[   44.175570][  T165] device veth0_macvtap left promiscuous mode
[   44.182519][  T165] device veth1_vlan left promiscuous mode
[   44.188592][  T165] device veth0_vlan left promiscuous mode
[   47.412451][  T165] team0 (unregistering): Port device team_slave_1 removed
[   47.425200][  T165] team0 (unregistering): Port device team_slave_0 removed
[   47.439153][  T165] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   47.452549][  T165] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   47.495793][  T165] bond0 (unregistering): Released all slaves
[   49.194747][ T5425] can: request_module (can-proto-0) failed.
[   49.212444][ T5425] can: request_module (can-proto-0) failed.
Warning: Permanently added '10.128.1.55' (ECDSA) to the list of known hosts.
[   71.100996][   T19] cfg80211: failed to load regulatory.db
[   71.902125][ T6675] ==================================================================
[   71.910185][ T6675] BUG: KASAN: use-after-free in __lock_acquire+0x3f13/0x57d0
[   71.917532][ T6675] Read of size 8 at addr ffff8880103528a8 by task syz-executor320/6675
[   71.925750][ T6675] 
[   71.928063][ T6675] CPU: 0 PID: 6675 Comm: syz-executor320 Not tainted 5.11.0-syzkaller #0
[   71.936458][ T6675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   71.946484][ T6675] Call Trace:
[   71.949738][ T6675]  dump_stack+0x9a/0xcc
[   71.953874][ T6675]  ? __lock_acquire+0x3f13/0x57d0
[   71.958900][ T6675]  print_address_description.constprop.0.cold+0x5b/0x2f8
[   71.965911][ T6675]  ? __lock_acquire+0x3f13/0x57d0
[   71.970937][ T6675]  ? __lock_acquire+0x3f13/0x57d0
[   71.975950][ T6675]  kasan_report.cold+0x79/0xd5
[   71.980688][ T6675]  ? __lock_acquire+0x3f13/0x57d0
[   71.985695][ T6675]  __lock_acquire+0x3f13/0x57d0
[   71.990518][ T6675]  ? __lock_acquire+0xbfc/0x57d0
[   71.995429][ T6675]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   72.001388][ T6675]  lock_acquire+0x1a8/0x720
[   72.005867][ T6675]  ? post_one_notification.isra.0+0x4f/0x790
[   72.011819][ T6675]  ? lock_release+0x710/0x710
[   72.016491][ T6675]  ? lock_acquire+0x1a8/0x720
[   72.021156][ T6675]  ? _raw_spin_lock_irq+0x41/0x50
[   72.026149][ T6675]  _raw_spin_lock_irq+0x32/0x50
[   72.030980][ T6675]  ? post_one_notification.isra.0+0x4f/0x790
[   72.036934][ T6675]  post_one_notification.isra.0+0x4f/0x790
[   72.043151][ T6675]  __post_watch_notification+0x441/0x7b0
[   72.048760][ T6675]  ? user_update+0x1cd/0x2b0
[   72.053318][ T6675]  key_create_or_update+0xa99/0xc00
[   72.058582][ T6675]  ? key_alloc+0x1040/0x1040
[   72.063146][ T6675]  ? join_session_keyring+0x2b0/0x2b0
[   72.068488][ T6675]  ? find_held_lock+0x2d/0x110
[   72.073226][ T6675]  __do_sys_add_key+0x156/0x300
[   72.078075][ T6675]  ? __do_sys_request_key+0x270/0x270
[   72.083420][ T6675]  ? lockdep_hardirqs_on_prepare+0x17b/0x400
[   72.089369][ T6675]  ? syscall_enter_from_user_mode+0x27/0x70
[   72.095228][ T6675]  do_syscall_64+0x2d/0x70
[   72.099619][ T6675]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   72.105487][ T6675] RIP: 0033:0x7f3ef6189a79
[   72.109958][ T6675] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   72.129619][ T6675] RSP: 002b:00007f3ef613b2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[   72.138002][ T6675] RAX: ffffffffffffffda RBX: 00007f3ef6211428 RCX: 00007f3ef6189a79
[   72.146027][ T6675] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040
[   72.153967][ T6675] RBP: 0000000000000000 R08: 00000000fffffffc R09: 0000000000000000
[   72.161909][ T6675] R10: 0000000000000048 R11: 0000000000000246 R12: 00007f3ef6211420
[   72.169851][ T6675] R13: 00007f3ef621142c R14: 00007f3ef61df064 R15: 3a74707972637366
[   72.177812][ T6675] 
[   72.180109][ T6675] Allocated by task 6672:
[   72.184421][ T6675]  kasan_save_stack+0x1b/0x40
[   72.189072][ T6675]  ____kasan_kmalloc.constprop.0+0x82/0xa0
[   72.194892][ T6675]  alloc_pipe_info+0xd5/0x490
[   72.199537][ T6675]  create_pipe_files+0x85/0x890
[   72.204458][ T6675]  do_pipe2+0x78/0x150
[   72.208584][ T6675]  __x64_sys_pipe2+0x4b/0x70
[   72.213153][ T6675]  do_syscall_64+0x2d/0x70
[   72.217549][ T6675]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   72.223440][ T6675] 
[   72.225735][ T6675] Freed by task 6673:
[   72.229688][ T6675]  kasan_save_stack+0x1b/0x40
[   72.234334][ T6675]  kasan_set_track+0x1c/0x30
[   72.238897][ T6675]  kasan_set_free_info+0x20/0x30
[   72.243817][ T6675]  ____kasan_slab_free+0xe1/0x110
[   72.248893][ T6675]  slab_free_freelist_hook+0x5d/0x150
[   72.254230][ T6675]  kfree+0xdb/0x3b0
[   72.258002][ T6675]  pipe_release+0x220/0x270
[   72.262473][ T6675]  __fput+0x204/0x870
[   72.266423][ T6675]  task_work_run+0xc0/0x160
[   72.270907][ T6675]  exit_to_user_mode_prepare+0x249/0x250
[   72.276521][ T6675]  syscall_exit_to_user_mode+0x19/0x60
[   72.281947][ T6675]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   72.287805][ T6675] 
[   72.290099][ T6675] The buggy address belongs to the object at ffff888010352800
[   72.290099][ T6675]  which belongs to the cache kmalloc-512 of size 512
[   72.304227][ T6675] The buggy address is located 168 bytes inside of
[   72.304227][ T6675]  512-byte region [ffff888010352800, ffff888010352a00)
[   72.317661][ T6675] The buggy address belongs to the page:
[   72.323263][ T6675] page:00000000a4e0b759 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10350
[   72.333378][ T6675] head:00000000a4e0b759 order:2 compound_mapcount:0 compound_pincount:0
[   72.341669][ T6675] flags: 0xfff00000010200(slab|head)
[   72.346952][ T6675] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff88800f441280
[   72.355622][ T6675] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   72.364177][ T6675] page dumped because: kasan: bad access detected
[   72.370578][ T6675] page_owner tracks the page as allocated
[   72.376270][ T6675] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4808, ts 10534307860
[   72.393909][ T6675]  post_alloc_hook+0x144/0x1c0
[   72.398655][ T6675]  get_page_from_freelist+0x1c6e/0x3f80
[   72.404177][ T6675]  __alloc_pages_nodemask+0x2d6/0x730
[   72.409528][ T6675]  allocate_slab+0x2b6/0x4a0
[   72.414094][ T6675]  ___slab_alloc+0x476/0x790
[   72.418907][ T6675]  __slab_alloc.constprop.0+0x95/0xe0
[   72.424257][ T6675]  kmem_cache_alloc_trace+0x2cc/0x360
[   72.429599][ T6675]  ep_alloc.constprop.0+0xcc/0x310
[   72.434681][ T6675]  do_epoll_create+0x7d/0x160
[   72.439463][ T6675]  __x64_sys_epoll_create1+0x28/0x40
[   72.444871][ T6675]  do_syscall_64+0x2d/0x70
[   72.449263][ T6675]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   72.455134][ T6675] page last free stack trace:
[   72.459934][ T6675]  __free_pages_ok+0x4da/0xed0
[   72.464675][ T6675]  unfreeze_partials+0x16c/0x1b0
[   72.469581][ T6675]  put_cpu_partial+0x129/0x200
[   72.474323][ T6675]  qlist_free_all+0x5a/0xc0
[   72.478804][ T6675]  quarantine_reduce+0x180/0x200
[   72.483728][ T6675]  ____kasan_kmalloc.constprop.0+0x98/0xa0
[   72.489499][ T6675]  tomoyo_realpath_from_path+0xb0/0x6a0
[   72.495015][ T6675]  tomoyo_check_open_permission+0x21c/0x2c0
[   72.500882][ T6675]  security_file_open+0x43/0x400
[   72.505785][ T6675]  do_dentry_open+0x30d/0xfb0
[   72.510428][ T6675]  path_openat+0x129c/0x2190
[   72.514985][ T6675]  do_filp_open+0x16d/0x390
[   72.519455][ T6675]  do_sys_openat2+0x11e/0x360
[   72.524116][ T6675]  __x64_sys_openat+0x11b/0x1d0
[   72.529024][ T6675]  do_syscall_64+0x2d/0x70
[   72.533434][ T6675]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   72.539299][ T6675] 
[   72.541596][ T6675] Memory state around the buggy address:
[   72.547198][ T6675]  ffff888010352780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   72.555313][ T6675]  ffff888010352800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   72.563361][ T6675] >ffff888010352880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   72.571397][ T6675]                                   ^
[   72.576735][ T6675]  ffff888010352900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   72.584766][ T6675]  ffff888010352980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   72.592973][ T6675] ==================================================================
[   72.601000][ T6675] Disabling lock debugging due to kernel taint
[   72.607121][ T6675] Kernel panic - not syncing: panic_on_warn set ...
[   72.613677][ T6675] CPU: 0 PID: 6675 Comm: syz-executor320 Tainted: G    B             5.11.0-syzkaller #0
[   72.623474][ T6675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   72.633497][ T6675] Call Trace:
[   72.636753][ T6675]  dump_stack+0x9a/0xcc
[   72.640893][ T6675]  panic+0x256/0x4eb
[   72.644756][ T6675]  ? __warn_printk+0xee/0xee
[   72.649322][ T6675]  ? __lock_acquire+0x3f13/0x57d0
[   72.654313][ T6675]  ? __lock_acquire+0x3f13/0x57d0
[   72.659421][ T6675]  end_report+0x58/0x5e
[   72.663561][ T6675]  kasan_report.cold+0x67/0xd5
[   72.668377][ T6675]  ? __lock_acquire+0x3f13/0x57d0
[   72.673388][ T6675]  __lock_acquire+0x3f13/0x57d0
[   72.678219][ T6675]  ? __lock_acquire+0xbfc/0x57d0
[   72.683213][ T6675]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   72.689162][ T6675]  lock_acquire+0x1a8/0x720
[   72.693646][ T6675]  ? post_one_notification.isra.0+0x4f/0x790
[   72.699592][ T6675]  ? lock_release+0x710/0x710
[   72.704234][ T6675]  ? lock_acquire+0x1a8/0x720
[   72.708876][ T6675]  ? _raw_spin_lock_irq+0x41/0x50
[   72.713892][ T6675]  _raw_spin_lock_irq+0x32/0x50
[   72.718709][ T6675]  ? post_one_notification.isra.0+0x4f/0x790
[   72.724668][ T6675]  post_one_notification.isra.0+0x4f/0x790
[   72.730453][ T6675]  __post_watch_notification+0x441/0x7b0
[   72.736052][ T6675]  ? user_update+0x1cd/0x2b0
[   72.740631][ T6675]  key_create_or_update+0xa99/0xc00
[   72.745814][ T6675]  ? key_alloc+0x1040/0x1040
[   72.750369][ T6675]  ? join_session_keyring+0x2b0/0x2b0
[   72.755706][ T6675]  ? find_held_lock+0x2d/0x110
[   72.760524][ T6675]  __do_sys_add_key+0x156/0x300
[   72.765341][ T6675]  ? __do_sys_request_key+0x270/0x270
[   72.770686][ T6675]  ? lockdep_hardirqs_on_prepare+0x17b/0x400
[   72.776661][ T6675]  ? syscall_enter_from_user_mode+0x27/0x70
[   72.782816][ T6675]  do_syscall_64+0x2d/0x70
[   72.787342][ T6675]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[   72.793299][ T6675] RIP: 0033:0x7f3ef6189a79
[   72.797686][ T6675] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   72.817436][ T6675] RSP: 002b:00007f3ef613b2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[   72.825826][ T6675] RAX: ffffffffffffffda RBX: 00007f3ef6211428 RCX: 00007f3ef6189a79
[   72.833794][ T6675] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040
[   72.841821][ T6675] RBP: 0000000000000000 R08: 00000000fffffffc R09: 0000000000000000
[   72.849766][ T6675] R10: 0000000000000048 R11: 0000000000000246 R12: 00007f3ef6211420
[   72.857803][ T6675] R13: 00007f3ef621142c R14: 00007f3ef61df064 R15: 3a74707972637366
[   72.865958][ T6675] Kernel Offset: disabled
[   72.870266][ T6675] Rebooting in 86400 seconds..