Warning: Permanently added '10.128.0.223' (ED25519) to the list of known hosts.
2025/06/29 06:11:06 ignoring optional flag "sandboxArg"="0"
2025/06/29 06:11:06 ignoring optional flag "type"="gce"
2025/06/29 06:11:07 parsed 1 programs
[  352.540939][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  352.547822][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  386.505198][ T6401] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  390.009300][ T5092] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  390.019457][ T5092] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  390.030108][ T5092] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  390.042543][ T5092] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  390.053817][ T5092] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  392.810586][ T6476] chnl_net:caif_netlink_parms(): no params data found
[  393.155207][ T6476] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.166519][ T6476] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.174100][ T6476] bridge_slave_0: entered allmulticast mode
[  393.183239][ T6476] bridge_slave_0: entered promiscuous mode
[  393.198577][ T6476] bridge0: port 2(bridge_slave_1) entered blocking state
[  393.207902][ T6476] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.215359][ T6476] bridge_slave_1: entered allmulticast mode
[  393.223916][ T6476] bridge_slave_1: entered promiscuous mode
[  393.301497][ T6476] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  393.320292][ T6476] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  393.396477][ T6476] team0: Port device team_slave_0 added
[  393.412777][ T6476] team0: Port device team_slave_1 added
[  393.482137][ T6476] batman_adv: batadv0: Adding interface: batadv_slave_0
[  393.490418][ T6476] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  393.518018][ T6476] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  393.533370][ T6476] batman_adv: batadv0: Adding interface: batadv_slave_1
[  393.540729][ T6476] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  393.567940][ T6476] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  393.675668][ T6476] hsr_slave_0: entered promiscuous mode
[  393.684547][ T6476] hsr_slave_1: entered promiscuous mode
[  394.716400][ T6476] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  394.741930][ T6476] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  394.769982][ T6476] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  394.796877][ T6476] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  395.200528][ T6476] 8021q: adding VLAN 0 to HW filter on device bond0
[  395.260441][ T6476] 8021q: adding VLAN 0 to HW filter on device team0
[  395.292401][ T3660] bridge0: port 1(bridge_slave_0) entered blocking state
[  395.300164][ T3660] bridge0: port 1(bridge_slave_0) entered forwarding state
[  395.334260][ T3660] bridge0: port 2(bridge_slave_1) entered blocking state
[  395.342018][ T3660] bridge0: port 2(bridge_slave_1) entered forwarding state
[  396.049526][ T6476] 8021q: adding VLAN 0 to HW filter on device batadv0
[  396.243928][ T6476] veth0_vlan: entered promiscuous mode
[  396.286839][ T6476] veth1_vlan: entered promiscuous mode
[  396.404479][ T6476] veth0_macvtap: entered promiscuous mode
[  396.465145][ T6476] veth1_macvtap: entered promiscuous mode
[  396.547165][ T6476] batman_adv: batadv0: Interface activated: batadv_slave_0
[  396.588742][ T6476] batman_adv: batadv0: Interface activated: batadv_slave_1
[  396.650184][ T6476] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  396.660699][ T6476] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  396.670007][ T6476] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  396.679430][ T6476] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  399.103816][ T3658] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.282867][ T3658] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.402500][ T3658] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.530280][ T3658] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.968093][ T3658] bridge_slave_1: left allmulticast mode
[  399.974051][ T3658] bridge_slave_1: left promiscuous mode
[  399.981083][ T3658] bridge0: port 2(bridge_slave_1) entered disabled state
[  400.010236][ T3658] bridge_slave_0: left allmulticast mode
[  400.016692][ T3658] bridge_slave_0: left promiscuous mode
[  400.023530][ T3658] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.567203][ T3658] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  400.618708][ T3658] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  400.669738][ T3658] bond0 (unregistering): Released all slaves
[  401.131943][ T3658] hsr_slave_0: left promiscuous mode
[  401.144045][ T3658] hsr_slave_1: left promiscuous mode
[  401.153930][ T3658] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  401.162649][ T3658] batman_adv: batadv0: Removing interface: batadv_slave_0
[  401.177898][ T3658] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  401.185874][ T3658] batman_adv: batadv0: Removing interface: batadv_slave_1
[  401.212740][ T3658] veth1_macvtap: left promiscuous mode
[  401.218830][ T3658] veth0_macvtap: left promiscuous mode
[  401.224821][ T3658] veth1_vlan: left promiscuous mode
[  401.230681][ T3658] veth0_vlan: left promiscuous mode
[  401.882211][ T3658] team0 (unregistering): Port device team_slave_1 removed
[  402.056577][ T3658] team0 (unregistering): Port device team_slave_0 removed
[  402.550001][ T3660] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  402.558515][ T3660] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  402.637666][ T3660] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  402.645868][ T3660] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/06/29 06:12:21 executed programs: 0
[  403.360435][ T5092] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  403.392386][ T5092] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  403.402764][ T5092] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  403.420217][ T5092] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  403.438451][ T5092] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  404.275935][ T6603] chnl_net:caif_netlink_parms(): no params data found
[  404.788909][ T6603] bridge0: port 1(bridge_slave_0) entered blocking state
[  404.796819][ T6603] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.804616][ T6603] bridge_slave_0: entered allmulticast mode
[  404.815770][ T6603] bridge_slave_0: entered promiscuous mode
[  404.832200][ T6603] bridge0: port 2(bridge_slave_1) entered blocking state
[  404.840061][ T6603] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.850595][ T6603] bridge_slave_1: entered allmulticast mode
[  404.860276][ T6603] bridge_slave_1: entered promiscuous mode
[  404.970805][ T6603] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  404.992817][ T6603] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  405.098127][ T6603] team0: Port device team_slave_0 added
[  405.119400][ T6603] team0: Port device team_slave_1 added
[  405.213194][ T6603] batman_adv: batadv0: Adding interface: batadv_slave_0
[  405.220870][ T6603] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  405.247352][ T6603] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  405.266634][ T6603] batman_adv: batadv0: Adding interface: batadv_slave_1
[  405.273937][ T6603] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  405.301697][ T6603] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  405.449944][ T6603] hsr_slave_0: entered promiscuous mode
[  405.462705][ T6603] hsr_slave_1: entered promiscuous mode
[  405.476536][ T5951] Bluetooth: hci0: command tx timeout
[  406.237791][ T6603] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  406.261739][ T6603] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  406.285234][ T6603] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  406.310077][ T6603] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  406.691906][ T6603] 8021q: adding VLAN 0 to HW filter on device bond0
[  406.750685][ T6603] 8021q: adding VLAN 0 to HW filter on device team0
[  406.778989][ T3660] bridge0: port 1(bridge_slave_0) entered blocking state
[  406.786719][ T3660] bridge0: port 1(bridge_slave_0) entered forwarding state
[  406.827268][ T3660] bridge0: port 2(bridge_slave_1) entered blocking state
[  406.834887][ T3660] bridge0: port 2(bridge_slave_1) entered forwarding state
[  407.526487][ T6603] 8021q: adding VLAN 0 to HW filter on device batadv0
[  407.559115][ T5951] Bluetooth: hci0: command tx timeout
[  407.698483][ T6603] veth0_vlan: entered promiscuous mode
[  407.737358][ T6603] veth1_vlan: entered promiscuous mode
[  407.900223][ T6603] veth0_macvtap: entered promiscuous mode
[  407.929415][ T6603] veth1_macvtap: entered promiscuous mode
[  408.015228][ T6603] batman_adv: batadv0: Interface activated: batadv_slave_0
[  408.059260][ T6603] batman_adv: batadv0: Interface activated: batadv_slave_1
[  408.099605][ T6603] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  408.110830][ T6603] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  408.120085][ T6603] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  408.129360][ T6603] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  409.635844][ T5951] Bluetooth: hci0: command tx timeout
[  410.520678][ T4432] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  410.529233][ T4432] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  410.626391][ T4432] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  410.635059][ T4432] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  411.561335][ T6707] loop0: detected capacity change from 0 to 32768
[  411.578219][ T6707] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor (6707)
[  411.606330][ T6707] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  411.617246][ T6707] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  411.629384][ T6707] BTRFS info (device loop0): using free-space-tree
[  411.717716][ T5951] Bluetooth: hci0: command tx timeout
[  411.808982][   T30] audit: type=1804 audit(1751177550.363:2): pid=6707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor" name="/root/syzkaller-testdir3547063135/syzkaller.BQZOl2/0/bus/bus" dev="loop0" ino=263 res=1 errno=0
2025/06/29 06:12:30 executed programs: 1
[  412.109687][ T6603] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  413.660986][   T30] audit: type=1804 audit(1751177552.223:3): pid=6738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor" name="/root/syzkaller-testdir3547063135/syzkaller.BQZOl2/1/bus" dev="sda1" ino=2035 res=1 errno=0
[  413.986949][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  413.993665][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  414.736013][ T6752] loop0: detected capacity change from 0 to 32768
[  414.758400][ T6752] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor (6752)
[  414.799765][ T6752] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  414.810497][ T6752] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  414.822027][ T6752] BTRFS info (device loop0): using free-space-tree
[  415.003344][   T30] audit: type=1804 audit(1751177553.563:4): pid=6752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor" name="/root/syzkaller-testdir3547063135/syzkaller.BQZOl2/2/bus/bus" dev="loop0" ino=263 res=1 errno=0
[  415.033125][ T6752] =====================================================
[  415.043754][ T6752] BUG: KMSAN: uninit-value in iov_iter_alignment_iovec+0x19e/0x470
[  415.052096][ T6752]  iov_iter_alignment_iovec+0x19e/0x470
[  415.058155][ T6752]  iov_iter_alignment+0x174/0x2d0
[  415.063433][ T6752]  btrfs_direct_read+0x204/0xa20
[  415.069039][ T6752]  btrfs_file_read_iter+0xce/0x310
[  415.074422][ T6752]  aio_read+0x493/0x6b0
[  415.079121][ T6752]  io_submit_one+0x25d6/0x3450
[  415.084147][ T6752]  __se_sys_io_submit+0x27c/0x6a0
[  415.089768][ T6752]  __x64_sys_io_submit+0x97/0xe0
[  415.095056][ T6752]  x64_sys_call+0x12c8/0x3db0
[  415.100217][ T6752]  do_syscall_64+0xd9/0x210
[  415.104960][ T6752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.111366][ T6752] 
[  415.113839][ T6752] Local variable inline_vecs created at:
[  415.119832][ T6752]  aio_read+0x4f/0x6b0
[  415.124154][ T6752]  io_submit_one+0x25d6/0x3450
[  415.129460][ T6752] 
[  415.131980][ T6752] CPU: 1 UID: 0 PID: 6752 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-gdfba48a70cb6 #0 PREEMPT(undef) 
[  415.146090][ T6752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  415.157422][ T6752] =====================================================
[  415.164536][ T6752] Disabling lock debugging due to kernel taint
[  415.171025][ T6752] Kernel panic - not syncing: kmsan.panic set ...
[  415.177675][ T6752] CPU: 1 UID: 0 PID: 6752 Comm: syz-executor Tainted: G    B               6.16.0-rc3-syzkaller-gdfba48a70cb6 #0 PREEMPT(undef) 
[  415.191254][ T6752] Tainted: [B]=BAD_PAGE
[  415.195605][ T6752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  415.206315][ T6752] Call Trace:
[  415.209775][ T6752]  <TASK>
[  415.212884][ T6752]  __dump_stack+0x26/0x30
[  415.217495][ T6752]  dump_stack_lvl+0x53/0x270
[  415.222378][ T6752]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  415.228596][ T6752]  dump_stack+0x1e/0x25
[  415.233013][ T6752]  panic+0x4bd/0xd50
[  415.237222][ T6752]  kmsan_report+0x31c/0x320
[  415.242043][ T6752]  ? kmsan_get_metadata+0xfb/0x160
[  415.247428][ T6752]  ? __msan_warning+0x1b/0x30
[  415.252528][ T6752]  ? iov_iter_alignment_iovec+0x19e/0x470
[  415.258498][ T6752]  ? iov_iter_alignment+0x174/0x2d0
[  415.263946][ T6752]  ? btrfs_direct_read+0x204/0xa20
[  415.269298][ T6752]  ? btrfs_file_read_iter+0xce/0x310
[  415.274859][ T6752]  ? aio_read+0x493/0x6b0
[  415.279445][ T6752]  ? io_submit_one+0x25d6/0x3450
[  415.284656][ T6752]  ? __se_sys_io_submit+0x27c/0x6a0
[  415.290103][ T6752]  ? __x64_sys_io_submit+0x97/0xe0
[  415.295455][ T6752]  ? x64_sys_call+0x12c8/0x3db0
[  415.300583][ T6752]  ? do_syscall_64+0xd9/0x210
[  415.305487][ T6752]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.311813][ T6752]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  415.317944][ T6752]  ? __rcu_read_unlock+0x6d/0xd0
[  415.323142][ T6752]  ? is_module_text_address+0x1f4/0x240
[  415.328990][ T6752]  ? kernel_text_address+0x10e/0x1a0
[  415.334553][ T6752]  ? kmsan_get_metadata+0xfb/0x160
[  415.339983][ T6752]  ? kmsan_get_metadata+0xfb/0x160
[  415.345397][ T6752]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  415.351528][ T6752]  ? kmsan_get_metadata+0xfb/0x160
[  415.356940][ T6752]  __msan_warning+0x1b/0x30
[  415.361712][ T6752]  iov_iter_alignment_iovec+0x19e/0x470
[  415.367553][ T6752]  iov_iter_alignment+0x174/0x2d0
[  415.372839][ T6752]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  415.378956][ T6752]  btrfs_direct_read+0x204/0xa20
[  415.384203][ T6752]  ? end_current_label_crit_section+0x112/0x290
[  415.390799][ T6752]  ? common_file_perm+0x33f/0x400
[  415.396097][ T6752]  ? kmsan_get_metadata+0xfb/0x160
[  415.401530][ T6752]  btrfs_file_read_iter+0xce/0x310
[  415.406927][ T6752]  ? kmsan_get_metadata+0xfb/0x160
[  415.412350][ T6752]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  415.418473][ T6752]  aio_read+0x493/0x6b0
[  415.422902][ T6752]  ? __pfx_btrfs_file_read_iter+0x10/0x10
[  415.428933][ T6752]  ? kmsan_get_metadata+0xfb/0x160
[  415.434372][ T6752]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  415.440972][ T6752]  ? kmsan_get_metadata+0xfb/0x160
[  415.446397][ T6752]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  415.452506][ T6752]  io_submit_one+0x25d6/0x3450
[  415.457524][ T6752]  ? kmsan_get_metadata+0xfb/0x160
[  415.462914][ T6752]  __se_sys_io_submit+0x27c/0x6a0
[  415.468152][ T6752]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  415.474753][ T6752]  __x64_sys_io_submit+0x97/0xe0
[  415.479939][ T6752]  x64_sys_call+0x12c8/0x3db0
[  415.484849][ T6752]  do_syscall_64+0xd9/0x210
[  415.489566][ T6752]  ? irqentry_exit+0x16/0x60
[  415.494393][ T6752]  ? clear_bhb_loop+0x40/0x90
[  415.499291][ T6752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.505402][ T6752] RIP: 0033:0x7f9136e7cf69
[  415.509992][ T6752] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  415.529826][ T6752] RSP: 002b:00007f9137c380c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  415.538570][ T6752] RAX: ffffffffffffffda RBX: 00007f9136fb3f80 RCX: 00007f9136e7cf69
[  415.546724][ T6752] RDX: 0000000020000540 RSI: 0000000000000001 RDI: 00007f9137c17000
[  415.554859][ T6752] RBP: 00007f9136eda6fe R08: 0000000000000000 R09: 0000000000000000
[  415.563006][ T6752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  415.571140][ T6752] R13: 000000000000000b R14: 00007f9136fb3f80 R15: 00007fff3e0c65a8
[  415.579330][ T6752]  </TASK>
[  415.582863][ T6752] Kernel Offset: disabled
[  415.587296][ T6752] Rebooting in 86400 seconds..