Warning: Permanently added '10.128.0.69' (ED25519) to the list of known hosts.
2024/06/21 15:13:53 ignoring optional flag "sandboxArg"="0"
2024/06/21 15:13:53 parsed 1 programs
[ 75.314183][ T5092] cgroup: Unknown subsys name 'net'
[ 75.673093][ T5092] cgroup: Unknown subsys name 'rlimit'
[ 77.110787][ T5110] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 77.537530][ T5131] chnl_net:caif_netlink_parms(): no params data found
[ 77.628166][ T5131] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.635485][ T5131] bridge0: port 1(bridge_slave_0) entered disabled state
[ 77.643106][ T5131] bridge_slave_0: entered allmulticast mode
[ 77.651802][ T5131] bridge_slave_0: entered promiscuous mode
[ 77.662055][ T5131] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.670519][ T5131] bridge0: port 2(bridge_slave_1) entered disabled state
[ 77.678051][ T5131] bridge_slave_1: entered allmulticast mode
[ 77.685173][ T5131] bridge_slave_1: entered promiscuous mode
[ 77.724199][ T5131] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 77.738204][ T5131] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 77.776088][ T5131] team0: Port device team_slave_0 added
[ 77.785400][ T5131] team0: Port device team_slave_1 added
[ 77.817963][ T5131] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 77.825018][ T5131] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 77.851196][ T5131] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 77.864471][ T5131] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 77.871545][ T5131] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 77.898351][ T5131] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 77.947416][ T5131] hsr_slave_0: entered promiscuous mode
[ 77.954102][ T5131] hsr_slave_1: entered promiscuous mode
[ 78.110948][ T5131] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 78.122548][ T5131] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 78.133211][ T5131] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 78.143536][ T5131] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 78.175671][ T5131] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.183243][ T5131] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.191622][ T5131] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.198896][ T5131] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.274081][ T5131] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.294802][ T5131] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.307962][ T5139] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.318201][ T5139] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.342486][ T57] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.349704][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.367593][ T5139] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.374763][ T5139] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.558918][ T5131] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 78.607335][ T5131] veth0_vlan: entered promiscuous mode
[ 78.621155][ T5131] veth1_vlan: entered promiscuous mode
[ 78.657980][ T5131] veth0_macvtap: entered promiscuous mode
[ 78.669078][ T5131] veth1_macvtap: entered promiscuous mode
[ 78.690636][ T5131] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 78.705629][ T5131] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 78.719933][ T5131] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.730163][ T5131] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.739158][ T5131] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.748526][ T5131] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.885066][ T63] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.941557][ T63] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 79.012083][ T63] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 79.100178][ T63] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 79.232787][ T2458] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.242639][ T2458] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.274953][ T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.283621][ T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 80.279020][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 80.289475][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 80.301098][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 80.314791][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 80.322946][ T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 80.331769][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2024/06/21 15:13:59 executed programs: 0
[ 81.355212][ T4489] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 81.368425][ T4489] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 81.377624][ T4489] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 81.386524][ T4489] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 81.394592][ T4489] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 81.403351][ T4489] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 81.574261][ T5197] chnl_net:caif_netlink_parms(): no params data found
[ 81.650487][ T5197] bridge0: port 1(bridge_slave_0) entered blocking state
[ 81.658302][ T5197] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.665569][ T5197] bridge_slave_0: entered allmulticast mode
[ 81.674894][ T5197] bridge_slave_0: entered promiscuous mode
[ 81.684488][ T5197] bridge0: port 2(bridge_slave_1) entered blocking state
[ 81.691903][ T5197] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.699350][ T5197] bridge_slave_1: entered allmulticast mode
[ 81.706823][ T5197] bridge_slave_1: entered promiscuous mode
[ 81.740839][ T5197] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 81.752973][ T5197] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 81.789754][ T5197] team0: Port device team_slave_0 added
[ 81.799732][ T5197] team0: Port device team_slave_1 added
[ 81.831691][ T5197] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 81.839354][ T5197] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 81.868818][ T5197] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 81.882543][ T5197] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 81.890229][ T5197] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 81.917794][ T5197] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 81.967305][ T5197] hsr_slave_0: entered promiscuous mode
[ 81.974102][ T5197] hsr_slave_1: entered promiscuous mode
[ 81.980873][ T5197] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 81.989384][ T5197] Cannot create hsr debugfs directory
[ 83.436665][ T4489] Bluetooth: hci0: command tx timeout
[ 84.131519][ T63] bridge_slave_1: left allmulticast mode
[ 84.137733][ T63] bridge_slave_1: left promiscuous mode
[ 84.144218][ T63] bridge0: port 2(bridge_slave_1) entered disabled state
[ 84.158140][ T63] bridge_slave_0: left allmulticast mode
[ 84.163845][ T63] bridge_slave_0: left promiscuous mode
[ 84.171353][ T63] bridge0: port 1(bridge_slave_0) entered disabled state
[ 84.453753][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 84.468600][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 84.479313][ T63] bond0 (unregistering): Released all slaves
[ 84.669724][ T63] hsr_slave_0: left promiscuous mode
[ 84.679423][ T63] hsr_slave_1: left promiscuous mode
[ 84.687020][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 84.694561][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 84.708282][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 84.719316][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 84.743230][ T63] veth1_macvtap: left promiscuous mode
[ 84.749751][ T63] veth0_macvtap: left promiscuous mode
[ 84.755491][ T63] veth1_vlan: left promiscuous mode
[ 84.762264][ T63] veth0_vlan: left promiscuous mode
[ 85.161363][ T63] team0 (unregistering): Port device team_slave_1 removed
[ 85.189130][ T63] team0 (unregistering): Port device team_slave_0 removed
[ 85.506706][ T4489] Bluetooth: hci0: command tx timeout
[ 85.618665][ T5197] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 85.634954][ T5197] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 85.668181][ T5197] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 85.680671][ T5197] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 85.851677][ T5197] 8021q: adding VLAN 0 to HW filter on device bond0
[ 85.901880][ T5197] 8021q: adding VLAN 0 to HW filter on device team0
[ 85.939660][ T25] bridge0: port 1(bridge_slave_0) entered blocking state
[ 85.947058][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 85.958829][ T25] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.966062][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 86.511991][ T5197] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 86.556935][ T5197] veth0_vlan: entered promiscuous mode
[ 86.570082][ T5197] veth1_vlan: entered promiscuous mode
[ 86.602089][ T5197] veth0_macvtap: entered promiscuous mode
[ 86.612246][ T5197] veth1_macvtap: entered promiscuous mode
[ 86.631809][ T5197] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 86.647081][ T5197] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 86.661211][ T5197] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.671176][ T5197] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.680069][ T5197] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.689157][ T5197] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.757198][ T1046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 86.766602][ T1046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 86.802420][ T1046] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 86.811010][ T1046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2024/06/21 15:14:05 executed programs: 1
[ 86.947056][ T51] ==================================================================
[ 86.955190][ T51] BUG: KASAN: slab-use-after-free in l2tp_session_delete+0x28/0x9e0
[ 86.963254][ T51] Write of size 8 at addr ffff88807cb2d808 by task kworker/u8:3/51
[ 86.971187][ T51]
[ 86.973634][ T51] CPU: 0 PID: 51 Comm: kworker/u8:3 Not tainted 6.10.0-rc4-syzkaller-00836-gb0d3969d2b4d #0
[ 86.983901][ T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 86.994603][ T51] Workqueue: l2tp l2tp_tunnel_del_work
[ 87.000136][ T51] Call Trace:
[ 87.003435][ T51]
[ 87.006387][ T51] dump_stack_lvl+0x241/0x360
[ 87.011107][ T51] ? __pfx_dump_stack_lvl+0x10/0x10
[ 87.016343][ T51] ? __pfx__printk+0x10/0x10
[ 87.020968][ T51] ? _printk+0xd5/0x120
[ 87.025253][ T51] ? __virt_addr_valid+0x183/0x520
[ 87.030399][ T51] ? __virt_addr_valid+0x183/0x520
[ 87.035718][ T51] print_report+0x169/0x550
[ 87.040254][ T51] ? __virt_addr_valid+0x183/0x520
[ 87.045396][ T51] ? __virt_addr_valid+0x183/0x520
[ 87.050536][ T51] ? __virt_addr_valid+0x44e/0x520
[ 87.055767][ T51] ? __phys_addr+0xba/0x170
[ 87.060309][ T51] ? l2tp_session_delete+0x28/0x9e0
[ 87.065525][ T51] kasan_report+0x143/0x180
[ 87.070045][ T51] ? l2tp_session_delete+0x28/0x9e0
[ 87.075808][ T51] kasan_check_range+0x282/0x290
[ 87.080762][ T51] l2tp_session_delete+0x28/0x9e0
[ 87.085802][ T51] ? l2tp_tunnel_del_work+0x1d3/0x330
[ 87.091191][ T51] l2tp_tunnel_del_work+0x1cb/0x330
[ 87.096404][ T51] ? process_scheduled_works+0x945/0x1830
[ 87.102141][ T51] process_scheduled_works+0xa2c/0x1830
[ 87.107713][ T51] ? __pfx_process_scheduled_works+0x10/0x10
[ 87.113705][ T51] ? assign_work+0x364/0x3d0
[ 87.119085][ T51] worker_thread+0x86d/0xd70
[ 87.123780][ T51] ? __kthread_parkme+0x169/0x1d0
[ 87.128824][ T51] ? __pfx_worker_thread+0x10/0x10
[ 87.134052][ T51] kthread+0x2f0/0x390
[ 87.138131][ T51] ? __pfx_worker_thread+0x10/0x10
[ 87.143352][ T51] ? __pfx_kthread+0x10/0x10
[ 87.148038][ T51] ret_from_fork+0x4b/0x80
[ 87.152471][ T51] ? __pfx_kthread+0x10/0x10
[ 87.157072][ T51] ret_from_fork_asm+0x1a/0x30
[ 87.161894][ T51]
[ 87.164915][ T51]
[ 87.167262][ T51] Allocated by task 5237:
[ 87.171611][ T51] kasan_save_track+0x3f/0x80
[ 87.176297][ T51] __kasan_kmalloc+0x98/0xb0
[ 87.180915][ T51] __kmalloc_noprof+0x1f9/0x400
[ 87.185768][ T51] l2tp_session_create+0x3b/0xc20
[ 87.190820][ T51] pppol2tp_connect+0xca3/0x17a0
[ 87.195791][ T51] __sys_connect+0x2df/0x310
[ 87.200476][ T51] __x64_sys_connect+0x7a/0x90
[ 87.205280][ T51] do_syscall_64+0xf3/0x230
[ 87.209794][ T51] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.215700][ T51]
[ 87.218027][ T51] Freed by task 5112:
[ 87.222029][ T51] kasan_save_track+0x3f/0x80
[ 87.226815][ T51] kasan_save_free_info+0x40/0x50
[ 87.231872][ T51] poison_slab_object+0xe0/0x150
[ 87.236870][ T51] __kasan_slab_free+0x37/0x60
[ 87.241951][ T51] kfree+0x149/0x360
[ 87.245878][ T51] __sk_destruct+0x58/0x5f0
[ 87.250462][ T51] rcu_core+0xafd/0x1830
[ 87.254730][ T51] handle_softirqs+0x2c4/0x970
[ 87.259518][ T51] __irq_exit_rcu+0xf4/0x1c0
[ 87.264135][ T51] irq_exit_rcu+0x9/0x30
[ 87.268394][ T51] sysvec_apic_timer_interrupt+0xa6/0xc0
[ 87.274047][ T51] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 87.280070][ T51]
[ 87.282570][ T51] Last potentially related work creation:
[ 87.288486][ T51] kasan_save_stack+0x3f/0x60
[ 87.293182][ T51] __kasan_record_aux_stack+0xac/0xc0
[ 87.298563][ T51] call_rcu+0x167/0xa70
[ 87.302728][ T51] pppol2tp_release+0x24b/0x350
[ 87.307683][ T51] sock_close+0xbc/0x240
[ 87.311944][ T51] __fput+0x406/0x8b0
[ 87.315936][ T51] task_work_run+0x24f/0x310
[ 87.320626][ T51] syscall_exit_to_user_mode+0x168/0x370
[ 87.326270][ T51] do_syscall_64+0x100/0x230
[ 87.330869][ T51] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.336772][ T51]
[ 87.339095][ T51] The buggy address belongs to the object at ffff88807cb2d800
[ 87.339095][ T51] which belongs to the cache kmalloc-1k of size 1024
[ 87.353149][ T51] The buggy address is located 8 bytes inside of
[ 87.353149][ T51] freed 1024-byte region [ffff88807cb2d800, ffff88807cb2dc00)
[ 87.367332][ T51]
[ 87.369690][ T51] The buggy address belongs to the physical page:
[ 87.376113][ T51] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7cb28
[ 87.384892][ T51] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 87.393439][ T51] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 87.401110][ T51] page_type: 0xffffefff(slab)
[ 87.406056][ T51] raw: 00fff00000000040 ffff888015041dc0 dead000000000122 0000000000000000
[ 87.415966][ T51] raw: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[ 87.424582][ T51] head: 00fff00000000040 ffff888015041dc0 dead000000000122 0000000000000000
[ 87.433377][ T51] head: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[ 87.442073][ T51] head: 00fff00000000003 ffffea0001f2ca01 ffffffffffffffff 0000000000000000
[ 87.451291][ T51] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 87.459960][ T51] page dumped because: kasan: bad access detected
[ 87.466385][ T51] page_owner tracks the page as allocated
[ 87.472098][ T51] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 45, tgid 45 (kworker/1:1), ts 86850237017, free_ts 86821126457
[ 87.494630][ T51] post_alloc_hook+0x1f3/0x230
[ 87.499415][ T51] get_page_from_freelist+0x2e43/0x2f00
[ 87.504987][ T51] __alloc_pages_noprof+0x256/0x6c0
[ 87.510210][ T51] alloc_slab_page+0x5f/0x120
[ 87.514908][ T51] allocate_slab+0x5a/0x2f0
[ 87.519525][ T51] ___slab_alloc+0xcd1/0x14b0
[ 87.524409][ T51] __slab_alloc+0x58/0xa0
[ 87.528761][ T51] kmalloc_node_track_caller_noprof+0x281/0x440
[ 87.535040][ T51] kmalloc_reserve+0x111/0x2a0
[ 87.539830][ T51] __alloc_skb+0x1f3/0x440
[ 87.544256][ T51] inet6_rt_notify+0xdf/0x290
[ 87.548940][ T51] fib6_add+0x1e33/0x4430
[ 87.553289][ T51] ip6_route_add+0x8b/0x160
[ 87.557800][ T51] addrconf_add_linklocal+0x61a/0xa30
[ 87.563208][ T51] addrconf_addr_gen+0x510/0xbb0
[ 87.568179][ T51] addrconf_init_auto_addrs+0x96a/0xeb0
[ 87.573837][ T51] page last free pid 1046 tgid 1046 stack trace:
[ 87.580263][ T51] free_unref_page+0xd22/0xea0
[ 87.585047][ T51] __put_partials+0xeb/0x130
[ 87.589655][ T51] put_cpu_partial+0x17c/0x250
[ 87.594426][ T51] __slab_free+0x2ea/0x3d0
[ 87.598856][ T51] qlist_free_all+0x9e/0x140
[ 87.603461][ T51] kasan_quarantine_reduce+0x14f/0x170
[ 87.608939][ T51] __kasan_slab_alloc+0x23/0x80
[ 87.613818][ T51] __kmalloc_noprof+0x1a3/0x400
[ 87.618685][ T51] ieee80211_alloc_chanctx+0xc3/0x2d0
[ 87.624090][ T51] ieee80211_new_chanctx+0xa8/0x250
[ 87.629399][ T51] _ieee80211_link_use_channel+0xb15/0x10c0
[ 87.635308][ T51] __ieee80211_sta_join_ibss+0x6bf/0x16b0
[ 87.641068][ T51] ieee80211_sta_create_ibss+0x3a8/0x650
[ 87.646976][ T51] ieee80211_ibss_work+0xde5/0x14c0
[ 87.652195][ T51] cfg80211_wiphy_work+0x2db/0x490
[ 87.657351][ T51] process_scheduled_works+0xa2c/0x1830
[ 87.662918][ T51]
[ 87.665244][ T51] Memory state around the buggy address:
[ 87.670999][ T51] ffff88807cb2d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 87.679162][ T51] ffff88807cb2d780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 87.687237][ T51] >ffff88807cb2d800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 87.695415][ T51] ^
[ 87.699758][ T51] ffff88807cb2d880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 87.707928][ T51] ffff88807cb2d900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 87.716003][ T51] ==================================================================
[ 87.739704][ T4489] Bluetooth: hci0: command tx timeout
[ 87.755436][ T51] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 87.762777][ T51] CPU: 1 PID: 51 Comm: kworker/u8:3 Not tainted 6.10.0-rc4-syzkaller-00836-gb0d3969d2b4d #0
[ 87.772883][ T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 87.783071][ T51] Workqueue: l2tp l2tp_tunnel_del_work
[ 87.788584][ T51] Call Trace:
[ 87.791885][ T51]
[ 87.794835][ T51] dump_stack_lvl+0x241/0x360
[ 87.799551][ T51] ? __pfx_dump_stack_lvl+0x10/0x10
[ 87.804777][ T51] ? __pfx__printk+0x10/0x10
[ 87.809404][ T51] ? preempt_schedule+0xe1/0xf0
[ 87.814407][ T51] ? vscnprintf+0x5d/0x90
[ 87.819132][ T51] panic+0x349/0x860
[ 87.823158][ T51] ? check_panic_on_warn+0x21/0xb0
[ 87.828336][ T51] ? __pfx_panic+0x10/0x10
[ 87.832804][ T51] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 87.838824][ T51] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 87.845188][ T51] ? print_report+0x502/0x550
[ 87.849907][ T51] check_panic_on_warn+0x86/0xb0
[ 87.854911][ T51] ? l2tp_session_delete+0x28/0x9e0
[ 87.860235][ T51] end_report+0x77/0x160
[ 87.864508][ T51] kasan_report+0x154/0x180
[ 87.869044][ T51] ? l2tp_session_delete+0x28/0x9e0
[ 87.874293][ T51] kasan_check_range+0x282/0x290
[ 87.879266][ T51] l2tp_session_delete+0x28/0x9e0
[ 87.884332][ T51] ? l2tp_tunnel_del_work+0x1d3/0x330
[ 87.889752][ T51] l2tp_tunnel_del_work+0x1cb/0x330
[ 87.894985][ T51] ? process_scheduled_works+0x945/0x1830
[ 87.900728][ T51] process_scheduled_works+0xa2c/0x1830
[ 87.906344][ T51] ? __pfx_process_scheduled_works+0x10/0x10
[ 87.912524][ T51] ? assign_work+0x364/0x3d0
[ 87.917231][ T51] worker_thread+0x86d/0xd70
[ 87.921853][ T51] ? __kthread_parkme+0x169/0x1d0
[ 87.926905][ T51] ? __pfx_worker_thread+0x10/0x10
[ 87.932051][ T51] kthread+0x2f0/0x390
[ 87.936239][ T51] ? __pfx_worker_thread+0x10/0x10
[ 87.941483][ T51] ? __pfx_kthread+0x10/0x10
[ 87.946205][ T51] ret_from_fork+0x4b/0x80
[ 87.950782][ T51] ? __pfx_kthread+0x10/0x10
[ 87.955409][ T51] ret_from_fork_asm+0x1a/0x30
[ 87.960224][ T51]
[ 87.963550][ T51] Kernel Offset: disabled
[ 87.967898][ T51] Rebooting in 86400 seconds..