syzkaller login: [ 95.977556][ T2051] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 96.007964][ T2051] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 96.038200][ T2051] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:4600' (ECDSA) to the list of known hosts. 1970/01/01 00:01:59 fuzzer started 1970/01/01 00:02:05 connecting to host at localhost:43981 1970/01/01 00:02:05 checking machine... 1970/01/01 00:02:05 checking revisions... 1970/01/01 00:02:07 testing simple program... [ 128.515383][ T2211] cgroup: Unknown subsys name 'net' [ 128.974834][ T2211] cgroup: Unknown subsys name 'rlimit' executing program executing program [ 134.874585][ T2214] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 134.899577][ T2214] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link executing program [ 137.333063][ T2214] device hsr_slave_0 entered promiscuous mode [ 137.386667][ T2214] device hsr_slave_1 entered promiscuous mode executing program [ 139.212179][ T2214] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 139.317431][ T2214] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 139.387380][ T2214] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 139.445569][ T2214] netdevsim netdevsim0 netdevsim3: renamed from eth3 executing program [ 141.238527][ T2214] 8021q: adding VLAN 0 to HW filter on device bond0 [ 141.338550][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 141.360388][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 142.467092][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 142.485641][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 142.551962][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 142.556342][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 142.629566][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 142.683532][ T91] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 142.896236][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 142.910273][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 142.976329][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 142.988921][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 143.056193][ T2214] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 144.057234][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 144.059069][ T890] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready executing program [ 146.364685][ T2212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 146.380087][ T2212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program [ 147.602971][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 147.620621][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 147.672472][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 147.679619][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 147.719125][ T2214] device veth0_vlan entered promiscuous mode [ 147.822853][ T2214] device veth1_vlan entered promiscuous mode [ 148.004144][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 148.016248][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 148.069902][ T2214] device veth0_macvtap entered promiscuous mode [ 148.126061][ T2214] device veth1_macvtap entered promiscuous mode [ 148.256331][ T2554] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 148.268848][ T2554] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 148.283947][ T2554] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 148.289705][ T2554] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 148.358778][ T2212] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 148.376805][ T2212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 148.444328][ T2214] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.445322][ T2214] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.445851][ T2214] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.446384][ T2214] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 148.742095][ C1] ------------[ cut here ]------------ [ 148.742946][ C1] WARNING: CPU: 1 PID: 1005 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 148.743381][ C1] Modules linked in: [ 148.743734][ C1] CPU: 1 PID: 1005 Comm: kworker/u4:5 Tainted: G W 6.0.0-syzkaller-11161-g041bc24d867a #0 [ 148.744146][ C1] Hardware name: linux,dummy-virt (DT) [ 148.744678][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 148.745160][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 148.745867][ C1] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 148.746169][ C1] lr : wg_packet_receive+0x978/0x1560 [ 148.746453][ C1] sp : ffff800010ab7480 [ 148.746711][ C1] x29: ffff800010ab7480 x28: 0000000000000001 x27: 1fffe00001cfa219 [ 148.747888][ C1] x26: 0000000000000000 x25: ffff80000de5c000 x24: 0000000000000000 [ 148.748666][ C1] x23: 0000000000000003 x22: ffff80000de5cb68 x21: 0000000000000001 [ 148.749187][ C1] x20: ffff00000e7d10c8 x19: ffff80000de5cd50 x18: 00000000fdf8e37b [ 148.749705][ C1] x17: ffff80005cbe4000 x16: ffff800010ab8000 x15: ffff00001495cb68 [ 148.750220][ C1] x14: 1ffff00002156e68 x13: 0000000000000000 x12: ffff600001cfa291 [ 148.750816][ C1] x11: 1fffe00001cfa290 x10: ffff600001cfa290 x9 : dfff800000000000 [ 148.751424][ C1] x8 : ffff00000e7d1483 x7 : 00009ffffe305d70 x6 : 0000000000000001 [ 148.751940][ C1] x5 : ffff00000e7d1480 x4 : ffff700001bcb9aa x3 : dfff800000000000 [ 148.752472][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 148.752999][ C1] Call trace: [ 148.753263][ C1] wg_cpumask_next_online+0x1c0/0x2c0 [ 148.753578][ C1] wg_packet_receive+0x978/0x1560 [ 148.753892][ C1] wg_receive+0x58/0xb0 [ 148.754181][ C1] udpv6_queue_rcv_one_skb+0x8f4/0x17c0 [ 148.754510][ C1] udpv6_queue_rcv_skb+0x134/0x7e0 [ 148.754818][ C1] udp6_unicast_rcv_skb+0xe8/0x270 [ 148.755134][ C1] __udp6_lib_rcv+0x8a4/0x2330 [ 148.755439][ C1] udpv6_rcv+0x1c/0x2c [ 148.755741][ C1] ip6_protocol_deliver_rcu+0x154/0x14f0 [ 148.756017][ C1] ip6_input_finish+0x108/0x220 [ 148.756340][ C1] ip6_input+0xbc/0x2b0 [ 148.756633][ C1] ipv6_rcv+0x39c/0x47c [ 148.756934][ C1] __netif_receive_skb_one_core+0xf4/0x170 [ 148.757264][ C1] __netif_receive_skb+0x24/0x184 [ 148.757571][ C1] process_backlog+0x24c/0x6b0 [ 148.757878][ C1] __napi_poll+0x94/0x3a4 [ 148.758174][ C1] net_rx_action+0x78c/0xb60 [ 148.758472][ C1] _stext+0x28c/0x107c [ 148.758766][ C1] ____do_softirq+0x10/0x20 [ 148.759102][ C1] call_on_irq_stack+0x2c/0x54 [ 148.759428][ C1] do_softirq_own_stack+0x1c/0x30 [ 148.759751][ C1] do_softirq.part.0+0xd0/0xf4 [ 148.760063][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 148.760397][ C1] _raw_read_unlock_bh+0x54/0x64 [ 148.760786][ C1] wg_socket_send_skb_to_peer+0xf0/0x190 [ 148.761133][ C1] wg_socket_send_buffer_to_peer+0x110/0x160 [ 148.761608][ C1] wg_packet_send_handshake_initiation+0x1a8/0x274 [ 148.761953][ C1] wg_packet_handshake_send_worker+0x1c/0x34 [ 148.762277][ C1] process_one_work+0x780/0x184c [ 148.762580][ C1] worker_thread+0x3cc/0xc40 [ 148.762880][ C1] kthread+0x23c/0x2a0 [ 148.763186][ C1] ret_from_fork+0x10/0x20 [ 148.763542][ C1] irq event stamp: 11123 [ 148.763840][ C1] hardirqs last enabled at (11122): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 148.764231][ C1] hardirqs last disabled at (11123): [] el1_dbg+0x24/0x80 [ 148.764633][ C1] softirqs last enabled at (11114): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 148.765007][ C1] softirqs last disabled at (11115): [] ____do_softirq+0x10/0x20 [ 148.765396][ C1] ---[ end trace 0000000000000000 ]--- [ 148.815762][ C1] ------------[ cut here ]------------ [ 148.816575][ C1] WARNING: CPU: 1 PID: 20 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 148.817074][ C1] Modules linked in: [ 148.817419][ C1] CPU: 1 PID: 20 Comm: ksoftirqd/1 Tainted: G W 6.0.0-syzkaller-11161-g041bc24d867a #0 [ 148.817815][ C1] Hardware name: linux,dummy-virt (DT) [ 148.818116][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 148.818484][ C1] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 148.818803][ C1] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 148.819122][ C1] sp : ffff800010c47700 [ 148.819384][ C1] x29: ffff800010c47700 x28: ffff0000109c0000 x27: 0000000000000001 [ 148.819891][ C1] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe00002359796 [ 148.820403][ C1] x23: ffff000011acbca8 x22: ffff80000de5cd50 x21: ffff000015828960 [ 148.821216][ C1] x20: ffff000011acbc80 x19: ffff00000e7d0c40 x18: ffff00000ffc4338 [ 148.821981][ C1] x17: ffff80005cbe4000 x16: 0000000000000004 x15: 0000000000000000 [ 148.822486][ C1] x14: 1ffff00002188eae x13: 1fffe0000125b141 x12: ffff600002b0512e [ 148.823002][ C1] x11: ffff700001bcb9aa x10: dfff800000000000 x9 : 0000000000000003 [ 148.823511][ C1] x8 : ffff80000de5c000 x7 : 1fffe00001cfa1b9 x6 : 0000000000000000 [ 148.824016][ C1] x5 : ffff00000e7d0dc8 x4 : ffff80000de5cb68 x3 : ffff800009f2d9f4 [ 148.824552][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 148.825057][ C1] Call trace: [ 148.825314][ C1] wg_packet_send_staged_packets+0xe38/0x1380 [ 148.825647][ C1] wg_packet_rx_poll+0xd94/0x1580 [ 148.825970][ C1] __napi_poll+0x94/0x3a4 [ 148.826274][ C1] net_rx_action+0x78c/0xb60 [ 148.826568][ C1] _stext+0x28c/0x107c [ 148.826857][ C1] run_ksoftirqd+0xa4/0xec [ 148.827149][ C1] smpboot_thread_fn+0x4d4/0x950 [ 148.827452][ C1] kthread+0x23c/0x2a0 [ 148.827743][ C1] ret_from_fork+0x10/0x20 [ 148.828051][ C1] irq event stamp: 17199 [ 148.828344][ C1] hardirqs last enabled at (17198): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 148.828768][ C1] hardirqs last disabled at (17199): [] el1_dbg+0x24/0x80 [ 148.829148][ C1] softirqs last enabled at (17124): [] _stext+0x9d4/0x107c [ 148.829509][ C1] softirqs last disabled at (17129): [] run_ksoftirqd+0xa4/0xec [ 148.829884][ C1] ---[ end trace 0000000000000000 ]--- executing program 1970/01/01 00:02:29 building call list... [ 150.787569][ T55] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.067442][ T55] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.265747][ T55] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.485614][ T55] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 154.334900][ T55] device hsr_slave_0 left promiscuous mode [ 154.404557][ T55] device hsr_slave_1 left promiscuous mode [ 154.580492][ T55] device veth1_macvtap left promiscuous mode [ 154.604520][ T55] device veth0_macvtap left promiscuous mode [ 154.609444][ T55] device veth1_vlan left promiscuous mode [ 154.623103][ T55] device veth0_vlan left promiscuous mode executing program [ 158.325501][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 158.523090][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface executing program [ 159.567742][ T55] bond0 (unregistering): Released all slaves executing program executing program executing program executing program [ 174.085347][ T2209] can: request_module (can-proto-0) failed. executing program [ 174.476527][ T2209] can: request_module (can-proto-0) failed. [ 174.697489][ T2209] can: request_module (can-proto-0) failed. executing program VM DIAGNOSIS: 18:42:57 Registers: info registers vcpu 0 PC=ffff800008295868 X00=0000000000000000 X01=ffff800010bc7300 X02=0000000000000000 X03=00000000000003fd X04=ffff800010105118 X05=0000000000000030 X06=ffff80000feef3b0 X07=0000000000000003 X08=ffff80000f3d3000 X09=0000000000000000 X10=ffff800010777da0 X11=0000000000000000 X12=00000000f1f1f1f1 X13=1ffff00002178e32 X14=1ffff00002178eb4 X15=ffff8000081b54c4 X16=ffff800009f2f33c X17=ffff800009f30640 X18=ffff00000fb1c838 X19=ffff8000100cfe98 X20=dfff800000000000 X21=0000000000000030 X22=1ffff00002010351 X23=ffff800010bc7300 X24=ffff800010081a88 X25=ffff80000f6763a0 X26=ffff80000f67e3a0 X27=ffff80000f3d3a00 X28=ffff800010083448 X29=ffff800010bc70e0 X30=ffff800008295880 SP=ffff800010bc70e0 PSTATE=000000c5 ---- EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=0000000000000000:0000000000000000 Q02=0000000000000000:0000000000000000 Q03=0000000000000000:0000000000000000 Q04=0000000000000000:0000000000000000 Q05=0000000000000000:0000000000000000 Q06=0000000000000000:0000000000000000 Q07=0000000000000000:0000000000000000 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff80000b45ea58 X00=ffff80000b45ea50 X01=0000000000000000 X02=1fffe0000d53d58f X03=0000000000000001 X04=ffff800010ab6e50 X05=ffff700002156d96 X06=ffff000012dd1b40 X07=00000000f2f2f2f2 X08=00000000f3f3f300 X09=00000000f2000000 X10=00000000f204f204 X11=00000000f3f3f3f3 X12=00000000f1f1f1f1 X13=0000000000000000 X14=1ffff00002156d5c X15=ffff80000f2b5fc0 X16=0000000000000007 X17=3132616663313030 X18=00000000fdf8e37b X19=ffff80000e071e30 X20=0000000000000000 X21=0000000000000003 X22=0000000000000028 X23=ffff80000e071ec0 X24=dfff800000000000 X25=ffff80000e071e00 X26=0000000000000004 X27=ffff80000e071e30 X28=ffff800008031404 X29=ffff800010ab6b90 X30=ffff800008392d88 SP=ffff800010ab6b90 PSTATE=800003c5 N--- EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=0000000000000000:0000000000000000 Q02=0000000000000000:0000000000000000 Q03=0000000000000000:0000000000000000 Q04=0000000000000000:0000000000000000 Q05=0000000000000000:0000000000000000 Q06=0000000000000000:0000000000000000 Q07=0000000000000000:0000000000000000 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000