syzkaller login: [ 54.103067] sshd (223) used greatest stack depth: 23736 bytes left Warning: Permanently added '[localhost]:62919' (ECDSA) to the list of known hosts. 2024/12/05 22:17:38 fuzzer started 2024/12/05 22:17:39 dialing manager at localhost:46119 2024/12/05 22:17:39 checking machine... 2024/12/05 22:17:39 checking revisions... [ 61.748860] kmemleak: Automatic memory scanning thread ended 2024/12/05 22:17:39 testing simple program... [ 61.874168] cgroup: Unknown subsys name 'net' [ 61.978043] cgroup: Unknown subsys name 'cpuset' [ 62.013563] cgroup: Unknown subsys name 'rlimit' executing program executing program executing program executing program executing program executing program [ 81.775489] audit: type=1400 audit(1733437079.651:7): avc: denied { execmem } for pid=272 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 executing program [ 82.992294] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.996085] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.001061] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.014323] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 83.020391] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 83.025118] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.071831] Bluetooth: hci0: command tx timeout executing program [ 87.119142] Bluetooth: hci0: command tx timeout executing program [ 89.167204] Bluetooth: hci0: command tx timeout [ 91.215420] Bluetooth: hci0: command tx timeout executing program executing program executing program executing program executing program executing program executing program [ 110.413638] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.415046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.485467] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.486694] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2024/12/05 22:18:29 building call list... executing program executing program [ 117.130245] audit: type=1400 audit(1733437115.005:8): avc: denied { create } for pid=253 comm="syz-fuzzer" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 [ 118.363706] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list executing program [ 119.784509] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list executing program 2024/12/05 22:18:40 syscalls: 2217 2024/12/05 22:18:40 code coverage: enabled 2024/12/05 22:18:40 comparison tracing: enabled 2024/12/05 22:18:40 extra coverage: enabled 2024/12/05 22:18:40 setuid sandbox: enabled 2024/12/05 22:18:40 namespace sandbox: enabled 2024/12/05 22:18:40 Android sandbox: enabled 2024/12/05 22:18:40 fault injection: enabled 2024/12/05 22:18:40 leak checking: enabled 2024/12/05 22:18:40 net packet injection: enabled 2024/12/05 22:18:40 net device setup: enabled 2024/12/05 22:18:40 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/12/05 22:18:40 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/12/05 22:18:40 USB emulation: enabled 2024/12/05 22:18:40 hci packet injection: enabled 2024/12/05 22:18:40 wifi device emulation: enabled 2024/12/05 22:18:40 802.15.4 emulation: enabled 2024/12/05 22:18:40 fetching corpus: 0, signal 0/0 (executing program) 2024/12/05 22:18:40 fetching corpus: 0, signal 0/0 (executing program) 2024/12/05 22:18:42 starting 8 fuzzer processes 22:18:42 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xc, 0x11, r0, 0x41f99000) 22:18:42 executing program 2: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x6c8}, 0x6, 0x0, 0xc1, 0x0, 0xff, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$sock_buf(r0, 0x1, 0x9, 0x0, &(0x7f0000000200)) 22:18:42 executing program 1: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:18:42 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000028c0)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f000001a300)=[{{&(0x7f0000002900)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003dc0)=[{0x0}, {0x0}], 0x2, &(0x7f0000004080)=[@rights={{0x10}}], 0x10}}], 0x1, 0x0) 22:18:42 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0) recvfrom(r0, 0x0, 0x8, 0x2, 0x0, 0x0) 22:18:42 executing program 5: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:18:42 executing program 7: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x1040, &(0x7f0000000280)) 22:18:42 executing program 6: add_key(&(0x7f0000000180)='logon\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)="c0", 0x1, 0xfffffffffffffffc) [ 125.664852] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 125.671502] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 125.674239] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 125.681508] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 125.685033] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 125.687433] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 125.729567] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 125.736267] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 125.738161] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 125.744305] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 125.750303] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 125.752133] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 125.791627] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 125.793696] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 125.796461] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 125.805932] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 125.809024] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 125.813335] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 125.815316] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 125.817320] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 125.823863] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 125.830385] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 125.832729] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 125.835205] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 125.886794] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 125.890854] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 125.892842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 125.901319] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 125.909096] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 125.920186] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 125.928326] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 125.934739] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 125.937540] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 125.940694] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 125.945788] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 125.945845] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 125.958440] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 125.967209] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 125.968420] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 125.969768] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 125.970508] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 125.983613] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 126.014891] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 126.034616] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 126.042392] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 126.075202] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 126.099646] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 126.108374] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 127.759152] Bluetooth: hci0: command tx timeout [ 127.823107] Bluetooth: hci1: command tx timeout [ 127.888195] Bluetooth: hci3: command tx timeout [ 127.888292] Bluetooth: hci2: command tx timeout [ 128.015076] Bluetooth: hci4: command tx timeout [ 128.015132] Bluetooth: hci5: command tx timeout [ 128.079148] Bluetooth: hci6: command tx timeout [ 128.207391] Bluetooth: hci7: command tx timeout [ 129.807039] Bluetooth: hci0: command tx timeout [ 129.871062] Bluetooth: hci1: command tx timeout [ 129.935035] Bluetooth: hci3: command tx timeout [ 129.935578] Bluetooth: hci2: command tx timeout [ 130.063114] Bluetooth: hci4: command tx timeout [ 130.063130] Bluetooth: hci5: command tx timeout [ 130.127072] Bluetooth: hci6: command tx timeout [ 130.256013] Bluetooth: hci7: command tx timeout [ 131.855126] Bluetooth: hci0: command tx timeout [ 131.919144] Bluetooth: hci1: command tx timeout [ 131.983871] Bluetooth: hci2: command tx timeout [ 131.984047] Bluetooth: hci3: command tx timeout [ 132.111031] Bluetooth: hci4: command tx timeout [ 132.112039] Bluetooth: hci5: command tx timeout [ 132.175083] Bluetooth: hci6: command tx timeout [ 132.303118] Bluetooth: hci7: command tx timeout [ 133.916282] Bluetooth: hci0: command tx timeout [ 133.967150] Bluetooth: hci1: command tx timeout [ 134.031087] Bluetooth: hci2: command tx timeout [ 134.032091] Bluetooth: hci3: command tx timeout [ 134.160549] Bluetooth: hci5: command tx timeout [ 134.160595] Bluetooth: hci4: command tx timeout [ 134.223150] Bluetooth: hci6: command tx timeout [ 134.353067] Bluetooth: hci7: command tx timeout [ 182.338199] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.338862] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 182.638426] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.639117] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.684008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.684645] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.791064] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.791716] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.833718] ======================================================= [ 183.833718] WARNING: The mand mount option has been deprecated and [ 183.833718] and is ignored by this kernel. Remove the mand [ 183.833718] option from the mount to silence this warning. [ 183.833718] ======================================================= [ 183.947251] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.947919] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:19:41 executing program 7: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x1040, &(0x7f0000000280)) [ 184.028602] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.029513] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:19:41 executing program 7: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x1040, &(0x7f0000000280)) [ 184.140907] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.142011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:19:42 executing program 7: syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x1040, &(0x7f0000000280)) [ 184.310101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.310754] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:19:42 executing program 7: r0 = semget$private(0x0, 0x3, 0x0) semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000000140)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00}}) 22:19:42 executing program 7: r0 = semget$private(0x0, 0x3, 0x0) semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000000140)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00}}) 22:19:42 executing program 6: add_key(&(0x7f0000000180)='logon\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)="c0", 0x1, 0xfffffffffffffffc) [ 184.572307] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 184.573009] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 22:19:42 executing program 7: r0 = semget$private(0x0, 0x3, 0x0) semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000000140)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00}}) 22:19:42 executing program 6: add_key(&(0x7f0000000180)='logon\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)="c0", 0x1, 0xfffffffffffffffc) [ 187.614136] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 187.627431] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 187.633070] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 187.637362] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 187.638732] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 187.641587] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 187.650932] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 187.651070] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 187.655799] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 187.655875] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 187.661830] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 187.676614] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 187.713160] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 187.727366] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 187.733640] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 187.735768] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 187.744414] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 187.747380] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 187.758456] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 187.763879] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 187.766503] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 187.770491] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 187.776100] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 187.779494] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 188.036482] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 188.051795] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 188.053312] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 188.095880] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 188.097737] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 188.145389] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 188.156427] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 188.175210] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 188.209122] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 188.218371] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 188.228342] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 188.241410] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 189.711369] Bluetooth: hci1: command tx timeout [ 189.776063] Bluetooth: hci0: command tx timeout [ 189.839178] Bluetooth: hci2: command tx timeout [ 189.903197] Bluetooth: hci5: command tx timeout [ 190.351032] Bluetooth: hci6: command tx timeout [ 190.415045] Bluetooth: hci7: command tx timeout [ 191.759141] Bluetooth: hci1: command tx timeout [ 191.824041] Bluetooth: hci0: command tx timeout [ 191.887622] Bluetooth: hci2: command tx timeout [ 191.951714] Bluetooth: hci5: command tx timeout [ 192.399254] Bluetooth: hci6: command tx timeout [ 192.463046] Bluetooth: hci7: command tx timeout [ 193.807070] Bluetooth: hci1: command tx timeout [ 193.871123] Bluetooth: hci0: command tx timeout [ 193.936451] Bluetooth: hci2: command tx timeout [ 193.999024] Bluetooth: hci5: command tx timeout [ 194.447983] Bluetooth: hci6: command tx timeout [ 194.511491] Bluetooth: hci7: command tx timeout [ 195.855035] Bluetooth: hci1: command tx timeout [ 195.919648] Bluetooth: hci0: command tx timeout [ 195.983101] Bluetooth: hci2: command tx timeout [ 196.047122] Bluetooth: hci5: command tx timeout [ 196.495165] Bluetooth: hci6: command tx timeout [ 196.559129] Bluetooth: hci7: command tx timeout [ 232.126075] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.126692] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.333897] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.334948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.530617] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.531311] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.669263] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.669913] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.820459] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.821875] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.960667] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.961531] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.077059] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.077720] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.146703] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.147595] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.189520] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.190308] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.304697] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.305373] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.421458] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.422235] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.598715] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.599625] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.886145] ------------[ cut here ]------------ [ 233.886703] WARNING: CPU: 1 PID: 7187 at net/ipv4/ipmr.c:440 ipmr_rules_exit+0x13a/0x1c0 [ 233.887812] Modules linked in: [ 233.888353] CPU: 1 UID: 0 PID: 7187 Comm: syz-executor.1 Not tainted 6.13.0-rc1-next-20241205 #1 [ 233.892846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 233.893762] RIP: 0010:ipmr_rules_exit+0x13a/0x1c0 [ 233.894337] Code: ff df 48 c1 ea 03 80 3c 02 00 75 7d 48 c7 83 00 08 00 00 00 00 00 00 5b 5d 41 5c 41 5d 41 5e e9 ac 2a a3 00 e8 37 e6 6d fd 90 <0f> 0b 90 eb 93 e8 2c e6 6d fd 0f b6 2d d8 f8 58 02 31 ff 89 ee e8 [ 233.895947] RSP: 0018:ffff88800a637c20 EFLAGS: 00010216 [ 233.896430] RAX: 000000000002781c RBX: ffff888016891700 RCX: ffffc900029e0000 [ 233.897071] RDX: 0000000000040000 RSI: ffffffff83e3fc39 RDI: 0000000000000005 [ 233.897672] RBP: ffff888037dcc000 R08: 0000000000000000 R09: ffffed1002d12308 [ 233.898302] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001 [ 233.898901] R13: ffff888016891f00 R14: ffff888016891700 R15: fffffbfff0c50eb8 [ 233.899545] FS: 00007f9927a2c700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 233.900260] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 233.900766] CR2: 00007fa7f2db16f4 CR3: 0000000037ac0000 CR4: 0000000000350ef0 [ 233.901397] Call Trace: [ 233.901636] [ 233.901863] ? __warn+0xea/0x380 [ 233.902254] ? ipmr_rules_exit+0x13a/0x1c0 [ 233.902650] ? report_bug+0x2f5/0x3f0 [ 233.903065] ? ipmr_rules_exit+0x13a/0x1c0 [ 233.903471] ? ipmr_rules_exit+0x13b/0x1c0 [ 233.903860] ? handle_bug+0xe5/0x180 [ 233.904251] ? exc_invalid_op+0x35/0x80 [ 233.904630] ? asm_exc_invalid_op+0x1a/0x20 [ 233.905091] ? ipmr_rules_exit+0x139/0x1c0 [ 233.905490] ? ipmr_rules_exit+0x13a/0x1c0 [ 233.905888] ipmr_net_exit_batch+0x53/0xa0 [ 233.906302] ? __pfx_ipmr_net_exit_batch+0x10/0x10 [ 233.906743] ? __pfx_ipmr_net_exit+0x10/0x10 [ 233.907203] ops_exit_list+0x12b/0x180 [ 233.907575] setup_net+0x492/0x7a0 [ 233.907947] ? __pfx_setup_net+0x10/0x10 [ 233.908331] ? __pfx_down_read_killable+0x10/0x10 [ 233.908768] ? __raw_spin_lock_init+0x3a/0x110 [ 233.909220] ? srso_return_thunk+0x5/0x5f [ 233.909600] ? debug_mutex_init+0x37/0x70 [ 233.910030] copy_net_ns+0x2e3/0x6f0 [ 233.910396] create_new_namespaces+0x3f6/0xaf0 [ 233.910860] unshare_nsproxy_namespaces+0xc0/0x200 [ 233.911336] ksys_unshare+0x46a/0xa10 [ 233.911707] ? __pfx_ksys_unshare+0x10/0x10 [ 233.912136] ? xfd_validate_state+0x51/0x180 [ 233.912561] ? srso_return_thunk+0x5/0x5f [ 233.912963] ? trace_x86_fpu_regs_activated+0x130/0x190 [ 233.913454] __x64_sys_unshare+0x31/0x40 [ 233.913840] do_syscall_64+0xbf/0x1d0 [ 233.914224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.914706] RIP: 0033:0x7f992a4f8b19 [ 233.915066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 233.916568] RSP: 002b:00007f9927a2c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 233.917246] RAX: ffffffffffffffda RBX: 00007f992a60c0e0 RCX: 00007f992a4f8b19 [ 233.917847] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000048040080 [ 233.918468] RBP: 00007f992a552f6d R08: 0000000000000000 R09: 0000000000000000 [ 233.919089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 233.919692] R13: 00007fffebce32ef R14: 00007f9927a2c300 R15: 0000000000022000 [ 233.920345] [ 233.920566] irq event stamp: 11697 [ 233.920875] hardirqs last enabled at (11707): [] __up_console_sem+0x78/0x80 [ 233.921632] hardirqs last disabled at (11718): [] __up_console_sem+0x5d/0x80 [ 233.922386] softirqs last enabled at (11118): [] handle_softirqs+0x50c/0x770 [ 233.923153] softirqs last disabled at (11093): [] __irq_exit_rcu+0xc4/0x100 [ 233.923881] ---[ end trace 0000000000000000 ]--- [ 234.209741] audit: type=1400 audit(1733437232.086:9): avc: denied { open } for pid=7203 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 234.212517] audit: type=1400 audit(1733437232.086:10): avc: denied { kernel } for pid=7203 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 22:20:32 executing program 5: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:32 executing program 1: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:32 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0) recvfrom(r0, 0x0, 0x8, 0x2, 0x0, 0x0) 22:20:32 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xc, 0x11, r0, 0x41f99000) 22:20:32 executing program 7: r0 = semget$private(0x0, 0x3, 0x0) semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000000140)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00}}) 22:20:32 executing program 2: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x6c8}, 0x6, 0x0, 0xc1, 0x0, 0xff, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$sock_buf(r0, 0x1, 0x9, 0x0, &(0x7f0000000200)) 22:20:32 executing program 6: add_key(&(0x7f0000000180)='logon\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)="c0", 0x1, 0xfffffffffffffffc) 22:20:32 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000028c0)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f000001a300)=[{{&(0x7f0000002900)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003dc0)=[{0x0}, {0x0}], 0x2, &(0x7f0000004080)=[@rights={{0x10}}], 0x10}}], 0x1, 0x0) 22:20:32 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xc, 0x11, r0, 0x41f99000) 22:20:32 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000028c0)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f000001a300)=[{{&(0x7f0000002900)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003dc0)=[{0x0}, {0x0}], 0x2, &(0x7f0000004080)=[@rights={{0x10}}], 0x10}}], 0x1, 0x0) 22:20:32 executing program 7: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:32 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0) recvfrom(r0, 0x0, 0x8, 0x2, 0x0, 0x0) 22:20:32 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000028c0)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f000001a300)=[{{&(0x7f0000002900)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003dc0)=[{0x0}, {0x0}], 0x2, &(0x7f0000004080)=[@rights={{0x10}}], 0x10}}], 0x1, 0x0) 22:20:32 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xc, 0x11, r0, 0x41f99000) 22:20:33 executing program 2: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x6c8}, 0x6, 0x0, 0xc1, 0x0, 0xff, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$sock_buf(r0, 0x1, 0x9, 0x0, &(0x7f0000000200)) 22:20:33 executing program 6: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:34 executing program 5: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:34 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0) recvfrom(r0, 0x0, 0x8, 0x2, 0x0, 0x0) 22:20:34 executing program 3: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:34 executing program 6: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:34 executing program 7: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:34 executing program 2: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x6c8}, 0x6, 0x0, 0xc1, 0x0, 0xff, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$sock_buf(r0, 0x1, 0x9, 0x0, &(0x7f0000000200)) 22:20:34 executing program 0: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:34 executing program 1: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:34 executing program 2: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x6c8}, 0x6, 0x0, 0xc1, 0x0, 0xff, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$sock_buf(r0, 0x1, 0x9, 0x0, &(0x7f0000000200)) 22:20:34 executing program 4: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x6c8}, 0x6, 0x0, 0xc1, 0x0, 0xff, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$sock_buf(r0, 0x1, 0x9, 0x0, &(0x7f0000000200)) 22:20:34 executing program 2: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x6c8}, 0x6, 0x0, 0xc1, 0x0, 0xff, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$sock_buf(r0, 0x1, 0x9, 0x0, &(0x7f0000000200)) 22:20:34 executing program 4: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x6c8}, 0x6, 0x0, 0xc1, 0x0, 0xff, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$sock_buf(r0, 0x1, 0x9, 0x0, &(0x7f0000000200)) 22:20:34 executing program 1: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:34 executing program 4: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x6c8}, 0x6, 0x0, 0xc1, 0x0, 0xff, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$sock_buf(r0, 0x1, 0x9, 0x0, &(0x7f0000000200)) 22:20:34 executing program 2: perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xbb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x6c8}, 0x6, 0x0, 0xc1, 0x0, 0xff, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$sock_buf(r0, 0x1, 0x9, 0x0, &(0x7f0000000200)) 22:20:34 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0) recvfrom(r0, 0x0, 0x8, 0x2, 0x0, 0x0) 22:20:35 executing program 5: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:35 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0) recvfrom(r0, 0x0, 0x8, 0x2, 0x0, 0x0) 22:20:35 executing program 7: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:35 executing program 0: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:35 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0) recvfrom(r0, 0x0, 0x8, 0x2, 0x0, 0x0) 22:20:35 executing program 3: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:35 executing program 6: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:35 executing program 1: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:35 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0) recvfrom(r0, 0x0, 0x8, 0x2, 0x0, 0x0) 22:20:35 executing program 1: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:35 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0) recvfrom(r0, 0x0, 0x8, 0x2, 0x0, 0x0) 22:20:35 executing program 1: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:35 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr, @multicast1}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0) recvfrom(r0, 0x0, 0x8, 0x2, 0x0, 0x0) 22:20:35 executing program 2: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:36 executing program 4: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:36 executing program 2: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:36 executing program 3: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:36 executing program 6: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000028c0)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f000001a300)=[{{&(0x7f0000002900)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003dc0)=[{0x0}, {0x0}], 0x2, &(0x7f0000004080)=[@rights={{0x10}}], 0x10}}], 0x1, 0x0) 22:20:36 executing program 0: r0 = timerfd_create(0x0, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = syz_io_uring_setup(0x2d7a, &(0x7f0000000280), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000080)) read(r0, &(0x7f0000000100)=""/56, 0x38) dup2(r1, r2) 22:20:36 executing program 1: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:36 executing program 2: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:36 executing program 4: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:36 executing program 7: r0 = semget$private(0x0, 0x3, 0x0) semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000000140)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00}}) 22:20:36 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) stat(&(0x7f0000000240)='./file1\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'veth0_virt_wifi\x00', 0x0}) 22:20:36 executing program 6: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000028c0)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f000001a300)=[{{&(0x7f0000002900)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003dc0)=[{0x0}, {0x0}], 0x2, &(0x7f0000004080)=[@rights={{0x10}}], 0x10}}], 0x1, 0x0) 22:20:36 executing program 7: r0 = semget$private(0x0, 0x3, 0x0) semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000000140)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00}}) 22:20:36 executing program 2: move_pages(0x0, 0x20000003, &(0x7f0000000000)=[&(0x7f0000003000/0x3000)=nil], 0x0, &(0x7f0000000040), 0x0) gettid() 22:20:36 executing program 6: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000028c0)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f000001a300)=[{{&(0x7f0000002900)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003dc0)=[{0x0}, {0x0}], 0x2, &(0x7f0000004080)=[@rights={{0x10}}], 0x10}}], 0x1, 0x0) 22:20:36 executing program 5: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) stat(&(0x7f0000000240)='./file1\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'veth0_virt_wifi\x00', 0x0}) 22:20:37 executing program 4: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:37 executing program 1: unshare(0x8000000) semget$private(0x0, 0x1, 0x0) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000080)=[0x1]) semop(0x0, &(0x7f00000000c0)=[{0x0, 0x48, 0x1000}], 0x1) unshare(0x48040080) 22:20:37 executing program 7: r0 = semget$private(0x0, 0x3, 0x0) semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000000140)={{0x2, 0x0, 0xffffffffffffffff, 0x0, 0xee00}}) VM DIAGNOSIS: 22:20:31 Registers: info registers vcpu 0 RAX=dffffc0000000000 RBX=1ffff110071e4ed1 RCX=ffffffff8130255e RDX=1ffffffff0b82c68 RSI=0000000000000008 RDI=0000000000000000 RBP=ffffffff863fbc34 RSP=ffff888038f27678 R8 =0000000000000001 R9 =fffffbfff0c7f5d2 R10=ffffffff863fae97 R11=00000000000c3afd R12=ffffffff85c16340 R13=ffffffff81526236 R14=ffff8880383f9bc0 R15=ffff88800e427000 RIP=ffffffff81302631 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd90d5486f4 CR3=000000001c168000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007fe45251d7c000007fe45251d7c8 XMM02=00007fe45251d7e000007fe45251d7c0 XMM03=00007fe45251d7c800007fe45251d7c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82640875 RDI=ffffffff8867e880 RBP=ffffffff8867e840 RSP=ffff88800a637540 R8 =0000000000000000 R9 =ffffed1001698046 R10=000000000000002d R11=0000000000000000 R12=000000000000002d R13=ffffffff8867e840 R14=0000000000000010 R15=ffffffff82640860 RIP=ffffffff826408cd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f9927a2c700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa7f2db16f4 CR3=0000000037ac0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00524f52524500400000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000