syzkaller login: [ 258.238169][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 258.299992][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 258.341578][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 267.565900][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:41049' (ECDSA) to the list of known hosts. 1970/01/01 00:05:29 fuzzer started 1970/01/01 00:05:45 dialing manager at localhost:43965 [ 350.829030][ T2032] cgroup: Unknown subsys name 'net' [ 351.927026][ T2032] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:05:51 syscalls: 2918 1970/01/01 00:05:51 code coverage: enabled 1970/01/01 00:05:51 comparison tracing: enabled 1970/01/01 00:05:51 extra coverage: enabled 1970/01/01 00:05:51 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:05:51 setuid sandbox: enabled 1970/01/01 00:05:51 namespace sandbox: enabled 1970/01/01 00:05:51 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:05:51 fault injection: enabled 1970/01/01 00:05:51 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:05:51 net packet injection: enabled 1970/01/01 00:05:51 net device setup: enabled 1970/01/01 00:05:51 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:05:51 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:05:51 NIC VF setup: PCI device 0000:00:11.0 is not available 1970/01/01 00:05:51 USB emulation: enabled 1970/01/01 00:05:51 hci packet injection: /dev/vhci does not exist 1970/01/01 00:05:51 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:05:51 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:05:52 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:05:57 fetching corpus: 50, signal 31672/34916 (executing program) 1970/01/01 00:06:00 fetching corpus: 100, signal 45059/49435 (executing program) 1970/01/01 00:06:04 fetching corpus: 150, signal 54402/59785 (executing program) 1970/01/01 00:06:07 fetching corpus: 200, signal 63091/69322 (executing program) 1970/01/01 00:06:09 fetching corpus: 249, signal 68729/75755 (executing program) 1970/01/01 00:06:14 fetching corpus: 299, signal 73065/80912 (executing program) 1970/01/01 00:06:17 fetching corpus: 349, signal 77357/85940 (executing program) 1970/01/01 00:06:20 fetching corpus: 397, signal 80316/89679 (executing program) 1970/01/01 00:06:22 fetching corpus: 447, signal 84364/94311 (executing program) 1970/01/01 00:06:25 fetching corpus: 497, signal 88274/98685 (executing program) 1970/01/01 00:06:27 fetching corpus: 545, signal 91965/102769 (executing program) 1970/01/01 00:06:32 fetching corpus: 593, signal 95832/106913 (executing program) 1970/01/01 00:06:36 fetching corpus: 643, signal 98635/110097 (executing program) 1970/01/01 00:06:39 fetching corpus: 693, signal 102029/113712 (executing program) 1970/01/01 00:06:42 fetching corpus: 743, signal 105009/116934 (executing program) 1970/01/01 00:06:47 fetching corpus: 793, signal 107069/119272 (executing program) 1970/01/01 00:06:49 fetching corpus: 843, signal 109857/122165 (executing program) 1970/01/01 00:06:52 fetching corpus: 893, signal 113283/125498 (executing program) 1970/01/01 00:06:55 fetching corpus: 943, signal 115585/127908 (executing program) 1970/01/01 00:06:58 fetching corpus: 992, signal 117274/129732 (executing program) 1970/01/01 00:07:00 fetching corpus: 1042, signal 119069/131657 (executing program) 1970/01/01 00:07:02 fetching corpus: 1090, signal 120730/133420 (executing program) 1970/01/01 00:07:05 fetching corpus: 1140, signal 122278/135016 (executing program) 1970/01/01 00:07:07 fetching corpus: 1189, signal 124014/136792 (executing program) 1970/01/01 00:07:10 fetching corpus: 1239, signal 125708/138439 (executing program) 1970/01/01 00:07:12 fetching corpus: 1288, signal 127660/140277 (executing program) 1970/01/01 00:07:15 fetching corpus: 1338, signal 129804/142211 (executing program) 1970/01/01 00:07:18 fetching corpus: 1387, signal 132436/144411 (executing program) 1970/01/01 00:07:20 fetching corpus: 1437, signal 134404/146084 (executing program) 1970/01/01 00:07:23 fetching corpus: 1487, signal 135862/147388 (executing program) 1970/01/01 00:07:25 fetching corpus: 1536, signal 137007/148455 (executing program) 1970/01/01 00:07:28 fetching corpus: 1585, signal 138244/149563 (executing program) 1970/01/01 00:07:31 fetching corpus: 1634, signal 139811/150828 (executing program) 1970/01/01 00:07:33 fetching corpus: 1683, signal 141229/151977 (executing program) 1970/01/01 00:07:36 fetching corpus: 1733, signal 142623/153077 (executing program) 1970/01/01 00:07:39 fetching corpus: 1783, signal 143785/154030 (executing program) 1970/01/01 00:07:42 fetching corpus: 1833, signal 145193/155118 (executing program) 1970/01/01 00:07:45 fetching corpus: 1883, signal 147028/156398 (executing program) 1970/01/01 00:07:49 fetching corpus: 1932, signal 148825/157591 (executing program) 1970/01/01 00:07:52 fetching corpus: 1982, signal 150336/158552 (executing program) 1970/01/01 00:07:55 fetching corpus: 2032, signal 151138/159138 (executing program) 1970/01/01 00:07:58 fetching corpus: 2082, signal 152244/159878 (executing program) 1970/01/01 00:08:00 fetching corpus: 2132, signal 153214/160505 (executing program) 1970/01/01 00:08:03 fetching corpus: 2182, signal 154404/161234 (executing program) 1970/01/01 00:08:05 fetching corpus: 2232, signal 155525/161892 (executing program) 1970/01/01 00:08:07 fetching corpus: 2281, signal 156509/162491 (executing program) 1970/01/01 00:08:10 fetching corpus: 2330, signal 157221/162967 (executing program) 1970/01/01 00:08:13 fetching corpus: 2379, signal 158232/163504 (executing program) 1970/01/01 00:08:15 fetching corpus: 2429, signal 159573/164152 (executing program) 1970/01/01 00:08:17 fetching corpus: 2479, signal 160624/164644 (executing program) 1970/01/01 00:08:20 fetching corpus: 2528, signal 161693/165114 (executing program) 1970/01/01 00:08:22 fetching corpus: 2578, signal 163084/165691 (executing program) 1970/01/01 00:08:25 fetching corpus: 2628, signal 163872/166037 (executing program) 1970/01/01 00:08:27 fetching corpus: 2667, signal 164772/166406 (executing program) 1970/01/01 00:08:27 fetching corpus: 2667, signal 164772/166447 (executing program) 1970/01/01 00:08:28 fetching corpus: 2667, signal 164772/166475 (executing program) 1970/01/01 00:08:28 fetching corpus: 2667, signal 164772/166508 (executing program) 1970/01/01 00:08:28 fetching corpus: 2667, signal 164775/166538 (executing program) 1970/01/01 00:08:28 fetching corpus: 2667, signal 164775/166577 (executing program) 1970/01/01 00:08:28 fetching corpus: 2667, signal 164775/166597 (executing program) 1970/01/01 00:08:28 fetching corpus: 2667, signal 164775/166636 (executing program) 1970/01/01 00:08:29 fetching corpus: 2667, signal 164775/166678 (executing program) 1970/01/01 00:08:29 fetching corpus: 2667, signal 164775/166702 (executing program) 1970/01/01 00:08:29 fetching corpus: 2667, signal 164775/166730 (executing program) 1970/01/01 00:08:29 fetching corpus: 2667, signal 164775/166765 (executing program) 1970/01/01 00:08:29 fetching corpus: 2667, signal 164775/166790 (executing program) 1970/01/01 00:08:29 fetching corpus: 2667, signal 164775/166818 (executing program) 1970/01/01 00:08:29 fetching corpus: 2667, signal 164775/166844 (executing program) 1970/01/01 00:08:29 fetching corpus: 2667, signal 164775/166875 (executing program) 1970/01/01 00:08:30 fetching corpus: 2667, signal 164775/166896 (executing program) 1970/01/01 00:08:30 fetching corpus: 2667, signal 164775/166925 (executing program) 1970/01/01 00:08:30 fetching corpus: 2667, signal 164775/166953 (executing program) 1970/01/01 00:08:30 fetching corpus: 2667, signal 164775/166980 (executing program) 1970/01/01 00:08:30 fetching corpus: 2667, signal 164775/167001 (executing program) 1970/01/01 00:08:30 fetching corpus: 2667, signal 164775/167027 (executing program) 1970/01/01 00:08:30 fetching corpus: 2667, signal 164775/167061 (executing program) 1970/01/01 00:08:31 fetching corpus: 2667, signal 164775/167099 (executing program) 1970/01/01 00:08:31 fetching corpus: 2667, signal 164775/167123 (executing program) 1970/01/01 00:08:31 fetching corpus: 2667, signal 164775/167151 (executing program) 1970/01/01 00:08:31 fetching corpus: 2667, signal 164775/167184 (executing program) 1970/01/01 00:08:31 fetching corpus: 2667, signal 164775/167212 (executing program) 1970/01/01 00:08:31 fetching corpus: 2667, signal 164775/167244 (executing program) 1970/01/01 00:08:31 fetching corpus: 2667, signal 164775/167260 (executing program) 1970/01/01 00:08:31 fetching corpus: 2667, signal 164775/167260 (executing program) 1970/01/01 00:10:36 starting 2 fuzzer processes 00:10:36 executing program 0: setreuid(0xee00, 0x0) r0 = getuid() setreuid(0xee00, r0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r1, 0x8983, &(0x7f0000000180)={0x6, 'pimreg1\x00'}) 00:10:36 executing program 1: r0 = socket$nl_audit(0x10, 0x3, 0x9) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000280)=0x18, 0x4) [ 655.937562][ T2040] Kernel panic - not syncing: corrupted stack end detected inside scheduler [ 655.944467][ T2040] CPU: 0 PID: 2040 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 655.948218][ T2040] Hardware name: riscv-virtio,qemu (DT) [ 655.949387][ T2040] Call Trace: [ 655.950350][ T2040] [] dump_backtrace+0x2e/0x3c [ 655.951742][ T2040] [] show_stack+0x34/0x40 [ 655.953273][ T2040] [] dump_stack_lvl+0xe4/0x150 [ 655.955102][ T2040] [] dump_stack+0x1c/0x24 [ 655.956365][ T2040] [] panic+0x24a/0x634 [ 655.957572][ T2040] [] schedule+0x0/0x14c [ 655.958778][ T2040] [] preempt_schedule_notrace+0x9c/0x19a [ 655.960066][ T2040] [] lock_release+0x3da/0x614 [ 655.961320][ T2040] [] fs_reclaim_acquire+0x8a/0xda [ 655.963159][ T2040] [] prepare_alloc_pages+0xe0/0x256 [ 655.964996][ T2040] [] __alloc_pages+0x100/0x3b6 [ 655.966291][ T2040] [] alloc_pages+0x132/0x2a6 [ 655.967597][ T2040] [] alloc_slab_page.constprop.0+0xc2/0xfa [ 655.968921][ T2040] [] new_slab+0x76/0x2cc [ 655.970150][ T2040] [] ___slab_alloc+0x56e/0x918 [ 655.971425][ T2040] [] __slab_alloc.constprop.0+0x50/0x8c [ 655.973388][ T2040] [] kmem_cache_alloc+0x39c/0x3de [ 655.975376][ T2040] [] __kernfs_new_node+0xfc/0x5f2 [ 655.976671][ T2040] [] kernfs_new_node+0x66/0xbe [ 655.977828][ T2040] [] __kernfs_create_file+0x4e/0x1e8 [ 655.979072][ T2040] [] sysfs_add_file_mode_ns+0x138/0x254 [ 655.980325][ T2040] [] internal_create_group+0x274/0x722 [ 655.981564][ T2040] [] internal_create_groups.part.0+0x64/0xe8 [ 655.983535][ T2040] [] sysfs_create_groups+0x2c/0x48 [ 655.985386][ T2040] [] device_add+0x656/0x129e [ 655.986651][ T2040] [] netdev_register_kobject+0xcc/0x208 [ 655.988045][ T2040] [] register_netdevice+0x8ee/0xc6a [ 655.989563][ T2040] [] wg_newlink+0x33c/0x57a [ 655.990716][ T2040] [] __rtnl_newlink+0xc16/0xfa0 [ 655.992048][ T2040] [] rtnl_newlink+0x60/0x8c [ 655.993884][ T2040] [] rtnetlink_rcv_msg+0x338/0x9a0 [ 655.995164][ T2040] [] netlink_rcv_skb+0xf8/0x2be [ 655.996320][ T2040] [] rtnetlink_rcv+0x26/0x30 [ 655.997414][ T2040] [] netlink_unicast+0x40e/0x5fe [ 655.998550][ T2040] [] netlink_sendmsg+0x4e0/0x994 [ 655.999701][ T2040] [] sock_sendmsg+0xa0/0xc4 [ 656.000906][ T2040] [] __sys_sendto+0x1f2/0x2e0 [ 656.002146][ T2040] [] sys_sendto+0x3e/0x52 [ 656.003788][ T2040] [] ret_from_syscall+0x0/0x2 [ 656.005432][ T2040] SMP: stopping secondary CPUs [ 656.008336][ T2040] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:09:57 Registers: info registers vcpu 0 pc ffffffff801165d6 mhartid 0000000000000000 mstatus 00000000000000a0 mip 00000000000002a0 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80475986 sepc ffffffff8010b26a mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff801165c2 x2/sp ffffaf800bb55dd0 x3/gp ffffffff85863ac0 x4/tp ffffaf80074048c0 x5/t0 ffffffff84a97de0 x6/t1 e997c55ff04f0a00 x7/t2 0000000000000000 x8/s0 ffffaf800bb55f30 x9/s1 ffffffff8343c840 x10/a0 ffffaf805a9c8840 x11/a1 0000000000000003 x12/a2 1ffff5f00b539108 x13/a3 ffffffff801165c2 x14/a4 0000000000000000 x15/a5 0000000000000020 x16/a6 0000000000f00000 x17/a7 ffffffff801073d4 x18/s2 ffffffff86c1a620 x19/s3 ffffaf805a9c8840 x20/s4 0000000000000000 x21/s5 ffffffff84a88678 x22/s6 0000000000000000 x23/s7 ffffaf80074048c0 x24/s8 ffffffff801073d4 x25/s9 ffffffff85889780 x26/s10 1ffff5f00176abc4 x27/s11 0000000000000000 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f00176aba0 x31/t6 ffffffff86bd8e3e f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff831a24bc mhartid 0000000000000001 mstatus 00000000000001a0 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff8000f97e sepc ffffffff831a185c mcause 0000000000000009 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff800dddd8 x2/sp ffffaf8007fdb8d0 x3/gp ffffffff85863ac0 x4/tp ffffaf8009599840 x5/t0 0000000000046000 x6/t1 e997c55ff04f0a00 x7/t2 ffffffffbbb5a487 x8/s0 ffffaf8007fdb930 x9/s1 ffffaf800959a288 x10/a0 0000000000000120 x11/a1 0000000000000002 x12/a2 0000000000000002 x13/a3 ffffffff831a264a x14/a4 0000000000000003 x15/a5 ffffaf805a9e4840 x16/a6 0000000000f00000 x17/a7 ffffffff800dddaa x18/s2 ffffaf805a9f5b10 x19/s3 0000000000208d98 x20/s4 ffffffff84b97b00 x21/s5 ffffaf8009599840 x22/s6 ffffffffffffffff x23/s7 0000000000000120 x24/s8 ffffffff86c1a620 x25/s9 0000000000000002 x26/s10 0000000000000001 x27/s11 ffffaf805a9f4d40 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f000ffb6d4 x31/t6 0000000000040000 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000