syzkaller login: [ 63.023005][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 63.039868][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 63.043202][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:50678' (ECDSA) to the list of known hosts. 1970/01/01 00:01:25 fuzzer started 1970/01/01 00:01:28 connecting to host at localhost:44553 1970/01/01 00:01:28 checking machine... 1970/01/01 00:01:28 checking revisions... 1970/01/01 00:01:30 testing simple program... [ 90.741839][ T2210] cgroup: Unknown subsys name 'net' [ 91.477995][ T2210] cgroup: Unknown subsys name 'rlimit' executing program executing program [ 95.410768][ T2213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.430097][ T2213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.046029][ T2213] device hsr_slave_0 entered promiscuous mode [ 97.090160][ T2213] device hsr_slave_1 entered promiscuous mode executing program [ 98.058160][ T2213] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 98.121572][ T2213] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 98.172182][ T2213] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 98.222968][ T2213] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 99.478991][ T2213] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.539798][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 99.549841][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 100.274682][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 100.299626][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 100.337103][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 100.342133][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 100.369049][ T888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 100.399667][ T888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 100.497430][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 100.501151][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 100.529061][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 100.533046][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready executing program [ 101.199206][ T888] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 101.200348][ T888] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 102.870386][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 102.874334][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 103.661140][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready executing program [ 103.679045][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 103.714489][ T2213] device veth0_vlan entered promiscuous mode [ 103.723223][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 103.729265][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 103.792906][ T2213] device veth1_vlan entered promiscuous mode [ 103.879700][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 103.884638][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 103.971084][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 103.980007][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 104.004132][ T2213] device veth0_macvtap entered promiscuous mode [ 104.031388][ T2213] device veth1_macvtap entered promiscuous mode [ 104.119273][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 104.123243][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 104.127797][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 104.135054][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 104.197716][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 104.201555][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 104.261442][ T2213] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.262558][ T2213] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.262916][ T2213] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.263257][ T2213] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.450872][ C1] ------------[ cut here ]------------ [ 104.451480][ C1] WARNING: CPU: 1 PID: 27 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 104.451804][ C1] Modules linked in: [ 104.452049][ C1] CPU: 1 PID: 27 Comm: kworker/u4:1 Tainted: G W 6.0.0-syzkaller-11658-ga185a0995518 #0 [ 104.452319][ C1] Hardware name: linux,dummy-virt (DT) [ 104.452662][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 104.453002][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 104.453269][ C1] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 104.453580][ C1] lr : wg_packet_receive+0x978/0x1560 [ 104.453850][ C1] sp : ffff800010ab7440 [ 104.454424][ C1] x29: ffff800010ab7440 x28: 0000000000000001 x27: 1fffe00001457a19 [ 104.455681][ C1] x26: 0000000000000000 x25: ffff80000de5c000 x24: 0000000000000000 [ 104.456557][ C1] x23: 0000000000000003 x22: ffff80000de5cb68 x21: 0000000000000001 [ 104.456952][ C1] x20: ffff00000a2bd0c8 x19: ffff80000de5cd50 x18: ffff00000b9aa0b8 [ 104.457318][ C1] x17: 1fffe00002b9250c x16: 1fffe00001735407 x15: ffff00000b9aa040 [ 104.457678][ C1] x14: 1ffff00002156e60 x13: 0000000000000000 x12: ffff600001457a91 [ 104.458026][ C1] x11: 1fffe00001457a90 x10: ffff600001457a90 x9 : dfff800000000000 [ 104.458417][ C1] x8 : ffff00000a2bd483 x7 : 00009ffffeba8570 x6 : 0000000000000001 [ 104.458837][ C1] x5 : ffff00000a2bd480 x4 : ffff700001bcb9aa x3 : dfff800000000000 [ 104.459187][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 104.459547][ C1] Call trace: [ 104.459739][ C1] wg_cpumask_next_online+0x1c0/0x2c0 [ 104.459973][ C1] wg_packet_receive+0x978/0x1560 [ 104.460185][ C1] wg_receive+0x58/0xb0 [ 104.460395][ C1] udp_queue_rcv_one_skb+0x820/0x1a8c [ 104.460649][ C1] udp_queue_rcv_skb+0x134/0x7e0 [ 104.460915][ C1] udp_unicast_rcv_skb+0xe8/0x2e0 [ 104.461194][ C1] __udp4_lib_rcv+0xcf0/0x31b0 [ 104.461413][ C1] udp_rcv+0x20/0x30 [ 104.461615][ C1] ip_protocol_deliver_rcu+0xbc/0x634 [ 104.461840][ C1] ip_local_deliver_finish+0x248/0x3ac [ 104.462060][ C1] ip_local_deliver+0x16c/0x384 [ 104.462283][ C1] ip_rcv_finish+0x144/0x224 [ 104.462494][ C1] ip_rcv+0xc0/0x2b0 [ 104.462695][ C1] __netif_receive_skb_one_core+0xf4/0x170 [ 104.462927][ C1] __netif_receive_skb+0x24/0x184 [ 104.463138][ C1] process_backlog+0x24c/0x6b0 [ 104.463360][ C1] __napi_poll+0x94/0x3a4 [ 104.463563][ C1] net_rx_action+0x78c/0xb60 [ 104.463820][ C1] _stext+0x28c/0x107c [ 104.464033][ C1] ____do_softirq+0x10/0x20 [ 104.464247][ C1] call_on_irq_stack+0x2c/0x54 [ 104.464551][ C1] do_softirq_own_stack+0x1c/0x30 [ 104.464860][ C1] do_softirq.part.0+0xd0/0xf4 [ 104.465079][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 104.465425][ C1] _raw_read_unlock_bh+0x54/0x64 [ 104.465671][ C1] wg_socket_send_skb_to_peer+0xf0/0x190 [ 104.465984][ C1] wg_socket_send_buffer_to_peer+0x110/0x160 [ 104.466215][ C1] wg_packet_send_handshake_initiation+0x1a8/0x274 [ 104.466457][ C1] wg_packet_handshake_send_worker+0x1c/0x34 [ 104.466682][ C1] process_one_work+0x780/0x184c [ 104.466895][ C1] worker_thread+0x3cc/0xc40 [ 104.467101][ C1] kthread+0x23c/0x2a0 [ 104.467314][ C1] ret_from_fork+0x10/0x20 [ 104.467531][ C1] irq event stamp: 123519 [ 104.467724][ C1] hardirqs last enabled at (123518): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 104.467994][ C1] hardirqs last disabled at (123519): [] el1_dbg+0x24/0x80 [ 104.468254][ C1] softirqs last enabled at (123510): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 104.468532][ C1] softirqs last disabled at (123511): [] ____do_softirq+0x10/0x20 [ 104.468848][ C1] ---[ end trace 0000000000000000 ]--- [ 104.492586][ C0] ------------[ cut here ]------------ [ 104.493221][ C0] WARNING: CPU: 0 PID: 888 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 104.493588][ C0] Modules linked in: [ 104.493873][ C0] CPU: 0 PID: 888 Comm: kworker/0:2 Tainted: G W 6.0.0-syzkaller-11658-ga185a0995518 #0 [ 104.494189][ C0] Hardware name: linux,dummy-virt (DT) [ 104.494417][ C0] Workqueue: wg-crypt-wg1 wg_packet_decrypt_worker [ 104.494701][ C0] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 104.494960][ C0] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 104.495228][ C0] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 104.495675][ C0] sp : ffff800008007960 [ 104.495874][ C0] x29: ffff800008007960 x28: ffff000010fb1000 x27: 0000000000000001 [ 104.496341][ C0] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe00001d9ac7e [ 104.496774][ C0] x23: ffff00000ecd63e8 x22: ffff80000de5cd50 x21: ffff000013b39c20 [ 104.497274][ C0] x20: ffff00000ecd63c0 x19: ffff00000a2bcc40 x18: ffff000012f115b8 [ 104.497677][ C0] x17: ffff80005cbc5000 x16: ffff800008008000 x15: 0000000000008000 [ 104.498147][ C0] x14: 1ffff00001000efa x13: 1fffe000022d84b3 x12: ffff600002767386 [ 104.498700][ C0] x11: ffff700001bcb9aa x10: dfff800000000000 x9 : 0000000000000003 [ 104.499140][ C0] x8 : ffff80000de5c000 x7 : 1fffe000014579b9 x6 : 0000000000000000 [ 104.499586][ C0] x5 : ffff00000a2bcdc8 x4 : ffff80000de5cb68 x3 : ffff800009f2c124 [ 104.500009][ C0] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 104.500466][ C0] Call trace: [ 104.500663][ C0] wg_packet_send_staged_packets+0xe38/0x1380 [ 104.500961][ C0] wg_packet_rx_poll+0xd94/0x1580 [ 104.501250][ C0] __napi_poll+0x94/0x3a4 [ 104.501493][ C0] net_rx_action+0x78c/0xb60 [ 104.501933][ C0] _stext+0x28c/0x107c [ 104.502213][ C0] ____do_softirq+0x10/0x20 [ 104.502437][ C0] call_on_irq_stack+0x2c/0x54 [ 104.502673][ C0] do_softirq_own_stack+0x1c/0x30 [ 104.502889][ C0] do_softirq.part.0+0xd0/0xf4 [ 104.503154][ C0] __local_bh_enable_ip+0x50c/0x5d0 [ 104.503398][ C0] _raw_spin_unlock_bh+0x54/0x64 [ 104.503648][ C0] wg_packet_decrypt_worker+0xd4/0x3c0 [ 104.503896][ C0] process_one_work+0x780/0x184c [ 104.504174][ C0] worker_thread+0x3cc/0xc40 [ 104.504535][ C0] kthread+0x23c/0x2a0 [ 104.504815][ C0] ret_from_fork+0x10/0x20 [ 104.505064][ C0] irq event stamp: 25145 [ 104.505370][ C0] hardirqs last enabled at (25144): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 104.506051][ C0] hardirqs last disabled at (25145): [] el1_dbg+0x24/0x80 [ 104.506532][ C0] softirqs last enabled at (25122): [] wg_packet_decrypt_worker+0xd4/0x3c0 [ 104.507013][ C0] softirqs last disabled at (25123): [] ____do_softirq+0x10/0x20 [ 104.507522][ C0] ---[ end trace 0000000000000000 ]--- 1970/01/01 00:01:45 building call list... [ 105.604802][ T51] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.791324][ T51] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.134552][ T51] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 106.334423][ T51] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 108.602625][ T51] device hsr_slave_0 left promiscuous mode [ 108.650679][ T51] device hsr_slave_1 left promiscuous mode [ 108.787085][ T51] device veth1_macvtap left promiscuous mode [ 108.789188][ T51] device veth0_macvtap left promiscuous mode [ 108.800154][ T51] device veth1_vlan left promiscuous mode [ 108.801565][ T51] device veth0_vlan left promiscuous mode executing program [ 110.683074][ T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 110.804872][ T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 111.283116][ T51] bond0 (unregistering): Released all slaves executing program executing program executing program [ 119.735097][ T2203] can: request_module (can-proto-0) failed. [ 120.057599][ T2203] can: request_module (can-proto-0) failed. [ 120.177649][ T2203] can: request_module (can-proto-0) failed. executing program executing program executing program executing program [ 132.574942][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 132.580059][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 132.583205][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 132.590256][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. VM DIAGNOSIS: 14:18:15 Registers: info registers vcpu 0 PC=ffff800009106890 X00=0000000000000000 X01=0000000000000003 X02=0000000000000000 X03=1ffff000020eefac X04=0000000000000000 X05=0000000000000020 X06=ffff80000feea6e0 X07=0000000000000003 X08=ffff80000f3d3000 X09=0000000000000000 X10=ffff800010777d60 X11=0000000000000000 X12=00000000f1f1f1f1 X13=1ffff00002222da0 X14=1ffff00002222e22 X15=ffff800008908d9c X16=ffff800008951448 X17=ffff800008951830 X18=ffff00006a9cbb88 X19=ffff8000100aa4c8 X20=dfff800000000000 X21=0000000000000030 X22=1ffff00002222de0 X23=ffff800011116e70 X24=ffff800011116f00 X25=ffff80000f676360 X26=ffff80000f67e360 X27=ffff80000f3d39c0 X28=0000000000000001 X29=ffff800011116c50 X30=ffff800008295290 SP=ffff800011116c50 PSTATE=800000c5 N--- EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=30253a3a30386566:000a2e6574656c70 Q02=388e9c6c4fa85ca0:0000000000007832 Q03=0000000000000000:ff00000000000000 Q04=0000000000000000:ffffffffffff0000 Q05=0010000000000000:4000000000000000 Q06=0000000000000000:4010040140100000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000555010004000:0000555010004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff8000082a38f4 X00=00000000000003c0 X01=00000000000003c0 X02=0000000000000000 X03=1fffe0000d53d589 X04=000000000cfc858b X05=0000000000000000 X06=00000000f3f3f3f3 X07=1fffe00001276825 X08=ffff0000093b4128 X09=00000000000000a0 X10=ffff0000093b404c X11=0000000000000007 X12=1fffe00001276809 X13=0000000000000000 X14=1ffff00002156d54 X15=3a37327820313030 X16=3030656666663120 X17=3161373534313030 X18=ffff00000b9aa0b8 X19=1ffff00002156d72 X20=ffff80000de06c48 X21=ffff80000de06c48 X22=ffff80005cbe4000 X23=0000000000000001 X24=ffff80000df4ed98 X25=0000000000000000 X26=0000000000000000 X27=ffff80000c9074ec X28=ffff80000c991f40 X29=ffff800010ab6b10 X30=ffff8000082a38a4 SP=ffff800010ab6b00 PSTATE=100003c5 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=30253a3a30386566:000a2e6574656c70 Q02=388e9c6c4fa85ca0:0000000000007832 Q03=0000000000000000:ff00000000000000 Q04=0000000000000000:ffffffffffff0000 Q05=0010000000000000:4000000000000000 Q06=0000000000000000:4010040140100000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000555010004000:0000555010004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000