syzkaller login: [ 106.943341][ T2048] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 106.960860][ T2048] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 106.975604][ T2048] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:60676' (ECDSA) to the list of known hosts. 1970/01/01 00:02:39 fuzzer started 1970/01/01 00:02:45 connecting to host at localhost:44633 1970/01/01 00:02:45 checking machine... 1970/01/01 00:02:45 checking revisions... 1970/01/01 00:02:48 testing simple program... executing program [ 168.957796][ T2207] cgroup: Unknown subsys name 'net' [ 169.404352][ T2207] cgroup: Unknown subsys name 'rlimit' executing program executing program [ 175.945417][ T2211] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 175.989054][ T2211] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link executing program [ 178.836187][ T2211] device hsr_slave_0 entered promiscuous mode [ 178.927625][ T2211] device hsr_slave_1 entered promiscuous mode [ 180.883007][ T2211] netdevsim netdevsim0 netdevsim0: renamed from eth0 executing program [ 180.974491][ T2211] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 181.033471][ T2211] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 181.110028][ T2211] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 183.315430][ T2211] 8021q: adding VLAN 0 to HW filter on device bond0 [ 183.450896][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 183.502898][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready executing program [ 184.872286][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 184.886840][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 184.936086][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 184.952747][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 185.005500][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 185.081710][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 185.229206][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 185.235826][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 185.320329][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 185.343710][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 185.417659][ T2211] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 186.521755][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 186.524887][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready executing program [ 189.411027][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 189.429759][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program [ 191.212766][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 191.232007][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 191.243637][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 191.251228][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 191.313067][ T2211] device veth0_vlan entered promiscuous mode [ 191.424531][ T2211] device veth1_vlan entered promiscuous mode [ 191.707210][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 191.713522][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 191.754078][ T2211] device veth0_macvtap entered promiscuous mode [ 191.825940][ T2211] device veth1_macvtap entered promiscuous mode [ 192.086093][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 192.096371][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 192.104522][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 192.112236][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 192.232719][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 192.250227][ T35] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 192.332734][ T2211] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.335753][ T2211] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.337888][ T2211] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.350514][ T2211] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.878256][ C1] ------------[ cut here ]------------ [ 192.879414][ C1] WARNING: CPU: 1 PID: 9 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 192.879985][ C1] Modules linked in: [ 192.880437][ C1] CPU: 1 PID: 9 Comm: kworker/u4:0 Tainted: G W 6.0.0-syzkaller-10822-g60bb8154d1d7 #0 [ 192.882428][ C1] Hardware name: linux,dummy-virt (DT) [ 192.883704][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 192.885091][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 192.885590][ C1] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 192.886926][ C1] lr : wg_packet_receive+0x978/0x1560 [ 192.888617][ C1] sp : ffff800010ab7480 [ 192.890107][ C1] x29: ffff800010ab7480 x28: 0000000000000001 x27: 1fffe00002728219 [ 192.892297][ C1] x26: 0000000000000000 x25: ffff80000de5c000 x24: 0000000000000000 [ 192.893229][ C1] x23: 0000000000000003 x22: ffff80000de5cb68 x21: 0000000000000001 [ 192.893823][ C1] x20: ffff0000139410c8 x19: ffff80000de5cd50 x18: 00000000d7c0855f [ 192.894529][ C1] x17: ffff80005cbe4000 x16: ffff800010ab8000 x15: ffff0000116f1ca8 [ 192.895129][ C1] x14: 1ffff00002156e68 x13: 0000000000000000 x12: ffff600002728291 [ 192.895724][ C1] x11: 1fffe00002728290 x10: ffff600002728290 x9 : dfff800000000000 [ 192.896414][ C1] x8 : ffff000013941483 x7 : 00009ffffd8d7d70 x6 : 0000000000000001 [ 192.897038][ C1] x5 : ffff000013941480 x4 : ffff700001bcb9aa x3 : dfff800000000000 [ 192.897672][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 192.900323][ C1] Call trace: [ 192.900770][ C1] wg_cpumask_next_online+0x1c0/0x2c0 [ 192.901382][ C1] wg_packet_receive+0x978/0x1560 [ 192.901829][ C1] wg_receive+0x58/0xb0 [ 192.902273][ C1] udpv6_queue_rcv_one_skb+0x8f4/0x17c0 [ 192.902755][ C1] udpv6_queue_rcv_skb+0x134/0x7e0 [ 192.903423][ C1] udp6_unicast_rcv_skb+0xe8/0x270 [ 192.905110][ C1] __udp6_lib_rcv+0x8a4/0x2330 [ 192.906458][ C1] udpv6_rcv+0x1c/0x2c [ 192.907779][ C1] ip6_protocol_deliver_rcu+0x154/0x14f0 [ 192.917440][ C1] ip6_input_finish+0x108/0x220 [ 192.917808][ C1] ip6_input+0xbc/0x2b0 [ 192.918208][ C1] ipv6_rcv+0x39c/0x47c [ 192.918548][ C1] __netif_receive_skb_one_core+0xf4/0x170 [ 192.919097][ C1] __netif_receive_skb+0x24/0x184 [ 192.919446][ C1] process_backlog+0x24c/0x6b0 [ 192.919799][ C1] __napi_poll+0x94/0x3a4 [ 192.920150][ C1] net_rx_action+0x78c/0xb60 [ 192.920467][ C1] _stext+0x28c/0x107c [ 192.920863][ C1] ____do_softirq+0x10/0x20 [ 192.921213][ C1] call_on_irq_stack+0x2c/0x54 [ 192.921567][ C1] do_softirq_own_stack+0x1c/0x30 [ 192.921917][ C1] do_softirq.part.0+0xd0/0xf4 [ 192.922275][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 192.922648][ C1] _raw_read_unlock_bh+0x54/0x64 [ 192.922997][ C1] wg_socket_send_skb_to_peer+0xf0/0x190 [ 192.923369][ C1] wg_socket_send_buffer_to_peer+0x110/0x160 [ 192.923746][ C1] wg_packet_send_handshake_initiation+0x1a8/0x274 [ 192.924124][ C1] wg_packet_handshake_send_worker+0x1c/0x34 [ 192.924504][ C1] process_one_work+0x780/0x184c [ 192.924919][ C1] worker_thread+0x3cc/0xc40 [ 192.925265][ C1] kthread+0x23c/0x2a0 [ 192.925618][ C1] ret_from_fork+0x10/0x20 [ 192.925958][ C1] irq event stamp: 32583 [ 192.926309][ C1] hardirqs last enabled at (32582): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 192.926765][ C1] hardirqs last disabled at (32583): [] el1_dbg+0x24/0x80 [ 192.927198][ C1] softirqs last enabled at (32574): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 192.927686][ C1] softirqs last disabled at (32575): [] ____do_softirq+0x10/0x20 [ 192.928637][ C1] ---[ end trace 0000000000000000 ]--- executing program [ 192.999174][ C1] ------------[ cut here ]------------ [ 193.000135][ C1] WARNING: CPU: 1 PID: 21 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 193.000745][ C1] Modules linked in: [ 193.001331][ C1] CPU: 1 PID: 21 Comm: kworker/1:0 Tainted: G W 6.0.0-syzkaller-10822-g60bb8154d1d7 #0 [ 193.001857][ C1] Hardware name: linux,dummy-virt (DT) [ 193.002210][ C1] Workqueue: wg-crypt-wg1 wg_packet_decrypt_worker [ 193.002702][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 193.003097][ C1] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 193.003477][ C1] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 193.003844][ C1] sp : ffff800010ab7960 [ 193.004144][ C1] x29: ffff800010ab7960 x28: ffff0000099a9800 x27: 0000000000000001 [ 193.004776][ C1] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe00002338a06 [ 193.005343][ C1] x23: ffff0000119c5028 x22: ffff80000de5cd50 x21: ffff000010321c20 [ 193.005937][ C1] x20: ffff0000119c5000 x19: ffff000013944c40 x18: ffff00006a9eab88 [ 193.006528][ C1] x17: ffff80005cbe4000 x16: ffff800010ab8000 x15: 0000000000008000 [ 193.007101][ C1] x14: 1ffff00002156efa x13: 1fffe0000125b4b3 x12: ffff600002064386 [ 193.007725][ C1] x11: ffff700001bcb9aa x10: dfff800000000000 x9 : 0000000000000003 [ 193.008432][ C1] x8 : ffff80000de5c000 x7 : 1fffe000027289b9 x6 : 0000000000000000 [ 193.009180][ C1] x5 : ffff000013944dc8 x4 : ffff80000de5cb68 x3 : ffff800009f2ac94 [ 193.009817][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 193.010416][ C1] Call trace: [ 193.010774][ C1] wg_packet_send_staged_packets+0xe38/0x1380 [ 193.011192][ C1] wg_packet_rx_poll+0xd94/0x1580 [ 193.011557][ C1] __napi_poll+0x94/0x3a4 [ 193.011918][ C1] net_rx_action+0x78c/0xb60 [ 193.012277][ C1] _stext+0x28c/0x107c [ 193.012701][ C1] ____do_softirq+0x10/0x20 [ 193.013045][ C1] call_on_irq_stack+0x2c/0x54 [ 193.013399][ C1] do_softirq_own_stack+0x1c/0x30 [ 193.013770][ C1] do_softirq.part.0+0xd0/0xf4 [ 193.014148][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 193.014507][ C1] _raw_spin_unlock_bh+0x54/0x64 [ 193.014896][ C1] wg_packet_decrypt_worker+0x210/0x3c0 [ 193.015257][ C1] process_one_work+0x780/0x184c [ 193.015600][ C1] worker_thread+0x3cc/0xc40 [ 193.015959][ C1] kthread+0x23c/0x2a0 [ 193.016341][ C1] ret_from_fork+0x10/0x20 [ 193.016827][ C1] irq event stamp: 581 [ 193.017284][ C1] hardirqs last enabled at (580): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 193.018481][ C1] hardirqs last disabled at (581): [] el1_dbg+0x24/0x80 [ 193.019018][ C1] softirqs last enabled at (556): [] wg_packet_decrypt_worker+0x210/0x3c0 [ 193.019835][ C1] softirqs last disabled at (557): [] ____do_softirq+0x10/0x20 [ 193.020265][ C1] ---[ end trace 0000000000000000 ]--- 1970/01/01 00:03:14 building call list... [ 194.819359][ T2255] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.156693][ T2255] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.399513][ T2255] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.675330][ T2255] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program executing program [ 198.915169][ T2255] device hsr_slave_0 left promiscuous mode [ 198.992507][ T2255] device hsr_slave_1 left promiscuous mode [ 199.156844][ T2255] device veth1_macvtap left promiscuous mode [ 199.169924][ T2255] device veth0_macvtap left promiscuous mode [ 199.176039][ T2255] device veth1_vlan left promiscuous mode [ 199.213079][ T2255] device veth0_vlan left promiscuous mode executing program [ 202.719494][ T2255] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 202.871540][ T2255] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 203.705663][ T2255] bond0 (unregistering): Released all slaves executing program executing program executing program executing program executing program [ 217.776977][ T2579] can: request_module (can-proto-0) failed. [ 218.065282][ T2579] can: request_module (can-proto-0) failed. [ 218.297762][ T2579] can: request_module (can-proto-0) failed. executing program VM DIAGNOSIS: 04:00:44 Registers: info registers vcpu 0 PC=ffff80000829aaa0 X00=ffff000009c251c0 X01=ffff000009c25bd0 X02=0000000000000002 X03=ffff000009c251c0 X04=ffff7000021beea6 X05=ffff80000829aa60 X06=ffff80000d985fa8 X07=dfff800000000000 X08=0000000041b58ab3 X09=ffff80000f3d1a00 X10=ffff70000211e562 X11=1ffff0000211e562 X12=ffff70000211e563 X13=0000000000000000 X14=1ffff000021beeae X15=ffff00006a9cbbc4 X16=ffff800008008000 X17=ffff80005cbc5000 X18=ffff00006a9cbb88 X19=0000000000000002 X20=ffff000009c251c0 X21=1ffff000021beea6 X22=ffff000009c25ba8 X23=0000000000000003 X24=dfff800000000000 X25=ffff000009c251c0 X26=ffff000009c266d8 X27=ffff000009c251c0 X28=ffff0000118eb700 X29=ffff800010df74a0 X30=ffff80000829c3e8 SP=ffff800010df74a0 PSTATE=400000c5 -Z-- EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=0000000000000000:0000000000000000 Q02=0000000000000000:0000000000000000 Q03=0000000000000000:0000000000000000 Q04=0000000000000000:0000000000000000 Q05=0000000000000000:0000000000000000 Q06=0000000000000000:0000000000000000 Q07=0000000000000000:0000000000000000 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff8000096ada30 X00=0000000000000002 X01=0000000000000000 X02=0000000000000002 X03=1fffe0000134e42e X04=0000000000000000 X05=0000000000000002 X06=1fffe0000134e42e X07=0000000000000030 X08=ffff800010ab6883 X09=dfff800000000000 X10=ffff700002156d10 X11=1ffff00002156d10 X12=ffff700002156d11 X13=0000000000000000 X14=1ffff00002156ce6 X15=0000000000000000 X16=0000000000000000 X17=0000000000000000 X18=00000000d7c0855f X19=ffff000009a72080 X20=ffff80000e5722e0 X21=ffff800010aad000 X22=000000000000005b X23=dfff800000000000 X24=ffff8000107757ed X25=0000000000000000 X26=ffff000009a72080 X27=dfff800000000000 X28=000000000000004d X29=ffff800010ab6860 X30=ffff8000096ada30 SP=ffff800010ab6860 PSTATE=800003c5 N--- EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=0000000000000000:0000000000000000 Q02=0000000000000000:0000000000000000 Q03=0000000000000000:0000000000000000 Q04=0000000000000000:0000000000000000 Q05=0000000000000000:0000000000000000 Q06=0000000000000000:0000000000000000 Q07=0000000000000000:0000000000000000 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000