------------[ cut here ]------------
WARNING: ./include/linux/ns_common.h:262 at nsproxy_ns_active_get+0x323/0x3d0, CPU#0: syz-executor.1/22159
Modules linked in:
CPU: 0 UID: 0 PID: 22159 Comm: syz-executor.1 Not tainted 6.18.0-rc4-next-20251103 #1 PREEMPT(voluntary)
FAULT_INJECTION: forcing a failure.
name failslab, interval 1, probability 0, space 0, times 0
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
CPU: 1 UID: 0 PID: 22156 Comm: syz-executor.7 Not tainted 6.18.0-rc4-next-20251103 #1 PREEMPT(voluntary)
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
dump_stack_lvl+0xfa/0x120
should_fail_ex+0x4d7/0x5e0
should_failslab+0xc2/0x120
kmem_cache_alloc_node_noprof+0x87/0x6b0
__alloc_skb+0x2ab/0x370
create_monitor_event+0x3d7/0x930
hci_sock_bind+0xb22/0x1470
__sys_bind+0x1dd/0x2b0
__x64_sys_bind+0x73/0xb0
do_syscall_64+0xbf/0x3f0
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fbfee694b19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fbfebc0a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
RAX: ffffffffffffffda RBX: 00007fbfee7a7f60 RCX: 00007fbfee694b19
RDX: 0000000000000006 RSI: 0000000020000000 RDI: 0000000000000004
RBP: 00007fbfebc0a1d0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
R13: 00007ffdec5d6f0f R14: 00007fbfebc0a300 R15: 0000000000022000
FAULT_INJECTION: forcing a failure.
name fail_usercopy, interval 1, probability 0, space 0, times 0
RIP: 0010:nsproxy_ns_active_get+0x323/0x3d0
CPU: 1 UID: 0 PID: 22158 Comm: syz-executor.4 Not tainted 6.18.0-rc4-next-20251103 #1 PREEMPT(voluntary)
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
dump_stack_lvl+0xfa/0x120
should_fail_ex+0x4d7/0x5e0
_copy_to_user+0x32/0xd0
simple_read_from_buffer+0xe0/0x180
proc_fail_nth_read+0x18a/0x240
vfs_read+0x1eb/0xc70
ksys_read+0x121/0x240
do_syscall_64+0xbf/0x3f0
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fc9e76ee69c
Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
RSP: 002b:00007fc9e4cb1170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007fc9e76ee69c
RDX: 000000000000000f RSI: 00007fc9e4cb11e0 RDI: 0000000000000003
RBP: 00007fc9e4cb11d0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
R13: 00007ffcc3e452df R14: 00007fc9e4cb1300 R15: 0000000000022000
Code: 00 01 0f 98 c3 31 ff 89 de e8 19 dd ab ff 84 db 75 07 5b 5d e9 3e e2 ab ff e8 39 e2 ab ff 90 0f 0b 90 eb ee e8 2e e2 ab ff 90 <0f> 0b 90 e9 3f fd ff ff e8 20 e2 ab ff 90 0f 0b 90 e9 92 fd ff ff
RSP: 0018:ffff88800ac6fe08 EFLAGS: 00010212
RAX: 0000000000000cf3 RBX: ffff888015fff208 RCX: ffffc900007e9000
RDX: 0000000000040000 RSI: ffffffff81c89cf2 RDI: 0000000000000001
RBP: ffff888009ebc401 R08: 0000000000000001 R09: ffffed10013d7897
R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016baafc0
R13: 0000000000000000 R14: ffff88804efab780 R15: ffff88800ac6fe98
FS: 00007ff360573700(0000) GS:ffff8880e53a8000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ff363111018 CR3: 00000000454e5000 CR4: 0000000000350ef0
Call Trace:
switch_task_namespaces+0x3d/0x110
__do_sys_setns+0x6b0/0x19a0
do_syscall_64+0xbf/0x3f0
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff362fff107
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 34 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ff360573128 EFLAGS: 00000246 ORIG_RAX: 0000000000000134
RAX: ffffffffffffffda RBX: 00007ff363110f60 RCX: 00007ff362fff107
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000ef
RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fff571b4e4f R14: 00007ff360573300 R15: 0000000000022000
irq event stamp: 1549
hardirqs last enabled at (1557): [] __up_console_sem+0x78/0x80
hardirqs last disabled at (1568): [] __up_console_sem+0x5d/0x80
softirqs last enabled at (1230): [] handle_softirqs+0x50c/0x770
softirqs last disabled at (1181): [] __irq_exit_rcu+0xc4/0x100
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: ./include/linux/ns_common.h:262 at nsproxy_ns_active_get+0x331/0x3d0, CPU#0: syz-executor.1/22159
Modules linked in:
CPU: 0 UID: 0 PID: 22159 Comm: syz-executor.1 Tainted: G W 6.18.0-rc4-next-20251103 #1 PREEMPT(voluntary)
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_ns_active_get+0x331/0x3d0
Code: 84 db 75 07 5b 5d e9 3e e2 ab ff e8 39 e2 ab ff 90 0f 0b 90 eb ee e8 2e e2 ab ff 90 0f 0b 90 e9 3f fd ff ff e8 20 e2 ab ff 90 <0f> 0b 90 e9 92 fd ff ff e8 12 e2 ab ff 90 0f 0b 90 e9 e5 fd ff ff
RSP: 0018:ffff88800ac6fe08 EFLAGS: 00010216
RAX: 00000000000306b2 RBX: ffff888015fff208 RCX: ffffc900007e9000
RDX: 0000000000040000 RSI: ffffffff81c89d00 RDI: 0000000000000001
RBP: ffff88800dc58201 R08: 0000000000000001 R09: ffffed1001b8b0a5
R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016baafc0
R13: 0000000000000000 R14: ffff88804efab780 R15: ffff88800ac6fe98
FS: 00007ff360573700(0000) GS:ffff8880e53a8000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ff363111018 CR3: 00000000454e5000 CR4: 0000000000350ef0
Call Trace:
switch_task_namespaces+0x3d/0x110
__do_sys_setns+0x6b0/0x19a0
do_syscall_64+0xbf/0x3f0
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff362fff107
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 34 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ff360573128 EFLAGS: 00000246 ORIG_RAX: 0000000000000134
RAX: ffffffffffffffda RBX: 00007ff363110f60 RCX: 00007ff362fff107
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000ef
RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fff571b4e4f R14: 00007ff360573300 R15: 0000000000022000
irq event stamp: 2257
hardirqs last enabled at (2269): [] __up_console_sem+0x78/0x80
hardirqs last disabled at (2280): [] __up_console_sem+0x5d/0x80
softirqs last enabled at (2188): [] handle_softirqs+0x50c/0x770
softirqs last disabled at (2183): [] __irq_exit_rcu+0xc4/0x100
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: ./include/linux/ns_common.h:262 at nsproxy_ns_active_get+0x33f/0x3d0, CPU#0: syz-executor.1/22159
------------[ cut here ]------------
Modules linked in:
CPU: 0 UID: 0 PID: 22159 Comm: syz-executor.1 Tainted: G W 6.18.0-rc4-next-20251103 #1 PREEMPT(voluntary)
WARNING: ./include/linux/ns_common.h:262 at nsproxy_ns_active_get+0x35b/0x3d0, CPU#1: syz-executor.1/22165
Tainted: [W]=WARN
Modules linked in:
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_ns_active_get+0x33f/0x3d0
CPU: 1 UID: 0 PID: 22165 Comm: syz-executor.1 Tainted: G W 6.18.0-rc4-next-20251103 #1 PREEMPT(voluntary)
Code: ab ff 90 0f 0b 90 eb ee e8 2e e2 ab ff 90 0f 0b 90 e9 3f fd ff ff e8 20 e2 ab ff 90 0f 0b 90 e9 92 fd ff ff e8 12 e2 ab ff 90 <0f> 0b 90 e9 e5 fd ff ff e8 04 e2 ab ff 90 0f 0b 90 e9 38 fe ff ff
Tainted: [W]=WARN
RSP: 0018:ffff88800ac6fe08 EFLAGS: 00010246
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_ns_active_get+0x35b/0x3d0
RAX: 0000000000040000 RBX: ffff888015fff208 RCX: ffffc900007e9000
Code: 0f 0b 90 e9 92 fd ff ff e8 12 e2 ab ff 90 0f 0b 90 e9 e5 fd ff ff e8 04 e2 ab ff 90 0f 0b 90 e9 38 fe ff ff e8 f6 e1 ab ff 90 <0f> 0b 90 e9 8b fe ff ff e8 e8 e1 ab ff 90 0f 0b 90 e9 de fe ff ff
RDX: 0000000000040000 RSI: ffffffff81c89d0e RDI: 0000000000000001
RSP: 0018:ffff88801a3e7e08 EFLAGS: 00010216
RBP: ffff888016354001 R08: 0000000000000001 R09: ffffed1002c6a941
R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016baafc0
RAX: 000000000000a5bf RBX: ffff88801e1ba7b8 RCX: ffffc900009ea000
R13: 0000000000000000 R14: ffff88804efab780 R15: ffff88800ac6fe98
RDX: 0000000000040000 RSI: ffffffff81c89d2a RDI: 0000000000000001
FS: 00007ff360573700(0000) GS:ffff8880e53a8000(0000) knlGS:0000000000000000
RBP: ffff88800983b201 R08: 0000000000000001 R09: ffffed1001307657
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016baafc0
CR2: 00007ff363111018 CR3: 00000000454e5000 CR4: 0000000000350ef0
R13: 0000000000000000 R14: ffff888048a13780 R15: ffff88801a3e7e98
Call Trace:
FS: 00007ff360552700(0000) GS:ffff8880e54a8000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
switch_task_namespaces+0x3d/0x110
CR2: 0000000020000000 CR3: 00000000454e5000 CR4: 0000000000350ef0
__do_sys_setns+0x6b0/0x19a0
Call Trace:
switch_task_namespaces+0x3d/0x110
__do_sys_setns+0x6b0/0x19a0
do_syscall_64+0xbf/0x3f0
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff362fff107
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 34 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
do_syscall_64+0xbf/0x3f0
RSP: 002b:00007ff360573128 EFLAGS: 00000246
entry_SYSCALL_64_after_hwframe+0x77/0x7f
ORIG_RAX: 0000000000000134
RIP: 0033:0x7ff362fff107
RAX: ffffffffffffffda RBX: 00007ff363110f60 RCX: 00007ff362fff107
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 34 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000ef
RSP: 002b:00007ff360552128 EFLAGS: 00000246
RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
ORIG_RAX: 0000000000000134
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
RAX: ffffffffffffffda RBX: 00007ff363111020 RCX: 00007ff362fff107
R13: 00007fff571b4e4f R14: 00007ff360573300 R15: 0000000000022000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000000000ef
RBP: 0000000000000004 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
irq event stamp: 2747
R13: 00007fff571b4e4f R14: 00007ff360552300 R15: 0000000000022000
hardirqs last enabled at (2757): [] irqentry_exit+0x3b/0x90
hardirqs last disabled at (2768): [] sysvec_apic_timer_interrupt+0xf/0x80
irq event stamp: 1273
softirqs last enabled at (2998): [] handle_softirqs+0x50c/0x770
softirqs last disabled at (2993): [] __irq_exit_rcu+0xc4/0x100
hardirqs last enabled at (1879): [] irqentry_exit+0x3b/0x90
---[ end trace 0000000000000000 ]---
hardirqs last disabled at (1890): [] sysvec_apic_timer_interrupt+0xf/0x80
softirqs last enabled at (1878): [] handle_softirqs+0x50c/0x770
softirqs last disabled at (1283): [] __irq_exit_rcu+0xc4/0x100
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: ./include/linux/ns_common.h:262 at nsproxy_ns_active_get+0x369/0x3d0, CPU#0: syz-executor.1/22159
Modules linked in:
CPU: 0 UID: 0 PID: 22159 Comm: syz-executor.1 Tainted: G W 6.18.0-rc4-next-20251103 #1 PREEMPT(voluntary)
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:nsproxy_ns_active_get+0x369/0x3d0
Code: 0f 0b 90 e9 e5 fd ff ff e8 04 e2 ab ff 90 0f 0b 90 e9 38 fe ff ff e8 f6 e1 ab ff 90 0f 0b 90 e9 8b fe ff ff e8 e8 e1 ab ff 90 <0f> 0b 90 e9 de fe ff ff e8 da e1 ab ff 90 0f 0b 90 e9 31 ff ff ff
RSP: 0018:ffff88800ac6fe08 EFLAGS: 00010246
RAX: 0000000000040000 RBX: ffff888015fffa90 RCX: ffffc900007e9000
RDX: 0000000000040000 RSI: ffffffff81c89d38 RDI: 0000000000000001
RBP: ffff888016a41801 R08: 0000000000000001 R09: ffffed1002d4834a
R10: 0000000000000001 R11: 0000000000000001 R12: ffff888016328e00
R13: 0000000000000000 R14: ffff88804efab780 R15: ffff88800ac6fe98
FS: 00007ff360573700(0000) GS:ffff8880e53a8000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fbfee7a8018 CR3: 00000000454e5000 CR4: 0000000000350ef0
Call Trace:
switch_task_namespaces+0x3d/0x110
__do_sys_setns+0x6b0/0x19a0
do_syscall_64+0xbf/0x3f0
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff362fff107
Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 34 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ff360573128 EFLAGS: 00000246 ORIG_RAX: 0000000000000134
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007ff362fff107
RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000000003 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff3605736bc
R13: 000000000000000e R14: 00007ff360573300 R15: 0000000000022000
irq event stamp: 3707
hardirqs last enabled at (3717): [] __up_console_sem+0x78/0x80
hardirqs last disabled at (3726): [] __up_console_sem+0x5d/0x80
softirqs last enabled at (3642): [] handle_softirqs+0x50c/0x770
softirqs last disabled at (3745): [] __irq_exit_rcu+0xc4/0x100
---[ end trace 0000000000000000 ]---
Bluetooth: hci0: Opcode 0x0c03 failed: -4
----------------
Code disassembly (best guess):
0: 73 01 jae 0x3
2: c3 retq
3: 48 c7 c1 bc ff ff ff mov $0xffffffffffffffbc,%rcx
a: f7 d8 neg %eax
c: 64 89 01 mov %eax,%fs:(%rcx)
f: 48 83 c8 ff or $0xffffffffffffffff,%rax
13: c3 retq
14: 66 2e 0f 1f 84 00 00 nopw %cs:0x0(%rax,%rax,1)
1b: 00 00 00
1e: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
23: b8 34 01 00 00 mov $0x134,%eax
28: 0f 05 syscall
* 2a: 48 3d 01 f0 ff ff cmp $0xfffffffffffff001,%rax <-- trapping instruction
30: 73 01 jae 0x33
32: c3 retq
33: 48 c7 c1 bc ff ff ff mov $0xffffffffffffffbc,%rcx
3a: f7 d8 neg %eax
3c: 64 89 01 mov %eax,%fs:(%rcx)
3f: 48 rex.W