[  421.570088][   T45] hsr_slave_0: left promiscuous mode
[  421.575770][   T45] hsr_slave_1: left promiscuous mode
[  421.581990][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  421.589717][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[  421.599110][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  421.606509][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[  421.615134][   T45] bridge_slave_1: left allmulticast mode
[  421.620928][   T45] bridge_slave_1: left promiscuous mode
[  421.626627][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  421.635029][   T45] bridge_slave_0: left allmulticast mode
[  421.640950][   T45] bridge_slave_0: left promiscuous mode
[  421.646628][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  421.656683][   T45] veth1_macvtap: left promiscuous mode
[  421.662375][   T45] veth0_macvtap: left promiscuous mode
[  421.667979][   T45] veth1_vlan: left promiscuous mode
[  421.673233][   T45] veth0_vlan: left promiscuous mode
[  421.682585][   T45] ==================================================================
[  421.690765][   T45] BUG: KASAN: use-after-free in detach_if_pending+0x2d4/0x310
[  421.698352][   T45] Write of size 8 at addr ffff888076b29980 by task kworker/u4:3/45
[  421.706321][   T45] 
[  421.708650][   T45] CPU: 1 PID: 45 Comm: kworker/u4:3 Not tainted 6.3.0-syzkaller #0
[  421.716509][   T45] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
[  421.726547][   T45] Workqueue: netns cleanup_net
[  421.731353][   T45] Call Trace:
[  421.734613][   T45]  <TASK>
[  421.737614][   T45]  dump_stack_lvl+0x64/0xb0
[  421.742239][   T45]  print_address_description.constprop.0+0x2c/0x3c0
[  421.748863][   T45]  ? detach_if_pending+0x2d4/0x310
[  421.753955][   T45]  kasan_report+0x11c/0x130
[  421.758527][   T45]  ? detach_if_pending+0x2d4/0x310
[  421.763630][   T45]  detach_if_pending+0x2d4/0x310
[  421.768823][   T45]  __timer_delete+0xaa/0x160
[  421.773401][   T45]  ? detach_if_pending+0x310/0x310
[  421.778488][   T45]  ? mark_held_locks+0x9f/0xe0
[  421.783259][   T45]  addrconf_ifdown.isra.0+0x44d/0x13f0
[  421.788778][   T45]  ? addrconf_dad_run+0x120/0x120
[  421.793857][   T45]  ? wait_for_completion_io_timeout+0x20/0x20
[  421.799951][   T45]  addrconf_notify+0xc6/0x1330
[  421.804863][   T45]  ? tee_netdev_event+0x25b/0x330
[  421.809896][   T45]  notifier_call_chain+0x94/0x2a0
[  421.814909][   T45]  dev_close_many+0x296/0x570
[  421.819567][   T45]  ? lock_acquire+0x1b1/0x520
[  421.824320][   T45]  ? __dev_close_many+0x2a0/0x2a0
[  421.829341][   T45]  unregister_netdevice_many_notify+0x381/0x1600
[  421.835825][   T45]  ? netdev_freemem+0x50/0x50
[  421.840482][   T45]  ? unregister_netdevice_queue+0x141/0x340
[  421.846469][   T45]  ? unregister_netdevice_many+0x10/0x10
[  421.852076][   T45]  ? br_dev_delete+0x108/0x190
[  421.856956][   T45]  default_device_exit_batch+0x3b5/0x520
[  421.862574][   T45]  ? unregister_netdev+0x20/0x20
[  421.867481][   T45]  ? ops_exit_list+0xa7/0x160
[  421.872140][   T45]  cleanup_net+0x427/0x980
[  421.876525][   T45]  ? unregister_pernet_device+0x70/0x70
[  421.882050][   T45]  ? __switch_to+0x5d0/0xff0
[  421.886635][   T45]  process_one_work+0x86e/0x1410
[  421.891544][   T45]  ? lock_sync+0x190/0x190
[  421.895929][   T45]  ? pwq_dec_nr_in_flight+0x230/0x230
[  421.901291][   T45]  ? spin_bug+0x1c0/0x1c0
[  421.905613][   T45]  worker_thread+0x5af/0xf00
[  421.910170][   T45]  ? process_one_work+0x1410/0x1410
[  421.915430][   T45]  kthread+0x2ea/0x3c0
[  421.919743][   T45]  ? kthread_complete_and_exit+0x20/0x20
[  421.925362][   T45]  ret_from_fork+0x1f/0x30
[  421.929802][   T45]  </TASK>
[  421.932885][   T45] 
[  421.935212][   T45] The buggy address belongs to the physical page:
[  421.942207][   T45] page:ffffea0001daca40 refcount:0 mapcount:0 mapping:0000000000000000 index:0x4 pfn:0x76b29
[  421.952431][   T45] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  421.959614][   T45] page_type: 0xffffffff()
[  421.963926][   T45] raw: 00fff00000000000 0000000000000000 ffffffff00000201 0000000000000000
[  421.972507][   T45] raw: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[  421.981171][   T45] page dumped because: kasan: bad access detected
[  421.987762][   T45] 
[  421.990072][   T45] Memory state around the buggy address:
[  421.995689][   T45]  ffff888076b29880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  422.003734][   T45]  ffff888076b29900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  422.011953][   T45] >ffff888076b29980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  422.020066][   T45]                    ^
[  422.024210][   T45]  ffff888076b29a00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  422.032236][   T45]  ffff888076b29a80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  422.040487][   T45] ==================================================================
[  422.048618][   T45] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  422.055809][   T45] CPU: 1 PID: 45 Comm: kworker/u4:3 Not tainted 6.3.0-syzkaller #0
[  422.063668][   T45] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
[  422.073868][   T45] Workqueue: netns cleanup_net
[  422.078610][   T45] Call Trace:
[  422.081865][   T45]  <TASK>
[  422.084789][   T45]  dump_stack_lvl+0x64/0xb0
[  422.089494][   T45]  panic+0x24f/0x540
[  422.093380][   T45]  ? panic_smp_self_stop+0x70/0x70
[  422.098553][   T45]  ? lock_downgrade+0x690/0x690
[  422.103398][   T45]  ? syslog_print_all+0x300/0x300
[  422.108409][   T45]  check_panic_on_warn+0x75/0x80
[  422.113321][   T45]  end_report+0xe9/0x120
[  422.117626][   T45]  ? detach_if_pending+0x2d4/0x310
[  422.122707][   T45]  kasan_report+0xf9/0x130
[  422.127091][   T45]  ? detach_if_pending+0x2d4/0x310
[  422.132232][   T45]  detach_if_pending+0x2d4/0x310
[  422.137137][   T45]  __timer_delete+0xaa/0x160
[  422.141701][   T45]  ? detach_if_pending+0x310/0x310
[  422.146778][   T45]  ? mark_held_locks+0x9f/0xe0
[  422.151705][   T45]  addrconf_ifdown.isra.0+0x44d/0x13f0
[  422.157307][   T45]  ? addrconf_dad_run+0x120/0x120
[  422.162296][   T45]  ? wait_for_completion_io_timeout+0x20/0x20
[  422.168421][   T45]  addrconf_notify+0xc6/0x1330
[  422.173261][   T45]  ? tee_netdev_event+0x25b/0x330
[  422.178278][   T45]  notifier_call_chain+0x94/0x2a0
[  422.183295][   T45]  dev_close_many+0x296/0x570
[  422.188057][   T45]  ? lock_acquire+0x1b1/0x520
[  422.192754][   T45]  ? __dev_close_many+0x2a0/0x2a0
[  422.197875][   T45]  unregister_netdevice_many_notify+0x381/0x1600
[  422.204279][   T45]  ? netdev_freemem+0x50/0x50
[  422.209190][   T45]  ? unregister_netdevice_queue+0x141/0x340
[  422.215249][   T45]  ? unregister_netdevice_many+0x10/0x10
[  422.220866][   T45]  ? br_dev_delete+0x108/0x190
[  422.225598][   T45]  default_device_exit_batch+0x3b5/0x520
[  422.231217][   T45]  ? unregister_netdev+0x20/0x20
[  422.236206][   T45]  ? ops_exit_list+0xa7/0x160
[  422.240937][   T45]  cleanup_net+0x427/0x980
[  422.245408][   T45]  ? unregister_pernet_device+0x70/0x70
[  422.250925][   T45]  ? __switch_to+0x5d0/0xff0
[  422.255481][   T45]  process_one_work+0x86e/0x1410
[  422.260388][   T45]  ? lock_sync+0x190/0x190
[  422.264771][   T45]  ? pwq_dec_nr_in_flight+0x230/0x230
[  422.270195][   T45]  ? spin_bug+0x1c0/0x1c0
[  422.274488][   T45]  worker_thread+0x5af/0xf00
[  422.279138][   T45]  ? process_one_work+0x1410/0x1410
[  422.284306][   T45]  kthread+0x2ea/0x3c0
[  422.288452][   T45]  ? kthread_complete_and_exit+0x20/0x20
[  422.294174][   T45]  ret_from_fork+0x1f/0x30
[  422.298664][   T45]  </TASK>
[  423.379962][   T45] Shutting down cpus with NMI
[  423.384984][   T45] Kernel Offset: disabled
[  423.389289][   T45] Rebooting in 86400 seconds..