syzkaller login: [ 256.236040][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 265.434201][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 265.462620][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 265.485328][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:21119' (ECDSA) to the list of known hosts. 1970/01/01 00:05:42 fuzzer started 1970/01/01 00:05:54 dialing manager at localhost:45165 [ 360.636134][ T2026] cgroup: Unknown subsys name 'net' [ 361.554616][ T2026] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:06:01 syscalls: 2918 1970/01/01 00:06:01 code coverage: enabled 1970/01/01 00:06:01 comparison tracing: enabled 1970/01/01 00:06:01 extra coverage: ioctl(KCOV_DISABLE) failed: invalid argument 1970/01/01 00:06:01 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:06:01 setuid sandbox: enabled 1970/01/01 00:06:01 namespace sandbox: enabled 1970/01/01 00:06:01 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:06:01 fault injection: enabled 1970/01/01 00:06:01 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:06:01 net packet injection: enabled 1970/01/01 00:06:01 net device setup: enabled 1970/01/01 00:06:01 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:06:01 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:06:01 NIC VF setup: PCI device 0000:00:11.0 is not available 1970/01/01 00:06:01 USB emulation: enabled 1970/01/01 00:06:01 hci packet injection: /dev/vhci does not exist 1970/01/01 00:06:01 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:06:01 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:06:01 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:06:06 fetching corpus: 49, signal 30837/34078 (executing program) 1970/01/01 00:06:09 fetching corpus: 98, signal 42845/47236 (executing program) 1970/01/01 00:06:14 fetching corpus: 148, signal 54788/60101 (executing program) 1970/01/01 00:06:18 fetching corpus: 197, signal 62383/68581 (executing program) 1970/01/01 00:06:21 fetching corpus: 246, signal 68582/75554 (executing program) 1970/01/01 00:06:24 fetching corpus: 296, signal 74759/82378 (executing program) 1970/01/01 00:06:28 fetching corpus: 346, signal 81041/89085 (executing program) 1970/01/01 00:06:31 fetching corpus: 394, signal 85445/93959 (executing program) 1970/01/01 00:06:34 fetching corpus: 441, signal 88383/97467 (executing program) 1970/01/01 00:06:36 fetching corpus: 491, signal 91095/100751 (executing program) 1970/01/01 00:06:39 fetching corpus: 541, signal 93567/103731 (executing program) 1970/01/01 00:06:42 fetching corpus: 591, signal 95986/106611 (executing program) 1970/01/01 00:06:45 fetching corpus: 640, signal 97890/109037 (executing program) 1970/01/01 00:06:47 fetching corpus: 690, signal 100848/112271 (executing program) 1970/01/01 00:06:50 fetching corpus: 740, signal 102567/114420 (executing program) 1970/01/01 00:06:52 fetching corpus: 790, signal 104174/116385 (executing program) 1970/01/01 00:06:55 fetching corpus: 839, signal 106469/118913 (executing program) 1970/01/01 00:06:59 fetching corpus: 889, signal 108811/121432 (executing program) 1970/01/01 00:07:01 fetching corpus: 938, signal 111392/124034 (executing program) 1970/01/01 00:07:04 fetching corpus: 988, signal 114044/126594 (executing program) 1970/01/01 00:07:07 fetching corpus: 1038, signal 116017/128644 (executing program) 1970/01/01 00:07:10 fetching corpus: 1088, signal 118159/130765 (executing program) 1970/01/01 00:07:12 fetching corpus: 1138, signal 119163/132040 (executing program) 1970/01/01 00:07:14 fetching corpus: 1187, signal 121079/133893 (executing program) 1970/01/01 00:07:16 fetching corpus: 1236, signal 122790/135620 (executing program) 1970/01/01 00:07:19 fetching corpus: 1286, signal 124303/137156 (executing program) 1970/01/01 00:07:22 fetching corpus: 1335, signal 125359/138307 (executing program) 1970/01/01 00:07:25 fetching corpus: 1384, signal 126684/139646 (executing program) 1970/01/01 00:07:28 fetching corpus: 1434, signal 128210/141028 (executing program) 1970/01/01 00:07:29 fetching corpus: 1483, signal 129544/142311 (executing program) 1970/01/01 00:07:32 fetching corpus: 1533, signal 132090/144221 (executing program) 1970/01/01 00:07:35 fetching corpus: 1582, signal 133792/145621 (executing program) 1970/01/01 00:07:38 fetching corpus: 1631, signal 135097/146768 (executing program) 1970/01/01 00:07:43 fetching corpus: 1680, signal 136566/147989 (executing program) 1970/01/01 00:07:46 fetching corpus: 1729, signal 137917/149104 (executing program) 1970/01/01 00:07:50 fetching corpus: 1777, signal 139381/150233 (executing program) 1970/01/01 00:07:53 fetching corpus: 1827, signal 140745/151268 (executing program) 1970/01/01 00:07:56 fetching corpus: 1876, signal 142012/152242 (executing program) 1970/01/01 00:07:59 fetching corpus: 1926, signal 143300/153124 (executing program) 1970/01/01 00:08:01 fetching corpus: 1976, signal 144651/154081 (executing program) 1970/01/01 00:08:04 fetching corpus: 2025, signal 146423/155140 (executing program) 1970/01/01 00:08:06 fetching corpus: 2075, signal 147671/155935 (executing program) 1970/01/01 00:08:09 fetching corpus: 2125, signal 148525/156555 (executing program) 1970/01/01 00:08:11 fetching corpus: 2174, signal 149445/157165 (executing program) 1970/01/01 00:08:14 fetching corpus: 2223, signal 150418/157775 (executing program) 1970/01/01 00:08:17 fetching corpus: 2273, signal 151436/158372 (executing program) 1970/01/01 00:08:19 fetching corpus: 2323, signal 152718/159024 (executing program) 1970/01/01 00:08:23 fetching corpus: 2371, signal 154404/159840 (executing program) 1970/01/01 00:08:25 fetching corpus: 2421, signal 155177/160253 (executing program) 1970/01/01 00:08:28 fetching corpus: 2470, signal 156536/160843 (executing program) 1970/01/01 00:08:32 fetching corpus: 2520, signal 158854/161753 (executing program) 1970/01/01 00:08:34 fetching corpus: 2568, signal 159698/162104 (executing program) 1970/01/01 00:08:38 fetching corpus: 2617, signal 160385/162394 (executing program) 1970/01/01 00:08:38 fetching corpus: 2617, signal 160393/162450 (executing program) 1970/01/01 00:08:38 fetching corpus: 2617, signal 160393/162503 (executing program) 1970/01/01 00:08:38 fetching corpus: 2617, signal 160393/162531 (executing program) 1970/01/01 00:08:39 fetching corpus: 2617, signal 160393/162584 (executing program) 1970/01/01 00:08:39 fetching corpus: 2617, signal 160393/162651 (executing program) 1970/01/01 00:08:39 fetching corpus: 2617, signal 160393/162688 (executing program) 1970/01/01 00:08:39 fetching corpus: 2617, signal 160393/162747 (executing program) 1970/01/01 00:08:39 fetching corpus: 2617, signal 160395/162779 (executing program) 1970/01/01 00:08:40 fetching corpus: 2617, signal 160395/162813 (executing program) 1970/01/01 00:08:40 fetching corpus: 2617, signal 160395/162870 (executing program) 1970/01/01 00:08:40 fetching corpus: 2617, signal 160395/162921 (executing program) 1970/01/01 00:08:40 fetching corpus: 2617, signal 160395/162983 (executing program) 1970/01/01 00:08:40 fetching corpus: 2617, signal 160395/163027 (executing program) 1970/01/01 00:08:40 fetching corpus: 2617, signal 160397/163068 (executing program) 1970/01/01 00:08:41 fetching corpus: 2617, signal 160397/163106 (executing program) 1970/01/01 00:08:41 fetching corpus: 2617, signal 160397/163152 (executing program) 1970/01/01 00:08:41 fetching corpus: 2617, signal 160397/163199 (executing program) 1970/01/01 00:08:41 fetching corpus: 2617, signal 160397/163240 (executing program) 1970/01/01 00:08:41 fetching corpus: 2617, signal 160397/163295 (executing program) 1970/01/01 00:08:41 fetching corpus: 2617, signal 160397/163334 (executing program) 1970/01/01 00:08:41 fetching corpus: 2617, signal 160397/163368 (executing program) 1970/01/01 00:08:41 fetching corpus: 2617, signal 160397/163416 (executing program) 1970/01/01 00:08:42 fetching corpus: 2618, signal 160594/163480 (executing program) 1970/01/01 00:08:42 fetching corpus: 2618, signal 160594/163514 (executing program) 1970/01/01 00:08:42 fetching corpus: 2619, signal 160595/163549 (executing program) 1970/01/01 00:08:42 fetching corpus: 2619, signal 160595/163578 (executing program) 1970/01/01 00:08:42 fetching corpus: 2619, signal 160595/163610 (executing program) 1970/01/01 00:08:42 fetching corpus: 2619, signal 160595/163649 (executing program) 1970/01/01 00:08:43 fetching corpus: 2619, signal 160595/163649 (executing program) 1970/01/01 00:10:46 starting 2 fuzzer processes 00:10:46 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x4042, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendfile(r1, r0, 0x0, 0x7fffffff) 00:10:46 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000940)={0x30, r1, 0x40d, 0x0, 0x0, {}, [@WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x30}}, 0x0) [ 674.474933][ T2039] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 674.683323][ T2039] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 674.927811][ T2039] Kernel panic - not syncing: corrupted stack end detected inside scheduler [ 674.934168][ T2039] CPU: 0 PID: 2039 Comm: syz-executor.0 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 674.937607][ T2039] Hardware name: riscv-virtio,qemu (DT) [ 674.939127][ T2039] Call Trace: [ 674.940230][ T2039] [] dump_backtrace+0x2e/0x3c [ 674.943189][ T2039] [] show_stack+0x34/0x40 [ 674.944618][ T2039] [] dump_stack_lvl+0xe4/0x150 [ 674.946021][ T2039] [] dump_stack+0x1c/0x24 [ 674.947382][ T2039] [] panic+0x24a/0x634 [ 674.948622][ T2039] [] schedule+0x0/0x14c [ 674.949959][ T2039] [] preempt_schedule_common+0x4e/0xde [ 674.951877][ T2039] [] preempt_schedule+0x34/0x36 [ 674.954234][ T2039] [] _raw_spin_unlock_irqrestore+0x8c/0x98 [ 674.955673][ T2039] [] ref_tracker_alloc+0x1fa/0x33e [ 674.957290][ T2039] [] neigh_parms_alloc+0x15a/0x38a [ 674.958609][ T2039] [] ipv6_add_dev+0x20c/0xa7e [ 674.959873][ T2039] [] addrconf_notify+0x5e8/0x1360 [ 674.961520][ T2039] [] notifier_call_chain+0xb8/0x188 [ 674.964027][ T2039] [] raw_notifier_call_chain+0x2a/0x38 [ 674.966517][ T2039] [] call_netdevice_notifiers_info+0x9e/0x10c [ 674.969028][ T2039] [] register_netdevice+0xae8/0xc6a [ 674.974941][ T2039] [] veth_newlink+0x30e/0x7dc [ 674.977756][ T2039] [] __rtnl_newlink+0xc16/0xfa0 [ 674.979228][ T2039] [] rtnl_newlink+0x60/0x8c [ 674.981428][ T2039] [] rtnetlink_rcv_msg+0x338/0x9a0 [ 674.983154][ T2039] [] netlink_rcv_skb+0xf8/0x2be [ 674.984205][ T2039] [] rtnetlink_rcv+0x26/0x30 [ 674.985143][ T2039] [] netlink_unicast+0x40e/0x5fe [ 674.986083][ T2039] [] netlink_sendmsg+0x4e0/0x994 [ 674.986994][ T2039] [] sock_sendmsg+0xa0/0xc4 [ 674.987960][ T2039] [] __sys_sendto+0x1f2/0x2e0 [ 674.988841][ T2039] [] sys_sendto+0x3e/0x52 [ 674.989775][ T2039] [] ret_from_syscall+0x0/0x2 [ 674.991294][ T2039] SMP: stopping secondary CPUs [ 674.994133][ T2039] Rebooting in 86400 seconds.. VM DIAGNOSIS: 19:40:11 Registers: info registers vcpu 0 pc ffffffff80c2de3e mhartid 0000000000000000 mstatus 00000000000000a0 mip 00000000000000a2 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80475986 sepc ffffffff831afd22 mcause 8000000000000007 scause 8000000000000009 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff80c2de3e x2/sp ffffaf80219261a0 x3/gp ffffffff85863ac0 x4/tp ffffaf800b1148c0 x5/t0 ffffffff86bcb657 x6/t1 fffff5ef04324c48 x7/t2 0000000000000000 x8/s0 ffffaf80219261d0 x9/s1 0000000000000002 x10/a0 ffffaf8021926240 x11/a1 00000000000f0000 x12/a2 0000000000000002 x13/a3 ffffffff80c2de3e x14/a4 ffffaf800b1158c0 x15/a5 0000000000000000 x16/a6 0000000000f00000 x17/a7 ffffaf8021926247 x18/s2 ffffaf8021926240 x19/s3 ffffaf8021926280 x20/s4 0000000000000003 x21/s5 ffffffff838d2e89 x22/s6 ffffaf8021926658 x23/s7 ffffaf8021926408 x24/s8 ffffffff838d67a0 x25/s9 0000000000000002 x26/s10 0000000000ffffff x27/s11 ffffaf8021926240 x28/t3 1ffff5f004324cb0 x29/t4 fffff5ef04324c48 x30/t5 fffff5ef04324c49 x31/t6 ffffaf8021926408 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff8010ef92 mhartid 0000000000000001 mstatus 00000000000001a0 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff8000f97e sepc ffffffff823374ee mcause 0000000000000009 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff80112e28 x2/sp ffffaf800b03b720 x3/gp ffffffff85863ac0 x4/tp ffffaf800b67e100 x5/t0 0000000000046000 x6/t1 74b4d22169e04100 x7/t2 664746db0438b524 x8/s0 ffffaf800b03ba30 x9/s1 0000000000000000 x10/a0 ffffffff866ff1a0 x11/a1 0000000000000007 x12/a2 0000000000000002 x13/a3 ffffffff801165a0 x14/a4 0000000000000000 x15/a5 dfffffff00000000 x16/a6 0000000000f00000 x17/a7 ffffffff8176b8f4 x18/s2 ffffaf805a9e4848 x19/s3 000000003b9aca00 x20/s4 0000000000000001 x21/s5 ffffffff831a262c x22/s6 ffffffff8176b824 x23/s7 0000000000000122 x24/s8 ffffffff85889780 x25/s9 1ffff5f00160775c x26/s10 ffffffff850d46d8 x27/s11 ffffffff8176bae2 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f00160772c x31/t6 0000000000040000 f0/ft0 4125fde7dd8d83e7 f1/ft1 bfffba3cb091b490 f2/ft2 4120000000000000 f3/ft3 403a000000000000 f4/ft4 41188dc800000000 f5/ft5 4038000000000000 f6/ft6 3fe0724c594cc1b7 f7/ft7 3faa7b5c05525098 f8/fs0 3ff58e743803c2e8 f9/fs1 3fcc58599fc5e03a f10/fa0 bfcf917c9f8ec830 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000