[  447.453546][  T168] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  448.077381][  T168] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  450.462456][  T168] device hsr_slave_0 left promiscuous mode
[  450.471214][  T168] device hsr_slave_1 left promiscuous mode
[  450.478599][  T168] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  450.486782][  T168] batman_adv: batadv0: Removing interface: batadv_slave_0
[  450.498033][  T168] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  450.506826][  T168] batman_adv: batadv0: Removing interface: batadv_slave_1
[  450.518332][  T168] device bridge_slave_1 left promiscuous mode
[  450.525401][  T168] bridge0: port 2(bridge_slave_1) entered disabled state
[  450.538976][  T168] device bridge_slave_0 left promiscuous mode
[  450.545609][  T168] bridge0: port 1(bridge_slave_0) entered disabled state
[  450.561300][  T168] device veth1_macvtap left promiscuous mode
[  450.567926][  T168] device veth0_macvtap left promiscuous mode
[  450.576636][  T168] device veth1_vlan left promiscuous mode
[  450.584599][  T168] device veth0_vlan left promiscuous mode
[  455.033861][  T168] team0 (unregistering): Port device team_slave_1 removed
[  455.051324][  T168] team0 (unregistering): Port device team_slave_0 removed
[  455.067482][  T168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  455.081622][  T168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  455.151702][  T168] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.1.30' (ECDSA) to the list of known hosts.
[  457.367968][T18913] ==================================================================
[  457.376478][T18913] BUG: KASAN: use-after-free in kobject_put+0x493/0x540
[  457.383561][T18913] Read of size 1 at addr ffff88801167463c by task syz-executor793/18913
[  457.392002][T18913] 
[  457.394350][T18913] CPU: 0 PID: 18913 Comm: syz-executor793 Not tainted 5.13.0-rc7-syzkaller #0
[  457.403204][T18913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  457.413265][T18913] Call Trace:
[  457.416554][T18913]  dump_stack+0x141/0x1d7
[  457.420987][T18913]  ? kobject_put+0x493/0x540
[  457.425606][T18913]  print_address_description.constprop.0.cold+0x5b/0x2f8
[  457.432701][T18913]  ? kobject_put+0x493/0x540
[  457.437314][T18913]  ? kobject_put+0x493/0x540
[  457.441919][T18913]  kasan_report.cold+0x7c/0xd8
[  457.446703][T18913]  ? kobject_put+0x493/0x540
[  457.451517][T18913]  kobject_put+0x493/0x540
[  457.455953][T18913]  delete_partition+0xb9/0x180
[  457.461028][T18913]  bdev_del_partition+0xe5/0x100
[  457.466165][T18913]  blkpg_do_ioctl+0x2e8/0x340
[  457.470858][T18913]  ? blkdev_pr_preempt+0x260/0x260
[  457.476018][T18913]  blkdev_ioctl+0x577/0x6d0
[  457.480534][T18913]  ? blkdev_common_ioctl+0x1840/0x1840
[  457.486017][T18913]  block_ioctl+0xf9/0x140
[  457.490415][T18913]  ? blkdev_read_iter+0x1c0/0x1c0
[  457.495456][T18913]  __x64_sys_ioctl+0x193/0x200
[  457.500294][T18913]  do_syscall_64+0x3a/0xb0
[  457.504771][T18913]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  457.510716][T18913] RIP: 0033:0x444309
[  457.514620][T18913] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[  457.535565][T18913] RSP: 002b:00007fffeb625698 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  457.543993][T18913] RAX: ffffffffffffffda RBX: 0000000000487062 RCX: 0000000000444309
[  457.551971][T18913] RDX: 0000000020000240 RSI: 0000000000001269 RDI: 0000000000000004
[  457.560467][T18913] RBP: 0000000000000000 R08: 0023706f6f6c2f76 R09: 0000000000000001
[  457.568449][T18913] R10: 000000000000001f R11: 0000000000000246 R12: 000000000006fa47
[  457.576423][T18913] R13: 00007fffeb6256ac R14: 00007fffeb6256c0 R15: 00007fffeb6256b0
[  457.584594][T18913] 
[  457.586924][T18913] Allocated by task 18908:
[  457.591335][T18913]  kasan_save_stack+0x1b/0x40
[  457.596084][T18913]  __kasan_kmalloc+0x9b/0xd0
[  457.600685][T18913]  kobject_create_and_add+0x42/0xb0
[  457.605897][T18913]  add_partition+0x5ee/0x910
[  457.610493][T18913]  bdev_add_partition+0xb6/0x130
[  457.615438][T18913]  blkpg_do_ioctl+0x2d0/0x340
[  457.620120][T18913]  blkdev_ioctl+0x577/0x6d0
[  457.624637][T18913]  block_ioctl+0xf9/0x140
[  457.628970][T18913]  __x64_sys_ioctl+0x193/0x200
[  457.633735][T18913]  do_syscall_64+0x3a/0xb0
[  457.638159][T18913]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  457.644068][T18913] 
[  457.646387][T18913] Freed by task 18908:
[  457.650453][T18913]  kasan_save_stack+0x1b/0x40
[  457.655138][T18913]  kasan_set_track+0x1c/0x30
[  457.659734][T18913]  kasan_set_free_info+0x20/0x30
[  457.664751][T18913]  __kasan_slab_free+0xfb/0x130
[  457.669606][T18913]  slab_free_freelist_hook+0xdf/0x240
[  457.675080][T18913]  kfree+0xe5/0x7f0
[  457.678906][T18913]  kobject_put+0x1c8/0x540
[  457.683945][T18913]  delete_partition+0xb9/0x180
[  457.688741][T18913]  bdev_del_partition+0xe5/0x100
[  457.693724][T18913]  blkpg_do_ioctl+0x2e8/0x340
[  457.698461][T18913]  blkdev_ioctl+0x577/0x6d0
[  457.702965][T18913]  block_ioctl+0xf9/0x140
[  457.707388][T18913]  __x64_sys_ioctl+0x193/0x200
[  457.712153][T18913]  do_syscall_64+0x3a/0xb0
[  457.716579][T18913]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  457.722485][T18913] 
[  457.724810][T18913] The buggy address belongs to the object at ffff888011674600
[  457.724810][T18913]  which belongs to the cache kmalloc-64 of size 64
[  457.738784][T18913] The buggy address is located 60 bytes inside of
[  457.738784][T18913]  64-byte region [ffff888011674600, ffff888011674640)
[  457.751894][T18913] The buggy address belongs to the page:
[  457.757516][T18913] page:ffffea0000459d00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11674
[  457.767670][T18913] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[  457.775230][T18913] raw: 00fff00000000200 dead000000000100 dead000000000122 ffff888010041640
[  457.783821][T18913] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000
[  457.792401][T18913] page dumped because: kasan: bad access detected
[  457.798806][T18913] 
[  457.801130][T18913] Memory state around the buggy address:
[  457.806758][T18913]  ffff888011674500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  457.814822][T18913]  ffff888011674580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  457.822881][T18913] >ffff888011674600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  457.830939][T18913]                                         ^
[  457.836831][T18913]  ffff888011674680: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[  457.845153][T18913]  ffff888011674700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  457.853384][T18913] ==================================================================
[  457.861436][T18913] Disabling lock debugging due to kernel taint
[  457.938262][T18913] Kernel panic - not syncing: panic_on_warn set ...
[  457.944877][T18913] CPU: 0 PID: 18913 Comm: syz-executor793 Tainted: G    B             5.13.0-rc7-syzkaller #0
[  457.955211][T18913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  457.965351][T18913] Call Trace:
[  457.968626][T18913]  dump_stack+0x141/0x1d7
[  457.972946][T18913]  panic+0x306/0x73d
[  457.976874][T18913]  ? __warn_printk+0xf3/0xf3
[  457.981465][T18913]  ? preempt_schedule_common+0x59/0xc0
[  457.987007][T18913]  ? kobject_put+0x493/0x540
[  457.991596][T18913]  ? preempt_schedule_thunk+0x16/0x18
[  457.996984][T18913]  ? trace_hardirqs_on+0x38/0x1c0
[  458.002036][T18913]  ? trace_hardirqs_on+0x51/0x1c0
[  458.007046][T18913]  ? kobject_put+0x493/0x540
[  458.011636][T18913]  ? kobject_put+0x493/0x540
[  458.016217][T18913]  end_report.cold+0x5a/0x5a
[  458.020798][T18913]  kasan_report.cold+0x6a/0xd8
[  458.025550][T18913]  ? kobject_put+0x493/0x540
[  458.030130][T18913]  kobject_put+0x493/0x540
[  458.034539][T18913]  delete_partition+0xb9/0x180
[  458.039295][T18913]  bdev_del_partition+0xe5/0x100
[  458.044222][T18913]  blkpg_do_ioctl+0x2e8/0x340
[  458.048886][T18913]  ? blkdev_pr_preempt+0x260/0x260
[  458.054074][T18913]  blkdev_ioctl+0x577/0x6d0
[  458.058822][T18913]  ? blkdev_common_ioctl+0x1840/0x1840
[  458.064287][T18913]  block_ioctl+0xf9/0x140
[  458.068604][T18913]  ? blkdev_read_iter+0x1c0/0x1c0
[  458.073612][T18913]  __x64_sys_ioctl+0x193/0x200
[  458.078464][T18913]  do_syscall_64+0x3a/0xb0
[  458.082875][T18913]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  458.088846][T18913] RIP: 0033:0x444309
[  458.092723][T18913] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[  458.112505][T18913] RSP: 002b:00007fffeb625698 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  458.120921][T18913] RAX: ffffffffffffffda RBX: 0000000000487062 RCX: 0000000000444309
[  458.128878][T18913] RDX: 0000000020000240 RSI: 0000000000001269 RDI: 0000000000000004
[  458.136835][T18913] RBP: 0000000000000000 R08: 0023706f6f6c2f76 R09: 0000000000000001
[  458.144790][T18913] R10: 000000000000001f R11: 0000000000000246 R12: 000000000006fa47
[  458.152757][T18913] R13: 00007fffeb6256ac R14: 00007fffeb6256c0 R15: 00007fffeb6256b0
[  458.162190][T18913] Kernel Offset: disabled
[  458.166613][T18913] Rebooting in 86400 seconds..