Warning: Permanently added '10.128.10.30' (ECDSA) to the list of known hosts.
2022/07/28 11:06:25 parsed 1 programs
[ 71.282094][ T4045] cgroup: Unknown subsys name 'net'
[ 71.289587][ T4045] cgroup: Unknown subsys name 'rlimit'
2022/07/28 11:06:25 executed programs: 0
[ 71.609357][ T924] cfg80211: failed to load regulatory.db
[ 74.569066][ T3641] Bluetooth: hci0: Opcode 0x c03 failed: -110
[ 76.651901][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 76.659234][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 76.666341][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 76.673986][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 76.681314][ T47] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 76.688412][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 76.731527][ T4098] chnl_net:caif_netlink_parms(): no params data found
[ 76.756408][ T4098] bridge0: port 1(bridge_slave_0) entered blocking state
[ 76.763556][ T4098] bridge0: port 1(bridge_slave_0) entered disabled state
[ 76.771265][ T4098] device bridge_slave_0 entered promiscuous mode
[ 76.778617][ T4098] bridge0: port 2(bridge_slave_1) entered blocking state
[ 76.785913][ T4098] bridge0: port 2(bridge_slave_1) entered disabled state
[ 76.793510][ T4098] device bridge_slave_1 entered promiscuous mode
[ 76.806624][ T4098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 76.816884][ T4098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 76.833277][ T4098] team0: Port device team_slave_0 added
[ 76.840313][ T4098] team0: Port device team_slave_1 added
[ 76.852478][ T4098] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 76.859864][ T4098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.886482][ T4098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 76.898214][ T4098] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 76.905542][ T4098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.931898][ T4098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 76.950620][ T4098] device hsr_slave_0 entered promiscuous mode
[ 76.957000][ T4098] device hsr_slave_1 entered promiscuous mode
[ 76.995020][ T4098] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.002098][ T4098] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 77.009383][ T4098] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.016414][ T4098] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 77.040766][ T4098] 8021q: adding VLAN 0 to HW filter on device bond0
[ 77.050706][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 77.058477][ T26] bridge0: port 1(bridge_slave_0) entered disabled state
[ 77.066898][ T26] bridge0: port 2(bridge_slave_1) entered disabled state
[ 77.074933][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 77.085597][ T4098] 8021q: adding VLAN 0 to HW filter on device team0
[ 77.094320][ T924] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 77.103033][ T924] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.110136][ T924] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 77.128352][ T4098] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 77.139590][ T4098] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 77.151332][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 77.159654][ T3651] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.166671][ T3651] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 77.174754][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 77.183074][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 77.191285][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 77.199528][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 77.209052][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 77.216523][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 77.228246][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 77.236747][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 77.246567][ T4098] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 77.258516][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 77.273561][ T4098] device veth0_vlan entered promiscuous mode
[ 77.280475][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 77.288448][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 77.296527][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 77.306879][ T4098] device veth1_vlan entered promiscuous mode
[ 77.321527][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 77.329753][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 77.337547][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 77.347018][ T4098] device veth0_macvtap entered promiscuous mode
[ 77.355694][ T4098] device veth1_macvtap entered promiscuous mode
[ 77.367379][ T4098] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 77.375243][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 77.385005][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 77.395409][ T4098] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 77.403077][ T3650] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 77.433748][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
2022/07/28 11:06:31 executed programs: 1
[ 77.441914][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 77.449674][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 77.459984][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 77.468070][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 77.476498][ T3651] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 78.729001][ T140] Bluetooth: hci0: command 0x0409 tx timeout
[ 80.809072][ T26] Bluetooth: hci0: command 0x041b tx timeout
2022/07/28 11:06:36 executed programs: 384
[ 82.899297][ T140] Bluetooth: hci0: command 0x040f tx timeout
[ 84.969225][ T26] Bluetooth: hci0: command 0x0419 tx timeout
2022/07/28 11:06:41 executed programs: 926
2022/07/28 11:06:46 executed programs: 1476
2022/07/28 11:06:51 executed programs: 2029
2022/07/28 11:06:56 executed programs: 2577
2022/07/28 11:07:01 executed programs: 3125
2022/07/28 11:07:06 executed programs: 3666
2022/07/28 11:07:11 executed programs: 4211
2022/07/28 11:07:16 executed programs: 4749
2022/07/28 11:07:21 executed programs: 5294
[ 127.930251][ T1240] ieee802154 phy0 wpan0: encryption failed: -22
[ 127.936591][ T1240] ieee802154 phy1 wpan1: encryption failed: -22
2022/07/28 11:07:26 executed programs: 5830
2022/07/28 11:07:31 executed programs: 6368
2022/07/28 11:07:36 executed programs: 6906
2022/07/28 11:07:41 executed programs: 7444
2022/07/28 11:07:46 executed programs: 7986
2022/07/28 11:07:51 executed programs: 8532
2022/07/28 11:07:56 executed programs: 9078
2022/07/28 11:08:01 executed programs: 9626
2022/07/28 11:08:06 executed programs: 10175
2022/07/28 11:08:11 executed programs: 10727
2022/07/28 11:08:16 executed programs: 11267
2022/07/28 11:08:22 executed programs: 11814
[ 189.370119][ T1240] ieee802154 phy0 wpan0: encryption failed: -22
[ 189.376434][ T1240] ieee802154 phy1 wpan1: encryption failed: -22
2022/07/28 11:08:27 executed programs: 12362
2022/07/28 11:08:32 executed programs: 12898
[ 201.688977][ T26] Bluetooth: hci0: command 0x0406 tx timeout
2022/07/28 11:08:37 executed programs: 13434
2022/07/28 11:08:42 executed programs: 13971
2022/07/28 11:08:47 executed programs: 14512
2022/07/28 11:08:52 executed programs: 15048
2022/07/28 11:08:57 executed programs: 15588
2022/07/28 11:09:02 executed programs: 16118
2022/07/28 11:09:07 executed programs: 16658
2022/07/28 11:09:12 executed programs: 17197
2022/07/28 11:09:17 executed programs: 17734
2022/07/28 11:09:22 executed programs: 18274
[ 250.809878][ T1240] ieee802154 phy0 wpan0: encryption failed: -22
[ 250.816266][ T1240] ieee802154 phy1 wpan1: encryption failed: -22
2022/07/28 11:09:27 executed programs: 18814
2022/07/28 11:09:32 executed programs: 19347
2022/07/28 11:09:37 executed programs: 19887
2022/07/28 11:09:42 executed programs: 20431
2022/07/28 11:09:47 executed programs: 20977
2022/07/28 11:09:52 executed programs: 21521
2022/07/28 11:09:57 executed programs: 22062
2022/07/28 11:10:02 executed programs: 22594
2022/07/28 11:10:07 executed programs: 23130
2022/07/28 11:10:12 executed programs: 23658
2022/07/28 11:10:17 executed programs: 24186
2022/07/28 11:10:22 executed programs: 24722
[ 312.250033][ T1240] ieee802154 phy0 wpan0: encryption failed: -22
[ 312.256521][ T1240] ieee802154 phy1 wpan1: encryption failed: -22
2022/07/28 11:10:27 executed programs: 25263
2022/07/28 11:10:32 executed programs: 25799
2022/07/28 11:10:37 executed programs: 26342
2022/07/28 11:10:42 executed programs: 26886
2022/07/28 11:10:47 executed programs: 27436
2022/07/28 11:10:52 executed programs: 27983
2022/07/28 11:10:57 executed programs: 28531
2022/07/28 11:11:02 executed programs: 29082
2022/07/28 11:11:07 executed programs: 29632
[ 357.284260][T32108] ==================================================================
[ 357.293408][T32108] BUG: KASAN: use-after-free in dump_schedule+0x6cd/0x730
[ 357.300590][T32108] Read of size 8 at addr ffff88801c132c40 by task syz-executor.0/32108
[ 357.308798][T32108]
[ 357.311126][T32108] CPU: 0 PID: 32108 Comm: syz-executor.0 Not tainted 5.19.0-rc8-syzkaller #0
[ 357.319870][T32108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022
[ 357.329913][T32108] Call Trace:
[ 357.333287][T32108]
[ 357.336211][T32108] dump_stack_lvl+0x57/0x7d
[ 357.341292][T32108] print_address_description.constprop.0.cold+0xeb/0x495
[ 357.348414][T32108] ? dump_schedule+0x6cd/0x730
[ 357.353605][T32108] kasan_report.cold+0xf4/0x1c6
[ 357.358450][T32108] ? arch_stack_walk+0x90/0xe0
[ 357.363206][T32108] ? dump_schedule+0x6cd/0x730
[ 357.367965][T32108] dump_schedule+0x6cd/0x730
[ 357.372527][T32108] ? lock_acquire+0x480/0x570
[ 357.377720][T32108] ? lock_release+0x780/0x780
[ 357.382384][T32108] ? taprio_offload_get+0x60/0x60
[ 357.387562][T32108] ? memset+0x20/0x40
[ 357.391583][T32108] ? __nla_reserve+0x8f/0xb0
[ 357.396383][T32108] ? memcpy+0x39/0x60
[ 357.400348][T32108] taprio_dump+0x43a/0xba0
[ 357.404751][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 357.410245][T32108] ? advance_sched+0x920/0x920
[ 357.415017][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 357.421317][T32108] ? lock_release+0x560/0x780
[ 357.426069][T32108] ? local_lock_release+0x1d/0x60
[ 357.431085][T32108] ? __nla_reserve+0x8f/0xb0
[ 357.435672][T32108] ? memcpy+0x39/0x60
[ 357.439636][T32108] tc_fill_qdisc+0x57c/0xf90
[ 357.444370][T32108] ? lock_release+0x560/0x780
[ 357.449049][T32108] ? lock_downgrade+0x6e0/0x6e0
[ 357.453893][T32108] ? lock_downgrade+0x6e0/0x6e0
[ 357.458723][T32108] ? qdisc_class_hash_init+0x210/0x210
[ 357.464171][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 357.469688][T32108] ? memset+0x20/0x40
[ 357.473756][T32108] ? __build_skb_around+0x227/0x2e0
[ 357.479143][T32108] ? __alloc_skb+0xca/0x270
[ 357.483706][T32108] qdisc_notify.isra.0+0x22e/0x2a0
[ 357.488982][T32108] ? nla_strcmp+0x1c/0xe0
[ 357.493288][T32108] tc_modify_qdisc+0xc4d/0x1680
[ 357.498303][T32108] ? __mutex_lock+0x231/0x1350
[ 357.503187][T32108] ? qdisc_create.constprop.0+0xdc0/0xdc0
[ 357.508877][T32108] ? rtnetlink_rcv_msg+0x2e2/0x9a0
[ 357.514021][T32108] ? security_capable+0x4c/0x90
[ 357.518959][T32108] rtnetlink_rcv_msg+0x32d/0x9a0
[ 357.523869][T32108] ? netlink_deliver_tap+0x490/0xa90
[ 357.529173][T32108] ? rtnl_fdb_dump+0x7e0/0x7e0
[ 357.533964][T32108] ? netlink_sendmsg+0x574/0xc30
[ 357.538889][T32108] ? sock_sendmsg+0xab/0xe0
[ 357.543595][T32108] ? sock_no_sendpage+0xc0/0x130
[ 357.548528][T32108] ? kernel_sendpage.part.0+0x151/0x550
[ 357.554063][T32108] ? lock_acquire+0x480/0x570
[ 357.558729][T32108] netlink_rcv_skb+0x118/0x370
[ 357.563568][T32108] ? rtnl_fdb_dump+0x7e0/0x7e0
[ 357.568406][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 357.573849][T32108] ? netlink_ack+0x950/0x950
[ 357.578418][T32108] ? netlink_deliver_tap+0x131/0xa90
[ 357.583682][T32108] ? netlink_deliver_tap+0x136/0xa90
[ 357.588935][T32108] netlink_unicast+0x433/0x710
[ 357.593678][T32108] ? do_raw_spin_unlock+0x171/0x230
[ 357.598850][T32108] ? netlink_attachskb+0x740/0x740
[ 357.603942][T32108] ? _raw_spin_unlock+0x24/0x40
[ 357.608851][T32108] ? find_vmap_area+0xa2/0xe0
[ 357.613545][T32108] ? __check_object_size+0x1c0/0x490
[ 357.619025][T32108] netlink_sendmsg+0x782/0xc30
[ 357.623854][T32108] ? netlink_unicast+0x710/0x710
[ 357.628857][T32108] ? netlink_unicast+0x710/0x710
[ 357.633769][T32108] sock_sendmsg+0xab/0xe0
[ 357.638219][T32108] sock_no_sendpage+0xf3/0x130
[ 357.643042][T32108] ? sock_no_shutdown+0x10/0x10
[ 357.648037][T32108] ? lock_acquire+0x480/0x570
[ 357.652688][T32108] ? lock_release+0x780/0x780
[ 357.657350][T32108] ? finish_task_switch.isra.0+0x352/0xb80
[ 357.663334][T32108] kernel_sendpage.part.0+0x151/0x550
[ 357.668696][T32108] ? kernel_sendpage+0xd0/0xd0
[ 357.673433][T32108] sock_sendpage+0xbd/0x190
[ 357.678095][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 357.683537][T32108] ? trace_contention_end+0xea/0x150
[ 357.688798][T32108] pipe_to_sendpage+0x245/0x410
[ 357.693704][T32108] ? propagate_umount+0x1830/0x1830
[ 357.698876][T32108] ? generic_splice_sendpage+0xa6/0x120
[ 357.704407][T32108] __splice_from_pipe+0x362/0x810
[ 357.709414][T32108] ? propagate_umount+0x1830/0x1830
[ 357.714870][T32108] generic_splice_sendpage+0xba/0x120
[ 357.720692][T32108] ? __do_sys_vmsplice+0x810/0x810
[ 357.725806][T32108] ? apparmor_file_permission+0x138/0x450
[ 357.731583][T32108] ? security_file_permission+0x3c/0x90
[ 357.737218][T32108] do_splice+0x9c8/0x1b00
[ 357.741523][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 357.746953][T32108] ? lock_acquire+0x480/0x570
[ 357.751603][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 357.757044][T32108] ? lock_release+0x560/0x780
[ 357.761867][T32108] ? splice_file_to_pipe+0xf0/0xf0
[ 357.766962][T32108] ? lock_downgrade+0x6e0/0x6e0
[ 357.771783][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 357.777211][T32108] ? lock_release+0x560/0x780
[ 357.781869][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 357.787296][T32108] ? __context_tracking_exit+0x80/0x90
[ 357.792849][T32108] __do_splice+0xf4/0x1b0
[ 357.797247][T32108] ? do_splice+0x1b00/0x1b00
[ 357.801983][T32108] __x64_sys_splice+0x14a/0x200
[ 357.806837][T32108] do_syscall_64+0x35/0x80
[ 357.811224][T32108] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 357.817110][T32108] RIP: 0033:0x7fd43ba88a39
[ 357.821509][T32108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 357.841178][T32108] RSP: 002b:00007fd43cbe1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[ 357.849570][T32108] RAX: ffffffffffffffda RBX: 00007fd43bb8bf60 RCX: 00007fd43ba88a39
[ 357.857522][T32108] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003
[ 357.865590][T32108] RBP: 00007fd43bae2e8f R08: 0000000000010976 R09: 0000000000000000
[ 357.873532][T32108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 357.881572][T32108] R13: 00007fd43c0bfb2f R14: 00007fd43cbe1300 R15: 0000000000022000
[ 357.889521][T32108]
[ 357.892602][T32108]
[ 357.894904][T32108] Allocated by task 32096:
[ 357.899288][T32108] kasan_save_stack+0x1e/0x40
[ 357.903941][T32108] __kasan_kmalloc+0xa9/0xd0
[ 357.908498][T32108] taprio_change+0x51b/0x3a80
[ 357.913149][T32108] tc_modify_qdisc+0xafd/0x1680
[ 357.917974][T32108] rtnetlink_rcv_msg+0x32d/0x9a0
[ 357.922890][T32108] netlink_rcv_skb+0x118/0x370
[ 357.927741][T32108] netlink_unicast+0x433/0x710
[ 357.932474][T32108] netlink_sendmsg+0x782/0xc30
[ 357.937216][T32108] sock_sendmsg+0xab/0xe0
[ 357.941522][T32108] sock_no_sendpage+0xf3/0x130
[ 357.946260][T32108] kernel_sendpage.part.0+0x151/0x550
[ 357.951604][T32108] sock_sendpage+0xbd/0x190
[ 357.956081][T32108] pipe_to_sendpage+0x245/0x410
[ 357.960992][T32108] __splice_from_pipe+0x362/0x810
[ 357.966095][T32108] generic_splice_sendpage+0xba/0x120
[ 357.971442][T32108] do_splice+0x9c8/0x1b00
[ 357.975828][T32108] __do_splice+0xf4/0x1b0
[ 357.980128][T32108] __x64_sys_splice+0x14a/0x200
[ 357.984953][T32108] do_syscall_64+0x35/0x80
[ 357.989381][T32108] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 357.995284][T32108]
[ 357.997589][T32108] Freed by task 21:
[ 358.001452][T32108] kasan_save_stack+0x1e/0x40
[ 358.006103][T32108] kasan_set_track+0x21/0x30
[ 358.010785][T32108] kasan_set_free_info+0x20/0x30
[ 358.015725][T32108] ____kasan_slab_free+0x166/0x1a0
[ 358.020812][T32108] slab_free_freelist_hook+0x8b/0x1c0
[ 358.026248][T32108] kfree+0xd6/0x4d0
[ 358.030039][T32108] rcu_core+0x7b1/0x1880
[ 358.034424][T32108] __do_softirq+0x29b/0x9c2
[ 358.038995][T32108]
[ 358.041304][T32108] Last potentially related work creation:
[ 358.047167][T32108] kasan_save_stack+0x1e/0x40
[ 358.051827][T32108] __kasan_record_aux_stack+0xbe/0xd0
[ 358.057264][T32108] call_rcu+0x99/0x790
[ 358.061401][T32108] taprio_change+0x259a/0x3a80
[ 358.066157][T32108] tc_modify_qdisc+0xafd/0x1680
[ 358.070976][T32108] rtnetlink_rcv_msg+0x32d/0x9a0
[ 358.075902][T32108] netlink_rcv_skb+0x118/0x370
[ 358.080724][T32108] netlink_unicast+0x433/0x710
[ 358.085593][T32108] netlink_sendmsg+0x782/0xc30
[ 358.090336][T32108] sock_sendmsg+0xab/0xe0
[ 358.094637][T32108] sock_no_sendpage+0xf3/0x130
[ 358.099458][T32108] kernel_sendpage.part.0+0x151/0x550
[ 358.104810][T32108] sock_sendpage+0xbd/0x190
[ 358.109401][T32108] pipe_to_sendpage+0x245/0x410
[ 358.114310][T32108] __splice_from_pipe+0x362/0x810
[ 358.119304][T32108] generic_splice_sendpage+0xba/0x120
[ 358.124662][T32108] do_splice+0x9c8/0x1b00
[ 358.129058][T32108] __do_splice+0xf4/0x1b0
[ 358.133533][T32108] __x64_sys_splice+0x14a/0x200
[ 358.138353][T32108] do_syscall_64+0x35/0x80
[ 358.142763][T32108] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 358.148632][T32108]
[ 358.150946][T32108] Second to last potentially related work creation:
[ 358.157587][T32108] kasan_save_stack+0x1e/0x40
[ 358.162242][T32108] __kasan_record_aux_stack+0xbe/0xd0
[ 358.167585][T32108] call_rcu+0x99/0x790
[ 358.171629][T32108] taprio_change+0x259a/0x3a80
[ 358.176393][T32108] tc_modify_qdisc+0xafd/0x1680
[ 358.181217][T32108] rtnetlink_rcv_msg+0x32d/0x9a0
[ 358.186123][T32108] netlink_rcv_skb+0x118/0x370
[ 358.190875][T32108] netlink_unicast+0x433/0x710
[ 358.195625][T32108] netlink_sendmsg+0x782/0xc30
[ 358.200365][T32108] sock_sendmsg+0xab/0xe0
[ 358.204666][T32108] sock_no_sendpage+0xf3/0x130
[ 358.209419][T32108] kernel_sendpage.part.0+0x151/0x550
[ 358.214765][T32108] sock_sendpage+0xbd/0x190
[ 358.219248][T32108] pipe_to_sendpage+0x245/0x410
[ 358.224086][T32108] __splice_from_pipe+0x362/0x810
[ 358.229075][T32108] generic_splice_sendpage+0xba/0x120
[ 358.234416][T32108] do_splice+0x9c8/0x1b00
[ 358.238712][T32108] __do_splice+0xf4/0x1b0
[ 358.243011][T32108] __x64_sys_splice+0x14a/0x200
[ 358.247831][T32108] do_syscall_64+0x35/0x80
[ 358.252218][T32108] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 358.258081][T32108]
[ 358.260380][T32108] The buggy address belongs to the object at ffff88801c132c00
[ 358.260380][T32108] which belongs to the cache kmalloc-96 of size 96
[ 358.274330][T32108] The buggy address is located 64 bytes inside of
[ 358.274330][T32108] 96-byte region [ffff88801c132c00, ffff88801c132c60)
[ 358.288266][T32108]
[ 358.290569][T32108] The buggy address belongs to the physical page:
[ 358.296954][T32108] page:ffffea0000704c80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c132
[ 358.307246][T32108] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 358.315039][T32108] raw: 00fff00000000200 ffffea0000576640 dead000000000004 ffff888010041780
[ 358.323592][T32108] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[ 358.332161][T32108] page dumped because: kasan: bad access detected
[ 358.338545][T32108] page_owner tracks the page as allocated
[ 358.344407][T32108] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY), pid 3013, tgid 3013 (udevd), ts 19131450827, free_ts 19113212741
[ 358.362176][T32108] get_page_from_freelist+0x19d3/0x3b30
[ 358.368332][T32108] __alloc_pages+0x1c7/0x510
[ 358.372893][T32108] allocate_slab+0x26c/0x3c0
[ 358.377456][T32108] ___slab_alloc+0x9bc/0xe10
[ 358.382018][T32108] __slab_alloc.constprop.0+0x4d/0xa0
[ 358.387361][T32108] __kmalloc+0x318/0x350
[ 358.391941][T32108] tomoyo_encode2.part.0+0x92/0x310
[ 358.397116][T32108] tomoyo_realpath_from_path+0x140/0x6a0
[ 358.403003][T32108] tomoyo_check_open_permission+0x21c/0x2c0
[ 358.408885][T32108] security_file_open+0x34/0x80
[ 358.413746][T32108] do_dentry_open+0x300/0xfe0
[ 358.418418][T32108] path_openat+0x9cf/0x2360
[ 358.422966][T32108] do_filp_open+0x199/0x3d0
[ 358.427484][T32108] do_sys_openat2+0x11e/0x3f0
[ 358.432164][T32108] __x64_sys_openat+0x11b/0x1d0
[ 358.436991][T32108] do_syscall_64+0x35/0x80
[ 358.441380][T32108] page last free stack trace:
[ 358.446026][T32108] free_pcp_prepare+0x549/0xd20
[ 358.450947][T32108] free_unref_page+0x19/0x6a0
[ 358.455607][T32108] qlist_free_all+0x6a/0x170
[ 358.460186][T32108] kasan_quarantine_reduce+0x180/0x200
[ 358.465632][T32108] __kasan_slab_alloc+0xa2/0xc0
[ 358.470543][T32108] kmem_cache_alloc+0x204/0x3b0
[ 358.475364][T32108] getname_flags.part.0+0x4a/0x440
[ 358.480444][T32108] do_sys_openat2+0xd2/0x3f0
[ 358.485009][T32108] __x64_sys_openat+0x11b/0x1d0
[ 358.489829][T32108] do_syscall_64+0x35/0x80
[ 358.494225][T32108] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 358.500102][T32108]
[ 358.502397][T32108] Memory state around the buggy address:
[ 358.508354][T32108] ffff88801c132b00: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[ 358.516405][T32108] ffff88801c132b80: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 358.524457][T32108] >ffff88801c132c00: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 358.532613][T32108] ^
[ 358.538769][T32108] ffff88801c132c80: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[ 358.546817][T32108] ffff88801c132d00: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[ 358.554879][T32108] ==================================================================
[ 358.565711][T32108] Kernel panic - not syncing: panic_on_warn set ...
[ 358.572417][T32108] CPU: 1 PID: 32108 Comm: syz-executor.0 Not tainted 5.19.0-rc8-syzkaller #0
[ 358.582648][T32108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022
[ 358.592776][T32108] Call Trace:
[ 358.596040][T32108]
[ 358.598960][T32108] dump_stack_lvl+0x57/0x7d
[ 358.603463][T32108] panic+0x227/0x466
[ 358.607539][T32108] ? panic_print_sys_info.part.0+0x69/0x69
[ 358.613419][T32108] ? preempt_schedule_common+0x59/0xc0
[ 358.619003][T32108] ? dump_schedule+0x6cd/0x730
[ 358.624014][T32108] ? preempt_schedule_thunk+0x16/0x18
[ 358.629391][T32108] ? dump_schedule+0x6cd/0x730
[ 358.634268][T32108] end_report.part.0+0x3f/0x7c
[ 358.639039][T32108] kasan_report.cold+0x93/0x1c6
[ 358.643971][T32108] ? arch_stack_walk+0x90/0xe0
[ 358.648741][T32108] ? dump_schedule+0x6cd/0x730
[ 358.653860][T32108] dump_schedule+0x6cd/0x730
[ 358.658588][T32108] ? lock_acquire+0x480/0x570
[ 358.663370][T32108] ? lock_release+0x780/0x780
[ 358.668044][T32108] ? taprio_offload_get+0x60/0x60
[ 358.673057][T32108] ? memset+0x20/0x40
[ 358.677035][T32108] ? __nla_reserve+0x8f/0xb0
[ 358.681796][T32108] ? memcpy+0x39/0x60
[ 358.685767][T32108] taprio_dump+0x43a/0xba0
[ 358.690251][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 358.695705][T32108] ? advance_sched+0x920/0x920
[ 358.700565][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 358.706106][T32108] ? lock_release+0x560/0x780
[ 358.710774][T32108] ? local_lock_release+0x1d/0x60
[ 358.715779][T32108] ? __nla_reserve+0x8f/0xb0
[ 358.720354][T32108] ? memcpy+0x39/0x60
[ 358.724427][T32108] tc_fill_qdisc+0x57c/0xf90
[ 358.729035][T32108] ? lock_release+0x560/0x780
[ 358.733788][T32108] ? lock_downgrade+0x6e0/0x6e0
[ 358.738682][T32108] ? lock_downgrade+0x6e0/0x6e0
[ 358.743511][T32108] ? qdisc_class_hash_init+0x210/0x210
[ 358.748968][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 358.754404][T32108] ? memset+0x20/0x40
[ 358.758732][T32108] ? __build_skb_around+0x227/0x2e0
[ 358.763992][T32108] ? __alloc_skb+0xca/0x270
[ 358.768476][T32108] qdisc_notify.isra.0+0x22e/0x2a0
[ 358.773580][T32108] ? nla_strcmp+0x1c/0xe0
[ 358.777904][T32108] tc_modify_qdisc+0xc4d/0x1680
[ 358.782742][T32108] ? __mutex_lock+0x231/0x1350
[ 358.787598][T32108] ? qdisc_create.constprop.0+0xdc0/0xdc0
[ 358.793298][T32108] ? rtnetlink_rcv_msg+0x2e2/0x9a0
[ 358.798396][T32108] ? security_capable+0x4c/0x90
[ 358.803228][T32108] rtnetlink_rcv_msg+0x32d/0x9a0
[ 358.808153][T32108] ? netlink_deliver_tap+0x490/0xa90
[ 358.813592][T32108] ? rtnl_fdb_dump+0x7e0/0x7e0
[ 358.818332][T32108] ? netlink_sendmsg+0x574/0xc30
[ 358.823258][T32108] ? sock_sendmsg+0xab/0xe0
[ 358.827938][T32108] ? sock_no_sendpage+0xc0/0x130
[ 358.833053][T32108] ? kernel_sendpage.part.0+0x151/0x550
[ 358.838586][T32108] ? lock_acquire+0x480/0x570
[ 358.843259][T32108] netlink_rcv_skb+0x118/0x370
[ 358.848002][T32108] ? rtnl_fdb_dump+0x7e0/0x7e0
[ 358.852937][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 358.858391][T32108] ? netlink_ack+0x950/0x950
[ 358.862974][T32108] ? netlink_deliver_tap+0x131/0xa90
[ 358.868254][T32108] ? netlink_deliver_tap+0x136/0xa90
[ 358.873527][T32108] netlink_unicast+0x433/0x710
[ 358.878270][T32108] ? do_raw_spin_unlock+0x171/0x230
[ 358.883492][T32108] ? netlink_attachskb+0x740/0x740
[ 358.888598][T32108] ? _raw_spin_unlock+0x24/0x40
[ 358.893451][T32108] ? find_vmap_area+0xa2/0xe0
[ 358.898119][T32108] ? __check_object_size+0x1c0/0x490
[ 358.903386][T32108] netlink_sendmsg+0x782/0xc30
[ 358.908145][T32108] ? netlink_unicast+0x710/0x710
[ 358.913093][T32108] ? netlink_unicast+0x710/0x710
[ 358.918104][T32108] sock_sendmsg+0xab/0xe0
[ 358.922431][T32108] sock_no_sendpage+0xf3/0x130
[ 358.927359][T32108] ? sock_no_shutdown+0x10/0x10
[ 358.932196][T32108] ? lock_acquire+0x480/0x570
[ 358.936917][T32108] ? lock_release+0x780/0x780
[ 358.941585][T32108] ? finish_task_switch.isra.0+0x352/0xb80
[ 358.947410][T32108] kernel_sendpage.part.0+0x151/0x550
[ 358.952778][T32108] ? kernel_sendpage+0xd0/0xd0
[ 358.957524][T32108] sock_sendpage+0xbd/0x190
[ 358.962014][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 358.967459][T32108] ? trace_contention_end+0xea/0x150
[ 358.972724][T32108] pipe_to_sendpage+0x245/0x410
[ 358.977555][T32108] ? propagate_umount+0x1830/0x1830
[ 358.982742][T32108] ? generic_splice_sendpage+0xa6/0x120
[ 358.988284][T32108] __splice_from_pipe+0x362/0x810
[ 358.993308][T32108] ? propagate_umount+0x1830/0x1830
[ 358.998499][T32108] generic_splice_sendpage+0xba/0x120
[ 359.003871][T32108] ? __do_sys_vmsplice+0x810/0x810
[ 359.009059][T32108] ? apparmor_file_permission+0x138/0x450
[ 359.014852][T32108] ? security_file_permission+0x3c/0x90
[ 359.020380][T32108] do_splice+0x9c8/0x1b00
[ 359.024866][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 359.030311][T32108] ? lock_acquire+0x480/0x570
[ 359.034965][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 359.040397][T32108] ? lock_release+0x560/0x780
[ 359.045058][T32108] ? splice_file_to_pipe+0xf0/0xf0
[ 359.050179][T32108] ? lock_downgrade+0x6e0/0x6e0
[ 359.055035][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 359.060572][T32108] ? lock_release+0x560/0x780
[ 359.065223][T32108] ? rcu_read_lock_sched_held+0xd/0x70
[ 359.070654][T32108] ? __context_tracking_exit+0x80/0x90
[ 359.076187][T32108] __do_splice+0xf4/0x1b0
[ 359.080516][T32108] ? do_splice+0x1b00/0x1b00
[ 359.085084][T32108] __x64_sys_splice+0x14a/0x200
[ 359.089918][T32108] do_syscall_64+0x35/0x80
[ 359.094310][T32108] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 359.100187][T32108] RIP: 0033:0x7fd43ba88a39
[ 359.104619][T32108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 359.124214][T32108] RSP: 002b:00007fd43cbe1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000113
[ 359.132648][T32108] RAX: ffffffffffffffda RBX: 00007fd43bb8bf60 RCX: 00007fd43ba88a39
[ 359.140616][T32108] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003
[ 359.148578][T32108] RBP: 00007fd43bae2e8f R08: 0000000000010976 R09: 0000000000000000
[ 359.156537][T32108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 359.164492][T32108] R13: 00007fd43c0bfb2f R14: 00007fd43cbe1300 R15: 0000000000022000
[ 359.172460][T32108]
[ 359.175618][T32108] Kernel Offset: disabled
[ 359.179969][T32108] Rebooting in 86400 seconds..