syzkaller login: [ 265.047369][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 265.157072][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 265.264710][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 265.298109][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 286.080850][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:3207' (ECDSA) to the list of known hosts. 1970/01/01 00:05:54 fuzzer started 1970/01/01 00:06:05 dialing manager at localhost:34581 [ 372.268076][ T2026] cgroup: Unknown subsys name 'net' [ 373.507092][ T2026] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:06:13 syscalls: 2918 1970/01/01 00:06:13 code coverage: enabled 1970/01/01 00:06:13 comparison tracing: enabled 1970/01/01 00:06:13 extra coverage: enabled 1970/01/01 00:06:13 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:06:13 setuid sandbox: enabled 1970/01/01 00:06:13 namespace sandbox: enabled 1970/01/01 00:06:13 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:06:13 fault injection: enabled 1970/01/01 00:06:13 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:06:13 net packet injection: enabled 1970/01/01 00:06:13 net device setup: enabled 1970/01/01 00:06:13 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:06:13 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:06:13 NIC VF setup: PCI device 0000:00:11.0 is not available 1970/01/01 00:06:13 USB emulation: enabled 1970/01/01 00:06:13 hci packet injection: /dev/vhci does not exist 1970/01/01 00:06:13 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:06:13 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:06:13 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:06:18 fetching corpus: 50, signal 30491/33898 (executing program) 1970/01/01 00:06:21 fetching corpus: 100, signal 43417/48160 (executing program) 1970/01/01 00:06:26 fetching corpus: 150, signal 50646/56668 (executing program) 1970/01/01 00:06:33 fetching corpus: 200, signal 58645/65756 (executing program) 1970/01/01 00:06:35 fetching corpus: 250, signal 63835/72068 (executing program) 1970/01/01 00:06:39 fetching corpus: 299, signal 70758/79880 (executing program) 1970/01/01 00:06:42 fetching corpus: 349, signal 76356/86414 (executing program) 1970/01/01 00:06:44 fetching corpus: 399, signal 80089/91111 (executing program) 1970/01/01 00:06:47 fetching corpus: 449, signal 83459/95375 (executing program) 1970/01/01 00:06:52 fetching corpus: 498, signal 88539/101076 (executing program) 1970/01/01 00:06:55 fetching corpus: 548, signal 90505/103918 (executing program) 1970/01/01 00:06:58 fetching corpus: 598, signal 93947/108088 (executing program) 1970/01/01 00:07:00 fetching corpus: 648, signal 97025/111837 (executing program) 1970/01/01 00:07:03 fetching corpus: 698, signal 99414/114981 (executing program) 1970/01/01 00:07:05 fetching corpus: 748, signal 101545/117779 (executing program) 1970/01/01 00:07:09 fetching corpus: 798, signal 103372/120241 (executing program) 1970/01/01 00:07:15 fetching corpus: 846, signal 104794/122445 (executing program) 1970/01/01 00:07:18 fetching corpus: 895, signal 106697/124918 (executing program) 1970/01/01 00:07:21 fetching corpus: 945, signal 109246/127960 (executing program) 1970/01/01 00:07:24 fetching corpus: 994, signal 110836/130164 (executing program) 1970/01/01 00:07:26 fetching corpus: 1044, signal 113053/132807 (executing program) 1970/01/01 00:07:29 fetching corpus: 1094, signal 114942/135175 (executing program) 1970/01/01 00:07:33 fetching corpus: 1143, signal 116418/137211 (executing program) 1970/01/01 00:07:35 fetching corpus: 1192, signal 117568/138951 (executing program) 1970/01/01 00:07:38 fetching corpus: 1242, signal 119286/141101 (executing program) 1970/01/01 00:07:40 fetching corpus: 1292, signal 120693/143020 (executing program) 1970/01/01 00:07:43 fetching corpus: 1341, signal 122648/145270 (executing program) 1970/01/01 00:07:47 fetching corpus: 1391, signal 124322/147257 (executing program) 1970/01/01 00:07:50 fetching corpus: 1440, signal 125754/149042 (executing program) 1970/01/01 00:07:55 fetching corpus: 1490, signal 127930/151348 (executing program) 1970/01/01 00:07:58 fetching corpus: 1540, signal 129203/152950 (executing program) 1970/01/01 00:08:00 fetching corpus: 1589, signal 130493/154577 (executing program) 1970/01/01 00:08:03 fetching corpus: 1638, signal 131832/156206 (executing program) 1970/01/01 00:08:05 fetching corpus: 1688, signal 134486/158709 (executing program) 1970/01/01 00:08:08 fetching corpus: 1738, signal 135383/159987 (executing program) 1970/01/01 00:08:10 fetching corpus: 1787, signal 136815/161584 (executing program) 1970/01/01 00:08:13 fetching corpus: 1836, signal 138541/163377 (executing program) 1970/01/01 00:08:17 fetching corpus: 1886, signal 139538/164670 (executing program) 1970/01/01 00:08:19 fetching corpus: 1936, signal 140509/165856 (executing program) 1970/01/01 00:08:21 fetching corpus: 1986, signal 142077/167418 (executing program) 1970/01/01 00:08:23 fetching corpus: 2036, signal 143230/168744 (executing program) 1970/01/01 00:08:26 fetching corpus: 2086, signal 144084/169861 (executing program) 1970/01/01 00:08:29 fetching corpus: 2135, signal 145374/171206 (executing program) 1970/01/01 00:08:32 fetching corpus: 2185, signal 147027/172708 (executing program) 1970/01/01 00:08:34 fetching corpus: 2235, signal 148444/174068 (executing program) 1970/01/01 00:08:37 fetching corpus: 2285, signal 149563/175228 (executing program) 1970/01/01 00:08:40 fetching corpus: 2335, signal 150450/176247 (executing program) 1970/01/01 00:08:42 fetching corpus: 2383, signal 151117/177105 (executing program) 1970/01/01 00:08:44 fetching corpus: 2433, signal 152854/178514 (executing program) 1970/01/01 00:08:46 fetching corpus: 2483, signal 154070/179640 (executing program) 1970/01/01 00:08:49 fetching corpus: 2533, signal 155081/180647 (executing program) 1970/01/01 00:08:52 fetching corpus: 2583, signal 156085/181623 (executing program) 1970/01/01 00:08:54 fetching corpus: 2633, signal 157359/182657 (executing program) 1970/01/01 00:08:58 fetching corpus: 2683, signal 158494/183703 (executing program) 1970/01/01 00:09:01 fetching corpus: 2732, signal 159495/184544 (executing program) 1970/01/01 00:09:04 fetching corpus: 2781, signal 160634/185498 (executing program) 1970/01/01 00:09:06 fetching corpus: 2831, signal 161456/186300 (executing program) 1970/01/01 00:09:11 fetching corpus: 2881, signal 162599/187240 (executing program) 1970/01/01 00:09:13 fetching corpus: 2930, signal 163934/188172 (executing program) 1970/01/01 00:09:15 fetching corpus: 2980, signal 164495/188811 (executing program) 1970/01/01 00:09:17 fetching corpus: 3030, signal 165541/189606 (executing program) 1970/01/01 00:09:19 fetching corpus: 3080, signal 166700/190469 (executing program) 1970/01/01 00:09:20 fetching corpus: 3129, signal 167278/191060 (executing program) 1970/01/01 00:09:22 fetching corpus: 3178, signal 168129/191714 (executing program) 1970/01/01 00:09:25 fetching corpus: 3227, signal 168862/192365 (executing program) 1970/01/01 00:09:27 fetching corpus: 3277, signal 169466/192930 (executing program) 1970/01/01 00:09:29 fetching corpus: 3327, signal 170119/193500 (executing program) 1970/01/01 00:09:31 fetching corpus: 3377, signal 171094/194171 (executing program) 1970/01/01 00:09:34 fetching corpus: 3427, signal 172053/194838 (executing program) 1970/01/01 00:09:38 fetching corpus: 3475, signal 172677/195353 (executing program) 1970/01/01 00:09:40 fetching corpus: 3523, signal 173407/195883 (executing program) 1970/01/01 00:09:42 fetching corpus: 3573, signal 173987/196351 (executing program) 1970/01/01 00:09:45 fetching corpus: 3623, signal 175062/196913 (executing program) 1970/01/01 00:09:47 fetching corpus: 3672, signal 175933/197484 (executing program) 1970/01/01 00:09:50 fetching corpus: 3722, signal 176625/197944 (executing program) 1970/01/01 00:09:52 fetching corpus: 3772, signal 177365/198394 (executing program) 1970/01/01 00:09:54 fetching corpus: 3822, signal 178110/198842 (executing program) 1970/01/01 00:09:58 fetching corpus: 3872, signal 178862/199265 (executing program) 1970/01/01 00:10:07 fetching corpus: 3921, signal 179567/199670 (executing program) 1970/01/01 00:10:10 fetching corpus: 3970, signal 180220/200028 (executing program) 1970/01/01 00:10:13 fetching corpus: 4019, signal 180657/200370 (executing program) 1970/01/01 00:10:16 fetching corpus: 4069, signal 181262/200741 (executing program) 1970/01/01 00:10:18 fetching corpus: 4118, signal 182047/201105 (executing program) 1970/01/01 00:10:21 fetching corpus: 4167, signal 182425/201408 (executing program) 1970/01/01 00:10:23 fetching corpus: 4216, signal 183146/201744 (executing program) 1970/01/01 00:10:26 fetching corpus: 4266, signal 183833/202088 (executing program) 1970/01/01 00:10:29 fetching corpus: 4315, signal 184451/202404 (executing program) 1970/01/01 00:10:31 fetching corpus: 4364, signal 185281/202714 (executing program) 1970/01/01 00:10:34 fetching corpus: 4414, signal 186073/203012 (executing program) 1970/01/01 00:10:37 fetching corpus: 4463, signal 186845/203279 (executing program) 1970/01/01 00:10:38 fetching corpus: 4513, signal 187551/203559 (executing program) 1970/01/01 00:10:41 fetching corpus: 4563, signal 188041/203783 (executing program) 1970/01/01 00:10:43 fetching corpus: 4613, signal 188550/203997 (executing program) 1970/01/01 00:10:45 fetching corpus: 4662, signal 189212/204202 (executing program) 1970/01/01 00:10:48 fetching corpus: 4712, signal 190027/204433 (executing program) 1970/01/01 00:10:50 fetching corpus: 4762, signal 190555/204625 (executing program) 1970/01/01 00:10:52 fetching corpus: 4812, signal 191059/204794 (executing program) 1970/01/01 00:10:54 fetching corpus: 4862, signal 191647/204956 (executing program) 1970/01/01 00:10:57 fetching corpus: 4912, signal 192311/205131 (executing program) 1970/01/01 00:10:59 fetching corpus: 4962, signal 193129/205300 (executing program) 1970/01/01 00:11:01 fetching corpus: 5012, signal 193795/205430 (executing program) 1970/01/01 00:11:04 fetching corpus: 5062, signal 194350/205517 (executing program) 1970/01/01 00:11:06 fetching corpus: 5112, signal 194975/205538 (executing program) 1970/01/01 00:11:10 fetching corpus: 5162, signal 195612/205538 (executing program) 1970/01/01 00:11:12 fetching corpus: 5212, signal 196152/205538 (executing program) 1970/01/01 00:11:15 fetching corpus: 5262, signal 196705/205538 (executing program) 1970/01/01 00:11:16 fetching corpus: 5312, signal 197207/205538 (executing program) 1970/01/01 00:11:20 fetching corpus: 5362, signal 197967/205538 (executing program) 1970/01/01 00:11:22 fetching corpus: 5411, signal 198469/205538 (executing program) 1970/01/01 00:11:25 fetching corpus: 5460, signal 199046/205538 (executing program) 1970/01/01 00:11:26 fetching corpus: 5509, signal 199554/205538 (executing program) 1970/01/01 00:11:29 fetching corpus: 5559, signal 200186/205538 (executing program) 1970/01/01 00:11:32 fetching corpus: 5608, signal 201402/205560 (executing program) 1970/01/01 00:11:35 fetching corpus: 5658, signal 201952/205679 (executing program) 1970/01/01 00:11:38 fetching corpus: 5708, signal 202782/205680 (executing program) 1970/01/01 00:11:39 fetching corpus: 5757, signal 203247/205680 (executing program) 1970/01/01 00:11:42 fetching corpus: 5807, signal 203685/205680 (executing program) 1970/01/01 00:11:44 fetching corpus: 5848, signal 204013/205682 (executing program) 1970/01/01 00:11:44 fetching corpus: 5848, signal 204013/205682 (executing program) 1970/01/01 00:14:05 starting 2 fuzzer processes 00:14:05 executing program 0: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_clone(0x0, 0x0, 0xfffffe55, 0x0, 0x0, 0x0) process_vm_writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/46, 0x2e}], 0x1, &(0x7f0000000000)=[{&(0x7f0000002980)=""/70, 0x46}], 0x1, 0x0) 00:14:06 executing program 1: r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_timestamps\x00', 0x1, 0x0) lseek(r0, 0x0, 0x3) [ 873.669079][ T2043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 874.225011][ T2043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 874.333676][ T2044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 875.970586][ T2044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 888.620308][ T2043] device hsr_slave_0 entered promiscuous mode [ 888.662312][ T2043] device hsr_slave_1 entered promiscuous mode [ 891.126808][ T2044] device hsr_slave_0 entered promiscuous mode [ 891.216260][ T2044] device hsr_slave_1 entered promiscuous mode [ 891.263643][ T2044] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 891.268351][ T2044] Cannot create hsr debugfs directory [ 901.524000][ T2043] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 901.853622][ T2043] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 901.998084][ T2043] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 902.297829][ T2043] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 904.128879][ T2044] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 904.404786][ T2044] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 904.846727][ T2044] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 905.059243][ T2044] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 921.387453][ T2043] 8021q: adding VLAN 0 to HW filter on device bond0 [ 922.457275][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 922.568384][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 926.663262][ T2044] 8021q: adding VLAN 0 to HW filter on device bond0 [ 927.507686][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 927.615893][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 936.746609][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 936.814401][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 937.164667][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 937.266723][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 937.894156][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 938.404273][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 939.696729][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 939.769647][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 940.394690][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 940.496449][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 940.884541][ T2043] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 941.926290][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 942.030241][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 942.484100][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 942.516687][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 942.714030][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 942.985966][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 943.697168][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 943.765334][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 944.088543][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 944.154650][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 944.480819][ T2044] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 948.048570][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 948.066841][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 951.095372][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 951.114705][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 962.974964][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 963.034850][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 966.135360][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 966.155729][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 970.883925][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 970.913974][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 971.018847][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 971.038608][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 971.066245][ T2043] device veth0_vlan entered promiscuous mode [ 971.575616][ T2043] device veth1_vlan entered promiscuous mode [ 972.704569][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 972.759303][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 972.979601][ T2043] device veth0_macvtap entered promiscuous mode [ 973.310155][ T2043] device veth1_macvtap entered promiscuous mode [ 973.542618][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 973.634594][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 974.366834][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 974.430563][ T2483] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 974.793669][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 974.817520][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 975.348372][ T2043] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 975.357349][ T2043] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 975.359411][ T2043] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 975.375494][ T2043] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 975.917600][ T2044] device veth0_vlan entered promiscuous mode [ 976.499041][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 976.553157][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 976.650551][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 976.704254][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 977.049965][ T2044] device veth1_vlan entered promiscuous mode [ 979.410769][ T2044] device veth0_macvtap entered promiscuous mode [ 979.670308][ T2044] device veth1_macvtap entered promiscuous mode [ 979.794457][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 979.855610][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 979.908263][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 980.146643][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 980.684589][ T1793] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 980.806855][ T1793] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 981.369863][ T2044] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 981.384693][ T2044] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 981.386693][ T2044] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 981.388659][ T2044] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 982.147418][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 982.237108][ T2097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 00:16:28 executing program 1: r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_timestamps\x00', 0x1, 0x0) lseek(r0, 0x0, 0x3) 00:16:28 executing program 0: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_clone(0x0, 0x0, 0xfffffe55, 0x0, 0x0, 0x0) process_vm_writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/46, 0x2e}], 0x1, &(0x7f0000000000)=[{&(0x7f0000002980)=""/70, 0x46}], 0x1, 0x0) 00:16:32 executing program 1: r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_timestamps\x00', 0x1, 0x0) lseek(r0, 0x0, 0x3) 00:16:37 executing program 1: r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_timestamps\x00', 0x1, 0x0) lseek(r0, 0x0, 0x3) 00:16:39 executing program 0: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_clone(0x0, 0x0, 0xfffffe55, 0x0, 0x0, 0x0) process_vm_writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/46, 0x2e}], 0x1, &(0x7f0000000000)=[{&(0x7f0000002980)=""/70, 0x46}], 0x1, 0x0) 00:16:41 executing program 1: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_clone(0x0, 0x0, 0xfffffe55, 0x0, 0x0, 0x0) process_vm_writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/46, 0x2e}], 0x1, &(0x7f0000000000)=[{&(0x7f0000002980)=""/70, 0x46}], 0x1, 0x0) 00:16:49 executing program 1: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_clone(0x0, 0x0, 0xfffffe55, 0x0, 0x0, 0x0) process_vm_writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/46, 0x2e}], 0x1, &(0x7f0000000000)=[{&(0x7f0000002980)=""/70, 0x46}], 0x1, 0x0) 00:16:52 executing program 0: syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_clone(0x0, 0x0, 0xfffffe55, 0x0, 0x0, 0x0) process_vm_writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/46, 0x2e}], 0x1, &(0x7f0000000000)=[{&(0x7f0000002980)=""/70, 0x46}], 0x1, 0x0) [ 1018.439443][ T2760] Kernel panic - not syncing: corrupted stack end detected inside scheduler [ 1018.448468][ T2760] CPU: 0 PID: 2760 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 1018.454403][ T2760] Hardware name: riscv-virtio,qemu (DT) [ 1018.457390][ T2760] Call Trace: [ 1018.459075][ T2760] [] dump_backtrace+0x2e/0x3c [ 1018.462435][ T2760] [] show_stack+0x34/0x40 [ 1018.464979][ T2760] [] dump_stack_lvl+0xe4/0x150 [ 1018.466183][ T2760] [] dump_stack+0x1c/0x24 [ 1018.467425][ T2760] [] panic+0x24a/0x634 [ 1018.468534][ T2760] [] schedule+0x0/0x14c [ 1018.469695][ T2760] [] preempt_schedule_common+0x4e/0xde [ 1018.471107][ T2760] [] preempt_schedule+0x34/0x36 [ 1018.472558][ T2760] [] folio_add_lru+0x480/0x482 [ 1018.473997][ T2760] [] lru_cache_add+0x52/0x6e [ 1018.475394][ T2760] [] shmem_getpage_gfp+0x764/0x13ea [ 1018.476857][ T2760] [] shmem_fault+0x114/0x3fe [ 1018.478223][ T2760] [] __do_fault+0x8c/0x46c [ 1018.482626][ T2760] [] __handle_mm_fault+0x10fe/0x23a4 [ 1018.484447][ T2760] [] handle_mm_fault+0x296/0x674 [ 1018.485540][ T2760] [] __get_user_pages+0x444/0x7b4 [ 1018.486675][ T2760] [] get_dump_page+0x148/0x74e [ 1018.487825][ T2760] [] dump_user_range+0x24c/0x2f0 [ 1018.489180][ T2760] [] elf_core_dump+0x1aa6/0x2194 [ 1018.490288][ T2760] [] do_coredump+0x15da/0x20d8 [ 1018.492068][ T2760] [] get_signal+0x7f6/0x1754 [ 1018.493305][ T2760] [] do_notify_resume+0x11a/0xa56 [ 1018.494406][ T2760] [] ret_from_exception+0x0/0x10 [ 1018.495702][ T2760] SMP: stopping secondary CPUs [ 1018.497887][ T2760] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:17:55 Registers: info registers vcpu 0 pc ffffffff80c2db8a mhartid 0000000000000000 mstatus 00000000000000a0 mip 00000000000000a0 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80201160 sepc ffffffff80365fa4 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff80c2db84 x2/sp ffffaf8022d46420 x3/gp ffffffff85863ac0 x4/tp ffffaf800e591840 x5/t0 ffffffff86bcb657 x6/t1 fffff5ef045a8cb0 x7/t2 0000000000000000 x8/s0 ffffaf8022d46510 x9/s1 ffffffff838d2e87 x10/a0 0000000000000000 x11/a1 ffffaf800e592840 x12/a2 0000000000000002 x13/a3 ffffffff80c2db70 x14/a4 0000000000000003 x15/a5 0000000000000009 x16/a6 0000000000f00000 x17/a7 ffffaf8022d46587 x18/s2 000000000000002a x19/s3 ffffaf8022d46580 x20/s4 ffffaf8022d464a0 x21/s5 ffffffff838d2e86 x22/s6 ffffffff838d2e88 x23/s7 1ffff5f0045a8c88 x24/s8 ffffffff85889780 x25/s9 fffffffffffffffa x26/s10 fffffffffffffffe x27/s11 ffffffff838d6d80 x28/t3 1ffff5f0045a8d18 x29/t4 fffff5ef045a8cb0 x30/t5 fffff5ef045a8cb1 x31/t6 ffffaf8022d46748 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc 00000000000839e8 mhartid 0000000000000001 mstatus 00000000000040a2 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff8000f97e sepc 00000000000836f8 mcause 0000000000000009 scause 0000000000000008 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra 0000000000047fe8 x2/sp 000000c00005b6f8 x3/gp 0000000000000080 x4/tp 00007fff802876c8 x5/t0 000000c00005bf58 x6/t1 0000000000000000 x7/t2 000000c00005bf54 x8/s0 000000ecde93f7a8 x9/s1 0000000000000014 x10/a0 0000000000000004 x11/a1 000000c00005b758 x12/a2 0000000000000080 x13/a3 0000000000000000 x14/a4 0000000000000000 x15/a5 0000000000000000 x16/a6 0000000000000006 x17/a7 0000000000000016 x18/s2 00000000008ccfcc x19/s3 0000000000003000 x20/s4 000000c00005be20 x21/s5 0000000000000000 x22/s6 0000000000000000 x23/s7 0000000000000000 x24/s8 0000000000000038 x25/s9 00000000000000f6 x26/s10 0000000000000000 x27/s11 000000c0000004e0 x28/t3 ffffffffffffffff x29/t4 000000c000091ba0 x30/t5 000000c000091b99 x31/t6 0000000000083fe0 f0/ft0 0000000000000000 f1/ft1 40d17641e4cb42ae f2/ft2 41870adb40000000 f3/ft3 43e0000000000000 f4/ft4 3ffe000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000