Warning: Permanently added '10.128.1.39' (ED25519) to the list of known hosts.
2025/08/14 14:42:33 ignoring optional flag "sandboxArg"="0"
2025/08/14 14:42:34 parsed 1 programs
[   56.894382][ T5867] cgroup: Unknown subsys name 'net'
[   57.020748][ T5867] cgroup: Unknown subsys name 'cpuset'
[   57.027861][ T5867] cgroup: Unknown subsys name 'rlimit'
[   58.103459][ T5867] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   60.183994][ T5880] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   60.191520][ T5880] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   60.206769][ T5880] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   60.215367][ T5880] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   60.226928][ T5880] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   60.291661][ T5879] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   60.755214][ T5901] chnl_net:caif_netlink_parms(): no params data found
[   61.084522][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.094498][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.105643][ T5901] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.113603][ T5901] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.121035][ T5901] bridge_slave_0: entered allmulticast mode
[   61.129259][ T5901] bridge_slave_0: entered promiscuous mode
[   61.138181][ T5901] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.150035][ T5901] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.157204][ T5901] bridge_slave_1: entered allmulticast mode
[   61.163923][ T5901] bridge_slave_1: entered promiscuous mode
[   61.207246][ T5901] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.235418][ T5901] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.273050][ T2999] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.285318][ T2999] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.312999][ T5901] team0: Port device team_slave_0 added
[   61.453540][ T5901] team0: Port device team_slave_1 added
[   61.680120][ T5901] batman_adv: batadv0: Adding interface: batadv_slave_0
[   61.691936][ T5901] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.720239][ T5901] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   61.748998][ T5901] batman_adv: batadv0: Adding interface: batadv_slave_1
[   61.755966][ T5901] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.782147][ T5901] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   61.868048][ T5901] hsr_slave_0: entered promiscuous mode
[   61.874772][ T5901] hsr_slave_1: entered promiscuous mode
[   62.241739][ T5901] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   62.254315][ T5901] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   62.264960][ T5901] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   62.274768][ T5901] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   62.386590][ T5901] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.407226][ T5901] 8021q: adding VLAN 0 to HW filter on device team0
[   62.436193][ T1169] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.443367][ T1169] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.458839][ T1169] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.466045][ T1169] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.583971][ T5901] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.611379][ T5901] veth0_vlan: entered promiscuous mode
[   62.620040][ T5901] veth1_vlan: entered promiscuous mode
[   62.637660][ T5901] veth0_macvtap: entered promiscuous mode
[   62.647009][ T5901] veth1_macvtap: entered promiscuous mode
[   62.665610][ T5901] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.676756][ T5901] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.688239][ T1169] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.697327][ T1169] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.717939][ T1169] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.727286][ T1169] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/08/14 14:42:42 executed programs: 0
[   62.793868][ T5188] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   62.802325][ T5188] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   62.810375][ T5188] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   62.825125][ T5188] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   62.832669][ T5188] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   62.879733][ T5188] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   62.887516][ T5188] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   62.898960][ T5188] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   62.917231][ T5981] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   62.926917][ T5981] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   62.934802][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   62.948428][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   62.961769][ T5880] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   62.979487][ T5880] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   62.986791][ T5984] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   62.996021][ T5984] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   63.003220][ T5981] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   63.010589][ T5981] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   63.018422][ T5188] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   63.026379][ T5188] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   63.264736][ T5972] chnl_net:caif_netlink_parms(): no params data found
[   63.303906][ T1169] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.315773][ T5979] chnl_net:caif_netlink_parms(): no params data found
[   63.398985][ T5976] chnl_net:caif_netlink_parms(): no params data found
[   63.411211][ T5972] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.418440][ T5972] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.427402][ T5972] bridge_slave_0: entered allmulticast mode
[   63.434000][ T5972] bridge_slave_0: entered promiscuous mode
[   63.441821][ T5972] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.449086][ T5972] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.456326][ T5972] bridge_slave_1: entered allmulticast mode
[   63.463330][ T5972] bridge_slave_1: entered promiscuous mode
[   63.479370][ T1169] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.517162][ T5972] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.549903][ T5972] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.586405][ T5979] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.593839][ T5979] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.601434][ T5979] bridge_slave_0: entered allmulticast mode
[   63.607877][ T5979] bridge_slave_0: entered promiscuous mode
[   63.616137][ T5979] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.623272][ T5979] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.631187][ T5979] bridge_slave_1: entered allmulticast mode
[   63.637645][ T5979] bridge_slave_1: entered promiscuous mode
[   63.656848][ T5972] team0: Port device team_slave_0 added
[   63.685141][ T5972] team0: Port device team_slave_1 added
[   63.696696][ T5983] chnl_net:caif_netlink_parms(): no params data found
[   63.709538][ T5976] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.716725][ T5976] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.724196][ T5976] bridge_slave_0: entered allmulticast mode
[   63.730792][ T5976] bridge_slave_0: entered promiscuous mode
[   63.745199][ T5979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.756494][ T5979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.778235][ T5976] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.785502][ T5976] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.792881][ T5976] bridge_slave_1: entered allmulticast mode
[   63.799404][ T5976] bridge_slave_1: entered promiscuous mode
[   63.837812][ T5972] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.845036][ T5972] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.871210][ T5972] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.889954][ T5979] team0: Port device team_slave_0 added
[   63.919633][ T5976] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.929697][ T5972] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.936653][ T5972] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.963280][ T5972] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.981588][ T5979] team0: Port device team_slave_1 added
[   63.995152][ T5976] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.039725][ T5976] team0: Port device team_slave_0 added
[   64.045893][ T5979] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.053260][ T5979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.079751][ T5979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.091764][ T5983] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.099016][ T5983] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.106225][ T5983] bridge_slave_0: entered allmulticast mode
[   64.113769][ T5983] bridge_slave_0: entered promiscuous mode
[   64.135663][ T5976] team0: Port device team_slave_1 added
[   64.142162][ T5979] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.149751][ T5979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.175898][ T5979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.186740][ T5983] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.194121][ T5983] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.201342][ T5983] bridge_slave_1: entered allmulticast mode
[   64.207818][ T5983] bridge_slave_1: entered promiscuous mode
[   64.217887][ T5972] hsr_slave_0: entered promiscuous mode
[   64.224233][ T5972] hsr_slave_1: entered promiscuous mode
[   64.230307][ T5972] debugfs: 'hsr0' already exists in 'hsr'
[   64.236032][ T5972] Cannot create hsr debugfs directory
[   64.266557][ T5983] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.284233][ T5976] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.291402][ T5976] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.318011][ T5976] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.341239][ T5983] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.359096][ T5976] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.366087][ T5976] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.392354][ T5976] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.446601][ T5979] hsr_slave_0: entered promiscuous mode
[   64.452883][ T5979] hsr_slave_1: entered promiscuous mode
[   64.459617][ T5979] debugfs: 'hsr0' already exists in 'hsr'
[   64.465338][ T5979] Cannot create hsr debugfs directory
[   64.489864][ T5983] team0: Port device team_slave_0 added
[   64.498565][ T5976] hsr_slave_0: entered promiscuous mode
[   64.504576][ T5976] hsr_slave_1: entered promiscuous mode
[   64.511775][ T5976] debugfs: 'hsr0' already exists in 'hsr'
[   64.517499][ T5976] Cannot create hsr debugfs directory
[   64.538406][ T5983] team0: Port device team_slave_1 added
[   64.593139][ T5983] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.600330][ T5983] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.626484][ T5983] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.655727][ T5983] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.662923][ T5983] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.689574][ T5983] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.779449][ T1169] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.814338][ T5983] hsr_slave_0: entered promiscuous mode
[   64.820514][ T5983] hsr_slave_1: entered promiscuous mode
[   64.826390][ T5983] debugfs: 'hsr0' already exists in 'hsr'
[   64.832216][ T5983] Cannot create hsr debugfs directory
[   64.859113][ T5188] Bluetooth: hci0: command tx timeout
[   64.892622][ T5972] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   64.908089][ T5972] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   64.927807][ T5972] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   64.944361][ T5972] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   64.982122][ T5976] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   64.994811][ T5976] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   65.004450][ T5976] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   65.013531][ T5976] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   65.029009][ T5188] Bluetooth: hci1: command tx timeout
[   65.086184][ T5972] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.099376][ T5880] Bluetooth: hci2: command tx timeout
[   65.104791][ T5188] Bluetooth: hci3: command tx timeout
[   65.111792][ T5976] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.127404][ T5972] 8021q: adding VLAN 0 to HW filter on device team0
[   65.141200][ T5976] 8021q: adding VLAN 0 to HW filter on device team0
[   65.149387][ T2999] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.156471][ T2999] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.170046][ T2999] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.177126][ T2999] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.185606][ T2999] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.192717][ T2999] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.207715][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.214899][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.389848][ T5976] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.404687][ T5972] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.447174][ T5972] veth0_vlan: entered promiscuous mode
[   65.459499][ T5976] veth0_vlan: entered promiscuous mode
[   65.468329][ T5972] veth1_vlan: entered promiscuous mode
[   65.478344][ T5976] veth1_vlan: entered promiscuous mode
[   65.498054][ T5972] veth0_macvtap: entered promiscuous mode
[   65.507032][ T5972] veth1_macvtap: entered promiscuous mode
[   65.522608][ T5976] veth0_macvtap: entered promiscuous mode
[   65.531888][ T5976] veth1_macvtap: entered promiscuous mode
[   65.547265][ T5972] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.561553][ T5976] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.571555][ T5972] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.583655][ T5976] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.594934][ T2999] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.604149][ T2999] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.616564][ T2999] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.626563][ T2999] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.638422][ T1169] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.650724][ T2999] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.660115][ T2999] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.672692][ T2999] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.681774][ T2999] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.730850][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.742296][ T2999] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.752472][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.753180][ T2999] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.781191][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.789186][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.813196][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.838426][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.319543][ T6077] ==================================================================
[   66.327641][ T6077] BUG: KASAN: slab-use-after-free in __se_sys_mremap+0xb33/0x1150
[   66.328692][ T1169] bridge_slave_1: left allmulticast mode
[   66.335490][ T6077] Read of size 8 at addr ffff888074738558 by task syz.0.59/6077
[   66.348900][ T6077] 
[   66.351253][ T6077] CPU: 1 UID: 0 PID: 6077 Comm: syz.0.59 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[   66.351275][ T6077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   66.351285][ T6077] Call Trace:
[   66.351292][ T6077]  <TASK>
[   66.351299][ T6077]  dump_stack_lvl+0x189/0x250
[   66.351327][ T6077]  ? __pfx_dump_stack_lvl+0x10/0x10
[   66.351348][ T6077]  ? lock_release+0x4b/0x3e0
[   66.351366][ T6077]  ? __virt_addr_valid+0x4a5/0x5c0
[   66.351383][ T6077]  print_report+0xca/0x240
[   66.351399][ T6077]  ? __se_sys_mremap+0xb33/0x1150
[   66.351419][ T6077]  kasan_report+0x118/0x150
[   66.351436][ T6077]  ? __se_sys_mremap+0xb33/0x1150
[   66.351458][ T6077]  __se_sys_mremap+0xb33/0x1150
[   66.351486][ T6077]  ? __pfx___se_sys_mremap+0x10/0x10
[   66.351515][ T6077]  ? rcu_is_watching+0x15/0xb0
[   66.351533][ T6077]  ? __x64_sys_mremap+0x20/0xc0
[   66.351551][ T6077]  do_syscall_64+0xfa/0x3b0
[   66.351570][ T6077]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.351585][ T6077]  ? clear_bhb_loop+0x60/0xb0
[   66.351601][ T6077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.351617][ T6077] RIP: 0033:0x7f7fd678ebe9
[   66.351638][ T6077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.351651][ T6077] RSP: 002b:00007fff51cbeae8 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   66.351673][ T6077] RAX: ffffffffffffffda RBX: 00007f7fd69b5fa0 RCX: 00007f7fd678ebe9
[   66.351686][ T6077] RDX: 0000000000002000 RSI: 0000000000002000 RDI: 0000200000041000
[   66.351697][ T6077] RBP: 00007f7fd6811e19 R08: 00002000004c3000 R09: 0000000000000000
[   66.351708][ T6077] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[   66.351718][ T6077] R13: 00007f7fd69b5fa0 R14: 00007f7fd69b5fa0 R15: 0000000000000005
[   66.351734][ T6077]  </TASK>
[   66.351739][ T6077] 
[   66.357828][ T1169] bridge_slave_1: left promiscuous mode
[   66.363096][ T6077] Allocated by task 5972:
[   66.363107][ T6077]  kasan_save_track+0x3e/0x80
[   66.363123][ T6077]  __kasan_slab_alloc+0x6c/0x80
[   66.363135][ T6077]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[   66.363149][ T6077]  vm_area_dup+0x2b/0x680
[   66.566006][ T6077]  dup_mmap+0x90c/0x1ac0
[   66.570235][ T6077]  copy_mm+0x13c/0x4b0
[   66.574288][ T6077]  copy_process+0x1706/0x3c00
[   66.578952][ T6077]  kernel_clone+0x21e/0x840
[   66.583540][ T6077]  __x64_sys_clone+0x18b/0x1e0
[   66.588291][ T6077]  do_syscall_64+0xfa/0x3b0
[   66.592773][ T6077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.598658][ T6077] 
[   66.600961][ T6077] Freed by task 2999:
[   66.604923][ T6077]  kasan_save_track+0x3e/0x80
[   66.609582][ T6077]  __kasan_save_free_info+0x46/0x50
[   66.614762][ T6077]  __kasan_slab_free+0x5b/0x80
[   66.619507][ T6077]  slab_free_after_rcu_debug+0x129/0x2a0
[   66.625472][ T6077]  rcu_core+0xca8/0x1770
[   66.629698][ T6077]  handle_softirqs+0x286/0x870
[   66.634445][ T6077]  do_softirq+0xec/0x180
[   66.638670][ T6077]  __local_bh_enable_ip+0x17d/0x1c0
[   66.643854][ T6077]  batadv_nc_purge_paths+0x318/0x3b0
[   66.649294][ T6077]  batadv_nc_worker+0x328/0x610
[   66.654129][ T6077]  process_scheduled_works+0xae1/0x17b0
[   66.659656][ T6077]  worker_thread+0x8a0/0xda0
[   66.664252][ T6077]  kthread+0x711/0x8a0
[   66.668301][ T6077]  ret_from_fork+0x3f9/0x770
[   66.672872][ T6077]  ret_from_fork_asm+0x1a/0x30
[   66.677620][ T6077] 
[   66.679929][ T6077] Last potentially related work creation:
[   66.685623][ T6077]  kasan_save_stack+0x3e/0x60
[   66.690284][ T6077]  kasan_record_aux_stack+0xbd/0xd0
[   66.695550][ T6077]  kmem_cache_free+0x2f6/0x400
[   66.700294][ T6077]  vms_complete_munmap_vmas+0x626/0x8a0
[   66.705847][ T6077]  do_vmi_align_munmap+0x358/0x420
[   66.710944][ T6077]  do_vmi_munmap+0x253/0x2e0
[   66.715518][ T6077]  do_munmap+0xe1/0x140
[   66.719668][ T6077]  mremap_to+0x2df/0x7a0
[   66.723897][ T6077]  __se_sys_mremap+0xadf/0x1150
[   66.729078][ T6077]  do_syscall_64+0xfa/0x3b0
[   66.733741][ T6077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.739619][ T6077] 
[   66.741926][ T6077] The buggy address belongs to the object at ffff888074738500
[   66.741926][ T6077]  which belongs to the cache vm_area_struct of size 256
[   66.756303][ T6077] The buggy address is located 88 bytes inside of
[   66.756303][ T6077]  freed 256-byte region [ffff888074738500, ffff888074738600)
[   66.769989][ T6077] 
[   66.772297][ T6077] The buggy address belongs to the physical page:
[   66.778705][ T6077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x74738
[   66.787549][ T6077] memcg:ffff888030d7f981
[   66.791772][ T6077] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[   66.798944][ T6077] page_type: f5(slab)
[   66.802959][ T6077] raw: 00fff00000000000 ffff88801bed5b40 dead000000000100 dead000000000122
[   66.811532][ T6077] raw: 0000000000000000 00000000000c000c 00000000f5000000 ffff888030d7f981
[   66.820157][ T6077] page dumped because: kasan: bad access detected
[   66.826556][ T6077] page_owner tracks the page as allocated
[   66.832248][ T6077] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5248, tgid 5248 (udevd), ts 24347982328, free_ts 24338159697
[   66.850906][ T6077]  post_alloc_hook+0x240/0x2a0
[   66.855660][ T6077]  get_page_from_freelist+0x21e4/0x22c0
[   66.861189][ T6077]  __alloc_frozen_pages_noprof+0x181/0x370
[   66.866974][ T6077]  alloc_pages_mpol+0x232/0x4a0
[   66.871804][ T6077]  allocate_slab+0x8a/0x370
[   66.876290][ T6077]  ___slab_alloc+0xbeb/0x1410
[   66.881131][ T6077]  kmem_cache_alloc_noprof+0x283/0x3c0
[   66.886673][ T6077]  vm_area_dup+0x2b/0x680
[   66.891098][ T6077]  dup_mmap+0x90c/0x1ac0
[   66.895379][ T6077]  copy_mm+0x13c/0x4b0
[   66.899455][ T6077]  copy_process+0x1706/0x3c00
[   66.904116][ T6077]  kernel_clone+0x21e/0x840
[   66.908605][ T6077]  __x64_sys_clone+0x18b/0x1e0
[   66.913388][ T6077]  do_syscall_64+0xfa/0x3b0
[   66.917880][ T6077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.923759][ T6077] page last free pid 23 tgid 23 stack trace:
[   66.929806][ T6077]  __free_frozen_pages+0xbc4/0xd30
[   66.934904][ T6077]  __tlb_remove_table+0x2d2/0x3b0
[   66.939924][ T6077]  tlb_remove_table_rcu+0x85/0x100
[   66.945018][ T6077]  rcu_core+0xca8/0x1770
[   66.949292][ T6077]  handle_softirqs+0x286/0x870
[   66.954042][ T6077]  run_ksoftirqd+0x9b/0x100
[   66.958529][ T6077]  smpboot_thread_fn+0x542/0xa60
[   66.963459][ T6077]  kthread+0x711/0x8a0
[   66.967509][ T6077]  ret_from_fork+0x3f9/0x770
[   66.972092][ T6077]  ret_from_fork_asm+0x1a/0x30
[   66.976838][ T6077] 
[   66.979145][ T6077] Memory state around the buggy address:
[   66.984759][ T6077]  ffff888074738400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   66.992815][ T6077]  ffff888074738480: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   67.000858][ T6077] >ffff888074738500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   67.008907][ T6077]                                                     ^
[   67.015824][ T6077]  ffff888074738580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   67.023882][ T6077]  ffff888074738600: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   67.032022][ T6077] ==================================================================
[   67.049941][ T1169] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.063812][ T5188] Bluetooth: hci0: command tx timeout
[   67.075224][ T1169] bridge_slave_0: left allmulticast mode
[   67.078942][ T6077] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[   67.078961][ T6077] CPU: 1 UID: 0 PID: 6077 Comm: syz.0.59 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[   67.078981][ T6077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   67.078992][ T6077] Call Trace:
[   67.078999][ T6077]  <TASK>
[   67.079006][ T6077]  dump_stack_lvl+0x99/0x250
[   67.079034][ T6077]  ? __asan_memcpy+0x40/0x70
[   67.079055][ T6077]  ? __pfx_dump_stack_lvl+0x10/0x10
[   67.079076][ T6077]  ? __pfx__printk+0x10/0x10
[   67.079101][ T6077]  vpanic+0x281/0x750
[   67.079119][ T6077]  ? preempt_schedule+0xae/0xc0
[   67.079134][ T6077]  ? __pfx_vpanic+0x10/0x10
[   67.079151][ T6077]  ? preempt_schedule_common+0x83/0xd0
[   67.079167][ T6077]  ? preempt_schedule+0xae/0xc0
[   67.079181][ T6077]  ? __pfx_preempt_schedule+0x10/0x10
[   67.079198][ T6077]  panic+0xb9/0xc0
[   67.079215][ T6077]  ? __pfx_panic+0x10/0x10
[   67.079234][ T6077]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[   67.079260][ T6077]  ? __se_sys_mremap+0xb33/0x1150
[   67.079280][ T6077]  check_panic_on_warn+0x89/0xb0
[   67.079297][ T6077]  ? __se_sys_mremap+0xb33/0x1150
[   67.079316][ T6077]  end_report+0x78/0x160
[   67.079332][ T6077]  kasan_report+0x129/0x150
[   67.079349][ T6077]  ? __se_sys_mremap+0xb33/0x1150
[   67.079370][ T6077]  __se_sys_mremap+0xb33/0x1150
[   67.079399][ T6077]  ? __pfx___se_sys_mremap+0x10/0x10
[   67.079434][ T6077]  ? rcu_is_watching+0x15/0xb0
[   67.079453][ T6077]  ? __x64_sys_mremap+0x20/0xc0
[   67.079472][ T6077]  do_syscall_64+0xfa/0x3b0
[   67.079490][ T6077]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.079505][ T6077]  ? clear_bhb_loop+0x60/0xb0
[   67.079523][ T6077]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.079539][ T6077] RIP: 0033:0x7f7fd678ebe9
[   67.079554][ T6077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.079567][ T6077] RSP: 002b:00007fff51cbeae8 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[   67.079586][ T6077] RAX: ffffffffffffffda RBX: 00007f7fd69b5fa0 RCX: 00007f7fd678ebe9
[   67.079598][ T6077] RDX: 0000000000002000 RSI: 0000000000002000 RDI: 0000200000041000
[   67.079609][ T6077] RBP: 00007f7fd6811e19 R08: 00002000004c3000 R09: 0000000000000000
[   67.079621][ T6077] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[   67.079631][ T6077] R13: 00007f7fd69b5fa0 R14: 00007f7fd69b5fa0 R15: 0000000000000005
[   67.079648][ T6077]  </TASK>
[   67.081151][ T6077] Kernel Offset: disabled