syzkaller login: [ 97.818665][ T2048] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 97.867756][ T2048] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 97.887786][ T2048] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:44886' (ECDSA) to the list of known hosts. 1970/01/01 00:02:20 fuzzer started 1970/01/01 00:02:25 connecting to host at localhost:45481 1970/01/01 00:02:26 checking machine... 1970/01/01 00:02:26 checking revisions... 1970/01/01 00:02:28 testing simple program... [ 149.166783][ T2208] cgroup: Unknown subsys name 'net' executing program [ 149.654025][ T2208] cgroup: Unknown subsys name 'rlimit' executing program executing program [ 155.997142][ T2211] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 156.038190][ T2211] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link executing program [ 158.901917][ T2211] device hsr_slave_0 entered promiscuous mode [ 158.985060][ T2211] device hsr_slave_1 entered promiscuous mode executing program [ 161.575753][ T2211] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 161.737075][ T2211] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 161.822247][ T2211] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 161.901619][ T2211] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 163.924176][ T2211] 8021q: adding VLAN 0 to HW filter on device bond0 [ 164.017036][ T887] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 164.047897][ T887] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready executing program [ 165.303114][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 165.307603][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 165.368623][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 165.374287][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 165.442689][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 165.534680][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 165.708494][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 165.717070][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 165.821299][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 165.827737][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 165.915493][ T2211] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 167.054771][ T887] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 167.056603][ T887] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready executing program [ 169.725293][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 169.738144][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program [ 170.895545][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 170.904337][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 170.965325][ T2529] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 170.975240][ T2529] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 170.988276][ T2211] device veth0_vlan entered promiscuous mode [ 171.094365][ T2211] device veth1_vlan entered promiscuous mode [ 171.365684][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 171.377287][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 171.428620][ T2211] device veth0_macvtap entered promiscuous mode [ 171.486762][ T2211] device veth1_macvtap entered promiscuous mode [ 171.648602][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 171.665143][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 171.681452][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 171.686470][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 171.762173][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 171.767427][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 171.837202][ T2211] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.843433][ T2211] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.846118][ T2211] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.849031][ T2211] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.237921][ C1] ------------[ cut here ]------------ [ 172.238951][ C1] WARNING: CPU: 1 PID: 27 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 172.239467][ C1] Modules linked in: [ 172.240265][ C1] CPU: 1 PID: 27 Comm: kworker/u4:1 Tainted: G W 6.0.0-syzkaller-10822-g60bb8154d1d7 #0 [ 172.241957][ C1] Hardware name: linux,dummy-virt (DT) [ 172.243332][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 172.244338][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 172.244761][ C1] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 172.245213][ C1] lr : wg_packet_receive+0x978/0x1560 [ 172.245593][ C1] sp : ffff800010ab7440 [ 172.246128][ C1] x29: ffff800010ab7440 x28: 0000000000000001 x27: 1fffe00001d97a19 [ 172.246745][ C1] x26: 0000000000000000 x25: ffff80000de5c000 x24: 0000000000000000 [ 172.247343][ C1] x23: 0000000000000003 x22: ffff80000de5cb68 x21: 0000000000000001 [ 172.248075][ C1] x20: ffff00000ecbd0c8 x19: ffff80000de5cd50 x18: ffff0000101db978 [ 172.248715][ C1] x17: 1fffe0000135d80c x16: 1fffe0000203b71f x15: ffff0000101db900 [ 172.249322][ C1] x14: 1ffff00002156e60 x13: 0000000000000000 x12: ffff600001d97a91 [ 172.250171][ C1] x11: 1fffe00001d97a90 x10: ffff600001d97a90 x9 : dfff800000000000 [ 172.251100][ C1] x8 : ffff00000ecbd483 x7 : 00009ffffe268570 x6 : 0000000000000001 [ 172.251721][ C1] x5 : ffff00000ecbd480 x4 : ffff700001bcb9aa x3 : dfff800000000000 [ 172.253559][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 172.255012][ C1] Call trace: [ 172.255358][ C1] wg_cpumask_next_online+0x1c0/0x2c0 [ 172.255771][ C1] wg_packet_receive+0x978/0x1560 [ 172.256179][ C1] wg_receive+0x58/0xb0 [ 172.256515][ C1] udp_queue_rcv_one_skb+0x820/0x1a8c [ 172.256889][ C1] udp_queue_rcv_skb+0x134/0x7e0 [ 172.257259][ C1] udp_unicast_rcv_skb+0xe8/0x2e0 [ 172.257605][ C1] __udp4_lib_rcv+0xcf0/0x31b0 [ 172.257967][ C1] udp_rcv+0x20/0x30 [ 172.258305][ C1] ip_protocol_deliver_rcu+0xbc/0x634 [ 172.258680][ C1] ip_local_deliver_finish+0x248/0x3ac [ 172.259060][ C1] ip_local_deliver+0x16c/0x384 [ 172.259438][ C1] ip_rcv_finish+0x144/0x224 [ 172.260005][ C1] ip_rcv+0xc0/0x2b0 [ 172.260443][ C1] __netif_receive_skb_one_core+0xf4/0x170 [ 172.261013][ C1] __netif_receive_skb+0x24/0x184 [ 172.261363][ C1] process_backlog+0x24c/0x6b0 [ 172.261831][ C1] __napi_poll+0x94/0x3a4 [ 172.262458][ C1] net_rx_action+0x78c/0xb60 [ 172.263263][ C1] _stext+0x28c/0x107c [ 172.263620][ C1] ____do_softirq+0x10/0x20 [ 172.263975][ C1] call_on_irq_stack+0x2c/0x54 [ 172.264347][ C1] do_softirq_own_stack+0x1c/0x30 [ 172.264714][ C1] do_softirq.part.0+0xd0/0xf4 [ 172.265080][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 172.265471][ C1] _raw_read_unlock_bh+0x54/0x64 [ 172.265842][ C1] wg_socket_send_skb_to_peer+0xf0/0x190 [ 172.266202][ C1] wg_socket_send_buffer_to_peer+0x110/0x160 [ 172.266554][ C1] wg_packet_send_handshake_initiation+0x1a8/0x274 [ 172.266981][ C1] wg_packet_handshake_send_worker+0x1c/0x34 [ 172.267380][ C1] process_one_work+0x780/0x184c [ 172.267721][ C1] worker_thread+0x3cc/0xc40 [ 172.268071][ C1] kthread+0x23c/0x2a0 [ 172.268416][ C1] ret_from_fork+0x10/0x20 [ 172.268790][ C1] irq event stamp: 54449 [ 172.269138][ C1] hardirqs last enabled at (54448): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 172.269684][ C1] hardirqs last disabled at (54449): [] el1_dbg+0x24/0x80 [ 172.270247][ C1] softirqs last enabled at (54440): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 172.270948][ C1] softirqs last disabled at (54441): [] ____do_softirq+0x10/0x20 [ 172.271454][ C1] ---[ end trace 0000000000000000 ]--- [ 172.309588][ C0] ------------[ cut here ]------------ [ 172.311747][ C0] WARNING: CPU: 0 PID: 7 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 172.312180][ C0] Modules linked in: [ 172.312470][ C0] CPU: 0 PID: 7 Comm: kworker/0:0 Tainted: G W 6.0.0-syzkaller-10822-g60bb8154d1d7 #0 [ 172.312881][ C0] Hardware name: linux,dummy-virt (DT) [ 172.313170][ C0] Workqueue: wg-crypt-wg1 wg_packet_decrypt_worker [ 172.313562][ C0] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 172.314061][ C0] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 172.314398][ C0] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 172.314748][ C0] sp : ffff800008007960 [ 172.314990][ C0] x29: ffff800008007960 x28: ffff0000139eac00 x27: 0000000000000001 [ 172.315607][ C0] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe000025b1c7e [ 172.316104][ C0] x23: ffff000012d8e3e8 x22: ffff80000de5cd50 x21: ffff000010309c20 [ 172.316632][ C0] x20: ffff000012d8e3c0 x19: ffff00000ecbcc40 x18: ffff00006a9cbb88 [ 172.317097][ C0] x17: ffff80005cbc5000 x16: ffff800008008000 x15: 0000000000008000 [ 172.317700][ C0] x14: 1ffff00001000efa x13: 1fffe0000124481b x12: ffff600002061386 [ 172.318110][ C0] x11: ffff700001bcb9aa x10: dfff800000000000 x9 : 0000000000000003 [ 172.318666][ C0] x8 : ffff80000de5c000 x7 : 1fffe00001d979b9 x6 : 0000000000000000 [ 172.319154][ C0] x5 : ffff00000ecbcdc8 x4 : ffff80000de5cb68 x3 : ffff800009f2ac94 [ 172.319813][ C0] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 172.320509][ C0] Call trace: [ 172.320752][ C0] wg_packet_send_staged_packets+0xe38/0x1380 [ 172.321040][ C0] wg_packet_rx_poll+0xd94/0x1580 [ 172.321294][ C0] __napi_poll+0x94/0x3a4 [ 172.321531][ C0] net_rx_action+0x78c/0xb60 [ 172.321775][ C0] _stext+0x28c/0x107c [ 172.322019][ C0] ____do_softirq+0x10/0x20 [ 172.322298][ C0] call_on_irq_stack+0x2c/0x54 [ 172.322572][ C0] do_softirq_own_stack+0x1c/0x30 [ 172.322862][ C0] do_softirq.part.0+0xd0/0xf4 [ 172.323115][ C0] __local_bh_enable_ip+0x50c/0x5d0 [ 172.323402][ C0] _raw_spin_unlock_bh+0x54/0x64 [ 172.323687][ C0] wg_packet_decrypt_worker+0x210/0x3c0 [ 172.323982][ C0] process_one_work+0x780/0x184c [ 172.324262][ C0] worker_thread+0x3cc/0xc40 [ 172.324518][ C0] kthread+0x23c/0x2a0 [ 172.324778][ C0] ret_from_fork+0x10/0x20 [ 172.325059][ C0] irq event stamp: 55553 [ 172.325326][ C0] hardirqs last enabled at (55552): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 172.325741][ C0] hardirqs last disabled at (55553): [] el1_dbg+0x24/0x80 [ 172.326098][ C0] softirqs last enabled at (55530): [] wg_packet_decrypt_worker+0x210/0x3c0 [ 172.326435][ C0] softirqs last disabled at (55531): [] ____do_softirq+0x10/0x20 [ 172.326856][ C0] ---[ end trace 0000000000000000 ]--- executing program 1970/01/01 00:02:53 building call list... [ 174.097072][ T27] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.464463][ T27] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.698628][ T27] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.985581][ T27] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 178.280847][ T27] device hsr_slave_0 left promiscuous mode [ 178.364242][ T27] device hsr_slave_1 left promiscuous mode [ 178.522466][ T27] device veth1_macvtap left promiscuous mode [ 178.525062][ T27] device veth0_macvtap left promiscuous mode [ 178.546006][ T27] device veth1_vlan left promiscuous mode [ 178.547989][ T27] device veth0_vlan left promiscuous mode executing program [ 181.714469][ T27] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 181.842968][ T27] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 182.528225][ T27] bond0 (unregistering): Released all slaves executing program executing program executing program executing program executing program executing program [ 201.871892][ T2203] can: request_module (can-proto-0) failed. [ 202.127445][ T2203] can: request_module (can-proto-0) failed. VM DIAGNOSIS: 04:00:23 Registers: info registers vcpu 0 PC=ffff8000081efe40 X00=00000000000000c0 X01=dfff800000000000 X02=0000000000000000 X03=1fffe000012446d1 X04=00000000f204f1f1 X05=ffff70000216cec4 X06=dfff800000000000 X07=00000000f1f1f1f1 X08=ffff80001099251b X09=dfff800000000000 X10=ffff7000021324a3 X11=1ffff000021324a3 X12=ffff7000021324a4 X13=0000000000000000 X14=1ffff0000216cea0 X15=00000000f1f1f1f1 X16=0000000000000000 X17=1ffff00002220dc4 X18=0000000000000000 X19=ffff000009002300 X20=ffff000009002300 X21=ffff8000087daa24 X22=0000000000000001 X23=0000000000000000 X24=ffff000009223680 X25=0000000000000000 X26=ffff8000087daa24 X27=0000000000080800 X28=ffff000012fefa00 X29=ffff800010b67340 X30=ffff800008030448 SP=ffff800010b67340 PSTATE=600000c5 -ZC- EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=0000000000000000:0000000000000000 Q02=0000000000000000:0000000000000000 Q03=0000000000000000:0000000000000000 Q04=0000000000000000:0000000000000000 Q05=0000000000000000:0000000000000000 Q06=0000000000000000:0000000000000000 Q07=0000000000000000:0000000000000000 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff80000829335c X00=00000000000003c0 X01=00000000000003c0 X02=0000000000000003 X03=1fffe00001350001 X04=1fffe0000d53d001 X05=0000000000000000 X06=ffff8000082c4ae0 X07=ffff000009a80000 X08=ffff80000de5cd50 X09=ffff80000de5c000 X10=00000000f3000000 X11=dfff800000000000 X12=000000000000f1f1 X13=205d314320202020 X14=0000000000000000 X15=0000000000000000 X16=0000000000000000 X17=0000000000000000 X18=ffff0000101db978 X19=0000000000000000 X20=ffff000009a80a88 X21=ffff80000e03ca80 X22=0000000000000028 X23=ffff000009a809e8 X24=ffff80000de06c48 X25=ffff80000c991e40 X26=00000000ffffffff X27=00000000000003c0 X28=ffff000009a80000 X29=ffff800010ab6750 X30=ffff80000c8ee0d4 SP=ffff800010ab6750 PSTATE=100003c5 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=0000000000000000:0000000000000000 Q02=0000000000000000:0000000000000000 Q03=0000000000000000:0000000000000000 Q04=0000000000000000:0000000000000000 Q05=0000000000000000:0000000000000000 Q06=0000000000000000:0000000000000000 Q07=0000000000000000:0000000000000000 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000