forked to background, child pid 3178 no interfaces have a carrier [ 12.353911][ T3179] 8021q: adding VLAN 0 to HW filter on device bond0 [ 12.356452][ T3179] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller syzkaller login: [ 69.875358][ T142] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.10.42' (ECDSA) to the list of known hosts. 2022/08/07 12:08:31 ignoring optional flag "sandboxArg"="0" 2022/08/07 12:08:31 parsed 1 programs [ 1105.764440][ T3671] cgroup: Unknown subsys name 'net' [ 1105.887737][ T3671] cgroup: Unknown subsys name 'rlimit' 2022/08/07 12:08:39 executed programs: 0 [ 1113.280824][ T3671] kmemleak: 8 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 1114.355448][ T1234] ieee802154 phy0 wpan0: encryption failed: -22 [ 1114.357719][ T3680] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1114.361726][ T1234] ieee802154 phy1 wpan1: encryption failed: -22 [ 1114.368847][ T3680] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1114.382179][ T3680] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1114.389377][ T3680] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1114.396484][ T3680] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1114.403549][ T3680] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1114.432698][ T3678] chnl_net:caif_netlink_parms(): no params data found [ 1114.450094][ T3678] bridge0: port 1(bridge_slave_0) entered blocking state [ 1114.457960][ T3678] bridge0: port 1(bridge_slave_0) entered disabled state [ 1114.465341][ T3678] device bridge_slave_0 entered promiscuous mode [ 1114.472258][ T3678] bridge0: port 2(bridge_slave_1) entered blocking state [ 1114.479497][ T3678] bridge0: port 2(bridge_slave_1) entered disabled state [ 1114.487034][ T3678] device bridge_slave_1 entered promiscuous mode [ 1114.497862][ T3678] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1114.507777][ T3678] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1114.520861][ T3678] team0: Port device team_slave_0 added [ 1114.527052][ T3678] team0: Port device team_slave_1 added [ 1114.536303][ T3678] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1114.543239][ T3678] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1114.569105][ T3678] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1114.580205][ T3678] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1114.587308][ T3678] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1114.613808][ T3678] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1114.629167][ T3678] device hsr_slave_0 entered promiscuous mode [ 1114.635454][ T3678] device hsr_slave_1 entered promiscuous mode [ 1114.661368][ T3678] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1114.668814][ T3678] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1114.676240][ T3678] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1114.683557][ T3678] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1114.694047][ T3678] bridge0: port 2(bridge_slave_1) entered blocking state [ 1114.701127][ T3678] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1114.708390][ T3678] bridge0: port 1(bridge_slave_0) entered blocking state [ 1114.715428][ T3678] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1114.733875][ T3678] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1114.742213][ T3672] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1114.750277][ T3672] bridge0: port 1(bridge_slave_0) entered disabled state [ 1114.757806][ T3672] bridge0: port 2(bridge_slave_1) entered disabled state [ 1114.765428][ T3672] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 1114.773935][ T3678] 8021q: adding VLAN 0 to HW filter on device team0 [ 1114.782115][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1114.790392][ T3686] bridge0: port 1(bridge_slave_0) entered blocking state [ 1114.797425][ T3686] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1114.811494][ T3678] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1114.821943][ T3678] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1114.833046][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1114.841509][ T3686] bridge0: port 2(bridge_slave_1) entered blocking state [ 1114.848549][ T3686] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1114.856167][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 1114.864268][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 1114.872410][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1114.880398][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1114.888683][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1114.896091][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 1114.907465][ T3678] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1114.914918][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1114.922242][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1114.955980][ T3672] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1114.965995][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1114.974544][ T3678] device veth0_vlan entered promiscuous mode [ 1114.981183][ T3672] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1114.988766][ T3672] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1114.997414][ T3678] device veth1_vlan entered promiscuous mode [ 1115.007780][ T3678] device veth0_macvtap entered promiscuous mode [ 1115.014974][ T3678] device veth1_macvtap entered promiscuous mode [ 1115.021744][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 1115.029668][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 1115.037526][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1115.045745][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1115.056137][ T3678] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1115.063367][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1115.072991][ T3678] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1115.080386][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1115.089536][ T3678] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1115.098478][ T3678] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1115.107267][ T3678] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1115.116319][ T3678] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1115.136207][ T1045] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1115.144020][ T1045] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1115.151535][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 1115.163337][ T1045] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1115.171290][ T1045] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1115.179061][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 1116.159988][ C1] vcan0: j1939_tp_rxtimer: 0xffff8881137d1800: rx timeout, send abort [ 1116.168212][ C1] vcan0: j1939_tp_rxtimer: 0xffff888113820600: rx timeout, send abort [ 1116.176554][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8881137d1800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1116.190825][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888113820600: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1116.445289][ T25] Bluetooth: hci0: command 0x0409 tx timeout [ 1118.514861][ T25] Bluetooth: hci0: command 0x041b tx timeout [ 1120.594942][ T3672] Bluetooth: hci0: command 0x040f tx timeout [ 1121.458808][ T3699] kmemleak: 29 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 1122.674838][ T3672] Bluetooth: hci0: command 0x0419 tx timeout [ 1123.660074][ T3699] kmemleak: 3 new suspected memory leaks (see /sys/kernel/debug/kmemleak) BUG: memory leak unreferenced object 0xffff88810203cf00 (size 240): comm "syz-executor.0", pid 3698, jiffies 4295048788 (age 8.510s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 80 85 0a 81 88 ff ff 00 00 b4 0d 81 88 ff ff ................ backtrace: [] __alloc_skb+0x1ff/0x270 [] alloc_skb_with_frags+0x6a/0x340 [] sock_alloc_send_pskb+0x353/0x3c0 [] j1939_sk_sendmsg+0x2d2/0x810 [] sock_sendmsg+0x56/0x80 [] sock_no_sendpage+0x8f/0xc0 [] kernel_sendpage+0xdc/0x310 [] sock_sendpage+0x40/0x50 [] pipe_to_sendpage+0xa2/0x110 [] __splice_from_pipe+0x1e2/0x330 [] generic_splice_sendpage+0x6f/0xa0 [] direct_splice_actor+0x4b/0x70 [] splice_direct_to_actor+0x149/0x350 [] do_splice_direct+0xe8/0x150 [] do_sendfile+0x57f/0x7e0 [] __x64_sys_sendfile64+0xe2/0x100 BUG: memory leak unreferenced object 0xffff88810203c100 (size 240): comm "syz-executor.0", pid 3698, jiffies 4295048788 (age 8.510s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 80 85 0a 81 88 ff ff 00 00 b4 0d 81 88 ff ff ................ backtrace: [] __alloc_skb+0x1ff/0x270 [] alloc_skb_with_frags+0x6a/0x340 [] sock_alloc_send_pskb+0x353/0x3c0 [] j1939_sk_sendmsg+0x2d2/0x810 [] sock_sendmsg+0x56/0x80 [] sock_no_sendpage+0x8f/0xc0 [] kernel_sendpage+0xdc/0x310 [] sock_sendpage+0x40/0x50 [] pipe_to_sendpage+0xa2/0x110 [] __splice_from_pipe+0x1e2/0x330 [] generic_splice_sendpage+0x6f/0xa0 [] direct_splice_actor+0x4b/0x70 [] splice_direct_to_actor+0x149/0x350 [] do_splice_direct+0xe8/0x150 [] do_sendfile+0x57f/0x7e0 [] __x64_sys_sendfile64+0xe2/0x100 BUG: memory leak unreferenced object 0xffff88810203c800 (size 240): comm "syz-executor.0", pid 3698, jiffies 4295048788 (age 8.510s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 80 85 0a 81 88 ff ff 00 00 b4 0d 81 88 ff ff ................ backtrace: [] __alloc_skb+0x1ff/0x270 [] alloc_skb_with_frags+0x6a/0x340 [] sock_alloc_send_pskb+0x353/0x3c0 [] j1939_sk_sendmsg+0x2d2/0x810 [] sock_sendmsg+0x56/0x80 [] sock_no_sendpage+0x8f/0xc0 [] kernel_sendpage+0xdc/0x310 [] sock_sendpage+0x40/0x50 [] pipe_to_sendpage+0xa2/0x110 [] __splice_from_pipe+0x1e2/0x330 [] generic_splice_sendpage+0x6f/0xa0 [] direct_splice_actor+0x4b/0x70 [] splice_direct_to_actor+0x149/0x350 [] do_splice_direct+0xe8/0x150 [] do_sendfile+0x57f/0x7e0 [] __x64_sys_sendfile64+0xe2/0x100