Warning: Permanently added '10.128.0.116' (ED25519) to the list of known hosts.
2024/06/29 04:11:05 ignoring optional flag "sandboxArg"="0"
2024/06/29 04:11:05 parsed 1 programs
[  170.601918][ T5111] cgroup: Unknown subsys name 'net'
[  170.745577][ T5111] cgroup: Unknown subsys name 'rlimit'
[  172.477762][ T5111] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  172.883304][   T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.896684][   T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  172.935260][ T2468] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  172.943368][ T2468] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.704737][ T5143] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  173.713321][ T5143] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  173.721820][ T5143] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  173.734875][ T5143] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  173.743330][ T5143] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  173.752402][ T5143] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  174.960503][ T5165] chnl_net:caif_netlink_parms(): no params data found
[  175.048778][ T5165] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.057024][ T5165] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.066101][ T5165] bridge_slave_0: entered allmulticast mode
[  175.073404][ T5165] bridge_slave_0: entered promiscuous mode
[  175.083764][ T5165] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.091698][ T5165] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.099133][ T5165] bridge_slave_1: entered allmulticast mode
[  175.106277][ T5165] bridge_slave_1: entered promiscuous mode
[  175.145538][ T5165] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  175.159235][ T5165] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  175.193652][ T5165] team0: Port device team_slave_0 added
[  175.203597][ T5165] team0: Port device team_slave_1 added
[  175.230990][ T5165] batman_adv: batadv0: Adding interface: batadv_slave_0
[  175.238618][ T5165] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.264785][ T5165] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  175.278610][ T5165] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.285671][ T5165] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.311910][ T5165] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  175.358093][ T5165] hsr_slave_0: entered promiscuous mode
[  175.364935][ T5165] hsr_slave_1: entered promiscuous mode
[  175.505659][ T5165] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  175.517781][ T5165] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  175.528381][ T5165] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  175.539597][ T5165] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  175.571895][ T5165] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.579498][ T5165] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.588189][ T5165] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.595923][ T5165] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.662415][ T5165] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.688057][ T5165] 8021q: adding VLAN 0 to HW filter on device team0
[  175.698440][  T785] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.707939][  T785] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.737407][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.745447][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.755932][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.763477][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.947740][ T5165] 8021q: adding VLAN 0 to HW filter on device batadv0
[  175.995908][ T5165] veth0_vlan: entered promiscuous mode
[  176.009282][ T5165] veth1_vlan: entered promiscuous mode
[  176.046385][ T5165] veth0_macvtap: entered promiscuous mode
[  176.056834][ T5165] veth1_macvtap: entered promiscuous mode
[  176.078874][ T5165] batman_adv: batadv0: Interface activated: batadv_slave_0
[  176.095126][ T5165] batman_adv: batadv0: Interface activated: batadv_slave_1
[  176.107859][ T5165] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  176.118916][ T5165] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  176.127819][ T5165] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  176.137604][ T5165] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.243110][ T5165] syz-executor (5165) used greatest stack depth: 18352 bytes left
[  176.278774][ T2468] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.371685][ T2468] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.447126][ T2468] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.557101][ T2468] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2024/06/29 04:11:12 executed programs: 0
[  177.126020][ T5143] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  177.134425][ T5143] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  177.144032][ T5143] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  177.152804][ T5143] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  177.162019][ T5143] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  177.170795][ T5143] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  177.349420][ T5198] chnl_net:caif_netlink_parms(): no params data found
[  177.431309][ T5198] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.438796][ T5198] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.447003][ T5198] bridge_slave_0: entered allmulticast mode
[  177.454336][ T5198] bridge_slave_0: entered promiscuous mode
[  177.463528][ T5198] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.470951][ T5198] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.479120][ T5198] bridge_slave_1: entered allmulticast mode
[  177.486729][ T5198] bridge_slave_1: entered promiscuous mode
[  177.526169][ T5198] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  177.541318][ T5198] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  177.580782][ T5198] team0: Port device team_slave_0 added
[  177.591975][ T5198] team0: Port device team_slave_1 added
[  177.623783][ T5198] batman_adv: batadv0: Adding interface: batadv_slave_0
[  177.631338][ T5198] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.658458][ T5198] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  177.672375][ T5198] batman_adv: batadv0: Adding interface: batadv_slave_1
[  177.679622][ T5198] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  177.706409][ T5198] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.756466][ T5198] hsr_slave_0: entered promiscuous mode
[  177.763086][ T5198] hsr_slave_1: entered promiscuous mode
[  177.771111][ T5198] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  177.779785][ T5198] Cannot create hsr debugfs directory
[  179.215831][ T5143] Bluetooth: hci0: command tx timeout
[  180.942405][ T2468] bridge_slave_1: left allmulticast mode
[  180.950507][ T2468] bridge_slave_1: left promiscuous mode
[  180.961296][ T2468] bridge0: port 2(bridge_slave_1) entered disabled state
[  180.984552][ T2468] bridge_slave_0: left allmulticast mode
[  180.990739][ T2468] bridge_slave_0: left promiscuous mode
[  180.997186][ T2468] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.243900][ T2468] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  181.256621][ T2468] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  181.267189][ T2468] bond0 (unregistering): Released all slaves
[  181.296155][ T5143] Bluetooth: hci0: command tx timeout
[  181.419457][ T2468] hsr_slave_0: left promiscuous mode
[  181.426666][ T2468] hsr_slave_1: left promiscuous mode
[  181.439440][ T2468] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  181.447435][ T2468] batman_adv: batadv0: Removing interface: batadv_slave_0
[  181.457843][ T2468] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  181.469089][ T2468] batman_adv: batadv0: Removing interface: batadv_slave_1
[  181.494072][ T2468] veth1_macvtap: left promiscuous mode
[  181.500491][ T2468] veth0_macvtap: left promiscuous mode
[  181.509563][ T2468] veth1_vlan: left promiscuous mode
[  181.515561][ T2468] veth0_vlan: left promiscuous mode
[  181.940213][ T2468] team0 (unregistering): Port device team_slave_1 removed
[  181.972989][ T2468] team0 (unregistering): Port device team_slave_0 removed
[  182.518020][ T5198] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  182.536864][ T5198] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  182.550941][ T5198] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  182.566011][ T5198] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  182.974439][ T5198] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.023347][ T5198] 8021q: adding VLAN 0 to HW filter on device team0
[  183.057429][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.064734][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.107220][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.114491][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.375638][ T5143] Bluetooth: hci0: command tx timeout
[  183.382372][ T5198] 8021q: adding VLAN 0 to HW filter on device batadv0
[  183.447883][ T5198] veth0_vlan: entered promiscuous mode
[  183.461908][ T5198] veth1_vlan: entered promiscuous mode
[  183.516442][ T5198] veth0_macvtap: entered promiscuous mode
[  183.533923][ T5198] veth1_macvtap: entered promiscuous mode
[  183.554449][ T5198] batman_adv: batadv0: Interface activated: batadv_slave_0
[  183.572504][ T5198] batman_adv: batadv0: Interface activated: batadv_slave_1
[  183.586038][ T5198] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  183.596026][ T5198] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  183.604886][ T5198] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  183.613623][ T5198] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  183.683337][ T2463] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.691849][ T2463] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.719497][ T2463] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
2024/06/29 04:11:18 executed programs: 2
[  183.728294][ T2463] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.907468][ T2463] ==================================================================
[  183.915840][ T2463] BUG: KASAN: slab-use-after-free in l2tp_session_delete+0x28/0x9e0
[  183.923894][ T2463] Write of size 8 at addr ffff88807bc06008 by task kworker/u8:8/2463
[  183.931995][ T2463] 
[  183.934356][ T2463] CPU: 1 PID: 2463 Comm: kworker/u8:8 Not tainted 6.10.0-rc5-syzkaller-01097-g748e3bbf4721 #0
[  183.944625][ T2463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  183.954816][ T2463] Workqueue: l2tp l2tp_tunnel_del_work
[  183.960342][ T2463] Call Trace:
[  183.963666][ T2463]  <TASK>
[  183.966637][ T2463]  dump_stack_lvl+0x241/0x360
[  183.971376][ T2463]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.976625][ T2463]  ? __pfx__printk+0x10/0x10
[  183.981316][ T2463]  ? _printk+0xd5/0x120
[  183.985520][ T2463]  ? __virt_addr_valid+0x183/0x520
[  183.990712][ T2463]  ? __virt_addr_valid+0x183/0x520
[  183.995905][ T2463]  print_report+0x169/0x550
[  184.000464][ T2463]  ? __virt_addr_valid+0x183/0x520
[  184.005657][ T2463]  ? __virt_addr_valid+0x183/0x520
[  184.010823][ T2463]  ? __virt_addr_valid+0x44e/0x520
[  184.015982][ T2463]  ? __phys_addr+0xba/0x170
[  184.020811][ T2463]  ? l2tp_session_delete+0x28/0x9e0
[  184.026050][ T2463]  kasan_report+0x143/0x180
[  184.030571][ T2463]  ? l2tp_session_delete+0x28/0x9e0
[  184.035810][ T2463]  kasan_check_range+0x282/0x290
[  184.040851][ T2463]  l2tp_session_delete+0x28/0x9e0
[  184.045973][ T2463]  ? l2tp_tunnel_del_work+0x1d3/0x330
[  184.051448][ T2463]  l2tp_tunnel_del_work+0x1cb/0x330
[  184.056655][ T2463]  ? process_scheduled_works+0x945/0x1830
[  184.062382][ T2463]  process_scheduled_works+0xa2c/0x1830
[  184.067951][ T2463]  ? __pfx_process_scheduled_works+0x10/0x10
[  184.073956][ T2463]  ? assign_work+0x364/0x3d0
[  184.078601][ T2463]  worker_thread+0x86d/0xd50
[  184.083212][ T2463]  ? __kthread_parkme+0x169/0x1d0
[  184.088253][ T2463]  ? __pfx_worker_thread+0x10/0x10
[  184.093488][ T2463]  kthread+0x2f0/0x390
[  184.097587][ T2463]  ? __pfx_worker_thread+0x10/0x10
[  184.102800][ T2463]  ? __pfx_kthread+0x10/0x10
[  184.107400][ T2463]  ret_from_fork+0x4b/0x80
[  184.111891][ T2463]  ? __pfx_kthread+0x10/0x10
[  184.116499][ T2463]  ret_from_fork_asm+0x1a/0x30
[  184.121313][ T2463]  </TASK>
[  184.124346][ T2463] 
[  184.126766][ T2463] Allocated by task 5259:
[  184.131099][ T2463]  kasan_save_track+0x3f/0x80
[  184.135805][ T2463]  __kasan_kmalloc+0x98/0xb0
[  184.140453][ T2463]  __kmalloc_noprof+0x1f9/0x400
[  184.145432][ T2463]  l2tp_session_create+0x3b/0xc20
[  184.150649][ T2463]  pppol2tp_connect+0xca3/0x17a0
[  184.155613][ T2463]  __sys_connect+0x2df/0x310
[  184.160318][ T2463]  __x64_sys_connect+0x7a/0x90
[  184.165099][ T2463]  do_syscall_64+0xf3/0x230
[  184.169753][ T2463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.175683][ T2463] 
[  184.178119][ T2463] Freed by task 24:
[  184.181945][ T2463]  kasan_save_track+0x3f/0x80
[  184.186665][ T2463]  kasan_save_free_info+0x40/0x50
[  184.191733][ T2463]  poison_slab_object+0xe0/0x150
[  184.196796][ T2463]  __kasan_slab_free+0x37/0x60
[  184.201603][ T2463]  kfree+0x149/0x360
[  184.205556][ T2463]  __sk_destruct+0x58/0x5f0
[  184.210076][ T2463]  rcu_core+0xafd/0x1830
[  184.214335][ T2463]  handle_softirqs+0x2c4/0x970
[  184.219106][ T2463]  run_ksoftirqd+0xca/0x130
[  184.223727][ T2463]  smpboot_thread_fn+0x544/0xa30
[  184.228697][ T2463]  kthread+0x2f0/0x390
[  184.232871][ T2463]  ret_from_fork+0x4b/0x80
[  184.237363][ T2463]  ret_from_fork_asm+0x1a/0x30
[  184.242207][ T2463] 
[  184.244551][ T2463] Last potentially related work creation:
[  184.250356][ T2463]  kasan_save_stack+0x3f/0x60
[  184.255667][ T2463]  __kasan_record_aux_stack+0xac/0xc0
[  184.261365][ T2463]  call_rcu+0x167/0xa70
[  184.265553][ T2463]  pppol2tp_release+0x24b/0x350
[  184.270417][ T2463]  sock_close+0xbc/0x240
[  184.274677][ T2463]  __fput+0x406/0x8b0
[  184.278685][ T2463]  task_work_run+0x24f/0x310
[  184.283311][ T2463]  syscall_exit_to_user_mode+0x168/0x370
[  184.289402][ T2463]  do_syscall_64+0x100/0x230
[  184.294084][ T2463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.300088][ T2463] 
[  184.302452][ T2463] The buggy address belongs to the object at ffff88807bc06000
[  184.302452][ T2463]  which belongs to the cache kmalloc-1k of size 1024
[  184.316600][ T2463] The buggy address is located 8 bytes inside of
[  184.316600][ T2463]  freed 1024-byte region [ffff88807bc06000, ffff88807bc06400)
[  184.330330][ T2463] 
[  184.332662][ T2463] The buggy address belongs to the physical page:
[  184.339083][ T2463] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7bc00
[  184.347860][ T2463] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  184.356621][ T2463] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  184.364447][ T2463] page_type: 0xffffefff(slab)
[  184.369199][ T2463] raw: 00fff00000000040 ffff888015041dc0 dead000000000122 0000000000000000
[  184.377789][ T2463] raw: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[  184.386384][ T2463] head: 00fff00000000040 ffff888015041dc0 dead000000000122 0000000000000000
[  184.395076][ T2463] head: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[  184.403840][ T2463] head: 00fff00000000003 ffffea0001ef0001 ffffffffffffffff 0000000000000000
[  184.412576][ T2463] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  184.421345][ T2463] page dumped because: kasan: bad access detected
[  184.427858][ T2463] page_owner tracks the page as allocated
[  184.433583][ T2463] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 57, tgid 57 (kworker/u8:4), ts 183804876495, free_ts 183486584799
[  184.454174][ T2463]  post_alloc_hook+0x1f3/0x230
[  184.458973][ T2463]  get_page_from_freelist+0x2e4c/0x2f10
[  184.464541][ T2463]  __alloc_pages_noprof+0x256/0x6c0
[  184.469746][ T2463]  alloc_slab_page+0x5f/0x120
[  184.474438][ T2463]  allocate_slab+0x5a/0x2f0
[  184.479049][ T2463]  ___slab_alloc+0xcd1/0x14b0
[  184.483744][ T2463]  __slab_alloc+0x58/0xa0
[  184.488180][ T2463]  __kmalloc_noprof+0x257/0x400
[  184.493034][ T2463]  ___neigh_create+0x691/0x2470
[  184.497904][ T2463]  ip6_finish_output2+0x1631/0x1680
[  184.503333][ T2463]  ip6_finish_output+0x41e/0x810
[  184.508309][ T2463]  ndisc_send_skb+0xab2/0x1380
[  184.513185][ T2463]  ndisc_send_ns+0xcc/0x160
[  184.517803][ T2463]  addrconf_dad_work+0xb45/0x16f0
[  184.522867][ T2463]  process_scheduled_works+0xa2c/0x1830
[  184.528452][ T2463]  worker_thread+0x86d/0xd50
[  184.533071][ T2463] page last free pid 5198 tgid 5198 stack trace:
[  184.539403][ T2463]  free_unref_page+0xd22/0xea0
[  184.544192][ T2463]  __put_partials+0xeb/0x130
[  184.548791][ T2463]  put_cpu_partial+0x17c/0x250
[  184.553675][ T2463]  __slab_free+0x2ea/0x3d0
[  184.558272][ T2463]  qlist_free_all+0x9e/0x140
[  184.562867][ T2463]  kasan_quarantine_reduce+0x14f/0x170
[  184.568597][ T2463]  __kasan_slab_alloc+0x23/0x80
[  184.573542][ T2463]  __kmalloc_noprof+0x1a3/0x400
[  184.578397][ T2463]  fib6_info_alloc+0x2e/0xf0
[  184.583107][ T2463]  ip6_route_info_create+0x445/0x12b0
[  184.588510][ T2463]  ip6_route_add+0x28/0x160
[  184.593054][ T2463]  addrconf_prefix_route+0x314/0x4e0
[  184.598350][ T2463]  inet6_addr_add+0x627/0xb00
[  184.603039][ T2463]  inet6_rtm_newaddr+0x8a3/0xc80
[  184.607999][ T2463]  rtnetlink_rcv_msg+0x89b/0x1180
[  184.613223][ T2463]  netlink_rcv_skb+0x1e3/0x430
[  184.618010][ T2463] 
[  184.620337][ T2463] Memory state around the buggy address:
[  184.626004][ T2463]  ffff88807bc05f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  184.634155][ T2463]  ffff88807bc05f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  184.642399][ T2463] >ffff88807bc06000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  184.650908][ T2463]                       ^
[  184.655255][ T2463]  ffff88807bc06080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  184.663339][ T2463]  ffff88807bc06100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  184.671661][ T2463] ==================================================================
[  184.746762][ T2463] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  184.754190][ T2463] CPU: 0 PID: 2463 Comm: kworker/u8:8 Not tainted 6.10.0-rc5-syzkaller-01097-g748e3bbf4721 #0
[  184.764460][ T2463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  184.774524][ T2463] Workqueue: l2tp l2tp_tunnel_del_work
[  184.780000][ T2463] Call Trace:
[  184.783283][ T2463]  <TASK>
[  184.786215][ T2463]  dump_stack_lvl+0x241/0x360
[  184.790901][ T2463]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.796107][ T2463]  ? __pfx__printk+0x10/0x10
[  184.800716][ T2463]  ? preempt_schedule+0xe1/0xf0
[  184.805588][ T2463]  ? vscnprintf+0x5d/0x90
[  184.809957][ T2463]  panic+0x349/0x860
[  184.813867][ T2463]  ? check_panic_on_warn+0x21/0xb0
[  184.819105][ T2463]  ? __pfx_panic+0x10/0x10
[  184.823630][ T2463]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  184.829625][ T2463]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  184.835978][ T2463]  ? print_report+0x502/0x550
[  184.840697][ T2463]  check_panic_on_warn+0x86/0xb0
[  184.845648][ T2463]  ? l2tp_session_delete+0x28/0x9e0
[  184.850855][ T2463]  end_report+0x77/0x160
[  184.855109][ T2463]  kasan_report+0x154/0x180
[  184.859710][ T2463]  ? l2tp_session_delete+0x28/0x9e0
[  184.864924][ T2463]  kasan_check_range+0x282/0x290
[  184.869884][ T2463]  l2tp_session_delete+0x28/0x9e0
[  184.874942][ T2463]  ? l2tp_tunnel_del_work+0x1d3/0x330
[  184.880327][ T2463]  l2tp_tunnel_del_work+0x1cb/0x330
[  184.885542][ T2463]  ? process_scheduled_works+0x945/0x1830
[  184.891370][ T2463]  process_scheduled_works+0xa2c/0x1830
[  184.896934][ T2463]  ? __pfx_process_scheduled_works+0x10/0x10
[  184.902922][ T2463]  ? assign_work+0x364/0x3d0
[  184.907537][ T2463]  worker_thread+0x86d/0xd50
[  184.912155][ T2463]  ? __kthread_parkme+0x169/0x1d0
[  184.917200][ T2463]  ? __pfx_worker_thread+0x10/0x10
[  184.922329][ T2463]  kthread+0x2f0/0x390
[  184.926417][ T2463]  ? __pfx_worker_thread+0x10/0x10
[  184.931734][ T2463]  ? __pfx_kthread+0x10/0x10
[  184.936355][ T2463]  ret_from_fork+0x4b/0x80
[  184.940882][ T2463]  ? __pfx_kthread+0x10/0x10
[  184.945489][ T2463]  ret_from_fork_asm+0x1a/0x30
[  184.950300][ T2463]  </TASK>
[  184.953460][ T2463] Kernel Offset: disabled
[  184.957798][ T2463] Rebooting in 86400 seconds..