Warning: Permanently added '10.128.1.220' (ED25519) to the list of known hosts.
2024/06/24 00:13:44 ignoring optional flag "sandboxArg"="0"
2024/06/24 00:13:44 parsed 1 programs
[ 165.044570][ T5110] cgroup: Unknown subsys name 'net'
[ 165.297578][ T5110] cgroup: Unknown subsys name 'rlimit'
[ 166.424147][ T5113] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 166.950356][ T5155] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 166.959128][ T5155] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 166.967385][ T5155] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 166.976247][ T5155] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 166.986184][ T5155] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 166.993901][ T5155] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 167.233613][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 167.244900][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 167.281224][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 167.289340][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 168.542685][ T5191] chnl_net:caif_netlink_parms(): no params data found
[ 168.599257][ T5191] bridge0: port 1(bridge_slave_0) entered blocking state
[ 168.607129][ T5191] bridge0: port 1(bridge_slave_0) entered disabled state
[ 168.614238][ T5191] bridge_slave_0: entered allmulticast mode
[ 168.621597][ T5191] bridge_slave_0: entered promiscuous mode
[ 168.638195][ T5191] bridge0: port 2(bridge_slave_1) entered blocking state
[ 168.645352][ T5191] bridge0: port 2(bridge_slave_1) entered disabled state
[ 168.652435][ T5191] bridge_slave_1: entered allmulticast mode
[ 168.659462][ T5191] bridge_slave_1: entered promiscuous mode
[ 168.691515][ T5191] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 168.702987][ T5191] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 168.737907][ T5191] team0: Port device team_slave_0 added
[ 168.747870][ T5191] team0: Port device team_slave_1 added
[ 168.771183][ T5191] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 168.778162][ T5191] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 168.804145][ T5191] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 168.817720][ T5191] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 168.824662][ T5191] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 168.850872][ T5191] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 168.907872][ T5191] hsr_slave_0: entered promiscuous mode
[ 168.914477][ T5191] hsr_slave_1: entered promiscuous mode
[ 169.037123][ T5191] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 169.048280][ T5191] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 169.058129][ T5191] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 169.068241][ T5191] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 169.094084][ T5191] bridge0: port 2(bridge_slave_1) entered blocking state
[ 169.101608][ T5191] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 169.109585][ T5191] bridge0: port 1(bridge_slave_0) entered blocking state
[ 169.116699][ T5191] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 169.193334][ T5191] 8021q: adding VLAN 0 to HW filter on device bond0
[ 169.210156][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 169.219175][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 169.234889][ T5191] 8021q: adding VLAN 0 to HW filter on device team0
[ 169.248600][ T785] bridge0: port 1(bridge_slave_0) entered blocking state
[ 169.255703][ T785] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 169.278045][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 169.285195][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 169.310225][ T5191] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 169.416940][ T5191] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 169.449778][ T5191] veth0_vlan: entered promiscuous mode
[ 169.467413][ T5191] veth1_vlan: entered promiscuous mode
[ 169.489423][ T5191] veth0_macvtap: entered promiscuous mode
[ 169.501193][ T5191] veth1_macvtap: entered promiscuous mode
[ 169.518962][ T5191] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 169.530417][ T5191] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 169.542283][ T5191] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 169.552314][ T5191] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 169.561364][ T5191] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 169.570545][ T5191] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 169.656316][ T5191] syz-executor.0 (5191) used greatest stack depth: 18512 bytes left
[ 169.702800][ T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 169.767359][ T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 169.841864][ T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2024/06/24 00:13:49 executed programs: 0
[ 169.934391][ T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 169.990525][ T4494] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 169.998734][ T4494] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 170.008254][ T4494] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 170.017523][ T4494] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 170.028587][ T4494] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 170.036200][ T4494] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 170.157761][ T5213] chnl_net:caif_netlink_parms(): no params data found
[ 170.210477][ T5213] bridge0: port 1(bridge_slave_0) entered blocking state
[ 170.217750][ T5213] bridge0: port 1(bridge_slave_0) entered disabled state
[ 170.225557][ T5213] bridge_slave_0: entered allmulticast mode
[ 170.232251][ T5213] bridge_slave_0: entered promiscuous mode
[ 170.240667][ T5213] bridge0: port 2(bridge_slave_1) entered blocking state
[ 170.248087][ T5213] bridge0: port 2(bridge_slave_1) entered disabled state
[ 170.255347][ T5213] bridge_slave_1: entered allmulticast mode
[ 170.262015][ T5213] bridge_slave_1: entered promiscuous mode
[ 170.286829][ T5213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 170.300005][ T5213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 170.329385][ T5213] team0: Port device team_slave_0 added
[ 170.337194][ T5213] team0: Port device team_slave_1 added
[ 170.359721][ T5213] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 170.367601][ T5213] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 170.393591][ T5213] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 170.411421][ T5213] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 170.419054][ T5213] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 170.445511][ T5213] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 170.492005][ T5213] hsr_slave_0: entered promiscuous mode
[ 170.498524][ T5213] hsr_slave_1: entered promiscuous mode
[ 170.504601][ T5213] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 170.512461][ T5213] Cannot create hsr debugfs directory
[ 172.135564][ T4494] Bluetooth: hci0: command tx timeout
[ 174.205411][ T4494] Bluetooth: hci0: command tx timeout
[ 174.507922][ T51] bridge_slave_1: left allmulticast mode
[ 174.513707][ T51] bridge_slave_1: left promiscuous mode
[ 174.520073][ T51] bridge0: port 2(bridge_slave_1) entered disabled state
[ 174.531689][ T51] bridge_slave_0: left allmulticast mode
[ 174.538570][ T51] bridge_slave_0: left promiscuous mode
[ 174.544250][ T51] bridge0: port 1(bridge_slave_0) entered disabled state
[ 174.732191][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 174.743030][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 174.753883][ T51] bond0 (unregistering): Released all slaves
[ 174.856989][ T51] hsr_slave_0: left promiscuous mode
[ 174.863163][ T51] hsr_slave_1: left promiscuous mode
[ 174.869405][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 174.877279][ T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 174.888897][ T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 174.896426][ T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 174.914923][ T51] veth1_macvtap: left promiscuous mode
[ 174.920932][ T51] veth0_macvtap: left promiscuous mode
[ 174.927522][ T51] veth1_vlan: left promiscuous mode
[ 174.933001][ T51] veth0_vlan: left promiscuous mode
[ 175.270654][ T51] team0 (unregistering): Port device team_slave_1 removed
[ 175.293961][ T51] team0 (unregistering): Port device team_slave_0 removed
[ 175.661503][ T5213] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 175.673779][ T5213] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 175.685653][ T5213] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 175.699327][ T5213] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 175.821851][ T5213] 8021q: adding VLAN 0 to HW filter on device bond0
[ 175.860882][ T5213] 8021q: adding VLAN 0 to HW filter on device team0
[ 175.873487][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 175.880671][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 175.901393][ T5198] bridge0: port 2(bridge_slave_1) entered blocking state
[ 175.908551][ T5198] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 175.963083][ T5213] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 176.092297][ T5213] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 176.136351][ T5213] veth0_vlan: entered promiscuous mode
[ 176.148031][ T5213] veth1_vlan: entered promiscuous mode
[ 176.173442][ T5213] veth0_macvtap: entered promiscuous mode
[ 176.184697][ T5213] veth1_macvtap: entered promiscuous mode
[ 176.199874][ T5213] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 176.212406][ T5213] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 176.224561][ T5213] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 176.234317][ T5213] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 176.243349][ T5213] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 176.252251][ T5213] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 176.295646][ T4494] Bluetooth: hci0: command tx timeout
[ 176.309877][ T1098] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 176.321836][ T1098] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
2024/06/24 00:13:56 executed programs: 1
[ 176.341233][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 176.349102][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 176.426817][ T51] ==================================================================
[ 176.434921][ T51] BUG: KASAN: slab-use-after-free in l2tp_session_delete+0x28/0x9e0
[ 176.442943][ T51] Write of size 8 at addr ffff88807ad6d008 by task kworker/u8:3/51
[ 176.450843][ T51]
[ 176.453178][ T51] CPU: 1 PID: 51 Comm: kworker/u8:3 Not tainted 6.10.0-rc4-syzkaller-00874-g84562f9953ec #0
[ 176.463249][ T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 176.473326][ T51] Workqueue: l2tp l2tp_tunnel_del_work
[ 176.478830][ T51] Call Trace:
[ 176.482113][ T51]
[ 176.485064][ T51] dump_stack_lvl+0x241/0x360
[ 176.489762][ T51] ? __pfx_dump_stack_lvl+0x10/0x10
[ 176.494980][ T51] ? __pfx__printk+0x10/0x10
[ 176.499585][ T51] ? _printk+0xd5/0x120
[ 176.503765][ T51] ? __virt_addr_valid+0x183/0x520
[ 176.508907][ T51] ? __virt_addr_valid+0x183/0x520
[ 176.514034][ T51] print_report+0x169/0x550
[ 176.518553][ T51] ? __virt_addr_valid+0x183/0x520
[ 176.523677][ T51] ? __virt_addr_valid+0x183/0x520
[ 176.528799][ T51] ? __virt_addr_valid+0x44e/0x520
[ 176.533922][ T51] ? __phys_addr+0xba/0x170
[ 176.538439][ T51] ? l2tp_session_delete+0x28/0x9e0
[ 176.543655][ T51] kasan_report+0x143/0x180
[ 176.548172][ T51] ? l2tp_session_delete+0x28/0x9e0
[ 176.553389][ T51] kasan_check_range+0x282/0x290
[ 176.558340][ T51] l2tp_session_delete+0x28/0x9e0
[ 176.563378][ T51] ? l2tp_tunnel_del_work+0x1d3/0x330
[ 176.568810][ T51] l2tp_tunnel_del_work+0x1cb/0x330
[ 176.574026][ T51] ? process_scheduled_works+0x945/0x1830
[ 176.579755][ T51] process_scheduled_works+0xa2c/0x1830
[ 176.585329][ T51] ? __pfx_process_scheduled_works+0x10/0x10
[ 176.591322][ T51] ? assign_work+0x364/0x3d0
[ 176.595960][ T51] worker_thread+0x86d/0xd70
[ 176.600571][ T51] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 176.606503][ T51] ? __kthread_parkme+0x169/0x1d0
[ 176.611541][ T51] ? __pfx_worker_thread+0x10/0x10
[ 176.616688][ T51] kthread+0x2f0/0x390
[ 176.620770][ T51] ? __pfx_worker_thread+0x10/0x10
[ 176.625889][ T51] ? __pfx_kthread+0x10/0x10
[ 176.630491][ T51] ret_from_fork+0x4b/0x80
[ 176.634928][ T51] ? __pfx_kthread+0x10/0x10
[ 176.639527][ T51] ret_from_fork_asm+0x1a/0x30
[ 176.644314][ T51]
[ 176.647335][ T51]
[ 176.649660][ T51] Allocated by task 5256:
[ 176.653986][ T51] kasan_save_track+0x3f/0x80
[ 176.658679][ T51] __kasan_kmalloc+0x98/0xb0
[ 176.663272][ T51] __kmalloc_noprof+0x1f9/0x400
[ 176.668126][ T51] l2tp_session_create+0x3b/0xc20
[ 176.673160][ T51] pppol2tp_connect+0xca3/0x17a0
[ 176.678105][ T51] __sys_connect+0x2df/0x310
[ 176.682702][ T51] __x64_sys_connect+0x7a/0x90
[ 176.687476][ T51] do_syscall_64+0xf3/0x230
[ 176.691991][ T51] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 176.697893][ T51]
[ 176.700218][ T51] Freed by task 5199:
[ 176.704196][ T51] kasan_save_track+0x3f/0x80
[ 176.708881][ T51] kasan_save_free_info+0x40/0x50
[ 176.713908][ T51] poison_slab_object+0xe0/0x150
[ 176.718855][ T51] __kasan_slab_free+0x37/0x60
[ 176.723626][ T51] kfree+0x149/0x360
[ 176.727532][ T51] __sk_destruct+0x58/0x5f0
[ 176.732054][ T51] rcu_core+0xafd/0x1830
[ 176.736314][ T51] handle_softirqs+0x2c4/0x970
[ 176.741085][ T51] do_softirq+0x11b/0x1e0
[ 176.745421][ T51] __local_bh_enable_ip+0x1bb/0x200
[ 176.750618][ T51] srcu_invoke_callbacks+0x246/0x490
[ 176.755892][ T51] process_scheduled_works+0xa2c/0x1830
[ 176.761422][ T51] worker_thread+0x86d/0xd70
[ 176.765997][ T51] kthread+0x2f0/0x390
[ 176.770054][ T51] ret_from_fork+0x4b/0x80
[ 176.774459][ T51] ret_from_fork_asm+0x1a/0x30
[ 176.779227][ T51]
[ 176.781576][ T51] Last potentially related work creation:
[ 176.787274][ T51] kasan_save_stack+0x3f/0x60
[ 176.791942][ T51] __kasan_record_aux_stack+0xac/0xc0
[ 176.797301][ T51] call_rcu+0x167/0xa70
[ 176.801445][ T51] pppol2tp_release+0x24b/0x350
[ 176.806285][ T51] sock_close+0xbc/0x240
[ 176.810516][ T51] __fput+0x406/0x8b0
[ 176.814484][ T51] task_work_run+0x24f/0x310
[ 176.819060][ T51] syscall_exit_to_user_mode+0x168/0x370
[ 176.824679][ T51] do_syscall_64+0x100/0x230
[ 176.829265][ T51] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 176.835201][ T51]
[ 176.837506][ T51] The buggy address belongs to the object at ffff88807ad6d000
[ 176.837506][ T51] which belongs to the cache kmalloc-1k of size 1024
[ 176.851554][ T51] The buggy address is located 8 bytes inside of
[ 176.851554][ T51] freed 1024-byte region [ffff88807ad6d000, ffff88807ad6d400)
[ 176.865247][ T51]
[ 176.867553][ T51] The buggy address belongs to the physical page:
[ 176.873953][ T51] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7ad68
[ 176.882722][ T51] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 176.891232][ T51] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 176.899200][ T51] page_type: 0xffffefff(slab)
[ 176.903860][ T51] raw: 00fff00000000040 ffff888015041dc0 0000000000000000 0000000000000001
[ 176.912428][ T51] raw: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[ 176.920996][ T51] head: 00fff00000000040 ffff888015041dc0 0000000000000000 0000000000000001
[ 176.929648][ T51] head: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000
[ 176.938345][ T51] head: 00fff00000000003 ffffea0001eb5a01 ffffffffffffffff 0000000000000000
[ 176.947006][ T51] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 176.955655][ T51] page dumped because: kasan: bad access detected
[ 176.962061][ T51] page_owner tracks the page as allocated
[ 176.967773][ T51] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4947, tgid 4947 (sh), ts 42586540704, free_ts 42179980741
[ 176.988273][ T51] post_alloc_hook+0x1f3/0x230
[ 176.993031][ T51] get_page_from_freelist+0x2e43/0x2f00
[ 176.998562][ T51] __alloc_pages_noprof+0x256/0x6c0
[ 177.003744][ T51] alloc_slab_page+0x5f/0x120
[ 177.008422][ T51] allocate_slab+0x5a/0x2f0
[ 177.012911][ T51] ___slab_alloc+0xcd1/0x14b0
[ 177.017581][ T51] __slab_alloc+0x58/0xa0
[ 177.021909][ T51] __kmalloc_noprof+0x257/0x400
[ 177.026741][ T51] load_elf_binary+0x2f4/0x2620
[ 177.031575][ T51] bprm_execve+0xaf8/0x17c0
[ 177.036068][ T51] do_execveat_common+0x553/0x700
[ 177.041078][ T51] __x64_sys_execve+0x92/0xb0
[ 177.045743][ T51] do_syscall_64+0xf3/0x230
[ 177.050234][ T51] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 177.056115][ T51] page last free pid 4945 tgid 4945 stack trace:
[ 177.062422][ T51] free_unref_page+0xd22/0xea0
[ 177.067175][ T51] __put_partials+0xeb/0x130
[ 177.071754][ T51] put_cpu_partial+0x17c/0x250
[ 177.076505][ T51] __slab_free+0x2ea/0x3d0
[ 177.080910][ T51] qlist_free_all+0x9e/0x140
[ 177.085488][ T51] kasan_quarantine_reduce+0x14f/0x170
[ 177.090952][ T51] __kasan_slab_alloc+0x23/0x80
[ 177.095788][ T51] kmem_cache_alloc_noprof+0x135/0x2a0
[ 177.101238][ T51] getname_flags+0xbd/0x4f0
[ 177.105734][ T51] vfs_fstatat+0x11c/0x190
[ 177.110141][ T51] __x64_sys_newfstatat+0x125/0x1b0
[ 177.115320][ T51] do_syscall_64+0xf3/0x230
[ 177.119808][ T51] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 177.125688][ T51]
[ 177.128000][ T51] Memory state around the buggy address:
[ 177.133608][ T51] ffff88807ad6cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 177.141650][ T51] ffff88807ad6cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 177.149692][ T51] >ffff88807ad6d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 177.157731][ T51] ^
[ 177.162056][ T51] ffff88807ad6d080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 177.170103][ T51] ffff88807ad6d100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 177.178146][ T51] ==================================================================
[ 177.238312][ T51] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 177.245542][ T51] CPU: 1 PID: 51 Comm: kworker/u8:3 Not tainted 6.10.0-rc4-syzkaller-00874-g84562f9953ec #0
[ 177.255610][ T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 177.265666][ T51] Workqueue: l2tp l2tp_tunnel_del_work
[ 177.271147][ T51] Call Trace:
[ 177.274441][ T51]
[ 177.277357][ T51] dump_stack_lvl+0x241/0x360
[ 177.282030][ T51] ? __pfx_dump_stack_lvl+0x10/0x10
[ 177.287255][ T51] ? __pfx__printk+0x10/0x10
[ 177.291832][ T51] ? preempt_schedule+0xe1/0xf0
[ 177.296676][ T51] ? vscnprintf+0x5d/0x90
[ 177.300996][ T51] panic+0x349/0x860
[ 177.304879][ T51] ? check_panic_on_warn+0x21/0xb0
[ 177.309984][ T51] ? __pfx_panic+0x10/0x10
[ 177.314390][ T51] ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 177.320364][ T51] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 177.326683][ T51] ? print_report+0x502/0x550
[ 177.331350][ T51] check_panic_on_warn+0x86/0xb0
[ 177.336277][ T51] ? l2tp_session_delete+0x28/0x9e0
[ 177.341465][ T51] end_report+0x77/0x160
[ 177.345705][ T51] kasan_report+0x154/0x180
[ 177.350198][ T51] ? l2tp_session_delete+0x28/0x9e0
[ 177.355390][ T51] kasan_check_range+0x282/0x290
[ 177.360316][ T51] l2tp_session_delete+0x28/0x9e0
[ 177.365329][ T51] ? l2tp_tunnel_del_work+0x1d3/0x330
[ 177.370701][ T51] l2tp_tunnel_del_work+0x1cb/0x330
[ 177.375892][ T51] ? process_scheduled_works+0x945/0x1830
[ 177.381595][ T51] process_scheduled_works+0xa2c/0x1830
[ 177.387135][ T51] ? __pfx_process_scheduled_works+0x10/0x10
[ 177.393105][ T51] ? assign_work+0x364/0x3d0
[ 177.397685][ T51] worker_thread+0x86d/0xd70
[ 177.402264][ T51] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 177.408148][ T51] ? __kthread_parkme+0x169/0x1d0
[ 177.413162][ T51] ? __pfx_worker_thread+0x10/0x10
[ 177.418259][ T51] kthread+0x2f0/0x390
[ 177.422322][ T51] ? __pfx_worker_thread+0x10/0x10
[ 177.427421][ T51] ? __pfx_kthread+0x10/0x10
[ 177.431998][ T51] ret_from_fork+0x4b/0x80
[ 177.436403][ T51] ? __pfx_kthread+0x10/0x10
[ 177.440978][ T51] ret_from_fork_asm+0x1a/0x30
[ 177.445739][ T51]
[ 177.448961][ T51] Kernel Offset: disabled
[ 177.453275][ T51] Rebooting in 86400 seconds..