------------[ cut here ]------------
WARNING: ./include/linux/ns_common.h:288 at nsproxy_ns_active_get+0x323/0x3d0, CPU#0: syz-executor.3/6478
Modules linked in:
CPU: 0 UID: 0 PID: 6478 Comm: syz-executor.3 Not tainted 6.18.0-rc4-next-20251105 #1 PREEMPT(voluntary)
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_ns_active_get+0x323/0x3d0
Code: 00 01 0f 98 c3 31 ff 89 de e8 e9 cd ab ff 84 db 75 07 5b 5d e9 0e d3 ab ff e8 09 d3 ab ff 90 0f 0b 90 eb ee e8 fe d2 ab ff 90 <0f> 0b 90 e9 3f fd ff ff e8 f0 d2 ab ff 90 0f 0b 90 e9 92 fd ff ff
RSP: 0018:ffff8880177afe08 EFLAGS: 00010212
RAX: 00000000000007fe RBX: ffff88800ee42270 RCX: ffffc90002df2000
RDX: 0000000000040000 RSI: ffffffff81c8c9f2 RDI: 0000000000000001
RBP: ffff88801acb0401 R08: 0000000000000001 R09: ffffed1003596097
R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016c5b6c0
R13: 0000000000000000 R14: ffff8880145b1bc0 R15: ffff8880177afe98
FS: 00007f0c96aec700(0000) GS:ffff8880e53a5000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f92bc1d0028 CR3: 000000001ef3b000 CR4: 0000000000350ef0
Call Trace:
switch_task_namespaces+0x3d/0x110
__do_sys_setns+0x6b0/0x19a0
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f0c995ba107
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 34 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f0c96aec128 EFLAGS: 00000246 ORIG_RAX: 0000000000000134
RAX: ffffffffffffffda RBX: 00007f0c996cc0e0 RCX: 00007f0c995ba107
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000ef
RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffd21324adf R14: 00007f0c96aec300 R15: 0000000000022000
irq event stamp: 2377
hardirqs last enabled at (2387): [] __up_console_sem+0x78/0x80
hardirqs last disabled at (2396): [] __up_console_sem+0x5d/0x80
softirqs last enabled at (2182): [] handle_softirqs+0x50c/0x770
softirqs last disabled at (2177): [] __irq_exit_rcu+0xc4/0x100
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: ./include/linux/ns_common.h:288 at nsproxy_ns_active_get+0x331/0x3d0, CPU#0: syz-executor.3/6478
Modules linked in:
CPU: 0 UID: 0 PID: 6478 Comm: syz-executor.3 Tainted: G W 6.18.0-rc4-next-20251105 #1 PREEMPT(voluntary)
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_ns_active_get+0x331/0x3d0
Code: 84 db 75 07 5b 5d e9 0e d3 ab ff e8 09 d3 ab ff 90 0f 0b 90 eb ee e8 fe d2 ab ff 90 0f 0b 90 e9 3f fd ff ff e8 f0 d2 ab ff 90 <0f> 0b 90 e9 92 fd ff ff e8 e2 d2 ab ff 90 0f 0b 90 e9 e5 fd ff ff
RSP: 0018:ffff8880177afe08 EFLAGS: 00010216
RAX: 000000000001b43a RBX: ffff88800ee42270 RCX: ffffc90002df2000
RDX: 0000000000040000 RSI: ffffffff81c8ca00 RDI: 0000000000000001
RBP: ffff8880183a8801 R08: 0000000000000001 R09: ffffed100307515b
R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016c5b6c0
R13: 0000000000000000 R14: ffff8880145b1bc0 R15: ffff8880177afe98
FS: 00007f0c96aec700(0000) GS:ffff8880e53a5000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f92bc1d0028 CR3: 000000001ef3b000 CR4: 0000000000350ef0
Call Trace:
switch_task_namespaces+0x3d/0x110
__do_sys_setns+0x6b0/0x19a0
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f0c995ba107
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 34 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f0c96aec128 EFLAGS: 00000246 ORIG_RAX: 0000000000000134
RAX: ffffffffffffffda RBX: 00007f0c996cc0e0 RCX: 00007f0c995ba107
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000ef
RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffd21324adf R14: 00007f0c96aec300 R15: 0000000000022000
irq event stamp: 2801
hardirqs last enabled at (2809): [] __up_console_sem+0x78/0x80
hardirqs last disabled at (2818): [] __up_console_sem+0x5d/0x80
softirqs last enabled at (2836): [] handle_softirqs+0x50c/0x770
------------[ cut here ]------------
softirqs last disabled at (2829): [] __irq_exit_rcu+0xc4/0x100
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: ./include/linux/ns_common.h:288 at alloc_pid+0xcc8/0x1150, CPU#1: syz-executor.3/6454
WARNING: ./include/linux/ns_common.h:288 at nsproxy_ns_active_get+0x33f/0x3d0, CPU#0: syz-executor.3/6478
Modules linked in:
Modules linked in:
CPU: 0 UID: 0 PID: 6478 Comm: syz-executor.3 Tainted: G W 6.18.0-rc4-next-20251105 #1 PREEMPT(voluntary)
CPU: 1 UID: 0 PID: 6454 Comm: syz-executor.3 Tainted: G W 6.18.0-rc4-next-20251105 #1 PREEMPT(voluntary)
Tainted: [W]=WARN
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_ns_active_get+0x33f/0x3d0
RIP: 0010:alloc_pid+0xcc8/0x1150
Code: ab ff 90 0f 0b 90 eb ee e8 fe d2 ab ff 90 0f 0b 90 e9 3f fd ff ff e8 f0 d2 ab ff 90 0f 0b 90 e9 92 fd ff ff e8 e2 d2 ab ff 90 <0f> 0b 90 e9 e5 fd ff ff e8 d4 d2 ab ff 90 0f 0b 90 e9 38 fe ff ff
Code: 00 00 00 e8 9a 8c 6e 00 f0 83 83 68 01 00 00 01 0f 98 c3 31 ff 89 de e8 f6 76 31 00 84 db 0f 84 bc f3 ff ff e8 19 7c 31 00 90 <0f> 0b 90 e9 ae f3 ff ff e8 0b 7c 31 00 90 48 c7 c6 40 16 e7 84 48
RSP: 0018:ffff8880177afe08 EFLAGS: 00010216
RSP: 0018:ffff888049c87ab0 EFLAGS: 00010293
RAX: 0000000000035fec RBX: ffff88800ee42270 RCX: ffffc90002df2000
RAX: 0000000000000000 RBX: ffff8880190fc201 RCX: ffffffff814320ca
RDX: 0000000000040000 RSI: ffffffff81c8ca0e RDI: 0000000000000001
RDX: ffff8880495d5340 RSI: ffffffff814320d7 RDI: 0000000000000001
RBP: ffff88800ecfe001 R08: 0000000000000001 R09: ffffed1001d9fd41
RBP: ffff88806cf35d60 R08: 0000000000000001 R09: ffffed100321f883
R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016c5b6c0
R10: 0000000000000001 R11: 0000000000000001 R12: ffff88806cf35d88
R13: 0000000000000000 R14: ffff8880145b1bc0 R15: ffff8880177afe98
R13: ffffffff85d026e0 R14: ffff888013e2a480 R15: ffff8880190fc2b0
FS: 0000555592a40400(0000) GS:ffff8880e54a5000(0000) knlGS:0000000000000000
FS: 00007f0c96aec700(0000) GS:ffff8880e53a5000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000555592a42098 CR3: 000000001ef3b000 CR4: 0000000000350ef0
Call Trace:
copy_process+0x3be1/0x72a0
kernel_clone+0xea/0x7f0
CR2: 00007f92bc1d0028 CR3: 000000001ef3b000 CR4: 0000000000350ef0
Call Trace:
__do_sys_clone+0xce/0x120
switch_task_namespaces+0x3d/0x110
__do_sys_setns+0x6b0/0x19a0
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
do_syscall_64+0xbf/0x430
RIP: 0033:0x7f0c995b9f41
entry_SYSCALL_64_after_hwframe+0x77/0x7f
Code: 48 85 ff 74 3d 48 85 f6 74 38 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 7c 13 74 01 c3 31 ed 58 5f ff d0 48 89 c7 b8 3c 00 00 00
RIP: 0033:0x7f0c995ba107
RSP: 002b:00007ffd21324a28 EFLAGS: 00000206
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 34 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
ORIG_RAX: 0000000000000038
RSP: 002b:00007f0c96aec128 EFLAGS: 00000246
RAX: ffffffffffffffda RBX: 00007f0c96acb700 RCX: 00007f0c995b9f41
ORIG_RAX: 0000000000000134
RAX: ffffffffffffffda RBX: 00007f0c996cc0e0 RCX: 00007f0c995ba107
RDX: 00007f0c96acb9d0 RSI: 00007f0c96acb2f0 RDI: 00000000003d0f00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000ef
RBP: 00007ffd21324c60 R08: 00007f0c96acb700 R09: 00007f0c96acb700
RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000000
R10: 00007f0c96acb9d0 R11: 0000000000000206 R12: 00007ffd21324ade
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffd21324adf R14: 00007f0c96acb300 R15: 0000000000022000
R13: 00007ffd21324adf R14: 00007f0c96aec300 R15: 0000000000022000
irq event stamp: 3761
hardirqs last enabled at (3773): [] irqentry_exit+0x17b/0x650
irq event stamp: 4215
hardirqs last enabled at (4221): [] vprintk_emit+0x650/0x690
hardirqs last disabled at (4226): [] vprintk_emit+0x5e1/0x690
softirqs last enabled at (4190): [] handle_softirqs+0x50c/0x770
hardirqs last disabled at (3784): [] sysvec_apic_timer_interrupt+0xf/0x80
softirqs last disabled at (4185): [] __irq_exit_rcu+0xc4/0x100
softirqs last enabled at (3512): [] handle_softirqs+0x50c/0x770
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
softirqs last disabled at (3319): [] __irq_exit_rcu+0xc4/0x100
WARNING: ./include/linux/ns_common.h:288 at nsproxy_ns_active_get+0x35b/0x3d0, CPU#0: syz-executor.3/6478
---[ end trace 0000000000000000 ]---
Modules linked in:
CPU: 0 UID: 0 PID: 6478 Comm: syz-executor.3 Tainted: G W 6.18.0-rc4-next-20251105 #1 PREEMPT(voluntary)
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_ns_active_get+0x35b/0x3d0
Code: 0f 0b 90 e9 92 fd ff ff e8 e2 d2 ab ff 90 0f 0b 90 e9 e5 fd ff ff e8 d4 d2 ab ff 90 0f 0b 90 e9 38 fe ff ff e8 c6 d2 ab ff 90 <0f> 0b 90 e9 8b fe ff ff e8 b8 d2 ab ff 90 0f 0b 90 e9 de fe ff ff
RSP: 0018:ffff8880177afe08 EFLAGS: 00010246
RAX: 0000000000040000 RBX: ffff88800ee42270 RCX: ffffc90002df2000
RDX: 0000000000040000 RSI: ffffffff81c8ca2a RDI: 0000000000000001
RBP: ffff8880094c1a01 R08: 0000000000000001 R09: ffffed1001298357
R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016c5b6c0
R13: 0000000000000000 R14: ffff8880145b1bc0 R15: ffff8880177afe98
FS: 00007f0c96aec700(0000) GS:ffff8880e53a5000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f92bc1d0028 CR3: 000000001ef3b000 CR4: 0000000000350ef0
Call Trace:
switch_task_namespaces+0x3d/0x110
__do_sys_setns+0x6b0/0x19a0
do_syscall_64+0xbf/0x430
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f0c995ba107
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 34 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f0c96aec128 EFLAGS: 00000246 ORIG_RAX: 0000000000000134
RAX: ffffffffffffffda RBX: 00007f0c996cc0e0 RCX: 00007f0c995ba107
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000ef
RBP: 0000000000000007 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffd21324adf R14: 00007f0c96aec300 R15: 0000000000022000
irq event stamp: 4745
hardirqs last enabled at (4755): [] __up_console_sem+0x78/0x80
hardirqs last disabled at (4772): [] __up_console_sem+0x5d/0x80
softirqs last enabled at (4692): [] handle_softirqs+0x50c/0x770
softirqs last disabled at (4687): [] __irq_exit_rcu+0xc4/0x100
---[ end trace 0000000000000000 ]---
No source specified
No source specified
Bluetooth: hci1: command 0x0405 tx timeout
mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
loop6: detected capacity change from 0 to 264192
mac80211_hwsim hwsim13 wlan1: entered promiscuous mode
mac80211_hwsim hwsim13 wlan1: left promiscuous mode
mac80211_hwsim hwsim13 wlan1: entered promiscuous mode
mac80211_hwsim hwsim13 wlan1: left promiscuous mode
loop6: detected capacity change from 0 to 264192
----------------
Code disassembly (best guess):
0: 48 85 ff test %rdi,%rdi
3: 74 3d je 0x42
5: 48 85 f6 test %rsi,%rsi
8: 74 38 je 0x42
a: 48 83 ee 10 sub $0x10,%rsi
e: 48 89 4e 08 mov %rcx,0x8(%rsi)
12: 48 89 3e mov %rdi,(%rsi)
15: 48 89 d7 mov %rdx,%rdi
18: 4c 89 c2 mov %r8,%rdx
1b: 4d 89 c8 mov %r9,%r8
1e: 4c 8b 54 24 08 mov 0x8(%rsp),%r10
23: b8 38 00 00 00 mov $0x38,%eax
28: 0f 05 syscall
* 2a: 48 85 c0 test %rax,%rax <-- trapping instruction
2d: 7c 13 jl 0x42
2f: 74 01 je 0x32
31: c3 retq
32: 31 ed xor %ebp,%ebp
34: 58 pop %rax
35: 5f pop %rdi
36: ff d0 callq *%rax
38: 48 89 c7 mov %rax,%rdi
3b: b8 3c 00 00 00 mov $0x3c,%eax