Warning: Permanently added '[localhost]:20857' (ECDSA) to the list of known hosts.
2023/05/17 09:53:41 fuzzer started
2023/05/17 09:53:41 dialing manager at localhost:35573
2023/05/17 09:53:41 checking machine...
2023/05/17 09:53:41 checking revisions...
syzkaller login: [   42.794025] kmemleak: Automatic memory scanning thread ended
2023/05/17 09:53:41 testing simple program...
[   42.861195] cgroup: Unknown subsys name 'net'
[   42.980527] cgroup: Unknown subsys name 'rlimit'
executing program
executing program
executing program
executing program
[   56.115440] audit: type=1400 audit(1684317235.252:6): avc:  denied  { execmem } for  pid=256 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   57.263736] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   57.265919] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   57.268808] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   57.272267] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   57.274378] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   57.276360] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   57.577316] ------------[ cut here ]------------
[   57.577753] sysctl net/ipv4/ipfrag_low_thresh: data points to kernel global data: ipfrag_low_thresh_unused
[   57.578823] WARNING: CPU: 1 PID: 257 at net/sysctl_net.c:155 register_net_sysctl+0x1e6/0x2c0
[   57.579533] Modules linked in:
[   57.579791] CPU: 1 PID: 257 Comm: syz-executor.0 Tainted: G        W          6.4.0-rc2-next-20230516 #1
[   57.580508] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   57.581135] RIP: 0010:register_net_sysctl+0x1e6/0x2c0
[   57.581531] Code: 89 d8 4c 8b 43 08 48 c1 e8 03 42 80 3c 20 00 0f 85 af 00 00 00 48 8b 13 4c 89 e9 4c 89 fe 48 c7 c7 20 24 e2 84 e8 6a cd d5 fc <0f> 0b 48 89 e8 48 c1 e8 03 42 0f b6 14 20 48 89 e8 83 e0 07 83 c0
[   57.582875] RSP: 0018:ffff88801a1b7c00 EFLAGS: 00010282
[   57.583297] RAX: 0000000000000000 RBX: ffff888016173040 RCX: 0000000000000000
[   57.583856] RDX: ffff88801814d1c0 RSI: ffffffff81172af2 RDI: 0000000000000001
[   57.584404] RBP: ffff888016173054 R08: 0000000000000001 R09: 0000000000000000
[   57.584934] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000
[   57.585482] R13: ffffffff84e223a0 R14: ffff888016173048 R15: ffffffff84d73340
[   57.586060] FS:  0000555555b68400(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[   57.586655] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   57.587160] CR2: 00007f9f7c0336f4 CR3: 000000001ff10000 CR4: 0000000000350ee0
[   57.589952] Call Trace:
[   57.590176]  <TASK>
[   57.590364]  ? __pfx_ipv4_frags_init_net+0x10/0x10
[   57.590749]  ipv4_frags_init_net+0x269/0x440
[   57.591114]  ops_init+0xbb/0x6b0
[   57.591406]  setup_net+0x3d9/0x990
[   57.591702]  ? down_read_killable+0x1d7/0x4e0
[   57.592085]  ? __pfx_setup_net+0x10/0x10
[   57.592402]  ? copy_net_ns+0x17c/0x770
[   57.592738]  copy_net_ns+0x321/0x770
[   57.593059]  create_new_namespaces+0x3f6/0xb30
[   57.593427]  unshare_nsproxy_namespaces+0xc1/0x200
[   57.593841]  ksys_unshare+0x44d/0x8e0
[   57.594185]  ? __pfx_ksys_unshare+0x10/0x10
[   57.594525]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[   57.594969]  __x64_sys_unshare+0x31/0x40
[   57.595338]  do_syscall_64+0x3f/0x90
[   57.596047]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[   57.596446] RIP: 0033:0x7f45b64690d7
[   57.596746] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[   57.598146] RSP: 002b:00007ffd32377a18 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[   57.598710] RAX: ffffffffffffffda RBX: 00007ffd32378058 RCX: 00007f45b64690d7
[   57.599270] RDX: 00007f45b64d341f RSI: 00007ffd323779b0 RDI: 0000000040000000
[   57.599838] RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffd323777c0
[   57.600390] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f45b657bbf0
[   57.600920] R13: 00007ffd32377af0 R14: 0000000000000000 R15: 00000000000000f8
[   57.601482]  </TASK>
[   57.601669] irq event stamp: 7753
[   57.601939] hardirqs last  enabled at (7763): [<ffffffff812fdd38>] __up_console_sem+0x78/0x80
[   57.602596] hardirqs last disabled at (7774): [<ffffffff812fdd1d>] __up_console_sem+0x5d/0x80
[   57.603249] softirqs last  enabled at (7280): [<ffffffff8118e283>] irq_exit_rcu+0x93/0xc0
[   57.604710] softirqs last disabled at (7795): [<ffffffff8118e283>] irq_exit_rcu+0x93/0xc0
[   57.605347] ---[ end trace 0000000000000000 ]---
[   57.609973] ------------[ cut here ]------------
[   57.610375] sysctl net/ipv6/ip6frag_low_thresh: data points to kernel global data: ip6_frags_low_thresh_unused
[   57.611497] WARNING: CPU: 1 PID: 257 at net/sysctl_net.c:155 register_net_sysctl+0x1e6/0x2c0
[   57.612160] Modules linked in:
[   57.612416] CPU: 1 PID: 257 Comm: syz-executor.0 Tainted: G        W          6.4.0-rc2-next-20230516 #1
[   57.613130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   57.613730] RIP: 0010:register_net_sysctl+0x1e6/0x2c0
[   57.614156] Code: 89 d8 4c 8b 43 08 48 c1 e8 03 42 80 3c 20 00 0f 85 af 00 00 00 48 8b 13 4c 89 e9 4c 89 fe 48 c7 c7 20 24 e2 84 e8 6a cd d5 fc <0f> 0b 48 89 e8 48 c1 e8 03 42 0f b6 14 20 48 89 e8 83 e0 07 83 c0
[   57.615777] RSP: 0018:ffff88801a1b7c00 EFLAGS: 00010282
[   57.616205] RAX: 0000000000000000 RBX: ffff888009480e40 RCX: 0000000000000000
[   57.616753] RDX: ffff88801814d1c0 RSI: ffffffff81172af2 RDI: 0000000000000001
[   57.617307] RBP: ffff888009480e54 R08: 0000000000000001 R09: 0000000000000000
[   57.617860] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[   57.618428] R13: ffffffff84e223a0 R14: ffff888009480e48 R15: ffffffff84da62e0
[   57.618959] FS:  0000555555b68400(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[   57.619606] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   57.620098] CR2: 00007f9f7c0336f4 CR3: 000000001ff10000 CR4: 0000000000350ee0
[   57.620625] Call Trace:
[   57.620835]  <TASK>
[   57.621043]  ? __pfx_ipv6_frags_init_net+0x10/0x10
[   57.621424]  ipv6_frags_init_net+0x206/0x3c0
[   57.621772]  ops_init+0xbb/0x6b0
[   57.622072]  setup_net+0x3d9/0x990
[   57.622351]  ? down_read_killable+0x1d7/0x4e0
[   57.622699]  ? __pfx_setup_net+0x10/0x10
[   57.623042]  ? copy_net_ns+0x17c/0x770
[   57.624262]  copy_net_ns+0x321/0x770
[   57.624562]  create_new_namespaces+0x3f6/0xb30
[   57.624929]  unshare_nsproxy_namespaces+0xc1/0x200
[   57.625330]  ksys_unshare+0x44d/0x8e0
[   57.625635]  ? __pfx_ksys_unshare+0x10/0x10
[   57.626001]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[   57.626448]  __x64_sys_unshare+0x31/0x40
[   57.626771]  do_syscall_64+0x3f/0x90
[   57.627087]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[   57.627582] RIP: 0033:0x7f45b64690d7
[   57.627896] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[   57.629232] RSP: 002b:00007ffd32377a18 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[   57.629799] RAX: ffffffffffffffda RBX: 00007ffd32378058 RCX: 00007f45b64690d7
[   57.630344] RDX: 00007f45b64d341f RSI: 00007ffd323779b0 RDI: 0000000040000000
[   57.630899] RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffd323777c0
[   57.631729] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f45b657bbf0
[   57.632290] R13: 00007ffd32377af0 R14: 0000000000000000 R15: 00000000000000f8
[   57.632849]  </TASK>
[   57.633081] irq event stamp: 9893
[   57.633345] hardirqs last  enabled at (9903): [<ffffffff812fdd38>] __up_console_sem+0x78/0x80
[   57.633996] hardirqs last disabled at (9914): [<ffffffff812fdd1d>] __up_console_sem+0x5d/0x80
[   57.634628] softirqs last  enabled at (9130): [<ffffffff8118e283>] irq_exit_rcu+0x93/0xc0
[   57.635316] softirqs last disabled at (9933): [<ffffffff8118e283>] irq_exit_rcu+0x93/0xc0
[   57.636029] ---[ end trace 0000000000000000 ]---
[   57.637033] ------------[ cut here ]------------
[   57.637392] sysctl net/netfilter/nf_conntrack_frag6_low_thresh: data points to kernel global data: nf_conntrack_frag6_low_thresh_unused
[   57.638557] WARNING: CPU: 1 PID: 257 at net/sysctl_net.c:155 register_net_sysctl+0x1e6/0x2c0
[   57.639215] Modules linked in:
[   57.639513] CPU: 1 PID: 257 Comm: syz-executor.0 Tainted: G        W          6.4.0-rc2-next-20230516 #1
[   57.640225] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   57.640826] RIP: 0010:register_net_sysctl+0x1e6/0x2c0
[   57.641248] Code: 89 d8 4c 8b 43 08 48 c1 e8 03 42 80 3c 20 00 0f 85 af 00 00 00 48 8b 13 4c 89 e9 4c 89 fe 48 c7 c7 20 24 e2 84 e8 6a cd d5 fc <0f> 0b 48 89 e8 48 c1 e8 03 42 0f b6 14 20 48 89 e8 83 e0 07 83 c0
[   57.642577] RSP: 0018:ffff88801a1b7bf0 EFLAGS: 00010286
[   57.643007] RAX: 0000000000000000 RBX: ffff888013956240 RCX: 0000000000000000
[   57.643566] RDX: ffff88801814d1c0 RSI: ffffffff81172af2 RDI: 0000000000000001
[   57.644144] RBP: ffff888013956254 R08: 0000000000000001 R09: 0000000000000000
[   57.644668] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[   57.645261] R13: ffffffff84e223a0 R14: ffff888013956248 R15: ffffffff84daf020
[   57.645791] FS:  0000555555b68400(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[   57.646407] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   57.646869] CR2: 00007f9f7c0336f4 CR3: 000000001ff10000 CR4: 0000000000350ee0
[   57.647435] Call Trace:
[   57.647637]  <TASK>
[   57.647832]  nf_ct_net_init+0x224/0x3d0
[   57.648214]  ? __pfx_nf_ct_net_init+0x10/0x10
[   57.648568]  ops_init+0xbb/0x6b0
[   57.648875]  setup_net+0x3d9/0x990
[   57.649172]  ? down_read_killable+0x1d7/0x4e0
[   57.649524]  ? __pfx_setup_net+0x10/0x10
[   57.649843]  ? copy_net_ns+0x17c/0x770
[   57.650209]  copy_net_ns+0x321/0x770
[   57.650509]  create_new_namespaces+0x3f6/0xb30
[   57.650873]  unshare_nsproxy_namespaces+0xc1/0x200
[   57.651274]  ksys_unshare+0x44d/0x8e0
[   57.651624]  ? __pfx_ksys_unshare+0x10/0x10
[   57.652017]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[   57.652465]  __x64_sys_unshare+0x31/0x40
[   57.652785]  do_syscall_64+0x3f/0x90
[   57.653148]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[   57.653547] RIP: 0033:0x7f45b64690d7
[   57.653837] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[   57.655173] RSP: 002b:00007ffd32377a18 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[   57.655778] RAX: ffffffffffffffda RBX: 00007ffd32378058 RCX: 00007f45b64690d7
[   57.656344] RDX: 00007f45b64d341f RSI: 00007ffd323779b0 RDI: 0000000040000000
[   57.656888] RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffd323777c0
[   57.657466] R10: 0000000000000000 R11: 0000000000000206 R12: 00007f45b657bbf0
[   57.658014] R13: 00007ffd32377af0 R14: 0000000000000000 R15: 00000000000000f8
[   57.658557]  </TASK>
[   57.658745] irq event stamp: 10595
executing program
[   57.659055] hardirqs last  enabled at (10607): [<ffffffff812fdd38>] __up_console_sem+0x78/0x80
[   57.659724] hardirqs last disabled at (10616): [<ffffffff812fdd1d>] __up_console_sem+0x5d/0x80
[   57.660430] softirqs last  enabled at (9940): [<ffffffff8118e283>] irq_exit_rcu+0x93/0xc0
[   57.661097] softirqs last disabled at (9933): [<ffffffff8118e283>] irq_exit_rcu+0x93/0xc0
[   57.661710] ---[ end trace 0000000000000000 ]---
[   59.339858] Bluetooth: hci0: command 0x0409 tx timeout
executing program
[   61.387102] Bluetooth: hci0: command 0x041b tx timeout
[   63.435077] Bluetooth: hci0: command 0x040f tx timeout
executing program
[   65.483552] Bluetooth: hci0: command 0x0419 tx timeout
executing program

VM DIAGNOSIS:
09:53:55  Registers:
info registers vcpu 0
RAX=dffffc0000000000 RBX=0000000000000001 RCX=0000000000000000 RDX=1ffff110033611ae
RSI=ffffffff81936ae0 RDI=0000000000000001 RBP=ffff888019b08c98 RSP=ffff888016247ae0
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=ffff888019b08d70 R13=0000000000000001 R14=0000000000000001 R15=0000000000000006
RIP=ffffffff81936afb RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007efddbfff700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f00a683efe0 CR3=00000000158aa000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=2036353a33353a39302037312079614d XMM01=5d3537333031362e37352020205b203a
XMM02=7268745f776f6c5f676172663670692f XMM03=61626f6c67206c656e72656b206f7420
XMM04=6f6c5f73676172665f367069203a6174 XMM05=206f742073746e696f70206174616420
XMM06=3670692f367670692f74656e206c7463 XMM07=205b203a6c656e72656b2072656c6c61
XMM08=7475636578652d7a7973223d6d6d6f63 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff825075f0 RDI=ffffffff87f27c00 RBP=ffffffff87f27bc0 RSP=ffff88801a1b7510
R8 =0000000000000004 R9 =0000000000000010 R10=0000000000000010 R11=0000000000000001
R12=0000000000002710 R13=0000000000000020 R14=fffffbfff0fe4fd1 R15=dffffc0000000000
RIP=ffffffff82507645 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555555b68400 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9f7c0336f4 CR3=000000001ff10000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=0000000000000000000000000000ff00 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000