syzkaller login: [ 257.871302][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 267.144099][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 267.196982][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 267.244560][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:48847' (ECDSA) to the list of known hosts. 1970/01/01 00:05:57 fuzzer started 1970/01/01 00:06:08 dialing manager at localhost:42735 [ 373.932666][ T2027] cgroup: Unknown subsys name 'net' [ 374.913639][ T2027] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:06:14 syscalls: 2918 1970/01/01 00:06:14 code coverage: enabled 1970/01/01 00:06:14 comparison tracing: enabled 1970/01/01 00:06:14 extra coverage: enabled 1970/01/01 00:06:14 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:06:14 setuid sandbox: enabled 1970/01/01 00:06:14 namespace sandbox: enabled 1970/01/01 00:06:14 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:06:14 fault injection: enabled 1970/01/01 00:06:14 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:06:14 net packet injection: enabled 1970/01/01 00:06:14 net device setup: enabled 1970/01/01 00:06:14 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:06:14 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:06:14 NIC VF setup: PCI device 0000:00:11.0 is not available 1970/01/01 00:06:14 USB emulation: enabled 1970/01/01 00:06:14 hci packet injection: /dev/vhci does not exist 1970/01/01 00:06:14 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:06:14 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:06:15 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:06:20 fetching corpus: 50, signal 33824/36772 (executing program) 1970/01/01 00:06:24 fetching corpus: 99, signal 48289/52029 (executing program) 1970/01/01 00:06:27 fetching corpus: 148, signal 56420/60897 (executing program) 1970/01/01 00:06:30 fetching corpus: 197, signal 62820/67908 (executing program) 1970/01/01 00:06:32 fetching corpus: 246, signal 68823/74384 (executing program) 1970/01/01 00:06:35 fetching corpus: 296, signal 71857/78032 (executing program) 1970/01/01 00:06:38 fetching corpus: 346, signal 74920/81648 (executing program) 1970/01/01 00:06:40 fetching corpus: 396, signal 80497/87289 (executing program) 1970/01/01 00:06:43 fetching corpus: 446, signal 83976/90954 (executing program) 1970/01/01 00:06:46 fetching corpus: 495, signal 86762/93984 (executing program) 1970/01/01 00:06:49 fetching corpus: 544, signal 93167/99885 (executing program) 1970/01/01 00:06:53 fetching corpus: 592, signal 96640/103214 (executing program) 1970/01/01 00:06:55 fetching corpus: 642, signal 100178/106478 (executing program) 1970/01/01 00:06:58 fetching corpus: 691, signal 102480/108735 (executing program) 1970/01/01 00:07:00 fetching corpus: 741, signal 105615/111505 (executing program) 1970/01/01 00:07:05 fetching corpus: 791, signal 111004/115884 (executing program) 1970/01/01 00:07:08 fetching corpus: 841, signal 113174/117778 (executing program) 1970/01/01 00:07:10 fetching corpus: 891, signal 115071/119357 (executing program) 1970/01/01 00:07:14 fetching corpus: 940, signal 117056/121056 (executing program) 1970/01/01 00:07:16 fetching corpus: 989, signal 118927/122523 (executing program) 1970/01/01 00:07:19 fetching corpus: 1039, signal 121308/124274 (executing program) 1970/01/01 00:07:21 fetching corpus: 1089, signal 123818/126047 (executing program) 1970/01/01 00:07:24 fetching corpus: 1139, signal 125211/127041 (executing program) 1970/01/01 00:07:27 fetching corpus: 1188, signal 126581/127970 (executing program) 1970/01/01 00:07:29 fetching corpus: 1238, signal 128109/128940 (executing program) 1970/01/01 00:07:30 fetching corpus: 1243, signal 128410/129141 (executing program) 1970/01/01 00:07:30 fetching corpus: 1243, signal 128410/129162 (executing program) 1970/01/01 00:07:30 fetching corpus: 1243, signal 128414/129188 (executing program) 1970/01/01 00:07:31 fetching corpus: 1243, signal 128414/129216 (executing program) 1970/01/01 00:07:31 fetching corpus: 1243, signal 128414/129244 (executing program) 1970/01/01 00:07:31 fetching corpus: 1243, signal 128414/129269 (executing program) 1970/01/01 00:07:31 fetching corpus: 1243, signal 128414/129297 (executing program) 1970/01/01 00:07:31 fetching corpus: 1243, signal 128414/129326 (executing program) 1970/01/01 00:07:31 fetching corpus: 1243, signal 128414/129348 (executing program) 1970/01/01 00:07:31 fetching corpus: 1243, signal 128414/129378 (executing program) 1970/01/01 00:07:32 fetching corpus: 1243, signal 128414/129406 (executing program) 1970/01/01 00:07:32 fetching corpus: 1243, signal 128414/129433 (executing program) 1970/01/01 00:07:32 fetching corpus: 1243, signal 128414/129454 (executing program) 1970/01/01 00:07:32 fetching corpus: 1243, signal 128414/129477 (executing program) 1970/01/01 00:07:32 fetching corpus: 1243, signal 128414/129505 (executing program) 1970/01/01 00:07:32 fetching corpus: 1243, signal 128414/129536 (executing program) 1970/01/01 00:07:32 fetching corpus: 1244, signal 128417/129562 (executing program) 1970/01/01 00:07:32 fetching corpus: 1244, signal 128417/129594 (executing program) 1970/01/01 00:07:33 fetching corpus: 1244, signal 128417/129622 (executing program) 1970/01/01 00:07:33 fetching corpus: 1244, signal 128417/129656 (executing program) 1970/01/01 00:07:33 fetching corpus: 1244, signal 128417/129685 (executing program) 1970/01/01 00:07:33 fetching corpus: 1244, signal 128417/129716 (executing program) 1970/01/01 00:07:33 fetching corpus: 1244, signal 128417/129739 (executing program) 1970/01/01 00:07:33 fetching corpus: 1244, signal 128417/129767 (executing program) 1970/01/01 00:07:33 fetching corpus: 1244, signal 128417/129796 (executing program) 1970/01/01 00:07:34 fetching corpus: 1244, signal 128417/129821 (executing program) 1970/01/01 00:07:34 fetching corpus: 1244, signal 128417/129847 (executing program) 1970/01/01 00:07:34 fetching corpus: 1244, signal 128417/129876 (executing program) 1970/01/01 00:07:34 fetching corpus: 1244, signal 128417/129904 (executing program) 1970/01/01 00:07:34 fetching corpus: 1244, signal 128417/129930 (executing program) 1970/01/01 00:07:34 fetching corpus: 1244, signal 128417/129966 (executing program) 1970/01/01 00:07:34 fetching corpus: 1244, signal 128417/129992 (executing program) 1970/01/01 00:07:35 fetching corpus: 1244, signal 128417/130017 (executing program) 1970/01/01 00:07:35 fetching corpus: 1244, signal 128417/130039 (executing program) 1970/01/01 00:07:35 fetching corpus: 1244, signal 128417/130067 (executing program) 1970/01/01 00:07:35 fetching corpus: 1244, signal 128417/130089 (executing program) 1970/01/01 00:07:35 fetching corpus: 1244, signal 128417/130120 (executing program) 1970/01/01 00:07:35 fetching corpus: 1245, signal 128425/130152 (executing program) 1970/01/01 00:07:35 fetching corpus: 1245, signal 128425/130183 (executing program) 1970/01/01 00:07:36 fetching corpus: 1245, signal 128425/130186 (executing program) 1970/01/01 00:07:36 fetching corpus: 1245, signal 128425/130186 (executing program) 1970/01/01 00:09:27 starting 2 fuzzer processes 00:09:27 executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000140)={0x17e}) newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', &(0x7f0000000440), 0x0) 00:09:27 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x18, 0x2, 0x0, 0x1, @val={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x8d55}}}}}}]}, 0x48}}, 0x0) [ 587.106917][ T2039] Kernel panic - not syncing: corrupted stack end detected inside scheduler [ 587.110160][ T2039] CPU: 0 PID: 2039 Comm: syz-executor.0 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 587.112632][ T2039] Hardware name: riscv-virtio,qemu (DT) [ 587.113947][ T2039] Call Trace: [ 587.114932][ T2039] [] dump_backtrace+0x2e/0x3c [ 587.116390][ T2039] [] show_stack+0x34/0x40 [ 587.118031][ T2039] [] dump_stack_lvl+0xe4/0x150 [ 587.120020][ T2039] [] dump_stack+0x1c/0x24 [ 587.121356][ T2039] [] panic+0x24a/0x634 [ 587.122606][ T2039] [] schedule+0x0/0x14c [ 587.124068][ T2039] [] preempt_schedule_common+0x4e/0xde [ 587.125630][ T2039] [] preempt_schedule+0x34/0x36 [ 587.127045][ T2039] [] _raw_spin_unlock_irqrestore+0x8c/0x98 [ 587.129305][ T2039] [] debug_check_no_obj_freed+0x14c/0x24a [ 587.130934][ T2039] [] free_pcp_prepare+0x24e/0x45e [ 587.132359][ T2039] [] free_unref_page+0x6a/0x31e [ 587.133738][ T2039] [] __free_pages+0xe2/0x112 [ 587.135006][ T2039] [] __free_slab+0x122/0x27c [ 587.136418][ T2039] [] discard_slab+0x4c/0x7a [ 587.138261][ T2039] [] __slab_free+0x20a/0x29c [ 587.140113][ T2039] [] ___cache_free+0x17c/0x354 [ 587.141535][ T2039] [] qlist_free_all+0x7c/0x132 [ 587.142818][ T2039] [] kasan_quarantine_reduce+0x14c/0x1c8 [ 587.144184][ T2039] [] __kasan_slab_alloc+0x5c/0x98 [ 587.145649][ T2039] [] __kmalloc_track_caller+0x156/0x30e [ 587.147024][ T2039] [] kstrdup_const+0x84/0xba [ 587.148878][ T2039] [] __kernfs_new_node+0xc8/0x5f2 [ 587.150814][ T2039] [] kernfs_create_dir_ns+0x6e/0x184 [ 587.152125][ T2039] [] internal_create_group+0x5c0/0x722 [ 587.153542][ T2039] [] sysfs_create_group+0x22/0x2e [ 587.154857][ T2039] [] dpm_sysfs_add+0x76/0x1dc [ 587.156209][ T2039] [] device_add+0x846/0x129e [ 587.157574][ T2039] [] netdev_register_kobject+0xcc/0x208 [ 587.159692][ T2039] [] register_netdevice+0x8ee/0xc6a [ 587.161142][ T2039] [] wg_newlink+0x33c/0x57a [ 587.162391][ T2039] [] __rtnl_newlink+0xc16/0xfa0 [ 587.163634][ T2039] [] rtnl_newlink+0x60/0x8c [ 587.164863][ T2039] [] rtnetlink_rcv_msg+0x338/0x9a0 [ 587.166296][ T2039] [] netlink_rcv_skb+0xf8/0x2be [ 587.167878][ T2039] [] rtnetlink_rcv+0x26/0x30 [ 587.169325][ T2039] [] netlink_unicast+0x40e/0x5fe [ 587.170656][ T2039] [] netlink_sendmsg+0x4e0/0x994 [ 587.171968][ T2039] [] sock_sendmsg+0xa0/0xc4 [ 587.173310][ T2039] [] __sys_sendto+0x1f2/0x2e0 [ 587.174528][ T2039] [] sys_sendto+0x3e/0x52 [ 587.175775][ T2039] [] ret_from_syscall+0x0/0x2 [ 587.177469][ T2039] SMP: stopping secondary CPUs [ 587.181273][ T2039] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:38:27 Registers: info registers vcpu 0 pc ffffffff80dc337e mhartid 0000000000000000 mstatus 00000000000000a0 mip 00000000000000a0 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80475ab2 sepc ffffffff831afd22 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff80dc337e x2/sp ffffaf80089b1db0 x3/gp ffffffff85863ac0 x4/tp ffffaf800cf3b080 x5/t0 ffffffff86bcb657 x6/t1 799742dade295800 x7/t2 0000000000000000 x8/s0 ffffaf80089b1de0 x9/s1 ffffffff86e58900 x10/a0 ffffffff86e58948 x11/a1 ffff8f800066c000 x12/a2 1ffffffff0dcb129 x13/a3 ffffffff80dc337e x14/a4 0000000000000000 x15/a5 ffffffff86e58948 x16/a6 ffffffff86e589f1 x17/a7 ffffffff80dcc2ca x18/s2 ffff8f800066c000 x19/s3 000000000000007a x20/s4 ffffffff86e58900 x21/s5 ffffffff80dc333e x22/s6 0000000000000000 x23/s7 ffffffff86bcb6b5 x24/s8 0000000000000010 x25/s9 ffffffff86e58958 x26/s10 0000000000000010 x27/s11 0000000000000000 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f001136364 x31/t6 ffffffff86bcb657 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff80237330 mhartid 0000000000000001 mstatus 00000000000000a0 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff8000f97e sepc ffffffff8046dffa mcause 0000000000000009 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff831a24ec x2/sp ffffaf800ffdf530 x3/gp ffffffff85863ac0 x4/tp ffffaf800c9ae100 x5/t0 fffff5ef017b8000 x6/t1 799742dade295800 x7/t2 ffffffff8046d190 x8/s0 ffffaf800ffdf530 x9/s1 0000000000000002 x10/a0 ffffffff86c1a628 x11/a1 0000000000000007 x12/a2 1ffffffff0b18998 x13/a3 ffffffff801127f6 x14/a4 0000000000000000 x15/a5 ffffaf800c9aeb70 x16/a6 ffffffff866cf158 x17/a7 ffffffff80468584 x18/s2 ffffffff858c4ca0 x19/s3 0000000000000001 x20/s4 ffffffff838a0620 x21/s5 ffffaf805a9f8760 x22/s6 0000000000000000 x23/s7 0000000000000001 x24/s8 ffffaf800ffdf8d0 x25/s9 ffffaf807a9bd1c0 x26/s10 ffffaf805a9f8760 x27/s11 ffffffff80468612 x28/t3 fffffffff3f3f300 x29/t4 ffffffff80112282 x30/t5 1ffff5f001ffbe8c x31/t6 ffffaf800c7b25c8 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000