[  451.935067][   T66] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.984383][   T66] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.034429][   T66] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.085088][   T66] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.161833][   T66] bridge_slave_1: left allmulticast mode
[  452.167507][   T66] bridge_slave_1: left promiscuous mode
[  452.173396][   T66] bridge0: port 2(bridge_slave_1) entered disabled state
[  452.181705][   T66] bridge_slave_0: left allmulticast mode
[  452.187353][   T66] bridge_slave_0: left promiscuous mode
[  452.193328][   T66] bridge0: port 1(bridge_slave_0) entered disabled state
[  452.271838][   T66] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  452.282100][   T66] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  452.291571][   T66] bond0 (unregistering): Released all slaves
[  452.492496][   T66] hsr_slave_0: left promiscuous mode
[  452.498830][   T66] hsr_slave_1: left promiscuous mode
[  452.505241][   T66] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  452.513249][   T66] batman_adv: batadv0: Removing interface: batadv_slave_0
[  452.523935][   T66] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  452.531597][   T66] batman_adv: batadv0: Removing interface: batadv_slave_1
[  452.540831][   T66] veth1_macvtap: left promiscuous mode
[  452.546362][   T66] veth0_macvtap: left promiscuous mode
[  452.552167][   T66] veth1_vlan: left promiscuous mode
[  452.557443][   T66] veth0_vlan: left promiscuous mode
[  452.638819][   T66] team0 (unregistering): Port device team_slave_1 removed
[  452.650345][   T66] team0 (unregistering): Port device team_slave_0 removed
Warning: Permanently added '10.128.1.9' (ED25519) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[  464.792429][T12115] ==================================================================
[  464.800602][T12115] BUG: KASAN: slab-use-after-free in __se_sys_mremap+0xb33/0x1150
[  464.808412][T12115] Read of size 8 at addr ffff88805dfbf918 by task syz-executor417/12115
[  464.816718][T12115] 
[  464.819041][T12115] CPU: 0 UID: 0 PID: 12115 Comm: syz-executor417 Not tainted 6.17.0-rc1-next-20250814-syzkaller-02527-g931e46dcbc7e #0 PREEMPT(full) 
[  464.819055][T12115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  464.819068][T12115] Call Trace:
[  464.819075][T12115]  <TASK>
[  464.819080][T12115]  dump_stack_lvl+0x189/0x250
[  464.819099][T12115]  ? __pfx_dump_stack_lvl+0x10/0x10
[  464.819113][T12115]  ? lock_release+0x4b/0x3e0
[  464.819125][T12115]  ? __virt_addr_valid+0x4a5/0x5c0
[  464.819134][T12115]  print_report+0xca/0x240
[  464.819144][T12115]  ? __se_sys_mremap+0xb33/0x1150
[  464.819156][T12115]  kasan_report+0x118/0x150
[  464.819167][T12115]  ? __se_sys_mremap+0xb33/0x1150
[  464.819180][T12115]  __se_sys_mremap+0xb33/0x1150
[  464.819198][T12115]  ? __pfx___se_sys_mremap+0x10/0x10
[  464.819209][T12115]  ? __rseq_handle_notify_resume+0x37e/0x11f0
[  464.819228][T12115]  ? rcu_is_watching+0x15/0xb0
[  464.819240][T12115]  ? __x64_sys_mremap+0x20/0xc0
[  464.819252][T12115]  do_syscall_64+0xfa/0x3b0
[  464.819264][T12115]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.819273][T12115]  ? __switch_to_asm+0x39/0x70
[  464.819281][T12115]  ? clear_bhb_loop+0x60/0xb0
[  464.819292][T12115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.819304][T12115] RIP: 0033:0x7f090dfd92e9
[  464.819317][T12115] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  464.819326][T12115] RSP: 002b:00007f090df92228 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  464.819339][T12115] RAX: ffffffffffffffda RBX: 00007f090e063308 RCX: 00007f090dfd92e9
[  464.819347][T12115] RDX: 0000000000001000 RSI: 0000000000001000 RDI: 0000200000d59000
[  464.819353][T12115] RBP: 00007f090e063300 R08: 0000200000a91000 R09: 00007f090df926c0
[  464.819360][T12115] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f090e06330c
[  464.819366][T12115] R13: 0000200000d59000 R14: 0000200000000000 R15: 00007ffdfe289298
[  464.819376][T12115]  </TASK>
[  464.819379][T12115] 
[  465.018386][T12115] Allocated by task 10645:
[  465.022786][T12115]  kasan_save_track+0x3e/0x80
[  465.027450][T12115]  __kasan_slab_alloc+0x6c/0x80
[  465.032390][T12115]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  465.037935][T12115]  vm_area_dup+0x2b/0x680
[  465.042253][T12115]  dup_mmap+0x90c/0x1ac0
[  465.046487][T12115]  copy_mm+0x13c/0x4b0
[  465.050549][T12115]  copy_process+0x1706/0x3c00
[  465.055208][T12115]  kernel_clone+0x21e/0x840
[  465.059696][T12115]  __x64_sys_clone+0x18b/0x1e0
[  465.064447][T12115]  do_syscall_64+0xfa/0x3b0
[  465.068943][T12115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.074828][T12115] 
[  465.077133][T12115] Freed by task 15:
[  465.080914][T12115]  kasan_save_track+0x3e/0x80
[  465.085587][T12115]  __kasan_save_free_info+0x46/0x50
[  465.090870][T12115]  __kasan_slab_free+0x5b/0x80
[  465.095624][T12115]  slab_free_after_rcu_debug+0x129/0x2a0
[  465.101236][T12115]  rcu_core+0xca8/0x1770
[  465.105459][T12115]  handle_softirqs+0x286/0x870
[  465.110296][T12115]  run_ksoftirqd+0x9b/0x100
[  465.114780][T12115]  smpboot_thread_fn+0x542/0xa60
[  465.119705][T12115]  kthread+0x711/0x8a0
[  465.123837][T12115]  ret_from_fork+0x3f9/0x770
[  465.128474][T12115]  ret_from_fork_asm+0x1a/0x30
[  465.133232][T12115] 
[  465.135542][T12115] Last potentially related work creation:
[  465.141322][T12115]  kasan_save_stack+0x3e/0x60
[  465.146075][T12115]  kasan_record_aux_stack+0xbd/0xd0
[  465.151286][T12115]  kmem_cache_free+0x2f6/0x400
[  465.156033][T12115]  vms_complete_munmap_vmas+0x626/0x8a0
[  465.161565][T12115]  do_vmi_align_munmap+0x358/0x420
[  465.166668][T12115]  do_vmi_munmap+0x253/0x2e0
[  465.171235][T12115]  do_munmap+0xe1/0x140
[  465.175382][T12115]  mremap_to+0x2df/0x7a0
[  465.179602][T12115]  __se_sys_mremap+0xadf/0x1150
[  465.184431][T12115]  do_syscall_64+0xfa/0x3b0
[  465.189081][T12115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.194999][T12115] 
[  465.197319][T12115] The buggy address belongs to the object at ffff88805dfbf8c0
[  465.197319][T12115]  which belongs to the cache vm_area_struct of size 256
[  465.211655][T12115] The buggy address is located 88 bytes inside of
[  465.211655][T12115]  freed 256-byte region [ffff88805dfbf8c0, ffff88805dfbf9c0)
[  465.225355][T12115] 
[  465.227674][T12115] The buggy address belongs to the physical page:
[  465.234094][T12115] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5dfbf
[  465.242927][T12115] memcg:ffff888072fa7301
[  465.247232][T12115] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  465.254323][T12115] page_type: f5(slab)
[  465.258295][T12115] raw: 00fff00000000000 ffff88801bae2b40 ffffea0000a44700 dead000000000006
[  465.266938][T12115] raw: 0000000000000000 00000000000c000c 00000000f5000000 ffff888072fa7301
[  465.275929][T12115] page dumped because: kasan: bad access detected
[  465.282323][T12115] page_owner tracks the page as allocated
[  465.288036][T12115] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 9327, tgid 9327 (syz-executor), ts 448366590631, free_ts 445761754778
[  465.307463][T12115]  post_alloc_hook+0x240/0x2a0
[  465.312225][T12115]  get_page_from_freelist+0x21e4/0x22c0
[  465.317776][T12115]  __alloc_frozen_pages_noprof+0x181/0x370
[  465.323555][T12115]  alloc_pages_mpol+0x232/0x4a0
[  465.328378][T12115]  allocate_slab+0x8a/0x370
[  465.332861][T12115]  ___slab_alloc+0xbeb/0x1410
[  465.337537][T12115]  kmem_cache_alloc_noprof+0x283/0x3c0
[  465.342971][T12115]  vm_area_dup+0x2b/0x680
[  465.347279][T12115]  dup_mmap+0x90c/0x1ac0
[  465.351495][T12115]  copy_mm+0x13c/0x4b0
[  465.355582][T12115]  copy_process+0x1706/0x3c00
[  465.360670][T12115]  kernel_clone+0x21e/0x840
[  465.365154][T12115]  __x64_sys_clone+0x18b/0x1e0
[  465.369912][T12115]  do_syscall_64+0xfa/0x3b0
[  465.374413][T12115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.380298][T12115] page last free pid 9889 tgid 9889 stack trace:
[  465.386682][T12115]  __free_frozen_pages+0xbc4/0xd30
[  465.391774][T12115]  __tlb_remove_table+0x2d2/0x3b0
[  465.396773][T12115]  tlb_remove_table_rcu+0x85/0x100
[  465.402045][T12115]  rcu_core+0xca8/0x1770
[  465.406286][T12115]  handle_softirqs+0x286/0x870
[  465.411058][T12115]  __irq_exit_rcu+0xca/0x1f0
[  465.415657][T12115]  irq_exit_rcu+0x9/0x30
[  465.419937][T12115]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  465.425567][T12115]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  465.431537][T12115] 
[  465.433841][T12115] Memory state around the buggy address:
[  465.439447][T12115]  ffff88805dfbf800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  465.447481][T12115]  ffff88805dfbf880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  465.455517][T12115] >ffff88805dfbf900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  465.463547][T12115]                             ^
[  465.468384][T12115]  ffff88805dfbf980: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  465.476420][T12115]  ffff88805dfbfa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  465.484452][T12115] ==================================================================
[  465.494061][T12115] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  465.501276][T12115] CPU: 0 UID: 0 PID: 12115 Comm: syz-executor417 Not tainted 6.17.0-rc1-next-20250814-syzkaller-02527-g931e46dcbc7e #0 PREEMPT(full) 
[  465.514973][T12115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  465.525042][T12115] Call Trace:
[  465.528314][T12115]  <TASK>
[  465.531231][T12115]  dump_stack_lvl+0x99/0x250
[  465.535819][T12115]  ? __asan_memcpy+0x40/0x70
[  465.540429][T12115]  ? __pfx_dump_stack_lvl+0x10/0x10
[  465.545614][T12115]  ? __pfx__printk+0x10/0x10
[  465.550283][T12115]  vpanic+0x281/0x750
[  465.554260][T12115]  ? preempt_schedule+0xae/0xc0
[  465.559104][T12115]  ? __pfx_vpanic+0x10/0x10
[  465.563594][T12115]  ? preempt_schedule_common+0x83/0xd0
[  465.569044][T12115]  ? preempt_schedule+0xae/0xc0
[  465.573891][T12115]  ? __pfx_preempt_schedule+0x10/0x10
[  465.579248][T12115]  panic+0xb9/0xc0
[  465.582954][T12115]  ? __pfx_panic+0x10/0x10
[  465.587369][T12115]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  465.593257][T12115]  ? __se_sys_mremap+0xb33/0x1150
[  465.598269][T12115]  check_panic_on_warn+0x89/0xb0
[  465.603559][T12115]  ? __se_sys_mremap+0xb33/0x1150
[  465.608575][T12115]  end_report+0x78/0x160
[  465.613239][T12115]  kasan_report+0x129/0x150
[  465.617728][T12115]  ? __se_sys_mremap+0xb33/0x1150
[  465.622743][T12115]  __se_sys_mremap+0xb33/0x1150
[  465.627599][T12115]  ? __pfx___se_sys_mremap+0x10/0x10
[  465.632875][T12115]  ? __rseq_handle_notify_resume+0x37e/0x11f0
[  465.639023][T12115]  ? rcu_is_watching+0x15/0xb0
[  465.643870][T12115]  ? __x64_sys_mremap+0x20/0xc0
[  465.648709][T12115]  do_syscall_64+0xfa/0x3b0
[  465.653207][T12115]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.659305][T12115]  ? __switch_to_asm+0x39/0x70
[  465.664064][T12115]  ? clear_bhb_loop+0x60/0xb0
[  465.668736][T12115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.674623][T12115] RIP: 0033:0x7f090dfd92e9
[  465.679126][T12115] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  465.698720][T12115] RSP: 002b:00007f090df92228 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  465.707225][T12115] RAX: ffffffffffffffda RBX: 00007f090e063308 RCX: 00007f090dfd92e9
[  465.715480][T12115] RDX: 0000000000001000 RSI: 0000000000001000 RDI: 0000200000d59000
[  465.723446][T12115] RBP: 00007f090e063300 R08: 0000200000a91000 R09: 00007f090df926c0
[  465.731502][T12115] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f090e06330c
[  465.739476][T12115] R13: 0000200000d59000 R14: 0000200000000000 R15: 00007ffdfe289298
[  465.747458][T12115]  </TASK>
[  465.750857][T12115] Kernel Offset: disabled
[  465.755260][T12115] Rebooting in 86400 seconds..