syzkaller login: [ 59.374110][ T2047] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 61.199919][ T2047] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 62.719239][ T2047] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:20261' (ECDSA) to the list of known hosts. 1970/01/01 00:01:09 fuzzer started 1970/01/01 00:01:12 connecting to host at localhost:40533 1970/01/01 00:01:12 checking machine... 1970/01/01 00:01:12 checking revisions... 1970/01/01 00:01:13 testing simple program... [ 74.447835][ T2207] cgroup: Unknown subsys name 'net' [ 74.850032][ T2207] cgroup: Unknown subsys name 'rlimit' executing program [ 78.556133][ T2210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.577272][ T2210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link executing program [ 80.244282][ T2210] device hsr_slave_0 entered promiscuous mode [ 80.304262][ T2210] device hsr_slave_1 entered promiscuous mode [ 81.405522][ T2210] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 81.461513][ T2210] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 81.515664][ T2210] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 81.579506][ T2210] netdevsim netdevsim0 netdevsim3: renamed from eth3 executing program [ 82.753611][ T2210] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.798981][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 82.815352][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.553385][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 83.556847][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.596860][ T1027] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 83.606309][ T1027] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 83.636023][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 83.683941][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 83.765952][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 83.770053][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 83.821972][ T2528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 83.826174][ T2528] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 83.865460][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 84.495382][ T2528] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 84.496635][ T2528] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready executing program [ 86.568300][ T2528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 86.578123][ T2528] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 87.535157][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 87.538830][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 87.555592][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 87.559619][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 87.610356][ T2210] device veth0_vlan entered promiscuous mode [ 87.680101][ T2210] device veth1_vlan entered promiscuous mode [ 87.856850][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 87.868522][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 87.898488][ T2210] device veth0_macvtap entered promiscuous mode executing program [ 87.931429][ T2210] device veth1_macvtap entered promiscuous mode [ 88.016522][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 88.020011][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 88.027735][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 88.033614][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 88.082082][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 88.085965][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 88.132243][ T2210] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.133088][ T2210] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.133432][ T2210] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.133765][ T2210] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.327850][ C1] ------------[ cut here ]------------ [ 88.328452][ C1] WARNING: CPU: 1 PID: 49 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 88.328840][ C1] Modules linked in: [ 88.329086][ C1] CPU: 1 PID: 49 Comm: kworker/u4:2 Tainted: G W 6.0.0-syzkaller-11414-g49da07006239 #0 [ 88.329386][ C1] Hardware name: linux,dummy-virt (DT) [ 88.329746][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 88.330064][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 88.330290][ C1] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 88.330857][ C1] lr : wg_packet_receive+0x978/0x1560 [ 88.331456][ C1] sp : ffff800010ab7480 [ 88.331702][ C1] x29: ffff800010ab7480 x28: 0000000000000001 x27: 1fffe000025ff219 [ 88.332343][ C1] x26: 0000000000000000 x25: ffff80000de5c000 x24: 0000000000000000 [ 88.332693][ C1] x23: 0000000000000003 x22: ffff80000de5cb68 x21: 0000000000000001 [ 88.333043][ C1] x20: ffff000012ff90c8 x19: ffff80000de5cd50 x18: 000000001aac4d50 [ 88.333416][ C1] x17: ffff80005cbe4000 x16: ffff800010ab8000 x15: ffff000013cc1b68 [ 88.333811][ C1] x14: 1ffff00002156e68 x13: 0000000000000000 x12: ffff6000025ff291 [ 88.334198][ C1] x11: 1fffe000025ff290 x10: ffff6000025ff290 x9 : dfff800000000000 [ 88.334619][ C1] x8 : ffff000012ff9483 x7 : 00009ffffda00d70 x6 : 0000000000000001 [ 88.335035][ C1] x5 : ffff000012ff9480 x4 : ffff700001bcb9aa x3 : dfff800000000000 [ 88.335470][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 88.335879][ C1] Call trace: [ 88.336065][ C1] wg_cpumask_next_online+0x1c0/0x2c0 [ 88.336288][ C1] wg_packet_receive+0x978/0x1560 [ 88.336501][ C1] wg_receive+0x58/0xb0 [ 88.336697][ C1] udpv6_queue_rcv_one_skb+0x8f4/0x17c0 [ 88.336926][ C1] udpv6_queue_rcv_skb+0x134/0x7e0 [ 88.337136][ C1] udp6_unicast_rcv_skb+0xe8/0x270 [ 88.337356][ C1] __udp6_lib_rcv+0x8a4/0x2330 [ 88.337560][ C1] udpv6_rcv+0x1c/0x2c [ 88.337757][ C1] ip6_protocol_deliver_rcu+0x154/0x14f0 [ 88.338018][ C1] ip6_input_finish+0x108/0x220 [ 88.338243][ C1] ip6_input+0xbc/0x2b0 [ 88.338443][ C1] ipv6_rcv+0x39c/0x47c [ 88.338642][ C1] __netif_receive_skb_one_core+0xf4/0x170 [ 88.338866][ C1] __netif_receive_skb+0x24/0x184 [ 88.339079][ C1] process_backlog+0x24c/0x6b0 [ 88.339346][ C1] __napi_poll+0x94/0x3a4 [ 88.339546][ C1] net_rx_action+0x78c/0xb60 [ 88.339747][ C1] _stext+0x28c/0x107c [ 88.339949][ C1] ____do_softirq+0x10/0x20 [ 88.340153][ C1] call_on_irq_stack+0x2c/0x54 [ 88.340380][ C1] do_softirq_own_stack+0x1c/0x30 [ 88.340629][ C1] do_softirq.part.0+0xd0/0xf4 [ 88.340902][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 88.341128][ C1] _raw_read_unlock_bh+0x54/0x64 [ 88.341350][ C1] wg_socket_send_skb_to_peer+0xf0/0x190 [ 88.341564][ C1] wg_socket_send_buffer_to_peer+0x110/0x160 [ 88.341799][ C1] wg_packet_send_handshake_initiation+0x1a8/0x274 [ 88.342033][ C1] wg_packet_handshake_send_worker+0x1c/0x34 [ 88.342264][ C1] process_one_work+0x780/0x184c [ 88.342472][ C1] worker_thread+0x3cc/0xc40 [ 88.342672][ C1] kthread+0x23c/0x2a0 [ 88.342878][ C1] ret_from_fork+0x10/0x20 [ 88.343096][ C1] irq event stamp: 92157 [ 88.343345][ C1] hardirqs last enabled at (92156): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 88.343631][ C1] hardirqs last disabled at (92157): [] el1_dbg+0x24/0x80 [ 88.343889][ C1] softirqs last enabled at (92148): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 88.344258][ C1] softirqs last disabled at (92149): [] ____do_softirq+0x10/0x20 [ 88.344531][ C1] ---[ end trace 0000000000000000 ]--- [ 88.390071][ C1] ------------[ cut here ]------------ [ 88.390781][ C1] WARNING: CPU: 1 PID: 2551 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 88.391277][ C1] Modules linked in: [ 88.391573][ C1] CPU: 1 PID: 2551 Comm: kworker/1:4 Tainted: G W 6.0.0-syzkaller-11414-g49da07006239 #0 [ 88.391901][ C1] Hardware name: linux,dummy-virt (DT) [ 88.392143][ C1] Workqueue: wg-crypt-wg0 wg_packet_decrypt_worker [ 88.392536][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 88.392793][ C1] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 88.393023][ C1] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 88.393260][ C1] sp : ffff800010ab7960 [ 88.393445][ C1] x29: ffff800010ab7960 x28: ffff000013594000 x27: 0000000000000001 [ 88.393811][ C1] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe000025ae546 [ 88.394175][ C1] x23: ffff000012d72a28 x22: ffff80000de5cd50 x21: ffff00000f930960 [ 88.394518][ C1] x20: ffff000012d72a00 x19: ffff000012ff8c40 x18: ffff00006a9cbb88 [ 88.394906][ C1] x17: ffff80005cbe4000 x16: ffff800010ab8000 x15: 0000000000008000 [ 88.395333][ C1] x14: 1ffff00002156efa x13: 1fffe00001eeeb83 x12: ffff600001f2612e [ 88.395721][ C1] x11: ffff700001bcb9aa x10: dfff800000000000 x9 : 0000000000000003 [ 88.396111][ C1] x8 : ffff80000de5c000 x7 : 1fffe000025ff1b9 x6 : 0000000000000000 [ 88.396458][ C1] x5 : ffff000012ff8dc8 x4 : ffff80000de5cb68 x3 : ffff800009f2b1f4 [ 88.396811][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 88.397172][ C1] Call trace: [ 88.397345][ C1] wg_packet_send_staged_packets+0xe38/0x1380 [ 88.397705][ C1] wg_packet_rx_poll+0xd94/0x1580 [ 88.397933][ C1] __napi_poll+0x94/0x3a4 [ 88.398155][ C1] net_rx_action+0x78c/0xb60 [ 88.398361][ C1] _stext+0x28c/0x107c [ 88.398561][ C1] ____do_softirq+0x10/0x20 [ 88.398763][ C1] call_on_irq_stack+0x2c/0x54 [ 88.398967][ C1] do_softirq_own_stack+0x1c/0x30 [ 88.399209][ C1] do_softirq.part.0+0xd0/0xf4 [ 88.399606][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 88.399998][ C1] _raw_spin_unlock_bh+0x54/0x64 [ 88.400307][ C1] wg_packet_decrypt_worker+0x210/0x3c0 [ 88.400695][ C1] process_one_work+0x780/0x184c [ 88.400916][ C1] worker_thread+0x3cc/0xc40 [ 88.401190][ C1] kthread+0x23c/0x2a0 [ 88.401393][ C1] ret_from_fork+0x10/0x20 [ 88.401702][ C1] irq event stamp: 1119 [ 88.402001][ C1] hardirqs last enabled at (1118): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 88.402604][ C1] hardirqs last disabled at (1119): [] el1_dbg+0x24/0x80 [ 88.403020][ C1] softirqs last enabled at (1096): [] wg_packet_decrypt_worker+0x210/0x3c0 [ 88.403409][ C1] softirqs last disabled at (1097): [] ____do_softirq+0x10/0x20 [ 88.403691][ C1] ---[ end trace 0000000000000000 ]--- 1970/01/01 00:01:28 building call list... [ 89.570071][ T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.858140][ T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.061213][ T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.274522][ T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 92.378259][ T49] device hsr_slave_0 left promiscuous mode [ 92.424297][ T49] device hsr_slave_1 left promiscuous mode [ 92.593703][ T49] device veth1_macvtap left promiscuous mode [ 92.595304][ T49] device veth0_macvtap left promiscuous mode [ 92.597060][ T49] device veth1_vlan left promiscuous mode [ 92.599504][ T49] device veth0_vlan left promiscuous mode executing program [ 94.367423][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 94.497134][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 94.937110][ T49] bond0 (unregistering): Released all slaves executing program executing program executing program [ 104.467279][ T2201] can: request_module (can-proto-0) failed. [ 104.696715][ T2201] can: request_module (can-proto-0) failed. [ 104.804542][ T2201] can: request_module (can-proto-0) failed. executing program executing program executing program [ 116.588092][ T2047] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 116.596282][ T2047] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 116.600149][ T2047] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 116.608402][ T2047] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. VM DIAGNOSIS: 14:13:57 Registers: info registers vcpu 0 PC=ffff8000082a36e4 X00=00000000000000c0 X01=00000000000000c0 X02=0000000000000000 X03=1fffe0000d539789 X04=0000000000000000 X05=ffff80000f3d4280 X06=0000000000000001 X07=0000000000000004 X08=ffff80000f3d4280 X09=dfff800000000000 X10=ffff700001e7a850 X11=1ffff00001e7a850 X12=ffff700001e7a851 X13=1ffff00002648df8 X14=1ffff00002648e7a X15=ffff8000081b4cc4 X16=ffff800009f2cb3c X17=ffff800009f2de40 X18=ffff00006a9eab88 X19=1ffff00002648e98 X20=ffff80000de06c48 X21=ffff80000de06c48 X22=ffff80005cbc5000 X23=0000000000000001 X24=ffff00006a9eab88 X25=0000000000000000 X26=0000000000000000 X27=ffff8000082853c8 X28=ffff80000c991f40 X29=ffff800013247440 X30=ffff8000082a3694 SP=ffff800013247430 PSTATE=100000c5 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=000063657363616d:007061747663616d Q02=0000000064252e30:322e30322e323731 Q03=ffff000000000000:ff00000000000000 Q04=ffffffff00000000:0000000000000000 Q05=4010000000000000:4000000000000000 Q06=4010040100100000:0000000000000000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=5510000050004000:5510000050004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff800008292b5c X00=00000000000003c0 X01=00000000000003c0 X02=0000000000000003 X03=1fffe000014d46d1 X04=00000000f204f1f1 X05=ffff700002156d8a X06=dfff800000000000 X07=00000000f1f1f1f1 X08=ffff800010ab6a77 X09=dfff800000000000 X10=ffff700002156d4e X11=1ffff00002156d4e X12=ffff700002156d4f X13=1fffe000014d4825 X14=1ffff00002156d82 X15=ffff80000f2b6040 X16=0000000000000007 X17=0000000000000000 X18=000000001aac4d50 X19=0000000000000000 X20=ffff00000a6a4108 X21=ffff80000e03cb00 X22=0000000000000028 X23=ffff00000a6a4068 X24=ffff80000de06c48 X25=ffff80000c991f40 X26=00000000ffffffff X27=00000000000003c0 X28=ffff00000a6a3680 X29=ffff800010ab6b60 X30=ffff80000c8ee514 SP=ffff800010ab6b60 PSTATE=100003c5 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=30253a3a30386566:000a2e6574656c70 Q02=388e9c6c4fa85ca0:0000000000007832 Q03=0000000000000000:ff00000000000000 Q04=0000000000000000:ffffffffffff0000 Q05=0010000000000000:4000000000000000 Q06=0000000000000000:4010040140100000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000555010004000:0000555010004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000