syzkaller login: [ 62.093806][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 62.098390][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 62.106953][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:21212' (ECDSA) to the list of known hosts. 1970/01/01 00:01:11 fuzzer started 1970/01/01 00:01:14 connecting to host at localhost:40287 1970/01/01 00:01:14 checking machine... 1970/01/01 00:01:14 checking revisions... 1970/01/01 00:01:15 testing simple program... [ 76.351265][ T2209] cgroup: Unknown subsys name 'net' [ 76.772567][ T2209] cgroup: Unknown subsys name 'rlimit' executing program executing program [ 80.725083][ T2212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.748286][ T2212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.406379][ T2212] device hsr_slave_0 entered promiscuous mode [ 82.472226][ T2212] device hsr_slave_1 entered promiscuous mode executing program [ 83.738639][ T2212] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 83.826023][ T2212] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 83.878205][ T2212] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 83.945329][ T2212] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 85.296494][ T2212] 8021q: adding VLAN 0 to HW filter on device bond0 [ 85.387152][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 85.397177][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.266674][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 86.280751][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 86.324624][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 86.332212][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 86.384756][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 86.425041][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 86.543024][ T888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 86.547727][ T888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 86.595480][ T888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 86.605834][ T888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready executing program [ 86.677930][ T2212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 87.366731][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 87.367879][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 89.022650][ T888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 89.026483][ T888] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program [ 89.885206][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 89.901659][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 89.917749][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 89.925128][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 89.946691][ T2212] device veth0_vlan entered promiscuous mode [ 90.012347][ T2212] device veth1_vlan entered promiscuous mode [ 90.029993][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 90.152727][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 90.156324][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 90.178598][ T2212] device veth0_macvtap entered promiscuous mode [ 90.207365][ T2212] device veth1_macvtap entered promiscuous mode [ 90.284965][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 90.288256][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 90.297487][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 90.304957][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 90.352926][ T888] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 90.357234][ T888] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 90.377508][ T2212] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.378366][ T2212] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.378734][ T2212] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.380792][ T2212] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.546911][ C1] ------------[ cut here ]------------ [ 90.547466][ C1] WARNING: CPU: 1 PID: 1081 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 90.547832][ C1] Modules linked in: [ 90.548079][ C1] CPU: 1 PID: 1081 Comm: kworker/u4:6 Tainted: G W 6.0.0-syzkaller-10822-g60bb8154d1d7 #0 [ 90.548403][ C1] Hardware name: linux,dummy-virt (DT) [ 90.548868][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 90.549192][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 90.549586][ C1] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 90.549807][ C1] lr : wg_packet_receive+0x978/0x1560 [ 90.550426][ C1] sp : ffff800010ab7480 [ 90.551213][ C1] x29: ffff800010ab7480 x28: 0000000000000001 x27: 1fffe00001c98219 [ 90.551871][ C1] x26: 0000000000000000 x25: ffff80000de5c000 x24: 0000000000000000 [ 90.552250][ C1] x23: 0000000000000003 x22: ffff80000de5cb68 x21: 0000000000000001 [ 90.552593][ C1] x20: ffff00000e4c10c8 x19: ffff80000de5cd50 x18: 00000000ea8986de [ 90.552933][ C1] x17: ffff80005cbe4000 x16: ffff800010ab8000 x15: ffff00000b3da3e8 [ 90.553272][ C1] x14: 1ffff00002156e68 x13: 0000000000000000 x12: ffff600001c98291 [ 90.553626][ C1] x11: 1fffe00001c98290 x10: ffff600001c98290 x9 : dfff800000000000 [ 90.553972][ C1] x8 : ffff00000e4c1483 x7 : 00009ffffe367d70 x6 : 0000000000000001 [ 90.554328][ C1] x5 : ffff00000e4c1480 x4 : ffff700001bcb9aa x3 : dfff800000000000 [ 90.554683][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 90.555024][ C1] Call trace: [ 90.555200][ C1] wg_cpumask_next_online+0x1c0/0x2c0 [ 90.555420][ C1] wg_packet_receive+0x978/0x1560 [ 90.555631][ C1] wg_receive+0x58/0xb0 [ 90.555829][ C1] udpv6_queue_rcv_one_skb+0x8f4/0x17c0 [ 90.556048][ C1] udpv6_queue_rcv_skb+0x134/0x7e0 [ 90.556250][ C1] udp6_unicast_rcv_skb+0xe8/0x270 [ 90.556454][ C1] __udp6_lib_rcv+0x8a4/0x2330 [ 90.556659][ C1] udpv6_rcv+0x1c/0x2c [ 90.556885][ C1] ip6_protocol_deliver_rcu+0x154/0x14f0 [ 90.557107][ C1] ip6_input_finish+0x108/0x220 [ 90.557312][ C1] ip6_input+0xbc/0x2b0 [ 90.557510][ C1] ipv6_rcv+0x39c/0x47c [ 90.557713][ C1] __netif_receive_skb_one_core+0xf4/0x170 [ 90.557939][ C1] __netif_receive_skb+0x24/0x184 [ 90.558173][ C1] process_backlog+0x24c/0x6b0 [ 90.558398][ C1] __napi_poll+0x94/0x3a4 [ 90.558637][ C1] net_rx_action+0x78c/0xb60 [ 90.559025][ C1] _stext+0x28c/0x107c [ 90.559229][ C1] ____do_softirq+0x10/0x20 [ 90.559519][ C1] call_on_irq_stack+0x2c/0x54 [ 90.559733][ C1] do_softirq_own_stack+0x1c/0x30 [ 90.559950][ C1] do_softirq.part.0+0xd0/0xf4 [ 90.560159][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 90.560375][ C1] _raw_read_unlock_bh+0x54/0x64 [ 90.560594][ C1] wg_socket_send_skb_to_peer+0xf0/0x190 [ 90.560807][ C1] wg_socket_send_buffer_to_peer+0x110/0x160 [ 90.561171][ C1] wg_packet_send_handshake_initiation+0x1a8/0x274 [ 90.561474][ C1] wg_packet_handshake_send_worker+0x1c/0x34 [ 90.561706][ C1] process_one_work+0x780/0x184c [ 90.561914][ C1] worker_thread+0x3cc/0xc40 [ 90.562115][ C1] kthread+0x23c/0x2a0 [ 90.562366][ C1] ret_from_fork+0x10/0x20 [ 90.562588][ C1] irq event stamp: 52279 [ 90.562776][ C1] hardirqs last enabled at (52278): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 90.563078][ C1] hardirqs last disabled at (52279): [] el1_dbg+0x24/0x80 [ 90.563357][ C1] softirqs last enabled at (52270): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 90.563662][ C1] softirqs last disabled at (52271): [] ____do_softirq+0x10/0x20 [ 90.563947][ C1] ---[ end trace 0000000000000000 ]--- [ 90.583633][ C0] ------------[ cut here ]------------ [ 90.584118][ C0] WARNING: CPU: 0 PID: 13 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 90.584452][ C0] Modules linked in: [ 90.584694][ C0] CPU: 0 PID: 13 Comm: kworker/0:1 Tainted: G W 6.0.0-syzkaller-10822-g60bb8154d1d7 #0 [ 90.585013][ C0] Hardware name: linux,dummy-virt (DT) [ 90.585224][ C0] Workqueue: wg-crypt-wg0 wg_packet_decrypt_worker [ 90.585524][ C0] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 90.585794][ C0] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 90.586034][ C0] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 90.586277][ C0] sp : ffff800008007960 [ 90.586482][ C0] x29: ffff800008007960 x28: ffff000010584800 x27: 0000000000000001 [ 90.586866][ C0] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe000025f8996 [ 90.587257][ C0] x23: ffff000012fc4ca8 x22: ffff80000de5cd50 x21: ffff00000f810960 [ 90.587617][ C0] x20: ffff000012fc4c80 x19: ffff00000e4c0c40 x18: ffff00006a9cbb88 [ 90.587982][ C0] x17: ffff80005cbc5000 x16: ffff800008008000 x15: 0000000000008000 [ 90.588348][ C0] x14: 1ffff00001000efa x13: 1fffe0000124614b x12: ffff600001f0212e [ 90.588842][ C0] x11: ffff700001bcb9aa x10: dfff800000000000 x9 : 0000000000000003 [ 90.589333][ C0] x8 : ffff80000de5c000 x7 : 1fffe00001c981b9 x6 : 0000000000000000 [ 90.589742][ C0] x5 : ffff00000e4c0dc8 x4 : ffff80000de5cb68 x3 : ffff800009f2ac94 [ 90.590115][ C0] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 90.590539][ C0] Call trace: [ 90.590724][ C0] wg_packet_send_staged_packets+0xe38/0x1380 [ 90.591009][ C0] wg_packet_rx_poll+0xd94/0x1580 [ 90.591316][ C0] __napi_poll+0x94/0x3a4 [ 90.591525][ C0] net_rx_action+0x78c/0xb60 [ 90.591743][ C0] _stext+0x28c/0x107c [ 90.591966][ C0] ____do_softirq+0x10/0x20 [ 90.592175][ C0] call_on_irq_stack+0x2c/0x54 [ 90.592387][ C0] do_softirq_own_stack+0x1c/0x30 [ 90.592702][ C0] do_softirq.part.0+0xd0/0xf4 [ 90.592972][ C0] __local_bh_enable_ip+0x50c/0x5d0 [ 90.593191][ C0] _raw_spin_unlock_bh+0x54/0x64 [ 90.593425][ C0] wg_packet_decrypt_worker+0x210/0x3c0 [ 90.593695][ C0] process_one_work+0x780/0x184c [ 90.593908][ C0] worker_thread+0x3cc/0xc40 [ 90.594122][ C0] kthread+0x23c/0x2a0 [ 90.594351][ C0] ret_from_fork+0x10/0x20 [ 90.594585][ C0] irq event stamp: 10941 [ 90.594790][ C0] hardirqs last enabled at (10940): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 90.595164][ C0] hardirqs last disabled at (10941): [] el1_dbg+0x24/0x80 [ 90.595448][ C0] softirqs last enabled at (10918): [] wg_packet_decrypt_worker+0x210/0x3c0 [ 90.595766][ C0] softirqs last disabled at (10919): [] ____do_softirq+0x10/0x20 [ 90.596115][ C0] ---[ end trace 0000000000000000 ]--- 1970/01/01 00:01:31 building call list... [ 91.756625][ T27] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.048594][ T27] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.392728][ T27] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.544834][ T27] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 94.987689][ T27] device hsr_slave_0 left promiscuous mode [ 95.030763][ T27] device hsr_slave_1 left promiscuous mode [ 95.181865][ T27] device veth1_macvtap left promiscuous mode [ 95.183177][ T27] device veth0_macvtap left promiscuous mode [ 95.201707][ T27] device veth1_vlan left promiscuous mode [ 95.203207][ T27] device veth0_vlan left promiscuous mode executing program [ 97.935747][ T27] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 98.035153][ T27] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 98.463445][ T27] bond0 (unregistering): Released all slaves executing program executing program executing program [ 107.589695][ T2203] can: request_module (can-proto-0) failed. executing program [ 107.785757][ T2203] can: request_module (can-proto-0) failed. [ 107.918402][ T2203] can: request_module (can-proto-0) failed. executing program executing program [ 116.131382][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. executing program [ 117.597933][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 120.530441][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 120.536098][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. VM DIAGNOSIS: 14:08:54 Registers: info registers vcpu 0 PC=ffff80000b45be18 X00=ffff80000b45be10 X01=0000000000000000 X02=ffff000009224060 X03=1ffff00001bcbf6e X04=1fffe000012446d1 X05=ffff800010b675d0 X06=0000000000000001 X07=0000000000000004 X08=ffff800010b675d3 X09=dfff800000000000 X10=ffff70000216ceba X11=1ffff0000216ceba X12=ffff70000216cebb X13=0000000000000000 X14=1ffff0000216ce90 X15=ffff00006a9cbbc4 X16=ffff800009f2c5dc X17=ffff800009f2d8e0 X18=ffff00006a9cbb88 X19=ffff80000e071e30 X20=0000000000000000 X21=0000000000000003 X22=0000000000000028 X23=ffff80000e071ec0 X24=dfff800000000000 X25=ffff80000e071e00 X26=0000000000000004 X27=ffff80000e071e30 X28=ffff0000092240e0 X29=ffff800010b67550 X30=ffff800008392d88 SP=ffff800010b67550 PSTATE=600000c5 -ZC- EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=000063657363616d:007061747663616d Q02=0000000064252e30:322e30322e323731 Q03=ffff000000000000:ff00000000000000 Q04=ffffffff00000000:0000000000000000 Q05=4010000000000000:4000000000000000 Q06=4010040100100000:0000000000000000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=5510000050004000:5510000050004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff8000082a3ee4 X00=00000000000003c0 X01=00000000000003c0 X02=0000000000000000 X03=1fffe0000d53d589 X04=000000000cfc858b X05=0000000000000000 X06=00000000f3f3f3f3 X07=1fffe00002629825 X08=ffff00001314c128 X09=00000000000000a0 X10=ffff00001314c04c X11=0000000000000007 X12=1fffe00002629809 X13=0000000000000000 X14=1ffff00002156d5c X15=3a37327820313030 X16=3030656666663120 X17=3132383963313030 X18=00000000ea8986de X19=1ffff00002156d7a X20=ffff80000de06c48 X21=ffff80000de06c48 X22=ffff80005cbe4000 X23=0000000000000001 X24=ffff80000df4ed98 X25=0000000000000000 X26=0000000000000000 X27=ffff80000c90393c X28=ffff80000c991e40 X29=ffff800010ab6b50 X30=ffff8000082a3e94 SP=ffff800010ab6b40 PSTATE=100003c5 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=30253a3a30386566:000a2e6574656c70 Q02=388e9c6c4fa85ca0:0000000000007832 Q03=0000000000000000:ff00000000000000 Q04=0000000000000000:ffffffffffff0000 Q05=0010000000000000:4000000000000000 Q06=0000000000000000:4010040140100000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000555010004000:0000555010004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000