syzkaller login: [ 292.978327][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 293.022908][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 293.116074][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:41877' (ECDSA) to the list of known hosts. 1970/01/01 00:06:09 fuzzer started 1970/01/01 00:06:21 dialing manager at localhost:35225 [ 389.148446][ T2025] cgroup: Unknown subsys name 'net' [ 390.217616][ T2025] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:06:29 syscalls: 2918 1970/01/01 00:06:29 code coverage: enabled 1970/01/01 00:06:29 comparison tracing: enabled 1970/01/01 00:06:29 extra coverage: enabled 1970/01/01 00:06:29 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:06:29 setuid sandbox: enabled 1970/01/01 00:06:29 namespace sandbox: enabled 1970/01/01 00:06:29 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:06:29 fault injection: enabled 1970/01/01 00:06:29 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:06:29 net packet injection: enabled 1970/01/01 00:06:29 net device setup: enabled 1970/01/01 00:06:29 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:06:29 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:06:29 NIC VF setup: PCI device 0000:00:11.0 is not available 1970/01/01 00:06:29 USB emulation: enabled 1970/01/01 00:06:29 hci packet injection: /dev/vhci does not exist 1970/01/01 00:06:29 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:06:29 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:06:30 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:06:34 fetching corpus: 50, signal 27847/31471 (executing program) 1970/01/01 00:06:37 fetching corpus: 100, signal 44984/50021 (executing program) 1970/01/01 00:06:41 fetching corpus: 150, signal 53828/60353 (executing program) 1970/01/01 00:06:43 fetching corpus: 200, signal 59178/67192 (executing program) 1970/01/01 00:06:46 fetching corpus: 250, signal 65798/75083 (executing program) 1970/01/01 00:06:49 fetching corpus: 300, signal 70292/80903 (executing program) 1970/01/01 00:06:51 fetching corpus: 350, signal 73163/85141 (executing program) 1970/01/01 00:06:54 fetching corpus: 400, signal 75893/89212 (executing program) 1970/01/01 00:06:57 fetching corpus: 450, signal 80907/95369 (executing program) 1970/01/01 00:07:00 fetching corpus: 500, signal 87427/102871 (executing program) 1970/01/01 00:07:04 fetching corpus: 550, signal 91615/108103 (executing program) 1970/01/01 00:07:06 fetching corpus: 599, signal 95355/112850 (executing program) 1970/01/01 00:07:10 fetching corpus: 649, signal 99488/117921 (executing program) 1970/01/01 00:07:13 fetching corpus: 699, signal 102011/121491 (executing program) 1970/01/01 00:07:15 fetching corpus: 748, signal 104620/125113 (executing program) 1970/01/01 00:07:20 fetching corpus: 798, signal 108006/129362 (executing program) 1970/01/01 00:07:23 fetching corpus: 848, signal 112314/134356 (executing program) 1970/01/01 00:07:25 fetching corpus: 897, signal 114256/137246 (executing program) 1970/01/01 00:07:28 fetching corpus: 947, signal 117278/141110 (executing program) 1970/01/01 00:07:31 fetching corpus: 997, signal 119540/144216 (executing program) 1970/01/01 00:07:34 fetching corpus: 1047, signal 121977/147441 (executing program) 1970/01/01 00:07:37 fetching corpus: 1097, signal 123713/150103 (executing program) 1970/01/01 00:07:39 fetching corpus: 1147, signal 125220/152479 (executing program) 1970/01/01 00:07:42 fetching corpus: 1197, signal 126974/155034 (executing program) 1970/01/01 00:07:44 fetching corpus: 1247, signal 128329/157247 (executing program) 1970/01/01 00:07:47 fetching corpus: 1297, signal 130141/159846 (executing program) 1970/01/01 00:07:48 fetching corpus: 1347, signal 132257/162693 (executing program) 1970/01/01 00:07:51 fetching corpus: 1397, signal 134450/165565 (executing program) 1970/01/01 00:07:55 fetching corpus: 1447, signal 136207/168031 (executing program) 1970/01/01 00:07:57 fetching corpus: 1497, signal 137493/170108 (executing program) 1970/01/01 00:08:01 fetching corpus: 1547, signal 138673/172063 (executing program) 1970/01/01 00:08:03 fetching corpus: 1597, signal 139790/174028 (executing program) 1970/01/01 00:08:06 fetching corpus: 1647, signal 141560/176428 (executing program) 1970/01/01 00:08:08 fetching corpus: 1697, signal 142782/178373 (executing program) 1970/01/01 00:08:10 fetching corpus: 1747, signal 144214/180476 (executing program) 1970/01/01 00:08:13 fetching corpus: 1797, signal 145351/182339 (executing program) 1970/01/01 00:08:16 fetching corpus: 1847, signal 146630/184308 (executing program) 1970/01/01 00:08:20 fetching corpus: 1896, signal 148516/186751 (executing program) 1970/01/01 00:08:21 fetching corpus: 1945, signal 149614/188533 (executing program) 1970/01/01 00:08:25 fetching corpus: 1995, signal 151495/190830 (executing program) 1970/01/01 00:08:27 fetching corpus: 2045, signal 153088/192931 (executing program) 1970/01/01 00:08:29 fetching corpus: 2095, signal 154359/194782 (executing program) 1970/01/01 00:08:33 fetching corpus: 2145, signal 155702/196627 (executing program) 1970/01/01 00:08:36 fetching corpus: 2195, signal 157602/198832 (executing program) 1970/01/01 00:08:38 fetching corpus: 2245, signal 158823/200554 (executing program) 1970/01/01 00:08:41 fetching corpus: 2295, signal 160537/202630 (executing program) 1970/01/01 00:08:44 fetching corpus: 2343, signal 161514/204181 (executing program) 1970/01/01 00:08:46 fetching corpus: 2393, signal 162814/205927 (executing program) 1970/01/01 00:08:49 fetching corpus: 2443, signal 163741/207437 (executing program) 1970/01/01 00:08:52 fetching corpus: 2493, signal 164733/208926 (executing program) 1970/01/01 00:08:54 fetching corpus: 2543, signal 165761/210478 (executing program) 1970/01/01 00:08:57 fetching corpus: 2593, signal 166558/211838 (executing program) 1970/01/01 00:08:59 fetching corpus: 2643, signal 167199/213112 (executing program) 1970/01/01 00:09:04 fetching corpus: 2693, signal 168355/214649 (executing program) 1970/01/01 00:09:06 fetching corpus: 2743, signal 169568/216225 (executing program) 1970/01/01 00:09:08 fetching corpus: 2792, signal 170443/217578 (executing program) 1970/01/01 00:09:13 fetching corpus: 2842, signal 171306/218929 (executing program) 1970/01/01 00:09:15 fetching corpus: 2892, signal 172444/220413 (executing program) 1970/01/01 00:09:17 fetching corpus: 2942, signal 173149/221650 (executing program) 1970/01/01 00:09:20 fetching corpus: 2991, signal 173935/222907 (executing program) 1970/01/01 00:09:23 fetching corpus: 3041, signal 174616/224097 (executing program) 1970/01/01 00:09:26 fetching corpus: 3091, signal 175426/225309 (executing program) 1970/01/01 00:09:28 fetching corpus: 3141, signal 176386/226650 (executing program) 1970/01/01 00:09:30 fetching corpus: 3190, signal 176998/227743 (executing program) 1970/01/01 00:09:33 fetching corpus: 3240, signal 177754/228982 (executing program) 1970/01/01 00:09:36 fetching corpus: 3290, signal 178696/230302 (executing program) 1970/01/01 00:09:39 fetching corpus: 3340, signal 179567/231538 (executing program) 1970/01/01 00:09:41 fetching corpus: 3389, signal 180146/232622 (executing program) 1970/01/01 00:09:45 fetching corpus: 3439, signal 180902/233778 (executing program) 1970/01/01 00:09:47 fetching corpus: 3489, signal 181764/234995 (executing program) 1970/01/01 00:09:49 fetching corpus: 3538, signal 182424/236047 (executing program) 1970/01/01 00:09:52 fetching corpus: 3588, signal 183352/237279 (executing program) 1970/01/01 00:09:55 fetching corpus: 3638, signal 183940/238272 (executing program) 1970/01/01 00:09:58 fetching corpus: 3688, signal 184721/239361 (executing program) 1970/01/01 00:10:00 fetching corpus: 3738, signal 185594/240521 (executing program) 1970/01/01 00:10:02 fetching corpus: 3788, signal 186406/241655 (executing program) 1970/01/01 00:10:04 fetching corpus: 3838, signal 186954/242643 (executing program) 1970/01/01 00:10:08 fetching corpus: 3888, signal 187960/243786 (executing program) 1970/01/01 00:10:12 fetching corpus: 3938, signal 188593/244761 (executing program) 1970/01/01 00:10:14 fetching corpus: 3987, signal 189678/245918 (executing program) 1970/01/01 00:10:19 fetching corpus: 4037, signal 190492/246964 (executing program) 1970/01/01 00:10:22 fetching corpus: 4087, signal 191325/248049 (executing program) 1970/01/01 00:10:25 fetching corpus: 4137, signal 192405/249241 (executing program) 1970/01/01 00:10:27 fetching corpus: 4187, signal 193068/250213 (executing program) 1970/01/01 00:10:28 fetching corpus: 4237, signal 193714/251165 (executing program) 1970/01/01 00:10:31 fetching corpus: 4287, signal 194444/252116 (executing program) 1970/01/01 00:10:34 fetching corpus: 4337, signal 195239/253067 (executing program) 1970/01/01 00:10:36 fetching corpus: 4387, signal 195836/253926 (executing program) 1970/01/01 00:10:38 fetching corpus: 4437, signal 196574/254860 (executing program) 1970/01/01 00:10:41 fetching corpus: 4486, signal 197269/255760 (executing program) 1970/01/01 00:10:44 fetching corpus: 4536, signal 198054/256677 (executing program) 1970/01/01 00:10:47 fetching corpus: 4586, signal 198652/257485 (executing program) 1970/01/01 00:10:49 fetching corpus: 4636, signal 199388/258424 (executing program) 1970/01/01 00:10:51 fetching corpus: 4686, signal 199851/259192 (executing program) 1970/01/01 00:10:54 fetching corpus: 4736, signal 200572/260114 (executing program) 1970/01/01 00:10:58 fetching corpus: 4786, signal 201115/260956 (executing program) 1970/01/01 00:11:01 fetching corpus: 4835, signal 202133/261913 (executing program) 1970/01/01 00:11:03 fetching corpus: 4885, signal 202671/262738 (executing program) 1970/01/01 00:11:06 fetching corpus: 4934, signal 203299/263541 (executing program) 1970/01/01 00:11:08 fetching corpus: 4983, signal 203733/264253 (executing program) 1970/01/01 00:11:10 fetching corpus: 5033, signal 204455/265047 (executing program) 1970/01/01 00:11:12 fetching corpus: 5083, signal 205120/265816 (executing program) 1970/01/01 00:11:14 fetching corpus: 5133, signal 205703/266567 (executing program) 1970/01/01 00:11:17 fetching corpus: 5183, signal 206342/267337 (executing program) 1970/01/01 00:11:19 fetching corpus: 5233, signal 206963/268090 (executing program) 1970/01/01 00:11:21 fetching corpus: 5283, signal 207504/268823 (executing program) 1970/01/01 00:11:23 fetching corpus: 5333, signal 208060/269563 (executing program) 1970/01/01 00:11:26 fetching corpus: 5383, signal 208538/270204 (executing program) 1970/01/01 00:11:30 fetching corpus: 5433, signal 209379/270974 (executing program) 1970/01/01 00:11:33 fetching corpus: 5481, signal 210027/271687 (executing program) 1970/01/01 00:11:35 fetching corpus: 5531, signal 210583/272368 (executing program) 1970/01/01 00:11:37 fetching corpus: 5581, signal 211122/273044 (executing program) 1970/01/01 00:11:40 fetching corpus: 5631, signal 211529/273722 (executing program) 1970/01/01 00:11:42 fetching corpus: 5680, signal 212251/274439 (executing program) 1970/01/01 00:11:44 fetching corpus: 5730, signal 212801/275090 (executing program) 1970/01/01 00:11:47 fetching corpus: 5780, signal 213281/275727 (executing program) 1970/01/01 00:11:49 fetching corpus: 5830, signal 214079/276387 (executing program) 1970/01/01 00:11:53 fetching corpus: 5880, signal 214814/277005 (executing program) 1970/01/01 00:11:57 fetching corpus: 5930, signal 215239/277627 (executing program) 1970/01/01 00:11:59 fetching corpus: 5980, signal 215854/278275 (executing program) 1970/01/01 00:12:01 fetching corpus: 6030, signal 216394/278898 (executing program) 1970/01/01 00:12:04 fetching corpus: 6080, signal 217034/279531 (executing program) 1970/01/01 00:12:08 fetching corpus: 6130, signal 218017/280400 (executing program) 1970/01/01 00:12:12 fetching corpus: 6180, signal 218773/281002 (executing program) 1970/01/01 00:12:15 fetching corpus: 6230, signal 219206/281522 (executing program) 1970/01/01 00:12:17 fetching corpus: 6279, signal 219749/282078 (executing program) 1970/01/01 00:12:19 fetching corpus: 6329, signal 220176/282595 (executing program) 1970/01/01 00:12:20 fetching corpus: 6379, signal 220800/283170 (executing program) 1970/01/01 00:12:23 fetching corpus: 6429, signal 221141/283688 (executing program) 1970/01/01 00:12:26 fetching corpus: 6478, signal 221741/284232 (executing program) 1970/01/01 00:12:30 fetching corpus: 6527, signal 222179/284743 (executing program) 1970/01/01 00:12:32 fetching corpus: 6577, signal 222737/285266 (executing program) 1970/01/01 00:12:35 fetching corpus: 6626, signal 223568/285807 (executing program) 1970/01/01 00:12:37 fetching corpus: 6675, signal 224116/286312 (executing program) 1970/01/01 00:12:40 fetching corpus: 6724, signal 224731/286827 (executing program) 1970/01/01 00:12:43 fetching corpus: 6774, signal 225272/287310 (executing program) 1970/01/01 00:12:45 fetching corpus: 6824, signal 225751/287793 (executing program) 1970/01/01 00:12:48 fetching corpus: 6874, signal 226216/288260 (executing program) 1970/01/01 00:12:50 fetching corpus: 6924, signal 226571/288746 (executing program) 1970/01/01 00:12:52 fetching corpus: 6974, signal 226913/289188 (executing program) 1970/01/01 00:12:55 fetching corpus: 7023, signal 227486/289640 (executing program) 1970/01/01 00:12:56 fetching corpus: 7072, signal 227947/290113 (executing program) 1970/01/01 00:12:59 fetching corpus: 7122, signal 228438/290525 (executing program) 1970/01/01 00:13:03 fetching corpus: 7172, signal 229003/290949 (executing program) 1970/01/01 00:13:07 fetching corpus: 7221, signal 229492/291094 (executing program) 1970/01/01 00:13:09 fetching corpus: 7270, signal 229784/291094 (executing program) 1970/01/01 00:13:11 fetching corpus: 7320, signal 230347/291157 (executing program) 1970/01/01 00:13:13 fetching corpus: 7370, signal 230903/291157 (executing program) 1970/01/01 00:13:15 fetching corpus: 7420, signal 231364/291159 (executing program) 1970/01/01 00:13:17 fetching corpus: 7470, signal 231677/291159 (executing program) 1970/01/01 00:13:19 fetching corpus: 7519, signal 231966/291159 (executing program) 1970/01/01 00:13:23 fetching corpus: 7569, signal 232888/291159 (executing program) 1970/01/01 00:13:26 fetching corpus: 7617, signal 233443/291160 (executing program) 1970/01/01 00:13:29 fetching corpus: 7667, signal 234520/291160 (executing program) 1970/01/01 00:13:31 fetching corpus: 7717, signal 234986/291160 (executing program) 1970/01/01 00:13:34 fetching corpus: 7767, signal 235527/291160 (executing program) 1970/01/01 00:13:36 fetching corpus: 7817, signal 236128/291183 (executing program) 1970/01/01 00:13:39 fetching corpus: 7866, signal 236697/291184 (executing program) 1970/01/01 00:13:42 fetching corpus: 7916, signal 237211/291191 (executing program) 1970/01/01 00:13:45 fetching corpus: 7966, signal 237714/291191 (executing program) 1970/01/01 00:13:48 fetching corpus: 8015, signal 238302/291193 (executing program) 1970/01/01 00:13:50 fetching corpus: 8064, signal 238774/291195 (executing program) 1970/01/01 00:13:51 fetching corpus: 8114, signal 239234/291205 (executing program) 1970/01/01 00:13:53 fetching corpus: 8163, signal 239709/291205 (executing program) 1970/01/01 00:13:56 fetching corpus: 8212, signal 240159/291205 (executing program) 1970/01/01 00:13:59 fetching corpus: 8261, signal 240656/291207 (executing program) 1970/01/01 00:14:01 fetching corpus: 8311, signal 241184/291220 (executing program) 1970/01/01 00:14:03 fetching corpus: 8360, signal 241628/291220 (executing program) 1970/01/01 00:14:05 fetching corpus: 8410, signal 242058/291220 (executing program) 1970/01/01 00:14:07 fetching corpus: 8460, signal 242350/291225 (executing program) 1970/01/01 00:14:10 fetching corpus: 8510, signal 242887/291225 (executing program) 1970/01/01 00:14:13 fetching corpus: 8559, signal 243226/291225 (executing program) 1970/01/01 00:14:16 fetching corpus: 8609, signal 243639/291225 (executing program) 1970/01/01 00:14:18 fetching corpus: 8658, signal 244054/291228 (executing program) 1970/01/01 00:14:20 fetching corpus: 8708, signal 244429/291228 (executing program) 1970/01/01 00:14:22 fetching corpus: 8758, signal 244789/291228 (executing program) 1970/01/01 00:14:24 fetching corpus: 8808, signal 245191/291240 (executing program) 1970/01/01 00:14:26 fetching corpus: 8857, signal 245799/291241 (executing program) 1970/01/01 00:14:28 fetching corpus: 8907, signal 246238/291243 (executing program) 1970/01/01 00:14:31 fetching corpus: 8957, signal 246613/291243 (executing program) 1970/01/01 00:14:35 fetching corpus: 9006, signal 246964/291243 (executing program) 1970/01/01 00:14:38 fetching corpus: 9054, signal 247430/291246 (executing program) 1970/01/01 00:14:42 fetching corpus: 9103, signal 247776/291246 (executing program) 1970/01/01 00:14:45 fetching corpus: 9153, signal 248079/291246 (executing program) 1970/01/01 00:14:47 fetching corpus: 9203, signal 248342/291246 (executing program) 1970/01/01 00:14:49 fetching corpus: 9253, signal 248753/291246 (executing program) 1970/01/01 00:14:51 fetching corpus: 9301, signal 249067/291250 (executing program) 1970/01/01 00:14:56 fetching corpus: 9351, signal 249484/291250 (executing program) 1970/01/01 00:14:58 fetching corpus: 9401, signal 249777/291250 (executing program) 1970/01/01 00:15:00 fetching corpus: 9450, signal 250094/291250 (executing program) 1970/01/01 00:15:01 fetching corpus: 9500, signal 250574/291250 (executing program) 1970/01/01 00:15:04 fetching corpus: 9549, signal 251076/291251 (executing program) 1970/01/01 00:15:05 fetching corpus: 9599, signal 251444/291251 (executing program) 1970/01/01 00:15:08 fetching corpus: 9649, signal 251808/291251 (executing program) 1970/01/01 00:15:11 fetching corpus: 9699, signal 252273/291251 (executing program) 1970/01/01 00:15:13 fetching corpus: 9749, signal 252625/291254 (executing program) 1970/01/01 00:15:16 fetching corpus: 9799, signal 253054/291260 (executing program) 1970/01/01 00:15:17 fetching corpus: 9849, signal 253543/291260 (executing program) 1970/01/01 00:15:19 fetching corpus: 9899, signal 253954/291263 (executing program) 1970/01/01 00:15:22 fetching corpus: 9949, signal 254370/291265 (executing program) 1970/01/01 00:15:23 fetching corpus: 9997, signal 254728/291265 (executing program) 1970/01/01 00:15:25 fetching corpus: 10046, signal 255089/291266 (executing program) 1970/01/01 00:15:29 fetching corpus: 10096, signal 255428/291266 (executing program) 1970/01/01 00:15:33 fetching corpus: 10145, signal 255715/291266 (executing program) 1970/01/01 00:15:36 fetching corpus: 10195, signal 256149/291266 (executing program) 1970/01/01 00:15:40 fetching corpus: 10245, signal 256635/291289 (executing program) 1970/01/01 00:15:42 fetching corpus: 10295, signal 257254/291289 (executing program) 1970/01/01 00:15:45 fetching corpus: 10345, signal 257678/291290 (executing program) 1970/01/01 00:15:47 fetching corpus: 10394, signal 258031/291290 (executing program) 1970/01/01 00:15:50 fetching corpus: 10443, signal 258458/291290 (executing program) 1970/01/01 00:15:52 fetching corpus: 10493, signal 258776/291290 (executing program) 1970/01/01 00:15:54 fetching corpus: 10543, signal 259062/291290 (executing program) 1970/01/01 00:15:58 fetching corpus: 10593, signal 259469/291293 (executing program) 1970/01/01 00:16:00 fetching corpus: 10643, signal 259910/291294 (executing program) 1970/01/01 00:16:03 fetching corpus: 10693, signal 260338/291294 (executing program) 1970/01/01 00:16:05 fetching corpus: 10742, signal 260644/291296 (executing program) 1970/01/01 00:16:07 fetching corpus: 10791, signal 260974/291300 (executing program) 1970/01/01 00:16:08 fetching corpus: 10840, signal 261380/291302 (executing program) 1970/01/01 00:16:11 fetching corpus: 10889, signal 261676/291302 (executing program) 1970/01/01 00:16:14 fetching corpus: 10939, signal 262006/291312 (executing program) 1970/01/01 00:16:16 fetching corpus: 10989, signal 262317/291312 (executing program) 1970/01/01 00:16:18 fetching corpus: 11039, signal 262650/291312 (executing program) 1970/01/01 00:16:20 fetching corpus: 11089, signal 263065/291312 (executing program) 1970/01/01 00:16:22 fetching corpus: 11139, signal 263356/291312 (executing program) 1970/01/01 00:16:24 fetching corpus: 11187, signal 263744/291312 (executing program) 1970/01/01 00:16:26 fetching corpus: 11237, signal 264079/291313 (executing program) 1970/01/01 00:16:28 fetching corpus: 11287, signal 264365/291313 (executing program) 1970/01/01 00:16:32 fetching corpus: 11334, signal 264704/291315 (executing program) 1970/01/01 00:16:35 fetching corpus: 11383, signal 265066/291319 (executing program) 1970/01/01 00:16:37 fetching corpus: 11430, signal 265337/291319 (executing program) 1970/01/01 00:16:39 fetching corpus: 11480, signal 265608/291319 (executing program) 1970/01/01 00:16:41 fetching corpus: 11530, signal 265886/291319 (executing program) 1970/01/01 00:16:43 fetching corpus: 11580, signal 266181/291322 (executing program) 1970/01/01 00:16:44 fetching corpus: 11630, signal 266448/291322 (executing program) 1970/01/01 00:16:47 fetching corpus: 11679, signal 266728/291322 (executing program) 1970/01/01 00:16:50 fetching corpus: 11728, signal 266924/291334 (executing program) 1970/01/01 00:16:53 fetching corpus: 11778, signal 267260/291336 (executing program) 1970/01/01 00:17:00 fetching corpus: 11828, signal 267490/291336 (executing program) 1970/01/01 00:17:04 fetching corpus: 11878, signal 267946/291341 (executing program) 1970/01/01 00:17:07 fetching corpus: 11928, signal 268266/291341 (executing program) 1970/01/01 00:17:09 fetching corpus: 11978, signal 268612/291347 (executing program) 1970/01/01 00:17:12 fetching corpus: 12028, signal 268908/291347 (executing program) 1970/01/01 00:17:14 fetching corpus: 12078, signal 269338/291347 (executing program) 1970/01/01 00:17:15 fetching corpus: 12127, signal 269713/291347 (executing program) 1970/01/01 00:17:17 fetching corpus: 12175, signal 269957/291347 (executing program) 1970/01/01 00:17:19 fetching corpus: 12225, signal 270229/291347 (executing program) 1970/01/01 00:17:23 fetching corpus: 12274, signal 270557/291347 (executing program) 1970/01/01 00:17:25 fetching corpus: 12324, signal 270877/291349 (executing program) 1970/01/01 00:17:27 fetching corpus: 12374, signal 271109/291349 (executing program) 1970/01/01 00:17:30 fetching corpus: 12423, signal 271468/291349 (executing program) 1970/01/01 00:17:32 fetching corpus: 12472, signal 271811/291349 (executing program) 1970/01/01 00:17:34 fetching corpus: 12522, signal 272194/291359 (executing program) 1970/01/01 00:17:35 fetching corpus: 12571, signal 272508/291369 (executing program) 1970/01/01 00:17:37 fetching corpus: 12619, signal 272860/291369 (executing program) 1970/01/01 00:17:41 fetching corpus: 12669, signal 273271/291369 (executing program) 1970/01/01 00:17:44 fetching corpus: 12717, signal 273639/291369 (executing program) 1970/01/01 00:17:46 fetching corpus: 12767, signal 273959/291374 (executing program) 1970/01/01 00:17:49 fetching corpus: 12817, signal 274326/291374 (executing program) 1970/01/01 00:17:51 fetching corpus: 12867, signal 274602/291374 (executing program) 1970/01/01 00:17:52 fetching corpus: 12917, signal 274898/291375 (executing program) 1970/01/01 00:17:55 fetching corpus: 12967, signal 275571/291375 (executing program) 1970/01/01 00:17:57 fetching corpus: 13017, signal 275941/291375 (executing program) 1970/01/01 00:17:59 fetching corpus: 13066, signal 276246/291375 (executing program) 1970/01/01 00:18:02 fetching corpus: 13116, signal 276571/291375 (executing program) 1970/01/01 00:18:05 fetching corpus: 13165, signal 276988/291375 (executing program) 1970/01/01 00:18:07 fetching corpus: 13214, signal 277332/291375 (executing program) 1970/01/01 00:18:09 fetching corpus: 13264, signal 277677/291375 (executing program) 1970/01/01 00:18:11 fetching corpus: 13314, signal 277933/291380 (executing program) 1970/01/01 00:18:13 fetching corpus: 13364, signal 278252/291385 (executing program) 1970/01/01 00:18:15 fetching corpus: 13414, signal 278517/291385 (executing program) 1970/01/01 00:18:17 fetching corpus: 13464, signal 278913/291385 (executing program) 1970/01/01 00:18:19 fetching corpus: 13514, signal 279235/291385 (executing program) 1970/01/01 00:18:21 fetching corpus: 13564, signal 279492/291387 (executing program) 1970/01/01 00:18:25 fetching corpus: 13614, signal 279753/291387 (executing program) 1970/01/01 00:18:28 fetching corpus: 13664, signal 280045/291387 (executing program) 1970/01/01 00:18:30 fetching corpus: 13711, signal 280287/291387 (executing program) 1970/01/01 00:18:32 fetching corpus: 13761, signal 280622/291387 (executing program) 1970/01/01 00:18:34 fetching corpus: 13811, signal 280915/291387 (executing program) 1970/01/01 00:18:36 fetching corpus: 13861, signal 281364/291387 (executing program) 1970/01/01 00:18:38 fetching corpus: 13911, signal 281586/291389 (executing program) 1970/01/01 00:18:40 fetching corpus: 13961, signal 282072/291389 (executing program) 1970/01/01 00:18:44 fetching corpus: 14011, signal 282893/291389 (executing program) 1970/01/01 00:18:47 fetching corpus: 14061, signal 283159/291402 (executing program) 1970/01/01 00:18:50 fetching corpus: 14110, signal 283526/291402 (executing program) 1970/01/01 00:18:53 fetching corpus: 14159, signal 283771/291402 (executing program) 1970/01/01 00:18:55 fetching corpus: 14208, signal 284118/291402 (executing program) 1970/01/01 00:18:57 fetching corpus: 14257, signal 284349/291402 (executing program) 1970/01/01 00:18:59 fetching corpus: 14306, signal 284637/291403 (executing program) 1970/01/01 00:19:02 fetching corpus: 14356, signal 284995/291403 (executing program) 1970/01/01 00:19:03 fetching corpus: 14404, signal 285243/291409 (executing program) 1970/01/01 00:19:06 fetching corpus: 14452, signal 285522/291411 (executing program) 1970/01/01 00:19:08 fetching corpus: 14500, signal 285779/291411 (executing program) 1970/01/01 00:19:13 fetching corpus: 14548, signal 286049/291411 (executing program) 1970/01/01 00:19:17 fetching corpus: 14598, signal 286335/291415 (executing program) 1970/01/01 00:19:20 fetching corpus: 14648, signal 286680/291417 (executing program) 1970/01/01 00:19:22 fetching corpus: 14698, signal 286889/291429 (executing program) 1970/01/01 00:19:24 fetching corpus: 14747, signal 287151/291429 (executing program) 1970/01/01 00:19:26 fetching corpus: 14797, signal 287438/291429 (executing program) 1970/01/01 00:19:28 fetching corpus: 14846, signal 287791/291429 (executing program) 1970/01/01 00:19:30 fetching corpus: 14894, signal 288096/291429 (executing program) 1970/01/01 00:19:33 fetching corpus: 14944, signal 288415/291433 (executing program) 1970/01/01 00:19:35 fetching corpus: 14971, signal 288610/291433 (executing program) 1970/01/01 00:19:35 fetching corpus: 14971, signal 288610/291433 (executing program) 1970/01/01 00:21:33 starting 2 fuzzer processes 00:21:34 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) r2 = dup3(r1, r0, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000240)={'ip6_vti0\x00', &(0x7f00000001c0)={'ip6gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}) 00:21:34 executing program 1: rt_sigsuspend(&(0x7f0000000140)={[0x2]}, 0x8) [ 1320.316490][ T2053] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1320.906072][ T2053] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1321.012235][ T2052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1321.711976][ T2052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1333.114396][ T2053] device hsr_slave_0 entered promiscuous mode [ 1333.143578][ T2053] device hsr_slave_1 entered promiscuous mode [ 1334.805459][ T2052] device hsr_slave_0 entered promiscuous mode [ 1334.844704][ T2052] device hsr_slave_1 entered promiscuous mode [ 1334.878004][ T2052] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1334.886223][ T2052] Cannot create hsr debugfs directory [ 1342.654542][ T2053] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1342.857885][ T2053] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1343.138764][ T2053] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1343.397932][ T2053] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1345.067247][ T2052] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1345.408859][ T2052] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1345.689107][ T2052] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1346.476546][ T2052] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1363.184119][ T2053] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1363.747085][ T2052] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1364.258605][ T2102] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1364.375645][ T2102] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1364.832058][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1364.922260][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1376.436427][ T2684] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1376.571440][ T2684] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1377.056647][ T2102] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1377.155143][ T2102] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1377.515491][ T2684] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1378.224374][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1378.415971][ T2215] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1378.487650][ T2215] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1379.071862][ T2668] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1379.118084][ T2668] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1379.998447][ T2668] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1380.107091][ T2668] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1380.135269][ T2668] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1380.463892][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1380.788470][ T2668] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1380.904908][ T2668] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1381.358477][ T2053] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1382.201571][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1382.277540][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1382.786662][ T2684] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1382.866877][ T2684] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1383.248899][ T2052] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1390.482368][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1390.486976][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1391.934020][ T2215] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1391.937823][ T2215] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1406.178311][ T2028] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1406.198167][ T2028] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1406.796221][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1406.863340][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1415.681865][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1415.716497][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1416.027391][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1416.101071][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1416.114095][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1416.126280][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1416.216547][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1416.237801][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1416.314800][ T2052] device veth0_vlan entered promiscuous mode [ 1416.458374][ T2053] device veth0_vlan entered promiscuous mode [ 1416.938548][ T2052] device veth1_vlan entered promiscuous mode [ 1417.183878][ T2053] device veth1_vlan entered promiscuous mode [ 1418.808950][ T2102] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1418.844244][ T2102] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1419.189039][ T2684] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1419.243831][ T2684] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1419.336402][ T2052] device veth0_macvtap entered promiscuous mode [ 1419.517103][ T2053] device veth0_macvtap entered promiscuous mode [ 1419.638339][ T2052] device veth1_macvtap entered promiscuous mode [ 1419.904463][ T2053] device veth1_macvtap entered promiscuous mode [ 1420.019235][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1420.078515][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1420.134701][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1421.122234][ T2668] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1421.147700][ T2668] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1421.318039][ T2684] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1421.357822][ T2684] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1421.610569][ C0] BUG: MAX_LOCK_DEPTH too low! [ 1421.611635][ C0] turning off the locking correctness validator. [ 1421.612440][ C0] depth: 162675826 max: 48! [ 1421.612463][ C1] Unable to handle kernel paging request at virtual address 1ffff5f0013647a8 [ 1421.613379][ C1] Oops [#1] [ 1421.614527][ C0] 162675826 locks held by syz-executor.0/2053: [ 1421.616011][ C1] Modules linked in: [ 1421.616709][ C0] #0: ffffffff855cf108 [ 1421.617349][ C1] CPU: 1 PID: 2015 Comm: sshd Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1421.617789][ C0] (rtnl_mutex [ 1421.619247][ C1] Hardware name: riscv-virtio,qemu (DT) [ 1421.619531][ C0] ){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x2fe/0x9a0 [ 1421.620795][ C1] epc : 0x1ffff5f0013647a8 [ 1421.622498][ C0] #1: ffffffff8568feb0 [ 1421.623092][ C1] ra : __wake_up_common+0xb6/0x236 [ 1421.623306][ C0] ( [ 1421.623504][ C1] epc : 1ffff5f0013647a8 ra : ffffffff800f7678 sp : ffffaf800a12e090 [ 1421.624406][ C1] gp : ffffffff85863ac0 tp : ffffaf800cdf3080 t0 : ffffaf800ea53a28 [ 1421.625520][ C1] t1 : fffff5ef01ea7ca7 t2 : bdde6fa98de2b741 s0 : ffffaf800a12e100 [ 1421.626153][ C1] s1 : ffffaf8009b23cf0 a0 : ffffaf8009b23cf0 a1 : 0000000000000003 [ 1421.627281][ C1] a2 : 0000000000000000 a3 : 0000000000000000 a4 : 1ffff5f0013647a8 [ 1421.629730][ C0] (inetaddr_chain).rwsem){++++}-{3:3}, at: blocking_notifier_call_chain+0x42/0x78 [ 1421.631654][ C1] a5 : ffffaf8009b23d00 a6 : ffffffff800f78bc a7 : ffffffff800f77f8 [ 1421.632010][ C1] s2 : ffffffffffffffe8 s3 : 0000000000000000 s4 : 0000000000000000 [ 1421.634581][ C1] s5 : ffffaf800f53e4d0 s6 : ffffaf800a12e150 s7 : 0000000000000001 [ 1421.636016][ C1] s8 : 0000000000000003 s9 : 0000000000000000 s10: 0000000000000000 [ 1421.636315][ C1] s11: 000000000ed7baa0 t3 : fffffffff3f3f304 t4 : fffff5ef01ea7ca7 [ 1421.638580][ C0] #2: ffffffff84c3a9c8 [ 1421.639999][ C1] t5 : fffff5ef01ea7ca8 t6 : ffffaf800ea53a40 [ 1421.640288][ C0] (remove_cache_srcu){....}-{0:0} [ 1421.642085][ C1] status: 0000000000000100 badaddr: 1ffff5f0013647a8 cause: 000000000000000c [ 1421.642193][ C0] , at: kasan_quarantine_reduce+0x46/0x1c8 [ 1421.643284][ C0] #3: ffffffff84b73e00 (rcu_read_lock){....}-{1:2}, at: netif_receive_skb_list_internal+0x244/0x816 [ 1421.647139][ C0] ================================================================== [ 1421.647132][ C1] Unable to handle kernel paging request at virtual address 70ef8526feab243b [ 1421.647413][ C1] Oops [#2] [ 1421.649503][ C0] BUG: KASAN: stack-out-of-bounds in do_page_fault+0x46/0xa3c [ 1421.651243][ C0] Read of size 8 at addr ffffaf8009b23aa8 by task syz-executor.0/2053 [ 1421.653503][ C0] [ 1421.656236][ C1] Modules linked in: [ 1421.656342][ C0] CPU: 0 PID: 2053 Comm: syz-executor.0 Tainted: G D 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1421.657334][ C1] CPU: 1 PID: 2015 Comm: sshd Tainted: G D 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1421.659519][ C0] Hardware name: riscv-virtio,qemu (DT) [ 1421.661349][ C1] Hardware name: riscv-virtio,qemu (DT) [ 1421.661564][ C1] epc : timerqueue_add+0xb0/0x1d0 [ 1421.663741][ C0] Call Trace: [ 1421.664728][ C0] [] dump_backtrace+0x2e/0x3c [ 1421.665432][ C1] ra : timerqueue_add+0xb0/0x1d0 [ 1421.665921][ C1] epc : ffffffff80c2bca8 ra : ffffffff80c2bca8 sp : ffffaf800a12da10 [ 1421.667041][ C1] gp : ffffffff85863ac0 tp : ffffaf800cdf3080 t0 : 0000000000046000 [ 1421.668919][ C0] [] show_stack+0x34/0x40 [ 1421.670410][ C1] t1 : fffffffef0b187a1 t2 : 0000000000000000 s0 : ffffaf800a12da60 [ 1421.670710][ C1] s1 : 70ef8526feab2423 a0 : 0000000000000000 a1 : 0000000000000008 [ 1421.671825][ C1] a2 : 0000000000000000 a3 : ffffffff80c2bca8 a4 : ffffffff85892ec8 [ 1421.674279][ C0] [] dump_stack_lvl+0xe4/0x150 [ 1421.675855][ C1] a5 : 0000000000000001 a6 : 0000000000f00000 a7 : ffffffff858c3d0b [ 1421.676157][ C1] s2 : ffffffff800c88ac s3 : 0513057a7517858f s4 : ffffaf805a9e7d18 [ 1421.678463][ C0] [] print_address_description.constprop.0+0x2a/0x330 [ 1421.680121][ C1] s5 : 0000014ab8d25600 s6 : 0000000000000000 s7 : ffffaf805a9e74d0 [ 1421.680407][ C1] s8 : ffffaf805a9e7490 s9 : ffffaf805a9e7d50 s10: ffffaf805a9e7400 [ 1421.681775][ C1] s11: 0000000000010106 t3 : 000000007461202c t4 : fffffffef0b187a1 [ 1421.684045][ C0] [] kasan_report+0x184/0x1e0 [ 1421.685613][ C1] t5 : fffffffef0b187a2 t6 : ffffaf800a12daf8 [ 1421.685885][ C1] status: 0000000000000100 badaddr: 70ef8526feab243b cause: 000000000000000d [ 1421.687130][ C0] [] __asan_load8+0x6e/0x96 [ 1421.689522][ C1] [] __hrtimer_run_queues+0x8b4/0xa16 [ 1421.690106][ C1] [] hrtimer_interrupt+0x1d4/0x3ea [ 1421.690565][ C1] [] riscv_timer_interrupt+0x5c/0x6a [ 1421.691016][ C1] [] handle_percpu_devid_irq+0x17e/0x2ae [ 1421.691575][ C1] [] generic_handle_domain_irq+0x7c/0x9c [ 1421.692072][ C1] [] riscv_intc_irq+0x7e/0xc8 [ 1421.692615][ C1] [] generic_handle_arch_irq+0x36/0x54 [ 1421.693196][ C1] [] ret_from_exception+0x0/0x10 [ 1421.693671][ C1] [] _raw_spin_unlock_irq+0x2a/0x76 [ 1421.694340][ C1] ---[ end trace 0000000000000000 ]--- [ 1421.695067][ C1] Kernel panic - not syncing: Fatal exception in interrupt [ 1421.695461][ C1] SMP: stopping secondary CPUs [ 1421.716397][ C0] [] do_page_fault+0x46/0xa3c [ 1421.718314][ C0] [] ret_from_exception+0x0/0x10 [ 1421.720188][ C0] [ 1421.721039][ C0] The buggy address belongs to the page: [ 1421.722899][ C0] page:ffffaf807a9031d8 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x89d23 [ 1421.725432][ C0] flags: 0x8800000000(section=17|node=0|zone=0) [ 1421.728248][ C0] raw: 0000008800000000 0000000000000000 ffffaf807a9031e0 0000000000000000 [ 1421.730534][ C0] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 1421.732835][ C0] raw: 00000000000007ff [ 1421.734220][ C0] page dumped because: kasan: bad access detected [ 1421.736229][ C0] page_owner tracks the page as allocated [ 1421.737832][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), pid 2018, ts 1296101997600, free_ts 1137902632600 [ 1421.741384][ C0] __set_page_owner+0x48/0x136 [ 1421.742798][ C0] post_alloc_hook+0xd0/0x10a [ 1421.744224][ C0] get_page_from_freelist+0x8da/0x12d8 [ 1421.745866][ C0] __alloc_pages+0x150/0x3b6 [ 1421.747395][ C0] copy_process+0x482/0x3c34 [ 1421.748714][ C0] kernel_clone+0xee/0x920 [ 1421.750062][ C0] __do_sys_clone+0xf2/0x12e [ 1421.751471][ C0] sys_clone+0x32/0x44 [ 1421.752725][ C0] ret_from_syscall+0x0/0x2 [ 1421.754271][ C0] page last free stack trace: [ 1421.755672][ C0] __reset_page_owner+0x4a/0xea [ 1421.757153][ C0] free_pcp_prepare+0x29c/0x45e [ 1421.758441][ C0] free_unref_page+0x6a/0x31e [ 1421.759946][ C0] free_compound_page+0x70/0x8a [ 1421.761641][ C0] __put_compound_page+0x7c/0xb0 [ 1421.763088][ C0] __put_page+0x48/0x100 [ 1421.764614][ C0] skb_release_data+0x2f8/0x3c4 [ 1421.766291][ C0] __kfree_skb+0x38/0x50 [ 1421.767696][ C0] tcp_eat_recv_skb+0x138/0x140 [ 1421.769179][ C0] tcp_recvmsg_locked+0xb4a/0x13f6 [ 1421.770872][ C0] tcp_recvmsg+0x190/0x414 [ 1421.772174][ C0] inet_recvmsg+0x10a/0x4ba [ 1421.773465][ C0] sock_read_iter+0x26c/0x2ba [ 1421.774945][ C0] new_sync_read+0x3ae/0x3d8 [ 1421.776376][ C0] vfs_read+0x2ce/0x324 [ 1421.777749][ C0] ksys_read+0x1c4/0x224 [ 1421.779273][ C0] [ 1421.780062][ C0] Memory state around the buggy address: [ 1421.781754][ C0] ffffaf8009b23980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1421.783714][ C0] ffffaf8009b23a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1421.785218][ C0] >ffffaf8009b23a80: 00 00 00 00 f1 f1 00 00 00 00 00 00 00 00 00 00 [ 1421.786750][ C0] ^ [ 1421.788233][ C0] ffffaf8009b23b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1421.790406][ C0] ffffaf8009b23b80: f1 f1 f1 f1 00 f3 f3 f3 00 00 00 00 00 00 00 00 [ 1421.792269][ C0] ================================================================== [ 1421.794165][ C0] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 1421.796808][ C0] Oops [#3] [ 1421.797849][ C0] Modules linked in: [ 1421.799126][ C0] CPU: 0 PID: 2053 Comm: syz-executor.0 Tainted: G B D 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1421.802235][ C0] Hardware name: riscv-virtio,qemu (DT) [ 1421.803526][ C0] epc : 0x0 [ 1421.804556][ C0] ra : 0x0 [ 1421.805682][ C0] epc : 0000000000000000 ra : 0000000000000000 sp : ffffaf8009b23ac0 [ 1421.807443][ C0] gp : ffffffff85863ac0 tp : ffffaf800ed7b080 t0 : ffffffff86bdac79 [ 1421.809381][ C0] t1 : fffff5ef01364708 t2 : 0000000000000000 s0 : ffffaf8009b23b10 [ 1421.811090][ C0] s1 : 0000000000000000 a0 : 0000000000000031 a1 : 00000000000f0000 [ 1421.813072][ C0] a2 : 0000000000010506 a3 : ffffffff8012125c a4 : cc25d5719706a100 [ 1421.815098][ C0] a5 : cc25d5719706a100 a6 : 0000000000f00000 a7 : ffffaf8009b23847 [ 1421.817317][ C0] s2 : ffffffffffffffff s3 : 0000000000000000 s4 : ffffaf8009b23c28 [ 1421.819556][ C0] s5 : ffffffff83629ce0 s6 : ffffffff80121ba4 s7 : 0000000000000000 [ 1421.821865][ C0] s8 : 0000000000000000 s9 : 0000000000000001 s10: 000000000000001f [ 1421.823823][ C0] s11: ffffaf800ed7b080 t3 : 0000000000000036 t4 : fffff5ef01364708 [ 1421.825878][ C0] t5 : fffff5ef01364709 t6 : ffffffff86bdacad [ 1421.827479][ C0] status: 0000000000000100 badaddr: 0000000000000000 cause: 000000000000000c [ 1421.831110][ C1] Rebooting in 86400 seconds.. VM DIAGNOSIS: 09:49:52 Registers: info registers vcpu 0 pc ffffffff80c2d72c mhartid 0000000000000000 mstatus 0000000000000180 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff8000f97e sepc 1ffff5f0013647a8 mcause 0000000000000009 scause 000000000000000c mtval 0000000000000000 stval 1ffff5f0013647a8 x0/zero 0000000000000000 x1/ra ffffffff8011c85a x2/sp ffffaf800a12d9c0 x3/gp ffffffff85863ac0 x4/tp ffffaf800cdf3080 x5/t0 ffffffff86bcb657 x6/t1 fffffffef0d796ca x7/t2 0000000000000000 x8/s0 ffffaf800a12dd00 x9/s1 ffffaf800cdf3080 x10/a0 ffffffff84a88880 x11/a1 0000000000000001 x12/a2 1ffffffff0951110 x13/a3 ffffffff831afc06 x14/a4 0000000000000001 x15/a5 0000000000000108 x16/a6 ffffffff8011edca x17/a7 ffffffff86bcb656 x18/s2 0000000000000062 x19/s3 0000000000000000 x20/s4 ffffaf800a12dc80 x21/s5 ffffaf800a12dba0 x22/s6 ffffffff8588c1a0 x23/s7 ffffffff8588c3e0 x24/s8 ffffffff8588c220 x25/s9 ffffffff84a88520 x26/s10 ffffffff858655c0 x27/s11 ffffffff84e4b850 x28/t3 0000000000000055 x29/t4 fffffffef0d796c8 x30/t5 fffffffef0d796cb x31/t6 ffffffff86bcb657 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff8233751e mhartid 0000000000000001 mstatus 00000000000001a0 mip 00000000000000a0 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80162954 sepc ffffffff80162954 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff8233751a x2/sp ffffaf8009b238b0 x3/gp ffffffff85863ac0 x4/tp ffffaf800ed7b080 x5/t0 ffffffff86bcb657 x6/t1 ffffaf8009b23ba0 x7/t2 0000000000000000 x8/s0 ffffaf8009b238c0 x9/s1 ffffffff84b8e270 x10/a0 0000000354698a6d x11/a1 00000000000f0000 x12/a2 0000000000010506 x13/a3 ffffffff8233751a x14/a4 ffffaf800ed7b080 x15/a5 0000000000000000 x16/a6 0000000000f00000 x17/a7 fffffffff2000000 x18/s2 ffffaf800ed7b080 x19/s3 0000000000000004 x20/s4 ffffaf8009b23c48 x21/s5 ffffffff84b8e240 x22/s6 ffffffff83629da0 x23/s7 ffffffff84b8e270 x24/s8 0000000000000000 x25/s9 1ffff5f00136472c x26/s10 ffffffff85889780 x27/s11 ffffaf800ed7b080 x28/t3 1ffff5f001364774 x29/t4 fffff5ef0b53910c x30/t5 fffff5ef0b53910d x31/t6 ffffffff86bcb657 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000