syzkaller login: [ 101.413181][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 101.467017][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 101.504801][ T2050] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:26416' (ECDSA) to the list of known hosts. 1970/01/01 00:02:10 fuzzer started 1970/01/01 00:02:14 connecting to host at localhost:34139 1970/01/01 00:02:15 checking machine... 1970/01/01 00:02:15 checking revisions... 1970/01/01 00:02:17 testing simple program... [ 138.650444][ T2210] cgroup: Unknown subsys name 'net' executing program [ 139.169781][ T2210] cgroup: Unknown subsys name 'rlimit' executing program executing program [ 145.133304][ T2213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 145.166022][ T2213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link executing program [ 147.790752][ T2213] device hsr_slave_0 entered promiscuous mode [ 147.856886][ T2213] device hsr_slave_1 entered promiscuous mode [ 149.859841][ T2213] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 149.953050][ T2213] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 150.033360][ T2213] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 150.105196][ T2213] netdevsim netdevsim0 netdevsim3: renamed from eth3 executing program [ 152.097342][ T2213] 8021q: adding VLAN 0 to HW filter on device bond0 [ 152.231609][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 152.263331][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 153.411920][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 153.426244][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 153.484312][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 153.517201][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 153.582767][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 153.639769][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready executing program [ 153.793502][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 153.807567][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 153.853839][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 153.860265][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 153.903601][ T2213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 154.926672][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 154.930457][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready executing program [ 157.740855][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 157.755209][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 159.171272][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 159.185956][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 159.210944][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 159.227105][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 159.275522][ T2213] device veth0_vlan entered promiscuous mode [ 159.392291][ T2213] device veth1_vlan entered promiscuous mode [ 159.634792][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready executing program [ 159.663536][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 159.716385][ T2213] device veth0_macvtap entered promiscuous mode [ 159.771569][ T2213] device veth1_macvtap entered promiscuous mode [ 159.882377][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 159.896732][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 159.909842][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 159.915005][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 159.995855][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 160.007334][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 160.067547][ T2213] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.071301][ T2213] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.071789][ T2213] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.072180][ T2213] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.395990][ C1] ------------[ cut here ]------------ [ 160.396718][ C1] WARNING: CPU: 1 PID: 35 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 160.397207][ C1] Modules linked in: [ 160.397448][ C1] CPU: 1 PID: 35 Comm: kworker/u4:2 Tainted: G W 6.0.0-syzkaller-11990-g9c9155a3509a #0 [ 160.397831][ C1] Hardware name: linux,dummy-virt (DT) [ 160.398261][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 160.398807][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 160.399213][ C1] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 160.399924][ C1] lr : wg_packet_receive+0x978/0x1560 [ 160.400179][ C1] sp : ffff800010ab7440 [ 160.401311][ C1] x29: ffff800010ab7440 x28: 0000000000000001 x27: 1fffe000013c0a19 [ 160.402102][ C1] x26: 0000000000000000 x25: ffff80000de5c000 x24: 0000000000000000 [ 160.402534][ C1] x23: 0000000000000003 x22: ffff80000de5cb68 x21: 0000000000000001 [ 160.402913][ C1] x20: ffff000009e050c8 x19: ffff80000de5cd50 x18: ffff000013a6a338 [ 160.403402][ C1] x17: 1fffe00001343e0c x16: 1fffe0000274d457 x15: ffff000013a6a2c0 [ 160.403997][ C1] x14: 1ffff00002156e60 x13: 0000000000000000 x12: ffff6000013c0a91 [ 160.404626][ C1] x11: 1fffe000013c0a90 x10: ffff6000013c0a90 x9 : dfff800000000000 [ 160.405220][ C1] x8 : ffff000009e05483 x7 : 00009ffffec3f570 x6 : 0000000000000001 [ 160.405817][ C1] x5 : ffff000009e05480 x4 : ffff700001bcb9aa x3 : dfff800000000000 [ 160.406503][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 160.407129][ C1] Call trace: [ 160.407447][ C1] wg_cpumask_next_online+0x1c0/0x2c0 [ 160.408009][ C1] wg_packet_receive+0x978/0x1560 [ 160.408346][ C1] wg_receive+0x58/0xb0 [ 160.408727][ C1] udp_queue_rcv_one_skb+0x820/0x1a8c [ 160.409257][ C1] udp_queue_rcv_skb+0x134/0x7e0 [ 160.409629][ C1] udp_unicast_rcv_skb+0xe8/0x2e0 [ 160.410097][ C1] __udp4_lib_rcv+0xcf0/0x31b0 [ 160.410313][ C1] udp_rcv+0x20/0x30 [ 160.410541][ C1] ip_protocol_deliver_rcu+0xbc/0x634 [ 160.410982][ C1] ip_local_deliver_finish+0x248/0x3ac [ 160.411245][ C1] ip_local_deliver+0x16c/0x384 [ 160.411616][ C1] ip_rcv_finish+0x144/0x224 [ 160.411898][ C1] ip_rcv+0xc0/0x2b0 [ 160.412118][ C1] __netif_receive_skb_one_core+0xf4/0x170 [ 160.412407][ C1] __netif_receive_skb+0x24/0x184 [ 160.412705][ C1] process_backlog+0x24c/0x6b0 [ 160.412965][ C1] __napi_poll+0x94/0x3a4 [ 160.413188][ C1] net_rx_action+0x78c/0xb60 [ 160.413429][ C1] _stext+0x28c/0x107c [ 160.413766][ C1] ____do_softirq+0x10/0x20 [ 160.414013][ C1] call_on_irq_stack+0x2c/0x54 [ 160.414266][ C1] do_softirq_own_stack+0x1c/0x30 [ 160.414505][ C1] do_softirq.part.0+0xd0/0xf4 [ 160.414743][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 160.414987][ C1] _raw_read_unlock_bh+0x54/0x64 [ 160.415255][ C1] wg_socket_send_skb_to_peer+0xf0/0x190 [ 160.415485][ C1] wg_socket_send_buffer_to_peer+0x110/0x160 [ 160.415764][ C1] wg_packet_send_handshake_initiation+0x1a8/0x274 [ 160.416045][ C1] wg_packet_handshake_send_worker+0x1c/0x34 [ 160.416268][ C1] process_one_work+0x780/0x184c [ 160.416510][ C1] worker_thread+0x3cc/0xc40 [ 160.416796][ C1] kthread+0x23c/0x2a0 [ 160.417078][ C1] ret_from_fork+0x10/0x20 [ 160.417444][ C1] irq event stamp: 53131 [ 160.417830][ C1] hardirqs last enabled at (53130): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 160.418433][ C1] hardirqs last disabled at (53131): [] el1_dbg+0x24/0x80 [ 160.419046][ C1] softirqs last enabled at (53122): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 160.419487][ C1] softirqs last disabled at (53123): [] ____do_softirq+0x10/0x20 [ 160.419897][ C1] ---[ end trace 0000000000000000 ]--- [ 160.456107][ C1] ------------[ cut here ]------------ [ 160.456986][ C1] WARNING: CPU: 1 PID: 24 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 160.457491][ C1] Modules linked in: [ 160.457970][ C1] CPU: 1 PID: 24 Comm: kworker/1:1 Tainted: G W 6.0.0-syzkaller-11990-g9c9155a3509a #0 [ 160.458472][ C1] Hardware name: linux,dummy-virt (DT) [ 160.458781][ C1] Workqueue: wg-crypt-wg1 wg_packet_decrypt_worker [ 160.459253][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 160.459603][ C1] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 160.459947][ C1] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 160.460269][ C1] sp : ffff800010ab7960 [ 160.460569][ C1] x29: ffff800010ab7960 x28: ffff00000ffa7400 x27: 0000000000000001 [ 160.461071][ C1] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe00002b386a6 [ 160.461573][ C1] x23: ffff0000159c3528 x22: ffff80000de5cd50 x21: ffff000015b71c20 [ 160.462003][ C1] x20: ffff0000159c3500 x19: ffff000009e04c40 x18: 0000000089c98e7a [ 160.462484][ C1] x17: ffff80005cbe4000 x16: ffff800010ab8000 x15: 0000000000008000 [ 160.462955][ C1] x14: 1ffff00002156efa x13: 1fffe000012764b3 x12: ffff600002b6e386 [ 160.463469][ C1] x11: ffff700001bcb9aa x10: dfff800000000000 x9 : 0000000000000003 [ 160.463899][ C1] x8 : ffff80000de5c000 x7 : 1fffe000013c09b9 x6 : 0000000000000000 [ 160.464350][ C1] x5 : ffff000009e04dc8 x4 : ffff80000de5cb68 x3 : ffff800009f2c4b4 [ 160.464848][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 160.465347][ C1] Call trace: [ 160.465650][ C1] wg_packet_send_staged_packets+0xe38/0x1380 [ 160.466020][ C1] wg_packet_rx_poll+0xd94/0x1580 [ 160.466358][ C1] __napi_poll+0x94/0x3a4 [ 160.466704][ C1] net_rx_action+0x78c/0xb60 [ 160.467032][ C1] _stext+0x28c/0x107c [ 160.467361][ C1] ____do_softirq+0x10/0x20 [ 160.467843][ C1] call_on_irq_stack+0x2c/0x54 [ 160.468237][ C1] do_softirq_own_stack+0x1c/0x30 [ 160.468789][ C1] do_softirq.part.0+0xd0/0xf4 [ 160.470166][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 160.471340][ C1] _raw_spin_unlock_bh+0x54/0x64 [ 160.472791][ C1] wg_packet_decrypt_worker+0x210/0x3c0 [ 160.475079][ C1] process_one_work+0x780/0x184c [ 160.476368][ C1] worker_thread+0x3cc/0xc40 [ 160.478102][ C1] kthread+0x23c/0x2a0 [ 160.478500][ C1] ret_from_fork+0x10/0x20 [ 160.478875][ C1] irq event stamp: 58559 [ 160.479276][ C1] hardirqs last enabled at (58558): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 160.480116][ C1] hardirqs last disabled at (58559): [] el1_dbg+0x24/0x80 [ 160.480822][ C1] softirqs last enabled at (58536): [] wg_packet_decrypt_worker+0x210/0x3c0 [ 160.481332][ C1] softirqs last disabled at (58537): [] ____do_softirq+0x10/0x20 [ 160.481665][ C1] ---[ end trace 0000000000000000 ]--- 1970/01/01 00:02:41 building call list... [ 162.469143][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 162.844678][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.183255][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.644184][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 167.537406][ T35] device hsr_slave_0 left promiscuous mode [ 167.620672][ T35] device hsr_slave_1 left promiscuous mode [ 167.802976][ T35] device veth1_macvtap left promiscuous mode [ 167.804464][ T35] device veth0_macvtap left promiscuous mode [ 167.814091][ T35] device veth1_vlan left promiscuous mode [ 167.816678][ T35] device veth0_vlan left promiscuous mode executing program [ 171.271340][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 171.464374][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface executing program [ 172.365563][ T35] bond0 (unregistering): Released all slaves executing program executing program executing program executing program executing program [ 187.395887][ T2205] can: request_module (can-proto-0) failed. [ 187.619685][ T2205] can: request_module (can-proto-0) failed. [ 187.877417][ T2205] can: request_module (can-proto-0) failed. executing program VM DIAGNOSIS: 05:25:17 Registers: info registers vcpu 0 PC=ffff8000082f73f0 X00=0000000000000000 X01=00000000000000c0 X02=0000000000000003 X03=1fffe0000148d369 X04=00000000f204f1f1 X05=ffff70000222ce94 X06=dfff800000000000 X07=00000000f1f1f1f1 X08=ffff8000111674d3 X09=dfff800000000000 X10=ffff70000222ce9a X11=1ffff0000222ce9a X12=ffff70000222ce9b X13=0000000000000000 X14=1ffff0000222ce70 X15=00000000000871a8 X16=0000000000000000 X17=0000000000000000 X18=0000000000000000 X19=0000000000000000 X20=ffff00000a46a550 X21=ffff80000e03ca80 X22=0000000000000028 X23=ffff00000a46a528 X24=ffff80000de06c48 X25=ffff80000c991f40 X26=00000000ffffffff X27=00000000000000c0 X28=ffff00000a469b40 X29=ffff800011167430 X30=ffff80000c8f3090 SP=ffff800011167430 PSTATE=100000c5 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=0000000000000000:0000000000000000 Q02=0000000000000000:0000000000000000 Q03=0000000000000000:0000000000000000 Q04=0000000000000000:0000000000000000 Q05=0000000000000000:0000000000000000 Q06=0000000000000000:0000000000000000 Q07=0000000000000000:0000000000000000 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff8000096af240 X00=0000000000000002 X01=0000000000000000 X02=0000000000000002 X03=1fffe0000134d22e X04=0000000000000000 X05=0000000000000002 X06=1fffe0000134d22e X07=0000000000000030 X08=ffff800010ab6a33 X09=dfff800000000000 X10=ffff700002156d46 X11=1ffff00002156d46 X12=ffff700002156d47 X13=0000000000000000 X14=1ffff00002156d1c X15=3a37327820313030 X16=3030656666663120 X17=3161306333313030 X18=ffff000013a6a338 X19=ffff000009a69080 X20=ffff80000e573720 X21=ffff800010aad000 X22=0000000000000030 X23=dfff800000000000 X24=ffff8000107777b9 X25=0000000000000006 X26=ffff000009a69080 X27=dfff800000000000 X28=0000000000000059 X29=ffff800010ab6a10 X30=ffff8000096af240 SP=ffff800010ab6a10 PSTATE=800003c5 N--- EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=0000000000000000:0000000000000000 Q02=0000000000000000:0000000000000000 Q03=0000000000000000:0000000000000000 Q04=0000000000000000:0000000000000000 Q05=0000000000000000:0000000000000000 Q06=0000000000000000:0000000000000000 Q07=0000000000000000:0000000000000000 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000