Warning: Permanently added '10.128.0.12' (ED25519) to the list of known hosts. 2025/07/09 15:32:11 ignoring optional flag "sandboxArg"="0" 2025/07/09 15:32:12 parsed 1 programs [ 414.022910][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 414.029828][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 473.619466][ T6503] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 475.469377][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 475.476277][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 481.402266][ T5106] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 481.411435][ T5106] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 481.421056][ T5106] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 481.438251][ T5106] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 481.450625][ T5106] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 482.239662][ T3829] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 482.248566][ T3829] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 482.305342][ T3829] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 482.313484][ T3829] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 486.199715][ T6587] chnl_net:caif_netlink_parms(): no params data found [ 486.571854][ T6587] bridge0: port 1(bridge_slave_0) entered blocking state [ 486.579571][ T6587] bridge0: port 1(bridge_slave_0) entered disabled state [ 486.587334][ T6587] bridge_slave_0: entered allmulticast mode [ 486.596258][ T6587] bridge_slave_0: entered promiscuous mode [ 486.611778][ T6587] bridge0: port 2(bridge_slave_1) entered blocking state [ 486.619449][ T6587] bridge0: port 2(bridge_slave_1) entered disabled state [ 486.627391][ T6587] bridge_slave_1: entered allmulticast mode [ 486.636463][ T6587] bridge_slave_1: entered promiscuous mode [ 486.714763][ T6587] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 486.733606][ T6587] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 486.813128][ T6587] team0: Port device team_slave_0 added [ 486.828703][ T6587] team0: Port device team_slave_1 added [ 486.901068][ T6587] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 486.908421][ T6587] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 486.935946][ T6587] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 486.951002][ T6587] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 486.958604][ T6587] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 486.984988][ T6587] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 487.088621][ T6587] hsr_slave_0: entered promiscuous mode [ 487.100297][ T6587] hsr_slave_1: entered promiscuous mode [ 488.198773][ T6587] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 488.223328][ T6587] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 488.247660][ T6587] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 488.272290][ T6587] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 488.662757][ T6587] 8021q: adding VLAN 0 to HW filter on device bond0 [ 488.726632][ T6587] 8021q: adding VLAN 0 to HW filter on device team0 [ 488.754218][ T3760] bridge0: port 1(bridge_slave_0) entered blocking state [ 488.761868][ T3760] bridge0: port 1(bridge_slave_0) entered forwarding state [ 488.799003][ T3760] bridge0: port 2(bridge_slave_1) entered blocking state [ 488.806810][ T3760] bridge0: port 2(bridge_slave_1) entered forwarding state [ 489.594755][ T6587] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 489.801671][ T6587] veth0_vlan: entered promiscuous mode [ 489.859709][ T6587] veth1_vlan: entered promiscuous mode [ 489.986270][ T6587] veth0_macvtap: entered promiscuous mode [ 490.019248][ T6587] veth1_macvtap: entered promiscuous mode [ 490.091239][ T6587] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 490.157154][ T6587] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 490.199623][ T6587] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.209674][ T6587] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.219198][ T6587] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.228496][ T6587] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 492.880986][ T3829] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.012363][ T3829] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.178197][ T3829] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.313758][ T3829] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.792064][ T3829] bridge_slave_1: left allmulticast mode [ 493.798199][ T3829] bridge_slave_1: left promiscuous mode [ 493.805308][ T3829] bridge0: port 2(bridge_slave_1) entered disabled state [ 493.848305][ T3829] bridge_slave_0: left allmulticast mode [ 493.856526][ T3829] bridge_slave_0: left promiscuous mode [ 493.863984][ T3829] bridge0: port 1(bridge_slave_0) entered disabled state [ 494.343513][ T3829] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 494.371781][ T3829] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 494.395759][ T3829] bond0 (unregistering): Released all slaves [ 494.626068][ T3829] hsr_slave_0: left promiscuous mode [ 494.637017][ T3829] hsr_slave_1: left promiscuous mode [ 494.665417][ T3829] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 494.673112][ T3829] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 494.741014][ T3829] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 494.748971][ T3829] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 494.821811][ T3829] veth1_macvtap: left promiscuous mode [ 494.828071][ T3829] veth0_macvtap: left promiscuous mode [ 494.837531][ T3829] veth1_vlan: left promiscuous mode [ 494.843201][ T3829] veth0_vlan: left promiscuous mode [ 495.773514][ T3829] team0 (unregistering): Port device team_slave_1 removed [ 495.810612][ T3829] team0 (unregistering): Port device team_slave_0 removed 2025/07/09 15:33:47 executed programs: 0 [ 497.199289][ T5106] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 497.220582][ T5106] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 497.234031][ T5106] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 497.251578][ T5106] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 497.263802][ T5106] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 497.859100][ T6717] chnl_net:caif_netlink_parms(): no params data found [ 498.353166][ T6717] bridge0: port 1(bridge_slave_0) entered blocking state [ 498.360970][ T6717] bridge0: port 1(bridge_slave_0) entered disabled state [ 498.368960][ T6717] bridge_slave_0: entered allmulticast mode [ 498.378481][ T6717] bridge_slave_0: entered promiscuous mode [ 498.397321][ T6717] bridge0: port 2(bridge_slave_1) entered blocking state [ 498.407207][ T6717] bridge0: port 2(bridge_slave_1) entered disabled state [ 498.415154][ T6717] bridge_slave_1: entered allmulticast mode [ 498.425020][ T6717] bridge_slave_1: entered promiscuous mode [ 498.536450][ T6717] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 498.560618][ T6717] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 498.661584][ T6717] team0: Port device team_slave_0 added [ 498.679465][ T6717] team0: Port device team_slave_1 added [ 498.787601][ T6717] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 498.795401][ T6717] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 498.822034][ T6717] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 498.843309][ T6717] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 498.853722][ T6717] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 498.881814][ T6717] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 499.028000][ T6717] hsr_slave_0: entered promiscuous mode [ 499.038401][ T6717] hsr_slave_1: entered promiscuous mode [ 499.371311][ T5832] Bluetooth: hci0: command tx timeout [ 499.849132][ T6717] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 499.879146][ T6717] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 499.914019][ T6717] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 499.941908][ T6717] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 500.352413][ T6717] 8021q: adding VLAN 0 to HW filter on device bond0 [ 500.420556][ T6717] 8021q: adding VLAN 0 to HW filter on device team0 [ 500.452202][ T4796] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.459966][ T4796] bridge0: port 1(bridge_slave_0) entered forwarding state [ 500.503196][ T3015] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.510887][ T3015] bridge0: port 2(bridge_slave_1) entered forwarding state [ 501.253174][ T6717] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 501.445010][ T5832] Bluetooth: hci0: command tx timeout [ 501.462532][ T6717] veth0_vlan: entered promiscuous mode [ 501.500158][ T6717] veth1_vlan: entered promiscuous mode [ 501.650195][ T6717] veth0_macvtap: entered promiscuous mode [ 501.683597][ T6717] veth1_macvtap: entered promiscuous mode [ 501.783020][ T6717] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 501.826021][ T6717] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 501.873999][ T6717] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.885286][ T6717] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.894592][ T6717] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 501.903771][ T6717] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 503.527626][ T5832] Bluetooth: hci0: command tx timeout [ 504.281404][ T3760] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 504.290610][ T3760] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 504.362653][ T3829] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 504.371367][ T3829] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2025/07/09 15:33:55 executed programs: 2 [ 504.545000][ T5832] ===================================================== [ 504.552466][ T5832] BUG: KMSAN: uninit-value in l2cap_recv_frame+0xc397/0x186f0 [ 504.560507][ T5832] l2cap_recv_frame+0xc397/0x186f0 [ 504.566122][ T5832] l2cap_recv_acldata+0xe4b/0x1f80 [ 504.571520][ T5832] hci_rx_work+0x8a6/0x12b0 [ 504.576548][ T5832] process_scheduled_works+0xb91/0x1d80 [ 504.582381][ T5832] worker_thread+0xedf/0x1590 [ 504.587446][ T5832] kthread+0xd59/0xf00 [ 504.591738][ T5832] ret_from_fork+0x1e0/0x310 [ 504.596734][ T5832] ret_from_fork_asm+0x1a/0x30 [ 504.601752][ T5832] [ 504.604331][ T5832] Uninit was stored to memory at: [ 504.609670][ T5832] l2cap_recv_frame+0xc390/0x186f0 [ 504.615214][ T5832] l2cap_recv_acldata+0xe4b/0x1f80 [ 504.620686][ T5832] hci_rx_work+0x8a6/0x12b0 [ 504.625580][ T5832] process_scheduled_works+0xb91/0x1d80 [ 504.631414][ T5832] worker_thread+0xedf/0x1590 [ 504.636543][ T5832] kthread+0xd59/0xf00 [ 504.641883][ T5832] ret_from_fork+0x1e0/0x310 [ 504.647205][ T5832] ret_from_fork_asm+0x1a/0x30 [ 504.652242][ T5832] [ 504.654793][ T5832] Uninit was created at: [ 504.659334][ T5832] kmem_cache_alloc_node_noprof+0x818/0xf00 [ 504.665577][ T5832] kmalloc_reserve+0x13c/0x4b0 [ 504.670601][ T5832] __alloc_skb+0x347/0x7d0 [ 504.675417][ T5832] vhci_write+0x125/0x960 [ 504.680007][ T5832] vfs_write+0xb4b/0x1580 [ 504.684710][ T5832] __x64_sys_write+0x1fb/0x4d0 [ 504.689755][ T5832] x64_sys_call+0x38c3/0x3db0 [ 504.694923][ T5832] do_syscall_64+0xd9/0x210 [ 504.699690][ T5832] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.705917][ T5832] [ 504.708411][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:2 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(none) [ 504.720950][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 504.731407][ T5832] Workqueue: hci0 hci_rx_work [ 504.736537][ T5832] ===================================================== [ 504.744768][ T5832] Disabling lock debugging due to kernel taint [ 504.751569][ T5832] Kernel panic - not syncing: kmsan.panic set ... [ 504.758236][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:2 Tainted: G B 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(none) [ 504.772239][ T5832] Tainted: [B]=BAD_PAGE [ 504.776563][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 504.786810][ T5832] Workqueue: hci0 hci_rx_work [ 504.791845][ T5832] Call Trace: [ 504.795266][ T5832] [ 504.798338][ T5832] __dump_stack+0x26/0x30 [ 504.802995][ T5832] dump_stack_lvl+0x53/0x270 [ 504.807910][ T5832] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 504.813995][ T5832] dump_stack+0x1e/0x25 [ 504.818388][ T5832] panic+0x4bd/0xd50 [ 504.822592][ T5832] kmsan_report+0x31c/0x320 [ 504.827371][ T5832] ? __msan_warning+0x1b/0x30 [ 504.832286][ T5832] ? l2cap_recv_frame+0xc397/0x186f0 [ 504.837812][ T5832] ? l2cap_recv_acldata+0xe4b/0x1f80 [ 504.843328][ T5832] ? hci_rx_work+0x8a6/0x12b0 [ 504.848235][ T5832] ? process_scheduled_works+0xb91/0x1d80 [ 504.854221][ T5832] ? worker_thread+0xedf/0x1590 [ 504.859331][ T5832] ? kthread+0xd59/0xf00 [ 504.863770][ T5832] ? ret_from_fork+0x1e0/0x310 [ 504.868727][ T5832] ? ret_from_fork_asm+0x1a/0x30 [ 504.874007][ T5832] ? ret_from_fork_asm+0x1a/0x30 [ 504.879200][ T5832] ? __update_load_avg_cfs_rq+0xd7f/0x1010 [ 504.885299][ T5832] ? kmsan_get_metadata+0xfb/0x160 [ 504.890742][ T5832] ? kmsan_get_metadata+0xfb/0x160 [ 504.896092][ T5832] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 504.902329][ T5832] ? kmsan_get_metadata+0xfb/0x160 [ 504.907677][ T5832] ? kmsan_get_metadata+0xfb/0x160 [ 504.913024][ T5832] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 504.919090][ T5832] ? kmsan_get_metadata+0xfb/0x160 [ 504.924542][ T5832] __msan_warning+0x1b/0x30 [ 504.929266][ T5832] l2cap_recv_frame+0xc397/0x186f0 [ 504.934632][ T5832] ? kmsan_get_metadata+0xfb/0x160 [ 504.940064][ T5832] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 504.946124][ T5832] ? sched_clock_cpu+0x59/0xa80 [ 504.951283][ T5832] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 504.957395][ T5832] ? kmsan_get_metadata+0xfb/0x160 [ 504.962945][ T5832] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 504.969010][ T5832] ? _raw_spin_trylock_bh+0x81/0xc0 [ 504.974606][ T5832] ? filter_irq_stacks+0x49/0x190 [ 504.980011][ T5832] ? stack_depot_save_flags+0x35/0x7b0 [ 504.985686][ T5832] ? kmsan_get_metadata+0xfb/0x160 [ 504.991055][ T5832] ? kmsan_get_metadata+0xfb/0x160 [ 504.996404][ T5832] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 505.003059][ T5832] ? kmsan_get_metadata+0xfb/0x160 [ 505.008561][ T5832] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 505.014629][ T5832] l2cap_recv_acldata+0xe4b/0x1f80 [ 505.020014][ T5832] hci_rx_work+0x8a6/0x12b0 [ 505.024854][ T5832] ? __pfx_hci_rx_work+0x10/0x10 [ 505.030034][ T5832] process_scheduled_works+0xb91/0x1d80 [ 505.035895][ T5832] worker_thread+0xedf/0x1590 [ 505.040868][ T5832] kthread+0xd59/0xf00 [ 505.045132][ T5832] ? __pfx_worker_thread+0x10/0x10 [ 505.050556][ T5832] ? __pfx_kthread+0x10/0x10 [ 505.055360][ T5832] ret_from_fork+0x1e0/0x310 [ 505.060165][ T5832] ? __pfx_kthread+0x10/0x10 [ 505.064968][ T5832] ret_from_fork_asm+0x1a/0x30 [ 505.070010][ T5832] [ 505.073527][ T5832] Kernel Offset: disabled [ 505.078311][ T5832] Rebooting in 86400 seconds..