syzkaller login: [ 108.313337][ T3144] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 108.327671][ T3144] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 111.625127][ T3144] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:62919' (ECDSA) to the list of known hosts. 1970/01/01 00:01:56 fuzzer started 1970/01/01 00:02:00 dialing manager at localhost:34223 1970/01/01 00:02:01 checking machine... 1970/01/01 00:02:01 checking revisions... 1970/01/01 00:02:01 testing simple program... executing program [ 130.247742][ T3306] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 130.276482][ T3306] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link executing program [ 131.783756][ T3306] device hsr_slave_0 entered promiscuous mode [ 131.833173][ T3306] device hsr_slave_1 entered promiscuous mode [ 132.938272][ T3306] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 133.018044][ T3306] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 133.146482][ T3306] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 133.208247][ T3306] netdevsim netdevsim0 netdevsim3: renamed from eth3 executing program [ 134.523687][ T3306] 8021q: adding VLAN 0 to HW filter on device bond0 [ 134.606083][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 134.618382][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 135.578513][ T2118] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 135.586357][ T2118] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 135.653191][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 135.657756][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 135.722258][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 135.762518][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 135.912497][ T3511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 135.916830][ T3511] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 135.974882][ T3511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 135.981576][ T3511] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 136.020840][ T3306] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 136.163149][ T3510] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 136.164334][ T3510] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready executing program [ 138.105299][ T3511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 138.110598][ T3511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 139.144521][ T3511] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 139.157286][ T3511] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 139.181972][ T3511] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 139.186317][ T3511] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 139.217386][ T3306] device veth0_vlan entered promiscuous mode [ 139.303414][ T3306] device veth1_vlan entered promiscuous mode [ 139.549912][ T3510] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 139.556250][ T3510] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 139.608593][ T3306] device veth0_macvtap entered promiscuous mode [ 139.668095][ T3306] device veth1_macvtap entered promiscuous mode [ 139.813094][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 139.817753][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 139.834045][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 139.838698][ T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 139.916265][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 139.927419][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 139.981426][ T3306] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.982729][ T3306] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.983060][ T3306] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 139.983447][ T3306] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 executing program [ 140.686818][ T3306] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation 1970/01/01 00:02:17 building call list... [ 141.866416][ T126] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.146352][ T126] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.283335][ T126] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 142.463665][ T126] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 145.675012][ T126] device hsr_slave_0 left promiscuous mode [ 145.765007][ T126] device hsr_slave_1 left promiscuous mode [ 145.942652][ T126] device veth1_macvtap left promiscuous mode [ 145.944993][ T126] device veth0_macvtap left promiscuous mode [ 145.947690][ T126] device veth1_vlan left promiscuous mode [ 145.954523][ T126] device veth0_vlan left promiscuous mode executing program [ 148.777926][ T126] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 148.965689][ T126] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface executing program [ 149.675040][ T126] bond0 (unregistering): Released all slaves executing program [ 154.717789][ T3298] can: request_module (can-proto-0) failed. [ 154.933919][ T3298] can: request_module (can-proto-0) failed. executing program [ 155.180276][ T3298] can: request_module (can-proto-0) failed. executing program executing program executing program 1970/01/01 00:02:46 syscalls: 2890 1970/01/01 00:02:46 code coverage: CONFIG_KCOV is not enabled 1970/01/01 00:02:46 comparison tracing: CONFIG_KCOV is not enabled 1970/01/01 00:02:46 extra coverage: CONFIG_KCOV is not enabled 1970/01/01 00:02:46 setuid sandbox: enabled 1970/01/01 00:02:46 namespace sandbox: enabled 1970/01/01 00:02:46 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:02:46 fault injection: enabled 1970/01/01 00:02:46 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:02:46 net packet injection: enabled 1970/01/01 00:02:46 net device setup: enabled 1970/01/01 00:02:46 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:02:46 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:02:46 USB emulation: enabled 1970/01/01 00:02:46 hci packet injection: /dev/vhci does not exist 1970/01/01 00:02:46 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:02:46 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x290708] goroutine 1 [running]: github.com/google/syzkaller/prog.(*ChoiceTable).Enabled(...) /syzkaller/gopath/src/github.com/google/syzkaller/prog/prio.go:239 main.(*Fuzzer).checkDisabledCalls(0x40002ab1e0, 0x400031f9c0) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:469 +0x58 main.(*Fuzzer).deserializeInput(0x40002ab1e0, 0x40004da000, 0xce, 0xce, 0x0) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:460 +0xf8 main.(*Fuzzer).addCandidateInput(0x40002ab1e0, 0x40004da000, 0xce, 0xce, 0x101) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:438 +0x40 main.(*Fuzzer).poll(0x40002ab1e0, 0x400031ef01, 0x0, 0x40003d6460) /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:409 +0x3a0 main.main() /syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:273 +0xedc [ 172.496535][ T3144] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 172.502369][ T3144] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 172.506761][ T3144] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 175.777591][ T3144] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. VM DIAGNOSIS: 11:27:26 Registers: info registers vcpu 0 PC=ffff80001027e384 X00=ffffffffffffffff X01=0000000000000000 X02=0000000000000000 X03=1fffe0000d55e380 X04=000000000022eb3d X05=0000000000000000 X06=00000000f3f3f3f3 X07=ffff8000173e57a0 X08=ffff800015f0ac00 X09=1fffe000024a27c3 X10=0000000000000007 X11=1fffe000024a27bb X12=0000000000000088 X13=0000000000000001 X14=1ffff0000309ef8e X15=0000000000000000 X16=0000000000000000 X17=0000000000000000 X18=0000000000000000 X19=ffff8000161854b0 X20=0000000000000000 X21=0000000000000003 X22=0000000000000028 X23=ffff800016185540 X24=dfff800000000000 X25=ffff800016185480 X26=0000000000000004 X27=ffff8000161854b0 X28=ffff000012513480 X29=ffff8000184f7d00 X30=ffff800010358478 SP=ffff8000184f7d00 PSTATE=100003c5 ---V EL1h FPCR=00000000 FPSR=00000010 Q00=0000000000000000:0000000000000000 Q01=662d7a79732f7265:6c6c616b7a79732f Q02=006f672e72657a7a:75662f72657a7a75 Q03=0000000000000000:0000000000000000 Q04=4000000000000000:0000000000000000 Q05=4010040140100401:4010040140100401 Q06=4000000000000000:4000000000000000 Q07=0000000000000000:3feaaaaaaaaaaaab Q08=0000000000000000:3fa88f02ac8ed2d0 Q09=0000000000000000:3fe41e4e00e82d92 Q10=0000000000000000:3fe0000000000000 Q11=0000000000000000:f168d05fcad59b31 Q12=0000000000000000:1925658acf05eef3 Q13=0000000000000000:b369543331e67427 Q14=0000000000000000:c71054c4b1ea5301 Q15=0000000000000000:d5a8289e5aa8c4dc Q16=0000000000000000:0000000000000000 Q17=0000000000000000:0000000000000000 Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=000000000000001e:00000000d69d3c71 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff800013194ab8 X00=ffff800013194ab0 X01=ffff800013194af0 X02=0000000000000001 X03=1fffe000012849d9 X04=1ffff000030a2f6c X05=ffff800018517b90 X06=00008ffffcf5d08e X07=0000000000000001 X08=ffff800018517b97 X09=dfff800000000000 X10=ffff7000030a2f72 X11=1ffff000030a2f72 X12=ffff7000030a2f73 X13=0000000000000001 X14=1ffff000030a2f54 X15=0000000000000000 X16=0000000000000000 X17=0000000000000000 X18=0000000000000000 X19=ffff8000161777c0 X20=0000000000007e08 X21=0000000000007e08 X22=ffff800018517da0 X23=dfff800000000000 X24=1ffff000030a2fb4 X25=0000000000000001 X26=ffff800016177d40 X27=0000000000000000 X28=00000000000001a4 X29=ffff800018517c70 X30=ffff800013194b08 SP=ffff800018517c70 PSTATE=10000005 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=702f72656c6c616b:7a79732f656c676f Q02=0a3933323a6f672e:6f6972702f676f72 Q03=632e2972657a7a75:462a282e6e69616d Q04=6c6c614364656c62:617369446b636568 Q05=202c306531626132:3030303478302873 Q06=2f090a2930633966:3133303030347830 Q07=687461706f672f72:656c6c616b7a7973 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=74d5fe49a49f9814:9e780b73c09cb611 Q17=97ddbda2ba322d6a:962b82ee668a0282 Q18=af65f75fe6474f15:0945b1a14a1d85d3 Q19=3a314ce72715dca4:0bb955251ed880f0 Q20=aff984e4ae9dfe40:623a435ed783c535 Q21=2212c599bf4263ad:a20dd1b1cc7a833c Q22=2095a9d67dd726a2:b7b76d539da7640a Q23=2718217b3d30f968:fbccebfd7c28f0d2 Q24=6b20657479622d32:3320646e61707865 Q25=bfd9c78da019e223:06626929188276ca Q26=b2d33d79612473fc:4810a163275a477e Q27=2f00000000000000:000000000000000b Q28=2f00000000000000:000000000000000c Q29=2f00000000000000:000000000000000d Q30=2f00000000000000:000000000000000e Q31=0000000000000000:0000000000000004