syzkaller login: [ 59.461215][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 59.480235][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 59.483668][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:64312' (ECDSA) to the list of known hosts. 1970/01/01 00:01:07 fuzzer started 1970/01/01 00:01:09 connecting to host at localhost:41531 1970/01/01 00:01:09 checking machine... 1970/01/01 00:01:09 checking revisions... 1970/01/01 00:01:11 testing simple program... [ 71.442632][ T2210] cgroup: Unknown subsys name 'net' [ 71.833215][ T2210] cgroup: Unknown subsys name 'rlimit' executing program [ 75.908772][ T2212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 75.933586][ T2212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link executing program [ 77.367268][ T2212] device hsr_slave_0 entered promiscuous mode [ 77.419638][ T2212] device hsr_slave_1 entered promiscuous mode [ 78.393603][ T2212] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 78.463430][ T2212] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 78.531477][ T2212] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 78.582170][ T2212] netdevsim netdevsim0 netdevsim3: renamed from eth3 executing program [ 79.679009][ T2212] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.734767][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 79.743010][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.439509][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 80.443578][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 80.473795][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 80.480816][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 80.516576][ T2529] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 80.546297][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 80.630146][ T2529] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 80.633676][ T2529] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 80.666265][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 80.670504][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 80.700140][ T2212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 81.251137][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 81.252544][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready executing program [ 82.701985][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 82.711284][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 83.397625][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 83.401066][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 83.412161][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 83.417562][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 83.441346][ T2212] device veth0_vlan entered promiscuous mode [ 83.498883][ T2212] device veth1_vlan entered promiscuous mode [ 83.604225][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 83.609941][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 83.613144][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 83.619542][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 83.643182][ T2212] device veth0_macvtap entered promiscuous mode [ 83.668775][ T2212] device veth1_macvtap entered promiscuous mode [ 83.716992][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 83.720940][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 83.749884][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 83.770047][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 83.806306][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 83.809670][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 83.837049][ T2212] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.837969][ T2212] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.838335][ T2212] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.838674][ T2212] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.995111][ C1] ------------[ cut here ]------------ [ 83.995733][ C1] WARNING: CPU: 1 PID: 27 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 83.996064][ C1] Modules linked in: [ 83.996312][ C1] CPU: 1 PID: 27 Comm: kworker/u4:1 Tainted: G W 6.0.0-syzkaller-11331-gd465bff130bf #0 [ 83.996593][ C1] Hardware name: linux,dummy-virt (DT) [ 83.996942][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 83.997270][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 83.997490][ C1] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 83.998195][ C1] lr : wg_packet_receive+0x978/0x1560 [ 83.998412][ C1] sp : ffff800010ab7480 [ 84.000005][ C1] x29: ffff800010ab7480 x28: 0000000000000001 x27: 1fffe00001363219 [ 84.000479][ C1] x26: 0000000000000000 x25: ffff80000de5c000 x24: 0000000000000000 [ 84.000873][ C1] x23: 0000000000000003 x22: ffff80000de5cb68 x21: 0000000000000001 [ 84.001277][ C1] x20: ffff000009b190c8 x19: ffff80000de5cd50 x18: 000000000aa41be2 [ 84.001668][ C1] x17: ffff80005cbe4000 x16: ffff800010ab8000 x15: ffff0000106093e8 [ 84.002054][ C1] x14: 1ffff00002156e68 x13: 0000000000000000 x12: ffff600001363291 [ 84.002448][ C1] x11: 1fffe00001363290 x10: ffff600001363290 x9 : dfff800000000000 [ 84.002847][ C1] x8 : ffff000009b19483 x7 : 00009ffffec9cd70 x6 : 0000000000000001 [ 84.003249][ C1] x5 : ffff000009b19480 x4 : ffff700001bcb9aa x3 : dfff800000000000 [ 84.003638][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 84.004040][ C1] Call trace: [ 84.004319][ C1] wg_cpumask_next_online+0x1c0/0x2c0 [ 84.004589][ C1] wg_packet_receive+0x978/0x1560 [ 84.004821][ C1] wg_receive+0x58/0xb0 [ 84.005117][ C1] udpv6_queue_rcv_one_skb+0x8f4/0x17c0 [ 84.005390][ C1] udpv6_queue_rcv_skb+0x134/0x7e0 [ 84.005733][ C1] udp6_unicast_rcv_skb+0xe8/0x270 [ 84.005966][ C1] __udp6_lib_rcv+0x8a4/0x2330 [ 84.006205][ C1] udpv6_rcv+0x1c/0x2c [ 84.006550][ C1] ip6_protocol_deliver_rcu+0x154/0x14f0 [ 84.006867][ C1] ip6_input_finish+0x108/0x220 [ 84.007099][ C1] ip6_input+0xbc/0x2b0 [ 84.007329][ C1] ipv6_rcv+0x39c/0x47c [ 84.007545][ C1] __netif_receive_skb_one_core+0xf4/0x170 [ 84.007820][ C1] __netif_receive_skb+0x24/0x184 [ 84.008048][ C1] process_backlog+0x24c/0x6b0 [ 84.008276][ C1] __napi_poll+0x94/0x3a4 [ 84.008494][ C1] net_rx_action+0x78c/0xb60 [ 84.008722][ C1] _stext+0x28c/0x107c [ 84.008941][ C1] ____do_softirq+0x10/0x20 [ 84.009161][ C1] call_on_irq_stack+0x2c/0x54 [ 84.009385][ C1] do_softirq_own_stack+0x1c/0x30 [ 84.009621][ C1] do_softirq.part.0+0xd0/0xf4 [ 84.009899][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 84.010136][ C1] _raw_read_unlock_bh+0x54/0x64 [ 84.010428][ C1] wg_socket_send_skb_to_peer+0xf0/0x190 [ 84.010674][ C1] wg_socket_send_buffer_to_peer+0x110/0x160 [ 84.010927][ C1] wg_packet_send_handshake_initiation+0x1a8/0x274 [ 84.011233][ C1] wg_packet_handshake_send_worker+0x1c/0x34 [ 84.011493][ C1] process_one_work+0x780/0x184c [ 84.011756][ C1] worker_thread+0x3cc/0xc40 [ 84.011979][ C1] kthread+0x23c/0x2a0 [ 84.012201][ C1] ret_from_fork+0x10/0x20 [ 84.012427][ C1] irq event stamp: 372357 [ 84.012638][ C1] hardirqs last enabled at (372356): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 84.012983][ C1] hardirqs last disabled at (372357): [] el1_dbg+0x24/0x80 [ 84.013303][ C1] softirqs last enabled at (372348): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 84.013649][ C1] softirqs last disabled at (372349): [] ____do_softirq+0x10/0x20 [ 84.013974][ C1] ---[ end trace 0000000000000000 ]--- [ 84.030974][ C0] ------------[ cut here ]------------ [ 84.031482][ C0] WARNING: CPU: 0 PID: 91 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 84.031858][ C0] Modules linked in: [ 84.032107][ C0] CPU: 0 PID: 91 Comm: kworker/0:2 Tainted: G W 6.0.0-syzkaller-11331-gd465bff130bf #0 [ 84.032467][ C0] Hardware name: linux,dummy-virt (DT) [ 84.032782][ C0] Workqueue: wg-crypt-wg0 wg_packet_decrypt_worker [ 84.033060][ C0] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 84.033345][ C0] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 84.033596][ C0] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 84.033881][ C0] sp : ffff800008007960 [ 84.034079][ C0] x29: ffff800008007960 x28: ffff00000f63f800 x27: 0000000000000001 [ 84.034477][ C0] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe00001cbeece [ 84.034864][ C0] x23: ffff00000e5f7668 x22: ffff80000de5cd50 x21: ffff00000fe88960 [ 84.035417][ C0] x20: ffff00000e5f7640 x19: ffff000009b18c40 x18: ffff00006a9cbb88 [ 84.035890][ C0] x17: ffff80005cbc5000 x16: ffff800008008000 x15: 0000000000008000 [ 84.036278][ C0] x14: 1ffff00001000efa x13: 1fffe0000174181b x12: ffff600001fd112e [ 84.036684][ C0] x11: ffff700001bcb9aa x10: dfff800000000000 x9 : 0000000000000003 [ 84.037071][ C0] x8 : ffff80000de5c000 x7 : 1fffe000013631b9 x6 : 0000000000000000 [ 84.037501][ C0] x5 : ffff000009b18dc8 x4 : ffff80000de5cb68 x3 : ffff800009f2d9f4 [ 84.037886][ C0] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 84.038289][ C0] Call trace: [ 84.038474][ C0] wg_packet_send_staged_packets+0xe38/0x1380 [ 84.038692][ C0] wg_packet_rx_poll+0xd94/0x1580 [ 84.038920][ C0] __napi_poll+0x94/0x3a4 [ 84.039154][ C0] net_rx_action+0x78c/0xb60 [ 84.039376][ C0] _stext+0x28c/0x107c [ 84.039639][ C0] ____do_softirq+0x10/0x20 [ 84.039885][ C0] call_on_irq_stack+0x2c/0x54 [ 84.040174][ C0] do_softirq_own_stack+0x1c/0x30 [ 84.040451][ C0] do_softirq.part.0+0xd0/0xf4 [ 84.040818][ C0] __local_bh_enable_ip+0x50c/0x5d0 [ 84.041059][ C0] _raw_spin_unlock_bh+0x54/0x64 [ 84.041396][ C0] wg_packet_decrypt_worker+0x210/0x3c0 [ 84.041646][ C0] process_one_work+0x780/0x184c [ 84.041901][ C0] worker_thread+0x3cc/0xc40 [ 84.042186][ C0] kthread+0x23c/0x2a0 [ 84.042508][ C0] ret_from_fork+0x10/0x20 [ 84.042741][ C0] irq event stamp: 27047 [ 84.042946][ C0] hardirqs last enabled at (27046): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 84.043433][ C0] hardirqs last disabled at (27047): [] el1_dbg+0x24/0x80 [ 84.043883][ C0] softirqs last enabled at (27024): [] wg_packet_decrypt_worker+0x210/0x3c0 [ 84.044211][ C0] softirqs last disabled at (27025): [] ____do_softirq+0x10/0x20 [ 84.044565][ C0] ---[ end trace 0000000000000000 ]--- 1970/01/01 00:01:24 building call list... executing program [ 85.160322][ T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.348740][ T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.747799][ T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.058250][ T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 88.589832][ T49] device hsr_slave_0 left promiscuous mode [ 88.638446][ T49] device hsr_slave_1 left promiscuous mode [ 88.801487][ T49] device veth1_macvtap left promiscuous mode [ 88.802736][ T49] device veth0_macvtap left promiscuous mode [ 88.804347][ T49] device veth1_vlan left promiscuous mode [ 88.816946][ T49] device veth0_vlan left promiscuous mode [ 90.728003][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 90.856549][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 91.279440][ T49] bond0 (unregistering): Released all slaves executing program executing program executing program [ 98.782416][ T2208] can: request_module (can-proto-0) failed. [ 98.932172][ T2208] can: request_module (can-proto-0) failed. [ 99.049220][ T2208] can: request_module (can-proto-0) failed. executing program executing program executing program [ 110.814598][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 110.819301][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 110.822519][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 112.793745][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. VM DIAGNOSIS: 02:03:21 Registers: info registers vcpu 0 PC=ffff80000c8f0afc X00=0000000000000000 X01=0000000000000003 X02=00000000000000e8 X03=ffff80000912456c X04=0000000000000000 X05=ffff00000fe88bd8 X06=acdef2bf77481cba X07=c99175de3e750a0c X08=ffff700002210eac X09=504467adf81bc688 X10=dfff800000000000 X11=dfff800000000000 X12=000000000000f1f1 X13=00000000f1f1f1f1 X14=1ffff00002210eac X15=00000000be15c76f X16=00000000a70664aa X17=00000000639b9ae5 X18=00000000ea872ff6 X19=ffff000015390000 X20=ffff80000de04008 X21=ffff8000110876b0 X22=1ffff00002210ed2 X23=ffff00000fe88c28 X24=ffff000015380000 X25=1fffe00001fd1164 X26=ffff00000fe88b00 X27=ffff000015390000 X28=ffff000009b18c40 X29=ffff8000110875e0 X30=ffff80000c8f1e40 SP=ffff8000110875b0 PSTATE=500000c5 -Z-V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=30253a3a30386566:000a2e6574656c70 Q02=388e9c6c4fa85ca0:0000000000007832 Q03=0000000000000000:ff00000000000000 Q04=0000000000000000:ffffffffffff0000 Q05=0010000000000000:4000000000000000 Q06=0000000000000000:4010040140100000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000555010004000:0000555010004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff80000829335c X00=00000000000003c0 X01=00000000000003c0 X02=0000000000000003 X03=1fffe00001324369 X04=1fffe0000d53d001 X05=0000000000000000 X06=ffff8000082c4ae0 X07=ffff000009921b40 X08=ffff80000de5cd50 X09=ffff80000de5c000 X10=00000000f3000000 X11=dfff800000000000 X12=000000000000f1f1 X13=205d314320202020 X14=0000000000000000 X15=0000000000000000 X16=0000000000000000 X17=0000000000000000 X18=000000000aa41be2 X19=0000000000000000 X20=ffff0000099225c8 X21=ffff80000e03ca80 X22=0000000000000028 X23=ffff000009922528 X24=ffff80000de06c48 X25=ffff80000c991e40 X26=00000000ffffffff X27=00000000000003c0 X28=ffff000009921b40 X29=ffff800010ab6980 X30=ffff80000c8f0d14 SP=ffff800010ab6980 PSTATE=100003c5 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=30253a3a30386566:000a2e6574656c70 Q02=388e9c6c4fa85ca0:0000000000007832 Q03=0000000000000000:ff00000000000000 Q04=0000000000000000:ffffffffffff0000 Q05=0010000000000000:4000000000000000 Q06=0000000000000000:4010040140100000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000555010004000:0000555010004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000