Warning: Permanently added '10.128.1.102' (ED25519) to the list of known hosts.
2024/06/21 16:43:09 ignoring optional flag "sandboxArg"="0"
2024/06/21 16:43:09 parsed 1 programs
[  153.954909][ T5108] cgroup: Unknown subsys name 'net'
[  154.205686][ T5108] cgroup: Unknown subsys name 'rlimit'
[  155.303590][ T5114] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  155.881501][  T743] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.894641][  T743] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.921363][  T743] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.929477][  T743] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  156.758827][ T5171] chnl_net:caif_netlink_parms(): no params data found
[  156.880594][ T5171] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.888255][ T5171] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.896391][ T5171] bridge_slave_0: entered allmulticast mode
[  156.904514][ T5171] bridge_slave_0: entered promiscuous mode
[  156.912906][ T5171] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.919987][ T5171] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.927511][ T5171] bridge_slave_1: entered allmulticast mode
[  156.935098][ T5171] bridge_slave_1: entered promiscuous mode
[  156.973223][ T5171] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.984809][ T5171] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  157.009614][ T5171] team0: Port device team_slave_0 added
[  157.017910][ T5171] team0: Port device team_slave_1 added
[  157.039039][ T5171] batman_adv: batadv0: Adding interface: batadv_slave_0
[  157.046057][ T5171] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.071990][ T5171] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  157.085240][ T5171] batman_adv: batadv0: Adding interface: batadv_slave_1
[  157.092193][ T5171] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.118181][ T5171] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  157.162469][ T5171] hsr_slave_0: entered promiscuous mode
[  157.168758][ T5171] hsr_slave_1: entered promiscuous mode
[  157.283781][ T5171] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  157.294402][ T5171] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  157.303792][ T5171] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  157.315647][ T5171] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  157.382006][ T5171] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.407186][ T5171] 8021q: adding VLAN 0 to HW filter on device team0
[  157.427090][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.434305][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.445657][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.452750][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.578933][ T5171] 8021q: adding VLAN 0 to HW filter on device batadv0
[  157.619110][ T5171] veth0_vlan: entered promiscuous mode
[  157.629759][ T5171] veth1_vlan: entered promiscuous mode
[  157.657704][ T5171] veth0_macvtap: entered promiscuous mode
[  157.667078][ T5171] veth1_macvtap: entered promiscuous mode
[  157.686026][ T5171] batman_adv: batadv0: Interface activated: batadv_slave_0
[  157.700264][ T5171] batman_adv: batadv0: Interface activated: batadv_slave_1
[  157.711170][ T5171] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  157.720630][ T5171] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  157.729530][ T5171] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  157.739209][ T5171] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  157.866607][ T2482] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.926071][ T2482] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.991414][ T2482] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.059726][ T2482] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.474177][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  158.481916][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  158.489916][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  158.498799][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  158.506676][   T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  158.516048][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2024/06/21 16:43:14 executed programs: 0
[  158.796040][ T4490] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  158.803904][ T4490] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  158.811408][ T4490] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  158.820676][ T4490] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  158.828843][ T4490] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  158.836870][ T4490] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  158.963921][ T5210] chnl_net:caif_netlink_parms(): no params data found
[  159.024738][ T5210] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.031894][ T5210] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.039332][ T5210] bridge_slave_0: entered allmulticast mode
[  159.046245][ T5210] bridge_slave_0: entered promiscuous mode
[  159.054862][ T5210] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.061971][ T5210] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.069262][ T5210] bridge_slave_1: entered allmulticast mode
[  159.076789][ T5210] bridge_slave_1: entered promiscuous mode
[  159.110982][ T5210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  159.123639][ T5210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  159.160365][ T5210] team0: Port device team_slave_0 added
[  159.169111][ T5210] team0: Port device team_slave_1 added
[  159.198692][ T5210] batman_adv: batadv0: Adding interface: batadv_slave_0
[  159.205820][ T5210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.231958][ T5210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  159.245543][ T5210] batman_adv: batadv0: Adding interface: batadv_slave_1
[  159.253844][ T5210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.280033][ T5210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  159.321623][ T5210] hsr_slave_0: entered promiscuous mode
[  159.328140][ T5210] hsr_slave_1: entered promiscuous mode
[  159.334969][ T5210] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  159.343616][ T5210] Cannot create hsr debugfs directory
[  160.913752][ T4490] Bluetooth: hci0: command tx timeout
[  162.954600][ T2482] bridge_slave_1: left allmulticast mode
[  162.960445][ T2482] bridge_slave_1: left promiscuous mode
[  162.967734][ T2482] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.987280][ T2482] bridge_slave_0: left allmulticast mode
[  162.995982][ T2482] bridge_slave_0: left promiscuous mode
[  163.001718][ T2482] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.002878][ T4490] Bluetooth: hci0: command tx timeout
[  163.195353][ T2482] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  163.206140][ T2482] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  163.216367][ T2482] bond0 (unregistering): Released all slaves
[  163.377985][ T2482] hsr_slave_0: left promiscuous mode
[  163.384363][ T2482] hsr_slave_1: left promiscuous mode
[  163.390912][ T2482] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  163.403292][ T2482] batman_adv: batadv0: Removing interface: batadv_slave_0
[  163.411865][ T2482] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  163.426610][ T2482] batman_adv: batadv0: Removing interface: batadv_slave_1
[  163.449424][ T2482] veth1_macvtap: left promiscuous mode
[  163.456480][ T2482] veth0_macvtap: left promiscuous mode
[  163.462136][ T2482] veth1_vlan: left promiscuous mode
[  163.469451][ T2482] veth0_vlan: left promiscuous mode
[  163.747432][ T2482] team0 (unregistering): Port device team_slave_1 removed
[  163.774438][ T2482] team0 (unregistering): Port device team_slave_0 removed
[  164.156511][ T5210] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  164.168575][ T5210] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  164.181589][ T5210] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  164.195997][ T5210] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  164.317078][ T5210] 8021q: adding VLAN 0 to HW filter on device bond0
[  164.353871][ T5210] 8021q: adding VLAN 0 to HW filter on device team0
[  164.365742][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.372910][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  164.386548][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.393735][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.661599][ T5210] 8021q: adding VLAN 0 to HW filter on device batadv0
[  164.700254][ T5210] veth0_vlan: entered promiscuous mode
[  164.710213][ T5210] veth1_vlan: entered promiscuous mode
[  164.749131][ T5210] veth0_macvtap: entered promiscuous mode
[  164.758621][ T5210] veth1_macvtap: entered promiscuous mode
[  164.780001][ T5210] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.795985][ T5210] batman_adv: batadv0: Interface activated: batadv_slave_1
[  164.808270][ T5210] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.817220][ T5210] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.826512][ T5210] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.835478][ T5210] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  164.916928][ T1045] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.925286][ T1045] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  164.946198][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.954178][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2024/06/21 16:43:20 executed programs: 1
[  165.072867][ T4490] Bluetooth: hci0: command tx timeout
[  165.082473][  T743] ==================================================================
[  165.090550][  T743] BUG: KASAN: slab-use-after-free in l2tp_session_delete+0x28/0x9e0
[  165.098546][  T743] Write of size 8 at addr ffff888027d85008 by task kworker/u8:5/743
[  165.106510][  T743] 
[  165.108826][  T743] CPU: 1 PID: 743 Comm: kworker/u8:5 Not tainted 6.10.0-rc4-syzkaller-00836-gb0d3969d2b4d #0
[  165.118959][  T743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  165.128996][  T743] Workqueue: l2tp l2tp_tunnel_del_work
[  165.134457][  T743] Call Trace:
[  165.137722][  T743]  <TASK>
[  165.140636][  T743]  dump_stack_lvl+0x241/0x360
[  165.145309][  T743]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.150500][  T743]  ? __pfx__printk+0x10/0x10
[  165.155081][  T743]  ? _printk+0xd5/0x120
[  165.159229][  T743]  ? __virt_addr_valid+0x183/0x520
[  165.164335][  T743]  ? __virt_addr_valid+0x183/0x520
[  165.169438][  T743]  print_report+0x169/0x550
[  165.173935][  T743]  ? __virt_addr_valid+0x183/0x520
[  165.179040][  T743]  ? __virt_addr_valid+0x183/0x520
[  165.184152][  T743]  ? __virt_addr_valid+0x44e/0x520
[  165.189257][  T743]  ? __phys_addr+0xba/0x170
[  165.193752][  T743]  ? l2tp_session_delete+0x28/0x9e0
[  165.198942][  T743]  kasan_report+0x143/0x180
[  165.203437][  T743]  ? l2tp_session_delete+0x28/0x9e0
[  165.208628][  T743]  kasan_check_range+0x282/0x290
[  165.213557][  T743]  l2tp_session_delete+0x28/0x9e0
[  165.218575][  T743]  l2tp_tunnel_del_work+0x1cb/0x330
[  165.223763][  T743]  ? process_scheduled_works+0x945/0x1830
[  165.229470][  T743]  process_scheduled_works+0xa2c/0x1830
[  165.235014][  T743]  ? __pfx_process_scheduled_works+0x10/0x10
[  165.240983][  T743]  ? assign_work+0x364/0x3d0
[  165.245562][  T743]  worker_thread+0x86d/0xd70
[  165.250147][  T743]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  165.256034][  T743]  ? __kthread_parkme+0x169/0x1d0
[  165.261048][  T743]  ? __pfx_worker_thread+0x10/0x10
[  165.266147][  T743]  kthread+0x2f0/0x390
[  165.270205][  T743]  ? __pfx_worker_thread+0x10/0x10
[  165.275301][  T743]  ? __pfx_kthread+0x10/0x10
[  165.279880][  T743]  ret_from_fork+0x4b/0x80
[  165.284287][  T743]  ? __pfx_kthread+0x10/0x10
[  165.288865][  T743]  ret_from_fork_asm+0x1a/0x30
[  165.293624][  T743]  </TASK>
[  165.296625][  T743] 
[  165.298933][  T743] Allocated by task 5257:
[  165.303241][  T743]  kasan_save_track+0x3f/0x80
[  165.307904][  T743]  __kasan_kmalloc+0x98/0xb0
[  165.312487][  T743]  __kmalloc_noprof+0x1f9/0x400
[  165.317327][  T743]  l2tp_session_create+0x3b/0xc20
[  165.322336][  T743]  pppol2tp_connect+0xca3/0x17a0
[  165.327279][  T743]  __sys_connect+0x2df/0x310
[  165.331861][  T743]  __x64_sys_connect+0x7a/0x90
[  165.336616][  T743]  do_syscall_64+0xf3/0x230
[  165.341107][  T743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.346992][  T743] 
[  165.349308][  T743] Freed by task 743:
[  165.353186][  T743]  kasan_save_track+0x3f/0x80
[  165.357853][  T743]  kasan_save_free_info+0x40/0x50
[  165.362878][  T743]  poison_slab_object+0xe0/0x150
[  165.367817][  T743]  __kasan_slab_free+0x37/0x60
[  165.372568][  T743]  kfree+0x149/0x360
[  165.376450][  T743]  __sk_destruct+0x58/0x5f0
[  165.380936][  T743]  rcu_core+0xafd/0x1830
[  165.385162][  T743]  handle_softirqs+0x2c4/0x970
[  165.389909][  T743]  do_softirq+0x11b/0x1e0
[  165.394232][  T743]  __local_bh_enable_ip+0x1bb/0x200
[  165.399420][  T743]  l2tp_tunnel_del_work+0x1c3/0x330
[  165.404607][  T743]  process_scheduled_works+0xa2c/0x1830
[  165.410138][  T743]  worker_thread+0x86d/0xd70
[  165.414718][  T743]  kthread+0x2f0/0x390
[  165.418773][  T743]  ret_from_fork+0x4b/0x80
[  165.423178][  T743]  ret_from_fork_asm+0x1a/0x30
[  165.427929][  T743] 
[  165.430236][  T743] Last potentially related work creation:
[  165.435929][  T743]  kasan_save_stack+0x3f/0x60
[  165.440592][  T743]  __kasan_record_aux_stack+0xac/0xc0
[  165.445949][  T743]  call_rcu+0x167/0xa70
[  165.450088][  T743]  pppol2tp_release+0x24b/0x350
[  165.454927][  T743]  sock_close+0xbc/0x240
[  165.459158][  T743]  __fput+0x406/0x8b0
[  165.463127][  T743]  task_work_run+0x24f/0x310
[  165.467704][  T743]  syscall_exit_to_user_mode+0x168/0x370
[  165.473320][  T743]  do_syscall_64+0x100/0x230
[  165.477901][  T743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.483782][  T743] 
[  165.486089][  T743] The buggy address belongs to the object at ffff888027d85000
[  165.486089][  T743]  which belongs to the cache kmalloc-1k of size 1024
[  165.500125][  T743] The buggy address is located 8 bytes inside of
[  165.500125][  T743]  freed 1024-byte region [ffff888027d85000, ffff888027d85400)
[  165.513826][  T743] 
[  165.516138][  T743] The buggy address belongs to the physical page:
[  165.522536][  T743] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27d80
[  165.531288][  T743] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  165.539767][  T743] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  165.547299][  T743] page_type: 0xffffefff(slab)
[  165.551960][  T743] raw: 00fff00000000040 ffff888015041dc0 dead000000000122 0000000000000000
[  165.560527][  T743] raw: 0000000000000000 0000000080100010 00000001ffffefff 0000000000000000
[  165.569091][  T743] head: 00fff00000000040 ffff888015041dc0 dead000000000122 0000000000000000
[  165.577743][  T743] head: 0000000000000000 0000000080100010 00000001ffffefff 0000000000000000
[  165.586394][  T743] head: 00fff00000000003 ffffea00009f6001 ffffffffffffffff 0000000000000000
[  165.595046][  T743] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  165.603695][  T743] page dumped because: kasan: bad access detected
[  165.610089][  T743] page_owner tracks the page as allocated
[  165.615783][  T743] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 35, tgid 35 (kworker/u8:2), ts 164998422131, free_ts 164981962333
[  165.636257][  T743]  post_alloc_hook+0x1f3/0x230
[  165.641018][  T743]  get_page_from_freelist+0x2e43/0x2f00
[  165.646547][  T743]  __alloc_pages_noprof+0x256/0x6c0
[  165.651730][  T743]  alloc_slab_page+0x5f/0x120
[  165.656393][  T743]  allocate_slab+0x5a/0x2f0
[  165.660885][  T743]  ___slab_alloc+0xcd1/0x14b0
[  165.665547][  T743]  __slab_alloc+0x58/0xa0
[  165.669860][  T743]  __kmalloc_noprof+0x257/0x400
[  165.674699][  T743]  ieee802_11_parse_elems_full+0xdb/0x2880
[  165.680492][  T743]  ieee80211_inform_bss+0x15f/0x1080
[  165.685761][  T743]  cfg80211_inform_single_bss_data+0x1121/0x2360
[  165.692077][  T743]  cfg80211_inform_bss_data+0x3dd/0x5a70
[  165.697695][  T743]  cfg80211_inform_bss_frame_data+0x3bc/0x720
[  165.703750][  T743]  ieee80211_bss_info_update+0x8a7/0xbc0
[  165.709364][  T743]  ieee80211_ibss_rx_queued_mgmt+0x1962/0x2d70
[  165.715501][  T743]  ieee80211_iface_work+0x8a5/0xf20
[  165.720686][  T743] page last free pid 5210 tgid 5210 stack trace:
[  165.726990][  T743]  free_unref_page+0xd22/0xea0
[  165.731741][  T743]  __put_partials+0xeb/0x130
[  165.736313][  T743]  put_cpu_partial+0x17c/0x250
[  165.741059][  T743]  __slab_free+0x2ea/0x3d0
[  165.745461][  T743]  qlist_free_all+0x9e/0x140
[  165.750037][  T743]  kasan_quarantine_reduce+0x14f/0x170
[  165.755477][  T743]  __kasan_slab_alloc+0x23/0x80
[  165.760313][  T743]  kmem_cache_alloc_noprof+0x135/0x2a0
[  165.765762][  T743]  __pmd_alloc+0x110/0x630
[  165.770170][  T743]  handle_mm_fault+0xf4c/0x1ba0
[  165.775009][  T743]  exc_page_fault+0x459/0x8c0
[  165.779668][  T743]  asm_exc_page_fault+0x26/0x30
[  165.784508][  T743] 
[  165.786812][  T743] Memory state around the buggy address:
[  165.792426][  T743]  ffff888027d84f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  165.800475][  T743]  ffff888027d84f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  165.808514][  T743] >ffff888027d85000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.816552][  T743]                       ^
[  165.820864][  T743]  ffff888027d85080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.828910][  T743]  ffff888027d85100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  165.836948][  T743] ==================================================================
[  165.853984][  T743] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  165.861192][  T743] CPU: 1 PID: 743 Comm: kworker/u8:5 Not tainted 6.10.0-rc4-syzkaller-00836-gb0d3969d2b4d #0
[  165.871341][  T743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  165.881400][  T743] Workqueue: l2tp l2tp_tunnel_del_work
[  165.886875][  T743] Call Trace:
[  165.890143][  T743]  <TASK>
[  165.893061][  T743]  dump_stack_lvl+0x241/0x360
[  165.897733][  T743]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.902921][  T743]  ? __pfx__printk+0x10/0x10
[  165.907498][  T743]  ? preempt_schedule+0xe1/0xf0
[  165.912338][  T743]  ? vscnprintf+0x5d/0x90
[  165.916665][  T743]  panic+0x349/0x860
[  165.920553][  T743]  ? check_panic_on_warn+0x21/0xb0
[  165.925659][  T743]  ? __pfx_panic+0x10/0x10
[  165.930063][  T743]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  165.936035][  T743]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  165.942352][  T743]  ? print_report+0x502/0x550
[  165.947023][  T743]  check_panic_on_warn+0x86/0xb0
[  165.951947][  T743]  ? l2tp_session_delete+0x28/0x9e0
[  165.957132][  T743]  end_report+0x77/0x160
[  165.961362][  T743]  kasan_report+0x154/0x180
[  165.965859][  T743]  ? l2tp_session_delete+0x28/0x9e0
[  165.971050][  T743]  kasan_check_range+0x282/0x290
[  165.975978][  T743]  l2tp_session_delete+0x28/0x9e0
[  165.980995][  T743]  l2tp_tunnel_del_work+0x1cb/0x330
[  165.986184][  T743]  ? process_scheduled_works+0x945/0x1830
[  165.991887][  T743]  process_scheduled_works+0xa2c/0x1830
[  165.997425][  T743]  ? __pfx_process_scheduled_works+0x10/0x10
[  166.003394][  T743]  ? assign_work+0x364/0x3d0
[  166.007968][  T743]  worker_thread+0x86d/0xd70
[  166.012544][  T743]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  166.018431][  T743]  ? __kthread_parkme+0x169/0x1d0
[  166.023443][  T743]  ? __pfx_worker_thread+0x10/0x10
[  166.028540][  T743]  kthread+0x2f0/0x390
[  166.032596][  T743]  ? __pfx_worker_thread+0x10/0x10
[  166.037694][  T743]  ? __pfx_kthread+0x10/0x10
[  166.042270][  T743]  ret_from_fork+0x4b/0x80
[  166.046674][  T743]  ? __pfx_kthread+0x10/0x10
[  166.051252][  T743]  ret_from_fork_asm+0x1a/0x30
[  166.056012][  T743]  </TASK>
[  166.059222][  T743] Kernel Offset: disabled
[  166.063533][  T743] Rebooting in 86400 seconds..