syzkaller login: [   86.666444][ T2046] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[   86.687616][ T2046] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[   86.707814][ T2046] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
Warning: Permanently added '[localhost]:40556' (ECDSA) to the list of known hosts.
1970/01/01 00:01:40 fuzzer started
1970/01/01 00:01:43 connecting to host at localhost:37151
1970/01/01 00:01:43 checking machine...
1970/01/01 00:01:43 checking revisions...
1970/01/01 00:01:44 testing simple program...
executing program
executing program
[  110.873286][ T2208] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.933753][ T2208] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
executing program
[  113.469654][ T2208] device hsr_slave_0 entered promiscuous mode
[  113.522954][ T2208] device hsr_slave_1 entered promiscuous mode
[  115.402562][ T2208] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  115.501221][ T2208] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  115.592106][ T2208] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  115.674444][ T2208] netdevsim netdevsim0 netdevsim3: renamed from eth3
executing program
[  117.780352][ T2208] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.922142][ T2277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  117.935889][ T2277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  118.903956][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  118.933521][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
executing program
[  119.012567][ T2277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  119.026729][ T2277] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  119.110477][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  119.205233][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  119.411768][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  119.425073][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  119.491514][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  119.509996][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  119.571188][ T2208] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  119.836498][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  119.842816][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
executing program
[  121.955733][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  121.967262][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  123.080817][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  123.110528][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  123.150510][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  123.161873][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  123.196723][ T2208] device veth0_vlan entered promiscuous mode
[  123.345414][ T2208] device veth1_vlan entered promiscuous mode
[  123.763525][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  123.783551][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  123.873873][ T2208] device veth0_macvtap entered promiscuous mode
[  123.939702][ T2208] device veth1_macvtap entered promiscuous mode
[  124.096236][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  124.107180][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  124.186197][ T2525] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  124.205199][ T2525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  124.309496][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  124.327591][ T1812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  124.397041][ T2208] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.400067][ T2208] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.401192][ T2208] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.402322][ T2208] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
executing program
[  125.193472][ T2208] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
[  125.941538][    T8] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.105846][    T8] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
1970/01/01 00:02:05 building call list...
[  126.237916][    T8] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.411010][    T8] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
executing program
[  129.370114][    T8] device hsr_slave_0 left promiscuous mode
[  129.433092][    T8] device hsr_slave_1 left promiscuous mode
[  129.576208][    T8] device veth1_macvtap left promiscuous mode
[  129.577349][    T8] device veth0_macvtap left promiscuous mode
[  129.589657][    T8] device veth1_vlan left promiscuous mode
[  129.590808][    T8] device veth0_vlan left promiscuous mode
executing program
[  131.058910][   T22] ==================================================================
[  131.061813][   T22] BUG: KASAN: invalid-access in __entry_tramp_text_end+0xddc/0xe000
[  131.066976][   T22] Read at addr f4ff000002981060 by task kdevtmpfs/22
[  131.070496][   T22] Pointer tag: [f4], memory tag: [fe]
[  131.071272][   T22] 
[  131.071981][   T22] CPU: 0 PID: 22 Comm: kdevtmpfs Not tainted 5.14.0-syzkaller-10557-ga3fa7a101dcf #0
[  131.073158][   T22] Hardware name: linux,dummy-virt (DT)
[  131.074080][   T22] Call trace:
[  131.074599][   T22]  dump_backtrace+0x0/0x1ac
[  131.075361][   T22]  show_stack+0x18/0x24
[  131.076110][   T22]  dump_stack_lvl+0x68/0x84
[  131.077026][   T22]  print_address_description+0x7c/0x2b4
[  131.077943][   T22]  kasan_report+0x134/0x380
[  131.078850][   T22]  __do_kernel_fault+0x128/0x1bc
[  131.079571][   T22]  do_tag_check_fault+0x74/0x90
[  131.080287][   T22]  do_mem_abort+0x44/0xb4
[  131.080976][   T22]  el1_abort+0x40/0x60
[  131.081723][   T22]  el1h_64_sync_handler+0xb0/0xd0
[  131.082644][   T22]  el1h_64_sync+0x78/0x7c
[  131.083477][   T22]  __entry_tramp_text_end+0xddc/0xe000
[  131.084477][   T22]  d_lookup+0x44/0x70
[  131.085262][   T22]  lookup_dcache+0x24/0x84
[  131.086224][   T22]  __lookup_hash+0x24/0xd0
[  131.087026][   T22]  kern_path_locked+0x90/0x10c
[  131.087723][   T22]  handle_remove+0x38/0x284
[  131.088512][   T22]  devtmpfsd+0x8c/0xd0
[  131.089172][   T22]  kthread+0x150/0x15c
[  131.089814][   T22]  ret_from_fork+0x10/0x20
[  131.090686][   T22] 
[  131.091234][   T22] Allocated by task 22:
[  131.091914][   T22]  kasan_save_stack+0x28/0x60
[  131.092782][   T22]  __kasan_slab_alloc+0xb0/0x110
[  131.093588][   T22]  kmem_cache_alloc+0x194/0x2f4
[  131.094297][   T22]  getname_kernel+0x30/0x150
[  131.095084][   T22]  kern_path_locked+0x2c/0x10c
[  131.095775][   T22]  handle_remove+0x38/0x284
[  131.096491][   T22]  devtmpfsd+0x8c/0xd0
[  131.097240][   T22]  kthread+0x150/0x15c
[  131.099182][   T22]  ret_from_fork+0x10/0x20
[  131.099968][   T22] 
[  131.100467][   T22] Freed by task 22:
[  131.101164][   T22]  kasan_save_stack+0x28/0x60
[  131.102009][   T22]  kasan_set_track+0x28/0x3c
[  131.103554][   T22]  kasan_set_free_info+0x20/0x30
[  131.104295][   T22]  ____kasan_slab_free.constprop.0+0x178/0x1e0
[  131.105149][   T22]  __kasan_slab_free+0x10/0x1c
[  131.105848][   T22]  slab_free_freelist_hook+0xc4/0x20c
[  131.107680][   T22]  kmem_cache_free+0x9c/0x3d4
[  131.109937][   T22]  putname.part.0+0x68/0x7c
[  131.111929][   T22]  kern_path_locked+0x64/0x10c
[  131.112702][   T22]  handle_remove+0x38/0x284
[  131.113429][   T22]  devtmpfsd+0x8c/0xd0
[  131.114111][   T22]  kthread+0x150/0x15c
[  131.114783][   T22]  ret_from_fork+0x10/0x20
[  131.116445][   T22] 
[  131.117380][   T22] The buggy address belongs to the object at ffff000002981040
[  131.117380][   T22]  which belongs to the cache names_cache of size 4096
[  131.123034][   T22] The buggy address is located 32 bytes inside of
[  131.123034][   T22]  4096-byte region [ffff000002981040, ffff000002982040)
[  131.125587][   T22] The buggy address belongs to the page:
[  131.126547][   T22] page:000000003ce8e8e3 refcount:1 mapcount:0 mapping:0000000000000000 index:0xf8ff000002985140 pfn:0x42980
[  131.128038][   T22] head:000000003ce8e8e3 order:3 compound_mapcount:0 compound_pincount:0
[  131.129166][   T22] flags: 0x1ffc00000010200(slab|head|node=0|zone=0|lastcpupid=0x7ff|kasantag=0x0)
[  131.130867][   T22] raw: 01ffc00000010200 0000000000000000 dead000000000122 f4ff000002837700
[  131.131996][   T22] raw: f8ff000002985140 0000000080070002 00000001ffffffff 0000000000000000
[  131.133090][   T22] page dumped because: kasan: bad access detected
[  131.133908][   T22] 
[  131.134409][   T22] Memory state around the buggy address:
[  131.135337][   T22]  ffff000002980e00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  131.136342][   T22]  ffff000002980f00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  131.137481][   T22] >ffff000002981000: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  131.138538][   T22]                                      ^
[  131.139422][   T22]  ffff000002981100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  131.140331][   T22]  ffff000002981200: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  131.141321][   T22] ==================================================================
[  131.142234][   T22] Disabling lock debugging due to kernel taint
[  132.260869][    T8] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  132.392623][    T8] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  133.140215][    T8] bond0 (unregistering): Released all slaves
executing program
executing program
executing program
executing program
executing program
executing program
[  149.486274][ T2197] can: request_module (can-proto-0) failed.
[  149.779843][ T2197] can: request_module (can-proto-0) failed.
[  149.964938][ T2197] can: request_module (can-proto-0) failed.
executing program
executing program
executing program
[  159.843492][ T2046] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  159.854908][ T2046] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  159.870427][ T2046] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  159.876718][ T2046] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
executing program

VM DIAGNOSIS:
02:10:30  Registers:
info registers vcpu 0
 PC=ffff8000107804cc X00=0000000000000090 X01=0000000000000002
X02=ffff8000125e5018 X03=0000000000000018 X04=fcff000002b38880
X05=0000000000000020 X06=302e31333120205b X07=205b5d3637393636
X08=3932303030303066 X09=7962203036303138 X10=3138393230303030
X11=7420796220303630 X12=5b5d363739363630 X13=205d323254202020
X14=0000000000000000 X15=0000000000000020 X16=6478302b646e655f
X17=30306578302f6364 X18=00000000fffffffd X19=ffff800012459964
X20=ffff8000107804a4 X21=fcff000002b38880 X22=ffff800012459992
X23=0000000000000f01 X24=000000000000004a X25=ffff80001221ff90
X26=0000000000000000 X27=ffff800012459948 X28=ffff80001224d110
X29=ffff8000126ab5d0 X30=ffff8000107804cc  SP=ffff8000126ab5d0
PSTATE=804000c9 N--- EL2h  BTYPE=0     FPCR=00000000 FPSR=00000010
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000000000000000:0000000000000000 Z01=0000000000000000:40de0c0000000000
Z02=bf41b0fde50aba5a:ef8b0a78a5f921e5 Z03=0000000040000000:0000000000000000
Z04=4010040140100401:4000000000000000 Z05=4010040140100401:4010040140100401
Z06=5555400000400000:5555400000400000 Z07=0000000000000000:0000000000000000
Z08=0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000
Z16=0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000010:000000174258a520 Z31=0000000000000000:0000000000000000
info registers vcpu 1
 PC=ffff800011128df8 X00=ffff800011128df0 X01=0000000000000000
X02=0000000000000001 X03=ffff00007fbd6b00 X04=0000000000000000
X05=f9ff00000552eac0 X06=ffff80006d9d5000 X07=ffff800012202000
X08=ffff80001232d000 X09=0000000000000000 X10=0000000000000009
X11=0000000000000000 X12=ffff80001249c000 X13=ffff800012217000
X14=00000000000037ed X15=00004c4b40000000 X16=ffff80001000c000
X17=ffff80006d9d5000 X18=0000000000000000 X19=ffff80001232f208
X20=ffff80001232f200 X21=0000000000000000 X22=0000000000000004
X23=ffff80001232f208 X24=0000000000000028 X25=0000000000000000
X26=ffff80001013edd0 X27=ffff00007fbd1f00 X28=ffff00007fbd1ec0
X29=ffff80001000bd70 X30=3cb680001013e570  SP=ffff80001000bd70
PSTATE=004000c9 ---- EL2h  BTYPE=0     FPCR=00000000 FPSR=00000010
P00=0000 P01=0000 P02=0000 P03=0000 P04=0000 P05=0000 P06=0000 P07=0000
P08=0000 P09=0000 P10=0000 P11=0000 P12=0000 P13=0000 P14=0000 P15=0000
FFR=0000
Z00=0000000000000000:0000000000000000 Z01=0000000000000000:c1162e42fefa39ef
Z02=0000000000000000:bfe62e42fefa39ef Z03=0000000000000000:411f55c000000000
Z04=0000000000000000:0000000000000000 Z05=0000000000000000:4010040140100401
Z06=0000000000000000:0000000000010000 Z07=0000000000000000:9826d1012b675f26
Z08=0000000000000000:3fb167b5a0e5ed08 Z09=0000000000000000:3fe40ee827b44f0d
Z10=0000000000000000:3fe0000000000000 Z11=0000000000000000:e8e5bffe4f408d61
Z12=0000000000000000:6894ba0f3f58c4c9 Z13=0000000000000000:e3aa68995f9177be
Z14=0000000000000000:c4587a11033d12f8 Z15=0000000000000000:ed7766daaedcdb6b
Z16=0000000000000000:0000000000000000 Z17=0000000000000000:0000000000000000
Z18=0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000
Z30=0000000000000000:00000000a512d92a Z31=0000000000000000:0000000000000000