Warning: Permanently added '10.128.1.27' (ECDSA) to the list of known hosts. 2023/02/17 10:55:36 fuzzer started 2023/02/17 10:55:37 dialing manager at 10.128.0.169:39449 syzkaller login: [ 175.636661][ T4981] cgroup: Unknown subsys name 'net' [ 175.801545][ T4981] cgroup: Unknown subsys name 'rlimit' 2023/02/17 10:55:40 syscalls: 3449 2023/02/17 10:55:40 code coverage: enabled 2023/02/17 10:55:40 comparison tracing: enabled 2023/02/17 10:55:40 extra coverage: enabled 2023/02/17 10:55:40 delay kcov mmap: enabled 2023/02/17 10:55:40 setuid sandbox: enabled 2023/02/17 10:55:40 namespace sandbox: enabled 2023/02/17 10:55:40 Android sandbox: /sys/fs/selinux/policy does not exist 2023/02/17 10:55:40 fault injection: enabled 2023/02/17 10:55:40 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2023/02/17 10:55:40 net packet injection: enabled 2023/02/17 10:55:40 net device setup: enabled 2023/02/17 10:55:40 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/02/17 10:55:40 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/02/17 10:55:40 NIC VF setup: PCI device 0000:00:11.0 is not available 2023/02/17 10:55:40 USB emulation: enabled 2023/02/17 10:55:40 hci packet injection: enabled 2023/02/17 10:55:40 wifi device emulation: enabled 2023/02/17 10:55:40 802.15.4 emulation: enabled 2023/02/17 10:55:40 fetching corpus: 0, signal 0/0 (executing program) 2023/02/17 10:55:40 fetching corpus: 0, signal 0/0 (executing program) 2023/02/17 10:55:43 starting 6 fuzzer processes 10:55:43 executing program 0: ioctl$sock_ipv6_tunnel_SIOCDELPRL(0xffffffffffffffff, 0x89f6, &(0x7f0000000000)={'sit0\x00', 0x0}) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x18, &(0x7f0000000040)={r2}, 0x8) 10:55:43 executing program 1: r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f00000006c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) connect$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmmsg(r1, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0) connect$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) close(r0) 10:55:43 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'ipvlan0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2010}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x3c}}, 0x0) 10:55:43 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x0, 0x0}, 0x10) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000140)={0x0, 0x0}) rt_sigqueueinfo(r1, 0x0, &(0x7f0000000200)={0x0, 0x0, 0xfffffffffffffff9}) 10:55:43 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0x2, 0x4e}, [@ldst={0x3, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x1, 0xb579, &(0x7f000000cf3d)=""/195}, 0x23) 10:55:43 executing program 3: r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000007c0), 0x4) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f00000002c0)) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)) [ 180.910761][ T4996] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 180.918915][ T4996] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 180.928826][ T4996] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 180.936993][ T4996] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 180.946816][ T4996] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 180.954876][ T4996] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 180.968853][ T4996] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 180.979511][ T5000] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 180.987715][ T4999] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 180.998543][ T4996] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 181.000779][ T5000] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 181.033318][ T4331] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 181.042305][ T4331] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 181.042337][ T5000] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 181.063431][ T4331] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 181.078544][ T4331] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 181.090838][ T4331] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 181.101049][ T4331] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 181.483728][ T4331] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 181.494418][ T4331] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 181.504026][ T4331] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 181.533672][ T5002] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 181.674088][ T5002] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 181.682755][ T5000] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 181.683358][ T5002] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 181.696084][ T5000] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 181.705921][ T5002] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 181.708651][ T5000] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 181.719226][ T5002] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 181.730416][ T5002] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 181.742424][ T5000] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 181.743198][ T5002] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 181.760139][ T5002] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 181.769061][ T5000] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 181.769606][ T5002] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 181.784980][ T45] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 182.412687][ T5005] chnl_net:caif_netlink_parms(): no params data found [ 182.959122][ T5004] chnl_net:caif_netlink_parms(): no params data found [ 183.053435][ T4996] Bluetooth: hci0: command 0x0409 tx timeout [ 183.134590][ T4996] Bluetooth: hci2: command 0x0409 tx timeout [ 183.140886][ T4996] Bluetooth: hci1: command 0x0409 tx timeout [ 183.578443][ T5003] chnl_net:caif_netlink_parms(): no params data found [ 183.798251][ T4996] Bluetooth: hci3: command 0x0409 tx timeout [ 183.853114][ T4996] Bluetooth: hci4: command 0x0409 tx timeout [ 183.914667][ T5013] chnl_net:caif_netlink_parms(): no params data found [ 183.933154][ T4996] Bluetooth: hci5: command 0x0409 tx timeout [ 184.187747][ T5014] chnl_net:caif_netlink_parms(): no params data found [ 184.268218][ T5011] chnl_net:caif_netlink_parms(): no params data found [ 184.320335][ T5005] bridge0: port 1(bridge_slave_0) entered blocking state [ 184.328286][ T5005] bridge0: port 1(bridge_slave_0) entered disabled state [ 184.339072][ T5005] device bridge_slave_0 entered promiscuous mode [ 184.483711][ T5005] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.491387][ T5005] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.502081][ T5005] device bridge_slave_1 entered promiscuous mode [ 184.617142][ T5004] bridge0: port 1(bridge_slave_0) entered blocking state [ 184.625143][ T5004] bridge0: port 1(bridge_slave_0) entered disabled state [ 184.635917][ T5004] device bridge_slave_0 entered promiscuous mode [ 184.719209][ T5004] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.727238][ T5004] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.738274][ T5004] device bridge_slave_1 entered promiscuous mode [ 185.005245][ T5005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 185.130608][ T5005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 185.154131][ T4996] Bluetooth: hci0: command 0x041b tx timeout [ 185.213432][ T5002] Bluetooth: hci1: command 0x041b tx timeout [ 185.213501][ T4996] Bluetooth: hci2: command 0x041b tx timeout [ 185.257713][ T5004] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 185.425175][ T5003] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.433280][ T5003] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.445023][ T5003] device bridge_slave_0 entered promiscuous mode [ 185.465196][ T5004] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 185.484425][ T5005] team0: Port device team_slave_0 added [ 185.593105][ T5005] team0: Port device team_slave_1 added [ 185.601125][ T5003] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.609039][ T5003] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.619848][ T5003] device bridge_slave_1 entered promiscuous mode [ 185.850342][ T5011] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.858314][ T5011] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.868917][ T5011] device bridge_slave_0 entered promiscuous mode [ 185.869228][ T5002] Bluetooth: hci3: command 0x041b tx timeout [ 185.927643][ T5003] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 185.937094][ T5002] Bluetooth: hci4: command 0x041b tx timeout [ 185.991727][ T5004] team0: Port device team_slave_0 added [ 186.000208][ T5011] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.008137][ T5011] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.019324][ T5011] device bridge_slave_1 entered promiscuous mode [ 186.032203][ T5005] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.033103][ T4331] Bluetooth: hci5: command 0x041b tx timeout [ 186.039435][ T5005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.073047][ T5005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.094116][ T5003] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 186.105601][ T5013] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.113446][ T5013] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.123994][ T5013] device bridge_slave_0 entered promiscuous mode [ 186.186883][ T5004] team0: Port device team_slave_1 added [ 186.197122][ T5005] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.204758][ T5005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.231161][ T5005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.277069][ T5013] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.284857][ T5013] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.295461][ T5013] device bridge_slave_1 entered promiscuous mode [ 186.385707][ T5011] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 186.545290][ T5011] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 186.627761][ T5003] team0: Port device team_slave_0 added [ 186.680532][ T5004] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.687884][ T5004] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.714436][ T5004] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.804103][ T5013] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 186.819661][ T5003] team0: Port device team_slave_1 added [ 186.846482][ T5005] device hsr_slave_0 entered promiscuous mode [ 186.857910][ T5005] device hsr_slave_1 entered promiscuous mode [ 186.869098][ T5014] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.876956][ T5014] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.887970][ T5014] device bridge_slave_0 entered promiscuous mode [ 186.902747][ T5004] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.910135][ T5004] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.936463][ T5004] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 187.015365][ T5013] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 187.059600][ T5014] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.067568][ T5014] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.078313][ T5014] device bridge_slave_1 entered promiscuous mode [ 187.140044][ T5011] team0: Port device team_slave_0 added [ 187.214492][ T5002] Bluetooth: hci0: command 0x040f tx timeout [ 187.222103][ T5003] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 187.229564][ T5003] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.255948][ T5003] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 187.293292][ T5002] Bluetooth: hci2: command 0x040f tx timeout [ 187.299726][ T4331] Bluetooth: hci1: command 0x040f tx timeout [ 187.316979][ T5003] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 187.324279][ T5003] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.350663][ T5003] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 187.388241][ T5011] team0: Port device team_slave_1 added [ 187.407018][ T5014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 187.486798][ T5013] team0: Port device team_slave_0 added [ 187.537984][ T5014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 187.637742][ T5004] device hsr_slave_0 entered promiscuous mode [ 187.647764][ T5004] device hsr_slave_1 entered promiscuous mode [ 187.656875][ T5004] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 187.664771][ T5004] Cannot create hsr debugfs directory [ 187.680171][ T5013] team0: Port device team_slave_1 added [ 187.769817][ T5011] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 187.777223][ T5011] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.803697][ T5011] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 187.933741][ T4996] Bluetooth: hci3: command 0x040f tx timeout [ 187.958703][ T5011] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 187.966457][ T5011] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.992928][ T5011] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.033380][ T5002] Bluetooth: hci4: command 0x040f tx timeout [ 188.079054][ T5003] device hsr_slave_0 entered promiscuous mode [ 188.095064][ T5003] device hsr_slave_1 entered promiscuous mode [ 188.103557][ T4996] Bluetooth: hci5: command 0x040f tx timeout [ 188.110369][ T5003] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 188.118708][ T5003] Cannot create hsr debugfs directory [ 188.131295][ T5014] team0: Port device team_slave_0 added [ 188.249210][ T5013] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 188.256784][ T5013] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.283128][ T5013] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.339754][ T5014] team0: Port device team_slave_1 added [ 188.436096][ T5013] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.443428][ T5013] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.469998][ T5013] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.573336][ T5014] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 188.580517][ T5014] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.607008][ T5014] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.665270][ T5011] device hsr_slave_0 entered promiscuous mode [ 188.676794][ T5011] device hsr_slave_1 entered promiscuous mode [ 188.685889][ T5011] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 188.693761][ T5011] Cannot create hsr debugfs directory [ 188.766718][ T5014] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.774292][ T5014] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.800882][ T5014] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 189.162469][ T5013] device hsr_slave_0 entered promiscuous mode [ 189.172404][ T5013] device hsr_slave_1 entered promiscuous mode [ 189.181773][ T5013] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 189.189699][ T5013] Cannot create hsr debugfs directory [ 189.293772][ T5002] Bluetooth: hci0: command 0x0419 tx timeout [ 189.373214][ T4996] Bluetooth: hci2: command 0x0419 tx timeout [ 189.376795][ T5002] Bluetooth: hci1: command 0x0419 tx timeout [ 189.430887][ T5014] device hsr_slave_0 entered promiscuous mode [ 189.440313][ T5014] device hsr_slave_1 entered promiscuous mode [ 189.449991][ T5014] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 189.458141][ T5014] Cannot create hsr debugfs directory [ 190.013520][ T4996] Bluetooth: hci3: command 0x0419 tx timeout [ 190.168855][ T5002] Bluetooth: hci4: command 0x0419 tx timeout [ 190.175495][ T4996] Bluetooth: hci5: command 0x0419 tx timeout [ 190.260688][ T5005] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 190.294487][ T5005] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 190.389368][ T5005] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 190.492782][ T5005] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 190.622388][ T5004] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 190.678845][ T5004] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 190.717795][ T5004] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 190.742091][ T5004] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 190.837731][ T5003] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 191.103052][ T5003] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 191.135686][ T5003] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 191.162184][ T5003] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 191.239530][ T5011] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 191.304591][ T5014] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 191.357537][ T5011] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 191.432426][ T5011] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 191.494041][ T5014] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 191.520313][ T5011] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 191.581127][ T5014] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 191.608630][ T5013] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 191.646287][ T5014] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 191.714956][ T5013] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 191.821484][ T5013] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 191.973531][ T5013] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 192.533235][ T5005] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.604907][ T5003] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.722062][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.733871][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.779928][ T5004] 8021q: adding VLAN 0 to HW filter on device bond0 [ 192.812445][ T5005] 8021q: adding VLAN 0 to HW filter on device team0 [ 192.832814][ T5063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.843614][ T5063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.895970][ T5003] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.025377][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 193.036820][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 193.047478][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.055192][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.066055][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 193.077613][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 193.088244][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.095925][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.130473][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 193.141355][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 193.153201][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 193.163836][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 193.226854][ T5004] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.237837][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 193.249384][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 193.260232][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.267935][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.410990][ T5011] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.418995][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 193.430309][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 193.441236][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.449140][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.460145][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 193.474294][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 193.485649][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 193.496152][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.503860][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.513753][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 193.574363][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 193.586129][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 193.598818][ T5057] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 193.630425][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 193.642529][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 193.653395][ T5048] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.661002][ T5048] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.780745][ T5011] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.942131][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 193.956056][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 193.967148][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 193.977524][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 193.989935][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 194.001837][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 194.014721][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 194.026818][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 194.039390][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 194.051517][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 194.064513][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 194.076573][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 194.089439][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 194.099870][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 194.111176][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 194.121579][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 194.133128][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 194.144159][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 194.154533][ T5048] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.162124][ T5048] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.171723][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 194.183565][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 194.194994][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 194.205778][ T5048] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 194.222534][ T1577] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 194.233902][ T1577] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 194.245474][ T1577] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 194.256138][ T1577] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 194.272496][ T1577] ===================================================== [ 194.279721][ T1577] BUG: KMSAN: uninit-value in preempt_count_add+0x1b8/0x320 [ 194.287245][ T1577] preempt_count_add+0x1b8/0x320 [ 194.287456][ T5003] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 194.292384][ T1577] sysvec_reschedule_ipi+0x20/0x120 [ 194.304899][ T1577] asm_sysvec_reschedule_ipi+0x1f/0x30 [ 194.310550][ T1577] ip_fast_csum+0x2db/0x5f0 [ 194.315221][ T1577] nsim_dev_trap_report_work+0x920/0x11f0 [ 194.321162][ T1577] process_one_work+0xe73/0x18d0 [ 194.326379][ T1577] worker_thread+0x10fc/0x2230 [ 194.331447][ T1577] kthread+0x3c7/0x500 [ 194.335707][ T1577] ret_from_fork+0x1f/0x30 [ 194.340311][ T1577] [ 194.342732][ T1577] Uninit was created at: [ 194.347278][ T1577] slab_post_alloc_hook+0x271/0xf70 [ 194.352689][ T1577] __kmem_cache_alloc_node+0x68c/0xac0 [ 194.358353][ T1577] __kmalloc_node_track_caller+0x3df/0x710 [ 194.364401][ T1577] __alloc_skb+0x56e/0xad0 [ 194.369008][ T1577] nsim_dev_trap_report_work+0x420/0x11f0 [ 194.374949][ T1577] process_one_work+0xe73/0x18d0 [ 194.378416][ T5014] 8021q: adding VLAN 0 to HW filter on device bond0 [ 194.380093][ T1577] worker_thread+0x10fc/0x2230 [ 194.391840][ T1577] kthread+0x3c7/0x500 [ 194.396093][ T1577] ret_from_fork+0x1f/0x30 [ 194.400721][ T1577] [ 194.403149][ T1577] CPU: 1 PID: 1577 Comm: kworker/1:2 Not tainted 6.2.0-rc8-syzkaller-80998-g9c866a280876 #0 [ 194.406727][ T5005] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 194.413346][ T1577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 194.413414][ T1577] Workqueue: events nsim_dev_trap_report_work [ 194.413567][ T1577] ===================================================== [ 194.413596][ T1577] Disabling lock debugging due to kernel taint [ 194.413630][ T1577] Kernel panic - not syncing: kmsan.panic set ... [ 194.413672][ T1577] CPU: 1 PID: 1577 Comm: kworker/1:2 Tainted: G B 6.2.0-rc8-syzkaller-80998-g9c866a280876 #0 [ 194.413772][ T1577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 194.413832][ T1577] Workqueue: events nsim_dev_trap_report_work [ 194.413952][ T1577] Call Trace: [ 194.413983][ T1577] [ 194.414014][ T1577] dump_stack_lvl+0x200/0x290 [ 194.414159][ T1577] dump_stack+0x29/0x30 [ 194.414293][ T1577] panic+0x4fd/0xc70 [ 194.414409][ T1577] ? add_taint+0x185/0x210 [ 194.414509][ T1577] kmsan_report+0x2d0/0x2d0 [ 194.414669][ T1577] ? __msan_warning+0x96/0x110 [ 194.414792][ T1577] ? preempt_count_add+0x1b8/0x320 [ 194.414929][ T1577] ? sysvec_reschedule_ipi+0x20/0x120 [ 194.415023][ T1577] ? asm_sysvec_reschedule_ipi+0x1f/0x30 [ 194.415137][ T1577] ? ip_fast_csum+0x2db/0x5f0 [ 194.415224][ T1577] ? nsim_dev_trap_report_work+0x920/0x11f0 [ 194.415349][ T1577] ? process_one_work+0xe73/0x18d0 [ 194.415498][ T1577] ? worker_thread+0x10fc/0x2230 [ 194.415645][ T1577] ? kthread+0x3c7/0x500 [ 194.415758][ T1577] ? ret_from_fork+0x1f/0x30 [ 194.415896][ T1577] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 194.416057][ T1577] ? kmsan_internal_memmove_metadata+0x9a/0x360 [ 194.416210][ T1577] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 194.416363][ T1577] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 194.416521][ T1577] ? debug_smp_processor_id+0x1b/0x20 [ 194.416636][ T1577] ? kmsan_get_shadow_origin_ptr+0x4d/0xa0 [ 194.416795][ T1577] __msan_warning+0x96/0x110 [ 194.416931][ T1577] preempt_count_add+0x1b8/0x320 [ 194.417103][ T1577] sysvec_reschedule_ipi+0x20/0x120 [ 194.417207][ T1577] asm_sysvec_reschedule_ipi+0x1f/0x30 [ 194.417320][ T1577] RIP: 0010:ip_fast_csum+0x2db/0x5f0 [ 194.417428][ T1577] Code: e4 45 31 ff 45 31 ed 48 83 7d a8 00 0f 85 a9 00 00 00 44 8b 33 48 89 df e8 c2 6d c7 fb 8b 00 8b 4d d0 41 09 cc 85 c9 8b 7d cc <41> 0f 44 ff 44 8b 3a 48 89 5d b0 48 83 c3 04 8b 75 bc 44 01 ee 85 [ 194.417539][ T1577] RSP: 0018:ffff88810a49bac8 EFLAGS: 00000286 [ 194.417622][ T1577] RAX: 0000000000000000 RBX: ffff888048ff5014 RCX: 00000000ffffff00 [ 194.417694][ T1577] RDX: ffff888048bf5014 RSI: 00000000016cfc90 RDI: 0000000004230137 [ 194.417770][ T1577] RBP: ffff88810a49bb50 R08: ffffffff8699e767 R09: ffffffff8d63c939 [ 194.417874][ T1577] R10: 0000000000000003 R11: ffff88810e3ec100 R12: 00000000ffffff01 [ 194.417946][ T1577] R13: 0000000000000000 R14: 0000000011640000 R15: 0000000004230137 [ 194.418025][ T1577] ? in_aton+0x759/0x8d0 [ 194.418140][ T1577] ? ip_fast_csum+0x337/0x5f0 [ 194.418253][ T1577] ? ip_fast_csum+0x2ce/0x5f0 [ 194.418376][ T1577] nsim_dev_trap_report_work+0x920/0x11f0 [ 194.418573][ T1577] ? nsim_dev_rate_parent_read+0x1c0/0x1c0 [ 194.418712][ T1577] process_one_work+0xe73/0x18d0 [ 194.418916][ T1577] worker_thread+0x10fc/0x2230 [ 194.419124][ T1577] kthread+0x3c7/0x500 [ 194.419247][ T1577] ? worker_clr_flags+0x3a0/0x3a0 [ 194.419423][ T1577] ? kthread_blkcg+0x120/0x120 [ 194.419567][ T1577] ret_from_fork+0x1f/0x30 [ 194.419724][ T1577] [ 194.427638][ T1577] Kernel Offset: disabled [ 194.758213][ T1577] Rebooting in 86400 seconds..