syzkaller login: [ 104.159145][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 104.188604][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 104.205934][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 104.221379][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:11345' (ECDSA) to the list of known hosts. 1970/01/01 00:02:23 fuzzer started 1970/01/01 00:02:27 connecting to host at localhost:37069 1970/01/01 00:02:28 checking machine... 1970/01/01 00:02:28 checking revisions... 1970/01/01 00:02:30 testing simple program... [ 151.681123][ T2217] cgroup: Unknown subsys name 'net' executing program [ 152.161496][ T2217] cgroup: Unknown subsys name 'rlimit' executing program executing program [ 159.434651][ T2219] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 159.477751][ T2219] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link executing program [ 162.203681][ T2219] device hsr_slave_0 entered promiscuous mode [ 162.268748][ T2219] device hsr_slave_1 entered promiscuous mode executing program [ 164.033329][ T2219] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 164.150934][ T2219] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 164.230120][ T2219] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 164.321053][ T2219] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 166.292892][ T2219] 8021q: adding VLAN 0 to HW filter on device bond0 [ 166.405912][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 166.428825][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready executing program [ 167.789858][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 167.807536][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 167.856234][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 167.864120][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 167.913828][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 167.978834][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 168.108384][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 168.128481][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 168.197393][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 168.208332][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 168.279215][ T2219] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 169.343354][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 169.348139][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready executing program [ 172.029241][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 172.047518][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program [ 173.633577][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 173.641777][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 173.710814][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 173.722959][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 173.743742][ T2219] device veth0_vlan entered promiscuous mode [ 173.857979][ T2219] device veth1_vlan entered promiscuous mode [ 174.082188][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 174.094625][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 174.171934][ T2219] device veth0_macvtap entered promiscuous mode [ 174.257162][ T2219] device veth1_macvtap entered promiscuous mode [ 174.434357][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 174.460981][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 174.469018][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 174.473675][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 174.549475][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 174.554169][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 174.600583][ T2219] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.601819][ T2219] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.602238][ T2219] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.602709][ T2219] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 174.949919][ C0] ------------[ cut here ]------------ [ 174.951964][ C0] WARNING: CPU: 0 PID: 890 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 174.955160][ C0] Modules linked in: [ 174.955604][ C0] CPU: 0 PID: 890 Comm: kworker/0:3 Tainted: G W 6.0.0-syzkaller-10712-g27bc50fc9064 #0 [ 174.955969][ C0] Hardware name: linux,dummy-virt (DT) [ 174.956447][ C0] Workqueue: wg-kex-wg0 wg_packet_handshake_receive_worker [ 174.957512][ C0] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 174.958348][ C0] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 174.958748][ C0] lr : wg_packet_receive+0x978/0x1560 [ 174.959566][ C0] sp : ffff800008007480 [ 174.959886][ C0] x29: ffff800008007480 x28: 0000000000000001 x27: 1fffe00001398a19 [ 174.960482][ C0] x26: 0000000000000000 x25: ffff80000de4c000 x24: 0000000000000000 [ 174.961436][ C0] x23: 0000000000000003 x22: ffff80000de4cb68 x21: 0000000000000001 [ 174.962085][ C0] x20: ffff000009cc50c8 x19: ffff80000de4cd50 x18: 000000009de517c6 [ 174.962669][ C0] x17: ffff80005cbd5000 x16: ffff800008008000 x15: ffff000013b5ade8 [ 174.963278][ C0] x14: 1ffff00001000e68 x13: 0000000000000000 x12: ffff600001398a91 [ 174.963930][ C0] x11: 1fffe00001398a90 x10: ffff600001398a90 x9 : dfff800000000000 [ 174.964600][ C0] x8 : ffff000009cc5483 x7 : 00009ffffec67570 x6 : 0000000000000001 [ 174.966427][ C0] x5 : ffff000009cc5480 x4 : ffff700001bc99aa x3 : dfff800000000000 [ 174.967082][ C0] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 174.967666][ C0] Call trace: [ 174.967957][ C0] wg_cpumask_next_online+0x1c0/0x2c0 [ 174.968346][ C0] wg_packet_receive+0x978/0x1560 [ 174.968716][ C0] wg_receive+0x58/0xb0 [ 174.969040][ C0] udpv6_queue_rcv_one_skb+0x8f4/0x17c0 [ 174.969498][ C0] udpv6_queue_rcv_skb+0x134/0x7e0 [ 174.969835][ C0] udp6_unicast_rcv_skb+0xe8/0x270 [ 174.970181][ C0] __udp6_lib_rcv+0x8a4/0x2330 [ 174.970520][ C0] udpv6_rcv+0x1c/0x2c [ 174.970835][ C0] ip6_protocol_deliver_rcu+0x154/0x14f0 [ 174.971202][ C0] ip6_input_finish+0x108/0x220 [ 174.971539][ C0] ip6_input+0xbc/0x2b0 [ 174.971855][ C0] ipv6_rcv+0x39c/0x47c [ 174.972183][ C0] __netif_receive_skb_one_core+0xf4/0x170 [ 174.972511][ C0] __netif_receive_skb+0x24/0x184 [ 174.972808][ C0] process_backlog+0x24c/0x6b0 [ 174.973159][ C0] __napi_poll+0x94/0x3a4 [ 174.973499][ C0] net_rx_action+0x78c/0xb60 [ 174.973823][ C0] _stext+0x28c/0x107c [ 174.974136][ C0] ____do_softirq+0x10/0x20 [ 174.974440][ C0] call_on_irq_stack+0x2c/0x54 [ 174.974777][ C0] do_softirq_own_stack+0x1c/0x30 [ 174.975283][ C0] do_softirq.part.0+0xd0/0xf4 [ 174.975665][ C0] __local_bh_enable_ip+0x50c/0x5d0 [ 174.975985][ C0] _raw_read_unlock_bh+0x54/0x64 [ 174.976325][ C0] wg_socket_send_skb_to_peer+0xf0/0x190 [ 174.976621][ C0] wg_socket_send_buffer_to_peer+0x110/0x160 [ 174.976956][ C0] wg_packet_send_handshake_response+0x1f8/0x240 [ 174.977313][ C0] wg_receive_handshake_packet+0x19c/0x7c0 [ 174.977648][ C0] wg_packet_handshake_receive_worker+0xd8/0x2ec [ 174.977996][ C0] process_one_work+0x780/0x184c [ 174.978329][ C0] worker_thread+0x3cc/0xc40 [ 174.978602][ C0] kthread+0x23c/0x2a0 [ 174.978886][ C0] ret_from_fork+0x10/0x20 [ 174.979194][ C0] irq event stamp: 51887 [ 174.979459][ C0] hardirqs last enabled at (51886): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 174.979860][ C0] hardirqs last disabled at (51887): [] el1_dbg+0x24/0x80 [ 174.980245][ C0] softirqs last enabled at (51878): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 174.980876][ C0] softirqs last disabled at (51879): [] ____do_softirq+0x10/0x20 [ 174.981457][ C0] ---[ end trace 0000000000000000 ]--- [ 175.097492][ T25] ------------[ cut here ]------------ [ 175.098593][ T25] WARNING: CPU: 1 PID: 25 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 175.099205][ T25] Modules linked in: [ 175.099616][ T25] CPU: 1 PID: 25 Comm: kworker/1:1 Tainted: G W 6.0.0-syzkaller-10712-g27bc50fc9064 #0 [ 175.100120][ T25] Hardware name: linux,dummy-virt (DT) [ 175.100482][ T25] Workqueue: wg-kex-wg2 wg_packet_handshake_receive_worker [ 175.100900][ T25] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 175.101477][ T25] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 175.101856][ T25] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 175.102247][ T25] sp : ffff800010c87800 [ 175.102534][ T25] x29: ffff800010c87800 x28: ffff00000f540c00 x27: 0000000000000001 [ 175.103172][ T25] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe00001fa5e2e [ 175.103753][ T25] x23: ffff00000fd2f168 x22: ffff80000de4cd50 x21: ffff000011332ee0 [ 175.104264][ T25] x20: ffff00000fd2f140 x19: ffff00000ecf8c40 x18: 000000007f33493c [ 175.104980][ T25] x17: 00000000966b24bd x16: 000000006259eaa9 x15: 0000000000000000 [ 175.105974][ T25] x14: 1ffff00002190ece x13: 0000000000000000 x12: ffff6000022665de [ 175.106821][ T25] x11: ffff700001bc99aa x10: dfff800000000000 x9 : 0000000000000003 [ 175.108268][ T25] x8 : ffff80000de4c000 x7 : 1fffe00001d9f1b9 x6 : 0000000000000000 [ 175.108923][ T25] x5 : ffff00000ecf8dc8 x4 : ffff80000de4cb68 x3 : ffff800009f29754 [ 175.109545][ T25] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 175.110437][ T25] Call trace: [ 175.110733][ T25] wg_packet_send_staged_packets+0xe38/0x1380 [ 175.111143][ T25] wg_packet_send_keepalive+0x40/0x2a0 [ 175.111694][ T25] wg_receive_handshake_packet+0x2c8/0x7c0 [ 175.112381][ T25] wg_packet_handshake_receive_worker+0xd8/0x2ec [ 175.112850][ T25] process_one_work+0x780/0x184c [ 175.113396][ T25] worker_thread+0x3cc/0xc40 [ 175.113661][ T25] kthread+0x23c/0x2a0 [ 175.114094][ T25] ret_from_fork+0x10/0x20 [ 175.114434][ T25] irq event stamp: 46067 [ 175.114837][ T25] hardirqs last enabled at (46065): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 175.115448][ T25] hardirqs last disabled at (46067): [] el1_dbg+0x24/0x80 [ 175.116028][ T25] softirqs last enabled at (46062): [] wg_packet_send_staged_packets+0x20c/0x1380 [ 175.116405][ T25] softirqs last disabled at (46066): [] wg_packet_send_staged_packets+0x460/0x1380 [ 175.117112][ T25] ---[ end trace 0000000000000000 ]--- executing program 1970/01/01 00:02:56 building call list... [ 176.938949][ T39] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.240979][ T39] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.530026][ T39] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.849370][ T39] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 181.417972][ T39] device hsr_slave_0 left promiscuous mode [ 181.509718][ T39] device hsr_slave_1 left promiscuous mode [ 181.707929][ T39] device veth1_macvtap left promiscuous mode [ 181.710411][ T39] device veth0_macvtap left promiscuous mode [ 181.716578][ T39] device veth1_vlan left promiscuous mode [ 181.720086][ T39] device veth0_vlan left promiscuous mode executing program executing program [ 185.263091][ T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 185.449587][ T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 186.284602][ T39] bond0 (unregistering): Released all slaves executing program executing program executing program executing program executing program [ 201.210101][ T2213] can: request_module (can-proto-0) failed. [ 201.503121][ T2213] can: request_module (can-proto-0) failed. [ 201.745854][ T2213] can: request_module (can-proto-0) failed. executing program VM DIAGNOSIS: 02:23:58 Registers: info registers vcpu 0 PC=ffff80000829336c X00=00000000000003c0 X01=00000000000003c0 X02=0000000000000003 X03=1fffe000022ca001 X04=00000000f204f1f1 X05=ffff700001000d80 X06=dfff800000000000 X07=00000000f1f1f1f1 X08=ffff800008006c33 X09=dfff800000000000 X10=ffff700001000d86 X11=1ffff00001000d86 X12=ffff700001000d87 X13=0000000000000000 X14=1ffff00001000d5c X15=0000000000000000 X16=0000000000000000 X17=0000000000000000 X18=000000009de517c6 X19=0000000000000000 X20=ffff000011650a88 X21=ffff80000e02ca80 X22=0000000000000028 X23=ffff0000116509e8 X24=ffff80000ddf6c48 X25=ffff80000c981e40 X26=00000000ffffffff X27=00000000000003c0 X28=ffff000011650000 X29=ffff800008006b10 X30=ffff80000c8ebd54 SP=ffff800008006b10 PSTATE=100003c5 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=30253a3a30386566:000a2e6574656c70 Q02=388e9c6c4fa85ca0:0000000000007832 Q03=0000000000000000:ff00000000000000 Q04=0000000000000000:ffffffffffff0000 Q05=0010000000000000:4000000000000000 Q06=0000000000000000:4010040140100000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000555010004000:0000555010004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff80000b4598d8 X00=ffff80000b4598d0 X01=0000000000000000 X02=0000000000000003 X03=1fffe00001276369 X04=1ffff00002154fd0 X05=0000000000000000 X06=00000000f3f3f3f3 X07=1fffe000012764ae X08=ffff0000093b2570 X09=ffff80000f3c1a00 X10=ffff700001c0692b X11=1ffff00001c0692b X12=ffff700001c0692c X13=1fffe000012764c2 X14=ffff00006a9cbbbc X15=ffff00006a9cbbc4 X16=ffff800010aa8000 X17=ffff80005cbf4000 X18=ffff00006a9cbb88 X19=ffff80000e061e30 X20=0000000000000000 X21=0000000000000003 X22=0000000000000028 X23=ffff80000e061ec0 X24=dfff800000000000 X25=ffff80000e061e00 X26=0000000000000004 X27=ffff80000e061e30 X28=0000000000000000 X29=ffff800010aa7e20 X30=ffff800008391d98 SP=ffff800010aa7e20 PSTATE=100000c5 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=30253a3a30386566:000a2e6574656c70 Q02=388e9c6c4fa85ca0:0000000000007832 Q03=0000000000000000:ff00000000000000 Q04=0000000000000000:ffffffffffff0000 Q05=0010000000000000:4000000000000000 Q06=0000000000000000:4010040140100000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000555010004000:0000555010004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000