syzkaller login: [ 104.938901][ T2052] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 104.968207][ T2052] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 104.997322][ T2052] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:48598' (ECDSA) to the list of known hosts. 1970/01/01 00:02:02 fuzzer started 1970/01/01 00:02:08 connecting to host at localhost:36267 1970/01/01 00:02:08 checking machine... 1970/01/01 00:02:08 checking revisions... 1970/01/01 00:02:10 testing simple program... [ 131.231858][ T2212] cgroup: Unknown subsys name 'net' [ 131.716870][ T2212] cgroup: Unknown subsys name 'rlimit' executing program executing program executing program [ 137.845675][ T2214] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 137.882096][ T2214] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 140.400709][ T2214] device hsr_slave_0 entered promiscuous mode [ 140.450976][ T2214] device hsr_slave_1 entered promiscuous mode executing program [ 142.385452][ T2214] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 142.466203][ T2214] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 142.549102][ T2214] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 142.639471][ T2214] netdevsim netdevsim0 netdevsim3: renamed from eth3 executing program [ 144.814726][ T2214] 8021q: adding VLAN 0 to HW filter on device bond0 [ 144.929067][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 144.958127][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 146.329497][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 146.335807][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 146.407434][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 146.411313][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 146.476186][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 146.533018][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 146.649764][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 146.661429][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 146.708533][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 146.716336][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready executing program [ 146.796417][ T2214] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 147.819163][ T2532] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 147.821053][ T2532] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready executing program [ 150.486889][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 150.498321][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 151.908007][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 151.935086][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 151.969701][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 151.981027][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 152.020495][ T2214] device veth0_vlan entered promiscuous mode [ 152.150682][ T2214] device veth1_vlan entered promiscuous mode [ 152.438864][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 152.455097][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 152.496507][ T2214] device veth0_macvtap entered promiscuous mode [ 152.580082][ T2214] device veth1_macvtap entered promiscuous mode executing program [ 152.786088][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 152.801584][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 152.809886][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 152.826105][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 152.914022][ T2532] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 152.918793][ T2532] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 152.995652][ T2214] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.996646][ T2214] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.997044][ T2214] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.997428][ T2214] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.373037][ C1] ------------[ cut here ]------------ [ 153.373675][ C1] WARNING: CPU: 1 PID: 27 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 153.374185][ C1] Modules linked in: [ 153.374435][ C1] CPU: 1 PID: 27 Comm: kworker/u4:1 Tainted: G W 6.0.0-syzkaller-11658-ga185a0995518 #0 [ 153.374691][ C1] Hardware name: linux,dummy-virt (DT) [ 153.375077][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 153.375399][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 153.375714][ C1] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 153.376034][ C1] lr : wg_packet_receive+0x978/0x1560 [ 153.376761][ C1] sp : ffff800010ab7440 [ 153.377755][ C1] x29: ffff800010ab7440 x28: 0000000000000001 x27: 1fffe00001437219 [ 153.378662][ C1] x26: 0000000000000000 x25: ffff80000de5c000 x24: 0000000000000000 [ 153.379480][ C1] x23: 0000000000000003 x22: ffff80000de5cb68 x21: 0000000000000001 [ 153.381231][ C1] x20: ffff00000a1b90c8 x19: ffff80000de5cd50 x18: ffff000010b67bf8 [ 153.383764][ C1] x17: 1fffe000013b980c x16: 1fffe0000216cf6f x15: ffff000010b67b80 [ 153.386136][ C1] x14: 1ffff00002156e60 x13: 0000000000000000 x12: ffff600001437291 [ 153.388790][ C1] x11: 1fffe00001437290 x10: ffff600001437290 x9 : dfff800000000000 [ 153.391496][ C1] x8 : ffff00000a1b9483 x7 : 00009ffffebc8d70 x6 : 0000000000000001 [ 153.394180][ C1] x5 : ffff00000a1b9480 x4 : ffff700001bcb9aa x3 : dfff800000000000 [ 153.397111][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 153.399045][ C1] Call trace: [ 153.399337][ C1] wg_cpumask_next_online+0x1c0/0x2c0 [ 153.399739][ C1] wg_packet_receive+0x978/0x1560 [ 153.400091][ C1] wg_receive+0x58/0xb0 [ 153.400451][ C1] udp_queue_rcv_one_skb+0x820/0x1a8c [ 153.400836][ C1] udp_queue_rcv_skb+0x134/0x7e0 [ 153.401206][ C1] udp_unicast_rcv_skb+0xe8/0x2e0 [ 153.402516][ C1] __udp4_lib_rcv+0xcf0/0x31b0 [ 153.404221][ C1] udp_rcv+0x20/0x30 [ 153.405489][ C1] ip_protocol_deliver_rcu+0xbc/0x634 [ 153.406814][ C1] ip_local_deliver_finish+0x248/0x3ac [ 153.408110][ C1] ip_local_deliver+0x16c/0x384 [ 153.409288][ C1] ip_rcv_finish+0x144/0x224 [ 153.410088][ C1] ip_rcv+0xc0/0x2b0 [ 153.410467][ C1] __netif_receive_skb_one_core+0xf4/0x170 [ 153.410889][ C1] __netif_receive_skb+0x24/0x184 [ 153.411294][ C1] process_backlog+0x24c/0x6b0 [ 153.411668][ C1] __napi_poll+0x94/0x3a4 [ 153.412029][ C1] net_rx_action+0x78c/0xb60 [ 153.412578][ C1] _stext+0x28c/0x107c [ 153.412967][ C1] ____do_softirq+0x10/0x20 [ 153.413327][ C1] call_on_irq_stack+0x2c/0x54 [ 153.413701][ C1] do_softirq_own_stack+0x1c/0x30 [ 153.414057][ C1] do_softirq.part.0+0xd0/0xf4 [ 153.414472][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 153.414839][ C1] _raw_read_unlock_bh+0x54/0x64 [ 153.415279][ C1] wg_socket_send_skb_to_peer+0xf0/0x190 [ 153.415670][ C1] wg_socket_send_buffer_to_peer+0x110/0x160 [ 153.416058][ C1] wg_packet_send_handshake_initiation+0x1a8/0x274 [ 153.416481][ C1] wg_packet_handshake_send_worker+0x1c/0x34 [ 153.416883][ C1] process_one_work+0x780/0x184c [ 153.417331][ C1] worker_thread+0x3cc/0xc40 [ 153.417704][ C1] kthread+0x23c/0x2a0 [ 153.418059][ C1] ret_from_fork+0x10/0x20 [ 153.418468][ C1] irq event stamp: 117819 [ 153.418788][ C1] hardirqs last enabled at (117818): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 153.419379][ C1] hardirqs last disabled at (117819): [] el1_dbg+0x24/0x80 [ 153.419884][ C1] softirqs last enabled at (117808): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 153.420489][ C1] softirqs last disabled at (117809): [] ____do_softirq+0x10/0x20 [ 153.421037][ C1] ---[ end trace 0000000000000000 ]--- [ 153.497877][ C1] ------------[ cut here ]------------ [ 153.498737][ C1] WARNING: CPU: 1 PID: 21 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 153.499486][ C1] Modules linked in: [ 153.499908][ C1] CPU: 1 PID: 21 Comm: kworker/1:0 Tainted: G W 6.0.0-syzkaller-11658-ga185a0995518 #0 [ 153.500373][ C1] Hardware name: linux,dummy-virt (DT) [ 153.500716][ C1] Workqueue: wg-crypt-wg0 wg_packet_decrypt_worker [ 153.501159][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 153.501555][ C1] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 153.501919][ C1] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 153.502412][ C1] sp : ffff800010ab7960 [ 153.502758][ C1] x29: ffff800010ab7960 x28: ffff00000fc1d000 x27: 0000000000000001 [ 153.503439][ C1] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe00001c012f6 [ 153.504030][ C1] x23: ffff00000e0097a8 x22: ffff80000de5cd50 x21: ffff00000eb50960 [ 153.504614][ C1] x20: ffff00000e009780 x19: ffff000009b50c40 x18: ffff00006a9eab88 [ 153.505166][ C1] x17: ffff80005cbe4000 x16: ffff800010ab8000 x15: 0000000000008000 [ 153.505722][ C1] x14: 1ffff00002156efa x13: 1fffe0000125b4b3 x12: ffff600001d6a12e [ 153.506138][ C1] x11: ffff700001bcb9aa x10: dfff800000000000 x9 : 0000000000000003 [ 153.506553][ C1] x8 : ffff80000de5c000 x7 : 1fffe0000136a1b9 x6 : 0000000000000000 [ 153.506987][ C1] x5 : ffff000009b50dc8 x4 : ffff80000de5cb68 x3 : ffff800009f2c124 [ 153.507427][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 153.507875][ C1] Call trace: [ 153.508115][ C1] wg_packet_send_staged_packets+0xe38/0x1380 [ 153.508465][ C1] wg_packet_rx_poll+0xd94/0x1580 [ 153.508763][ C1] __napi_poll+0x94/0x3a4 [ 153.509056][ C1] net_rx_action+0x78c/0xb60 [ 153.509375][ C1] _stext+0x28c/0x107c [ 153.509679][ C1] ____do_softirq+0x10/0x20 [ 153.509972][ C1] call_on_irq_stack+0x2c/0x54 [ 153.510301][ C1] do_softirq_own_stack+0x1c/0x30 [ 153.511131][ C1] do_softirq.part.0+0xd0/0xf4 [ 153.511750][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 153.512157][ C1] _raw_spin_unlock_bh+0x54/0x64 [ 153.512467][ C1] wg_packet_decrypt_worker+0x210/0x3c0 [ 153.512852][ C1] process_one_work+0x780/0x184c [ 153.513165][ C1] worker_thread+0x3cc/0xc40 [ 153.513445][ C1] kthread+0x23c/0x2a0 [ 153.513788][ C1] ret_from_fork+0x10/0x20 [ 153.514202][ C1] irq event stamp: 11253 [ 153.514662][ C1] hardirqs last enabled at (11252): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 153.515347][ C1] hardirqs last disabled at (11253): [] el1_dbg+0x24/0x80 [ 153.515762][ C1] softirqs last enabled at (11230): [] wg_packet_decrypt_worker+0x210/0x3c0 [ 153.516173][ C1] softirqs last disabled at (11231): [] ____do_softirq+0x10/0x20 [ 153.516606][ C1] ---[ end trace 0000000000000000 ]--- 1970/01/01 00:02:34 building call list... [ 155.365448][ T27] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.685154][ T27] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 155.927057][ T27] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.196084][ T27] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 159.394116][ T27] device hsr_slave_0 left promiscuous mode [ 159.447382][ T27] device hsr_slave_1 left promiscuous mode [ 159.685420][ T27] device veth1_macvtap left promiscuous mode [ 159.687443][ T27] device veth0_macvtap left promiscuous mode [ 159.690532][ T27] device veth1_vlan left promiscuous mode [ 159.716768][ T27] device veth0_vlan left promiscuous mode executing program [ 163.540482][ T27] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 163.735923][ T27] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 164.866273][ T27] bond0 (unregistering): Released all slaves executing program executing program executing program executing program executing program VM DIAGNOSIS: 23:22:26 Registers: info registers vcpu 0 PC=ffff80000c912060 X00=fffeffffffffffff X01=0000000000000000 X02=1fffe00001350369 X03=1fffe0000d539731 X04=ffff700002300dfc X05=00000000f2f2f200 X06=00000000f3f3f3f3 X07=1fffe000013504b3 X08=ffff000009a82598 X09=ffff80000f3d39c0 X10=ffff60000d53bc1a X11=1fffff7ffdff1ca0 X12=ffff7f7ffdff1ca1 X13=0000000000000000 X14=1ffff00002300e04 X15=0000000000000000 X16=0000000000000000 X17=0000000000000000 X18=ffff00006a9cbb88 X19=ffff80000de18000 X20=ffff000009a81b40 X21=ffff80000e03ca80 X22=0000000000000000 X23=ffff000009a82528 X24=ffff80000de06c48 X25=ffff00000a1476c0 X26=ffff000009a82520 X27=ffff000009a81b40 X28=1fffe000013504a4 X29=ffff8000118072e0 X30=ffff800009fef38c SP=ffff800011807440 PSTATE=000000c5 ---- EL1h FPCR=00000000 FPSR=00000010 Q00=0000000000000000:0000000000000000 Q01=0000000000000000:414fffffe0000000 Q02=76a5873149fe4b49:9f25566548a1859a Q03=0000000040000000:0000000000000000 Q04=4010040140100401:4000000000000000 Q05=4010040140100401:4010040140100401 Q06=5555400000400000:5555400000400000 Q07=0000000000000000:0000000000000000 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000010:0000001bfad30430 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff8000082ca660 X00=00000000000003c0 X01=00000000000003c0 X02=0000000000000000 X03=ffff8000082ca5f4 X04=ffff700002156d69 X05=ffff800010ab6b40 X06=0000000000000001 X07=00008ffffdea9298 X08=ffff800010ab6b47 X09=dfff800000000000 X10=ffff700002156d68 X11=1ffff00002156d68 X12=ffff700002156d69 X13=3931323733343130 X14=000000000000000f X15=ffff80000f2b6840 X16=0000000000000007 X17=0000000000000000 X18=ffff000010b67bf8 X19=1ffff00002156d9f X20=ffff800010ab6cf0 X21=ffff800010ab6cf8 X22=40000000ffffe356 X23=ffff800010ab6b40 X24=1ffff00002156d64 X25=000000000000000d X26=00000000ffffe356 X27=00000000ffffe356 X28=ffff800010ab6cf0 X29=ffff800010ab6ac0 X30=ffff8000082ca5f4 SP=ffff800010ab6ac0 PSTATE=600003c5 -ZC- EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=0000000000000000:0000000000000000 Q02=0000000000000000:0000000000000000 Q03=0000000000000000:0000000000000000 Q04=0000000000000000:0000000000000000 Q05=0000000000000000:0000000000000000 Q06=0000000000000000:0000000000000000 Q07=0000000000000000:0000000000000000 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000