syzkaller login: [ 61.294280][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 64.276649][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 64.283697][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:32272' (ECDSA) to the list of known hosts. 1970/01/01 00:01:13 fuzzer started 1970/01/01 00:01:16 connecting to host at localhost:39045 1970/01/01 00:01:16 checking machine... 1970/01/01 00:01:16 checking revisions... 1970/01/01 00:01:17 testing simple program... [ 78.315893][ T2209] cgroup: Unknown subsys name 'net' [ 78.702816][ T2209] cgroup: Unknown subsys name 'rlimit' executing program executing program [ 83.023540][ T2212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 83.062066][ T2212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.654799][ T2212] device hsr_slave_0 entered promiscuous mode [ 84.724180][ T2212] device hsr_slave_1 entered promiscuous mode executing program [ 86.126116][ T2212] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 86.204643][ T2212] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 86.276787][ T2212] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 86.345733][ T2212] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.644135][ T2212] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.699368][ T887] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 87.706008][ T887] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 88.460880][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 88.464886][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 88.499179][ T887] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 88.503013][ T887] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 88.536645][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 88.576161][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 88.672287][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 88.675796][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready executing program [ 88.720063][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 88.724554][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 88.754587][ T2212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 89.406055][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 89.409552][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 91.003919][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 91.015999][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready executing program [ 91.800449][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 91.804524][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 91.818107][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 91.822053][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 91.849840][ T2212] device veth0_vlan entered promiscuous mode [ 91.932469][ T2212] device veth1_vlan entered promiscuous mode [ 92.031093][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 92.036031][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 92.158483][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 92.162584][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 92.184046][ T2212] device veth0_macvtap entered promiscuous mode [ 92.224507][ T2212] device veth1_macvtap entered promiscuous mode [ 92.314394][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 92.321206][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 92.325993][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 92.333509][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 92.369281][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 92.374703][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 92.405866][ T2212] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.406867][ T2212] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.411683][ T2212] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.412159][ T2212] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.584344][ C1] ------------[ cut here ]------------ [ 92.585069][ C1] WARNING: CPU: 1 PID: 1469 at include/linux/cpumask.h:110 wg_cpumask_next_online+0x1c0/0x2c0 [ 92.585437][ C1] Modules linked in: [ 92.585685][ C1] CPU: 1 PID: 1469 Comm: kworker/u4:5 Tainted: G W 6.0.0-syzkaller-11849-g6d84c258e804 #0 [ 92.586072][ C1] Hardware name: linux,dummy-virt (DT) [ 92.586482][ C1] Workqueue: wg-kex-wg2 wg_packet_handshake_send_worker [ 92.586785][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 92.587500][ C1] pc : wg_cpumask_next_online+0x1c0/0x2c0 [ 92.589114][ C1] lr : wg_packet_receive+0x978/0x1560 [ 92.589390][ C1] sp : ffff800010ab7480 [ 92.589595][ C1] x29: ffff800010ab7480 x28: 0000000000000001 x27: 1fffe000017a9219 [ 92.589994][ C1] x26: 0000000000000000 x25: ffff80000de5c000 x24: 0000000000000000 [ 92.590379][ C1] x23: 0000000000000003 x22: ffff80000de5cb68 x21: 0000000000000001 [ 92.590752][ C1] x20: ffff00000bd490c8 x19: ffff80000de5cd50 x18: 00000000a5b9816a [ 92.591118][ C1] x17: ffff80005cbe4000 x16: ffff800010ab8000 x15: ffff00000e8643e8 [ 92.591475][ C1] x14: 1ffff00002156e68 x13: 0000000000000000 x12: ffff6000017a9291 [ 92.591834][ C1] x11: 1fffe000017a9290 x10: ffff6000017a9290 x9 : dfff800000000000 [ 92.592201][ C1] x8 : ffff00000bd49483 x7 : 00009ffffe856d70 x6 : 0000000000000001 [ 92.592564][ C1] x5 : ffff00000bd49480 x4 : ffff700001bcb9aa x3 : dfff800000000000 [ 92.592928][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 92.593313][ C1] Call trace: [ 92.593529][ C1] wg_cpumask_next_online+0x1c0/0x2c0 [ 92.593762][ C1] wg_packet_receive+0x978/0x1560 [ 92.593980][ C1] wg_receive+0x58/0xb0 [ 92.594194][ C1] udpv6_queue_rcv_one_skb+0x8f4/0x17c0 [ 92.594430][ C1] udpv6_queue_rcv_skb+0x134/0x7e0 [ 92.594653][ C1] udp6_unicast_rcv_skb+0xe8/0x270 [ 92.594875][ C1] __udp6_lib_rcv+0x8a4/0x2330 [ 92.595095][ C1] udpv6_rcv+0x1c/0x2c [ 92.595300][ C1] ip6_protocol_deliver_rcu+0x154/0x14f0 [ 92.595534][ C1] ip6_input_finish+0x108/0x220 [ 92.595795][ C1] ip6_input+0xbc/0x2b0 [ 92.596009][ C1] ipv6_rcv+0x39c/0x47c [ 92.596223][ C1] __netif_receive_skb_one_core+0xf4/0x170 [ 92.596468][ C1] __netif_receive_skb+0x24/0x184 [ 92.596720][ C1] process_backlog+0x24c/0x6b0 [ 92.597058][ C1] __napi_poll+0x94/0x3a4 [ 92.597395][ C1] net_rx_action+0x78c/0xb60 [ 92.597621][ C1] _stext+0x28c/0x107c [ 92.597991][ C1] ____do_softirq+0x10/0x20 [ 92.598254][ C1] call_on_irq_stack+0x2c/0x54 [ 92.598583][ C1] do_softirq_own_stack+0x1c/0x30 [ 92.598809][ C1] do_softirq.part.0+0xd0/0xf4 [ 92.599025][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 92.599291][ C1] _raw_read_unlock_bh+0x54/0x64 [ 92.599527][ C1] wg_socket_send_skb_to_peer+0xf0/0x190 [ 92.599775][ C1] wg_socket_send_buffer_to_peer+0x110/0x160 [ 92.600009][ C1] wg_packet_send_handshake_initiation+0x1a8/0x274 [ 92.600264][ C1] wg_packet_handshake_send_worker+0x1c/0x34 [ 92.600560][ C1] process_one_work+0x780/0x184c [ 92.600843][ C1] worker_thread+0x3cc/0xc40 [ 92.601102][ C1] kthread+0x23c/0x2a0 [ 92.601295][ C1] ret_from_fork+0x10/0x20 [ 92.601570][ C1] irq event stamp: 217645 [ 92.601766][ C1] hardirqs last enabled at (217644): [] __local_bh_enable_ip+0x1e4/0x5d0 [ 92.602007][ C1] hardirqs last disabled at (217645): [] el1_dbg+0x24/0x80 [ 92.602286][ C1] softirqs last enabled at (217636): [] wg_socket_send_skb_to_peer+0xf0/0x190 [ 92.602593][ C1] softirqs last disabled at (217637): [] ____do_softirq+0x10/0x20 [ 92.602974][ C1] ---[ end trace 0000000000000000 ]--- [ 92.615973][ C1] ------------[ cut here ]------------ [ 92.616502][ C1] WARNING: CPU: 1 PID: 90 at include/linux/cpumask.h:110 wg_packet_send_staged_packets+0xe38/0x1380 [ 92.616834][ C1] Modules linked in: [ 92.617267][ C1] CPU: 1 PID: 90 Comm: kworker/1:2 Tainted: G W 6.0.0-syzkaller-11849-g6d84c258e804 #0 [ 92.617854][ C1] Hardware name: linux,dummy-virt (DT) [ 92.618144][ C1] Workqueue: wg-crypt-wg0 wg_packet_decrypt_worker [ 92.618413][ C1] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 92.618711][ C1] pc : wg_packet_send_staged_packets+0xe38/0x1380 [ 92.618941][ C1] lr : wg_packet_send_staged_packets+0x524/0x1380 [ 92.619182][ C1] sp : ffff800010ab7960 [ 92.619369][ C1] x29: ffff800010ab7960 x28: ffff000013a9fc00 x27: 0000000000000001 [ 92.619771][ C1] x26: 0000000000000001 x25: 0000000000000002 x24: 1fffe00002619c7e [ 92.620144][ C1] x23: ffff0000130ce3e8 x22: ffff80000de5cd50 x21: ffff00000f280960 [ 92.620519][ C1] x20: ffff0000130ce3c0 x19: ffff00000bd48c40 x18: ffff00006a9eab88 [ 92.620870][ C1] x17: ffff80005cbe4000 x16: ffff800010ab8000 x15: 0000000000008000 [ 92.621252][ C1] x14: 1ffff00002156efa x13: 1fffe000017a714b x12: ffff600001e5012e [ 92.621602][ C1] x11: ffff700001bcb9aa x10: dfff800000000000 x9 : 0000000000000003 [ 92.621934][ C1] x8 : ffff80000de5c000 x7 : 1fffe000017a91b9 x6 : 0000000000000000 [ 92.622269][ C1] x5 : ffff00000bd48dc8 x4 : ffff80000de5cb68 x3 : ffff800009f2c124 [ 92.622640][ C1] x2 : 0000000000000002 x1 : 0000000000000002 x0 : 0000000000000001 [ 92.623023][ C1] Call trace: [ 92.623208][ C1] wg_packet_send_staged_packets+0xe38/0x1380 [ 92.623454][ C1] wg_packet_rx_poll+0xd94/0x1580 [ 92.623698][ C1] __napi_poll+0x94/0x3a4 [ 92.623910][ C1] net_rx_action+0x78c/0xb60 [ 92.624127][ C1] _stext+0x28c/0x107c [ 92.624336][ C1] ____do_softirq+0x10/0x20 [ 92.624543][ C1] call_on_irq_stack+0x2c/0x54 [ 92.624800][ C1] do_softirq_own_stack+0x1c/0x30 [ 92.625041][ C1] do_softirq.part.0+0xd0/0xf4 [ 92.625264][ C1] __local_bh_enable_ip+0x50c/0x5d0 [ 92.625485][ C1] _raw_spin_unlock_bh+0x54/0x64 [ 92.625735][ C1] wg_packet_decrypt_worker+0x210/0x3c0 [ 92.625956][ C1] process_one_work+0x780/0x184c [ 92.626172][ C1] worker_thread+0x3cc/0xc40 [ 92.626383][ C1] kthread+0x23c/0x2a0 [ 92.626590][ C1] ret_from_fork+0x10/0x20 [ 92.626807][ C1] irq event stamp: 121 [ 92.627362][ C1] hardirqs last enabled at (120): [] seqcount_lockdep_reader_access.constprop.0+0xc4/0xe0 [ 92.627814][ C1] hardirqs last disabled at (121): [] el1_dbg+0x24/0x80 [ 92.628169][ C1] softirqs last enabled at (98): [] wg_packet_decrypt_worker+0x210/0x3c0 [ 92.628461][ C1] softirqs last disabled at (99): [] ____do_softirq+0x10/0x20 [ 92.628746][ C1] ---[ end trace 0000000000000000 ]--- 1970/01/01 00:01:33 building call list... [ 93.762878][ T1469] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.154485][ T1469] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.574574][ T1469] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 executing program [ 94.760130][ T1469] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.014007][ T1469] device hsr_slave_0 left promiscuous mode [ 97.059030][ T1469] device hsr_slave_1 left promiscuous mode [ 97.225439][ T1469] device veth1_macvtap left promiscuous mode [ 97.227601][ T1469] device veth0_macvtap left promiscuous mode [ 97.259440][ T1469] device veth1_vlan left promiscuous mode [ 97.261046][ T1469] device veth0_vlan left promiscuous mode executing program [ 99.075524][ T1469] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 99.170287][ T1469] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 99.619891][ T1469] bond0 (unregistering): Released all slaves executing program executing program executing program [ 109.415228][ T2207] can: request_module (can-proto-0) failed. [ 109.605022][ T2207] can: request_module (can-proto-0) failed. executing program [ 109.729894][ T2207] can: request_module (can-proto-0) failed. executing program executing program executing program [ 121.132814][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 121.136307][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 121.148557][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 121.151976][ T2049] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. VM DIAGNOSIS: 02:20:29 Registers: info registers vcpu 0 PC=ffff80000b45f928 X00=ffff80000b45f920 X01=ffff80000b45f960 X02=0000000000000000 X03=1fffe0000d539789 X04=00000000f204f1f1 X05=ffff700001000f92 X06=dfff800000000000 X07=00000000f1f1f1f1 X08=ffff000009230a58 X09=0000000000000050 X10=ffff0000092309cc X11=0000000000000007 X12=1fffe00001246139 X13=1fffe0000124614b X14=1ffff00001000f70 X15=00004c4b40000000 X16=ffff800008008000 X17=ffff80005cbc5000 X18=00000000c3f8bf2b X19=ffff80000e064980 X20=0000000000004760 X21=0000000000004760 X22=dfff800000000000 X23=000000156ba09800 X24=0000000000000001 X25=ffff80000e064e00 X26=ffff00006a9cea28 X27=ffff00006a9ceaa8 X28=dfff800000000000 X29=ffff800008007d30 X30=ffff80000b45f978 SP=ffff800008007d30 PSTATE=600000c5 -ZC- EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=30253a3a30386566:000a2e6574656c70 Q02=388e9c6c4fa85ca0:0000000000007832 Q03=0000000000000000:ff00000000000000 Q04=0000000000000000:ffffffffffff0000 Q05=0010000000000000:4000000000000000 Q06=0000000000000000:4010040140100000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000555010004000:0000555010004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000 info registers vcpu 1 PC=ffff800008292d6c X00=00000000000003c0 X01=00000000000003c0 X02=0000000000000003 X03=1fffe00001442001 X04=1fffe0000d53d001 X05=0000000000000000 X06=ffff80000c906ed8 X07=ffff00000a210000 X08=ffff80000de5cd50 X09=ffff80000de5c000 X10=00000000f3000000 X11=dfff800000000000 X12=000000000000f1f1 X13=0000000000000000 X14=0000000000000000 X15=ffff80000f2b6dc0 X16=0000000000000002 X17=0000000000000000 X18=00000000a5b9816a X19=0000000000000000 X20=ffff00000a210a60 X21=ffff80000e03ca80 X22=0000000000000028 X23=ffff00000a2109e8 X24=ffff80000de06c48 X25=ffff80000c991f40 X26=00000000ffffffff X27=00000000000003c0 X28=ffff00000a210000 X29=ffff800010ab6b90 X30=ffff80000c8f1884 SP=ffff800010ab6b90 PSTATE=100003c5 ---V EL1h FPCR=00000000 FPSR=00000000 Q00=0000000000000000:0000000000000000 Q01=30253a3a30386566:000a2e6574656c70 Q02=388e9c6c4fa85ca0:0000000000007832 Q03=0000000000000000:ff00000000000000 Q04=0000000000000000:ffffffffffff0000 Q05=0010000000000000:4000000000000000 Q06=0000000000000000:4010040140100000 Q07=4010040140100401:4010040140100401 Q08=0000000000000000:0000000000000000 Q09=0000000000000000:0000000000000000 Q10=0000000000000000:0000000000000000 Q11=0000000000000000:0000000000000000 Q12=0000000000000000:0000000000000000 Q13=0000000000000000:0000000000000000 Q14=0000000000000000:0000000000000000 Q15=0000000000000000:0000000000000000 Q16=0000555010004000:0000555010004000 Q17=000000ff00ff00ff:000000ff00ff00ff Q18=0000000000000000:0000000000000000 Q19=0000000000000000:0000000000000000 Q20=0000000000000000:0000000000000000 Q21=0000000000000000:0000000000000000 Q22=0000000000000000:0000000000000000 Q23=0000000000000000:0000000000000000 Q24=0000000000000000:0000000000000000 Q25=0000000000000000:0000000000000000 Q26=0000000000000000:0000000000000000 Q27=0000000000000000:0000000000000000 Q28=0000000000000000:0000000000000000 Q29=0000000000000000:0000000000000000 Q30=0000000000000000:0000000000000000 Q31=0000000000000000:0000000000000000