Warning: Permanently added '10.128.0.89' (ECDSA) to the list of known hosts.
2021/09/12 02:26:13 parsed 1 programs
2021/09/12 02:26:13 executed programs: 0
syzkaller login: [ 1185.806908][ T6559] chnl_net:caif_netlink_parms(): no params data found
[ 1185.896417][ T6559] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1185.905267][ T6559] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1185.915617][ T6559] device bridge_slave_0 entered promiscuous mode
[ 1185.926768][ T6559] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1185.934657][ T6559] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1185.943459][ T6559] device bridge_slave_1 entered promiscuous mode
[ 1185.973462][ T6559] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1185.984320][ T6559] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1186.017194][ T6559] team0: Port device team_slave_0 added
[ 1186.024512][ T6559] team0: Port device team_slave_1 added
[ 1186.051419][ T6559] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1186.058427][ T6559] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1186.084801][ T6559] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1186.099504][ T6559] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1186.106457][ T6559] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1186.134378][ T6559] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1186.171815][ T6559] device hsr_slave_0 entered promiscuous mode
[ 1186.179204][ T6559] device hsr_slave_1 entered promiscuous mode
[ 1186.302632][ T6559] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1186.313312][ T6559] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1186.323959][ T6559] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1186.335289][ T6559] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1186.361374][ T6559] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1186.368589][ T6559] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1186.376259][ T6559] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1186.383376][ T6559] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1186.433161][ T6559] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1186.445714][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1186.459383][    T5] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1186.469498][    T5] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1186.477282][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 1186.491953][ T6559] 8021q: adding VLAN 0 to HW filter on device team0
[ 1186.503716][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1186.513672][ T1051] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1186.520764][ T1051] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1186.539592][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1186.548920][ T1051] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1186.555975][ T1051] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1186.579180][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1186.588495][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1186.596795][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1186.605933][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1186.617834][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1186.626401][ T6559] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1186.646173][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1186.654250][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1186.667076][ T6559] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1186.688762][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1186.708745][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1186.716958][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1186.725053][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1186.734663][ T6559] device veth0_vlan entered promiscuous mode
[ 1186.747917][ T6559] device veth1_vlan entered promiscuous mode
[ 1186.770044][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1186.779450][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1186.787437][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1186.798887][ T6559] device veth0_macvtap entered promiscuous mode
[ 1186.808203][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1186.817424][ T6559] device veth1_macvtap entered promiscuous mode
[ 1186.836172][ T6559] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1186.845394][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1186.854715][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1186.866748][ T6559] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1186.874146][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1186.883957][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1186.895325][ T6559] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1186.909609][ T6559] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1186.923395][ T6559] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1186.936239][ T6559] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1187.038168][ T6498] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1187.046165][ T6498] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1187.076508][   T10] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1187.086700][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1187.090510][   T10] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1187.105040][ T1051] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1188.272284][  T253] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1190.789953][  T253] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1193.028644][  T253] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1193.422756][  T253] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1193.436558][ T6927] chnl_net:caif_netlink_parms(): no params data found
[ 1193.504494][ T6927] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1193.511910][ T6927] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1193.521248][ T6927] device bridge_slave_0 entered promiscuous mode
[ 1193.532712][ T6927] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1193.540408][ T6927] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1193.548900][ T6927] device bridge_slave_1 entered promiscuous mode
[ 1193.586731][ T6927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1193.602941][ T6927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1193.685051][ T6927] team0: Port device team_slave_0 added
[ 1193.708786][ T6927] team0: Port device team_slave_1 added
[ 1193.838320][ T6927] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1193.845291][ T6927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1193.874038][ T6927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1194.487826][ T6927] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1194.494800][ T6927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1194.528609][ T6927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1194.578264][ T6535] Bluetooth: hci0: command 0x0409 tx timeout
[ 1195.098032][ T6927] device hsr_slave_0 entered promiscuous mode
[ 1195.104686][ T6927] device hsr_slave_1 entered promiscuous mode
[ 1195.113909][ T6927] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1195.122373][ T6927] Cannot create hsr debugfs directory
[ 1196.071958][ T6927] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1196.085155][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1196.094570][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1196.391067][ T6927] 8021q: adding VLAN 0 to HW filter on device team0
[ 1196.402334][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1196.412481][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1196.421492][ T6535] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1196.428567][ T6535] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1196.437949][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1196.656882][ T6891] Bluetooth: hci0: command 0x041b tx timeout
[ 1196.737475][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1196.746080][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1196.755489][ T6891] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1196.762597][ T6891] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1196.771829][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1197.066845][ T6892] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1197.075298][ T6892] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1197.085914][ T6892] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1197.095655][ T6892] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1197.105261][ T6892] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1197.114221][ T6892] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1197.122943][ T6892] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1197.409597][ T6892] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1197.423852][ T6927] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1197.434969][ T6927] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1197.442881][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1197.451599][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1197.821448][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1197.829566][ T6535] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1197.845541][ T6927] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1198.279195][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1198.289951][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1198.316521][  T253] device hsr_slave_0 left promiscuous mode
[ 1198.323508][  T253] device hsr_slave_1 left promiscuous mode
[ 1198.330698][  T253] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1198.340048][  T253] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1198.351475][  T253] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1198.359368][  T253] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1198.368606][  T253] device bridge_slave_1 left promiscuous mode
[ 1198.375592][  T253] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1198.390939][  T253] device bridge_slave_0 left promiscuous mode
[ 1198.397222][  T253] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1198.414118][  T253] device veth1_macvtap left promiscuous mode
[ 1198.420648][  T253] device veth0_macvtap left promiscuous mode
[ 1198.426815][  T253] device veth1_vlan left promiscuous mode
[ 1198.432693][  T253] device veth0_vlan left promiscuous mode
[ 1198.739450][ T6894] Bluetooth: hci0: command 0x040f tx timeout
[ 1200.816644][ T1051] Bluetooth: hci0: command 0x0419 tx timeout
[ 1211.825009][  T253] team0 (unregistering): Port device team_slave_1 removed
[ 1211.839367][  T253] team0 (unregistering): Port device team_slave_0 removed
[ 1211.851841][  T253] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1211.870993][  T253] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1211.922489][  T253] bond0 (unregistering): Released all slaves
[ 1211.986148][ T6894] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1211.994204][ T6894] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1212.005258][ T6927] device veth0_vlan entered promiscuous mode
[ 1212.015374][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1212.023505][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1212.039767][ T6927] device veth1_vlan entered promiscuous mode
[ 1212.067307][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1212.076516][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1212.095295][ T6927] device veth0_macvtap entered promiscuous mode
[ 1212.105533][ T6927] device veth1_macvtap entered promiscuous mode
[ 1212.121923][ T6927] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1212.129298][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1212.138521][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1212.147557][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1212.156498][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1212.171101][ T6927] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1212.178546][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1212.189260][ T6891] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1212.267353][ T6925] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1212.275367][ T6925] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1212.291705][ T6534] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1212.343066][ T7279] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1212.375110][ T7279] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1212.402095][ T6894] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1218.152715][  T253] device hsr_slave_0 left promiscuous mode
[ 1218.162521][  T253] device hsr_slave_1 left promiscuous mode
[ 1218.169518][  T253] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1218.177470][  T253] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1218.187308][  T253] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1218.194691][  T253] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1218.203760][  T253] device bridge_slave_1 left promiscuous mode
[ 1218.210512][  T253] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1218.220276][  T253] device bridge_slave_0 left promiscuous mode
[ 1218.226918][  T253] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1218.238847][  T253] device veth1_macvtap left promiscuous mode
[ 1218.244901][  T253] device veth0_macvtap left promiscuous mode
[ 1218.251062][  T253] device veth1_vlan left promiscuous mode
[ 1218.257603][  T253] device veth0_vlan left promiscuous mode
[ 1230.414462][    T5] Bluetooth: hci0: command 0x0409 tx timeout
[ 1231.291368][   T22] ==================================================================
[ 1231.299579][   T22] BUG: KASAN: use-after-free in __d_alloc+0x19a/0x950
[ 1231.306443][   T22] Read of size 5 at addr ffff88807bd70020 by task kdevtmpfs/22
[ 1231.313974][   T22] 
[ 1231.316285][   T22] CPU: 0 PID: 22 Comm: kdevtmpfs Not tainted 5.14.0-syzkaller #0
[ 1231.324182][   T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1231.334359][   T22] Call Trace:
[ 1231.337625][   T22]  dump_stack_lvl+0xcd/0x134
[ 1231.342257][   T22]  print_address_description.constprop.0.cold+0x6c/0x309
[ 1231.349296][   T22]  ? __d_alloc+0x19a/0x950
[ 1231.353697][   T22]  ? __d_alloc+0x19a/0x950
[ 1231.358098][   T22]  kasan_report.cold+0x83/0xdf
[ 1231.362847][   T22]  ? __d_alloc+0x19a/0x950
[ 1231.367252][   T22]  kasan_check_range+0x13d/0x180
[ 1231.372221][   T22]  memcpy+0x20/0x60
[ 1231.376017][   T22]  __d_alloc+0x19a/0x950
[ 1231.380290][   T22]  d_alloc+0x4a/0x230
[ 1231.384260][   T22]  __lookup_hash+0xc8/0x180
[ 1231.388756][   T22]  kern_path_locked+0x17e/0x320
[ 1231.393591][   T22]  ? filename_lookup+0x80/0x80
[ 1231.398350][   T22]  handle_remove+0xa2/0x5fe
[ 1231.402915][   T22]  ? cacheinfo_cpu_online.cold+0x3e/0x3e
[ 1231.408593][   T22]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1231.414634][   T22]  ? finish_task_switch.isra.0+0x232/0xa50
[ 1231.420460][   T22]  ? find_held_lock+0x2d/0x110
[ 1231.425212][   T22]  ? devtmpfsd+0xaa/0x2a3
[ 1231.429555][   T22]  ? lock_downgrade+0x6e0/0x6e0
[ 1231.434388][   T22]  ? do_raw_spin_lock+0x120/0x2b0
[ 1231.439395][   T22]  ? rwlock_bug.part.0+0x90/0x90
[ 1231.444334][   T22]  devtmpfsd+0x1b9/0x2a3
[ 1231.448578][   T22]  ? dmar_validate_one_drhd+0x24d/0x24d
[ 1231.454112][   T22]  kthread+0x3e5/0x4d0
[ 1231.458236][   T22]  ? set_kthread_struct+0x130/0x130
[ 1231.463421][   T22]  ret_from_fork+0x1f/0x30
[ 1231.467846][   T22] 
[ 1231.470151][   T22] Allocated by task 22:
[ 1231.474286][   T22]  kasan_save_stack+0x1b/0x40
[ 1231.479013][   T22]  __kasan_slab_alloc+0x83/0xb0
[ 1231.483859][   T22]  kmem_cache_alloc+0x209/0x390
[ 1231.488707][   T22]  getname_kernel+0x4e/0x370
[ 1231.493287][   T22]  kern_path_locked+0x71/0x320
[ 1231.498040][   T22]  handle_remove+0xa2/0x5fe
[ 1231.502531][   T22]  devtmpfsd+0x1b9/0x2a3
[ 1231.506773][   T22]  kthread+0x3e5/0x4d0
[ 1231.510826][   T22]  ret_from_fork+0x1f/0x30
[ 1231.515227][   T22] 
[ 1231.517533][   T22] Freed by task 22:
[ 1231.521316][   T22]  kasan_save_stack+0x1b/0x40
[ 1231.525982][   T22]  kasan_set_track+0x1c/0x30
[ 1231.530559][   T22]  kasan_set_free_info+0x20/0x30
[ 1231.535480][   T22]  __kasan_slab_free+0xff/0x130
[ 1231.540309][   T22]  slab_free_freelist_hook+0x81/0x190
[ 1231.545664][   T22]  kmem_cache_free+0x8a/0x5b0
[ 1231.550325][   T22]  putname.part.0+0xe1/0x120
[ 1231.554900][   T22]  kern_path_locked+0xc2/0x320
[ 1231.559645][   T22]  handle_remove+0xa2/0x5fe
[ 1231.564133][   T22]  devtmpfsd+0x1b9/0x2a3
[ 1231.568362][   T22]  kthread+0x3e5/0x4d0
[ 1231.572417][   T22]  ret_from_fork+0x1f/0x30
[ 1231.576826][   T22] 
[ 1231.579139][   T22] The buggy address belongs to the object at ffff88807bd70000
[ 1231.579139][   T22]  which belongs to the cache names_cache of size 4096
[ 1231.593266][   T22] The buggy address is located 32 bytes inside of
[ 1231.593266][   T22]  4096-byte region [ffff88807bd70000, ffff88807bd71000)
[ 1231.606527][   T22] The buggy address belongs to the page:
[ 1231.612145][   T22] page:ffffea0001ef5c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88807bd74400 pfn:0x7bd70
[ 1231.623581][   T22] head:ffffea0001ef5c00 order:3 compound_mapcount:0 compound_pincount:0
[ 1231.631888][   T22] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1231.639870][   T22] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888010dc53c0
[ 1231.648448][   T22] raw: ffff88807bd74400 0000000080070004 00000001ffffffff 0000000000000000
[ 1231.657016][   T22] page dumped because: kasan: bad access detected
[ 1231.663459][   T22] page_owner tracks the page as allocated
[ 1231.669154][   T22] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4484, ts 35255424790, free_ts 35228294441
[ 1231.688242][   T22]  get_page_from_freelist+0xa72/0x2f80
[ 1231.693719][   T22]  __alloc_pages+0x1b2/0x500
[ 1231.698328][   T22]  alloc_pages+0x1a7/0x300
[ 1231.702747][   T22]  new_slab+0x319/0x490
[ 1231.706901][   T22]  ___slab_alloc+0x921/0xfe0
[ 1231.711477][   T22]  __slab_alloc.constprop.0+0x4d/0xa0
[ 1231.716836][   T22]  kmem_cache_alloc+0x365/0x390
[ 1231.721678][   T22]  getname_flags.part.0+0x50/0x4f0
[ 1231.726782][   T22]  getname_flags+0x9a/0xe0
[ 1231.731185][   T22]  user_path_at_empty+0x2b/0x90
[ 1231.736024][   T22]  vfs_statx+0x142/0x390
[ 1231.740246][   T22]  __do_sys_newlstat+0x91/0x110
[ 1231.745088][   T22]  do_syscall_64+0x35/0xb0
[ 1231.749552][   T22]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1231.755464][   T22] page last free stack trace:
[ 1231.760112][   T22]  free_pcp_prepare+0x2c5/0x780
[ 1231.764947][   T22]  free_unref_page+0x19/0x690
[ 1231.769617][   T22]  qlist_free_all+0x5a/0xc0
[ 1231.774123][   T22]  kasan_quarantine_reduce+0x180/0x200
[ 1231.779586][   T22]  __kasan_slab_alloc+0x95/0xb0
[ 1231.784431][   T22]  __kmalloc+0x1e7/0x320
[ 1231.788666][   T22]  tomoyo_realpath_from_path+0xc3/0x620
[ 1231.794253][   T22]  tomoyo_path_perm+0x21b/0x400
[ 1231.799146][   T22]  security_inode_getattr+0xcf/0x140
[ 1231.804427][   T22]  vfs_statx+0x164/0x390
[ 1231.808652][   T22]  __do_sys_newlstat+0x91/0x110
[ 1231.813484][   T22]  do_syscall_64+0x35/0xb0
[ 1231.817891][   T22]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1231.823770][   T22] 
[ 1231.826076][   T22] Memory state around the buggy address:
[ 1231.831683][   T22]  ffff88807bd6ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1231.839724][   T22]  ffff88807bd6ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1231.847762][   T22] >ffff88807bd70000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1231.855886][   T22]                                ^
[ 1231.860973][   T22]  ffff88807bd70080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1231.869012][   T22]  ffff88807bd70100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1231.877051][   T22] ==================================================================
[ 1231.885089][   T22] Disabling lock debugging due to kernel taint
[ 1231.893891][   T22] Kernel panic - not syncing: panic_on_warn set ...
[ 1231.900485][   T22] CPU: 0 PID: 22 Comm: kdevtmpfs Tainted: G    B             5.14.0-syzkaller #0
[ 1231.909598][   T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1231.919643][   T22] Call Trace:
[ 1231.922915][   T22]  dump_stack_lvl+0xcd/0x134
[ 1231.927503][   T22]  panic+0x2b0/0x6dd
[ 1231.931418][   T22]  ? __warn_printk+0xf3/0xf3
[ 1231.936013][   T22]  ? preempt_schedule_common+0x59/0xc0
[ 1231.941478][   T22]  ? __d_alloc+0x19a/0x950
[ 1231.945885][   T22]  ? preempt_schedule_thunk+0x16/0x18
[ 1231.951255][   T22]  ? trace_hardirqs_on+0x38/0x1c0
[ 1231.956325][   T22]  ? trace_hardirqs_on+0x51/0x1c0
[ 1231.961346][   T22]  ? __d_alloc+0x19a/0x950
[ 1231.965755][   T22]  ? __d_alloc+0x19a/0x950
[ 1231.970164][   T22]  end_report.cold+0x63/0x6f
[ 1231.974752][   T22]  kasan_report.cold+0x71/0xdf
[ 1231.979506][   T22]  ? __d_alloc+0x19a/0x950
[ 1231.983913][   T22]  kasan_check_range+0x13d/0x180
[ 1231.988843][   T22]  memcpy+0x20/0x60
[ 1231.992645][   T22]  __d_alloc+0x19a/0x950
[ 1231.996881][   T22]  d_alloc+0x4a/0x230
[ 1232.000856][   T22]  __lookup_hash+0xc8/0x180
[ 1232.005353][   T22]  kern_path_locked+0x17e/0x320
[ 1232.010197][   T22]  ? filename_lookup+0x80/0x80
[ 1232.014958][   T22]  handle_remove+0xa2/0x5fe
[ 1232.019458][   T22]  ? cacheinfo_cpu_online.cold+0x3e/0x3e
[ 1232.025089][   T22]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1232.031069][   T22]  ? finish_task_switch.isra.0+0x232/0xa50
[ 1232.036879][   T22]  ? find_held_lock+0x2d/0x110
[ 1232.041636][   T22]  ? devtmpfsd+0xaa/0x2a3
[ 1232.045962][   T22]  ? lock_downgrade+0x6e0/0x6e0
[ 1232.050802][   T22]  ? do_raw_spin_lock+0x120/0x2b0
[ 1232.055818][   T22]  ? rwlock_bug.part.0+0x90/0x90
[ 1232.060748][   T22]  devtmpfsd+0x1b9/0x2a3
[ 1232.064984][   T22]  ? dmar_validate_one_drhd+0x24d/0x24d
[ 1232.070524][   T22]  kthread+0x3e5/0x4d0
[ 1232.074586][   T22]  ? set_kthread_struct+0x130/0x130
[ 1232.079780][   T22]  ret_from_fork+0x1f/0x30
[ 1232.084462][   T22] Kernel Offset: disabled
[ 1232.088770][   T22] Rebooting in 86400 seconds..