Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:20919' (ECDSA) to the list of known hosts.
2023/05/16 13:48:53 fuzzer started
2023/05/16 13:48:53 dialing manager at localhost:35573
2023/05/16 13:48:53 checking machine...
2023/05/16 13:48:53 checking revisions...
syzkaller login: [   37.784526] kmemleak: Automatic memory scanning thread ended
2023/05/16 13:48:53 testing simple program...
[   37.859244] cgroup: Unknown subsys name 'net'
[   37.948213] cgroup: Unknown subsys name 'rlimit'
executing program
executing program
executing program
executing program
[   50.016849] audit: type=1400 audit(1684244946.170:6): avc:  denied  { execmem } for  pid=256 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   51.094877] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   51.096409] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   51.097942] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   51.101739] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   51.103291] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   51.105091] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   51.532477] ------------[ cut here ]------------
[   51.533120] sysctl net/ipv4/ipfrag_low_thresh: data points to kernel global data: ipfrag_low_thresh_unused
[   51.535256] WARNING: CPU: 1 PID: 257 at net/sysctl_net.c:155 register_net_sysctl+0x1e6/0x2c0
[   51.536540] Modules linked in:
[   51.536947] CPU: 1 PID: 257 Comm: syz-executor.0 Tainted: G        W          6.4.0-rc2-next-20230516 #1
[   51.541837] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   51.543019] RIP: 0010:register_net_sysctl+0x1e6/0x2c0
[   51.543799] Code: 89 d8 4c 8b 43 08 48 c1 e8 03 42 80 3c 20 00 0f 85 af 00 00 00 48 8b 13 4c 89 e9 4c 89 fe 48 c7 c7 20 24 e2 84 e8 6a cd d5 fc <0f> 0b 48 89 e8 48 c1 e8 03 42 0f b6 14 20 48 89 e8 83 e0 07 83 c0
[   51.546106] RSP: 0018:ffff88801a5c7c00 EFLAGS: 00010282
[   51.546800] RAX: 0000000000000000 RBX: ffff88800e56e040 RCX: 0000000000000000
[   51.547708] RDX: ffff8880184d1b40 RSI: ffffffff81172af2 RDI: 0000000000000001
[   51.548637] RBP: ffff88800e56e054 R08: 0000000000000001 R09: 0000000000000000
[   51.549555] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000
[   51.550500] R13: ffffffff84e223a0 R14: ffff88800e56e048 R15: ffffffff84d73340
[   51.551419] FS:  00005555569f1400(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[   51.552460] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   51.553181] CR2: 00007f3dcfac26f4 CR3: 000000000ddf8000 CR4: 0000000000350ee0
[   51.554112] Call Trace:
[   51.554475]  <TASK>
[   51.554780]  ? __pfx_ipv4_frags_init_net+0x10/0x10
[   51.555430]  ipv4_frags_init_net+0x269/0x440
[   51.556005]  ops_init+0xbb/0x6b0
[   51.556482]  setup_net+0x3d9/0x990
[   51.556941]  ? down_read_killable+0x1d7/0x4e0
[   51.557539]  ? __pfx_setup_net+0x10/0x10
[   51.558080]  ? copy_net_ns+0x17c/0x770
[   51.558618]  copy_net_ns+0x321/0x770
[   51.559102]  create_new_namespaces+0x3f6/0xb30
[   51.559717]  unshare_nsproxy_namespaces+0xc1/0x200
[   51.560370]  ksys_unshare+0x44d/0x8e0
[   51.560872]  ? __pfx_ksys_unshare+0x10/0x10
[   51.561448]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[   51.562211]  __x64_sys_unshare+0x31/0x40
[   51.562761]  do_syscall_64+0x3f/0x90
[   51.563233]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[   51.563904] RIP: 0033:0x7ff3d169d0d7
[   51.564398] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[   51.566607] RSP: 002b:00007ffd753b7bf8 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
[   51.567567] RAX: ffffffffffffffda RBX: 00007ffd753b8238 RCX: 00007ff3d169d0d7
[   51.568466] RDX: 00007ff3d170741f RSI: 00007ffd753b7b90 RDI: 0000000040000000
[   51.569358] RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffd753b79a0
[   51.570264] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ff3d17afbf0
[   51.571152] R13: 00007ffd753b7cd0 R14: 0000000000000000 R15: 00000000000000f8
[   51.572084]  </TASK>
[   51.572415] irq event stamp: 8585
[   51.572847] hardirqs last  enabled at (8595): [<ffffffff812fdd38>] __up_console_sem+0x78/0x80
[   51.573923] hardirqs last disabled at (8606): [<ffffffff812fdd1d>] __up_console_sem+0x5d/0x80
[   51.575013] softirqs last  enabled at (8154): [<ffffffff8118e283>] irq_exit_rcu+0x93/0xc0
[   51.576063] softirqs last disabled at (8125): [<ffffffff8118e283>] irq_exit_rcu+0x93/0xc0
[   51.577092] ---[ end trace 0000000000000000 ]---
[   51.582844] ------------[ cut here ]------------
[   51.584190] sysctl net/ipv6/ip6frag_low_thresh: data points to kernel global data: ip6_frags_low_thresh_unused
[   51.586083] WARNING: CPU: 1 PID: 257 at net/sysctl_net.c:155 register_net_sysctl+0x1e6/0x2c0
[   51.587233] Modules linked in:
[   51.587755] CPU: 1 PID: 257 Comm: syz-executor.0 Tainted: G        W          6.4.0-rc2-next-20230516 #1
[   51.589007] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   51.590129] RIP: 0010:register_net_sysctl+0x1e6/0x2c0
[   51.590915] Code: 89 d8 4c 8b 43 08 48 c1 e8 03 42 80 3c 20 00 0f 85 af 00 00 00 48 8b 13 4c 89 e9 4c 89 fe 48 c7 c7 20 24 e2 84 e8 6a cd d5 fc <0f> 0b 48 89 e8 48 c1 e8 03 42 0f b6 14 20 48 89 e8 83 e0 07 83 c0
[   51.593275] RSP: 0018:ffff88801a5c7c00 EFLAGS: 00010282
[   51.594132] RAX: 0000000000000000 RBX: ffff8880166a3a40 RCX: 0000000000000000
[   51.595121] RDX: ffff8880184d1b40 RSI: ffffffff81172af2 RDI: 0000000000000001
[   51.596145] RBP: ffff8880166a3a54 R08: 0000000000000001 R09: 0000000000000000
[   51.597230] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000
[   51.598247] R13: ffffffff84e223a0 R14: ffff8880166a3a48 R15: ffffffff84da62e0
[   51.599231] FS:  00005555569f1400(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[   51.600242] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   51.600984] CR2: 00007f3dcfac26f4 CR3: 000000000ddf8000 CR4: 0000000000350ee0
[   51.601882] Call Trace:
[   51.602248]  <TASK>
[   51.602585]  ? __pfx_ipv6_frags_init_net+0x10/0x10
[   51.603196]  ipv6_frags_init_net+0x206/0x3c0
[   51.603786]  ops_init+0xbb/0x6b0
[   51.604235]  setup_net+0x3d9/0x990
[   51.604718]  ? down_read_killable+0x1d7/0x4e0
[   51.605292]  ? __pfx_setup_net+0x10/0x10
[   51.605831]  ? copy_net_ns+0x17c/0x770
[   51.606403]  copy_net_ns+0x321/0x770
[   51.606886]  create_new_namespaces+0x3f6/0xb30
[   51.607518]  unshare_nsproxy_namespaces+0xc1/0x200
[   51.608142]  ksys_unshare+0x44d/0x8e0
[   51.608656]  ? __pfx_ksys_unshare+0x10/0x10
[   51.609207]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[   51.609950]  __x64_sys_unshare+0x31/0x40
[   51.610557]  do_syscall_64+0x3f/0x90
[   51.611039]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[   51.611719] RIP: 0033:0x7ff3d169d0d7
[   51.612188] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[   51.614410] RSP: 002b:00007ffd753b7bf8 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
[   51.615370] RAX: ffffffffffffffda RBX: 00007ffd753b8238 RCX: 00007ff3d169d0d7
[   51.616235] RDX: 00007ff3d170741f RSI: 00007ffd753b7b90 RDI: 0000000040000000
[   51.617134] RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffd753b79a0
[   51.618055] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ff3d17afbf0
[   51.618954] R13: 00007ffd753b7cd0 R14: 0000000000000000 R15: 00000000000000f8
[   51.619874]  </TASK>
[   51.620176] irq event stamp: 11271
[   51.620640] hardirqs last  enabled at (11283): [<ffffffff812fdd38>] __up_console_sem+0x78/0x80
[   51.621711] hardirqs last disabled at (11294): [<ffffffff812fdd1d>] __up_console_sem+0x5d/0x80
[   51.622820] softirqs last  enabled at (10922): [<ffffffff8118e283>] irq_exit_rcu+0x93/0xc0
[   51.623853] softirqs last disabled at (10889): [<ffffffff8118e283>] irq_exit_rcu+0x93/0xc0
[   51.624935] ---[ end trace 0000000000000000 ]---
[   51.626378] ------------[ cut here ]------------
[   51.626970] sysctl net/netfilter/nf_conntrack_frag6_low_thresh: data points to kernel global data: nf_conntrack_frag6_low_thresh_unused
[   51.629048] WARNING: CPU: 1 PID: 257 at net/sysctl_net.c:155 register_net_sysctl+0x1e6/0x2c0
[   51.630174] Modules linked in:
[   51.630618] CPU: 1 PID: 257 Comm: syz-executor.0 Tainted: G        W          6.4.0-rc2-next-20230516 #1
[   51.631775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[   51.632805] RIP: 0010:register_net_sysctl+0x1e6/0x2c0
[   51.633487] Code: 89 d8 4c 8b 43 08 48 c1 e8 03 42 80 3c 20 00 0f 85 af 00 00 00 48 8b 13 4c 89 e9 4c 89 fe 48 c7 c7 20 24 e2 84 e8 6a cd d5 fc <0f> 0b 48 89 e8 48 c1 e8 03 42 0f b6 14 20 48 89 e8 83 e0 07 83 c0
[   51.635744] RSP: 0018:ffff88801a5c7bf0 EFLAGS: 00010286
[   51.636431] RAX: 0000000000000000 RBX: ffff8880166a3240 RCX: 0000000000000000
[   51.637292] RDX: ffff8880184d1b40 RSI: ffffffff81172af2 RDI: 0000000000000001
[   51.638233] RBP: ffff8880166a3254 R08: 0000000000000001 R09: 0000000000000000
[   51.639127] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000
[   51.640028] R13: ffffffff84e223a0 R14: ffff8880166a3248 R15: ffffffff84daf020
[   51.640930] FS:  00005555569f1400(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[   51.642020] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   51.642814] CR2: 00007f3dcfac26f4 CR3: 000000000ddf8000 CR4: 0000000000350ee0
[   51.643768] Call Trace:
[   51.644110]  <TASK>
[   51.644457]  nf_ct_net_init+0x224/0x3d0
[   51.645012]  ? __pfx_nf_ct_net_init+0x10/0x10
[   51.645653]  ops_init+0xbb/0x6b0
[   51.646151]  setup_net+0x3d9/0x990
[   51.646664]  ? down_read_killable+0x1d7/0x4e0
[   51.647265]  ? __pfx_setup_net+0x10/0x10
[   51.647836]  ? copy_net_ns+0x17c/0x770
[   51.648395]  copy_net_ns+0x321/0x770
[   51.648901]  create_new_namespaces+0x3f6/0xb30
[   51.649548]  unshare_nsproxy_namespaces+0xc1/0x200
[   51.650254]  ksys_unshare+0x44d/0x8e0
[   51.650801]  ? __pfx_ksys_unshare+0x10/0x10
[   51.651413]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[   51.652176]  __x64_sys_unshare+0x31/0x40
[   51.652766]  do_syscall_64+0x3f/0x90
[   51.653266]  entry_SYSCALL_64_after_hwframe+0x72/0xdc
[   51.653999] RIP: 0033:0x7ff3d169d0d7
[   51.654529] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 10 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[   51.656844] RSP: 002b:00007ffd753b7bf8 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
[   51.657862] RAX: ffffffffffffffda RBX: 00007ffd753b8238 RCX: 00007ff3d169d0d7
[   51.658832] RDX: 00007ff3d170741f RSI: 00007ffd753b7b90 RDI: 0000000040000000
[   51.659780] RBP: 00000000ffffffff R08: 0000000000000000 R09: 00007ffd753b79a0
[   51.660739] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ff3d17afbf0
[   51.661668] R13: 00007ffd753b7cd0 R14: 0000000000000000 R15: 00000000000000f8
[   51.662676]  </TASK>
[   51.662992] irq event stamp: 12103
[   51.663489] hardirqs last  enabled at (12115): [<ffffffff812fdd38>] __up_console_sem+0x78/0x80
[   51.664617] hardirqs last disabled at (12126): [<ffffffff812fdd1d>] __up_console_sem+0x5d/0x80
[   51.665745] softirqs last  enabled at (11762): [<ffffffff8118e283>] irq_exit_rcu+0x93/0xc0
[   51.666901] softirqs last disabled at (11757): [<ffffffff8118e283>] irq_exit_rcu+0x93/0xc0
[   51.667997] ---[ end trace 0000000000000000 ]---
executing program
[   53.179145] Bluetooth: hci0: command 0x0409 tx timeout
[   55.226375] Bluetooth: hci0: command 0x041b tx timeout
executing program
[   57.274390] Bluetooth: hci0: command 0x040f tx timeout
executing program
[   59.322389] Bluetooth: hci0: command 0x0419 tx timeout

VM DIAGNOSIS:
13:49:05  Registers:
info registers vcpu 0
RAX=dffffc0000000000 RBX=ffff88800f8df220 RCX=0000000000000000 RDX=1ffff11001f1be44
RSI=ffffffff818ebd4a RDI=ffff88800f8df128 RBP=0000000000000008 RSP=ffff888016d7fc68
R8 =0000000000000004 R9 =0000000000000008 R10=0000000000000040 R11=0000000000000000
R12=ffff88800f8df120 R13=0000000000004000 R14=0000000000000000 R15=00000000fffffff2
RIP=ffffffff818ebd92 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fed0adf6900 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fed0a277a10 CR3=000000000e858000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=bdfef569ca6554b8954a102804a346e1
XMM02=6b1e99b806172e3b00000000000aea28 XMM03=ac8bc31478ec851100000000000aefa0
XMM04=d8f928da5fab84ed00000000001137b0 XMM05=d3fdd5f48436fbd700000000000aead0
XMM06=cac36473027e000700000000000ae988 XMM07=a1fcdcf819d7e1e500000000000ae728
XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000200000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff82507685 RDI=ffffffff87f27c00 RBP=ffffffff87f27bc0 RSP=ffff88801a5c75f0
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001
R12=0000000000000020 R13=ffffffff87f27bc0 R14=0000000000000010 R15=ffffffff82507670
RIP=ffffffff825076dd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00005555569f1400 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f3dcfac26f4 CR3=000000000ddf8000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=0000000000000000000000000000ff00 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000