x70
[  399.450598]  ? __sb_end_write+0xa4/0xd0
[  399.455049]  ? kasan_check_write+0x14/0x20
[  399.460715]  ? fput+0x18/0x120
[  399.464607]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  399.470274]  __x64_sys_sendmsg+0x73/0xb0
[  399.474835]  do_syscall_64+0xd0/0x4e0
[  399.479517]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  399.485287] RIP: 0033:0x463d89
[  399.488695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  399.509767] RSP: 002b:00007f5da7bed198 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  399.518516] RAX: ffffffffffffffda RBX: 00000000000009fa RCX: 0000000000463d89
[  399.526171] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000008
[  399.533993] RBP: 000000000000002e R08: 0000000000000000 R09: 0000000000000000
[  399.542390] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000053c040
[  399.550274] R13: 00007f5da7bed6bc R14: 0000000000000009 R15: 0000000000000001
[  400.237401] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  400.247708] batman_adv: batadv0: Removing interface: batadv_slave_0
[  400.258249] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  400.266841] batman_adv: batadv0: Removing interface: batadv_slave_1
[  400.278387] device bridge_slave_1 left promiscuous mode
[  400.285094] bridge0: port 2(bridge_slave_1) entered disabled state
[  400.338255] device bridge_slave_0 left promiscuous mode
[  400.345406] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.400816] device veth1_macvtap left promiscuous mode
[  400.407883] device veth0_macvtap left promiscuous mode
[  400.413424] device veth1_vlan left promiscuous mode
[  400.420465] device veth0_vlan left promiscuous mode
[  400.469796] ==================================================================
[  400.478388] BUG: KASAN: use-after-free in qfq_reset_qdisc+0x216/0x290
[  400.485241] Read of size 8 at addr ffff8881c46d9708 by task kworker/u4:6/7164
[  400.493348] 
[  400.495098] CPU: 1 PID: 7164 Comm: kworker/u4:6 Not tainted 4.19.176-syzkaller #0
[  400.503321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  400.513184] Workqueue: netns cleanup_net
[  400.517492] Call Trace:
[  400.520725]  dump_stack+0x123/0x171
[  400.524713]  print_address_description.cold.8+0x9/0x1ff
[  400.530442]  kasan_report.cold.9+0x242/0x2fe
[  400.535133]  ? qfq_reset_qdisc+0x216/0x290
[  400.539890]  __asan_report_load8_noabort+0x14/0x20
[  400.544986]  qfq_reset_qdisc+0x216/0x290
[  400.549121]  qdisc_destroy+0xfb/0x650
[  400.552907]  ? __lock_is_held+0xb5/0x140
[  400.557528]  dev_shutdown+0x236/0x410
[  400.561584]  rollback_registered_many+0x4b7/0xb50
[  400.567049]  ? kernfs_put+0x2d4/0x540
[  400.571043]  ? netif_set_real_num_tx_queues+0x620/0x620
[  400.576947]  ? kasan_check_write+0x14/0x20
[  400.581357]  ? kernfs_put+0x2e6/0x540
[  400.585397]  ? unregister_netdevice_queue+0xf3/0x240
[  400.591162]  unregister_netdevice_many+0x3e/0x1f0
[  400.596256]  default_device_exit_batch+0x2e4/0x3d0
[  400.601817]  ? unregister_netdevice_many+0x1f0/0x1f0
[  400.607620]  ? rtnl_unlock+0x9/0x10
[  400.611522]  ? default_device_exit+0x1c5/0x260
[  400.616836]  ? do_wait_intr_irq+0x310/0x310
[  400.621653]  ops_exit_list.isra.5+0xd3/0x120
[  400.626666]  cleanup_net+0x368/0x850
[  400.630704]  ? net_drop_ns+0x60/0x60
[  400.634982]  ? __lock_is_held+0xb5/0x140
[  400.639047]  process_one_work+0x830/0x1670
[  400.643445]  ? pwq_dec_nr_in_flight+0x2c0/0x2c0
[  400.648185]  ? lock_acquire+0x173/0x3d0
[  400.652526]  ? kasan_check_write+0x14/0x20
[  400.657054]  ? do_raw_spin_lock+0xd0/0x240
[  400.661448]  worker_thread+0x85/0xb60
[  400.665316]  ? __kthread_parkme+0x37/0x1c0
[  400.669974]  kthread+0x347/0x410
[  400.673519]  ? process_one_work+0x1670/0x1670
[  400.678283]  ? kthread_cancel_delayed_work_sync+0x10/0x10
[  400.684958]  ret_from_fork+0x24/0x30
[  400.689244] 
[  400.692961] Allocated by task 13919:
[  400.696910]  save_stack+0x43/0xd0
[  400.700852]  kasan_kmalloc+0xc7/0xe0
[  400.704739]  kmem_cache_alloc_trace+0x152/0x740
[  400.709756]  qfq_change_class+0x613/0x14e0
[  400.714377]  tc_ctl_tclass+0x3e9/0xba0
[  400.718690]  rtnetlink_rcv_msg+0x34f/0x8f0
[  400.723007]  netlink_rcv_skb+0x13e/0x3d0
[  400.728047]  rtnetlink_rcv+0x10/0x20
[  400.732041]  netlink_unicast+0x443/0x650
[  400.736676]  netlink_sendmsg+0x764/0xc60
[  400.741116]  sock_sendmsg+0xb5/0xf0
[  400.745082]  ___sys_sendmsg+0x647/0x950
[  400.749250]  __sys_sendmsg+0xd9/0x180
[  400.753217]  __x64_sys_sendmsg+0x73/0xb0
[  400.757930]  do_syscall_64+0xd0/0x4e0
[  400.762076]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  400.767790] 
[  400.769748] Freed by task 13919:
[  400.773612]  save_stack+0x43/0xd0
[  400.777716]  __kasan_slab_free+0x102/0x150
[  400.782192]  kasan_slab_free+0xe/0x10
[  400.786616]  kfree+0xcf/0x220
[  400.789906]  qfq_change_class+0xd44/0x14e0
[  400.794467]  tc_ctl_tclass+0x3e9/0xba0
[  400.798924]  rtnetlink_rcv_msg+0x34f/0x8f0
[  400.803675]  netlink_rcv_skb+0x13e/0x3d0
[  400.808345]  rtnetlink_rcv+0x10/0x20
[  400.812445]  netlink_unicast+0x443/0x650
[  400.816979]  netlink_sendmsg+0x764/0xc60
[  400.821208]  sock_sendmsg+0xb5/0xf0
[  400.825147]  ___sys_sendmsg+0x647/0x950
[  400.829284]  __sys_sendmsg+0xd9/0x180
[  400.833743]  __x64_sys_sendmsg+0x73/0xb0
[  400.837999]  do_syscall_64+0xd0/0x4e0
[  400.841906]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  400.847650] 
[  400.849442] The buggy address belongs to the object at ffff8881c46d96c0
[  400.849442]  which belongs to the cache kmalloc-128 of size 128
[  400.862698] The buggy address is located 72 bytes inside of
[  400.862698]  128-byte region [ffff8881c46d96c0, ffff8881c46d9740)
[  400.875655] The buggy address belongs to the page:
[  400.880920] page:ffffea000711b640 count:1 mapcount:0 mapping:ffff8881f6400640 index:0x0
[  400.890575] flags: 0x17ffe0000000100(slab)
[  400.895146] raw: 017ffe0000000100 ffffea00077f02c8 ffffea00077d60c8 ffff8881f6400640
[  400.904246] raw: 0000000000000000 ffff8881c46d9000 0000000100000015 0000000000000000
[  400.912500] page dumped because: kasan: bad access detected
[  400.918890] 
[  400.920660] Memory state around the buggy address:
[  400.926345]  ffff8881c46d9600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  400.934638]  ffff8881c46d9680: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[  400.942633] >ffff8881c46d9700: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  400.950433]                       ^
[  400.954558]  ffff8881c46d9780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  400.963138]  ffff8881c46d9800: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb
[  400.970958] ==================================================================
[  400.978636] Disabling lock debugging due to kernel taint
[  401.001369] Kernel panic - not syncing: panic_on_warn set ...
[  401.001369] 
[  401.009656] CPU: 0 PID: 7164 Comm: kworker/u4:6 Tainted: G    B             4.19.176-syzkaller #0
[  401.019837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  401.029950] Workqueue: netns cleanup_net
[  401.034615] Call Trace:
[  401.037585]  dump_stack+0x123/0x171
[  401.041375]  panic+0x1cd/0x375
[  401.045015]  ? __warn_printk+0xd6/0xd6
[  401.049849]  ? ___preempt_schedule+0x16/0x18
[  401.055381]  kasan_end_report+0x47/0x4f
[  401.059749]  kasan_report.cold.9+0x76/0x2fe
[  401.064775]  ? qfq_reset_qdisc+0x216/0x290
[  401.069419]  __asan_report_load8_noabort+0x14/0x20
[  401.074953]  qfq_reset_qdisc+0x216/0x290
[  401.079073]  qdisc_destroy+0xfb/0x650
[  401.083123]  ? __lock_is_held+0xb5/0x140
[  401.087725]  dev_shutdown+0x236/0x410
[  401.091824]  rollback_registered_many+0x4b7/0xb50
[  401.097241]  ? kernfs_put+0x2d4/0x540
[  401.101808]  ? netif_set_real_num_tx_queues+0x620/0x620
[  401.107765]  ? kasan_check_write+0x14/0x20
[  401.112510]  ? kernfs_put+0x2e6/0x540
[  401.116736]  ? unregister_netdevice_queue+0xf3/0x240
[  401.122203]  unregister_netdevice_many+0x3e/0x1f0
[  401.127944]  default_device_exit_batch+0x2e4/0x3d0
[  401.133061]  ? unregister_netdevice_many+0x1f0/0x1f0
[  401.139726]  ? rtnl_unlock+0x9/0x10
[  401.144294]  ? default_device_exit+0x1c5/0x260
[  401.149045]  ? do_wait_intr_irq+0x310/0x310
[  401.154040]  ops_exit_list.isra.5+0xd3/0x120
[  401.159034]  cleanup_net+0x368/0x850
[  401.163572]  ? net_drop_ns+0x60/0x60
[  401.168320]  ? __lock_is_held+0xb5/0x140
[  401.173005]  process_one_work+0x830/0x1670
[  401.178207]  ? pwq_dec_nr_in_flight+0x2c0/0x2c0
[  401.183058]  ? lock_acquire+0x173/0x3d0
[  401.187107]  ? kasan_check_write+0x14/0x20
[  401.191619]  ? do_raw_spin_lock+0xd0/0x240
[  401.196656]  worker_thread+0x85/0xb60
[  401.201285]  ? __kthread_parkme+0x37/0x1c0
[  401.205869]  kthread+0x347/0x410
[  401.209572]  ? process_one_work+0x1670/0x1670
[  401.214311]  ? kthread_cancel_delayed_work_sync+0x10/0x10
[  401.221135]  ret_from_fork+0x24/0x30
[  401.229292] Kernel Offset: disabled
[  401.233414] Rebooting in 86400 seconds..