[  258.543006][ T1857] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  258.638058][ T1857] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
Warning: Permanently added '[localhost]:17042' (ECDSA) to the list of known hosts.
1970/01/01 00:05:18 fuzzer started
1970/01/01 00:05:27 dialing manager at localhost:44063
[  333.146597][ T2024] cgroup: Unknown subsys name 'net'
[  334.223151][ T2024] cgroup: Unknown subsys name 'rlimit'
1970/01/01 00:05:34 syscalls: 2918
1970/01/01 00:05:34 code coverage: enabled
1970/01/01 00:05:34 comparison tracing: enabled
1970/01/01 00:05:34 extra coverage: enabled
1970/01/01 00:05:34 delay kcov mmap: mmap returned an invalid pointer
1970/01/01 00:05:34 setuid sandbox: enabled
1970/01/01 00:05:34 namespace sandbox: enabled
1970/01/01 00:05:34 Android sandbox: /sys/fs/selinux/policy does not exist
1970/01/01 00:05:34 fault injection: enabled
1970/01/01 00:05:34 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
1970/01/01 00:05:34 net packet injection: enabled
1970/01/01 00:05:34 net device setup: enabled
1970/01/01 00:05:34 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
1970/01/01 00:05:34 devlink PCI setup: PCI device 0000:00:10.0 is not available
1970/01/01 00:05:34 NIC VF setup: PCI device 0000:00:11.0 is not available
1970/01/01 00:05:34 USB emulation: enabled
1970/01/01 00:05:34 hci packet injection: /dev/vhci does not exist
1970/01/01 00:05:34 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist
1970/01/01 00:05:34 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist
1970/01/01 00:05:34 fetching corpus: 0, signal 0/2000 (executing program)
1970/01/01 00:05:41 fetching corpus: 49, signal 34317/36164 (executing program)
1970/01/01 00:05:46 fetching corpus: 98, signal 50435/51620 (executing program)
1970/01/01 00:05:50 fetching corpus: 147, signal 58488/59015 (executing program)
1970/01/01 00:05:51 fetching corpus: 158, signal 59157/59709 (executing program)
1970/01/01 00:05:51 fetching corpus: 158, signal 59157/59813 (executing program)
1970/01/01 00:05:51 fetching corpus: 158, signal 59157/59916 (executing program)
1970/01/01 00:05:51 fetching corpus: 158, signal 59157/60023 (executing program)
1970/01/01 00:05:51 fetching corpus: 158, signal 59157/60122 (executing program)
1970/01/01 00:05:51 fetching corpus: 158, signal 59157/60228 (executing program)
1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60329 (executing program)
1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60430 (executing program)
1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60539 (executing program)
1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60630 (executing program)
1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60735 (executing program)
1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60857 (executing program)
1970/01/01 00:05:52 fetching corpus: 158, signal 59157/60967 (executing program)
1970/01/01 00:05:53 fetching corpus: 158, signal 59157/61078 (executing program)
1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61181 (executing program)
1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61261 (executing program)
1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61374 (executing program)
1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61482 (executing program)
1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61581 (executing program)
1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61677 (executing program)
1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61774 (executing program)
1970/01/01 00:05:53 fetching corpus: 158, signal 59168/61873 (executing program)
1970/01/01 00:05:54 fetching corpus: 158, signal 59168/61973 (executing program)
1970/01/01 00:05:54 fetching corpus: 158, signal 59168/62067 (executing program)
1970/01/01 00:05:54 fetching corpus: 158, signal 59168/62146 (executing program)
1970/01/01 00:05:54 fetching corpus: 158, signal 59168/62254 (executing program)
1970/01/01 00:05:54 fetching corpus: 158, signal 59168/62351 (executing program)
1970/01/01 00:05:54 fetching corpus: 158, signal 59168/62372 (executing program)
1970/01/01 00:05:54 fetching corpus: 158, signal 59168/62372 (executing program)
1970/01/01 00:07:34 starting 2 fuzzer processes
00:07:34 executing program 0:
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080)={0x140, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {0xa612}})

00:07:34 executing program 1:
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000080)={0x0, 'macvtap0\x00', {}, 0x1000})
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RATTACH(r2, &(0x7f0000000040)={0x14}, 0x14)
fcntl$setpipe(r2, 0x407, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f00000000c0)={r4}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f00000001c0)=ANY=[@ANYRES32=r4, @ANYBLOB="3e000000f87481997368980c93121cd96bb8d9ed5b8f12b486cffe051fdfd6d9b13b4558b0ffd57b186c817a1f080539fea81dc261391320b15af9684ba4aebaef38623ffaa9c4"], &(0x7f0000000180)=0x46)
sendfile(r1, r1, 0x0, 0x100000001)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_RESET_OWNER(r6, 0x8008af26, 0xe9002)
readv(r0, &(0x7f00000000c0)=[{&(0x7f0000001240)=""/86, 0x7ffff000}], 0x1)

[  491.220619][ T2037] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  491.882526][ T2037] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  491.993305][ T2038] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  492.514714][ T2038] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  503.149900][ T2037] device hsr_slave_0 entered promiscuous mode
[  503.193644][ T2037] device hsr_slave_1 entered promiscuous mode
[  504.171310][ T2038] device hsr_slave_0 entered promiscuous mode
[  504.189988][ T2038] device hsr_slave_1 entered promiscuous mode
[  504.217946][ T2038] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  504.221607][ T2038] Cannot create hsr debugfs directory
[  509.636816][ T2038] Kernel panic - not syncing: corrupted stack end detected inside scheduler
[  509.638629][ T2038] CPU: 0 PID: 2038 Comm: syz-executor.0 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0
[  509.640214][ T2038] Hardware name: riscv-virtio,qemu (DT)
[  509.642264][ T2038] Call Trace:
[  509.643219][ T2038] [<ffffffff8000a228>] dump_backtrace+0x2e/0x3c
[  509.644636][ T2038] [<ffffffff831668cc>] show_stack+0x34/0x40
[  509.646374][ T2038] [<ffffffff831756ba>] dump_stack_lvl+0xe4/0x150
[  509.647738][ T2038] [<ffffffff83175742>] dump_stack+0x1c/0x24
[  509.648954][ T2038] [<ffffffff83166fa8>] panic+0x24a/0x634
[  509.650023][ T2038] [<ffffffff831a688a>] schedule+0x0/0x14c
[  509.651140][ T2038] [<ffffffff831a6b00>] preempt_schedule_common+0x4e/0xde
[  509.652386][ T2038] [<ffffffff831a6bc4>] preempt_schedule+0x34/0x36
[  509.653624][ T2038] [<ffffffff8066764e>] __kernfs_new_node+0x5e8/0x5f2
[  509.654852][ T2038] [<ffffffff8066a298>] kernfs_new_node+0x66/0xbe
[  509.656581][ T2038] [<ffffffff8066e3fc>] __kernfs_create_file+0x4e/0x1e8
[  509.657758][ T2038] [<ffffffff806700ba>] sysfs_add_file_mode_ns+0x138/0x254
[  509.659203][ T2038] [<ffffffff80671e06>] internal_create_group+0x274/0x722
[  509.661632][ T2038] [<ffffffff80672d12>] internal_create_groups.part.0+0x64/0xe8
[  509.664102][ T2038] [<ffffffff80672dc2>] sysfs_create_groups+0x2c/0x48
[  509.666820][ T2038] [<ffffffff813e6d4a>] device_add+0x656/0x129e
[  509.668214][ T2038] [<ffffffff827bdb6e>] netdev_register_kobject+0xcc/0x208
[  509.669463][ T2038] [<ffffffff82746298>] register_netdevice+0x8ee/0xc6a
[  509.670698][ T2038] [<ffffffff8180c800>] geneve_configure+0x48c/0x748
[  509.671860][ T2038] [<ffffffff8180cc08>] geneve_newlink+0x14c/0x222
[  509.673011][ T2038] [<ffffffff8276a91a>] __rtnl_newlink+0xc16/0xfa0
[  509.674266][ T2038] [<ffffffff8276ad04>] rtnl_newlink+0x60/0x8c
[  509.676061][ T2038] [<ffffffff8276b46c>] rtnetlink_rcv_msg+0x338/0x9a0
[  509.677749][ T2038] [<ffffffff8296ded2>] netlink_rcv_skb+0xf8/0x2be
[  509.678906][ T2038] [<ffffffff827624f4>] rtnetlink_rcv+0x26/0x30
[  509.679984][ T2038] [<ffffffff8296cbcc>] netlink_unicast+0x40e/0x5fe
[  509.681106][ T2038] [<ffffffff8296d29c>] netlink_sendmsg+0x4e0/0x994
[  509.683888][ T2038] [<ffffffff826d264e>] sock_sendmsg+0xa0/0xc4
[  509.685290][ T2038] [<ffffffff826d7026>] __sys_sendto+0x1f2/0x2e0
[  509.686989][ T2038] [<ffffffff826d7152>] sys_sendto+0x3e/0x52
[  509.688238][ T2038] [<ffffffff80005716>] ret_from_syscall+0x0/0x2
[  509.689753][ T2038] SMP: stopping secondary CPUs
[  509.692401][ T2038] Rebooting in 86400 seconds..

VM DIAGNOSIS:
12:49:14  Registers:
info registers vcpu 0
 pc       00007fffafd8a29c
 mhartid  0000000000000000
 mstatus  00000000000040a2
 mip      0000000000000000
 mie      00000000000002aa
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffff800055d4
 mepc     ffffffff8000f97e
 sepc     00007fffafd3ca24
 mcause   0000000000000009
 scause   8000000000000001
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra 00007fffb00ce220 x2/sp 00007fffc90fd410 x3/gp 00007fffb0121a68
 x4/tp 00007fffafcfc6c8 x5/t0 00000000036f874f x6/t1 00007fffb0088ebc x7/t2 ffffffffffffffff
 x8/s0 00007fffc90fd450 x9/s1 00007fffb0121e60 x10/a0 0000000000000007 x11/a1 00007fffc90fd450
 x12/a2 00007fffdc5c8cd0 x13/a3 0000000000000000 x14/a4 00007fffc90fd460 x15/a5 0000000000000000
 x16/a6 00000000000f423f x17/a7 0000000000000071 x18/s2 0000000000000000 x19/s3 0000000000000010
 x20/s4 0000000000000000 x21/s5 0000000000000004 x22/s6 0000000000000010 x23/s7 00007fffb0124c48
 x24/s8 ffffffffffffffff x25/s9 0000000000000000 x26/s10 0000000000000001 x27/s11 0000000000000001
 x28/t3 00007fffafd8a28c x29/t4 0000000000000000 x30/t5 00000000036f874f x31/t6 00000000024cd8f7
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000
info registers vcpu 1
 pc       ffffffff80099a54
 mhartid  0000000000000001
 mstatus  00000000000000a0
 mip      0000000000000200
 mie      00000000000002aa
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffff800055d4
 mepc     ffffffff8000f97e
 sepc     ffffffff831a57f6
 mcause   0000000000000009
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffff80099a1e x2/sp ffffaf800e536450 x3/gp ffffffff85863ac0
 x4/tp ffffaf8009a6c8c0 x5/t0 ffffffff86bcb657 x6/t1 fffff5ef0b53910c x7/t2 0000000000000000
 x8/s0 ffffaf800e5365e0 x9/s1 ffffaf800e536580 x10/a0 0000000000000000 x11/a1 00000000000f0000
 x12/a2 0000000000000002 x13/a3 ffffffff80099a1e x14/a4 b18108cb1545e700 x15/a5 b18108cb1545e700
 x16/a6 0000000000f00000 x17/a7 ffffaf805a9c8863 x18/s2 ffffaf8009a6c8c0 x19/s3 1ffff5f001ca6c8c
 x20/s4 0000000000000000 x21/s5 ffffffff85889780 x22/s6 ffffffff838d2e20 x23/s7 ffffffff8344cc80
 x24/s8 ffffffff831a6b00 x25/s9 ffffaf800e534000 x26/s10 ffffaf8007222c10 x27/s11 ffffaf801f1d0570
 x28/t3 fffffffff3f3f300 x29/t4 fffff5ef0b53910c x30/t5 fffff5ef0b53910d x31/t6 ffffaf800e5360d8
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000