Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
Oops: general protection fault, probably for non-canonical address 0xdffffc000000002d: 0000 [#1] SMP KASAN NOPTI
KASAN: null-ptr-deref in range [0x0000000000000168-0x000000000000016f]
CPU: 1 UID: 0 PID: 90241 Comm: syz-executor.3 Not tainted 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary)
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff88804cc7fdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974f1a0 R08: 0000000000000001 R09: ffffed1003edde43
R10: 0000000000000002 R11: ffff88800d096db0 R12: fffffffffffffff4
R13: ffff88801f6ef21c R14: ffffffff85cfdf20 R15: ffff8880181f8878
FS: 00005555856f1400(0000) GS:ffff8880e548f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fae781686f4 CR3: 000000004cde8000 CR4: 0000000000350ef0
Call Trace:
create_new_namespaces+0x585/0x750
unshare_nsproxy_namespaces+0xc0/0x200
ksys_unshare+0x468/0xa10
__x64_sys_unshare+0x31/0x40
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f59a47570d7
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffec083ad98 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007ffec083b3d8 RCX: 00007f59a47570d7
RDX: 00007f59a47c141f RSI: 00007ffec083ad30 RDI: 0000000040000000
RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffec083ab40
R10: 0000000000000000 R11: 0000000000000202 R12: 00007f59a4869bf0
R13: 00007ffec083ae70 R14: 0000000000000000 R15: 00000000000000f8
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff88804cc7fdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974f1a0 R08: 0000000000000001 R09: ffffed1003edde43
R10: 0000000000000002 R11: ffff88800d096db0 R12: fffffffffffffff4
R13: ffff88801f6ef21c R14: ffffffff85cfdf20 R15: ffff8880181f8878
FS: 00005555856f1400(0000) GS:ffff8880e548f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fae781686f4 CR3: 000000004cde8000 CR4: 0000000000350ef0
Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
Failed to initialize the IGMP autojoin socket (err -2)
Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
Oops: general protection fault, probably for non-canonical address 0xdffffc000000002d: 0000 [#2] SMP KASAN NOPTI
KASAN: null-ptr-deref in range [0x0000000000000168-0x000000000000016f]
CPU: 0 UID: 0 PID: 90243 Comm: syz-executor.5 Tainted: G D 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary)
Tainted: [D]=DIE
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff8880179cfdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800d70f888 R08: 0000000000000001 R09: ffffed1002694003
R10: 0000000000000002 R11: 0000000000000000 R12: fffffffffffffff4
R13: ffff8880134a001c R14: ffffffff85cfdf20 R15: ffff88804afcbff8
FS: 0000555592063400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005639e3886ac8 CR3: 000000004a9aa000 CR4: 0000000000350ef0
Call Trace:
create_new_namespaces+0x585/0x750
unshare_nsproxy_namespaces+0xc0/0x200
ksys_unshare+0x468/0xa10
__x64_sys_unshare+0x31/0x40
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe7cf65f0d7
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff737022c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007fff73702908 RCX: 00007fe7cf65f0d7
RDX: 00007fe7cf6c941f RSI: 00007fff73702260 RDI: 0000000040000000
RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007fff73702070
R10: 0000000000000000 R11: 0000000000000202 R12: 00007fe7cf771bf0
R13: 00007fff737023a0 R14: 0000000000000000 R15: 00000000000000f8
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff88804cc7fdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974f1a0 R08: 0000000000000001 R09: ffffed1003edde43
R10: 0000000000000002 R11: ffff88800d096db0 R12: fffffffffffffff4
R13: ffff88801f6ef21c R14: ffffffff85cfdf20 R15: ffff8880181f8878
FS: 0000555592063400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005639e3886ac8 CR3: 000000004a9aa000 CR4: 0000000000350ef0
Failed to initialize the IGMP autojoin socket (err -2)
Oops: general protection fault, probably for non-canonical address 0xdffffc000000002d: 0000 [#3] SMP KASAN NOPTI
KASAN: null-ptr-deref in range [0x0000000000000168-0x000000000000016f]
CPU: 0 UID: 0 PID: 90253 Comm: syz-executor.4 Tainted: G D 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary)
Tainted: [D]=DIE
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff8880137cfdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974f270 R08: 0000000000000001 R09: ffffed10026941c3
R10: 0000000000000002 R11: 0000000000000000 R12: fffffffffffffff4
R13: ffff8880134a0e1c R14: ffffffff85cfdf20 R15: ffff88804ca98878
FS: 0000555587f5d400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f714544bd10 CR3: 000000000da16000 CR4: 0000000000350ef0
Call Trace:
create_new_namespaces+0x585/0x750
unshare_nsproxy_namespaces+0xc0/0x200
ksys_unshare+0x468/0xa10
__x64_sys_unshare+0x31/0x40
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f30382e30d7
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffefe2cebe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007ffefe2cf228 RCX: 00007f30382e30d7
RDX: 00007f303834d41f RSI: 00007ffefe2ceb80 RDI: 0000000040000000
RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffefe2ce990
R10: 0000000000000000 R11: 0000000000000206 R12: 00007f30383f5bf0
R13: 00007ffefe2cecc0 R14: 0000000000000000 R15: 00000000000000f8
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff88804cc7fdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974f1a0 R08: 0000000000000001 R09: ffffed1003edde43
R10: 0000000000000002 R11: ffff88800d096db0 R12: fffffffffffffff4
R13: ffff88801f6ef21c R14: ffffffff85cfdf20 R15: ffff8880181f8878
FS: 0000555587f5d400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f714544bd10 CR3: 000000000da16000 CR4: 0000000000350ef0
Failed to initialize the IGMP autojoin socket (err -2)
Failed to initialize the IGMP autojoin socket (err -2)
Oops: general protection fault, probably for non-canonical address 0xdffffc000000002d: 0000 [#4] SMP KASAN NOPTI
KASAN: null-ptr-deref in range [0x0000000000000168-0x000000000000016f]
CPU: 0 UID: 0 PID: 90254 Comm: syz-executor.2 Tainted: G D 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary)
Tainted: [D]=DIE
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff8880161dfdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800d70fa28 R08: 0000000000000001 R09: ffffed1002694143
R10: 0000000000000002 R11: 0000000000000000 R12: fffffffffffffff4
R13: ffff8880134a0a1c R14: ffffffff85cfdf20 R15: ffff888049d5dbb8
FS: 0000555577c40400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f19288056f4 CR3: 0000000009779000 CR4: 0000000000350ef0
Call Trace:
create_new_namespaces+0x585/0x750
unshare_nsproxy_namespaces+0xc0/0x200
ksys_unshare+0x468/0xa10
__x64_sys_unshare+0x31/0x40
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa4daaa00d7
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd9dc72a28 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007ffd9dc73068 RCX: 00007fa4daaa00d7
RDX: 00007fa4dab0a41f RSI: 00007ffd9dc729c0 RDI: 0000000040000000
RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffd9dc727d0
R10: 0000000000000000 R11: 0000000000000206 R12: 00007fa4dabb2bf0
R13: 00007ffd9dc72b00 R14: 0000000000000000 R15: 00000000000000f8
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff88804cc7fdc8 EFLAGS: 00010217
Failed to initialize the IGMP autojoin socket (err -2)
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974f1a0 R08: 0000000000000001 R09: ffffed1003edde43
R10: 0000000000000002 R11: ffff88800d096db0 R12: fffffffffffffff4
R13: ffff88801f6ef21c R14: ffffffff85cfdf20 R15: ffff8880181f8878
FS: 0000555577c40400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f19288056f4 CR3: 0000000009779000 CR4: 0000000000350ef0
Oops: general protection fault, probably for non-canonical address 0xdffffc000000002d: 0000 [#5] SMP KASAN NOPTI
KASAN: null-ptr-deref in range [0x0000000000000168-0x000000000000016f]
CPU: 0 UID: 0 PID: 90252 Comm: syz-executor.1 Tainted: G D 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary)
Tainted: [D]=DIE
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff888049867dc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800d70f750 R08: 0000000000000001 R09: ffffed1003eddf83
R10: 0000000000000002 R11: 0000000000000000 R12: fffffffffffffff4
R13: ffff88801f6efc1c R14: ffffffff85cfdf20 R15: ffff8880073ba438
FS: 0000555590c6f400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007feab6350000 CR3: 000000001698a000 CR4: 0000000000350ef0
Call Trace:
create_new_namespaces+0x585/0x750
unshare_nsproxy_namespaces+0xc0/0x200
ksys_unshare+0x468/0xa10
__x64_sys_unshare+0x31/0x40
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f56376230d7
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff21f6a108 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007fff21f6a748 RCX: 00007f56376230d7
RDX: 00007f563768d41f RSI: 00007fff21f6a0a0 RDI: 0000000040000000
RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007fff21f69eb0
R10: 0000000000000000 R11: 0000000000000202 R12: 00007f5637735bf0
R13: 00007fff21f6a1e0 R14: 0000000000000000 R15: 00000000000000f8
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff88804cc7fdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974f1a0 R08: 0000000000000001 R09: ffffed1003edde43
R10: 0000000000000002 R11: ffff88800d096db0 R12: fffffffffffffff4
R13: ffff88801f6ef21c R14: ffffffff85cfdf20 R15: ffff8880181f8878
FS: 0000555590c6f400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007feab6350000 CR3: 000000001698a000 CR4: 0000000000350ef0
Failed to initialize the IGMP autojoin socket (err -2)
Oops: general protection fault, probably for non-canonical address 0xdffffc000000002d: 0000 [#6] SMP KASAN NOPTI
KASAN: null-ptr-deref in range [0x0000000000000168-0x000000000000016f]
CPU: 0 UID: 0 PID: 90251 Comm: syz-executor.6 Tainted: G D 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary)
Tainted: [D]=DIE
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff88804c9a7dc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974fc98 R08: 0000000000000001 R09: ffffed1003edde83
R10: 0000000000000002 R11: 0000000000000000 R12: fffffffffffffff4
R13: ffff88801f6ef41c R14: ffffffff85cfdf20 R15: ffff8880073bdbb8
FS: 000055556a972400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007feab65ec6f4 CR3: 000000001adf3000 CR4: 0000000000350ef0
Call Trace:
create_new_namespaces+0x585/0x750
unshare_nsproxy_namespaces+0xc0/0x200
ksys_unshare+0x468/0xa10
__x64_sys_unshare+0x31/0x40
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe04b17c0d7
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffe70ec1948 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007ffe70ec1f88 RCX: 00007fe04b17c0d7
RDX: 00007fe04b1e641f RSI: 00007ffe70ec18e0 RDI: 0000000040000000
RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffe70ec16f0
R10: 0000000000000000 R11: 0000000000000206 R12: 00007fe04b28ebf0
R13: 00007ffe70ec1a20 R14: 0000000000000000 R15: 00000000000000f8
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
Failed to initialize the IGMP autojoin socket (err -2)
RSP: 0018:ffff88804cc7fdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974f1a0 R08: 0000000000000001 R09: ffffed1003edde43
R10: 0000000000000002 R11: ffff88800d096db0 R12: fffffffffffffff4
R13: ffff88801f6ef21c R14: ffffffff85cfdf20 R15: ffff8880181f8878
FS: 000055556a972400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007feab65ec6f4 CR3: 000000001adf3000 CR4: 0000000000350ef0
Oops: general protection fault, probably for non-canonical address 0xdffffc000000002d: 0000 [#7] SMP KASAN NOPTI
KASAN: null-ptr-deref in range [0x0000000000000168-0x000000000000016f]
CPU: 1 UID: 0 PID: 90250 Comm: syz-executor.0 Tainted: G D 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary)
Tainted: [D]=DIE
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff888047bdfdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974ff08 R08: 0000000000000001 R09: ffffed1003eddd43
R10: 0000000000000002 R11: 0000000000000000 R12: fffffffffffffff4
R13: ffff88801f6eea1c R14: ffffffff85cfdf20 R15: ffff88804ca9dbb8
FS: 000055558526a400(0000) GS:ffff8880e548f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f71454e00f0 CR3: 000000001eed7000 CR4: 0000000000350ef0
Call Trace:
create_new_namespaces+0x585/0x750
unshare_nsproxy_namespaces+0xc0/0x200
ksys_unshare+0x468/0xa10
__x64_sys_unshare+0x31/0x40
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f4f69b060d7
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd6fb0d458 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007ffd6fb0da98 RCX: 00007f4f69b060d7
RDX: 00007f4f69b7041f RSI: 00007ffd6fb0d3f0 RDI: 0000000040000000
RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffd6fb0d200
R10: 0000000000000000 R11: 0000000000000202 R12: 00007f4f69c18bf0
R13: 00007ffd6fb0d530 R14: 0000000000000000 R15: 00000000000000f8
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff88804cc7fdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974f1a0 R08: 0000000000000001 R09: ffffed1003edde43
R10: 0000000000000002 R11: ffff88800d096db0 R12: fffffffffffffff4
R13: ffff88801f6ef21c R14: ffffffff85cfdf20 R15: ffff8880181f8878
FS: 000055558526a400(0000) GS:ffff8880e548f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f71454e00f0 CR3: 000000001eed7000 CR4: 0000000000350ef0
Oops: general protection fault, probably for non-canonical address 0xdffffc000000002d: 0000 [#8] SMP KASAN NOPTI
KASAN: null-ptr-deref in range [0x0000000000000168-0x000000000000016f]
CPU: 0 UID: 0 PID: 90255 Comm: syz-executor.7 Tainted: G D 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary)
Tainted: [D]=DIE
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff88804b53fdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974fc30 R08: 0000000000000001 R09: ffffed1003edddc3
R10: 0000000000000002 R11: 0000000000000000 R12: fffffffffffffff4
R13: ffff88801f6eee1c R14: ffffffff85cfdf20 R15: ffff888049d5bff8
FS: 0000555567067400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f4a43479000 CR3: 000000001cbe6000 CR4: 0000000000350ef0
Call Trace:
create_new_namespaces+0x585/0x750
unshare_nsproxy_namespaces+0xc0/0x200
ksys_unshare+0x468/0xa10
__x64_sys_unshare+0x31/0x40
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fb9f6d760d7
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffc5e25b398 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007ffc5e25b9d8 RCX: 00007fb9f6d760d7
RDX: 00007fb9f6de041f RSI: 00007ffc5e25b330 RDI: 0000000040000000
RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffc5e25b140
R10: 0000000000000000 R11: 0000000000000202 R12: 00007fb9f6e88bf0
R13: 00007ffc5e25b470 R14: 0000000000000000 R15: 00000000000000f8
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff88804cc7fdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974f1a0 R08: 0000000000000001 R09: ffffed1003edde43
R10: 0000000000000002 R11: ffff88800d096db0 R12: fffffffffffffff4
R13: ffff88801f6ef21c R14: ffffffff85cfdf20 R15: ffff8880181f8878
FS: 0000555567067400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f4a43479000 CR3: 000000001cbe6000 CR4: 0000000000350ef0
Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
Failed to initialize the IGMP autojoin socket (err -2)
Oops: general protection fault, probably for non-canonical address 0xdffffc000000002d: 0000 [#9] SMP KASAN NOPTI
KASAN: null-ptr-deref in range [0x0000000000000168-0x000000000000016f]
CPU: 0 UID: 0 PID: 90348 Comm: syz-executor.2 Tainted: G D 6.18.0-rc5-next-20251114 #1 PREEMPT(voluntary)
Tainted: [D]=DIE
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff88800f07fdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800d70f8f0 R08: 0000000000000001 R09: ffffed10026943c3
R10: 0000000000000002 R11: 0000000000000000 R12: fffffffffffffff4
R13: ffff8880134a1e1c R14: ffffffff85cfdf20 R15: ffff888019de2438
FS: 000055556d40d400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f714557e5c8 CR3: 00000000399e8000 CR4: 0000000000350ef0
Call Trace:
create_new_namespaces+0x585/0x750
unshare_nsproxy_namespaces+0xc0/0x200
ksys_unshare+0x468/0xa10
__x64_sys_unshare+0x31/0x40
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f6b8db200d7
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd99b90088 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
RAX: ffffffffffffffda RBX: 00007ffd99b906c8 RCX: 00007f6b8db200d7
RDX: 00007f6b8db8a41f RSI: 00007ffd99b90020 RDI: 0000000040000000
RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffd99b8fe30
R10: 0000000000000000 R11: 0000000000000206 R12: 00007f6b8dc32bf0
R13: 00007ffd99b90160 R14: 0000000000000000 R15: 00000000000000f8
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:nsproxy_free+0x28a/0x5a0
Code: 02 00 00 4c 8b 65 28 4d 85 e4 74 43 e8 7f 56 30 00 49 8d bc 24 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 f7 02 00 00 49 8b 9c 24 78 01 00 00 bf 08 00 00
RSP: 0018:ffff88804cc7fdc8 EFLAGS: 00010217
RAX: dffffc0000000000 RBX: 0000000000000002 RCX: ffffffff8144de5d
RDX: 000000000000002d RSI: ffffffff8144dd61 RDI: 000000000000016c
RBP: ffff88800974f1a0 R08: 0000000000000001 R09: ffffed1003edde43
R10: 0000000000000002 R11: ffff88800d096db0 R12: fffffffffffffff4
R13: ffff88801f6ef21c R14: ffffffff85cfdf20 R15: ffff8880181f8878
FS: 000055556d40d400(0000) GS:ffff8880e538f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f714557e5c8 CR3: 00000000399e8000 CR4: 0000000000350ef0
----------------
Code disassembly (best guess):
0: 02 00 add (%rax),%al
2: 00 4c 8b 65 add %cl,0x65(%rbx,%rcx,4)
6: 28 4d 85 sub %cl,-0x7b(%rbp)
9: e4 74 in $0x74,%al
b: 43 e8 7f 56 30 00 rex.XB callq 0x305690
11: 49 8d bc 24 78 01 00 lea 0x178(%r12),%rdi
18: 00
19: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax
20: fc ff df
23: 48 89 fa mov %rdi,%rdx
26: 48 c1 ea 03 shr $0x3,%rdx
* 2a: 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1) <-- trapping instruction
2e: 0f 85 f7 02 00 00 jne 0x32b
34: 49 8b 9c 24 78 01 00 mov 0x178(%r12),%rbx
3b: 00
3c: bf .byte 0xbf
3d: 08 00 or %al,(%rax)