syzkaller login: [ 262.429424][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 262.479666][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 290.242115][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:4002' (ECDSA) to the list of known hosts. 1970/01/01 00:05:43 fuzzer started 1970/01/01 00:05:55 dialing manager at localhost:44711 [ 361.132364][ T2037] cgroup: Unknown subsys name 'net' [ 362.266494][ T2037] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:06:02 syscalls: 2918 1970/01/01 00:06:02 code coverage: enabled 1970/01/01 00:06:02 comparison tracing: ioctl(KCOV_DISABLE) failed: invalid argument 1970/01/01 00:06:02 extra coverage: enabled 1970/01/01 00:06:02 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:06:02 setuid sandbox: enabled 1970/01/01 00:06:02 namespace sandbox: enabled 1970/01/01 00:06:02 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:06:02 fault injection: enabled 1970/01/01 00:06:02 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:06:02 net packet injection: enabled 1970/01/01 00:06:02 net device setup: enabled 1970/01/01 00:06:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:06:02 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:06:02 NIC VF setup: PCI device 0000:00:11.0 is not available 1970/01/01 00:06:02 USB emulation: enabled 1970/01/01 00:06:02 hci packet injection: /dev/vhci does not exist 1970/01/01 00:06:02 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:06:02 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:06:02 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:06:08 fetching corpus: 50, signal 38970/41955 (executing program) 1970/01/01 00:06:13 fetching corpus: 100, signal 55964/59800 (executing program) 1970/01/01 00:06:16 fetching corpus: 148, signal 62778/67628 (executing program) 1970/01/01 00:06:18 fetching corpus: 198, signal 68849/74565 (executing program) 1970/01/01 00:06:22 fetching corpus: 248, signal 74420/80896 (executing program) 1970/01/01 00:06:24 fetching corpus: 297, signal 77917/85172 (executing program) 1970/01/01 00:06:27 fetching corpus: 346, signal 81951/89847 (executing program) 1970/01/01 00:06:31 fetching corpus: 396, signal 84952/93501 (executing program) 1970/01/01 00:06:33 fetching corpus: 446, signal 89181/98151 (executing program) 1970/01/01 00:06:36 fetching corpus: 496, signal 91376/100922 (executing program) 1970/01/01 00:06:39 fetching corpus: 546, signal 94359/104291 (executing program) 1970/01/01 00:06:43 fetching corpus: 596, signal 96875/107187 (executing program) 1970/01/01 00:06:46 fetching corpus: 645, signal 100326/110806 (executing program) 1970/01/01 00:06:49 fetching corpus: 695, signal 102511/113350 (executing program) 1970/01/01 00:06:53 fetching corpus: 745, signal 105570/116525 (executing program) 1970/01/01 00:06:57 fetching corpus: 795, signal 109618/120407 (executing program) 1970/01/01 00:07:00 fetching corpus: 844, signal 112231/123098 (executing program) 1970/01/01 00:07:03 fetching corpus: 894, signal 113635/124803 (executing program) 1970/01/01 00:07:05 fetching corpus: 944, signal 115998/127194 (executing program) 1970/01/01 00:07:08 fetching corpus: 994, signal 119650/130469 (executing program) 1970/01/01 00:07:11 fetching corpus: 1044, signal 121332/132179 (executing program) 1970/01/01 00:07:14 fetching corpus: 1094, signal 123120/133996 (executing program) 1970/01/01 00:07:17 fetching corpus: 1144, signal 124441/135436 (executing program) 1970/01/01 00:07:19 fetching corpus: 1194, signal 125837/136870 (executing program) 1970/01/01 00:07:23 fetching corpus: 1244, signal 127536/138422 (executing program) 1970/01/01 00:07:26 fetching corpus: 1293, signal 129112/139910 (executing program) 1970/01/01 00:07:29 fetching corpus: 1343, signal 130284/141078 (executing program) 1970/01/01 00:07:32 fetching corpus: 1393, signal 132060/142592 (executing program) 1970/01/01 00:07:35 fetching corpus: 1443, signal 133708/143997 (executing program) 1970/01/01 00:07:37 fetching corpus: 1492, signal 134980/145142 (executing program) 1970/01/01 00:07:40 fetching corpus: 1542, signal 136683/146517 (executing program) 1970/01/01 00:07:42 fetching corpus: 1592, signal 138101/147683 (executing program) 1970/01/01 00:07:45 fetching corpus: 1642, signal 139426/148769 (executing program) 1970/01/01 00:07:48 fetching corpus: 1691, signal 140842/149832 (executing program) 1970/01/01 00:07:52 fetching corpus: 1741, signal 142061/150784 (executing program) 1970/01/01 00:07:55 fetching corpus: 1790, signal 143393/151755 (executing program) 1970/01/01 00:07:59 fetching corpus: 1840, signal 144710/152694 (executing program) 1970/01/01 00:08:02 fetching corpus: 1890, signal 146471/153787 (executing program) 1970/01/01 00:08:04 fetching corpus: 1940, signal 147385/154443 (executing program) 1970/01/01 00:08:07 fetching corpus: 1990, signal 148729/155302 (executing program) 1970/01/01 00:08:10 fetching corpus: 2039, signal 149799/156014 (executing program) 1970/01/01 00:08:12 fetching corpus: 2089, signal 150924/156661 (executing program) 1970/01/01 00:08:15 fetching corpus: 2139, signal 151837/157273 (executing program) 1970/01/01 00:08:17 fetching corpus: 2189, signal 153132/157959 (executing program) 1970/01/01 00:08:19 fetching corpus: 2239, signal 154666/158720 (executing program) 1970/01/01 00:08:22 fetching corpus: 2289, signal 155914/159356 (executing program) 1970/01/01 00:08:26 fetching corpus: 2339, signal 157033/159862 (executing program) 1970/01/01 00:08:29 fetching corpus: 2389, signal 158240/160388 (executing program) 1970/01/01 00:08:31 fetching corpus: 2439, signal 159116/160777 (executing program) 1970/01/01 00:08:34 fetching corpus: 2487, signal 159906/161123 (executing program) 1970/01/01 00:08:34 fetching corpus: 2487, signal 159906/161148 (executing program) 1970/01/01 00:08:34 fetching corpus: 2487, signal 159906/161170 (executing program) 1970/01/01 00:08:34 fetching corpus: 2487, signal 159906/161195 (executing program) 1970/01/01 00:08:35 fetching corpus: 2487, signal 159906/161216 (executing program) 1970/01/01 00:08:35 fetching corpus: 2487, signal 159906/161243 (executing program) 1970/01/01 00:08:35 fetching corpus: 2487, signal 159906/161265 (executing program) 1970/01/01 00:08:35 fetching corpus: 2487, signal 159906/161292 (executing program) 1970/01/01 00:08:35 fetching corpus: 2487, signal 159906/161317 (executing program) 1970/01/01 00:08:36 fetching corpus: 2487, signal 159906/161334 (executing program) 1970/01/01 00:08:36 fetching corpus: 2487, signal 159906/161354 (executing program) 1970/01/01 00:08:36 fetching corpus: 2487, signal 159906/161384 (executing program) 1970/01/01 00:08:36 fetching corpus: 2487, signal 159906/161404 (executing program) 1970/01/01 00:08:36 fetching corpus: 2487, signal 159906/161422 (executing program) 1970/01/01 00:08:36 fetching corpus: 2487, signal 159906/161443 (executing program) 1970/01/01 00:08:36 fetching corpus: 2487, signal 159906/161468 (executing program) 1970/01/01 00:08:37 fetching corpus: 2487, signal 159906/161495 (executing program) 1970/01/01 00:08:37 fetching corpus: 2487, signal 159906/161518 (executing program) 1970/01/01 00:08:37 fetching corpus: 2487, signal 159906/161537 (executing program) 1970/01/01 00:08:37 fetching corpus: 2487, signal 159906/161555 (executing program) 1970/01/01 00:08:37 fetching corpus: 2487, signal 159906/161583 (executing program) 1970/01/01 00:08:37 fetching corpus: 2487, signal 159906/161609 (executing program) 1970/01/01 00:08:37 fetching corpus: 2487, signal 159906/161638 (executing program) 1970/01/01 00:08:37 fetching corpus: 2488, signal 159920/161683 (executing program) 1970/01/01 00:08:38 fetching corpus: 2488, signal 159920/161704 (executing program) 1970/01/01 00:08:38 fetching corpus: 2488, signal 159920/161737 (executing program) 1970/01/01 00:08:38 fetching corpus: 2488, signal 159920/161758 (executing program) 1970/01/01 00:08:38 fetching corpus: 2488, signal 159920/161778 (executing program) 1970/01/01 00:08:38 fetching corpus: 2488, signal 159920/161798 (executing program) 1970/01/01 00:08:38 fetching corpus: 2488, signal 159920/161821 (executing program) 1970/01/01 00:08:38 fetching corpus: 2488, signal 159920/161843 (executing program) 1970/01/01 00:08:38 fetching corpus: 2488, signal 159920/161843 (executing program) 1970/01/01 00:10:32 starting 2 fuzzer processes 00:10:32 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000040)=0x7, 0x4) sendmmsg$inet6(r0, &(0x7f0000000680)=[{{&(0x7f0000000000)={0x2, 0x4e23, 0x0, @local}, 0x1c, 0x0}}], 0x1, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_udp_int(r1, 0x11, 0x1, &(0x7f0000000040)=0x7, 0x4) sendmmsg$inet6(r1, &(0x7f0000002d40)=[{{&(0x7f0000000300)={0xa, 0x4e23, 0x0, @local}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000001c00)=[{&(0x7f00000000c0)="10", 0x1}], 0x1}}], 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000006c0)='v', 0x1}], 0x1}}], 0x1, 0x0) sendmmsg$inet6(r1, &(0x7f0000001d80)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000700)='@', 0x1}], 0x1}}], 0x1, 0x0) 00:10:32 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0) ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, 0x0) [ 659.612148][ T2048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 660.059442][ T2048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 660.905469][ T2049] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 661.675036][ T2049] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 672.112751][ T2048] device hsr_slave_0 entered promiscuous mode [ 672.152998][ T2048] device hsr_slave_1 entered promiscuous mode [ 674.000384][ T2049] device hsr_slave_0 entered promiscuous mode [ 674.020400][ T2049] device hsr_slave_1 entered promiscuous mode [ 674.053131][ T2049] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 674.068895][ T2049] Cannot create hsr debugfs directory [ 678.819406][ T2048] Kernel panic - not syncing: corrupted stack end detected inside scheduler [ 678.821219][ T2048] CPU: 0 PID: 2048 Comm: syz-executor.0 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 678.823085][ T2048] Hardware name: riscv-virtio,qemu (DT) [ 678.825269][ T2048] Call Trace: [ 678.826165][ T2048] [] dump_backtrace+0x2e/0x3c [ 678.827881][ T2048] [] show_stack+0x34/0x40 [ 678.828955][ T2048] [] dump_stack_lvl+0xe4/0x150 [ 678.830113][ T2048] [] dump_stack+0x1c/0x24 [ 678.831209][ T2048] [] panic+0x24a/0x634 [ 678.832203][ T2048] [] schedule+0x0/0x14c [ 678.833279][ T2048] [] preempt_schedule_common+0x4e/0xde [ 678.834607][ T2048] [] preempt_schedule+0x34/0x36 [ 678.835849][ T2048] [] __kernfs_new_node+0x5e8/0x5f2 [ 678.837857][ T2048] [] kernfs_new_node+0x66/0xbe [ 678.839586][ T2048] [] __kernfs_create_file+0x4e/0x1e8 [ 678.840796][ T2048] [] sysfs_add_file_mode_ns+0x138/0x254 [ 678.842085][ T2048] [] internal_create_group+0x274/0x722 [ 678.843327][ T2048] [] internal_create_groups.part.0+0x64/0xe8 [ 678.844683][ T2048] [] sysfs_create_groups+0x2c/0x48 [ 678.845915][ T2048] [] device_add+0x6d6/0x129e [ 678.847759][ T2048] [] netdev_register_kobject+0xcc/0x208 [ 678.849691][ T2048] [] register_netdevice+0x8ee/0xc6a [ 678.851048][ T2048] [] geneve_configure+0x48c/0x748 [ 678.852255][ T2048] [] geneve_newlink+0x14c/0x222 [ 678.853466][ T2048] [] __rtnl_newlink+0xc16/0xfa0 [ 678.854647][ T2048] [] rtnl_newlink+0x60/0x8c [ 678.855728][ T2048] [] rtnetlink_rcv_msg+0x338/0x9a0 [ 678.857255][ T2048] [] netlink_rcv_skb+0xf8/0x2be [ 678.858788][ T2048] [] rtnetlink_rcv+0x26/0x30 [ 678.859851][ T2048] [] netlink_unicast+0x40e/0x5fe [ 678.860938][ T2048] [] netlink_sendmsg+0x4e0/0x994 [ 678.862028][ T2048] [] sock_sendmsg+0xa0/0xc4 [ 678.863134][ T2048] [] __sys_sendto+0x1f2/0x2e0 [ 678.864184][ T2048] [] sys_sendto+0x3e/0x52 [ 678.865286][ T2048] [] ret_from_syscall+0x0/0x2 [ 678.866760][ T2048] SMP: stopping secondary CPUs [ 678.870241][ T2048] Rebooting in 86400 seconds.. VM DIAGNOSIS: 18:57:17 Registers: info registers vcpu 0 pc ffffffff8011edb6 mhartid 0000000000000000 mstatus 00000000000000a0 mip 0000000000000200 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff8000f97e sepc ffffffff801165e0 mcause 0000000000000009 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff8011eda6 x2/sp ffffaf800ec1a260 x3/gp ffffffff85863ac0 x4/tp ffffaf8009d71840 x5/t0 ffffffff86bcb657 x6/t1 fffffffef0d796ca x7/t2 0000000000000000 x8/s0 ffffaf800ec1a440 x9/s1 0000000000000000 x10/a0 000000000000003d x11/a1 00000000000f0000 x12/a2 0000000000000002 x13/a3 ffffffff8011c8a6 x14/a4 fc7a791879b35400 x15/a5 0000000000000020 x16/a6 ffffffff86bcb67d x17/a7 ffffffff86bcb656 x18/s2 000000000000003d x19/s3 000000000000000f x20/s4 ffffaf800ec1a3c0 x21/s5 ffffaf800ec1a2e0 x22/s6 ffffffff8588c1a0 x23/s7 ffffffff8588c3e0 x24/s8 ffffffff8588c220 x25/s9 ffffffff84a88520 x26/s10 ffffffff858655c0 x27/s11 ffffaf800ec1a3c0 x28/t3 0000000000000048 x29/t4 fffffffef0d796c8 x30/t5 fffffffef0d796cb x31/t6 ffffffff86bcb657 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc 00007fffacf4d294 mhartid 0000000000000001 mstatus 00000000000040a2 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff8000f97e sepc 00007fffacd8b268 mcause 0000000000000009 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra 00007fffacf4d294 x2/sp 00007fffd8755020 x3/gp 00007fffad170a68 x4/tp 00007fffacd4b6c8 x5/t0 000000000b0be4f6 x6/t1 0000000014b30f8f x7/t2 ffffffffc78f0e1a x8/s0 0000000000000180 x9/s1 00007fffb0755c34 x10/a0 fffffffff9a0677b x11/a1 000000000b0be4f6 x12/a2 ffffffffabd98fd1 x13/a3 0000000032bfd949 x14/a4 000000000000008b x15/a5 0000000000000008 x16/a6 ffffffffb6f0d15f x17/a7 000000005dc82081 x18/s2 00007fffb0760620 x19/s3 0000000000000040 x20/s4 00000000622cc4d5 x21/s5 ffffffffab8a10d1 x22/s6 00007fffd87550c0 x23/s7 00007fffd8755080 x24/s8 00007fffd8755040 x25/s9 0000000000000000 x26/s10 ffffffffd5d26a40 x27/s11 fffffffff4dc0b78 x28/t3 0000000047d8de5a x29/t4 ffffffff827c4cd9 x30/t5 000000006af29c30 x31/t6 0000000061707865 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000