[  399.972651][  T676] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.051420][  T676] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.118545][  T676] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.210852][  T676] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.388341][  T676] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.511032][  T676] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.581264][  T676] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.639764][  T676] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.823112][  T676] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.943074][  T676] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.020086][  T676] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  401.089034][  T676] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
Warning: Permanently added '10.128.1.42' (ECDSA) to the list of known hosts.
[  404.390511][  T676] device hsr_slave_0 left promiscuous mode
[  404.438824][  T676] device hsr_slave_1 left promiscuous mode
[  404.519135][  T676] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  404.527466][  T676] batman_adv: batadv0: Removing interface: batadv_slave_0
[  404.536554][  T676] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  404.544141][  T676] batman_adv: batadv0: Removing interface: batadv_slave_1
[  404.552757][  T676] device bridge_slave_1 left promiscuous mode
[  404.559416][  T676] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.609931][  T676] device bridge_slave_0 left promiscuous mode
[  404.616754][  T676] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.672712][  T676] device hsr_slave_0 left promiscuous mode
[  404.738756][  T676] device hsr_slave_1 left promiscuous mode
[  404.828782][  T676] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  404.837025][  T676] batman_adv: batadv0: Removing interface: batadv_slave_0
[  404.845184][  T676] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  404.853247][  T676] batman_adv: batadv0: Removing interface: batadv_slave_1
[  404.862688][  T676] device bridge_slave_1 left promiscuous mode
[  404.869104][  T676] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.919833][  T676] device bridge_slave_0 left promiscuous mode
[  404.927014][  T676] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.961690][  T676] device hsr_slave_0 left promiscuous mode
[  404.998850][  T676] device hsr_slave_1 left promiscuous mode
[  405.109066][  T676] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  405.117700][  T676] batman_adv: batadv0: Removing interface: batadv_slave_0
[  405.126983][  T676] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  405.134856][  T676] batman_adv: batadv0: Removing interface: batadv_slave_1
[  405.143652][  T676] device bridge_slave_1 left promiscuous mode
[  405.150092][  T676] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.189221][  T676] device bridge_slave_0 left promiscuous mode
[  405.195484][  T676] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.263951][  T676] device veth1_macvtap left promiscuous mode
[  405.271584][  T676] device veth0_macvtap left promiscuous mode
[  405.277985][  T676] device veth1_vlan left promiscuous mode
[  405.284175][  T676] device veth0_vlan left promiscuous mode
[  405.429430][  T676] device veth1_macvtap left promiscuous mode
[  405.436177][  T676] device veth0_macvtap left promiscuous mode
[  405.442665][  T676] device veth1_vlan left promiscuous mode
[  405.448711][  T676] device veth0_vlan left promiscuous mode
[  405.589271][  T676] device veth1_macvtap left promiscuous mode
[  405.596233][  T676] device veth0_macvtap left promiscuous mode
[  405.602424][  T676] device veth1_vlan left promiscuous mode
[  405.608161][  T676] device veth0_vlan left promiscuous mode
[  409.876135][  T676] team0 (unregistering): Port device team_slave_1 removed
[  409.887438][  T676] team0 (unregistering): Port device team_slave_0 removed
[  409.896732][  T676] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  409.920160][  T676] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  410.049779][  T676] bond0 (unregistering): Released all slaves
[  410.196497][  T676] team0 (unregistering): Port device team_slave_1 removed
[  410.206276][  T676] team0 (unregistering): Port device team_slave_0 removed
[  410.215497][  T676] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  410.251859][  T676] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  410.340239][  T676] bond0 (unregistering): Released all slaves
[  410.497535][  T676] team0 (unregistering): Port device team_slave_1 removed
[  410.507342][  T676] team0 (unregistering): Port device team_slave_0 removed
[  410.517171][  T676] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  410.551900][  T676] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  410.651400][  T676] bond0 (unregistering): Released all slaves
[  410.765828][   T29] audit: type=1400 audit(1610751545.528:11): avc:  denied  { execmem } for  pid=13743 comm="syz-executor632" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[  410.767942][T13745] IPVS: ftp: loaded support on port[0] = 21
[  411.846451][T13771] ------------[ cut here ]------------
[  411.852399][T13771] refcount_t: addition on 0; use-after-free.
[  411.858394][T13771] WARNING: CPU: 0 PID: 13771 at lib/refcount.c:25 refcount_warn_saturate+0x80/0xe0
[  411.868062][T13771] Modules linked in:
[  411.871966][T13771] CPU: 0 PID: 13771 Comm: kworker/u5:0 Not tainted 5.11.0-rc3-syzkaller #0
[  411.880648][T13771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  411.890899][T13771] Workqueue: hci0 hci_rx_work
[  411.895559][T13771] RIP: 0010:refcount_warn_saturate+0x80/0xe0
[  411.901850][T13771] Code: 05 ba 76 bf 02 01 e8 43 62 34 01 0f 0b c3 80 3d aa 76 bf 02 00 75 b8 48 c7 c7 f0 e4 f7 83 c6 05 9a 76 bf 02 01 e8 24 62 34 01 <0f> 0b c3 80 3d 8d 76 bf 02 00 75 99 48 c7 c7 c8 e4 f7 83 c6 05 7d
[  411.921709][T13771] RSP: 0018:ffffc90000d33cc8 EFLAGS: 00010282
[  411.927785][T13771] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000002
[  411.935772][T13771] RDX: 0000000080000002 RSI: ffffffff84087901 RDI: 00000000ffffffff
[  411.943926][T13771] RBP: ffff8881136fe000 R08: 0000000000000001 R09: 0000000000000001
[  411.951898][T13771] R10: ffffc90000d33af8 R11: ffffc90000d33af0 R12: 0000000000000000
[  411.959886][T13771] R13: 0000000000000001 R14: ffffffff84851148 R15: 0000000000000000
[  411.968059][T13771] FS:  0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[  411.977017][T13771] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  411.983612][T13771] CR2: 00007fff3413cb04 CR3: 00000001043e7000 CR4: 0000000000350ef0
[  411.991593][T13771] Call Trace:
[  411.994858][T13771]  l2cap_global_chan_by_psm+0x1f8/0x220
[  412.000429][T13771]  l2cap_recv_frame+0x554/0x2e40
[  412.005519][T13771]  ? hci_rx_work+0x19d/0x500
[  412.010106][T13771]  ? __mutex_unlock_slowpath+0x3e/0x2a0
[  412.015694][T13771]  hci_rx_work+0x1d3/0x500
[  412.020146][T13771]  process_one_work+0x293/0x600
[  412.025095][T13771]  ? process_one_work+0x600/0x600
[  412.030128][T13771]  worker_thread+0x38/0x380
[  412.034649][T13771]  ? process_one_work+0x600/0x600
[  412.039706][T13771]  kthread+0x145/0x170
[  412.043788][T13771]  ? kthread_bind+0x20/0x20
[  412.048266][T13771]  ret_from_fork+0x1f/0x30
[  412.052766][T13771] Kernel panic - not syncing: panic_on_warn set ...
[  412.059326][T13771] CPU: 0 PID: 13771 Comm: kworker/u5:0 Not tainted 5.11.0-rc3-syzkaller #0
[  412.067885][T13771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  412.077918][T13771] Workqueue: hci0 hci_rx_work
[  412.082572][T13771] Call Trace:
[  412.085834][T13771]  dump_stack+0xa3/0xc8
[  412.090014][T13771]  panic+0x135/0x31a
[  412.093886][T13771]  ? refcount_warn_saturate+0x80/0xe0
[  412.099232][T13771]  __warn.cold.13+0x16/0x20
[  412.103750][T13771]  ? refcount_warn_saturate+0x80/0xe0
[  412.109095][T13771]  report_bug+0xc0/0xf0
[  412.113225][T13771]  handle_bug+0x35/0x90
[  412.117773][T13771]  exc_invalid_op+0x13/0x60
[  412.122262][T13771]  asm_exc_invalid_op+0x12/0x20
[  412.127198][T13771] RIP: 0010:refcount_warn_saturate+0x80/0xe0
[  412.133150][T13771] Code: 05 ba 76 bf 02 01 e8 43 62 34 01 0f 0b c3 80 3d aa 76 bf 02 00 75 b8 48 c7 c7 f0 e4 f7 83 c6 05 9a 76 bf 02 01 e8 24 62 34 01 <0f> 0b c3 80 3d 8d 76 bf 02 00 75 99 48 c7 c7 c8 e4 f7 83 c6 05 7d
[  412.152728][T13771] RSP: 0018:ffffc90000d33cc8 EFLAGS: 00010282
[  412.158765][T13771] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000002
[  412.166715][T13771] RDX: 0000000080000002 RSI: ffffffff84087901 RDI: 00000000ffffffff
[  412.174660][T13771] RBP: ffff8881136fe000 R08: 0000000000000001 R09: 0000000000000001
[  412.182602][T13771] R10: ffffc90000d33af8 R11: ffffc90000d33af0 R12: 0000000000000000
[  412.190560][T13771] R13: 0000000000000001 R14: ffffffff84851148 R15: 0000000000000000
[  412.198526][T13771]  ? refcount_warn_saturate+0x80/0xe0
[  412.203873][T13771]  l2cap_global_chan_by_psm+0x1f8/0x220
[  412.209397][T13771]  l2cap_recv_frame+0x554/0x2e40
[  412.214307][T13771]  ? hci_rx_work+0x19d/0x500
[  412.218871][T13771]  ? __mutex_unlock_slowpath+0x3e/0x2a0
[  412.224391][T13771]  hci_rx_work+0x1d3/0x500
[  412.228781][T13771]  process_one_work+0x293/0x600
[  412.233606][T13771]  ? process_one_work+0x600/0x600
[  412.238602][T13771]  worker_thread+0x38/0x380
[  412.243078][T13771]  ? process_one_work+0x600/0x600
[  412.248075][T13771]  kthread+0x145/0x170
[  412.252121][T13771]  ? kthread_bind+0x20/0x20
[  412.256637][T13771]  ret_from_fork+0x1f/0x30
[  412.265431][T13771] Kernel Offset: disabled
[  412.269912][T13771] Rebooting in 86400 seconds..