[ 258.543006][ T1857] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 258.638058][ T1857] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:17042' (ECDSA) to the list of known hosts. 1970/01/01 00:05:18 fuzzer started 1970/01/01 00:05:27 dialing manager at localhost:44063 [ 333.146597][ T2024] cgroup: Unknown subsys name 'net' [ 334.223151][ T2024] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:05:34 syscalls: 2918 1970/01/01 00:05:34 code coverage: enabled 1970/01/01 00:05:34 comparison tracing: enabled 1970/01/01 00:05:34 extra coverage: enabled 1970/01/01 00:05:34 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:05:34 setuid sandbox: enabled 1970/01/01 00:05:34 namespace sandbox: enabled 1970/01/01 00:05:34 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:05:34 fault injection: enabled 1970/01/01 00:05:34 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:05:34 net packet injection: enabled 1970/01/01 00:05:34 net device setup: enabled 1970/01/01 00:05:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:05:34 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:05:34 NIC VF setup: PCI device 0000:00:11.0 is not available 1970/01/01 00:05:34 USB emulation: enabled 1970/01/01 00:05:34 hci packet injection: /dev/vhci does not exist 1970/01/01 00:05:34 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:05:34 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:05:34 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:05:41 fetching corpus: 49, signal 34317/36164 (executing program) 1970/01/01 00:05:46 fetching corpus: 98, signal 50435/51620 (executing program) 1970/01/01 00:05:50 fetching corpus: 147, signal 58488/59015 (executing program) 1970/01/01 00:05:51 fetching corpus: 158, signal 59157/59709 (executing program) 1970/01/01 00:05:51 fetching corpus: 158, signal 59157/59813 (executing program) 1970/01/01 00:05:51 fetching corpus: 158, signal 59157/59916 (executing program) 1970/01/01 00:05:51 fetching corpus: 158, signal 59157/60023 (executing program) 1970/01/01 00:05:51 fetching corpus: 158, signal 59157/60122 (executing program) 1970/01/01 00:05:51 fetching corpus: 158, signal 59157/60228 (executing program) 1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60329 (executing program) 1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60430 (executing program) 1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60539 (executing program) 1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60630 (executing program) 1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60735 (executing program) 1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60857 (executing program) 1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60967 (executing program) 1970/01/01 00:05:53 fetching corpus: 158, signal 59157/61078 (executing program) 1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61181 (executing program) 1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61261 (executing program) 1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61374 (executing program) 1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61482 (executing program) 1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61581 (executing program) 1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61677 (executing program) 1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61774 (executing program) 1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61873 (executing program) 1970/01/01 00:05:54 fetching corpus: 158, signal 59168/61973 (executing program) 1970/01/01 00:05:54 fetching corpus: 158, signal 59168/62067 (executing program) 1970/01/01 00:05:54 fetching corpus: 158, signal 59168/62146 (executing program) 1970/01/01 00:05:54 fetching corpus: 158, signal 59168/62254 (executing program) 1970/01/01 00:05:54 fetching corpus: 158, signal 59168/62351 (executing program) 1970/01/01 00:05:54 fetching corpus: 158, signal 59168/62372 (executing program) 1970/01/01 00:05:54 fetching corpus: 158, signal 59168/62372 (executing program) 1970/01/01 00:07:34 starting 2 fuzzer processes 00:07:34 executing program 0: r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x140, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {0xa612}}) 00:07:34 executing program 1: openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000080)={0x0, 'macvtap0\x00', {}, 0x1000}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RATTACH(r2, &(0x7f0000000040)={0x14}, 0x14) fcntl$setpipe(r2, 0x407, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f00000000c0)={r4}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f00000001c0)=ANY=[@ANYRES32=r4, @ANYBLOB="3e000000f87481997368980c93121cd96bb8d9ed5b8f12b486cffe051fdfd6d9b13b4558b0ffd57b186c817a1f080539fea81dc261391320b15af9684ba4aebaef38623ffaa9c4"], &(0x7f0000000180)=0x46) sendfile(r1, r1, 0x0, 0x100000001) r6 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VHOST_RESET_OWNER(r6, 0x8008af26, 0xe9002) readv(r0, &(0x7f00000000c0)=[{&(0x7f0000001240)=""/86, 0x7ffff000}], 0x1) [ 491.220619][ T2037] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 491.882526][ T2037] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 491.993305][ T2038] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 492.514714][ T2038] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 503.149900][ T2037] device hsr_slave_0 entered promiscuous mode [ 503.193644][ T2037] device hsr_slave_1 entered promiscuous mode [ 504.171310][ T2038] device hsr_slave_0 entered promiscuous mode [ 504.189988][ T2038] device hsr_slave_1 entered promiscuous mode [ 504.217946][ T2038] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 504.221607][ T2038] Cannot create hsr debugfs directory [ 509.636816][ T2038] Kernel panic - not syncing: corrupted stack end detected inside scheduler [ 509.638629][ T2038] CPU: 0 PID: 2038 Comm: syz-executor.0 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 509.640214][ T2038] Hardware name: riscv-virtio,qemu (DT) [ 509.642264][ T2038] Call Trace: [ 509.643219][ T2038] [] dump_backtrace+0x2e/0x3c [ 509.644636][ T2038] [] show_stack+0x34/0x40 [ 509.646374][ T2038] [] dump_stack_lvl+0xe4/0x150 [ 509.647738][ T2038] [] dump_stack+0x1c/0x24 [ 509.648954][ T2038] [] panic+0x24a/0x634 [ 509.650023][ T2038] [] schedule+0x0/0x14c [ 509.651140][ T2038] [] preempt_schedule_common+0x4e/0xde [ 509.652386][ T2038] [] preempt_schedule+0x34/0x36 [ 509.653624][ T2038] [] __kernfs_new_node+0x5e8/0x5f2 [ 509.654852][ T2038] [] kernfs_new_node+0x66/0xbe [ 509.656581][ T2038] [] __kernfs_create_file+0x4e/0x1e8 [ 509.657758][ T2038] [] sysfs_add_file_mode_ns+0x138/0x254 [ 509.659203][ T2038] [] internal_create_group+0x274/0x722 [ 509.661632][ T2038] [] internal_create_groups.part.0+0x64/0xe8 [ 509.664102][ T2038] [] sysfs_create_groups+0x2c/0x48 [ 509.666820][ T2038] [] device_add+0x656/0x129e [ 509.668214][ T2038] [] netdev_register_kobject+0xcc/0x208 [ 509.669463][ T2038] [] register_netdevice+0x8ee/0xc6a [ 509.670698][ T2038] [] geneve_configure+0x48c/0x748 [ 509.671860][ T2038] [] geneve_newlink+0x14c/0x222 [ 509.673011][ T2038] [] __rtnl_newlink+0xc16/0xfa0 [ 509.674266][ T2038] [] rtnl_newlink+0x60/0x8c [ 509.676061][ T2038] [] rtnetlink_rcv_msg+0x338/0x9a0 [ 509.677749][ T2038] [] netlink_rcv_skb+0xf8/0x2be [ 509.678906][ T2038] [] rtnetlink_rcv+0x26/0x30 [ 509.679984][ T2038] [] netlink_unicast+0x40e/0x5fe [ 509.681106][ T2038] [] netlink_sendmsg+0x4e0/0x994 [ 509.683888][ T2038] [] sock_sendmsg+0xa0/0xc4 [ 509.685290][ T2038] [] __sys_sendto+0x1f2/0x2e0 [ 509.686989][ T2038] [] sys_sendto+0x3e/0x52 [ 509.688238][ T2038] [] ret_from_syscall+0x0/0x2 [ 509.689753][ T2038] SMP: stopping secondary CPUs [ 509.692401][ T2038] Rebooting in 86400 seconds.. VM DIAGNOSIS: 12:49:14 Registers: info registers vcpu 0 pc 00007fffafd8a29c mhartid 0000000000000000 mstatus 00000000000040a2 mip 0000000000000000 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff8000f97e sepc 00007fffafd3ca24 mcause 0000000000000009 scause 8000000000000001 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra 00007fffb00ce220 x2/sp 00007fffc90fd410 x3/gp 00007fffb0121a68 x4/tp 00007fffafcfc6c8 x5/t0 00000000036f874f x6/t1 00007fffb0088ebc x7/t2 ffffffffffffffff x8/s0 00007fffc90fd450 x9/s1 00007fffb0121e60 x10/a0 0000000000000007 x11/a1 00007fffc90fd450 x12/a2 00007fffdc5c8cd0 x13/a3 0000000000000000 x14/a4 00007fffc90fd460 x15/a5 0000000000000000 x16/a6 00000000000f423f x17/a7 0000000000000071 x18/s2 0000000000000000 x19/s3 0000000000000010 x20/s4 0000000000000000 x21/s5 0000000000000004 x22/s6 0000000000000010 x23/s7 00007fffb0124c48 x24/s8 ffffffffffffffff x25/s9 0000000000000000 x26/s10 0000000000000001 x27/s11 0000000000000001 x28/t3 00007fffafd8a28c x29/t4 0000000000000000 x30/t5 00000000036f874f x31/t6 00000000024cd8f7 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff80099a54 mhartid 0000000000000001 mstatus 00000000000000a0 mip 0000000000000200 mie 00000000000002aa mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff8000f97e sepc ffffffff831a57f6 mcause 0000000000000009 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff80099a1e x2/sp ffffaf800e536450 x3/gp ffffffff85863ac0 x4/tp ffffaf8009a6c8c0 x5/t0 ffffffff86bcb657 x6/t1 fffff5ef0b53910c x7/t2 0000000000000000 x8/s0 ffffaf800e5365e0 x9/s1 ffffaf800e536580 x10/a0 0000000000000000 x11/a1 00000000000f0000 x12/a2 0000000000000002 x13/a3 ffffffff80099a1e x14/a4 b18108cb1545e700 x15/a5 b18108cb1545e700 x16/a6 0000000000f00000 x17/a7 ffffaf805a9c8863 x18/s2 ffffaf8009a6c8c0 x19/s3 1ffff5f001ca6c8c x20/s4 0000000000000000 x21/s5 ffffffff85889780 x22/s6 ffffffff838d2e20 x23/s7 ffffffff8344cc80 x24/s8 ffffffff831a6b00 x25/s9 ffffaf800e534000 x26/s10 ffffaf8007222c10 x27/s11 ffffaf801f1d0570 x28/t3 fffffffff3f3f300 x29/t4 fffff5ef0b53910c x30/t5 fffff5ef0b53910d x31/t6 ffffaf800e5360d8 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000