syzkaller login: [ 95.673526][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 95.692816][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 95.699761][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:27276' (ECDSA) to the list of known hosts. 1970/01/01 00:02:11 fuzzer started 1970/01/01 00:02:15 connecting to host at localhost:41273 1970/01/01 00:02:16 checking machine... 1970/01/01 00:02:16 checking revisions... 1970/01/01 00:02:18 testing simple program... [ 139.515654][ T2209] cgroup: Unknown subsys name 'net' executing program [ 140.017837][ T2209] cgroup: Unknown subsys name 'rlimit' executing program executing program [ 146.068289][ T2212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 146.096177][ T2212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link executing program [ 148.705641][ T2212] device hsr_slave_0 entered promiscuous mode [ 148.756827][ T2212] device hsr_slave_1 entered promiscuous mode [ 150.237748][ T2212] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 150.359775][ T2212] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 150.432904][ T2212] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 150.507633][ T2212] netdevsim netdevsim0 netdevsim3: renamed from eth3 executing program [ 152.233705][ T2212] 8021q: adding VLAN 0 to HW filter on device bond0 [ 152.326652][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 152.339207][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 153.512917][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 153.521251][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 153.598496][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 153.606726][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 153.668666][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 153.724070][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 153.865488][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 153.879630][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 153.945149][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 153.965768][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 154.049052][ T2212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready executing program [ 155.087555][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 155.089537][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 157.474482][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 157.479045][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program [ 158.848755][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 158.866973][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 158.941983][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 158.947581][ T25] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 158.979071][ T2212] device veth0_vlan entered promiscuous mode [ 159.130564][ T2212] device veth1_vlan entered promiscuous mode [ 159.450436][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 159.472477][ T2530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 159.527959][ T2212] device veth0_macvtap entered promiscuous mode [ 159.595851][ T2212] device veth1_macvtap entered promiscuous mode [ 159.755133][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 159.760175][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 159.775384][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 159.784400][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 159.869724][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 159.897686][ T2210] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 159.984892][ T2212] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.986301][ T2212] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.986893][ T2212] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 159.987340][ T2212] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.399717][ C0] ------------[ cut here ]------------ [ 160.400937][ C0] WARNING: CPU: 0 PID: 51 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 160.401556][ C0] Modules linked in: [ 160.402972][ C0] CPU: 0 PID: 51 Comm: kworker/u4:3 Tainted: G W 6.0.0-syzkaller-12196-g1501278bb7ba #0 [ 160.403657][ C0] Hardware name: linux,dummy-virt (DT) [ 160.404781][ C0] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 160.405669][ C0] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 160.406106][ C0] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 160.406515][ C0] lr : wg_packet_receive+0x978/0x1560 [ 160.406856][ C0] sp : ffff800008007480 [ 160.407154][ C0] x29: ffff800008007480 x28: 0000000000000001 x27: 1fffe00001d58219 [ 160.407812][ C0] x26: 0000000000000000 x25: ffff80000de5c000 x24: 0000000000000000 [ 160.408375][ C0] x23: 0000000000000003 x22: ffff80000de5cb68 x21: 0000000000000001 [ 160.408970][ C0] x20: ffff00000eac10c8 x19: ffff80000de5cd50 x18: 00000000022bc28a [ 160.409537][ C0] x17: ffff80005cbc5000 x16: ffff800008008000 x15: ffff000014351028 [ 160.410133][ C0] x14: 1ffff00001000e68 x13: 0000000000000000 x12: ffff600001d58291 [ 160.410711][ C0] x11: 1fffe00001d58290 x10: ffff600001d58290 x9 : dfff800000000000 [ 160.411481][ C0] x8 : ffff00000eac1483 x7 : 00009ffffe2a7d70 x6 : 0000000000000001 [ 160.412234][ C0] x5 : ffff00000eac1480 x4 : ffff700001bcb9aa x3 : dfff800000000000 [ 160.412856][ C0] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 160.413417][ C0] Call trace: [ 160.413711][ C0] wg_cpumask_next_online+0x1c0/0x2c0 [ 160.414146][ C0] wg_packet_receive+0x978/0x1560 [ 160.414488][ C0] wg_receive+0x58/0xb0 [ 160.414817][ C0] udpv6_queue_rcv_one_skb+0x8f4/0x17c0 [ 160.415178][ C0] udpv6_queue_rcv_skb+0x134/0x7e0 [ 160.415525][ C0] udp6_unicast_rcv_skb+0xe8/0x270 [ 160.415861][ C0] __udp6_lib_rcv+0x8a4/0x2330 [ 160.416185][ C0] udpv6_rcv+0x1c/0x2c [ 160.416518][ C0] ip6_protocol_deliver_rcu+0x154/0x14f0 [ 160.416879][ C0] ip6_input_finish+0x108/0x220 [ 160.417231][ C0] ip6_input+0xbc/0x2b0 [ 160.417563][ C0] ipv6_rcv+0x39c/0x47c [ 160.417933][ C0] __netif_receive_skb_one_core+0xf4/0x170 [ 160.418325][ C0] __netif_receive_skb+0x24/0x184 [ 160.418674][ C0] process_backlog+0x24c/0x6b0 [ 160.419019][ C0] __napi_poll+0x94/0x3a4 [ 160.419369][ C0] net_rx_action+0x78c/0xb60 [ 160.419696][ C0] _stext+0x28c/0x107c [ 160.420021][ C0] ____do_softirq+0x10/0x20 [ 160.420354][ C0] call_on_irq_stack+0x2c/0x54 [ 160.420683][ C0] do_softirq_own_stack+0x1c/0x30 [ 160.421151][ C0] do_softirq.part.0+0xd0/0xf4 [ 160.421571][ C0] __local_bh_enable_ip+0x50c/0x5d0 [ 160.421963][ C0] _raw_read_unlock_bh+0x54/0x64 [ 160.422315][ C0] wg_socket_send_skb_to_peer+0xf0/0x190 [ 160.422674][ C0] wg_socket_send_buffer_to_peer+0x110/0x160 [ 160.423037][ C0] wg_packet_send_handshake_initiation+0x1a8/0x274 [ 160.423478][ C0] wg_packet_handshake_send_worker+0x1c/0x34 [ 160.423833][ C0] process_one_work+0x780/0x184c [ 160.424195][ C0] worker_thread+0x3cc/0xc40 [ 160.424537][ C0] kthread+0x23c/0x2a0 [ 160.424888][ C0] ret_from_fork+0x10/0x20 [ 160.425297][ C0] irq event stamp: 44695 [ 160.425616][ C0] hardirqs last enabled at (44694): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 160.426120][ C0] hardirqs last disabled at (44695): [] el1_dbg+0x24/0x80 [ 160.426588][ C0] softirqs last enabled at (44686): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 160.427040][ C0] softirqs last disabled at (44687): [] ____do_softirq+0x10/0x20 [ 160.427486][ C0] ---[ end trace 0000000000000000 ]--- [ 160.489357][ C1] ------------[ cut here ]------------ [ 160.490106][ C1] WARNING: CPU: 1 PID: 2210 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 160.490513][ C1] Modules linked in: [ 160.490942][ C1] CPU: 1 PID: 2210 Comm: kworker/1:2 Tainted: G W 6.0.0-syzkaller-12196-g1501278bb7ba #0 [ 160.491393][ C1] Hardware name: linux,dummy-virt (DT) [ 160.491725][ C1] Workqueue: wg-crypt-wg1 wg_packet_decrypt_worker [ 160.492433][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 160.492836][ C1] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 160.493193][ C1] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 160.493537][ C1] sp : ffff800010ab7960 [ 160.493863][ C1] x29: ffff800010ab7960 x28: ffff000011b27400 x27: 0000000000000001 [ 160.494440][ C1] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe00001d7eca6 [ 160.494977][ C1] x23: ffff00000ebf6528 x22: ffff80000de5cd50 x21: ffff00000fe39c20 [ 160.495629][ C1] x20: ffff00000ebf6500 x19: ffff00000eac4c40 x18: ffff00006a9eabc0 [ 160.496087][ C1] x17: ffff80005cbe4000 x16: ffff800010ab8000 x15: 0000000000008000 [ 160.496553][ C1] x14: 1ffff00002156efa x13: 1fffe0000262414b x12: ffff600001fc7386 [ 160.497000][ C1] x11: ffff700001bcb9aa x10: dfff800000000000 x9 : 0000000000000003 [ 160.497460][ C1] x8 : ffff80000de5c000 x7 : 1fffe00001d589b9 x6 : 0000000000000000 [ 160.497932][ C1] x5 : ffff00000eac4dc8 x4 : ffff80000de5cb68 x3 : ffff800009f2dbb4 [ 160.498378][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 160.498848][ C1] Call trace: [ 160.499084][ C1] wg_packet_send_staged_packets+0xe38/0x1380 [ 160.499372][ C1] wg_packet_rx_poll+0xd94/0x1580 [ 160.499636][ C1] __napi_poll+0x94/0x3a4 [ 160.499892][ C1] net_rx_action+0x78c/0xb60 [ 160.500181][ C1] _stext+0x28c/0x107c [ 160.500434][ C1] ____do_softirq+0x10/0x20 [ 160.500695][ C1] call_on_irq_stack+0x2c/0x54 [ 160.501227][ C1] do_softirq_own_stack+0x1c/0x30 [ 160.501558][ C1] do_softirq.part.0+0xd0/0xf4 [ 160.501868][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 160.502148][ C1] _raw_spin_unlock_bh+0x54/0x64 [ 160.502458][ C1] wg_packet_decrypt_worker+0x210/0x3c0 [ 160.502796][ C1] process_one_work+0x780/0x184c [ 160.503137][ C1] worker_thread+0x3cc/0xc40 [ 160.503487][ C1] kthread+0x23c/0x2a0 [ 160.503774][ C1] ret_from_fork+0x10/0x20 [ 160.504041][ C1] irq event stamp: 16725 [ 160.504368][ C1] hardirqs last enabled at (16724): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 160.504898][ C1] hardirqs last disabled at (16725): [] el1_dbg+0x24/0x80 [ 160.505308][ C1] softirqs last enabled at (16702): [] wg_packet_decrypt_worker+0x210/0x3c0 [ 160.505701][ C1] softirqs last disabled at (16703): [] ____do_softirq+0x10/0x20 [ 160.506087][ C1] ---[ end trace 0000000000000000 ]--- executing program 1970/01/01 00:02:41 building call list... [ 162.327053][ T933] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.590154][ T933] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.806135][ T933] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.027629][ T933] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 166.383554][ T933] device hsr_slave_0 left promiscuous mode [ 166.456033][ T933] device hsr_slave_1 left promiscuous mode [ 166.652614][ T933] device veth1_macvtap left promiscuous mode [ 166.654911][ T933] device veth0_macvtap left promiscuous mode [ 166.659312][ T933] device veth1_vlan left promiscuous mode [ 166.676626][ T933] device veth0_vlan left promiscuous mode executing program executing program [ 170.290353][ T933] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 170.466284][ T933] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 171.308700][ T933] bond0 (unregistering): Released all slaves executing program executing program executing program executing program executing program [ 186.876064][ T2203] can: request_module (can-proto-0) failed. [ 187.132899][ T2203] can: request_module (can-proto-0) failed. [ 187.313196][ T2203] can: request_module (can-proto-0) failed. executing program VM DIAGNOSIS: 00:25:55 Registers: info registers vcpu 0 PC=ffff8000081ce074 X00=0000000004208060 X01=ffff00000a83ba00 X02=0000000000000007 X03=0000000000000000 X04=1fffe00001511a3d X05=ffff700001000db6 X06=00000000f1f1f1f1 X07=1fffe00001511a3d X08=00000000f3f3f3f3 X09=00000000f3000000 X10=00000000f2f2f2f2 X11=00000000f2000000 X12=ffff60000d53978d X13=0000000000000000 X14=1ffff00001000d4c X15=0000000000000000 X16=0000000000000000 X17=0000000000000000 X18=00000000022bc28a X19=ffff00000a88d1c0 X20=1ffff00001000db6 X21=ffff80000f2bbac3 X22=ffff00000a88d998 X23=ffff80000f3cef60 X24=0000000000000000 X25=0000000000000033 X26=ffff80000d646540 X27=0000000000000001 X28=ffff8000080313f4 X29=ffff800008006d80 X30=ffff8000081bceac SP=ffff800008006d80 PSTATE=100003c5 ---V EL1h FPCR=00000000 FPSR=00000010 Q00=0000000000000000:0000000000000004 Q01=0000000000000000:414fffffe0000000 Q02=34de5450d15699e5:c6d659e59358f42f Q03=0000000040000000:0000000000000000 Q04=4010040140100401:4000000000000000 Q05=4010040140100401:4010040140100401 Q06=5555400000400000:5555400000400000 Q07=0000000000000000:0000000000000000 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000010:0000001e3390d950 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff8000082a39d4 X00=0000000000000001 X01=0000000000000000 X02=0000000000000003 X03=1fffe00002624001 X04=1ffff00002218f5e X05=0000000000000000 X06=ffff8000081b5960 X07=ffff8000081b5960 X08=0000000000000000 X09=ffff80000f3d49c0 X10=ffff0000131209cc X11=dfff800000000000 X12=000000000000f1f1 X13=1fffe00002624141 X14=1ffff00002218f44 X15=1fffe00002217ab8 X16=1fffe0000125d3e9 X17=ffff80005cbe4000 X18=ffff00006a9cbbc0 X19=ffff80000fef3dc0 X20=ffff80000c992a80 X21=ffff00006aa00400 X22=ffff80000de5cb68 X23=ffff8000110c7cf0 X24=ffff000010ab5e00 X25=ffff80000de5cd50 X26=00000000ffffffff X27=1fffe00002156bc3 X28=ffff80000de5c000 X29=ffff8000110c7bb0 X30=ffff8000081b5a74 SP=ffff8000110c78e0 PSTATE=100000c5 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=30253a3a30386566:000a2e6574656c70 Q02=388e9c6c4fa85ca0:0000000000007832 Q03=0000000000000000:ff00000000000000 Q04=0000000000000000:ffffffffffff0000 Q05=0010000000000000:4000000000000000 Q06=0000000000000000:4010040140100000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000555010004000:0000555010004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000