Warning: Permanently added '[localhost]:1569' (ECDSA) to the list of known hosts. 2022/07/18 13:56:02 fuzzer started 2022/07/18 13:56:02 dialing manager at localhost:37835 2022/07/18 13:56:02 checking machine... 2022/07/18 13:56:02 checking revisions... syzkaller login: [ 34.981965] kmemleak: Automatic memory scanning thread ended 2022/07/18 13:56:02 testing simple program... [ 35.048944] cgroup: Unknown subsys name 'net' [ 35.122418] cgroup: Unknown subsys name 'rlimit' executing program executing program executing program executing program [ 49.691386] audit: type=1400 audit(1658152577.407:6): avc: denied { execmem } for pid=282 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 executing program [ 50.772564] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 50.774255] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 50.775508] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 50.778050] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 50.779914] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 50.781105] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 52.798418] Bluetooth: hci0: command 0x0409 tx timeout executing program [ 54.846100] Bluetooth: hci0: command 0x041b tx timeout executing program [ 56.894768] Bluetooth: hci0: command 0x040f tx timeout executing program [ 58.941757] Bluetooth: hci0: command 0x0419 tx timeout executing program executing program executing program [ 69.199402] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.200807] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.202945] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 69.255162] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.256250] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.258026] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 2022/07/18 13:56:37 building call list... [ 69.863857] INFO: trying to register non-static key. [ 69.864581] The code is fine but needs lockdep annotation, or maybe [ 69.865408] you didn't initialize this object before use? [ 69.866119] turning off the locking correctness validator. [ 69.867109] CPU: 0 PID: 451 Comm: kworker/u4:4 Not tainted 5.19.0-rc7-next-20220718 #1 [ 69.869014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 69.870467] Workqueue: netns cleanup_net [ 69.871067] Call Trace: [ 69.871414] [ 69.871723] dump_stack_lvl+0x8b/0xb3 [ 69.872235] register_lock_class+0x1597/0x1890 [ 69.872857] ? check_irq_usage+0x18c/0xcf0 [ 69.873425] ? hlock_conflict+0x54/0x200 [ 69.873976] ? is_dynamic_key.part.0+0x130/0x130 [ 69.874633] ? print_shortest_lock_dependencies_backwards+0x80/0x80 [ 69.875539] ? mark_lock.part.0+0xef/0x2f70 [ 69.876148] __lock_acquire+0x102/0x5e70 [ 69.876727] ? is_dynamic_key.part.0+0x130/0x130 [ 69.877392] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 69.878119] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 69.878885] lock_acquire+0x1a2/0x530 [ 69.879423] ? ieee80211_do_stop+0xbe/0x1dd0 [ 69.880047] ? lock_release+0x750/0x750 [ 69.880610] ? lock_release+0x750/0x750 [ 69.881171] ? lock_is_held_type+0xd7/0x130 [ 69.881775] _raw_spin_lock_bh+0x2f/0x40 [ 69.882345] ? ieee80211_do_stop+0xbe/0x1dd0 [ 69.883017] ieee80211_do_stop+0xbe/0x1dd0 [ 69.883621] ? lock_is_held_type+0xd7/0x130 [ 69.884224] ? ieee80211_stop+0xb8/0x600 [ 69.884803] ? mutex_lock_io_nested+0x1310/0x1310 [ 69.885468] ? lock_release+0x3b2/0x750 [ 69.886027] ? ieee80211_del_virtual_monitor+0x2e0/0x2e0 [ 69.886811] ? mark_held_locks+0x9e/0xe0 [ 69.887384] ? __local_bh_enable_ip+0xa0/0x130 [ 69.888035] ? __local_bh_enable_ip+0xa0/0x130 [ 69.888682] ? ieee80211_do_stop+0x1dd0/0x1dd0 [ 69.889326] ieee80211_stop+0xc5/0x600 [ 69.889885] ? ieee80211_do_stop+0x1dd0/0x1dd0 [ 69.890533] __dev_close_many+0x1b8/0x2f0 [ 69.891147] ? napi_enable+0x220/0x220 [ 69.891706] dev_close_many+0x1b0/0x450 [ 69.892270] ? __dev_close_many+0x2f0/0x2f0 [ 69.892877] ? lockdep_hardirqs_on+0x79/0x100 [ 69.893511] dev_close+0x13a/0x1c0 [ 69.894023] ? netdev_state_change+0x130/0x130 [ 69.894701] ? __mutex_lock+0x231/0x14d0 [ 69.895275] cfg80211_shutdown_all_interfaces+0x96/0x1f0 [ 69.896024] ieee80211_remove_interfaces+0xe3/0x690 [ 69.896727] ? ieee80211_sdata_stop+0x90/0x90 [ 69.897374] ieee80211_unregister_hw+0x47/0x1f0 [ 69.898036] hwsim_exit_net+0x49a/0xb90 [ 69.898589] ? hwsim_register_received_nl+0x410/0x410 [ 69.899334] ? sit_exit_batch_net+0x504/0x720 [ 69.899977] ? hwsim_register_received_nl+0x410/0x410 [ 69.900688] ops_exit_list+0xb3/0x180 [ 69.901220] cleanup_net+0x484/0x9e0 [ 69.901750] ? unregister_pernet_device+0x70/0x70 [ 69.902424] ? lock_is_held_type+0xd7/0x130 [ 69.903059] process_one_work+0xa0f/0x1690 [ 69.903666] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 69.904324] ? rwlock_bug.part.0+0x90/0x90 [ 69.904916] ? _raw_spin_lock_irq+0x41/0x50 [ 69.905520] worker_thread+0x637/0x1260 [ 69.906088] ? __kthread_parkme+0x15a/0x220 [ 69.906712] ? process_one_work+0x1690/0x1690 [ 69.907356] kthread+0x2ed/0x3a0 [ 69.907837] ? kthread_complete_and_exit+0x40/0x40 [ 69.908534] ret_from_fork+0x22/0x30 [ 69.909073] executing program [ 71.829617] audit: type=1400 audit(1658152599.545:7): avc: denied { create } for pid=262 comm="syz-fuzzer" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 executing program 2022/07/18 13:56:46 syscalls: 2217 2022/07/18 13:56:46 code coverage: enabled 2022/07/18 13:56:46 comparison tracing: enabled 2022/07/18 13:56:46 extra coverage: enabled 2022/07/18 13:56:46 setuid sandbox: enabled 2022/07/18 13:56:46 namespace sandbox: enabled 2022/07/18 13:56:46 Android sandbox: enabled 2022/07/18 13:56:46 fault injection: enabled 2022/07/18 13:56:46 leak checking: enabled 2022/07/18 13:56:46 net packet injection: enabled 2022/07/18 13:56:46 net device setup: enabled 2022/07/18 13:56:46 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/07/18 13:56:46 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/07/18 13:56:46 USB emulation: enabled 2022/07/18 13:56:46 hci packet injection: enabled 2022/07/18 13:56:46 wifi device emulation: enabled 2022/07/18 13:56:46 802.15.4 emulation: enabled 2022/07/18 13:56:46 fetching corpus: 0, signal 0/0 (executing program) 2022/07/18 13:56:46 fetching corpus: 0, signal 0/0 (executing program) 2022/07/18 13:56:47 starting 8 fuzzer processes 13:56:47 executing program 0: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = inotify_init() perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x2000400) rmdir(&(0x7f0000000180)='./file0\x00') 13:56:47 executing program 1: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r0) sendmsg$IEEE802154_LLSEC_ADD_KEY(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r1, 0x1}, 0x14}}, 0x0) 13:56:47 executing program 2: clone3(&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, {}, &(0x7f00000009c0)=""/102391, 0xfffffffffffffeb7, 0x0, 0x0}, 0x63) 13:56:47 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) 13:56:47 executing program 4: mount_setattr(0xffffffffffffffff, 0x0, 0x1800, &(0x7f00000004c0)={0x100001}, 0x20) 13:56:47 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x30, 0xffffffffffffffff, 0x10000000) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_triestat\x00') pread64(r0, &(0x7f0000000040)=""/170, 0xaa, 0x200000007fffffff) syz_io_uring_setup(0x0, &(0x7f00000005c0)={0x0, 0x921f, 0x10, 0x2, 0x2b0}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ff7000/0x4000)=nil, &(0x7f00000003c0), &(0x7f0000000640)) 13:56:47 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0x0, &(0x7f00000003c0)='net/ip6_mr_cache\x00') r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10) 13:56:47 executing program 6: syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/time_for_children\x00') VM DIAGNOSIS: 13:56:37 Registers: info registers vcpu 0 RAX=000000000000006f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82431a51 RDI=ffffffff87627720 RBP=ffffffff876276e0 RSP=ffff888015b5edd8 R8 =0000000000000001 R9 =000000000000000a R10=000000000000006f R11=0000000000000001 R12=000000000000006f R13=ffffffff876276e0 R14=0000000000000010 R15=ffffffff82431a40 RIP=ffffffff82431aa9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000c0007e3010 CR3=0000000018830000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM02=0000000000000000 0000000000000000 0000000000000000 bfe62e42fefa39ef YMM03=0000000000000000 0000000000000000 0000ff0000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 732f6c61636f6c2f 7273752f3d485441 YMM05=0000000000000000 0000000000000000 622f6c61636f6c2f 7273752f3a6e6962 YMM06=0000000000000000 0000000000000000 73752f3a6e696273 2f7273752f3a6e69 YMM07=0000000000000000 0000000000000000 6e69622f3a6e6962 732f3a6e69622f72 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000002 RCX=ffffffff821d1769 RDX=ffff88800ff1d040 RSI=0000000000000063 RDI=0000000000000001 RBP=ffffffff84a01fa0 RSP=ffff88801d567850 R8 =0000000000000001 R9 =0000000000000058 R10=0000000000000070 R11=0000000000000001 R12=0000000000000070 R13=0000000000000001 R14=000000000000000a R15=0000000000000000 RIP=ffffffff81458cfc RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000000c0002f0090 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000c000913000 CR3=0000000018830000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 79735f7461706d6f 635f323361695f5f YMM02=0000000000000000 0000000000000000 6f636b2054203033 6334633831386666 YMM03=0000000000000000 0000000000000000 6434633831386666 6666666666660a34 YMM04=0000000000000000 0000000000000000 3030303030303030 3030303030303030 YMM05=0000000000000000 0000000000000000 6434633831386666 6666666666660a34 YMM06=0000000000000000 0000000000000000 706d6f635f323361 695f5f2054203035 YMM07=0000000000000000 0000000000000000 0a34367366746174 735f7379735f7461 YMM08=0000000000000000 0000000000000000 3030653463383138 6666666666666666 YMM09=0000000000000000 0000000000000000 665f7379735f7461 706d6f636b205420 YMM10=0000000000000000 0000000000000000 666666666666660a 3436736674617473 YMM11=0000000000000000 0000000000000000 61695f5f20542030 3266346338313866 YMM12=0000000000000000 0000000000000000 73665f7379735f74 61706d6f635f3233 YMM13=0000000000000000 0000000000000000 00000000008a4dee 00000000008a69cf YMM14=0000000000000000 0000000000000000 000000000089d9b9 00000000008a4694 YMM15=0000000000000000 0000000000000000 00000000004643c1 00000000004360f2