Warning: Permanently added '10.128.1.109' (ECDSA) to the list of known hosts.
2021/09/08 03:50:12 parsed 1 programs
2021/09/08 03:50:13 executed programs: 0
syzkaller login: [ 1074.558578][ T8460] chnl_net:caif_netlink_parms(): no params data found
[ 1074.623020][ T8460] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1074.631200][ T8460] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1074.640105][ T8460] device bridge_slave_0 entered promiscuous mode
[ 1074.650738][ T8460] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1074.658384][ T8460] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1074.666298][ T8460] device bridge_slave_1 entered promiscuous mode
[ 1074.694550][ T8460] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1074.705668][ T8460] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1074.737042][ T8460] team0: Port device team_slave_0 added
[ 1074.744604][ T8460] team0: Port device team_slave_1 added
[ 1074.772149][ T8460] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1074.779256][ T8460] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1074.805505][ T8460] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1074.818291][ T8460] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1074.825743][ T8460] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1074.851751][ T8460] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1074.888358][ T8460] device hsr_slave_0 entered promiscuous mode
[ 1074.896272][ T8460] device hsr_slave_1 entered promiscuous mode
[ 1075.018252][ T8460] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1075.028412][ T8460] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1075.040377][ T8460] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1075.050588][ T8460] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1075.074752][ T8460] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1075.081906][ T8460] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1075.089438][ T8460] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1075.096547][ T8460] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1075.137802][ T8460] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1075.151998][ T4863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1075.162479][ T4863] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1075.172420][ T4863] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1075.181039][ T4863] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 1075.193608][ T8460] 8021q: adding VLAN 0 to HW filter on device team0
[ 1075.204790][ T8794] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1075.213204][ T8794] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1075.220304][ T8794] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1075.232583][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1075.240972][ T8792] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1075.248342][ T8792] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1075.268555][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1075.277179][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1075.295655][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1075.304293][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1075.313660][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1075.326422][ T8460] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1075.343697][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1075.351172][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1075.364781][ T8460] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1075.386131][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1075.402484][ T8794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1075.411539][ T8794] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1075.419723][ T8794] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1075.431580][ T8460] device veth0_vlan entered promiscuous mode
[ 1075.443614][ T8460] device veth1_vlan entered promiscuous mode
[ 1075.464263][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1075.472281][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1075.481152][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1075.492414][ T8460] device veth0_macvtap entered promiscuous mode
[ 1075.501893][ T8460] device veth1_macvtap entered promiscuous mode
[ 1075.510172][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1075.528586][ T8460] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1075.536401][ T8794] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1075.545396][ T8794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1075.557781][ T8460] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1075.565279][ T8794] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1075.573734][ T8794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1075.586612][ T8460] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.595688][ T8460] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.604351][ T8460] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.613800][ T8460] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.709782][  T539] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1075.723034][  T539] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1075.750055][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1075.765998][  T539] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1075.773973][  T539] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1075.785676][ T8793] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1076.213309][  T539] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1078.531668][  T539] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1080.730616][ T8828] chnl_net:caif_netlink_parms(): no params data found
[ 1080.866568][  T539] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1080.913879][ T8828] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1080.922099][ T8828] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1080.930725][ T8828] device bridge_slave_0 entered promiscuous mode
[ 1080.942944][ T8828] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1080.950322][ T8828] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1080.958874][ T8828] device bridge_slave_1 entered promiscuous mode
[ 1081.068641][  T539] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1081.097593][ T8828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1081.108911][ T8828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1081.145948][ T8828] team0: Port device team_slave_0 added
[ 1081.153392][ T8828] team0: Port device team_slave_1 added
[ 1081.195997][ T8828] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1081.202956][ T8828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1081.229864][ T8828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1081.245100][ T8828] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1081.252048][ T8828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1081.278504][ T8828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1081.399844][ T8828] device hsr_slave_0 entered promiscuous mode
[ 1081.409831][ T8828] device hsr_slave_1 entered promiscuous mode
[ 1081.417092][ T8828] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1081.425409][ T8828] Cannot create hsr debugfs directory
[ 1082.280789][ T8828] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1082.293370][ T8794] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1082.302414][ T8794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1082.388236][ T8828] 8021q: adding VLAN 0 to HW filter on device team0
[ 1082.398106][ T8794] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1082.407958][ T8794] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1082.417542][ T8794] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1082.424657][ T8794] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1082.433045][ T8624] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1082.447684][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1082.456143][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1082.466118][ T8792] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1082.473174][ T8792] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1082.574191][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1082.582600][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1082.592081][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1082.601918][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1082.610807][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1082.619384][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1082.627945][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1082.636350][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1082.646756][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1082.654822][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1082.662993][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1082.671463][    T7] Bluetooth: hci0: command 0x0409 tx timeout
[ 1082.674922][ T8828] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1082.773420][ T8624] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1082.781004][ T8624] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1082.793617][ T8828] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1082.944368][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1082.953066][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1083.046140][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1083.056516][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1083.066987][ T8828] device veth0_vlan entered promiscuous mode
[ 1083.076717][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1083.085625][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1083.171699][ T8828] device veth1_vlan entered promiscuous mode
[ 1083.197735][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1083.207176][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1083.307485][ T8828] device veth0_macvtap entered promiscuous mode
[ 1083.319307][ T8828] device veth1_macvtap entered promiscuous mode
[ 1083.337280][ T8828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0
[ 1083.349873][ T8828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1083.361534][ T8828] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1083.371540][ T8624] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1083.380205][ T8624] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1083.389521][ T8624] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1083.399041][ T8624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1083.415824][ T8828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1
[ 1083.427698][ T8828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1083.442040][ T8828] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1083.530365][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1083.538905][ T8792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1083.621494][ T8826] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1083.632639][ T8826] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1083.655906][  T539] device hsr_slave_0 left promiscuous mode
[ 1083.663044][  T539] device hsr_slave_1 left promiscuous mode
[ 1083.679414][  T539] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1083.687584][  T539] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1083.697250][  T539] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1083.705190][  T539] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1083.713539][  T539] device bridge_slave_1 left promiscuous mode
[ 1083.720770][  T539] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1083.733503][  T539] device bridge_slave_0 left promiscuous mode
[ 1083.740955][  T539] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1083.757121][  T539] device veth1_macvtap left promiscuous mode
[ 1083.763273][  T539] device veth0_macvtap left promiscuous mode
[ 1083.769751][  T539] device veth1_vlan left promiscuous mode
[ 1083.776400][  T539] device veth0_vlan left promiscuous mode
[ 1084.684385][ T3160] Bluetooth: hci0: command 0x041b tx timeout
[ 1086.764407][    T7] Bluetooth: hci0: command 0x040f tx timeout
[ 1087.330531][  T539] team0 (unregistering): Port device team_slave_1 removed
[ 1087.348266][  T539] team0 (unregistering): Port device team_slave_0 removed
[ 1087.360902][  T539] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1087.374501][  T539] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1087.425397][  T539] bond0 (unregistering): Released all slaves
[ 1087.477763][ T8793] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1087.521757][ T9190] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1087.542433][ T9190] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1087.557728][ T8434] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1090.399639][ T9227] chnl_net:caif_netlink_parms(): no params data found
[ 1090.428982][  T539] device hsr_slave_0 left promiscuous mode
[ 1090.437458][  T539] device hsr_slave_1 left promiscuous mode
[ 1090.447015][  T539] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1090.455361][  T539] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1090.464280][  T539] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1090.471666][  T539] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1090.480702][  T539] device bridge_slave_1 left promiscuous mode
[ 1090.487598][  T539] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1090.496530][  T539] device bridge_slave_0 left promiscuous mode
[ 1090.502736][  T539] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1090.514589][  T539] device veth1_macvtap left promiscuous mode
[ 1090.520590][  T539] device veth0_macvtap left promiscuous mode
[ 1090.527258][  T539] device veth1_vlan left promiscuous mode
[ 1090.533037][  T539] device veth0_vlan left promiscuous mode
[ 1092.123099][ T4863] Bluetooth: hci0: command 0x0409 tx timeout
[ 1094.016700][   T22] ==================================================================
[ 1094.025034][   T22] BUG: KASAN: use-after-free in __d_alloc+0x19a/0x950
[ 1094.031855][   T22] Read of size 5 at addr ffff888076b93320 by task kdevtmpfs/22
[ 1094.039388][   T22] 
[ 1094.041696][   T22] CPU: 1 PID: 22 Comm: kdevtmpfs Not tainted 5.14.0-syzkaller #0
[ 1094.049399][   T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1094.059447][   T22] Call Trace:
[ 1094.062718][   T22]  dump_stack_lvl+0xcd/0x134
[ 1094.067351][   T22]  print_address_description.constprop.0.cold+0x6c/0x309
[ 1094.074387][   T22]  ? __d_alloc+0x19a/0x950
[ 1094.078800][   T22]  ? __d_alloc+0x19a/0x950
[ 1094.083211][   T22]  kasan_report.cold+0x83/0xdf
[ 1094.087973][   T22]  ? __d_alloc+0x19a/0x950
[ 1094.092387][   T22]  kasan_check_range+0x13d/0x180
[ 1094.097371][   T22]  memcpy+0x20/0x60
[ 1094.101177][   T22]  __d_alloc+0x19a/0x950
[ 1094.105427][   T22]  d_alloc+0x4a/0x230
[ 1094.109410][   T22]  __lookup_hash+0xc8/0x180
[ 1094.113913][   T22]  kern_path_locked+0x17e/0x320
[ 1094.118765][   T22]  ? filename_lookup+0x80/0x80
[ 1094.123548][   T22]  handle_remove+0xa2/0x5fe
[ 1094.128094][   T22]  ? cacheinfo_cpu_online.cold+0x3e/0x3e
[ 1094.133744][   T22]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1094.139765][   T22]  ? finish_task_switch.isra.0+0x232/0xa50
[ 1094.145604][   T22]  ? find_held_lock+0x2d/0x110
[ 1094.150382][   T22]  ? devtmpfsd+0xaa/0x2a3
[ 1094.154737][   T22]  ? lock_downgrade+0x6e0/0x6e0
[ 1094.159586][   T22]  ? do_raw_spin_lock+0x120/0x2b0
[ 1094.164609][   T22]  ? rwlock_bug.part.0+0x90/0x90
[ 1094.169551][   T22]  devtmpfsd+0x1b9/0x2a3
[ 1094.173798][   T22]  ? dmar_validate_one_drhd+0x24d/0x24d
[ 1094.179346][   T22]  kthread+0x3e5/0x4d0
[ 1094.183476][   T22]  ? set_kthread_struct+0x130/0x130
[ 1094.188851][   T22]  ret_from_fork+0x1f/0x30
[ 1094.193299][   T22] 
[ 1094.195642][   T22] Allocated by task 22:
[ 1094.199780][   T22]  kasan_save_stack+0x1b/0x40
[ 1094.204486][   T22]  __kasan_slab_alloc+0x83/0xb0
[ 1094.209330][   T22]  kmem_cache_alloc+0x285/0x4a0
[ 1094.214186][   T22]  getname_kernel+0x4e/0x370
[ 1094.218879][   T22]  kern_path_locked+0x71/0x320
[ 1094.223816][   T22]  handle_remove+0xa2/0x5fe
[ 1094.228321][   T22]  devtmpfsd+0x1b9/0x2a3
[ 1094.232576][   T22]  kthread+0x3e5/0x4d0
[ 1094.236730][   T22]  ret_from_fork+0x1f/0x30
[ 1094.241145][   T22] 
[ 1094.243457][   T22] Freed by task 22:
[ 1094.247250][   T22]  kasan_save_stack+0x1b/0x40
[ 1094.251924][   T22]  kasan_set_track+0x1c/0x30
[ 1094.256510][   T22]  kasan_set_free_info+0x20/0x30
[ 1094.261441][   T22]  __kasan_slab_free+0xff/0x130
[ 1094.266285][   T22]  slab_free_freelist_hook+0xe3/0x250
[ 1094.271660][   T22]  kmem_cache_free+0x8a/0x5b0
[ 1094.276358][   T22]  putname.part.0+0xe1/0x120
[ 1094.280945][   T22]  kern_path_locked+0xc2/0x320
[ 1094.285729][   T22]  handle_remove+0xa2/0x5fe
[ 1094.290232][   T22]  devtmpfsd+0x1b9/0x2a3
[ 1094.294492][   T22]  kthread+0x3e5/0x4d0
[ 1094.298557][   T22]  ret_from_fork+0x1f/0x30
[ 1094.302969][   T22] 
[ 1094.305281][   T22] The buggy address belongs to the object at ffff888076b93300
[ 1094.305281][   T22]  which belongs to the cache names_cache of size 4096
[ 1094.319409][   T22] The buggy address is located 32 bytes inside of
[ 1094.319409][   T22]  4096-byte region [ffff888076b93300, ffff888076b94300)
[ 1094.332672][   T22] The buggy address belongs to the page:
[ 1094.338286][   T22] page:ffffea0001dae400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x76b90
[ 1094.348426][   T22] head:ffffea0001dae400 order:3 compound_mapcount:0 compound_pincount:0
[ 1094.356741][   T22] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1094.364722][   T22] raw: 00fff00000010200 ffffea0001dade00 0000000200000002 ffff888010dc63c0
[ 1094.373299][   T22] raw: 0000000000000000 0000000080070007 00000001ffffffff 0000000000000000
[ 1094.381866][   T22] page dumped because: kasan: bad access detected
[ 1094.388310][   T22] page_owner tracks the page as allocated
[ 1094.394007][   T22] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, ts 67203165017, free_ts 66682811625
[ 1094.412840][   T22]  get_page_from_freelist+0xa72/0x2f80
[ 1094.418321][   T22]  __alloc_pages+0x1b2/0x500
[ 1094.422904][   T22]  alloc_pages+0x1a7/0x300
[ 1094.427340][   T22]  allocate_slab+0x32e/0x4b0
[ 1094.431924][   T22]  ___slab_alloc+0x473/0x7b0
[ 1094.436510][   T22]  __slab_alloc.constprop.0+0xa7/0xf0
[ 1094.441880][   T22]  kmem_cache_alloc+0x3e1/0x4a0
[ 1094.446726][   T22]  getname_flags.part.0+0x50/0x4f0
[ 1094.451838][   T22]  getname+0x8e/0xd0
[ 1094.455727][   T22]  do_sys_openat2+0xf5/0x4d0
[ 1094.460358][   T22]  __x64_sys_open+0x119/0x1c0
[ 1094.465026][   T22]  do_syscall_64+0x35/0xb0
[ 1094.469476][   T22]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1094.475389][   T22] page last free stack trace:
[ 1094.480050][   T22]  free_pcp_prepare+0x2c5/0x780
[ 1094.484893][   T22]  free_unref_page+0x19/0x690
[ 1094.489564][   T22]  unfreeze_partials+0x16c/0x1b0
[ 1094.494495][   T22]  put_cpu_partial+0x13d/0x230
[ 1094.499258][   T22]  qlist_free_all+0x5a/0xc0
[ 1094.503751][   T22]  kasan_quarantine_reduce+0x180/0x200
[ 1094.509204][   T22]  __kasan_slab_alloc+0x95/0xb0
[ 1094.514047][   T22]  kmem_cache_alloc+0x285/0x4a0
[ 1094.518891][   T22]  getname_flags.part.0+0x50/0x4f0
[ 1094.524000][   T22]  getname+0x8e/0xd0
[ 1094.527899][   T22]  do_sys_openat2+0xf5/0x4d0
[ 1094.532481][   T22]  __x64_sys_open+0x119/0x1c0
[ 1094.537157][   T22]  do_syscall_64+0x35/0xb0
[ 1094.541570][   T22]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1094.547460][   T22] 
[ 1094.549771][   T22] Memory state around the buggy address:
[ 1094.555385][   T22]  ffff888076b93200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1094.563433][   T22]  ffff888076b93280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1094.571481][   T22] >ffff888076b93300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1094.579525][   T22]                                ^
[ 1094.584616][   T22]  ffff888076b93380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1094.592663][   T22]  ffff888076b93400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1094.600735][   T22] ==================================================================
[ 1094.608778][   T22] Disabling lock debugging due to kernel taint
[ 1094.617629][   T22] Kernel panic - not syncing: panic_on_warn set ...
[ 1094.622798][ T4863] Bluetooth: hci0: command 0x041b tx timeout
[ 1094.624212][   T22] CPU: 0 PID: 22 Comm: kdevtmpfs Tainted: G    B             5.14.0-syzkaller #0
[ 1094.639261][   T22] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1094.649317][   T22] Call Trace:
[ 1094.652595][   T22]  dump_stack_lvl+0xcd/0x134
[ 1094.657200][   T22]  panic+0x2b0/0x6dd
[ 1094.661095][   T22]  ? __warn_printk+0xf3/0xf3
[ 1094.665664][   T22]  ? preempt_schedule_common+0x59/0xc0
[ 1094.671108][   T22]  ? __d_alloc+0x19a/0x950
[ 1094.675505][   T22]  ? preempt_schedule_thunk+0x16/0x18
[ 1094.680857][   T22]  ? trace_hardirqs_on+0x38/0x1c0
[ 1094.685904][   T22]  ? trace_hardirqs_on+0x51/0x1c0
[ 1094.690910][   T22]  ? __d_alloc+0x19a/0x950
[ 1094.695306][   T22]  ? __d_alloc+0x19a/0x950
[ 1094.699708][   T22]  end_report.cold+0x63/0x6f
[ 1094.704278][   T22]  kasan_report.cold+0x71/0xdf
[ 1094.709065][   T22]  ? __d_alloc+0x19a/0x950
[ 1094.713461][   T22]  kasan_check_range+0x13d/0x180
[ 1094.718377][   T22]  memcpy+0x20/0x60
[ 1094.722165][   T22]  __d_alloc+0x19a/0x950
[ 1094.726387][   T22]  d_alloc+0x4a/0x230
[ 1094.730347][   T22]  __lookup_hash+0xc8/0x180
[ 1094.734831][   T22]  kern_path_locked+0x17e/0x320
[ 1094.739662][   T22]  ? filename_lookup+0x80/0x80
[ 1094.744407][   T22]  handle_remove+0xa2/0x5fe
[ 1094.748891][   T22]  ? cacheinfo_cpu_online.cold+0x3e/0x3e
[ 1094.754504][   T22]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1094.760463][   T22]  ? finish_task_switch.isra.0+0x232/0xa50
[ 1094.766270][   T22]  ? find_held_lock+0x2d/0x110
[ 1094.771014][   T22]  ? devtmpfsd+0xaa/0x2a3
[ 1094.775341][   T22]  ? lock_downgrade+0x6e0/0x6e0
[ 1094.780178][   T22]  ? do_raw_spin_lock+0x120/0x2b0
[ 1094.785190][   T22]  ? rwlock_bug.part.0+0x90/0x90
[ 1094.790107][   T22]  devtmpfsd+0x1b9/0x2a3
[ 1094.794348][   T22]  ? dmar_validate_one_drhd+0x24d/0x24d
[ 1094.799872][   T22]  kthread+0x3e5/0x4d0
[ 1094.803921][   T22]  ? set_kthread_struct+0x130/0x130
[ 1094.809101][   T22]  ret_from_fork+0x1f/0x30
[ 1094.813561][   T22] Kernel Offset: disabled
[ 1094.817881][   T22] Rebooting in 86400 seconds..