Warning: Permanently added '10.128.0.146' (ECDSA) to the list of known hosts. 2022/09/29 00:40:57 ignoring optional flag "sandboxArg"="0" 2022/09/29 00:40:57 parsed 1 programs [ 169.442119][ T3935] cgroup: Unknown subsys name 'net' [ 169.461772][ T3935] cgroup: Unknown subsys name 'rlimit' 2022/09/29 00:40:58 executed programs: 0 [ 170.749960][ T45] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 170.758438][ T45] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 170.767047][ T45] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 170.777538][ T45] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 170.787458][ T45] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 170.795758][ T45] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 171.043330][ T3941] chnl_net:caif_netlink_parms(): no params data found [ 171.263664][ T3941] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.271049][ T3941] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.280653][ T3941] device bridge_slave_0 entered promiscuous mode [ 171.294319][ T3941] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.301890][ T3941] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.311406][ T3941] device bridge_slave_1 entered promiscuous mode [ 171.368243][ T3941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.385997][ T3941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.439611][ T3941] team0: Port device team_slave_0 added [ 171.453023][ T3941] team0: Port device team_slave_1 added [ 171.503949][ T3941] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 171.511167][ T3941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.537446][ T3941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 171.553190][ T3941] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 171.560280][ T3941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.586613][ T3941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 171.652227][ T3941] device hsr_slave_0 entered promiscuous mode [ 171.660996][ T3941] device hsr_slave_1 entered promiscuous mode [ 171.898343][ T3941] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.905928][ T3941] bridge0: port 2(bridge_slave_1) entered forwarding state [ 171.914263][ T3941] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.921843][ T3941] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.030428][ T3144] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.040200][ T3144] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.080882][ T3941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.107045][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 172.116554][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 172.135335][ T3941] 8021q: adding VLAN 0 to HW filter on device team0 [ 172.152844][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 172.163820][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 172.173709][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.181125][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.206919][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 172.217614][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 172.227665][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.235327][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.244433][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 172.266685][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 172.294674][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 172.306092][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 172.317917][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 172.328684][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 172.341670][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 172.358742][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 172.369513][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 172.394031][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 172.404215][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 172.422242][ T3941] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 172.460446][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 172.469250][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 172.494537][ T3941] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 172.826162][ T3144] Bluetooth: hci0: command 0x0409 tx timeout [ 173.030437][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 173.041199][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 173.087947][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 173.097866][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 173.111870][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 173.121355][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 173.135254][ T3941] device veth0_vlan entered promiscuous mode [ 173.162881][ T3941] device veth1_vlan entered promiscuous mode [ 173.215743][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 173.226135][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 173.237144][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 173.247224][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 173.268051][ T3941] device veth0_macvtap entered promiscuous mode [ 173.284153][ T3941] device veth1_macvtap entered promiscuous mode [ 173.329268][ T3941] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 173.337723][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 173.348047][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 173.358431][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 173.368793][ T3144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 173.397272][ T3941] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 173.406227][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 173.417119][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 174.331860][ T3979] ===================================================== [ 174.339771][ T3979] BUG: KMSAN: uninit-value in ipv6_find_tlv+0x398/0x410 [ 174.347184][ T3979] ipv6_find_tlv+0x398/0x410 [ 174.351935][ T3979] ip6_find_1stfragopt+0x287/0x520 [ 174.357327][ T3979] ip6_fragment+0x1d7/0x3dc0 [ 174.362085][ T3979] ip6_finish_output+0xd0e/0x1230 [ 174.367413][ T3979] ip6_output+0x396/0x640 [ 174.371932][ T3979] ip6_local_out+0xe5/0x140 [ 174.376767][ T3979] ip6_push_pending_frames+0x1f4/0x550 [ 174.382751][ T3979] rawv6_push_pending_frames+0xb12/0xb90 [ 174.388643][ T3979] rawv6_sendmsg+0x2ba7/0x2ea0 [ 174.393697][ T3979] inet_sendmsg+0x101/0x180 [ 174.398375][ T3979] ____sys_sendmsg+0xabc/0xe90 [ 174.403430][ T3979] ___sys_sendmsg+0x2a1/0x3f0 [ 174.408277][ T3979] __x64_sys_sendmsg+0x367/0x540 [ 174.413505][ T3979] do_syscall_64+0x3d/0xb0 [ 174.418054][ T3979] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 174.424281][ T3979] [ 174.426677][ T3979] Uninit was created at: [ 174.431120][ T3979] __kmalloc_node_track_caller+0x814/0x1250 [ 174.437520][ T3979] __alloc_skb+0x346/0xcf0 [ 174.442094][ T3979] alloc_skb_with_frags+0xb9/0xba0 [ 174.447447][ T3979] sock_alloc_send_pskb+0xaa8/0xc30 [ 174.452862][ T3979] __ip6_append_data+0x509c/0x6b80 [ 174.458094][ T3979] ip6_append_data+0x437/0x5b0 [ 174.463224][ T3979] rawv6_sendmsg+0x28dc/0x2ea0 [ 174.468198][ T3979] inet_sendmsg+0x101/0x180 [ 174.473018][ T3979] ____sys_sendmsg+0xabc/0xe90 [ 174.477926][ T3979] ___sys_sendmsg+0x2a1/0x3f0 [ 174.482855][ T3979] __x64_sys_sendmsg+0x367/0x540 [ 174.487951][ T3979] do_syscall_64+0x3d/0xb0 [ 174.492665][ T3979] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 174.498840][ T3979] [ 174.501256][ T3979] CPU: 0 PID: 3979 Comm: syz-executor.0 Not tainted 6.0.0-rc5-syzkaller-00055-g968c2729e576 #0 [ 174.511900][ T3979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 174.522219][ T3979] ===================================================== [ 174.529487][ T3979] Disabling lock debugging due to kernel taint [ 174.535876][ T3979] Kernel panic - not syncing: kmsan.panic set ... [ 174.542485][ T3979] CPU: 0 PID: 3979 Comm: syz-executor.0 Tainted: G B 6.0.0-rc5-syzkaller-00055-g968c2729e576 #0 [ 174.554456][ T3979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 [ 174.564958][ T3979] Call Trace: [ 174.568307][ T3979] [ 174.571319][ T3979] dump_stack_lvl+0x1c8/0x256 [ 174.576115][ T3979] dump_stack+0x1a/0x1c [ 174.580388][ T3979] panic+0x4d3/0xc69 [ 174.584423][ T3979] ? add_taint+0x104/0x1a0 [ 174.588959][ T3979] kmsan_report+0x2cc/0x2d0 [ 174.593630][ T3979] ? kernel_text_address+0x11d/0x1a0 [ 174.599164][ T3979] ? __msan_warning+0x92/0x110 [ 174.604043][ T3979] ? ipv6_find_tlv+0x398/0x410 [ 174.608907][ T3979] ? ip6_find_1stfragopt+0x287/0x520 [ 174.614408][ T3979] ? ip6_fragment+0x1d7/0x3dc0 [ 174.619594][ T3979] ? ip6_finish_output+0xd0e/0x1230 [ 174.624993][ T3979] ? ip6_output+0x396/0x640 [ 174.630029][ T3979] ? ip6_local_out+0xe5/0x140 [ 174.634800][ T3979] ? ip6_push_pending_frames+0x1f4/0x550 [ 174.640571][ T3979] ? rawv6_push_pending_frames+0xb12/0xb90 [ 174.646563][ T3979] ? rawv6_sendmsg+0x2ba7/0x2ea0 [ 174.651670][ T3979] ? inet_sendmsg+0x101/0x180 [ 174.656583][ T3979] ? ____sys_sendmsg+0xabc/0xe90 [ 174.661854][ T3979] ? ___sys_sendmsg+0x2a1/0x3f0 [ 174.666828][ T3979] ? __x64_sys_sendmsg+0x367/0x540 [ 174.672038][ T3979] ? do_syscall_64+0x3d/0xb0 [ 174.676720][ T3979] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 174.682929][ T3979] ? kmsan_internal_memmove_metadata+0x96/0x350 [ 174.689652][ T3979] ? __msan_memcpy+0x104/0x1b0 [ 174.694531][ T3979] ? skb_copy_bits+0xe01/0xe60 [ 174.699425][ T3979] ? ip6t_do_table+0x74/0x2590 [ 174.704327][ T3979] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 174.710309][ T3979] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 174.716239][ T3979] __msan_warning+0x92/0x110 [ 174.720955][ T3979] ipv6_find_tlv+0x398/0x410 [ 174.725774][ T3979] ip6_find_1stfragopt+0x287/0x520 [ 174.731059][ T3979] ip6_fragment+0x1d7/0x3dc0 [ 174.736032][ T3979] ? ip6_make_skb+0xa30/0xa30 [ 174.741270][ T3979] ? ipv6_confirm+0xca/0xa00 [ 174.745986][ T3979] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 174.752076][ T3979] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 174.758138][ T3979] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 174.764481][ T3979] ip6_finish_output+0xd0e/0x1230 [ 174.769634][ T3979] ip6_output+0x396/0x640 [ 174.774177][ T3979] ? ip6_output+0x640/0x640 [ 174.778793][ T3979] ? ac6_seq_show+0x1b0/0x1b0 [ 174.783609][ T3979] ip6_local_out+0xe5/0x140 [ 174.788264][ T3979] ip6_push_pending_frames+0x1f4/0x550 [ 174.794136][ T3979] rawv6_push_pending_frames+0xb12/0xb90 [ 174.800101][ T3979] ? rawv6_send_hdrinc+0x2070/0x2070 [ 174.805930][ T3979] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 174.811867][ T3979] rawv6_sendmsg+0x2ba7/0x2ea0 [ 174.816857][ T3979] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 174.822813][ T3979] ? compat_rawv6_ioctl+0xb0/0xb0 [ 174.828001][ T3979] ? compat_rawv6_ioctl+0xb0/0xb0 [ 174.833145][ T3979] inet_sendmsg+0x101/0x180 [ 174.837765][ T3979] ? inet_send_prepare+0x5b0/0x5b0 [ 174.842996][ T3979] ____sys_sendmsg+0xabc/0xe90 [ 174.847993][ T3979] ___sys_sendmsg+0x2a1/0x3f0 [ 174.852771][ T3979] ? __fget_files+0x4a8/0x510 [ 174.857575][ T3979] ? kmsan_get_shadow_origin_ptr+0x49/0xa0 [ 174.863524][ T3979] __x64_sys_sendmsg+0x367/0x540 [ 174.868581][ T3979] do_syscall_64+0x3d/0xb0 [ 174.873124][ T3979] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 174.879299][ T3979] RIP: 0033:0x7f9b50e890e9 [ 174.883814][ T3979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 174.903632][ T3979] RSP: 002b:00007f9b51f38168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 174.912236][ T3979] RAX: ffffffffffffffda RBX: 00007f9b50f9bf60 RCX: 00007f9b50e890e9 [ 174.920445][ T3979] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 174.928527][ T3979] RBP: 00007f9b50ee308d R08: 0000000000000000 R09: 0000000000000000 [ 174.936614][ T3979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 174.944690][ T3979] R13: 00007ffd137fda3f R14: 00007f9b51f38300 R15: 0000000000022000 [ 174.944859][ T3144] Bluetooth: hci0: command 0x041b tx timeout [ 174.958837][ T3979] [ 174.962185][ T3979] Kernel Offset: disabled [ 174.966583][ T3979] Rebooting in 86400 seconds..