[  179.065187][ T2893] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  179.098878][ T2893] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
Warning: Permanently added '[localhost]:30501' (ECDSA) to the list of known hosts.
1970/01/01 00:03:28 fuzzer started
1970/01/01 00:03:35 dialing manager at localhost:44031
1970/01/01 00:03:38 syscalls: 2768
1970/01/01 00:03:38 code coverage: enabled
1970/01/01 00:03:38 comparison tracing: enabled
1970/01/01 00:03:38 extra coverage: enabled
1970/01/01 00:03:38 setuid sandbox: enabled
1970/01/01 00:03:38 namespace sandbox: enabled
1970/01/01 00:03:38 Android sandbox: /sys/fs/selinux/policy does not exist
1970/01/01 00:03:38 fault injection: enabled
1970/01/01 00:03:38 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
1970/01/01 00:03:38 net packet injection: enabled
1970/01/01 00:03:38 net device setup: enabled
1970/01/01 00:03:38 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
1970/01/01 00:03:38 devlink PCI setup: PCI device 0000:00:10.0 is not available
1970/01/01 00:03:38 USB emulation: enabled
1970/01/01 00:03:38 hci packet injection: /dev/vhci does not exist
1970/01/01 00:03:38 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist
1970/01/01 00:03:38 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist
1970/01/01 00:03:38 fetching corpus: 0, signal 0/0 (executing program)
1970/01/01 00:03:38 fetching corpus: 0, signal 0/0 (executing program)
1970/01/01 00:04:24 starting 2 fuzzer processes
00:04:36 executing program 0:
perf_event_open(&(0x7f0000000300)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

00:04:51 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="2800000006"], 0x28)

[  293.617051][ T3062] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  293.698200][ T3062] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  298.493974][ T3062] device hsr_slave_0 entered promiscuous mode
[  298.527258][ T3062] device hsr_slave_1 entered promiscuous mode
[  301.497360][ T3062] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  301.764851][ T3062] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  301.862336][ T3062] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  301.930992][ T3062] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  308.558664][ T3062] 8021q: adding VLAN 0 to HW filter on device bond0
[  308.888878][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  308.963873][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  310.324918][ T3200] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  310.404799][ T3200] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  312.673316][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  312.709105][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  313.092365][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  313.123287][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  313.249175][ T1935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  313.387716][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  313.747110][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  313.789347][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  313.949294][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  313.988113][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  314.109579][ T3062] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  314.709164][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  314.725892][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  316.184660][ T3200] device hsr_slave_0 entered promiscuous mode
[  316.205892][ T3200] device hsr_slave_1 entered promiscuous mode
[  316.238999][ T3200] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  316.247504][ T3200] Cannot create hsr debugfs directory
[  319.495909][ T3200] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  319.617005][ T3200] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  319.694376][ T3200] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  319.795902][ T3200] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  322.173207][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  322.213914][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  324.914855][ T3200] 8021q: adding VLAN 0 to HW filter on device bond0
[  325.225750][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  325.267209][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  326.284838][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  326.298688][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  326.397063][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  326.409451][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  326.477008][ T3062] device veth0_vlan entered promiscuous mode
[  326.755232][ T3062] device veth1_vlan entered promiscuous mode
[  327.478344][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  327.533898][ T3404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  327.725427][ T3062] device veth0_macvtap entered promiscuous mode
[  327.899667][ T3062] device veth1_macvtap entered promiscuous mode
[  328.356350][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  328.408873][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  328.462370][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  328.485067][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  328.714491][ T3337] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  328.748385][ T3337] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  328.965110][ T3062] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  328.968021][ T3062] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  328.969296][ T3062] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  328.991694][ T3062] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  329.565998][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  329.586246][ T2829] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  330.192376][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  330.249566][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  330.288164][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  330.546465][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  330.998657][ T3062] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
[  331.115908][ T3492] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  331.137196][ T3492] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  331.271790][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  331.296284][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  331.446452][ T3200] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  332.056543][ T3492] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  332.059424][ T3492] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  333.114369][ T3496] ------------[ cut here ]------------
[  333.116751][ T3496] WARNING: CPU: 0 PID: 3496 at kernel/events/core.c:3752 ctx_sched_in+0x12e/0x3ee
[  333.117922][ T3496] Modules linked in:
[  333.118834][ T3496] CPU: 0 PID: 3496 Comm: syz-executor.0 Not tainted 5.12.0-rc8-syzkaller-00194-g18a3c5f7abfd #0
[  333.119991][ T3496] Hardware name: riscv-virtio,qemu (DT)
[  333.122505][ T3496] epc : ctx_sched_in+0x12e/0x3ee
[  333.123830][ T3496]  ra : ctx_sched_in+0x12e/0x3ee
[  333.124838][ T3496] epc : ffffffe00027a674 ra : ffffffe00027a674 sp : ffffffe00c9df910
[  333.125730][ T3496]  gp : ffffffe004588b78 tp : ffffffe006380000 t0 : 0000000000000000
[  333.126618][ T3496]  t1 : 0000000000000001 t2 : 0000000000000003 s0 : ffffffe00c9df980
[  333.127484][ T3496]  s1 : ffffffe009f2d000 a0 : ffffffe067d5c118 a1 : 00000000000f0000
[  333.128369][ T3496]  a2 : 0000000000000002 a3 : ffffffe00027a674 a4 : ffffffe006381000
[  333.129314][ T3496]  a5 : 0000000040000002 a6 : 0000000000f00000 a7 : ffffffe000281354
[  333.130585][ T3496]  s2 : 0000000000000007 s3 : ffffffe009f2d140 s4 : ffffffe006380000
[  333.131880][ T3496]  s5 : 0000000000000002 s6 : ffffffe00458c0d0 s7 : ffffffe067d5bf70
[  333.132856][ T3496]  s8 : 0000000000000007 s9 : ffffffe067d5c118 s10: ffffffe009f2d000
[  333.133743][ T3496]  s11: ffffffe009f2d008 t3 : 27fdc7a11b839100 t4 : 0000000000000018
[  333.134604][ T3496]  t5 : 0008583b00000000 t6 : 00000000c9829039
[  333.135342][ T3496] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003
[  333.136275][ T3496] Call Trace:
[  333.136941][ T3496] [<ffffffe00027a674>] ctx_sched_in+0x12e/0x3ee
[  333.138002][ T3496] [<ffffffe00027a96c>] perf_event_sched_in+0x38/0x74
[  333.138942][ T3496] [<ffffffe00028142e>] __perf_event_task_sched_in+0x4ea/0x680
[  333.140114][ T3496] [<ffffffe0000850ce>] finish_task_switch.isra.0+0x284/0x318
[  333.141409][ T3496] [<ffffffe002a97f50>] __schedule+0x484/0xe8c
[  333.142337][ T3496] [<ffffffe002a98be8>] preempt_schedule_common+0x4e/0xde
[  333.143307][ T3496] [<ffffffe002a98cac>] preempt_schedule+0x34/0x36
[  333.144235][ T3496] [<ffffffe0001455be>] smp_call_function_single+0x2a0/0x2ba
[  333.145189][ T3496] [<ffffffe00026af46>] task_function_call+0x90/0xee
[  333.146070][ T3496] [<ffffffe00027c5da>] perf_install_in_context+0x174/0x2e6
[  333.147016][ T3496] [<ffffffe000288d1c>] __do_sys_perf_event_open+0x10ea/0x199e
[  333.147993][ T3496] [<ffffffe00028fa72>] sys_perf_event_open+0x34/0x46
[  333.149037][ T3496] [<ffffffe000005578>] ret_from_syscall+0x0/0x2
[  333.150393][ T3496] Kernel panic - not syncing: panic_on_warn set ...
[  333.151745][ T3496] CPU: 0 PID: 3496 Comm: syz-executor.0 Not tainted 5.12.0-rc8-syzkaller-00194-g18a3c5f7abfd #0
[  333.152853][ T3496] Hardware name: riscv-virtio,qemu (DT)
[  333.153579][ T3496] Call Trace:
[  333.154154][ T3496] [<ffffffe000009708>] walk_stackframe+0x0/0x23c
[  333.155086][ T3496] [<ffffffe002a631dc>] dump_backtrace+0x40/0x4e
[  333.155986][ T3496] [<ffffffe002a6320c>] show_stack+0x22/0x2e
[  333.156878][ T3496] [<ffffffe002a6ca98>] dump_stack+0x148/0x1d8
[  333.157709][ T3496] [<ffffffe002a635d4>] panic+0x20a/0x5cc
[  333.158537][ T3496] [<ffffffe00002615e>] __warn+0x110/0x20a
[  333.159389][ T3496] [<ffffffe000a5b0fc>] report_bug+0x156/0x200
[  333.160689][ T3496] [<ffffffe00000953e>] do_trap_break+0xd8/0x184
[  333.162009][ T3496] [<ffffffe000005586>] ret_from_exception+0x0/0x14
[  333.162962][ T3496] [<ffffffe00027a674>] ctx_sched_in+0x12e/0x3ee
[  333.164589][ T3496] SMP: stopping secondary CPUs
[  333.166533][ T3496] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:57:28  Registers:
info registers vcpu 0
 pc       ffffffe000c1a3c2
 mhartid  0000000000000000
 mstatus  0000000000000180
 mip      00000000000000a0
 mie      000000000000022a
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffe00000542c
 mepc     ffffffe000a5ce80
 sepc     ffffffe00027a674
 mcause   8000000000000007
 scause   0000000000000003
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffe000c1a3c2 x2/sp ffffffe00c9df240 x3/gp ffffffe004588b78
 x4/tp ffffffe006380000 x5/t0 ffffffe004ffdbb7 x6/t1 0000000000000001 x7/t2 0000000000000000
 x8/s0 ffffffe00c9df260 x9/s1 ffffffe005230480 x10/a0 ffffffd00066e005 x11/a1 0000000000000007
 x12/a2 1ffffffc00a46099 x13/a3 ffffffe000c1a3c2 x14/a4 0000000000000000 x15/a5 ffffffe0052304c8
 x16/a6 0000000000f00000 x17/a7 ffffffe000c24c1a x18/s2 0000000000000005 x19/s3 0000000000002710
 x20/s4 ffffffe0052304d0 x21/s5 0000000000000020 x22/s6 ffffffe005230718 x23/s7 ffffffe0052304d8
 x24/s8 0000000000000001 x25/s9 ffffffe00458c0d0 x26/s10 ffffffe005230708 x27/s11 ffffffe0052304d0
 x28/t3 27fdc7a11b839100 x29/t4 ffffffc4009ffb74 x30/t5 ffffffc4009ffb77 x31/t6 ffffffe004ffdbb7
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000
info registers vcpu 1
 pc       ffffffe0000c9c7c
 mhartid  0000000000000001
 mstatus  00000000000001a0
 mip      00000000000000a0
 mie      000000000000020a
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffe00000542c
 mepc     ffffffe0000cfff0
 sepc     ffffffe002a9f3f2
 mcause   8000000000000007
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffe002a941e8 x2/sp ffffffe01e44b350 x3/gp ffffffe004588b78
 x4/tp ffffffe009db2f80 x5/t0 0000000000046000 x6/t1 0000000000000001 x7/t2 fffffffffffff000
 x8/s0 ffffffe01e44b360 x9/s1 ffffffe009db3950 x10/a0 0000000000000120 x11/a1 00000000000f0000
 x12/a2 0000000000010003 x13/a3 0000000000000000 x14/a4 0000000000000001 x15/a5 ffffffe067d60840
 x16/a6 0000000000f00000 x17/a7 ffffffe00012529a x18/s2 0000000000000000 x19/s3 ffffffe00432b2b8
 x20/s4 ffffffe009db3f80 x21/s5 ffffffe002e27840 x22/s6 ffffffffffffffff x23/s7 0000000000000120
 x24/s8 ffffffe0050495a8 x25/s9 0000000000000002 x26/s10 00000000000186a0 x27/s11 0008f0d180000000
 x28/t3 27fdc7a11b839100 x29/t4 ffffffc403c89733 x30/t5 ffffffc403c89735 x31/t6 0000003fbea58000
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000