Warning: Permanently added '10.128.0.214' (ED25519) to the list of known hosts.
2026/06/11 06:04:58 parsed 1 programs
[ 21.434877][ T28] audit: type=1400 audit(1781157898.706:64): avc: denied { node_bind } for pid=295 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[ 21.456031][ T28] audit: type=1400 audit(1781157898.706:65): avc: denied { module_request } for pid=295 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 22.158053][ T28] audit: type=1400 audit(1781157899.426:66): avc: denied { mounton } for pid=301 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[ 22.159105][ T301] cgroup: Unknown subsys name 'net'
[ 22.180828][ T28] audit: type=1400 audit(1781157899.426:67): avc: denied { mount } for pid=301 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 22.208085][ T28] audit: type=1400 audit(1781157899.466:68): avc: denied { unmount } for pid=301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 22.208299][ T301] cgroup: Unknown subsys name 'devices'
[ 22.326325][ T301] cgroup: Unknown subsys name 'hugetlb'
[ 22.331957][ T301] cgroup: Unknown subsys name 'rlimit'
[ 22.469701][ T28] audit: type=1400 audit(1781157899.736:69): avc: denied { setattr } for pid=301 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 22.492886][ T28] audit: type=1400 audit(1781157899.736:70): avc: denied { create } for pid=301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[ 22.503215][ T305] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped).
[ 22.513689][ T28] audit: type=1400 audit(1781157899.736:71): avc: denied { write } for pid=301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 22.535900][ T301] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 22.542678][ T28] audit: type=1400 audit(1781157899.736:72): avc: denied { read } for pid=301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 22.571469][ T28] audit: type=1400 audit(1781157899.736:73): avc: denied { mounton } for pid=301 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 23.302826][ T314] request_module fs-gadgetfs succeeded, but still no fs?
[ 23.363273][ T313] bridge0: port 1(bridge_slave_0) entered blocking state
[ 23.397063][ T313] bridge0: port 1(bridge_slave_0) entered disabled state
[ 23.405240][ T313] device bridge_slave_0 entered promiscuous mode
[ 23.475040][ T313] bridge0: port 2(bridge_slave_1) entered blocking state
[ 23.482214][ T313] bridge0: port 2(bridge_slave_1) entered disabled state
[ 23.494904][ T314] syz-executor (314) used greatest stack depth: 20704 bytes left
[ 23.507171][ T313] device bridge_slave_1 entered promiscuous mode
[ 23.681462][ T313] bridge0: port 2(bridge_slave_1) entered blocking state
[ 23.688550][ T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 23.695853][ T313] bridge0: port 1(bridge_slave_0) entered blocking state
[ 23.702873][ T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 23.798373][ T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 23.806496][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 23.832163][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 23.853846][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 23.872665][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 23.880912][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 23.887946][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 23.910374][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 23.918656][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 23.925725][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 23.959700][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 23.968493][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 23.984325][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 24.009143][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 24.017460][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 24.025606][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 24.033170][ T313] device veth0_vlan entered promiscuous mode
[ 24.045309][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 24.058664][ T313] device veth1_macvtap entered promiscuous mode
[ 24.069539][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 24.083895][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2026/06/11 06:05:01 executed programs: 0
[ 24.321847][ T372] bridge0: port 1(bridge_slave_0) entered blocking state
[ 24.328977][ T372] bridge0: port 1(bridge_slave_0) entered disabled state
[ 24.336460][ T372] device bridge_slave_0 entered promiscuous mode
[ 24.343360][ T372] bridge0: port 2(bridge_slave_1) entered blocking state
[ 24.350590][ T372] bridge0: port 2(bridge_slave_1) entered disabled state
[ 24.358041][ T372] device bridge_slave_1 entered promiscuous mode
[ 24.375646][ T375] bridge0: port 1(bridge_slave_0) entered blocking state
[ 24.382712][ T375] bridge0: port 1(bridge_slave_0) entered disabled state
[ 24.391241][ T375] device bridge_slave_0 entered promiscuous mode
[ 24.399421][ T375] bridge0: port 2(bridge_slave_1) entered blocking state
[ 24.406773][ T375] bridge0: port 2(bridge_slave_1) entered disabled state
[ 24.414203][ T375] device bridge_slave_1 entered promiscuous mode
[ 24.543450][ T378] bridge0: port 1(bridge_slave_0) entered blocking state
[ 24.550699][ T378] bridge0: port 1(bridge_slave_0) entered disabled state
[ 24.558153][ T378] device bridge_slave_0 entered promiscuous mode
[ 24.566508][ T378] bridge0: port 2(bridge_slave_1) entered blocking state
[ 24.573543][ T378] bridge0: port 2(bridge_slave_1) entered disabled state
[ 24.581189][ T378] device bridge_slave_1 entered promiscuous mode
[ 24.641714][ T382] bridge0: port 1(bridge_slave_0) entered blocking state
[ 24.648920][ T382] bridge0: port 1(bridge_slave_0) entered disabled state
[ 24.656325][ T382] device bridge_slave_0 entered promiscuous mode
[ 24.663246][ T382] bridge0: port 2(bridge_slave_1) entered blocking state
[ 24.670352][ T382] bridge0: port 2(bridge_slave_1) entered disabled state
[ 24.677824][ T382] device bridge_slave_1 entered promiscuous mode
[ 24.742293][ T380] bridge0: port 1(bridge_slave_0) entered blocking state
[ 24.749372][ T380] bridge0: port 1(bridge_slave_0) entered disabled state
[ 24.756972][ T380] device bridge_slave_0 entered promiscuous mode
[ 24.764043][ T380] bridge0: port 2(bridge_slave_1) entered blocking state
[ 24.771221][ T380] bridge0: port 2(bridge_slave_1) entered disabled state
[ 24.778706][ T380] device bridge_slave_1 entered promiscuous mode
[ 24.855863][ T375] bridge0: port 2(bridge_slave_1) entered blocking state
[ 24.862919][ T375] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 24.886117][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 24.894322][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 24.901990][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 24.943959][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 24.952414][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 24.960862][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 24.967924][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 24.990147][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 25.002970][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 25.010543][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 25.019314][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 25.028515][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 25.036673][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 25.043680][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 25.060607][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 25.069016][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 25.077225][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 25.084234][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 25.111659][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 25.119390][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 25.127067][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 25.136125][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 25.144035][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 25.152431][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 25.159500][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 25.166924][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 25.175137][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 25.182149][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 25.189745][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 25.215963][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 25.224206][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 25.231253][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 25.239071][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 25.247538][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 25.254620][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 25.262821][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 25.271187][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 25.278237][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 25.285700][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 25.315320][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 25.324273][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 25.332374][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 25.340730][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 25.349181][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 25.357486][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 25.364555][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 25.372158][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 25.389866][ T372] device veth0_vlan entered promiscuous mode
[ 25.396277][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 25.404236][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 25.412367][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 25.420680][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 25.428861][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 25.436711][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 25.449735][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 25.458202][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 25.466766][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 25.473879][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 25.481431][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 25.489768][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 25.497847][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 25.505953][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 25.522867][ T372] device veth1_macvtap entered promiscuous mode
[ 25.546629][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 25.554883][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 25.562792][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 25.571696][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 25.580111][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 25.587979][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 25.596172][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 25.604035][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 25.612172][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 25.620217][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 25.628695][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 25.637115][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 25.645102][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 25.653015][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 25.660609][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 25.668832][ T382] device veth0_vlan entered promiscuous mode
[ 25.691507][ T378] device veth0_vlan entered promiscuous mode
[ 25.699771][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 25.708307][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 25.716861][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 25.725415][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 25.733690][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 25.742207][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 25.750668][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 25.759173][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 25.767687][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 25.775686][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 25.783627][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 25.791697][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 25.799775][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 25.807316][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 25.814931][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 25.822322][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 25.832566][ T382] device veth1_macvtap entered promiscuous mode
[ 25.840815][ T380] device veth0_vlan entered promiscuous mode
[ 25.854584][ T375] device veth0_vlan entered promiscuous mode
[ 25.860893][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 25.869267][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 25.877674][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 25.885535][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 25.893805][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 25.902801][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 25.910955][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 25.919216][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 25.926804][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 25.950170][ T375] device veth1_macvtap entered promiscuous mode
[ 25.959425][ T397] ==================================================================
[ 25.967498][ T397] BUG: KASAN: use-after-free in mutex_lock+0x86/0x1b0
[ 25.974874][ T397] Write of size 8 at addr ffff88812fde4150 by task syz.5.17/397
[ 25.982510][ T397]
[ 25.984848][ T397] CPU: 0 PID: 397 Comm: syz.5.17 Not tainted syzkaller #0
[ 25.991935][ T397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 26.001989][ T397] Call Trace:
[ 26.005261][ T397]
[ 26.008183][ T397] __dump_stack+0x21/0x24
[ 26.012502][ T397] dump_stack_lvl+0x110/0x170
[ 26.017171][ T397] ? __cfi_dump_stack_lvl+0x8/0x8
[ 26.022181][ T397] ? mutex_lock+0x86/0x1b0
[ 26.026576][ T397] print_address_description+0x71/0x200
[ 26.032102][ T397] print_report+0x4a/0x60
[ 26.036413][ T397] kasan_report+0x122/0x150
[ 26.040898][ T397] ? mutex_lock+0x86/0x1b0
[ 26.045298][ T397] kasan_check_range+0x249/0x2a0
[ 26.050215][ T397] __kasan_check_write+0x14/0x20
[ 26.055130][ T397] mutex_lock+0x86/0x1b0
[ 26.059362][ T397] ? __cfi_mutex_lock+0x10/0x10
[ 26.064192][ T397] ? l2tp_session_put+0xaf/0x1a0
[ 26.069108][ T397] ? l2tp_session_delete+0x3f0/0x4e0
[ 26.074379][ T397] pppol2tp_release+0x194/0x2d0
[ 26.079205][ T397] sock_close+0xf1/0x290
[ 26.083439][ T397] ? __cfi_sock_close+0x10/0x10
[ 26.088267][ T397] __fput+0x1fc/0x8f0
[ 26.092228][ T397] ____fput+0x15/0x20
[ 26.096185][ T397] task_work_run+0x1e1/0x250
[ 26.100792][ T397] ? __cfi_task_work_run+0x10/0x10
[ 26.105882][ T397] ? __cfi___close_range+0x10/0x10
[ 26.111060][ T397] exit_to_user_mode_loop+0x9b/0xb0
[ 26.116239][ T397] exit_to_user_mode_prepare+0x87/0xd0
[ 26.121674][ T397] syscall_exit_to_user_mode+0x1a/0x30
[ 26.127264][ T397] do_syscall_64+0x58/0xa0
[ 26.131720][ T397] ? clear_bhb_loop+0x30/0x80
[ 26.136475][ T397] ? clear_bhb_loop+0x30/0x80
[ 26.141154][ T397] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 26.147044][ T397] RIP: 0033:0x7f123f99ce59
[ 26.151451][ T397] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 26.171063][ T397] RSP: 002b:00007ffd590d2748 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 26.179477][ T397] RAX: 0000000000000000 RBX: 00007ffd590d2830 RCX: 00007f123f99ce59
[ 26.187604][ T397] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 26.195571][ T397] RBP: 000000000000654c R08: 0000000000000001 R09: 0000000000000000
[ 26.203523][ T397] R10: 0000001b33320000 R11: 0000000000000246 R12: 00007ffd590d2870
[ 26.211473][ T397] R13: 00007f123fc15fac R14: 0000000000006580 R15: 00007f123fc15fa0
[ 26.219426][ T397]
[ 26.222426][ T397]
[ 26.224725][ T397] Allocated by task 398:
[ 26.228933][ T397] kasan_set_track+0x4b/0x70
[ 26.233501][ T397] kasan_save_alloc_info+0x25/0x30
[ 26.238587][ T397] __kasan_kmalloc+0x95/0xb0
[ 26.243335][ T397] __kmalloc+0xb1/0x1e0
[ 26.247481][ T397] l2tp_session_create+0x38/0xbe0
[ 26.252512][ T397] pppol2tp_connect+0xbef/0x1620
[ 26.257439][ T397] __sys_connect+0x3da/0x460
[ 26.262008][ T397] __x64_sys_connect+0x7a/0x90
[ 26.266751][ T397] x64_sys_call+0x88d/0x9a0
[ 26.271238][ T397] do_syscall_64+0x4c/0xa0
[ 26.275636][ T397] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 26.281509][ T397]
[ 26.283815][ T397] Freed by task 397:
[ 26.287687][ T397] kasan_set_track+0x4b/0x70
[ 26.292267][ T397] kasan_save_free_info+0x31/0x50
[ 26.297361][ T397] ____kasan_slab_free+0x132/0x180
[ 26.302457][ T397] __kasan_slab_free+0x11/0x20
[ 26.307220][ T397] slab_free_freelist_hook+0xc2/0x190
[ 26.312574][ T397] __kmem_cache_free+0xb7/0x1b0
[ 26.317424][ T397] kfree+0x6f/0xf0
[ 26.321130][ T397] l2tp_session_put+0xaf/0x1a0
[ 26.326047][ T397] l2tp_session_delete+0x3f0/0x4e0
[ 26.331138][ T397] pppol2tp_release+0x185/0x2d0
[ 26.335981][ T397] sock_close+0xf1/0x290
[ 26.340203][ T397] __fput+0x1fc/0x8f0
[ 26.344166][ T397] ____fput+0x15/0x20
[ 26.348139][ T397] task_work_run+0x1e1/0x250
[ 26.352703][ T397] exit_to_user_mode_loop+0x9b/0xb0
[ 26.357877][ T397] exit_to_user_mode_prepare+0x87/0xd0
[ 26.363312][ T397] syscall_exit_to_user_mode+0x1a/0x30
[ 26.368754][ T397] do_syscall_64+0x58/0xa0
[ 26.373158][ T397] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 26.379037][ T397]
[ 26.381337][ T397] The buggy address belongs to the object at ffff88812fde4000
[ 26.381337][ T397] which belongs to the cache kmalloc-512 of size 512
[ 26.395382][ T397] The buggy address is located 336 bytes inside of
[ 26.395382][ T397] 512-byte region [ffff88812fde4000, ffff88812fde4200)
[ 26.408642][ T397]
[ 26.410951][ T397] The buggy address belongs to the physical page:
[ 26.417345][ T397] page:ffffea0004bf7900 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12fde4
[ 26.427564][ T397] head:ffffea0004bf7900 order:2 compound_mapcount:0 compound_pincount:0
[ 26.435868][ T397] flags: 0x4000000000010200(slab|head|zone=1)
[ 26.441936][ T397] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100042f00
[ 26.450511][ T397] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 26.459092][ T397] page dumped because: kasan: bad access detected
[ 26.465496][ T397] page_owner tracks the page as allocated
[ 26.471187][ T397] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x1d2a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 317, tgid 317 (kworker/0:2), ts 25957811906, free_ts 24268635047
[ 26.493044][ T397] post_alloc_hook+0x1f5/0x210
[ 26.497800][ T397] prep_new_page+0x1c/0x110
[ 26.502293][ T397] get_page_from_freelist+0x2d12/0x2d80
[ 26.507831][ T397] __alloc_pages+0x1fa/0x610
[ 26.512400][ T397] alloc_slab_page+0x6e/0xf0
[ 26.516972][ T397] new_slab+0x98/0x3d0
[ 26.521016][ T397] ___slab_alloc+0x6bd/0xb20
[ 26.525579][ T397] __slab_alloc+0x5e/0xa0
[ 26.529890][ T397] __kmem_cache_alloc_node+0x203/0x2c0
[ 26.535329][ T397] __kmalloc_node_track_caller+0xa0/0x1e0
[ 26.541046][ T397] __alloc_skb+0x236/0x4b0
[ 26.545444][ T397] ndisc_ns_create+0x26a/0x940
[ 26.550203][ T397] ndisc_send_ns+0xb7/0x160
[ 26.554683][ T397] addrconf_dad_work+0xa1e/0x14d0
[ 26.559683][ T397] process_one_work+0x71f/0xc40
[ 26.564509][ T397] worker_thread+0xa29/0x11e0
[ 26.569178][ T397] page last free stack trace:
[ 26.573834][ T397] free_unref_page_prepare+0x7f8/0x800
[ 26.579287][ T397] free_unref_page+0x95/0x540
[ 26.583949][ T397] __free_pages+0x67/0x100
[ 26.588350][ T397] __vunmap+0x9c0/0xb80
[ 26.592493][ T397] vfree+0x61/0x90
[ 26.596206][ T397] kcov_close+0x2b/0x50
[ 26.600342][ T397] __fput+0x1fc/0x8f0
[ 26.604305][ T397] ____fput+0x15/0x20
[ 26.608278][ T397] task_work_run+0x1e1/0x250
[ 26.612862][ T397] do_exit+0xa35/0x2660
[ 26.617009][ T397] do_group_exit+0x225/0x2e0
[ 26.621581][ T397] get_signal+0x13b5/0x1520
[ 26.626079][ T397] arch_do_signal_or_restart+0xd1/0x1140
[ 26.631722][ T397] exit_to_user_mode_loop+0x7a/0xb0
[ 26.636897][ T397] exit_to_user_mode_prepare+0x87/0xd0
[ 26.642333][ T397] syscall_exit_to_user_mode+0x1a/0x30
[ 26.647771][ T397]
[ 26.650073][ T397] Memory state around the buggy address:
[ 26.655676][ T397] ffff88812fde4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 26.663711][ T397] ffff88812fde4080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 26.671750][ T397] >ffff88812fde4100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 26.679791][ T397] ^
[ 26.686447][ T397] ffff88812fde4180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 26.694562][ T397] ffff88812fde4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 26.702620][ T397] ==================================================================
[ 26.721988][ T28] kauditd_printk_skb: 35 callbacks suppressed
[ 26.722020][ T28] audit: type=1400 audit(1781157903.986:109): avc: denied { read } for pid=85 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 26.723207][ T397] Disabling lock debugging due to kernel taint
[ 26.729502][ T28] audit: type=1400 audit(1781157903.986:110): avc: denied { search } for pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 26.778048][ T28] audit: type=1400 audit(1781157903.986:111): avc: denied { write } for pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 26.779040][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 26.801780][ T28] audit: type=1400 audit(1781157903.986:112): avc: denied { add_name } for pid=85 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 26.807704][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 26.827788][ T28] audit: type=1400 audit(1781157903.986:113): avc: denied { create } for pid=85 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 26.836204][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 26.856094][ T28] audit: type=1400 audit(1781157903.986:114): avc: denied { append open } for pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 26.864339][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 26.886853][ T28] audit: type=1400 audit(1781157903.986:115): avc: denied { getattr } for pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 26.918149][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 26.926451][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 26.934739][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 26.942433][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 26.951604][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 26.960491][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 26.969048][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 26.978090][ T380] device veth1_macvtap entered promiscuous mode
[ 26.995732][ T378] device veth1_macvtap entered promiscuous mode
[ 27.016517][ T416] ------------[ cut here ]------------
[ 27.022022][ T416] WARNING: CPU: 0 PID: 416 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 27.032169][ T416] Modules linked in:
[ 27.036136][ T416] CPU: 0 PID: 416 Comm: syz.5.30 Tainted: G B syzkaller #0
[ 27.044795][ T416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 27.054946][ T416] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 27.061305][ T416] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 27.081093][ T416] RSP: 0018:ffffc90000a47c98 EFLAGS: 00010293
[ 27.087326][ T416] RAX: ffffffff849cebf7 RBX: ffff888119612000 RCX: ffff888115830000
[ 27.095478][ T416] RDX: 0000000000000000 RSI: 000000003330e380 RDI: 000000000c04eb7d
[ 27.103442][ T416] RBP: ffffc90000a47cb8 R08: ffff888119612083 R09: 1ffff110232c2410
[ 27.111586][ T416] R10: dffffc0000000000 R11: ffffed10232c2411 R12: dffffc0000000000
[ 27.119693][ T416] R13: 1ffff11026a0b0f3 R14: 000000003330e380 R15: ffff88812173ac00
[ 27.127776][ T416] FS: 000055556e239500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 27.136785][ T416] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 27.143360][ T416] CR2: 0000200000000240 CR3: 0000000118e4a000 CR4: 00000000003506b0
[ 27.151462][ T416] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 27.159460][ T416] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 27.167451][ T416] Call Trace:
[ 27.170727][ T416]
[ 27.173643][ T416] pppol2tp_release+0x16c/0x2d0
[ 27.178511][ T416] sock_close+0xf1/0x290
[ 27.182755][ T416] ? __cfi_sock_close+0x10/0x10
[ 27.187630][ T416] __fput+0x1fc/0x8f0
[ 27.191617][ T416] ____fput+0x15/0x20
[ 27.195626][ T416] task_work_run+0x1e1/0x250
[ 27.200215][ T416] ? __cfi_task_work_run+0x10/0x10
[ 27.205355][ T416] ? __cfi___close_range+0x10/0x10
[ 27.210461][ T416] exit_to_user_mode_loop+0x9b/0xb0
[ 27.215685][ T416] exit_to_user_mode_prepare+0x87/0xd0
[ 27.221145][ T416] syscall_exit_to_user_mode+0x1a/0x30
[ 27.226625][ T416] do_syscall_64+0x58/0xa0
[ 27.231045][ T416] ? clear_bhb_loop+0x30/0x80
[ 27.235751][ T416] ? clear_bhb_loop+0x30/0x80
[ 27.240429][ T416] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 27.246361][ T416] RIP: 0033:0x7f123f99ce59
[ 27.250775][ T416] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 27.270421][ T416] RSP: 002b:00007ffd590d2748 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 27.278954][ T416] RAX: 0000000000000000 RBX: 00007ffd590d2830 RCX: 00007f123f99ce59
[ 27.287038][ T416] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 27.295034][ T416] RBP: 000000000000696f R08: 0000000000000001 R09: 0000000000000000
[ 27.303001][ T416] R10: 0000001b33320000 R11: 0000000000000246 R12: 00007ffd590d2870
[ 27.310995][ T416] R13: 00007f123fc15fac R14: 00000000000069a1 R15: 00007f123fc15fa0
[ 27.318987][ T416]
[ 27.321990][ T416] ---[ end trace 0000000000000000 ]---
[ 27.332731][ T399] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 27.341388][ T399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 27.350493][ T399] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 27.359146][ T399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 27.367905][ T399] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 27.376402][ T399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 27.394017][ T424] ------------[ cut here ]------------
[ 27.399568][ T424] WARNING: CPU: 0 PID: 424 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 27.409654][ T424] Modules linked in:
[ 27.413543][ T424] CPU: 0 PID: 424 Comm: syz.5.34 Tainted: G B W syzkaller #0
[ 27.422241][ T424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 27.432804][ T424] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 27.439228][ T424] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 27.458901][ T424] RSP: 0018:ffffc90000a87c98 EFLAGS: 00010293
[ 27.465027][ T424] RAX: ffffffff849cebf7 RBX: ffff88810fff8000 RCX: ffff8881105f2880
[ 27.472995][ T424] RDX: 0000000000000000 RSI: 00000000332de080 RDI: 000000000c04eb7d
[ 27.481043][ T424] RBP: ffffc90000a87cb8 R08: ffff88810fff8083 R09: 1ffff11021fff010
[ 27.489073][ T424] R10: dffffc0000000000 R11: ffffed1021fff011 R12: dffffc0000000000
[ 27.497056][ T424] R13: 1ffff11026a1143b R14: 00000000332de080 R15: ffff8881107a0800
[ 27.505043][ T424] FS: 000055556e239500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 27.513960][ T424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 27.520584][ T424] CR2: 0000200000000240 CR3: 0000000131ac5000 CR4: 00000000003506b0
[ 27.528596][ T424] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 27.536593][ T424] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 27.544606][ T424] Call Trace:
[ 27.547871][ T424]
[ 27.550778][ T424] pppol2tp_release+0x16c/0x2d0
[ 27.555762][ T424] sock_close+0xf1/0x290
[ 27.560038][ T424] ? __cfi_sock_close+0x10/0x10
[ 27.564897][ T424] __fput+0x1fc/0x8f0
[ 27.568875][ T424] ____fput+0x15/0x20
[ 27.572839][ T424] task_work_run+0x1e1/0x250
[ 27.577453][ T424] ? __cfi_task_work_run+0x10/0x10
[ 27.582569][ T424] ? __cfi___close_range+0x10/0x10
[ 27.587707][ T424] exit_to_user_mode_loop+0x9b/0xb0
[ 27.592903][ T424] exit_to_user_mode_prepare+0x87/0xd0
[ 27.598384][ T424] syscall_exit_to_user_mode+0x1a/0x30
[ 27.603840][ T424] do_syscall_64+0x58/0xa0
[ 27.608274][ T424] ? clear_bhb_loop+0x30/0x80
[ 27.612950][ T424] ? clear_bhb_loop+0x30/0x80
[ 27.617643][ T424] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 27.623712][ T424] RIP: 0033:0x7f123f99ce59
[ 27.628130][ T424] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 27.647749][ T424] RSP: 002b:00007ffd590d2748 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 27.656173][ T424] RAX: 0000000000000000 RBX: 00007ffd590d2830 RCX: 00007f123f99ce59
[ 27.664454][ T424] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 27.672463][ T424] RBP: 0000000000006ae7 R08: 0000000000000001 R09: 0000000000000000
[ 27.680453][ T424] R10: 0000001b33320000 R11: 0000000000000246 R12: 00007ffd590d2870
[ 27.688435][ T424] R13: 00007f123fc15fac R14: 0000000000006b1b R15: 00007f123fc15fa0
[ 27.696425][ T424]
[ 27.699424][ T424] ---[ end trace 0000000000000000 ]---
[ 27.719542][ T399] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 27.728753][ T399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 27.775030][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 27.783333][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 27.796096][ T440] ------------[ cut here ]------------
[ 27.801574][ T440] WARNING: CPU: 1 PID: 440 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 27.812097][ T440] Modules linked in:
[ 27.816223][ T440] CPU: 1 PID: 440 Comm: syz.1.40 Tainted: G B W syzkaller #0
[ 27.824865][ T440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 27.835045][ T440] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 27.841386][ T440] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 27.861059][ T440] RSP: 0018:ffffc90000a97c98 EFLAGS: 00010293
[ 27.867171][ T440] RAX: ffffffff849cebf7 RBX: ffff88811a0b0000 RCX: ffff888118c16540
[ 27.875189][ T440] RDX: 0000000000000000 RSI: 0000000032a3f1c0 RDI: 000000000c04eb7d
[ 27.883187][ T440] RBP: ffffc90000a97cb8 R08: ffff88811a0b0083 R09: 1ffff11023416010
[ 27.891210][ T440] R10: dffffc0000000000 R11: ffffed1023416011 R12: dffffc0000000000
[ 27.899213][ T440] R13: 1ffff11026a16f83 R14: 0000000032a3f1c0 R15: ffff888117e9c400
[ 27.907244][ T440] FS: 000055558d8f5500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 27.916302][ T440] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 27.923512][ T440] CR2: 0000200000000240 CR3: 000000011a286000 CR4: 00000000003506a0
[ 27.931521][ T440] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 27.939538][ T440] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 27.947637][ T440] Call Trace:
[ 27.950916][ T440]
[ 27.953852][ T440] pppol2tp_release+0x16c/0x2d0
[ 27.958737][ T440] sock_close+0xf1/0x290
[ 27.963001][ T440] ? __cfi_sock_close+0x10/0x10
[ 27.967922][ T440] __fput+0x1fc/0x8f0
[ 27.971916][ T440] ____fput+0x15/0x20
[ 27.975942][ T440] task_work_run+0x1e1/0x250
[ 27.980580][ T440] ? __cfi_task_work_run+0x10/0x10
[ 27.985954][ T440] ? __cfi___close_range+0x10/0x10
[ 27.991081][ T440] exit_to_user_mode_loop+0x9b/0xb0
[ 27.996347][ T440] exit_to_user_mode_prepare+0x87/0xd0
[ 28.001814][ T440] syscall_exit_to_user_mode+0x1a/0x30
[ 28.007308][ T440] do_syscall_64+0x58/0xa0
[ 28.011728][ T440] ? clear_bhb_loop+0x30/0x80
[ 28.016468][ T440] ? clear_bhb_loop+0x30/0x80
[ 28.021155][ T440] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 28.027099][ T440] RIP: 0033:0x7f6c0159ce59
[ 28.031515][ T440] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 28.051173][ T440] RSP: 002b:00007ffdd1c8be78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 28.059640][ T440] RAX: 0000000000000000 RBX: 00007ffdd1c8bf60 RCX: 00007f6c0159ce59
[ 28.067798][ T440] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 28.075804][ T440] RBP: 0000000000006c5e R08: 0000000000000001 R09: 0000000000000000
[ 28.083781][ T440] R10: 0000001b33520000 R11: 0000000000000246 R12: 00007ffdd1c8bfa0
[ 28.091803][ T440] R13: 00007f6c01815fac R14: 0000000000006cad R15: 00007f6c01815fa0
[ 28.099807][ T440]
[ 28.102831][ T440] ---[ end trace 0000000000000000 ]---
[ 28.134281][ T8] device bridge_slave_1 left promiscuous mode
[ 28.141920][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 28.162222][ T506] ------------[ cut here ]------------
[ 28.167761][ T506] WARNING: CPU: 0 PID: 506 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 28.177974][ T506] Modules linked in:
[ 28.181881][ T506] CPU: 0 PID: 506 Comm: syz.4.71 Tainted: G B W syzkaller #0
[ 28.190706][ T506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 28.200835][ T506] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 28.208147][ T506] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 28.227794][ T506] RSP: 0018:ffffc90000b97c98 EFLAGS: 00010293
[ 28.233855][ T506] RAX: ffffffff849cebf7 RBX: ffff88811bdd5000 RCX: ffff88811bdf9440
[ 28.241866][ T506] RDX: 0000000000000000 RSI: 000000001c428000 RDI: 000000000c04eb7d
[ 28.249952][ T506] RBP: ffffc90000b97cb8 R08: ffff88811bdd5083 R09: 1ffff110237baa10
[ 28.257937][ T506] R10: dffffc0000000000 R11: ffffed10237baa11 R12: dffffc0000000000
[ 28.265952][ T506] R13: 1ffff11026a2325b R14: 000000001c428000 R15: ffff888121493400
[ 28.273925][ T506] FS: 0000555557246500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 28.282905][ T506] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 28.289512][ T506] CR2: 0000001b33f63fff CR3: 0000000123bbb000 CR4: 00000000003506b0
[ 28.297676][ T506] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 28.305678][ T506] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 28.313684][ T506] Call Trace:
[ 28.317006][ T506]
[ 28.319935][ T506] pppol2tp_release+0x16c/0x2d0
[ 28.324824][ T506] sock_close+0xf1/0x290
[ 28.329157][ T506] ? __cfi_sock_close+0x10/0x10
[ 28.334009][ T506] __fput+0x1fc/0x8f0
[ 28.338038][ T506] ____fput+0x15/0x20
[ 28.342055][ T506] task_work_run+0x1e1/0x250
[ 28.346693][ T506] ? __cfi_task_work_run+0x10/0x10
[ 28.351805][ T506] ? __cfi___close_range+0x10/0x10
[ 28.356968][ T506] exit_to_user_mode_loop+0x9b/0xb0
[ 28.362165][ T506] exit_to_user_mode_prepare+0x87/0xd0
[ 28.367639][ T506] syscall_exit_to_user_mode+0x1a/0x30
[ 28.373183][ T506] do_syscall_64+0x58/0xa0
[ 28.377611][ T506] ? clear_bhb_loop+0x30/0x80
[ 28.382277][ T506] ? clear_bhb_loop+0x30/0x80
[ 28.387018][ T506] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 28.392912][ T506] RIP: 0033:0x7efc24d9ce59
[ 28.397404][ T506] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 28.417038][ T506] RSP: 002b:00007ffe2e0a5458 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 28.425557][ T506] RAX: 0000000000000000 RBX: 00007ffe2e0a5540 RCX: 00007efc24d9ce59
[ 28.433524][ T506] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 28.441511][ T506] RBP: 0000000000006de7 R08: 0000000000000001 R09: 0000000000000000
[ 28.449517][ T506] R10: 0000001b33b20000 R11: 0000000000000246 R12: 00007ffe2e0a5580
[ 28.457505][ T506] R13: 00007efc25015fac R14: 0000000000006e19 R15: 00007efc25015fa0
[ 28.465549][ T506]
[ 28.468588][ T506] ---[ end trace 0000000000000000 ]---
[ 28.475663][ T8] device bridge_slave_0 left promiscuous mode
[ 28.482994][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 28.491652][ T518] ------------[ cut here ]------------
[ 28.497232][ T518] WARNING: CPU: 1 PID: 518 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 28.507337][ T518] Modules linked in:
[ 28.511231][ T518] CPU: 1 PID: 518 Comm: syz.1.76 Tainted: G B W syzkaller #0
[ 28.519911][ T518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 28.530048][ T518] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 28.536483][ T518] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 28.556203][ T518] RSP: 0018:ffffc90000b97c98 EFLAGS: 00010293
[ 28.562255][ T518] RAX: ffffffff849cebf7 RBX: ffff88811bd61000 RCX: ffff88811bdfa880
[ 28.570294][ T518] RDX: 0000000000000000 RSI: 0000000017958740 RDI: 000000000c04eb7d
[ 28.578307][ T518] RBP: ffffc90000b97cb8 R08: ffff88811bd61083 R09: 1ffff110237ac210
[ 28.586332][ T518] R10: dffffc0000000000 R11: ffffed10237ac211 R12: dffffc0000000000
[ 28.594296][ T518] R13: 1ffff11026a2387b R14: 0000000017958740 R15: ffff888121669400
[ 28.602333][ T518] FS: 000055558d8f5500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 28.611334][ T518] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 28.617982][ T518] CR2: 0000200000000240 CR3: 0000000109624000 CR4: 00000000003506a0
[ 28.626076][ T518] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 28.634030][ T518] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 28.642681][ T518] Call Trace:
[ 28.646041][ T518]
[ 28.648979][ T518] pppol2tp_release+0x16c/0x2d0
[ 28.653826][ T518] sock_close+0xf1/0x290
[ 28.658099][ T518] ? __cfi_sock_close+0x10/0x10
[ 28.662956][ T518] __fput+0x1fc/0x8f0
[ 28.666964][ T518] ____fput+0x15/0x20
[ 28.670938][ T518] task_work_run+0x1e1/0x250
[ 28.675553][ T518] ? __cfi_task_work_run+0x10/0x10
[ 28.680668][ T518] ? __cfi___close_range+0x10/0x10
[ 28.685819][ T518] exit_to_user_mode_loop+0x9b/0xb0
[ 28.691022][ T518] exit_to_user_mode_prepare+0x87/0xd0
[ 28.696527][ T518] syscall_exit_to_user_mode+0x1a/0x30
[ 28.701983][ T518] do_syscall_64+0x58/0xa0
[ 28.706498][ T518] ? clear_bhb_loop+0x30/0x80
[ 28.711185][ T518] ? clear_bhb_loop+0x30/0x80
[ 28.715878][ T518] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 28.721791][ T518] RIP: 0033:0x7f6c0159ce59
[ 28.726212][ T518] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 28.745835][ T518] RSP: 002b:00007ffdd1c8be78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 28.754262][ T518] RAX: 0000000000000000 RBX: 00007ffdd1c8bf60 RCX: 00007f6c0159ce59
[ 28.762329][ T518] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 28.770335][ T518] RBP: 0000000000006f2f R08: 0000000000000001 R09: 0000000000000000
[ 28.778315][ T518] R10: 0000001b33520000 R11: 0000000000000246 R12: 00007ffdd1c8bfa0
[ 28.786554][ T518] R13: 00007f6c01815fac R14: 0000000000006f64 R15: 00007f6c01815fa0
[ 28.794574][ T518]
[ 28.797585][ T518] ---[ end trace 0000000000000000 ]---
[ 28.805625][ T8] device veth1_macvtap left promiscuous mode
[ 28.811703][ T8] device veth0_vlan left promiscuous mode
[ 28.833711][ T529] ------------[ cut here ]------------
[ 28.839298][ T529] WARNING: CPU: 0 PID: 529 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 28.849444][ T529] Modules linked in:
[ 28.853349][ T529] CPU: 0 PID: 529 Comm: syz.1.82 Tainted: G B W syzkaller #0
[ 28.862058][ T529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 28.872288][ T529] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 28.878754][ T529] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 28.898400][ T529] RSP: 0018:ffffc90000b27c98 EFLAGS: 00010293
[ 28.904456][ T529] RAX: ffffffff849cebf7 RBX: ffff88811c337000 RCX: ffff88811c6aa880
[ 28.912443][ T529] RDX: 0000000000000000 RSI: 0000000017958640 RDI: 000000000c04eb7d
[ 28.920433][ T529] RBP: ffffc90000b27cb8 R08: ffff88811c337083 R09: 1ffff11023866e10
[ 28.928420][ T529] R10: dffffc0000000000 R11: ffffed1023866e11 R12: dffffc0000000000
[ 28.936408][ T529] R13: 1ffff11026a2861b R14: 0000000017958640 R15: ffff88812166a000
[ 28.944369][ T529] FS: 000055558d8f5500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 28.953506][ T529] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 28.960151][ T529] CR2: 00007fa03a1456b8 CR3: 0000000120e1b000 CR4: 00000000003506b0
[ 28.968234][ T529] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 28.976332][ T529] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 28.984303][ T529] Call Trace:
[ 28.987598][ T529]
[ 28.990531][ T529] pppol2tp_release+0x16c/0x2d0
[ 28.995400][ T529] sock_close+0xf1/0x290
[ 28.999641][ T529] ? __cfi_sock_close+0x10/0x10
[ 29.004487][ T529] __fput+0x1fc/0x8f0
[ 29.008501][ T529] ____fput+0x15/0x20
[ 29.012515][ T529] task_work_run+0x1e1/0x250
[ 29.017141][ T529] ? __cfi_task_work_run+0x10/0x10
[ 29.022253][ T529] ? __cfi___close_range+0x10/0x10
[ 29.027418][ T529] exit_to_user_mode_loop+0x9b/0xb0
[ 29.032624][ T529] exit_to_user_mode_prepare+0x87/0xd0
[ 29.038112][ T529] syscall_exit_to_user_mode+0x1a/0x30
[ 29.043578][ T529] do_syscall_64+0x58/0xa0
[ 29.048015][ T529] ? clear_bhb_loop+0x30/0x80
[ 29.052774][ T529] ? clear_bhb_loop+0x30/0x80
[ 29.057460][ T529] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 29.063357][ T529] RIP: 0033:0x7f6c0159ce59
[ 29.068326][ T529] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 29.087962][ T529] RSP: 002b:00007ffdd1c8be78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 29.096403][ T529] RAX: 0000000000000000 RBX: 00007ffdd1c8bf60 RCX: 00007f6c0159ce59
[ 29.104373][ T529] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 29.112705][ T529] RBP: 000000000000707d R08: 0000000000000001 R09: 0000000000000000
[ 29.120731][ T529] R10: 0000001b33520000 R11: 0000000000000246 R12: 00007ffdd1c8bfa0
[ 29.128725][ T529] R13: 00007f6c01815fac R14: 00000000000070b9 R15: 00007f6c01815fa0
[ 29.136734][ T529]
[ 29.139745][ T529] ---[ end trace 0000000000000000 ]---
[ 29.158669][ T542] ------------[ cut here ]------------
[ 29.164157][ T542] WARNING: CPU: 1 PID: 542 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 29.174277][ T542] Modules linked in:
[ 29.178265][ T542] CPU: 1 PID: 542 Comm: syz.1.89 Tainted: G B W syzkaller #0
[ 29.187162][ T542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 29.197339][ T542] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 29.203846][ T542] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 29.225027][ T542] RSP: 0018:ffffc90000fe7c98 EFLAGS: 00010293
2026/06/11 06:05:06 executed programs: 79
[ 29.226703][ T28] audit: type=1400 audit(1781157906.496:116): avc: denied { write } for pid=295 comm="syz-execprog" path="pipe:[15231]" dev="pipefs" ino=15231 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 29.231183][ T542] RAX: ffffffff849cebf7 RBX: ffff88811d068000 RCX: ffff88811cfaa880
[ 29.231198][ T542] RDX: 0000000000000000 RSI: 000000001d384400 RDI: 000000000c04eb7d
[ 29.231208][ T542] RBP: ffffc90000fe7cb8 R08: ffff88811d068083 R09: 1ffff11023a0d010
[ 29.278696][ T542] R10: dffffc0000000000 R11: ffffed1023a0d011 R12: dffffc0000000000
[ 29.286746][ T542] R13: 1ffff11026a28b4b R14: 000000001d384400 R15: ffff8881184ba800
[ 29.294846][ T542] FS: 000055558d8f5500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 29.303786][ T542] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 29.310475][ T542] CR2: 00007f1240748060 CR3: 00000001331d4000 CR4: 00000000003506a0
[ 29.318540][ T542] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 29.326640][ T542] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 29.334688][ T542] Call Trace:
[ 29.338008][ T542]
[ 29.340917][ T542] pppol2tp_release+0x16c/0x2d0
[ 29.345837][ T542] sock_close+0xf1/0x290
[ 29.350078][ T542] ? __cfi_sock_close+0x10/0x10
[ 29.355098][ T542] __fput+0x1fc/0x8f0
[ 29.359080][ T542] ____fput+0x15/0x20
[ 29.363040][ T542] task_work_run+0x1e1/0x250
[ 29.367688][ T542] ? __cfi_task_work_run+0x10/0x10
[ 29.372793][ T542] ? __cfi___close_range+0x10/0x10
[ 29.378019][ T542] exit_to_user_mode_loop+0x9b/0xb0
[ 29.383216][ T542] exit_to_user_mode_prepare+0x87/0xd0
[ 29.388741][ T542] syscall_exit_to_user_mode+0x1a/0x30
[ 29.394310][ T542] do_syscall_64+0x58/0xa0
[ 29.398827][ T542] ? clear_bhb_loop+0x30/0x80
[ 29.403511][ T542] ? clear_bhb_loop+0x30/0x80
[ 29.408290][ T542] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 29.414224][ T542] RIP: 0033:0x7f6c0159ce59
[ 29.418829][ T542] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 29.438810][ T542] RSP: 002b:00007ffdd1c8be78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 29.447324][ T542] RAX: 0000000000000000 RBX: 00007ffdd1c8bf60 RCX: 00007f6c0159ce59
[ 29.455399][ T542] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 29.463374][ T542] RBP: 00000000000071c8 R08: 0000000000000001 R09: 0000000000000000
[ 29.472048][ T542] R10: 0000001b33520000 R11: 0000000000000246 R12: 00007ffdd1c8bfa0
[ 29.480132][ T542] R13: 00007f6c01815fac R14: 00000000000071fb R15: 00007f6c01815fa0
[ 29.488199][ T542]
[ 29.491206][ T542] ---[ end trace 0000000000000000 ]---
[ 29.542073][ T561] ------------[ cut here ]------------
[ 29.547675][ T561] WARNING: CPU: 0 PID: 561 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 29.557873][ T561] Modules linked in:
[ 29.561871][ T561] CPU: 0 PID: 561 Comm: syz.4.96 Tainted: G B W syzkaller #0
[ 29.570591][ T561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 29.572482][ T560] ------------[ cut here ]------------
[ 29.580758][ T561] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 29.586373][ T560] WARNING: CPU: 1 PID: 560 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 29.592669][ T561] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 29.602634][ T560] Modules linked in:
[ 29.602646][ T560] CPU: 1 PID: 560 Comm: syz.5.98 Tainted: G B W syzkaller #0
[ 29.602663][ T560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 29.602671][ T560] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 29.602694][ T560] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 29.622430][ T561] RSP: 0018:ffffc90000ba7c98 EFLAGS: 00010293
[ 29.626231][ T560] RSP: 0018:ffffc90000b97c98 EFLAGS: 00010293
[ 29.626252][ T560] RAX: ffffffff849cebf7 RBX: ffff88811a96a000 RCX: ffff88811dad8000
[ 29.626265][ T560] RDX: 0000000000000000 RSI: 00000000332b6a00 RDI: 000000000c04eb7d
[ 29.626277][ T560] RBP: ffffc90000b97cb8 R08: ffff88811a96a083 R09: 1ffff1102352d410
[ 29.626288][ T560] R10: dffffc0000000000 R11: ffffed102352d411 R12: dffffc0000000000
[ 29.634924][ T561]
[ 29.644982][ T560] R13: 1ffff11026a2743b R14: 00000000332b6a00 R15: ffff88811d289c00
[ 29.644996][ T560] FS: 000055556e239500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 29.645009][ T560] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 29.645020][ T560] CR2: 0000200000000240 CR3: 000000011d834000 CR4: 00000000003506a0
[ 29.645034][ T560] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 29.645044][ T560] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 29.645055][ T560] Call Trace:
[ 29.645059][ T560]
[ 29.645066][ T560] pppol2tp_release+0x16c/0x2d0
[ 29.651461][ T561] RAX: ffffffff849cebf7 RBX: ffff88811a96b000 RCX: ffff888110063cc0
[ 29.671084][ T560] sock_close+0xf1/0x290
[ 29.671112][ T560] ? __cfi_sock_close+0x10/0x10
[ 29.671130][ T560] __fput+0x1fc/0x8f0
[ 29.671147][ T560] ____fput+0x15/0x20
[ 29.671161][ T560] task_work_run+0x1e1/0x250
[ 29.671180][ T560] ? __cfi_task_work_run+0x10/0x10
[ 29.671196][ T560] ? __cfi___close_range+0x10/0x10
[ 29.671213][ T560] exit_to_user_mode_loop+0x9b/0xb0
[ 29.671231][ T560] exit_to_user_mode_prepare+0x87/0xd0
[ 29.671247][ T560] syscall_exit_to_user_mode+0x1a/0x30
[ 29.677379][ T561] RDX: 0000000000000000 RSI: 000000001d289c00 RDI: 000000000c04eb7d
[ 29.683364][ T560] do_syscall_64+0x58/0xa0
[ 29.691388][ T561] RBP: ffffc90000ba7cb8 R08: ffff88811a96b083 R09: 1ffff1102352d610
[ 29.699316][ T560] ? clear_bhb_loop+0x30/0x80
[ 29.699335][ T560] ? clear_bhb_loop+0x30/0x80
[ 29.699350][ T560] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 29.699371][ T560] RIP: 0033:0x7f123f99ce59
[ 29.707391][ T561] R10: dffffc0000000000 R11: ffffed102352d611 R12: dffffc0000000000
[ 29.715407][ T560] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 29.715422][ T560] RSP: 002b:00007ffd590d2748 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 29.715441][ T560] RAX: 0000000000000000 RBX: 00007ffd590d2830 RCX: 00007f123f99ce59
[ 29.715452][ T560] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 29.715461][ T560] RBP: 000000000000734c R08: 0000000000000001 R09: 0000000000000000
[ 29.717773][ T561] R13: 1ffff11026a2716b R14: 000000001d289c00 R15: ffff88811d289800
[ 29.725805][ T560] R10: 0000001b33320000 R11: 0000000000000246 R12: 00007ffd590d2870
[ 29.725825][ T560] R13: 00007f123fc15fac R14: 000000000000737f R15: 00007f123fc15fa0
[ 29.725839][ T560]
[ 29.725845][ T560] ---[ end trace 0000000000000000 ]---
[ 29.736546][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 29.741495][ T561] FS: 0000555557246500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 29.741514][ T561] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 29.741524][ T561] CR2: 0000200000000240 CR3: 000000011dbc0000 CR4: 00000000003506b0
[ 29.749954][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 29.757607][ T561] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 30.019451][ T561] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 30.028363][ T561] Call Trace:
[ 30.031648][ T561]
[ 30.034615][ T561] pppol2tp_release+0x16c/0x2d0
[ 30.039661][ T561] sock_close+0xf1/0x290
[ 30.043933][ T561] ? __cfi_sock_close+0x10/0x10
[ 30.048859][ T561] __fput+0x1fc/0x8f0
[ 30.052858][ T561] ____fput+0x15/0x20
[ 30.056917][ T561] task_work_run+0x1e1/0x250
[ 30.061530][ T561] ? __cfi_task_work_run+0x10/0x10
[ 30.066695][ T561] ? __cfi___close_range+0x10/0x10
[ 30.071918][ T561] exit_to_user_mode_loop+0x9b/0xb0
[ 30.077190][ T561] exit_to_user_mode_prepare+0x87/0xd0
[ 30.082674][ T561] syscall_exit_to_user_mode+0x1a/0x30
[ 30.088201][ T561] do_syscall_64+0x58/0xa0
[ 30.092633][ T561] ? clear_bhb_loop+0x30/0x80
[ 30.097408][ T561] ? clear_bhb_loop+0x30/0x80
[ 30.102618][ T561] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 30.108588][ T561] RIP: 0033:0x7efc24d9ce59
[ 30.113016][ T561] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 30.132758][ T561] RSP: 002b:00007ffe2e0a5458 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 30.141211][ T561] RAX: 0000000000000000 RBX: 00007ffe2e0a5540 RCX: 00007efc24d9ce59
[ 30.149233][ T561] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 30.157244][ T561] RBP: 0000000000007347 R08: 0000000000000001 R09: 0000000000000000
[ 30.165262][ T561] R10: 0000001b33b20000 R11: 0000000000000246 R12: 00007ffe2e0a5580
[ 30.173243][ T561] R13: 00007efc25015fac R14: 000000000000737a R15: 00007efc25015fa0
[ 30.181259][ T561]
[ 30.184280][ T561] ---[ end trace 0000000000000000 ]---
[ 30.225574][ T653] ------------[ cut here ]------------
[ 30.231066][ T653] WARNING: CPU: 1 PID: 653 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 30.241114][ T653] Modules linked in:
[ 30.245032][ T653] CPU: 1 PID: 653 Comm: syz.4.143 Tainted: G B W syzkaller #0
[ 30.253756][ T653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 30.263869][ T653] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 30.270290][ T653] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 30.290097][ T653] RSP: 0018:ffffc90001167c98 EFLAGS: 00010293
[ 30.296219][ T653] RAX: ffffffff849cebf7 RBX: ffff888109482000 RCX: ffff88811fda8000
[ 30.304201][ T653] RDX: 0000000000000000 RSI: 00000000332b6280 RDI: 000000000c04eb7d
[ 30.312219][ T653] RBP: ffffc90001167cb8 R08: ffff888109482083 R09: 1ffff11021290410
[ 30.320238][ T653] R10: dffffc0000000000 R11: ffffed1021290411 R12: dffffc0000000000
[ 30.328256][ T653] R13: 1ffff11022e0a25b R14: 00000000332b6280 R15: ffff88811fc69400
[ 30.336260][ T653] FS: 0000555557246500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 30.345254][ T653] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 30.351846][ T653] CR2: 0000200000000240 CR3: 000000012083c000 CR4: 00000000003506a0
[ 30.359858][ T653] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 30.367861][ T653] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 30.375867][ T653] Call Trace:
[ 30.379152][ T653]
[ 30.382092][ T653] pppol2tp_release+0x16c/0x2d0
[ 30.386992][ T653] sock_close+0xf1/0x290
[ 30.391250][ T653] ? __cfi_sock_close+0x10/0x10
[ 30.396136][ T653] __fput+0x1fc/0x8f0
[ 30.400132][ T653] ____fput+0x15/0x20
[ 30.404111][ T653] task_work_run+0x1e1/0x250
[ 30.408749][ T653] ? __cfi_task_work_run+0x10/0x10
[ 30.413867][ T653] ? __cfi___close_range+0x10/0x10
[ 30.419028][ T653] exit_to_user_mode_loop+0x9b/0xb0
[ 30.424233][ T653] exit_to_user_mode_prepare+0x87/0xd0
[ 30.429735][ T653] syscall_exit_to_user_mode+0x1a/0x30
[ 30.435217][ T653] do_syscall_64+0x58/0xa0
[ 30.439879][ T653] ? clear_bhb_loop+0x30/0x80
[ 30.444593][ T653] ? clear_bhb_loop+0x30/0x80
[ 30.449277][ T653] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 30.455248][ T653] RIP: 0033:0x7efc24d9ce59
[ 30.459673][ T653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 30.479343][ T653] RSP: 002b:00007ffe2e0a5458 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 30.487788][ T653] RAX: 0000000000000000 RBX: 00007ffe2e0a5540 RCX: 00007efc24d9ce59
[ 30.495801][ T653] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 30.503783][ T653] RBP: 00000000000075f8 R08: 0000000000000001 R09: 0000000000000000
[ 30.511800][ T653] R10: 0000001b33b20000 R11: 0000000000000246 R12: 00007ffe2e0a5580
[ 30.519808][ T653] R13: 00007efc25015fac R14: 000000000000762a R15: 00007efc25015fa0
[ 30.528179][ T653]
[ 30.531211][ T653] ---[ end trace 0000000000000000 ]---
[ 30.568761][ T732] ------------[ cut here ]------------
[ 30.574262][ T732] WARNING: CPU: 0 PID: 732 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 30.584496][ T732] Modules linked in:
[ 30.588545][ T732] CPU: 0 PID: 732 Comm: syz.6.180 Tainted: G B W syzkaller #0
[ 30.597400][ T732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 30.607669][ T732] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 30.614017][ T732] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 30.634067][ T732] RSP: 0018:ffffc900018d7c98 EFLAGS: 00010293
[ 30.640535][ T732] RAX: ffffffff849cebf7 RBX: ffff88810d7b7000 RCX: ffff88810fc8e540
[ 30.648711][ T732] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c04eb7d
[ 30.656884][ T732] RBP: ffffc900018d7cb8 R08: ffff88810d7b7083 R09: 1ffff11021af6e10
[ 30.665032][ T732] R10: dffffc0000000000 R11: ffffed1021af6e11 R12: dffffc0000000000
[ 30.673097][ T732] R13: 1ffff110200a04b3 R14: 0000000000000000 R15: ffff88810e8c0800
[ 30.681299][ T732] FS: 000055558830f500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 30.690518][ T732] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 30.697299][ T732] CR2: 0000200000000240 CR3: 000000010f459000 CR4: 00000000003506b0
[ 30.705694][ T732] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 30.713684][ T732] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 30.721952][ T732] Call Trace:
[ 30.725399][ T732]
[ 30.728424][ T732] pppol2tp_release+0x16c/0x2d0
[ 30.733458][ T732] sock_close+0xf1/0x290
[ 30.737938][ T732] ? __cfi_sock_close+0x10/0x10
[ 30.742898][ T732] __fput+0x1fc/0x8f0
[ 30.747186][ T732] ____fput+0x15/0x20
[ 30.751185][ T732] task_work_run+0x1e1/0x250
[ 30.755946][ T732] ? __cfi_task_work_run+0x10/0x10
[ 30.761070][ T732] ? __cfi___close_range+0x10/0x10
[ 30.766340][ T732] exit_to_user_mode_loop+0x9b/0xb0
[ 30.771549][ T732] exit_to_user_mode_prepare+0x87/0xd0
[ 30.777186][ T732] syscall_exit_to_user_mode+0x1a/0x30
[ 30.782918][ T732] do_syscall_64+0x58/0xa0
[ 30.787590][ T732] ? clear_bhb_loop+0x30/0x80
[ 30.792278][ T732] ? clear_bhb_loop+0x30/0x80
[ 30.797174][ T732] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 30.803091][ T732] RIP: 0033:0x7fa03939ce59
[ 30.807801][ T732] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 30.827623][ T732] RSP: 002b:00007ffde83fe3f8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 30.836670][ T732] RAX: 0000000000000000 RBX: 00007ffde83fe4e0 RCX: 00007fa03939ce59
[ 30.844837][ T732] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 30.852817][ T732] RBP: 000000000000774f R08: 0000000000000001 R09: 0000000000000000
[ 30.860998][ T732] R10: 0000001b33820000 R11: 0000000000000246 R12: 00007ffde83fe520
[ 30.869302][ T732] R13: 00007fa039615fac R14: 0000000000007782 R15: 00007fa039615fa0
[ 30.877444][ T732]
[ 30.880480][ T732] ---[ end trace 0000000000000000 ]---
[ 30.922095][ T806] ------------[ cut here ]------------
[ 30.927643][ T806] WARNING: CPU: 0 PID: 806 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 30.937766][ T806] Modules linked in:
[ 30.941663][ T806] CPU: 0 PID: 806 Comm: syz.6.220 Tainted: G B W syzkaller #0
[ 30.950383][ T806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 30.960479][ T806] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 30.966859][ T806] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 30.986717][ T806] RSP: 0018:ffffc90001807c98 EFLAGS: 00010293
[ 30.992789][ T806] RAX: ffffffff849cebf7 RBX: ffff88810e127000 RCX: ffff88812dcdd100
[ 31.000809][ T806] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c04eb7d
[ 31.008814][ T806] RBP: ffffc90001807cb8 R08: ffff88810e127083 R09: 1ffff11021c24e10
[ 31.016873][ T806] R10: dffffc0000000000 R11: ffffed1021c24e11 R12: dffffc0000000000
[ 31.025004][ T806] R13: 1ffff110247ca96b R14: 0000000000000000 R15: ffff888112ea0400
[ 31.032988][ T806] FS: 000055558830f500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 31.042050][ T806] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 31.048697][ T806] CR2: 00007f6c01817dac CR3: 000000013313d000 CR4: 00000000003506b0
[ 31.056729][ T806] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 31.064742][ T806] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 31.072729][ T806] Call Trace:
[ 31.076057][ T806]
[ 31.078995][ T806] pppol2tp_release+0x16c/0x2d0
[ 31.083868][ T806] sock_close+0xf1/0x290
[ 31.088182][ T806] ? __cfi_sock_close+0x10/0x10
[ 31.093053][ T806] __fput+0x1fc/0x8f0
[ 31.097090][ T806] ____fput+0x15/0x20
[ 31.101079][ T806] task_work_run+0x1e1/0x250
[ 31.105974][ T806] ? __cfi_task_work_run+0x10/0x10
[ 31.111187][ T806] ? __cfi___close_range+0x10/0x10
[ 31.116345][ T806] exit_to_user_mode_loop+0x9b/0xb0
[ 31.121558][ T806] exit_to_user_mode_prepare+0x87/0xd0
[ 31.127070][ T806] syscall_exit_to_user_mode+0x1a/0x30
[ 31.132532][ T806] do_syscall_64+0x58/0xa0
[ 31.137000][ T806] ? clear_bhb_loop+0x30/0x80
[ 31.141683][ T806] ? clear_bhb_loop+0x30/0x80
[ 31.146408][ T806] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 31.152320][ T806] RIP: 0033:0x7fa03939ce59
[ 31.156795][ T806] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 31.176619][ T806] RSP: 002b:00007ffde83fe3f8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 31.185206][ T806] RAX: 0000000000000000 RBX: 00007ffde83fe4e0 RCX: 00007fa03939ce59
[ 31.193183][ T806] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 31.201378][ T806] RBP: 00000000000078af R08: 0000000000000001 R09: 0000000000000000
[ 31.209397][ T806] R10: 0000001b33820000 R11: 0000000000000246 R12: 00007ffde83fe520
[ 31.217401][ T806] R13: 00007fa039615fac R14: 00000000000078e3 R15: 00007fa039615fa0
[ 31.225411][ T806]
[ 31.228519][ T806] ---[ end trace 0000000000000000 ]---
[ 31.263412][ T888] ------------[ cut here ]------------
[ 31.264141][ T886] ------------[ cut here ]------------
[ 31.269188][ T888] WARNING: CPU: 1 PID: 888 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 31.274840][ T886] WARNING: CPU: 0 PID: 886 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 31.284925][ T888] Modules linked in:
[ 31.294962][ T886] Modules linked in:
[ 31.294976][ T886] CPU: 0 PID: 886 Comm: syz.4.260 Tainted: G B W syzkaller #0
[ 31.294993][ T886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 31.295001][ T886] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 31.295064][ T886] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 31.295075][ T886] RSP: 0018:ffffc90001807c98 EFLAGS: 00010293
[ 31.295086][ T886] RAX: ffffffff849cebf7 RBX: ffff888115308000 RCX: ffff888114a18000
[ 31.295097][ T886] RDX: 0000000000000000 RSI: 00000000325afd40 RDI: 000000000c04eb7d
[ 31.295106][ T886] RBP: ffffc90001807cb8 R08: ffff888115308083 R09: 1ffff11022a61010
[ 31.298987][ T888]
[ 31.298996][ T888] CPU: 1 PID: 888 Comm: syz.1.258 Tainted: G B W syzkaller #0
[ 31.302864][ T886] R10: dffffc0000000000 R11: ffffed1022a61011 R12: dffffc0000000000
[ 31.311543][ T888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 31.321602][ T886] R13: 1ffff110247ec803 R14: 00000000325afd40 R15: ffff8881238e9400
[ 31.327959][ T888] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 31.327993][ T888] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 31.347888][ T886] FS: 0000555557246500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 31.353832][ T888] RSP: 0018:ffffc90001c5fc98 EFLAGS: 00010293
[ 31.361880][ T886] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 31.369837][ T888]
[ 31.369842][ T888] RAX: ffffffff849cebf7 RBX: ffff88811048d000 RCX: ffff88812f1d3cc0
[ 31.377798][ T886] CR2: 0000200000000240 CR3: 000000012d72a000 CR4: 00000000003506b0
[ 31.380104][ T888] RDX: 0000000000000000 RSI: 000000003207bb80 RDI: 000000000c04eb7d
[ 31.388763][ T886] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 31.388774][ T886] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 31.388783][ T886] Call Trace:
[ 31.388787][ T886]
[ 31.388793][ T886] pppol2tp_release+0x16c/0x2d0
[ 31.388815][ T886] sock_close+0xf1/0x290
[ 31.396799][ T888] RBP: ffffc90001c5fcb8 R08: ffff88811048d083 R09: 1ffff11022091a10
[ 31.406856][ T886] ? __cfi_sock_close+0x10/0x10
[ 31.414841][ T888] R10: dffffc0000000000 R11: ffffed1022091a11 R12: dffffc0000000000
[ 31.414854][ T888] R13: 1ffff110247dc0f3 R14: 000000003207bb80 R15: ffff888122f06000
[ 31.414864][ T888] FS: 000055558d8f5500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 31.414879][ T888] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 31.421173][ T886] __fput+0x1fc/0x8f0
[ 31.441014][ T888] CR2: 0000200000000240 CR3: 00000001238d9000 CR4: 00000000003506a0
[ 31.441033][ T888] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 31.441041][ T888] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 31.441051][ T888] Call Trace:
[ 31.441055][ T888]
[ 31.441062][ T888] pppol2tp_release+0x16c/0x2d0
[ 31.441085][ T888] sock_close+0xf1/0x290
[ 31.441105][ T888] ? __cfi_sock_close+0x10/0x10
[ 31.441125][ T888] __fput+0x1fc/0x8f0
[ 31.450308][ T886] ____fput+0x15/0x20
[ 31.456211][ T888] ____fput+0x15/0x20
[ 31.462765][ T886] task_work_run+0x1e1/0x250
[ 31.465115][ T888] task_work_run+0x1e1/0x250
[ 31.473068][ T886] ? __cfi_task_work_run+0x10/0x10
[ 31.481068][ T888] ? __cfi_task_work_run+0x10/0x10
[ 31.489009][ T886] ? __cfi___close_range+0x10/0x10
[ 31.496988][ T888] ? __cfi___close_range+0x10/0x10
[ 31.505056][ T886] exit_to_user_mode_loop+0x9b/0xb0
[ 31.505078][ T886] exit_to_user_mode_prepare+0x87/0xd0
[ 31.505094][ T886] syscall_exit_to_user_mode+0x1a/0x30
[ 31.505109][ T886] do_syscall_64+0x58/0xa0
[ 31.508372][ T888] exit_to_user_mode_loop+0x9b/0xb0
[ 31.511286][ T886] ? clear_bhb_loop+0x30/0x80
[ 31.516244][ T888] exit_to_user_mode_prepare+0x87/0xd0
[ 31.520427][ T886] ? clear_bhb_loop+0x30/0x80
[ 31.528406][ T888] syscall_exit_to_user_mode+0x1a/0x30
[ 31.533225][ T886] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 31.541198][ T888] do_syscall_64+0x58/0xa0
[ 31.549162][ T886] RIP: 0033:0x7efc24d9ce59
[ 31.558081][ T888] ? clear_bhb_loop+0x30/0x80
[ 31.564694][ T886] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 31.568623][ T888] ? clear_bhb_loop+0x30/0x80
[ 31.576589][ T886] RSP: 002b:00007ffe2e0a5458 EFLAGS: 00000246
[ 31.584762][ T888] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 31.584790][ T888] RIP: 0033:0x7f6c0159ce59
[ 31.584804][ T888] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 31.584816][ T888] RSP: 002b:00007ffdd1c8be78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 31.584833][ T888] RAX: 0000000000000000 RBX: 00007ffdd1c8bf60 RCX: 00007f6c0159ce59
[ 31.584845][ T888] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 31.584855][ T888] RBP: 0000000000007a06 R08: 0000000000000001 R09: 0000000000000000
[ 31.584863][ T888] R10: 0000001b33520000 R11: 0000000000000246 R12: 00007ffdd1c8bfa0
[ 31.584874][ T888] R13: 00007f6c01815fac R14: 0000000000007a38 R15: 00007f6c01815fa0
[ 31.584887][ T888]
[ 31.592838][ T886] ORIG_RAX: 00000000000001b4
[ 31.596217][ T888] ---[ end trace 0000000000000000 ]---
[ 31.842456][ T886] RAX: 0000000000000000 RBX: 00007ffe2e0a5540 RCX: 00007efc24d9ce59
[ 31.850448][ T886] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 31.858511][ T886] RBP: 0000000000007a03 R08: 0000000000000001 R09: 0000000000000000
[ 31.866510][ T886] R10: 0000001b33b20000 R11: 0000000000000246 R12: 00007ffe2e0a5580
[ 31.874478][ T886] R13: 00007efc25015fac R14: 0000000000007a36 R15: 00007efc25015fa0
[ 31.882543][ T886]
[ 31.885574][ T886] ---[ end trace 0000000000000000 ]---
[ 31.915629][ T903] ------------[ cut here ]------------
[ 31.921156][ T903] WARNING: CPU: 0 PID: 903 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 31.931218][ T903] Modules linked in:
[ 31.935139][ T903] CPU: 0 PID: 903 Comm: syz.6.268 Tainted: G B W syzkaller #0
[ 31.943817][ T903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 31.953920][ T903] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 31.960332][ T903] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 31.979997][ T903] RSP: 0018:ffffc90002047c98 EFLAGS: 00010293
[ 31.986316][ T903] RAX: ffffffff849cebf7 RBX: ffff8881318e8000 RCX: ffff8881304ee540
[ 31.994307][ T903] RDX: 0000000000000000 RSI: 00000000332ac0c0 RDI: 000000000c04eb7d
[ 32.002476][ T903] RBP: ffffc90002047cb8 R08: ffff8881318e8083 R09: 1ffff1102631d010
[ 32.010494][ T903] R10: dffffc0000000000 R11: ffffed102631d011 R12: dffffc0000000000
[ 32.018504][ T903] R13: 1ffff110247ede1b R14: 00000000332ac0c0 R15: ffff888129efe000
[ 32.027399][ T903] FS: 000055558830f500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 32.036367][ T903] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 32.042963][ T903] CR2: 00007f5d6024f156 CR3: 0000000132490000 CR4: 00000000003506b0
[ 32.051002][ T903] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 32.059012][ T903] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 32.067364][ T903] Call Trace:
[ 32.070662][ T903]
[ 32.073601][ T903] pppol2tp_release+0x16c/0x2d0
[ 32.078692][ T903] sock_close+0xf1/0x290
[ 32.082955][ T903] ? __cfi_sock_close+0x10/0x10
[ 32.087859][ T903] __fput+0x1fc/0x8f0
[ 32.091859][ T903] ____fput+0x15/0x20
[ 32.095890][ T903] task_work_run+0x1e1/0x250
[ 32.100499][ T903] ? __cfi_task_work_run+0x10/0x10
[ 32.105662][ T903] ? __cfi___close_range+0x10/0x10
[ 32.110880][ T903] exit_to_user_mode_loop+0x9b/0xb0
[ 32.116136][ T903] exit_to_user_mode_prepare+0x87/0xd0
[ 32.121613][ T903] syscall_exit_to_user_mode+0x1a/0x30
[ 32.127136][ T903] do_syscall_64+0x58/0xa0
[ 32.131559][ T903] ? clear_bhb_loop+0x30/0x80
[ 32.136310][ T903] ? clear_bhb_loop+0x30/0x80
[ 32.140990][ T903] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 32.147187][ T903] RIP: 0033:0x7fa03939ce59
[ 32.151614][ T903] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 32.171463][ T903] RSP: 002b:00007ffde83fe3f8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 32.179943][ T903] RAX: 0000000000000000 RBX: 00007ffde83fe4e0 RCX: 00007fa03939ce59
[ 32.187964][ T903] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 32.196029][ T903] RBP: 0000000000007c91 R08: 0000000000000001 R09: 0000000000000000
[ 32.204001][ T903] R10: 0000001b33820000 R11: 0000000000000246 R12: 00007ffde83fe520
[ 32.212017][ T903] R13: 00007fa039615fac R14: 0000000000007cc3 R15: 00007fa039615fa0
[ 32.220026][ T903]
[ 32.223050][ T903] ---[ end trace 0000000000000000 ]---
[ 32.245651][ T974] ------------[ cut here ]------------
[ 32.245684][ T976] ------------[ cut here ]------------
[ 32.251133][ T974] WARNING: CPU: 0 PID: 974 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 32.256767][ T976] WARNING: CPU: 1 PID: 976 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 32.266649][ T974] Modules linked in:
[ 32.266661][ T974] CPU: 0 PID: 974 Comm: syz.2.302 Tainted: G B W syzkaller #0
[ 32.266679][ T974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 32.266689][ T974] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 32.266712][ T974] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 32.266726][ T974] RSP: 0018:ffffc90002067c98 EFLAGS: 00010293
[ 32.266740][ T974] RAX: ffffffff849cebf7 RBX: ffff88810b386000 RCX: ffff888122526540
[ 32.266754][ T974] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c04eb7d
[ 32.266765][ T974] RBP: ffffc90002067cb8 R08: ffff88810b386083 R09: 1ffff11021670c10
[ 32.266777][ T974] R10: dffffc0000000000 R11: ffffed1021670c11 R12: dffffc0000000000
[ 32.276930][ T976] Modules linked in:
[ 32.280619][ T974] R13: 1ffff110247ee9e3 R14: 0000000000000000 R15: ffff888129f0e000
[ 32.289575][ T976]
[ 32.299356][ T974] FS: 0000555584359500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 32.299375][ T974] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 32.299388][ T974] CR2: 0000200000000240 CR3: 0000000111fad000 CR4: 00000000003506b0
[ 32.299403][ T974] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 32.299412][ T974] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 32.299423][ T974] Call Trace:
[ 32.299428][ T974]
[ 32.299434][ T974] pppol2tp_release+0x16c/0x2d0
[ 32.299459][ T974] sock_close+0xf1/0x290
[ 32.299480][ T974] ? __cfi_sock_close+0x10/0x10
[ 32.299500][ T974] __fput+0x1fc/0x8f0
[ 32.306057][ T976] CPU: 1 PID: 976 Comm: syz.6.303 Tainted: G B W syzkaller #0
[ 32.325669][ T974] ____fput+0x15/0x20
[ 32.325697][ T974] task_work_run+0x1e1/0x250
[ 32.325717][ T974] ? __cfi_task_work_run+0x10/0x10
[ 32.325735][ T974] ? __cfi___close_range+0x10/0x10
[ 32.325753][ T974] exit_to_user_mode_loop+0x9b/0xb0
[ 32.325770][ T974] exit_to_user_mode_prepare+0x87/0xd0
[ 32.331810][ T976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 32.339785][ T974] syscall_exit_to_user_mode+0x1a/0x30
[ 32.339805][ T974] do_syscall_64+0x58/0xa0
[ 32.339823][ T974] ? clear_bhb_loop+0x30/0x80
[ 32.339839][ T974] ? clear_bhb_loop+0x30/0x80
[ 32.339854][ T974] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 32.339876][ T974] RIP: 0033:0x7f5d6019ce59
[ 32.339891][ T974] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 32.347967][ T976] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 32.355846][ T974] RSP: 002b:00007ffd92440908 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 32.355881][ T974] RAX: 0000000000000000 RBX: 00007ffd924409f0 RCX: 00007f5d6019ce59
[ 32.355894][ T974] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 32.355904][ T974] RBP: 0000000000007dd5 R08: 0000000000000001 R09: 0000000000000000
[ 32.355914][ T974] R10: 0000001b33620000 R11: 0000000000000246 R12: 00007ffd92440a30
[ 32.355929][ T974] R13: 00007f5d60415fac R14: 0000000000007e0e R15: 00007f5d60415fa0
[ 32.355967][ T974]
[ 32.355972][ T974] ---[ end trace 0000000000000000 ]---
[ 32.603862][ T976] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 32.623618][ T976] RSP: 0018:ffffc9000214fc98 EFLAGS: 00010293
[ 32.629868][ T976] RAX: ffffffff849cebf7 RBX: ffff88811864b000 RCX: ffff88812d219440
[ 32.637962][ T976] RDX: 0000000000000000 RSI: 00000000181ed500 RDI: 000000000c04eb7d
[ 32.646165][ T976] RBP: ffffc9000214fcb8 R08: ffff88811864b083 R09: 1ffff110230c9610
[ 32.654127][ T976] R10: dffffc0000000000 R11: ffffed10230c9611 R12: dffffc0000000000
[ 32.662395][ T976] R13: 1ffff110247fd61b R14: 00000000181ed500 R15: ffff888130523400
[ 32.670509][ T976] FS: 000055558830f500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 32.679568][ T976] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 32.686256][ T976] CR2: 00007f6c01815fa4 CR3: 00000001126fb000 CR4: 00000000003506a0
[ 32.694304][ T976] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 32.702398][ T976] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 32.710431][ T976] Call Trace:
[ 32.713695][ T976]
[ 32.716720][ T976] pppol2tp_release+0x16c/0x2d0
[ 32.721581][ T976] sock_close+0xf1/0x290
[ 32.725950][ T976] ? __cfi_sock_close+0x10/0x10
[ 32.730802][ T976] __fput+0x1fc/0x8f0
[ 32.734949][ T976] ____fput+0x15/0x20
[ 32.738927][ T976] task_work_run+0x1e1/0x250
[ 32.743495][ T976] ? __cfi_task_work_run+0x10/0x10
[ 32.748699][ T976] ? __cfi___close_range+0x10/0x10
[ 32.753897][ T976] exit_to_user_mode_loop+0x9b/0xb0
[ 32.759199][ T976] exit_to_user_mode_prepare+0x87/0xd0
[ 32.764718][ T976] syscall_exit_to_user_mode+0x1a/0x30
[ 32.770162][ T976] do_syscall_64+0x58/0xa0
[ 32.774666][ T976] ? clear_bhb_loop+0x30/0x80
[ 32.779363][ T976] ? clear_bhb_loop+0x30/0x80
[ 32.784024][ T976] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 32.790041][ T976] RIP: 0033:0x7fa03939ce59
[ 32.794465][ T976] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 32.814480][ T976] RSP: 002b:00007ffde83fe3f8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 32.822995][ T976] RAX: 0000000000000000 RBX: 00007ffde83fe4e0 RCX: 00007fa03939ce59
[ 32.831067][ T976] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 32.839101][ T976] RBP: 0000000000007dd7 R08: 0000000000000001 R09: 0000000000000000
[ 32.847167][ T976] R10: 0000001b33820000 R11: 0000000000000246 R12: 00007ffde83fe520
[ 32.855229][ T976] R13: 00007fa039615fac R14: 0000000000007e0a R15: 00007fa039615fa0
[ 32.863191][ T976]
[ 32.866347][ T976] ---[ end trace 0000000000000000 ]---
[ 32.908223][ T992] ------------[ cut here ]------------
[ 32.913723][ T992] WARNING: CPU: 1 PID: 992 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 32.923773][ T992] Modules linked in:
[ 32.927720][ T992] CPU: 1 PID: 992 Comm: syz.2.311 Tainted: G B W syzkaller #0
[ 32.936520][ T992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 32.946667][ T992] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 32.953012][ T992] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 32.972695][ T992] RSP: 0018:ffffc9000242fc98 EFLAGS: 00010293
[ 32.978829][ T992] RAX: ffffffff849cebf7 RBX: ffff88811864f000 RCX: ffff888115c23cc0
[ 32.986847][ T992] RDX: 0000000000000000 RSI: 000000003033d680 RDI: 000000000c04eb7d
[ 32.994874][ T992] RBP: ffffc9000242fcb8 R08: ffff88811864f083 R09: 1ffff110230c9e10
[ 33.002857][ T992] R10: dffffc0000000000 R11: ffffed10230c9e11 R12: dffffc0000000000
[ 33.010873][ T992] R13: 1ffff110247fd1e3 R14: 000000003033d680 R15: ffff888130107400
[ 33.018875][ T992] FS: 0000555584359500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 33.027874][ T992] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 33.034465][ T992] CR2: 0000200000000240 CR3: 0000000120dfb000 CR4: 00000000003506a0
[ 33.042492][ T992] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 33.050509][ T992] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 33.058536][ T992] Call Trace:
[ 33.061908][ T992]
[ 33.064883][ T992] pppol2tp_release+0x16c/0x2d0
[ 33.069753][ T992] sock_close+0xf1/0x290
[ 33.074012][ T992] ? __cfi_sock_close+0x10/0x10
[ 33.078951][ T992] __fput+0x1fc/0x8f0
[ 33.082951][ T992] ____fput+0x15/0x20
[ 33.086991][ T992] task_work_run+0x1e1/0x250
[ 33.091600][ T992] ? __cfi_task_work_run+0x10/0x10
[ 33.096792][ T992] ? __cfi___close_range+0x10/0x10
[ 33.101912][ T992] exit_to_user_mode_loop+0x9b/0xb0
[ 33.107162][ T992] exit_to_user_mode_prepare+0x87/0xd0
[ 33.112631][ T992] syscall_exit_to_user_mode+0x1a/0x30
[ 33.118142][ T992] do_syscall_64+0x58/0xa0
[ 33.122579][ T992] ? clear_bhb_loop+0x30/0x80
[ 33.127298][ T992] ? clear_bhb_loop+0x30/0x80
[ 33.131984][ T992] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 33.137930][ T992] RIP: 0033:0x7f5d6019ce59
[ 33.142353][ T992] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 33.162007][ T992] RSP: 002b:00007ffd92440908 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 33.170455][ T992] RAX: 0000000000000000 RBX: 00007ffd924409f0 RCX: 00007f5d6019ce59
[ 33.178560][ T992] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 33.186583][ T992] RBP: 0000000000008069 R08: 0000000000000001 R09: 0000000000000000
[ 33.194937][ T992] R10: 0000001b33620000 R11: 0000000000000246 R12: 00007ffd92440a30
[ 33.203004][ T992] R13: 00007f5d60415fac R14: 00000000000080a5 R15: 00007f5d60415fa0
[ 33.211005][ T992]
[ 33.214028][ T992] ---[ end trace 0000000000000000 ]---
[ 33.233514][ T1058] ------------[ cut here ]------------
[ 33.239033][ T1058] WARNING: CPU: 1 PID: 1058 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 33.249192][ T1058] Modules linked in:
[ 33.253090][ T1058] CPU: 1 PID: 1058 Comm: syz.6.344 Tainted: G B W syzkaller #0
[ 33.261896][ T1058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 33.272164][ T1058] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 33.278545][ T1058] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 33.298191][ T1058] RSP: 0018:ffffc9000235fc98 EFLAGS: 00010293
[ 33.304268][ T1058] RAX: ffffffff849cebf7 RBX: ffff888112fab000 RCX: ffff88811a873cc0
[ 33.312296][ T1058] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c04eb7d
[ 33.320307][ T1058] RBP: ffffc9000235fcb8 R08: ffff888112fab083 R09: 1ffff110225f5610
[ 33.328317][ T1058] R10: dffffc0000000000 R11: ffffed10225f5611 R12: dffffc0000000000
[ 33.336337][ T1058] R13: 1ffff11026a0434b R14: 0000000000000000 R15: ffff888130106c00
[ 33.344318][ T1058] FS: 000055558830f500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 33.353294][ T1058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 33.359936][ T1058] CR2: 0000200000000240 CR3: 0000000117884000 CR4: 00000000003506a0
[ 33.368217][ T1058] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 33.376231][ T1058] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 33.384218][ T1058] Call Trace:
[ 33.387549][ T1058]
[ 33.390496][ T1058] pppol2tp_release+0x16c/0x2d0
[ 33.395404][ T1058] sock_close+0xf1/0x290
[ 33.399664][ T1058] ? __cfi_sock_close+0x10/0x10
[ 33.404581][ T1058] __fput+0x1fc/0x8f0
[ 33.408602][ T1058] ____fput+0x15/0x20
[ 33.412605][ T1058] task_work_run+0x1e1/0x250
[ 33.417257][ T1058] ? __cfi_task_work_run+0x10/0x10
[ 33.422468][ T1058] ? __cfi___close_range+0x10/0x10
[ 33.427647][ T1058] exit_to_user_mode_loop+0x9b/0xb0
[ 33.432859][ T1058] exit_to_user_mode_prepare+0x87/0xd0
[ 33.438375][ T1058] syscall_exit_to_user_mode+0x1a/0x30
[ 33.443840][ T1058] do_syscall_64+0x58/0xa0
[ 33.448304][ T1058] ? clear_bhb_loop+0x30/0x80
[ 33.452993][ T1058] ? clear_bhb_loop+0x30/0x80
[ 33.457719][ T1058] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 33.463626][ T1058] RIP: 0033:0x7fa03939ce59
[ 33.468084][ T1058] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 33.487816][ T1058] RSP: 002b:00007ffde83fe3f8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 33.496278][ T1058] RAX: 0000000000000000 RBX: 00007ffde83fe4e0 RCX: 00007fa03939ce59
[ 33.504252][ T1058] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 33.512267][ T1058] RBP: 00000000000081b8 R08: 0000000000000001 R09: 0000000000000000
[ 33.520274][ T1058] R10: 0000001b33820000 R11: 0000000000000246 R12: 00007ffde83fe520
[ 33.528300][ T1058] R13: 00007fa039615fac R14: 00000000000081ea R15: 00007fa039615fa0
[ 33.536306][ T1058]
[ 33.539335][ T1058] ---[ end trace 0000000000000000 ]---
[ 33.555988][ T1133] ------------[ cut here ]------------
[ 33.561513][ T1133] WARNING: CPU: 1 PID: 1133 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 33.571651][ T1133] Modules linked in:
[ 33.575598][ T1133] CPU: 1 PID: 1133 Comm: syz.5.381 Tainted: G B W syzkaller #0
[ 33.584366][ T1133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 33.594501][ T1133] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 33.600863][ T1133] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 33.620518][ T1133] RSP: 0018:ffffc90002777c98 EFLAGS: 00010293
[ 33.626616][ T1133] RAX: ffffffff849cebf7 RBX: ffff888118951000 RCX: ffff88811a958000
[ 33.634673][ T1133] RDX: 0000000000000000 RSI: 000000003326f880 RDI: 000000000c04eb7d
[ 33.642652][ T1133] RBP: ffffc90002777cb8 R08: ffff888118951083 R09: 1ffff1102312a210
[ 33.650673][ T1133] R10: dffffc0000000000 R11: ffffed102312a211 R12: dffffc0000000000
[ 33.658673][ T1133] R13: 1ffff110247fc87b R14: 000000003326f880 R15: ffff88812e17a000
[ 33.666703][ T1133] FS: 000055556e239500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 33.675750][ T1133] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 33.682341][ T1133] CR2: 0000200000000240 CR3: 0000000122e3e000 CR4: 00000000003506a0
[ 33.690363][ T1133] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 33.698389][ T1133] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 33.706400][ T1133] Call Trace:
[ 33.709678][ T1133]
[ 33.712605][ T1133] pppol2tp_release+0x16c/0x2d0
[ 33.717505][ T1133] sock_close+0xf1/0x290
[ 33.721755][ T1133] ? __cfi_sock_close+0x10/0x10
[ 33.726749][ T1133] __fput+0x1fc/0x8f0
[ 33.730755][ T1133] ____fput+0x15/0x20
[ 33.734772][ T1133] task_work_run+0x1e1/0x250
[ 33.739364][ T1133] ? __cfi_task_work_run+0x10/0x10
[ 33.744488][ T1133] ? __cfi___close_range+0x10/0x10
[ 33.749692][ T1133] exit_to_user_mode_loop+0x9b/0xb0
[ 33.754954][ T1133] exit_to_user_mode_prepare+0x87/0xd0
[ 33.760469][ T1133] syscall_exit_to_user_mode+0x1a/0x30
[ 33.765987][ T1133] do_syscall_64+0x58/0xa0
[ 33.770422][ T1133] ? clear_bhb_loop+0x30/0x80
[ 33.775140][ T1133] ? clear_bhb_loop+0x30/0x80
[ 33.779828][ T1133] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 33.785836][ T1133] RIP: 0033:0x7f123f99ce59
[ 33.790256][ T1133] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 33.809909][ T1133] RSP: 002b:00007ffd590d2748 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 33.818367][ T1133] RAX: 0000000000000000 RBX: 00007ffd590d2830 RCX: 00007f123f99ce59
[ 33.826401][ T1133] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 33.834465][ T1133] RBP: 00000000000082fa R08: 0000000000000001 R09: 0000000000000000
[ 33.842506][ T1133] R10: 0000001b33320000 R11: 0000000000000246 R12: 00007ffd590d2870
[ 33.850514][ T1133] R13: 00007f123fc15fac R14: 000000000000832d R15: 00007f123fc15fa0
[ 33.858535][ T1133]
[ 33.861563][ T1133] ---[ end trace 0000000000000000 ]---
[ 33.913729][ T1191] ------------[ cut here ]------------
[ 33.919276][ T1191] WARNING: CPU: 0 PID: 1191 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 33.929424][ T1191] Modules linked in:
[ 33.933328][ T1191] CPU: 0 PID: 1191 Comm: syz.1.408 Tainted: G B W syzkaller #0
[ 33.942137][ T1191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 33.952218][ T1191] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 33.958581][ T1191] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 33.978207][ T1191] RSP: 0018:ffffc90002767c98 EFLAGS: 00010293
[ 33.984258][ T1191] RAX: ffffffff849cebf7 RBX: ffff8881334e4000 RCX: ffff88811d3be540
[ 33.992269][ T1191] RDX: 0000000000000000 RSI: 0000000032a55000 RDI: 000000000c04eb7d
[ 34.000274][ T1191] RBP: ffffc90002767cb8 R08: ffff8881334e4083 R09: 1ffff1102669c810
[ 34.008266][ T1191] R10: dffffc0000000000 R11: ffffed102669c811 R12: dffffc0000000000
[ 34.016257][ T1191] R13: 1ffff110247b643b R14: 0000000032a55000 R15: ffff88813057f400
[ 34.024213][ T1191] FS: 000055558d8f5500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 34.033173][ T1191] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 34.039904][ T1191] CR2: 00007efc24e4f156 CR3: 00000001105b1000 CR4: 00000000003506b0
[ 34.047904][ T1191] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 34.055897][ T1191] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 34.063859][ T1191] Call Trace:
[ 34.067320][ T1191]
[ 34.070282][ T1191] pppol2tp_release+0x16c/0x2d0
[ 34.075240][ T1191] sock_close+0xf1/0x290
[ 34.079497][ T1191] ? __cfi_sock_close+0x10/0x10
[ 34.084337][ T1191] __fput+0x1fc/0x8f0
[ 34.088377][ T1191] ____fput+0x15/0x20
[ 34.092364][ T1191] task_work_run+0x1e1/0x250
[ 34.096978][ T1191] ? __cfi_task_work_run+0x10/0x10
[ 34.102087][ T1191] ? __cfi___close_range+0x10/0x10
[ 34.107243][ T1191] exit_to_user_mode_loop+0x9b/0xb0
[ 34.112552][ T1191] exit_to_user_mode_prepare+0x87/0xd0
[ 34.118042][ T1191] syscall_exit_to_user_mode+0x1a/0x30
[ 34.123511][ T1191] do_syscall_64+0x58/0xa0
[ 34.127950][ T1191] ? clear_bhb_loop+0x30/0x80
[ 34.132652][ T1191] ? clear_bhb_loop+0x30/0x80
[ 34.137347][ T1191] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 34.143256][ T1191] RIP: 0033:0x7f6c0159ce59
[ 34.147787][ T1191] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 34.167602][ T1191] RSP: 002b:00007ffdd1c8be78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 34.176071][ T1191] RAX: 0000000000000000 RBX: 00007ffdd1c8bf60 RCX: 00007f6c0159ce59
[ 34.184041][ T1191] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 34.192045][ T1191] RBP: 000000000000845d R08: 0000000000000001 R09: 0000000000000000
[ 34.200041][ T1191] R10: 0000001b33520000 R11: 0000000000000246 R12: 00007ffdd1c8bfa0
[ 34.208031][ T1191] R13: 00007f6c01815fac R14: 0000000000008491 R15: 00007f6c01815fa0
[ 34.216112][ T1191]
[ 34.219121][ T1191] ---[ end trace 0000000000000000 ]---
[ 34.242724][ T1206] ------------[ cut here ]------------
[ 34.248313][ T1206] WARNING: CPU: 1 PID: 1206 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 34.258515][ T1206] Modules linked in:
2026/06/11 06:05:11 executed programs: 406
[ 34.262421][ T1206] CPU: 1 PID: 1206 Comm: syz.1.417 Tainted: G B W syzkaller #0
[ 34.271263][ T1206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 34.281464][ T1206] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 34.288099][ T1206] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 34.308059][ T1206] RSP: 0018:ffffc90002c27c98 EFLAGS: 00010293
[ 34.314146][ T1206] RAX: ffffffff849cebf7 RBX: ffff888112ded000 RCX: ffff88811cfae540
[ 34.322316][ T1206] RDX: 0000000000000000 RSI: 0000000021400440 RDI: 000000000c04eb7d
[ 34.330380][ T1206] RBP: ffffc90002c27cb8 R08: ffff888112ded083 R09: 1ffff110225bda10
[ 34.338459][ T1206] R10: dffffc0000000000 R11: ffffed10225bda11 R12: dffffc0000000000
[ 34.346522][ T1206] R13: 1ffff11026a03d2b R14: 0000000021400440 R15: ffff8881124f0000
[ 34.354676][ T1206] FS: 000055558d8f5500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 34.363619][ T1206] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 34.370301][ T1206] CR2: 0000001b34763fff CR3: 000000013205e000 CR4: 00000000003506a0
[ 34.378372][ T1206] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 34.386427][ T1206] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 34.394408][ T1206] Call Trace:
[ 34.397750][ T1206]
[ 34.400686][ T1206] pppol2tp_release+0x16c/0x2d0
[ 34.405598][ T1206] sock_close+0xf1/0x290
[ 34.409855][ T1206] ? __cfi_sock_close+0x10/0x10
[ 34.414764][ T1206] __fput+0x1fc/0x8f0
[ 34.418760][ T1206] ____fput+0x15/0x20
[ 34.422755][ T1206] task_work_run+0x1e1/0x250
[ 34.427422][ T1206] ? __cfi_task_work_run+0x10/0x10
[ 34.432551][ T1206] ? __cfi___close_range+0x10/0x10
[ 34.437709][ T1206] exit_to_user_mode_loop+0x9b/0xb0
[ 34.442915][ T1206] exit_to_user_mode_prepare+0x87/0xd0
[ 34.448407][ T1206] syscall_exit_to_user_mode+0x1a/0x30
[ 34.453874][ T1206] do_syscall_64+0x58/0xa0
[ 34.458364][ T1206] ? clear_bhb_loop+0x30/0x80
[ 34.463101][ T1206] ? clear_bhb_loop+0x30/0x80
[ 34.468292][ T1206] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 34.474212][ T1206] RIP: 0033:0x7f6c0159ce59
[ 34.478765][ T1206] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 34.498418][ T1206] RSP: 002b:00007ffdd1c8be78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 34.506894][ T1206] RAX: 0000000000000000 RBX: 00007ffdd1c8bf60 RCX: 00007f6c0159ce59
[ 34.514926][ T1206] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 34.522913][ T1206] RBP: 00000000000085a7 R08: 0000000000000001 R09: 0000000000000000
[ 34.530927][ T1206] R10: 0000001b33520000 R11: 0000000000000246 R12: 00007ffdd1c8bfa0
[ 34.538934][ T1206] R13: 00007f6c01815fac R14: 00000000000085da R15: 00007f6c01815fa0
[ 34.547119][ T1206]
[ 34.550146][ T1206] ---[ end trace 0000000000000000 ]---
[ 34.574196][ T1276] ------------[ cut here ]------------
[ 34.579968][ T1276] WARNING: CPU: 0 PID: 1276 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 34.588642][ T1278] ------------[ cut here ]------------
[ 34.590247][ T1276] Modules linked in:
[ 34.595534][ T1278] WARNING: CPU: 1 PID: 1278 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 34.595567][ T1278] Modules linked in:
[ 34.595577][ T1278] CPU: 1 PID: 1278 Comm: syz.2.453 Tainted: G B W syzkaller #0
[ 34.595595][ T1278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 34.595604][ T1278] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 34.595626][ T1278] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 34.595640][ T1278] RSP: 0018:ffffc90002c37c98 EFLAGS: 00010293
[ 34.595654][ T1278] RAX: ffffffff849cebf7 RBX: ffff8881204c5000 RCX: ffff88811815bcc0
[ 34.595668][ T1278] RDX: 0000000000000000 RSI: 000000000f492980 RDI: 000000000c04eb7d
[ 34.595679][ T1278] RBP: ffffc90002c37cb8 R08: ffff8881204c5083 R09: 1ffff11024098a10
[ 34.595692][ T1278] R10: dffffc0000000000 R11: ffffed1024098a11 R12: dffffc0000000000
[ 34.595703][ T1278] R13: 1ffff11026a0687b R14: 000000000f492980 R15: ffff88811fc87000
[ 34.599570][ T1276]
[ 34.599575][ T1276] CPU: 0 PID: 1276 Comm: syz.4.454 Tainted: G B W syzkaller #0
[ 34.609626][ T1278] FS: 0000555584359500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 34.609640][ T1278] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 34.609650][ T1278] CR2: 0000200000000240 CR3: 0000000132018000 CR4: 00000000003506a0
[ 34.609665][ T1278] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 34.609673][ T1278] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 34.609683][ T1278] Call Trace:
[ 34.609688][ T1278]
[ 34.609694][ T1278] pppol2tp_release+0x16c/0x2d0
[ 34.609717][ T1278] sock_close+0xf1/0x290
[ 34.609735][ T1278] ? __cfi_sock_close+0x10/0x10
[ 34.609753][ T1278] __fput+0x1fc/0x8f0
[ 34.609775][ T1278] ____fput+0x15/0x20
[ 34.609791][ T1278] task_work_run+0x1e1/0x250
[ 34.609811][ T1278] ? __cfi_task_work_run+0x10/0x10
[ 34.609828][ T1278] ? __cfi___close_range+0x10/0x10
[ 34.609845][ T1278] exit_to_user_mode_loop+0x9b/0xb0
[ 34.609871][ T1278] exit_to_user_mode_prepare+0x87/0xd0
[ 34.609889][ T1278] syscall_exit_to_user_mode+0x1a/0x30
[ 34.609906][ T1278] do_syscall_64+0x58/0xa0
[ 34.609925][ T1278] ? clear_bhb_loop+0x30/0x80
[ 34.609940][ T1278] ? clear_bhb_loop+0x30/0x80
[ 34.613814][ T1276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 34.622623][ T1278] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 34.622651][ T1278] RIP: 0033:0x7f5d6019ce59
[ 34.622667][ T1278] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 34.622681][ T1278] RSP: 002b:00007ffd92440908 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 34.622700][ T1278] RAX: 0000000000000000 RBX: 00007ffd924409f0 RCX: 00007f5d6019ce59
[ 34.622712][ T1278] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 34.622723][ T1278] RBP: 00000000000086f1 R08: 0000000000000001 R09: 0000000000000000
[ 34.622733][ T1278] R10: 0000001b33620000 R11: 0000000000000246 R12: 00007ffd92440a30
[ 34.633094][ T1276] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 34.639464][ T1278] R13: 00007f5d60415fac R14: 0000000000008727 R15: 00007f5d60415fa0
[ 34.639483][ T1278]
[ 34.639489][ T1278] ---[ end trace 0000000000000000 ]---
[ 34.933292][ T1276] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 34.953039][ T1276] RSP: 0018:ffffc9000243fc98 EFLAGS: 00010293
[ 34.959141][ T1276] RAX: ffffffff849cebf7 RBX: ffff8881204c0000 RCX: ffff888118159440
[ 34.967769][ T1276] RDX: 0000000000000000 RSI: 0000000018152200 RDI: 000000000c04eb7d
[ 34.976249][ T1276] RBP: ffffc9000243fcb8 R08: ffff8881204c0083 R09: 1ffff11024098010
[ 34.985097][ T1276] R10: dffffc0000000000 R11: ffffed1024098011 R12: dffffc0000000000
[ 34.993693][ T1276] R13: 1ffff11026a06e1b R14: 0000000018152200 R15: ffff88811fc85c00
[ 35.003523][ T1276] FS: 0000555557246500(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 35.014919][ T1276] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 35.021494][ T1276] CR2: 0000200000000240 CR3: 0000000121593000 CR4: 00000000003506b0
[ 35.029508][ T1276] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 35.037503][ T1276] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 35.045504][ T1276] Call Trace:
[ 35.048791][ T1276]
[ 35.051803][ T1276] pppol2tp_release+0x16c/0x2d0
[ 35.056685][ T1276] sock_close+0xf1/0x290
[ 35.060933][ T1276] ? __cfi_sock_close+0x10/0x10
[ 35.065820][ T1276] __fput+0x1fc/0x8f0
[ 35.069812][ T1276] ____fput+0x15/0x20
[ 35.073796][ T1276] task_work_run+0x1e1/0x250
[ 35.078444][ T1276] ? __cfi_task_work_run+0x10/0x10
[ 35.083561][ T1276] ? __cfi___close_range+0x10/0x10
[ 35.088698][ T1276] exit_to_user_mode_loop+0x9b/0xb0
[ 35.093902][ T1276] exit_to_user_mode_prepare+0x87/0xd0
[ 35.099391][ T1276] syscall_exit_to_user_mode+0x1a/0x30
[ 35.104898][ T1276] do_syscall_64+0x58/0xa0
[ 35.109310][ T1276] ? clear_bhb_loop+0x30/0x80
[ 35.113972][ T1276] ? clear_bhb_loop+0x30/0x80
[ 35.118767][ T1276] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 35.124877][ T1276] RIP: 0033:0x7efc24d9ce59
[ 35.129304][ T1276] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 35.149058][ T1276] RSP: 002b:00007ffe2e0a5458 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 35.157510][ T1276] RAX: 0000000000000000 RBX: 00007ffe2e0a5540 RCX: 00007efc24d9ce59
[ 35.165503][ T1276] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 35.173460][ T1276] RBP: 00000000000086f0 R08: 0000000000000001 R09: 0000000000000000
[ 35.181450][ T1276] R10: 0000001b33b20000 R11: 0000000000000246 R12: 00007ffe2e0a5580
[ 35.189446][ T1276] R13: 00007efc25015fac R14: 0000000000008725 R15: 00007efc25015fa0
[ 35.197444][ T1276]
[ 35.200458][ T1276] ---[ end trace 0000000000000000 ]---
[ 35.236590][ T1289] ------------[ cut here ]------------
[ 35.242102][ T1289] WARNING: CPU: 1 PID: 1289 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 35.252236][ T1289] Modules linked in:
[ 35.256222][ T1289] CPU: 1 PID: 1289 Comm: syz.5.456 Tainted: G B W syzkaller #0
[ 35.265200][ T1289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 35.275297][ T1289] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 35.281646][ T1289] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 35.301293][ T1289] RSP: 0018:ffffc90002fc7c98 EFLAGS: 00010293
[ 35.307383][ T1289] RAX: ffffffff849cebf7 RBX: ffff88811ff5f000 RCX: ffff888116a2e540
[ 35.315401][ T1289] RDX: 0000000000000000 RSI: 000000001d663300 RDI: 000000000c04eb7d
[ 35.323897][ T1289] RBP: ffffc90002fc7cb8 R08: ffff88811ff5f083 R09: 1ffff11023febe10
[ 35.331920][ T1289] R10: dffffc0000000000 R11: ffffed1023febe11 R12: dffffc0000000000
[ 35.339927][ T1289] R13: 1ffff11026a2743b R14: 000000001d663300 R15: ffff888112d24c00
[ 35.347977][ T1289] FS: 000055556e239500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 35.356946][ T1289] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 35.363538][ T1289] CR2: 00007f5d6012c080 CR3: 0000000122e1d000 CR4: 00000000003506a0
[ 35.371553][ T1289] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 35.379591][ T1289] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 35.387614][ T1289] Call Trace:
[ 35.390898][ T1289]
[ 35.393828][ T1289] pppol2tp_release+0x16c/0x2d0
[ 35.398729][ T1289] sock_close+0xf1/0x290
[ 35.402990][ T1289] ? __cfi_sock_close+0x10/0x10
[ 35.407892][ T1289] __fput+0x1fc/0x8f0
[ 35.411896][ T1289] ____fput+0x15/0x20
[ 35.415918][ T1289] task_work_run+0x1e1/0x250
[ 35.420519][ T1289] ? __cfi_task_work_run+0x10/0x10
[ 35.425690][ T1289] ? __cfi___close_range+0x10/0x10
[ 35.430890][ T1289] exit_to_user_mode_loop+0x9b/0xb0
[ 35.436149][ T1289] exit_to_user_mode_prepare+0x87/0xd0
[ 35.441618][ T1289] syscall_exit_to_user_mode+0x1a/0x30
[ 35.447130][ T1289] do_syscall_64+0x58/0xa0
[ 35.451562][ T1289] ? clear_bhb_loop+0x30/0x80
[ 35.456292][ T1289] ? clear_bhb_loop+0x30/0x80
[ 35.460983][ T1289] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 35.467188][ T1289] RIP: 0033:0x7f123f99ce59
[ 35.471611][ T1289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 35.491362][ T1289] RSP: 002b:00007ffd590d2748 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 35.501415][ T1289] RAX: 0000000000000000 RBX: 00007ffd590d2830 RCX: 00007f123f99ce59
[ 35.509453][ T1289] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 35.517643][ T1289] RBP: 0000000000008981 R08: 0000000000000001 R09: 0000000000000000
[ 35.525760][ T1289] R10: 0000001b33320000 R11: 0000000000000246 R12: 00007ffd590d2870
[ 35.533834][ T1289] R13: 00007f123fc15fac R14: 00000000000089b4 R15: 00007f123fc15fa0
[ 35.541858][ T1289]
[ 35.544920][ T1289] ---[ end trace 0000000000000000 ]---
[ 35.561589][ T1351] ------------[ cut here ]------------
[ 35.567123][ T1351] refcount_t: underflow; use-after-free.
[ 35.576186][ T1350] ------------[ cut here ]------------
[ 35.581682][ T1350] WARNING: CPU: 1 PID: 1350 at net/l2tp/l2tp_ppp.c:156 pppol2tp_sock_to_session+0x167/0x1b0
[ 35.592094][ T1350] Modules linked in:
[ 35.596092][ T1350] CPU: 1 PID: 1350 Comm: syz.5.488 Tainted: G B W syzkaller #0
[ 35.604934][ T1350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 35.615293][ T1350] RIP: 0010:pppol2tp_sock_to_session+0x167/0x1b0
[ 35.621720][ T1350] Code: 5d c3 e8 ac 91 d4 fc be 02 00 00 00 eb 0a e8 a0 91 d4 fc be 01 00 00 00 4c 89 f7 e8 c3 50 cc fd e9 0f ff ff ff e8 89 91 d4 fc <0f> 0b 48 89 df e8 ff 00 00 00 eb bd e8 78 91 d4 fc 4c 89 f7 be 03
[ 35.642073][ T1350] RSP: 0018:ffffc90002bf7c98 EFLAGS: 00010293
[ 35.648191][ T1350] RAX: ffffffff849cebf7 RBX: ffff888109453000 RCX: ffff88811e47e540
[ 35.656217][ T1350] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000c04eb7d
[ 35.664378][ T1350] RBP: ffffc90002bf7cb8 R08: ffff888109453083 R09: 1ffff1102128a610
[ 35.672407][ T1350] R10: dffffc0000000000 R11: ffffed102128a611 R12: dffffc0000000000
[ 35.680427][ T1350] R13: 1ffff11026a2e003 R14: 0000000000000000 R15: ffff888112d26800
[ 35.688452][ T1350] FS: 000055556e239500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 35.697421][ T1350] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 35.704020][ T1350] CR2: 0000200000000240 CR3: 000000012d811000 CR4: 00000000003506a0
[ 35.712059][ T1350] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 35.720059][ T1350] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 35.728167][ T1350] Call Trace:
[ 35.731536][ T1350]
[ 35.734853][ T1350] pppol2tp_release+0x16c/0x2d0
[ 35.739898][ T1350] sock_close+0xf1/0x290
[ 35.744333][ T1350] ? __cfi_sock_close+0x10/0x10
[ 35.749243][ T1350] __fput+0x1fc/0x8f0
[ 35.753238][ T1350] ____fput+0x15/0x20
[ 35.757289][ T1350] task_work_run+0x1e1/0x250
[ 35.762067][ T1350] ? __cfi_task_work_run+0x10/0x10
[ 35.767521][ T1350] ? __cfi___close_range+0x10/0x10
[ 35.772653][ T1350] exit_to_user_mode_loop+0x9b/0xb0
[ 35.777910][ T1350] exit_to_user_mode_prepare+0x87/0xd0
[ 35.783513][ T1350] syscall_exit_to_user_mode+0x1a/0x30
[ 35.789115][ T1350] do_syscall_64+0x58/0xa0
[ 35.793585][ T1350] ? clear_bhb_loop+0x30/0x80
[ 35.798296][ T1350] ? clear_bhb_loop+0x30/0x80
[ 35.802976][ T1350] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 35.808924][ T1350] RIP: 0033:0x7f123f99ce59
[ 35.813343][ T1350] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 35.833423][ T1350] RSP: 002b:00007ffd590d2748 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 35.841956][ T1350] RAX: 0000000000000000 RBX: 00007ffd590d2830 RCX: 00007f123f99ce59
[ 35.849980][ T1350] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 35.857982][ T1350] RBP: 0000000000008ade R08: 0000000000000001 R09: 0000000000000000
[ 35.865987][ T1350] R10: 0000001b33320000 R11: 0000000000000246 R12: 00007ffd590d2870
[ 35.873968][ T1350] R13: 00007f123fc15fac R14: 0000000000008b11 R15: 00007f123fc15fa0
[ 35.881991][ T1350]
[ 35.885039][ T1350] ---[ end trace 0000000000000000 ]---
[ 35.891443][ T1351] WARNING: CPU: 1 PID: 1351 at lib/refcount.c:28 refcount_warn_saturate+0x120/0x1a0
[ 35.900894][ T1351] Modules linked in:
[ 35.904906][ T1351] CPU: 1 PID: 1351 Comm: syz.4.491 Tainted: G B W syzkaller #0
[ 35.913763][ T1351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 35.923874][ T1351] RIP: 0010:refcount_warn_saturate+0x120/0x1a0