Extracting prog: 6m42.587130147s Minimizing prog: 1h4m37.366930007s Simplifying prog options: 15m20.315741696s Extracting C: 5m9.152945837s Simplifying C: 0s extracting reproducer from 1 programs testing a last program of every proc single: executing 1 programs separately with timeout 30s testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-bpf$PROG_LOAD-mount-socket$nl_route-mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000400), 0x1, 0x4b9, &(0x7f0000000480)="$eJzs3M9rHFUcAPDvTH606Q8Ta/3RWnW1ikExaVN/9ODBioIXQdBDBS8xSUvttpUmgi0Bo0h7lII3D+JNwb/Ak15EvSgoeNG7FER6sXpa2Z2ZZHe7u83vrdnPB3b3vZ238953Zt5k5r3NBtCzStWnJGJXRPwWEcNZtrFAKXu5fm1+6p9r81NJVCqv/pXUyv19bX6qKFp8bmeeGU0j0g+TYkF//WpnL1w8PVkuz5zP8+NzZ94en71w8YlTZyZPzpycOTtx9OiTRw4/8/TEU2uM8Nfa83CeO7DvpdevvDx1/Mqb3395eXcWdzTFsXppQ64UpcZtWeeRtVd2S9ldl076u9gQVqQv75gDtf4/HH113XQ4Xvyg44e3b0IDgQ1TqVQq29ovXqhkYnsF2HqSyF/7I7rdFmAzFX/oq/e/xWOTLj1uCX8ey26AqnFfzx/Zkv7Fu/mBpvvb9VSKiOML/35afUTzOMTgBlUKAPS0r49FLOTpxuu/NO6qK3dbPocyEhG3R8SeiLgjIvZGxJ1DUSt7d0Tcs8L6S035vphvGlVOr644qBWoXv89m89tNV7/5Vd/gzHSl+d2Z0PlyYlT5ZlD+TYZjYFSNX84K9003VObCYtvXvj5o3b111//VR/V+mvXgkNFifRqf9MA3fTk3OS6xf9+xP7+VvEnizMB1aD2RcT+Vit47uZ1nHrsiwPtlrWNfznWYZ6p8lnEo9n+X4g8/uyye2lXJp3nJ8e3R3nm0HhxVNzoh58uvdKu/jXFvw6q+39Hy+O/iH+kllqcr53N3h1aQR2Xfr88VVvfwo3Lbh5/6+N/MHmtlh6se642tmhX8c67k3Nz5yeWPlvka6+Hs/hHD7bu/3tiaUvcGxHVg/i+iLg/Ih7I2/5gRDwUEQc7xP/d8w+/VZe9YXr9eBJd3f/T2f7f1nr/x0jj/l95ou/0t1+1qz+bIe+4/395I0+N5q/LOP+VyjPni7NDxwaucrMBAADA/0oaEbsiSccW02k6NpaNXO6NHWn53Ozc4yfOvXN2Ovuu/EgMpMVIVzYePJAU458jdfmJpvyRfNz4476hWn5s6lx5utvBQ4/b2ab/V/3R1+3WARvO/2tB79L/oXfp/9C7+uOTTt9fArao925eZGAz2gF0RdrqzWWcF4AtwP0/9C79H3qX/g+9q3P/9y1A2KJmK6v/v/5yMXDYZlHjO8lSmeJHGlZVaWMibb2oOGetYc2rTnye/1bgpla6jERlfVcYadtFQ81bPul27EuJyvILp+tziK53oji2O5T5cQ1VVPLEZp+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANsZ/AQAA///EtcDm") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704002a52a641a2527d45cc073fc549349c980000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program did not crash program did not crash single: failed to extract reproducer single: executing 1 programs separately with timeout 1m40s testing program (duration=1m40s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-bpf$PROG_LOAD-mount-socket$nl_route-mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000400), 0x1, 0x4b9, &(0x7f0000000480)="$eJzs3M9rHFUcAPDvTH606Q8Ta/3RWnW1ikExaVN/9ODBioIXQdBDBS8xSUvttpUmgi0Bo0h7lII3D+JNwb/Ak15EvSgoeNG7FER6sXpa2Z2ZZHe7u83vrdnPB3b3vZ238953Zt5k5r3NBtCzStWnJGJXRPwWEcNZtrFAKXu5fm1+6p9r81NJVCqv/pXUyv19bX6qKFp8bmeeGU0j0g+TYkF//WpnL1w8PVkuz5zP8+NzZ94en71w8YlTZyZPzpycOTtx9OiTRw4/8/TEU2uM8Nfa83CeO7DvpdevvDx1/Mqb3395eXcWdzTFsXppQ64UpcZtWeeRtVd2S9ldl076u9gQVqQv75gDtf4/HH113XQ4Xvyg44e3b0IDgQ1TqVQq29ovXqhkYnsF2HqSyF/7I7rdFmAzFX/oq/e/xWOTLj1uCX8ey26AqnFfzx/Zkv7Fu/mBpvvb9VSKiOML/35afUTzOMTgBlUKAPS0r49FLOTpxuu/NO6qK3dbPocyEhG3R8SeiLgjIvZGxJ1DUSt7d0Tcs8L6S035vphvGlVOr644qBWoXv89m89tNV7/5Vd/gzHSl+d2Z0PlyYlT5ZlD+TYZjYFSNX84K9003VObCYtvXvj5o3b111//VR/V+mvXgkNFifRqf9MA3fTk3OS6xf9+xP7+VvEnizMB1aD2RcT+Vit47uZ1nHrsiwPtlrWNfznWYZ6p8lnEo9n+X4g8/uyye2lXJp3nJ8e3R3nm0HhxVNzoh58uvdKu/jXFvw6q+39Hy+O/iH+kllqcr53N3h1aQR2Xfr88VVvfwo3Lbh5/6+N/MHmtlh6se642tmhX8c67k3Nz5yeWPlvka6+Hs/hHD7bu/3tiaUvcGxHVg/i+iLg/Ih7I2/5gRDwUEQc7xP/d8w+/VZe9YXr9eBJd3f/T2f7f1nr/x0jj/l95ou/0t1+1qz+bIe+4/395I0+N5q/LOP+VyjPni7NDxwaucrMBAADA/0oaEbsiSccW02k6NpaNXO6NHWn53Ozc4yfOvXN2Ovuu/EgMpMVIVzYePJAU458jdfmJpvyRfNz4476hWn5s6lx5utvBQ4/b2ab/V/3R1+3WARvO/2tB79L/oXfp/9C7+uOTTt9fArao925eZGAz2gF0RdrqzWWcF4AtwP0/9C79H3qX/g+9q3P/9y1A2KJmK6v/v/5yMXDYZlHjO8lSmeJHGlZVaWMibb2oOGetYc2rTnye/1bgpla6jERlfVcYadtFQ81bPul27EuJyvILp+tziK53oji2O5T5cQ1VVPLEZp+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANsZ/AQAA///EtcDm") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704002a52a641a2527d45cc073fc549349c980000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program did not crash single: failed to extract reproducer single: executing 1 programs separately with timeout 6m0s testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-bpf$PROG_LOAD-mount-socket$nl_route-mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000400), 0x1, 0x4b9, &(0x7f0000000480)="$eJzs3M9rHFUcAPDvTH606Q8Ta/3RWnW1ikExaVN/9ODBioIXQdBDBS8xSUvttpUmgi0Bo0h7lII3D+JNwb/Ak15EvSgoeNG7FER6sXpa2Z2ZZHe7u83vrdnPB3b3vZ238953Zt5k5r3NBtCzStWnJGJXRPwWEcNZtrFAKXu5fm1+6p9r81NJVCqv/pXUyv19bX6qKFp8bmeeGU0j0g+TYkF//WpnL1w8PVkuz5zP8+NzZ94en71w8YlTZyZPzpycOTtx9OiTRw4/8/TEU2uM8Nfa83CeO7DvpdevvDx1/Mqb3395eXcWdzTFsXppQ64UpcZtWeeRtVd2S9ldl076u9gQVqQv75gDtf4/HH113XQ4Xvyg44e3b0IDgQ1TqVQq29ovXqhkYnsF2HqSyF/7I7rdFmAzFX/oq/e/xWOTLj1uCX8ey26AqnFfzx/Zkv7Fu/mBpvvb9VSKiOML/35afUTzOMTgBlUKAPS0r49FLOTpxuu/NO6qK3dbPocyEhG3R8SeiLgjIvZGxJ1DUSt7d0Tcs8L6S035vphvGlVOr644qBWoXv89m89tNV7/5Vd/gzHSl+d2Z0PlyYlT5ZlD+TYZjYFSNX84K9003VObCYtvXvj5o3b111//VR/V+mvXgkNFifRqf9MA3fTk3OS6xf9+xP7+VvEnizMB1aD2RcT+Vit47uZ1nHrsiwPtlrWNfznWYZ6p8lnEo9n+X4g8/uyye2lXJp3nJ8e3R3nm0HhxVNzoh58uvdKu/jXFvw6q+39Hy+O/iH+kllqcr53N3h1aQR2Xfr88VVvfwo3Lbh5/6+N/MHmtlh6se642tmhX8c67k3Nz5yeWPlvka6+Hs/hHD7bu/3tiaUvcGxHVg/i+iLg/Ih7I2/5gRDwUEQc7xP/d8w+/VZe9YXr9eBJd3f/T2f7f1nr/x0jj/l95ou/0t1+1qz+bIe+4/395I0+N5q/LOP+VyjPni7NDxwaucrMBAADA/0oaEbsiSccW02k6NpaNXO6NHWn53Ozc4yfOvXN2Ovuu/EgMpMVIVzYePJAU458jdfmJpvyRfNz4476hWn5s6lx5utvBQ4/b2ab/V/3R1+3WARvO/2tB79L/oXfp/9C7+uOTTt9fArao925eZGAz2gF0RdrqzWWcF4AtwP0/9C79H3qX/g+9q3P/9y1A2KJmK6v/v/5yMXDYZlHjO8lSmeJHGlZVaWMibb2oOGetYc2rTnye/1bgpla6jERlfVcYadtFQ81bPul27EuJyvILp+tziK53oji2O5T5cQ1VVPLEZp+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANsZ/AQAA///EtcDm") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704002a52a641a2527d45cc073fc549349c980000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program crashed: BUG: unable to handle kernel paging request in lock_sock_nested single: successfully extracted reproducer found reproducer with 10 syscalls minimizing guilty program testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-bpf$PROG_LOAD-mount-socket$nl_route-mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind detailed listing: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000400), 0x1, 0x4b9, &(0x7f0000000480)="$eJzs3M9rHFUcAPDvTH606Q8Ta/3RWnW1ikExaVN/9ODBioIXQdBDBS8xSUvttpUmgi0Bo0h7lII3D+JNwb/Ak15EvSgoeNG7FER6sXpa2Z2ZZHe7u83vrdnPB3b3vZ238953Zt5k5r3NBtCzStWnJGJXRPwWEcNZtrFAKXu5fm1+6p9r81NJVCqv/pXUyv19bX6qKFp8bmeeGU0j0g+TYkF//WpnL1w8PVkuz5zP8+NzZ94en71w8YlTZyZPzpycOTtx9OiTRw4/8/TEU2uM8Nfa83CeO7DvpdevvDx1/Mqb3395eXcWdzTFsXppQ64UpcZtWeeRtVd2S9ldl076u9gQVqQv75gDtf4/HH113XQ4Xvyg44e3b0IDgQ1TqVQq29ovXqhkYnsF2HqSyF/7I7rdFmAzFX/oq/e/xWOTLj1uCX8ey26AqnFfzx/Zkv7Fu/mBpvvb9VSKiOML/35afUTzOMTgBlUKAPS0r49FLOTpxuu/NO6qK3dbPocyEhG3R8SeiLgjIvZGxJ1DUSt7d0Tcs8L6S035vphvGlVOr644qBWoXv89m89tNV7/5Vd/gzHSl+d2Z0PlyYlT5ZlD+TYZjYFSNX84K9003VObCYtvXvj5o3b111//VR/V+mvXgkNFifRqf9MA3fTk3OS6xf9+xP7+VvEnizMB1aD2RcT+Vit47uZ1nHrsiwPtlrWNfznWYZ6p8lnEo9n+X4g8/uyye2lXJp3nJ8e3R3nm0HhxVNzoh58uvdKu/jXFvw6q+39Hy+O/iH+kllqcr53N3h1aQR2Xfr88VVvfwo3Lbh5/6+N/MHmtlh6se642tmhX8c67k3Nz5yeWPlvka6+Hs/hHD7bu/3tiaUvcGxHVg/i+iLg/Ih7I2/5gRDwUEQc7xP/d8w+/VZe9YXr9eBJd3f/T2f7f1nr/x0jj/l95ou/0t1+1qz+bIe+4/395I0+N5q/LOP+VyjPni7NDxwaucrMBAADA/0oaEbsiSccW02k6NpaNXO6NHWn53Ozc4yfOvXN2Ovuu/EgMpMVIVzYePJAU458jdfmJpvyRfNz4476hWn5s6lx5utvBQ4/b2ab/V/3R1+3WARvO/2tB79L/oXfp/9C7+uOTTt9fArao925eZGAz2gF0RdrqzWWcF4AtwP0/9C79H3qX/g+9q3P/9y1A2KJmK6v/v/5yMXDYZlHjO8lSmeJHGlZVaWMibb2oOGetYc2rTnye/1bgpla6jERlfVcYadtFQ81bPul27EuJyvILp+tziK53oji2O5T5cQ1VVPLEZp+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANsZ/AQAA///EtcDm") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704002a52a641a2527d45cc073fc549349c980000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-bpf$PROG_LOAD-mount-socket$nl_route-mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-sendmsg$NFT_BATCH detailed listing: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000400), 0x1, 0x4b9, &(0x7f0000000480)="$eJzs3M9rHFUcAPDvTH606Q8Ta/3RWnW1ikExaVN/9ODBioIXQdBDBS8xSUvttpUmgi0Bo0h7lII3D+JNwb/Ak15EvSgoeNG7FER6sXpa2Z2ZZHe7u83vrdnPB3b3vZ238953Zt5k5r3NBtCzStWnJGJXRPwWEcNZtrFAKXu5fm1+6p9r81NJVCqv/pXUyv19bX6qKFp8bmeeGU0j0g+TYkF//WpnL1w8PVkuz5zP8+NzZ94en71w8YlTZyZPzpycOTtx9OiTRw4/8/TEU2uM8Nfa83CeO7DvpdevvDx1/Mqb3395eXcWdzTFsXppQ64UpcZtWeeRtVd2S9ldl076u9gQVqQv75gDtf4/HH113XQ4Xvyg44e3b0IDgQ1TqVQq29ovXqhkYnsF2HqSyF/7I7rdFmAzFX/oq/e/xWOTLj1uCX8ey26AqnFfzx/Zkv7Fu/mBpvvb9VSKiOML/35afUTzOMTgBlUKAPS0r49FLOTpxuu/NO6qK3dbPocyEhG3R8SeiLgjIvZGxJ1DUSt7d0Tcs8L6S035vphvGlVOr644qBWoXv89m89tNV7/5Vd/gzHSl+d2Z0PlyYlT5ZlD+TYZjYFSNX84K9003VObCYtvXvj5o3b111//VR/V+mvXgkNFifRqf9MA3fTk3OS6xf9+xP7+VvEnizMB1aD2RcT+Vit47uZ1nHrsiwPtlrWNfznWYZ6p8lnEo9n+X4g8/uyye2lXJp3nJ8e3R3nm0HhxVNzoh58uvdKu/jXFvw6q+39Hy+O/iH+kllqcr53N3h1aQR2Xfr88VVvfwo3Lbh5/6+N/MHmtlh6se642tmhX8c67k3Nz5yeWPlvka6+Hs/hHD7bu/3tiaUvcGxHVg/i+iLg/Ih7I2/5gRDwUEQc7xP/d8w+/VZe9YXr9eBJd3f/T2f7f1nr/x0jj/l95ou/0t1+1qz+bIe+4/395I0+N5q/LOP+VyjPni7NDxwaucrMBAADA/0oaEbsiSccW02k6NpaNXO6NHWn53Ozc4yfOvXN2Ovuu/EgMpMVIVzYePJAU458jdfmJpvyRfNz4476hWn5s6lx5utvBQ4/b2ab/V/3R1+3WARvO/2tB79L/oXfp/9C7+uOTTt9fArao925eZGAz2gF0RdrqzWWcF4AtwP0/9C79H3qX/g+9q3P/9y1A2KJmK6v/v/5yMXDYZlHjO8lSmeJHGlZVaWMibb2oOGetYc2rTnye/1bgpla6jERlfVcYadtFQ81bPul27EuJyvILp+tziK53oji2O5T5cQ1VVPLEZp+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANsZ/AQAA///EtcDm") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704002a52a641a2527d45cc073fc549349c980000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-bpf$PROG_LOAD-mount-socket$nl_route-mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000400), 0x1, 0x4b9, &(0x7f0000000480)="$eJzs3M9rHFUcAPDvTH606Q8Ta/3RWnW1ikExaVN/9ODBioIXQdBDBS8xSUvttpUmgi0Bo0h7lII3D+JNwb/Ak15EvSgoeNG7FER6sXpa2Z2ZZHe7u83vrdnPB3b3vZ238953Zt5k5r3NBtCzStWnJGJXRPwWEcNZtrFAKXu5fm1+6p9r81NJVCqv/pXUyv19bX6qKFp8bmeeGU0j0g+TYkF//WpnL1w8PVkuz5zP8+NzZ94en71w8YlTZyZPzpycOTtx9OiTRw4/8/TEU2uM8Nfa83CeO7DvpdevvDx1/Mqb3395eXcWdzTFsXppQ64UpcZtWeeRtVd2S9ldl076u9gQVqQv75gDtf4/HH113XQ4Xvyg44e3b0IDgQ1TqVQq29ovXqhkYnsF2HqSyF/7I7rdFmAzFX/oq/e/xWOTLj1uCX8ey26AqnFfzx/Zkv7Fu/mBpvvb9VSKiOML/35afUTzOMTgBlUKAPS0r49FLOTpxuu/NO6qK3dbPocyEhG3R8SeiLgjIvZGxJ1DUSt7d0Tcs8L6S035vphvGlVOr644qBWoXv89m89tNV7/5Vd/gzHSl+d2Z0PlyYlT5ZlD+TYZjYFSNX84K9003VObCYtvXvj5o3b111//VR/V+mvXgkNFifRqf9MA3fTk3OS6xf9+xP7+VvEnizMB1aD2RcT+Vit47uZ1nHrsiwPtlrWNfznWYZ6p8lnEo9n+X4g8/uyye2lXJp3nJ8e3R3nm0HhxVNzoh58uvdKu/jXFvw6q+39Hy+O/iH+kllqcr53N3h1aQR2Xfr88VVvfwo3Lbh5/6+N/MHmtlh6se642tmhX8c67k3Nz5yeWPlvka6+Hs/hHD7bu/3tiaUvcGxHVg/i+iLg/Ih7I2/5gRDwUEQc7xP/d8w+/VZe9YXr9eBJd3f/T2f7f1nr/x0jj/l95ou/0t1+1qz+bIe+4/395I0+N5q/LOP+VyjPni7NDxwaucrMBAADA/0oaEbsiSccW02k6NpaNXO6NHWn53Ozc4yfOvXN2Ovuu/EgMpMVIVzYePJAU458jdfmJpvyRfNz4476hWn5s6lx5utvBQ4/b2ab/V/3R1+3WARvO/2tB79L/oXfp/9C7+uOTTt9fArao925eZGAz2gF0RdrqzWWcF4AtwP0/9C79H3qX/g+9q3P/9y1A2KJmK6v/v/5yMXDYZlHjO8lSmeJHGlZVaWMibb2oOGetYc2rTnye/1bgpla6jERlfVcYadtFQ81bPul27EuJyvILp+tziK53oji2O5T5cQ1VVPLEZp+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANsZ/AQAA///EtcDm") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704002a52a641a2527d45cc073fc549349c980000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-bpf$PROG_LOAD-mount-socket$nl_route-mlock-syz_init_net_socket$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000400), 0x1, 0x4b9, &(0x7f0000000480)="$eJzs3M9rHFUcAPDvTH606Q8Ta/3RWnW1ikExaVN/9ODBioIXQdBDBS8xSUvttpUmgi0Bo0h7lII3D+JNwb/Ak15EvSgoeNG7FER6sXpa2Z2ZZHe7u83vrdnPB3b3vZ238953Zt5k5r3NBtCzStWnJGJXRPwWEcNZtrFAKXu5fm1+6p9r81NJVCqv/pXUyv19bX6qKFp8bmeeGU0j0g+TYkF//WpnL1w8PVkuz5zP8+NzZ94en71w8YlTZyZPzpycOTtx9OiTRw4/8/TEU2uM8Nfa83CeO7DvpdevvDx1/Mqb3395eXcWdzTFsXppQ64UpcZtWeeRtVd2S9ldl076u9gQVqQv75gDtf4/HH113XQ4Xvyg44e3b0IDgQ1TqVQq29ovXqhkYnsF2HqSyF/7I7rdFmAzFX/oq/e/xWOTLj1uCX8ey26AqnFfzx/Zkv7Fu/mBpvvb9VSKiOML/35afUTzOMTgBlUKAPS0r49FLOTpxuu/NO6qK3dbPocyEhG3R8SeiLgjIvZGxJ1DUSt7d0Tcs8L6S035vphvGlVOr644qBWoXv89m89tNV7/5Vd/gzHSl+d2Z0PlyYlT5ZlD+TYZjYFSNX84K9003VObCYtvXvj5o3b111//VR/V+mvXgkNFifRqf9MA3fTk3OS6xf9+xP7+VvEnizMB1aD2RcT+Vit47uZ1nHrsiwPtlrWNfznWYZ6p8lnEo9n+X4g8/uyye2lXJp3nJ8e3R3nm0HhxVNzoh58uvdKu/jXFvw6q+39Hy+O/iH+kllqcr53N3h1aQR2Xfr88VVvfwo3Lbh5/6+N/MHmtlh6se642tmhX8c67k3Nz5yeWPlvka6+Hs/hHD7bu/3tiaUvcGxHVg/i+iLg/Ih7I2/5gRDwUEQc7xP/d8w+/VZe9YXr9eBJd3f/T2f7f1nr/x0jj/l95ou/0t1+1qz+bIe+4/395I0+N5q/LOP+VyjPni7NDxwaucrMBAADA/0oaEbsiSccW02k6NpaNXO6NHWn53Ozc4yfOvXN2Ovuu/EgMpMVIVzYePJAU458jdfmJpvyRfNz4476hWn5s6lx5utvBQ4/b2ab/V/3R1+3WARvO/2tB79L/oXfp/9C7+uOTTt9fArao925eZGAz2gF0RdrqzWWcF4AtwP0/9C79H3qX/g+9q3P/9y1A2KJmK6v/v/5yMXDYZlHjO8lSmeJHGlZVaWMibb2oOGetYc2rTnye/1bgpla6jERlfVcYadtFQ81bPul27EuJyvILp+tziK53oji2O5T5cQ1VVPLEZp+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANsZ/AQAA///EtcDm") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704002a52a641a2527d45cc073fc549349c980000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-bpf$PROG_LOAD-mount-socket$nl_route-mlock-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000400), 0x1, 0x4b9, &(0x7f0000000480)="$eJzs3M9rHFUcAPDvTH606Q8Ta/3RWnW1ikExaVN/9ODBioIXQdBDBS8xSUvttpUmgi0Bo0h7lII3D+JNwb/Ak15EvSgoeNG7FER6sXpa2Z2ZZHe7u83vrdnPB3b3vZ238953Zt5k5r3NBtCzStWnJGJXRPwWEcNZtrFAKXu5fm1+6p9r81NJVCqv/pXUyv19bX6qKFp8bmeeGU0j0g+TYkF//WpnL1w8PVkuz5zP8+NzZ94en71w8YlTZyZPzpycOTtx9OiTRw4/8/TEU2uM8Nfa83CeO7DvpdevvDx1/Mqb3395eXcWdzTFsXppQ64UpcZtWeeRtVd2S9ldl076u9gQVqQv75gDtf4/HH113XQ4Xvyg44e3b0IDgQ1TqVQq29ovXqhkYnsF2HqSyF/7I7rdFmAzFX/oq/e/xWOTLj1uCX8ey26AqnFfzx/Zkv7Fu/mBpvvb9VSKiOML/35afUTzOMTgBlUKAPS0r49FLOTpxuu/NO6qK3dbPocyEhG3R8SeiLgjIvZGxJ1DUSt7d0Tcs8L6S035vphvGlVOr644qBWoXv89m89tNV7/5Vd/gzHSl+d2Z0PlyYlT5ZlD+TYZjYFSNX84K9003VObCYtvXvj5o3b111//VR/V+mvXgkNFifRqf9MA3fTk3OS6xf9+xP7+VvEnizMB1aD2RcT+Vit47uZ1nHrsiwPtlrWNfznWYZ6p8lnEo9n+X4g8/uyye2lXJp3nJ8e3R3nm0HhxVNzoh58uvdKu/jXFvw6q+39Hy+O/iH+kllqcr53N3h1aQR2Xfr88VVvfwo3Lbh5/6+N/MHmtlh6se642tmhX8c67k3Nz5yeWPlvka6+Hs/hHD7bu/3tiaUvcGxHVg/i+iLg/Ih7I2/5gRDwUEQc7xP/d8w+/VZe9YXr9eBJd3f/T2f7f1nr/x0jj/l95ou/0t1+1qz+bIe+4/395I0+N5q/LOP+VyjPni7NDxwaucrMBAADA/0oaEbsiSccW02k6NpaNXO6NHWn53Ozc4yfOvXN2Ovuu/EgMpMVIVzYePJAU458jdfmJpvyRfNz4476hWn5s6lx5utvBQ4/b2ab/V/3R1+3WARvO/2tB79L/oXfp/9C7+uOTTt9fArao925eZGAz2gF0RdrqzWWcF4AtwP0/9C79H3qX/g+9q3P/9y1A2KJmK6v/v/5yMXDYZlHjO8lSmeJHGlZVaWMibb2oOGetYc2rTnye/1bgpla6jERlfVcYadtFQ81bPul27EuJyvILp+tziK53oji2O5T5cQ1VVPLEZp+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANsZ/AQAA///EtcDm") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704002a52a641a2527d45cc073fc549349c980000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(0xffffffffffffffff, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-bpf$PROG_LOAD-mount-socket$nl_route-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000400), 0x1, 0x4b9, &(0x7f0000000480)="$eJzs3M9rHFUcAPDvTH606Q8Ta/3RWnW1ikExaVN/9ODBioIXQdBDBS8xSUvttpUmgi0Bo0h7lII3D+JNwb/Ak15EvSgoeNG7FER6sXpa2Z2ZZHe7u83vrdnPB3b3vZ238953Zt5k5r3NBtCzStWnJGJXRPwWEcNZtrFAKXu5fm1+6p9r81NJVCqv/pXUyv19bX6qKFp8bmeeGU0j0g+TYkF//WpnL1w8PVkuz5zP8+NzZ94en71w8YlTZyZPzpycOTtx9OiTRw4/8/TEU2uM8Nfa83CeO7DvpdevvDx1/Mqb3395eXcWdzTFsXppQ64UpcZtWeeRtVd2S9ldl076u9gQVqQv75gDtf4/HH113XQ4Xvyg44e3b0IDgQ1TqVQq29ovXqhkYnsF2HqSyF/7I7rdFmAzFX/oq/e/xWOTLj1uCX8ey26AqnFfzx/Zkv7Fu/mBpvvb9VSKiOML/35afUTzOMTgBlUKAPS0r49FLOTpxuu/NO6qK3dbPocyEhG3R8SeiLgjIvZGxJ1DUSt7d0Tcs8L6S035vphvGlVOr644qBWoXv89m89tNV7/5Vd/gzHSl+d2Z0PlyYlT5ZlD+TYZjYFSNX84K9003VObCYtvXvj5o3b111//VR/V+mvXgkNFifRqf9MA3fTk3OS6xf9+xP7+VvEnizMB1aD2RcT+Vit47uZ1nHrsiwPtlrWNfznWYZ6p8lnEo9n+X4g8/uyye2lXJp3nJ8e3R3nm0HhxVNzoh58uvdKu/jXFvw6q+39Hy+O/iH+kllqcr53N3h1aQR2Xfr88VVvfwo3Lbh5/6+N/MHmtlh6se642tmhX8c67k3Nz5yeWPlvka6+Hs/hHD7bu/3tiaUvcGxHVg/i+iLg/Ih7I2/5gRDwUEQc7xP/d8w+/VZe9YXr9eBJd3f/T2f7f1nr/x0jj/l95ou/0t1+1qz+bIe+4/395I0+N5q/LOP+VyjPni7NDxwaucrMBAADA/0oaEbsiSccW02k6NpaNXO6NHWn53Ozc4yfOvXN2Ovuu/EgMpMVIVzYePJAU458jdfmJpvyRfNz4476hWn5s6lx5utvBQ4/b2ab/V/3R1+3WARvO/2tB79L/oXfp/9C7+uOTTt9fArao925eZGAz2gF0RdrqzWWcF4AtwP0/9C79H3qX/g+9q3P/9y1A2KJmK6v/v/5yMXDYZlHjO8lSmeJHGlZVaWMibb2oOGetYc2rTnye/1bgpla6jERlfVcYadtFQ81bPul27EuJyvILp+tziK53oji2O5T5cQ1VVPLEZp+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANsZ/AQAA///EtcDm") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704002a52a641a2527d45cc073fc549349c980000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-bpf$PROG_LOAD-mount-mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000400), 0x1, 0x4b9, &(0x7f0000000480)="$eJzs3M9rHFUcAPDvTH606Q8Ta/3RWnW1ikExaVN/9ODBioIXQdBDBS8xSUvttpUmgi0Bo0h7lII3D+JNwb/Ak15EvSgoeNG7FER6sXpa2Z2ZZHe7u83vrdnPB3b3vZ238953Zt5k5r3NBtCzStWnJGJXRPwWEcNZtrFAKXu5fm1+6p9r81NJVCqv/pXUyv19bX6qKFp8bmeeGU0j0g+TYkF//WpnL1w8PVkuz5zP8+NzZ94en71w8YlTZyZPzpycOTtx9OiTRw4/8/TEU2uM8Nfa83CeO7DvpdevvDx1/Mqb3395eXcWdzTFsXppQ64UpcZtWeeRtVd2S9ldl076u9gQVqQv75gDtf4/HH113XQ4Xvyg44e3b0IDgQ1TqVQq29ovXqhkYnsF2HqSyF/7I7rdFmAzFX/oq/e/xWOTLj1uCX8ey26AqnFfzx/Zkv7Fu/mBpvvb9VSKiOML/35afUTzOMTgBlUKAPS0r49FLOTpxuu/NO6qK3dbPocyEhG3R8SeiLgjIvZGxJ1DUSt7d0Tcs8L6S035vphvGlVOr644qBWoXv89m89tNV7/5Vd/gzHSl+d2Z0PlyYlT5ZlD+TYZjYFSNX84K9003VObCYtvXvj5o3b111//VR/V+mvXgkNFifRqf9MA3fTk3OS6xf9+xP7+VvEnizMB1aD2RcT+Vit47uZ1nHrsiwPtlrWNfznWYZ6p8lnEo9n+X4g8/uyye2lXJp3nJ8e3R3nm0HhxVNzoh58uvdKu/jXFvw6q+39Hy+O/iH+kllqcr53N3h1aQR2Xfr88VVvfwo3Lbh5/6+N/MHmtlh6se642tmhX8c67k3Nz5yeWPlvka6+Hs/hHD7bu/3tiaUvcGxHVg/i+iLg/Ih7I2/5gRDwUEQc7xP/d8w+/VZe9YXr9eBJd3f/T2f7f1nr/x0jj/l95ou/0t1+1qz+bIe+4/395I0+N5q/LOP+VyjPni7NDxwaucrMBAADA/0oaEbsiSccW02k6NpaNXO6NHWn53Ozc4yfOvXN2Ovuu/EgMpMVIVzYePJAU458jdfmJpvyRfNz4476hWn5s6lx5utvBQ4/b2ab/V/3R1+3WARvO/2tB79L/oXfp/9C7+uOTTt9fArao925eZGAz2gF0RdrqzWWcF4AtwP0/9C79H3qX/g+9q3P/9y1A2KJmK6v/v/5yMXDYZlHjO8lSmeJHGlZVaWMibb2oOGetYc2rTnye/1bgpla6jERlfVcYadtFQ81bPul27EuJyvILp+tziK53oji2O5T5cQ1VVPLEZp+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANsZ/AQAA///EtcDm") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704002a52a641a2527d45cc073fc549349c980000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, 0x0) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program crashed: BUG: unable to handle kernel paging request in lock_sock_nested testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-bpf$PROG_LOAD-mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000400), 0x1, 0x4b9, &(0x7f0000000480)="$eJzs3M9rHFUcAPDvTH606Q8Ta/3RWnW1ikExaVN/9ODBioIXQdBDBS8xSUvttpUmgi0Bo0h7lII3D+JNwb/Ak15EvSgoeNG7FER6sXpa2Z2ZZHe7u83vrdnPB3b3vZ238953Zt5k5r3NBtCzStWnJGJXRPwWEcNZtrFAKXu5fm1+6p9r81NJVCqv/pXUyv19bX6qKFp8bmeeGU0j0g+TYkF//WpnL1w8PVkuz5zP8+NzZ94en71w8YlTZyZPzpycOTtx9OiTRw4/8/TEU2uM8Nfa83CeO7DvpdevvDx1/Mqb3395eXcWdzTFsXppQ64UpcZtWeeRtVd2S9ldl076u9gQVqQv75gDtf4/HH113XQ4Xvyg44e3b0IDgQ1TqVQq29ovXqhkYnsF2HqSyF/7I7rdFmAzFX/oq/e/xWOTLj1uCX8ey26AqnFfzx/Zkv7Fu/mBpvvb9VSKiOML/35afUTzOMTgBlUKAPS0r49FLOTpxuu/NO6qK3dbPocyEhG3R8SeiLgjIvZGxJ1DUSt7d0Tcs8L6S035vphvGlVOr644qBWoXv89m89tNV7/5Vd/gzHSl+d2Z0PlyYlT5ZlD+TYZjYFSNX84K9003VObCYtvXvj5o3b111//VR/V+mvXgkNFifRqf9MA3fTk3OS6xf9+xP7+VvEnizMB1aD2RcT+Vit47uZ1nHrsiwPtlrWNfznWYZ6p8lnEo9n+X4g8/uyye2lXJp3nJ8e3R3nm0HhxVNzoh58uvdKu/jXFvw6q+39Hy+O/iH+kllqcr53N3h1aQR2Xfr88VVvfwo3Lbh5/6+N/MHmtlh6se642tmhX8c67k3Nz5yeWPlvka6+Hs/hHD7bu/3tiaUvcGxHVg/i+iLg/Ih7I2/5gRDwUEQc7xP/d8w+/VZe9YXr9eBJd3f/T2f7f1nr/x0jj/l95ou/0t1+1qz+bIe+4/395I0+N5q/LOP+VyjPni7NDxwaucrMBAADA/0oaEbsiSccW02k6NpaNXO6NHWn53Ozc4yfOvXN2Ovuu/EgMpMVIVzYePJAU458jdfmJpvyRfNz4476hWn5s6lx5utvBQ4/b2ab/V/3R1+3WARvO/2tB79L/oXfp/9C7+uOTTt9fArao925eZGAz2gF0RdrqzWWcF4AtwP0/9C79H3qX/g+9q3P/9y1A2KJmK6v/v/5yMXDYZlHjO8lSmeJHGlZVaWMibb2oOGetYc2rTnye/1bgpla6jERlfVcYadtFQ81bPul27EuJyvILp+tziK53oji2O5T5cQ1VVPLEZp+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANsZ/AQAA///EtcDm") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704002a52a641a2527d45cc073fc549349c980000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program crashed: BUG: unable to handle kernel paging request in lock_sock_nested testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2010400, &(0x7f0000000400), 0x1, 0x4b9, &(0x7f0000000480)="$eJzs3M9rHFUcAPDvTH606Q8Ta/3RWnW1ikExaVN/9ODBioIXQdBDBS8xSUvttpUmgi0Bo0h7lII3D+JNwb/Ak15EvSgoeNG7FER6sXpa2Z2ZZHe7u83vrdnPB3b3vZ238953Zt5k5r3NBtCzStWnJGJXRPwWEcNZtrFAKXu5fm1+6p9r81NJVCqv/pXUyv19bX6qKFp8bmeeGU0j0g+TYkF//WpnL1w8PVkuz5zP8+NzZ94en71w8YlTZyZPzpycOTtx9OiTRw4/8/TEU2uM8Nfa83CeO7DvpdevvDx1/Mqb3395eXcWdzTFsXppQ64UpcZtWeeRtVd2S9ldl076u9gQVqQv75gDtf4/HH113XQ4Xvyg44e3b0IDgQ1TqVQq29ovXqhkYnsF2HqSyF/7I7rdFmAzFX/oq/e/xWOTLj1uCX8ey26AqnFfzx/Zkv7Fu/mBpvvb9VSKiOML/35afUTzOMTgBlUKAPS0r49FLOTpxuu/NO6qK3dbPocyEhG3R8SeiLgjIvZGxJ1DUSt7d0Tcs8L6S035vphvGlVOr644qBWoXv89m89tNV7/5Vd/gzHSl+d2Z0PlyYlT5ZlD+TYZjYFSNX84K9003VObCYtvXvj5o3b111//VR/V+mvXgkNFifRqf9MA3fTk3OS6xf9+xP7+VvEnizMB1aD2RcT+Vit47uZ1nHrsiwPtlrWNfznWYZ6p8lnEo9n+X4g8/uyye2lXJp3nJ8e3R3nm0HhxVNzoh58uvdKu/jXFvw6q+39Hy+O/iH+kllqcr53N3h1aQR2Xfr88VVvfwo3Lbh5/6+N/MHmtlh6se642tmhX8c67k3Nz5yeWPlvka6+Hs/hHD7bu/3tiaUvcGxHVg/i+iLg/Ih7I2/5gRDwUEQc7xP/d8w+/VZe9YXr9eBJd3f/T2f7f1nr/x0jj/l95ou/0t1+1qz+bIe+4/395I0+N5q/LOP+VyjPni7NDxwaucrMBAADA/0oaEbsiSccW02k6NpaNXO6NHWn53Ozc4yfOvXN2Ovuu/EgMpMVIVzYePJAU458jdfmJpvyRfNz4476hWn5s6lx5utvBQ4/b2ab/V/3R1+3WARvO/2tB79L/oXfp/9C7+uOTTt9fArao925eZGAz2gF0RdrqzWWcF4AtwP0/9C79H3qX/g+9q3P/9y1A2KJmK6v/v/5yMXDYZlHjO8lSmeJHGlZVaWMibb2oOGetYc2rTnye/1bgpla6jERlfVcYadtFQ81bPul27EuJyvILp+tziK53oji2O5T5cQ1VVPLEZp+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANsZ/AQAA///EtcDm") mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program crashed: BUG: unable to handle kernel paging request in lock_sock_nested testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program crashed: BUG: unable to handle kernel paging request in lock_sock_nested testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, 0x0, 0x0) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(0x0, &(0x7f0000000540)='./file1\x00', 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) program crashed: BUG: unable to handle kernel paging request in lock_sock_nested testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) program crashed: BUG: unable to handle kernel paging request in lock_sock_nested extracting C reproducer testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH program crashed: no output from test machine a never seen crash title: no output from test machine, ignore simplifying guilty program options testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) program crashed: BUG: unable to handle kernel paging request in lock_sock_nested extracting C reproducer testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH program crashed: no output from test machine a never seen crash title: no output from test machine, ignore testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) program did not crash testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) program did not crash validation run: crashed=false testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) program crashed: BUG: unable to handle kernel paging request in lock_sock_nested validation run: crashed=true testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) program crashed: BUG: unable to handle kernel paging request in lock_sock_nested validation run: crashed=true testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) program did not crash validation run: crashed=false testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) program did not crash validation run: crashed=false testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mlock-syz_init_net_socket$bt_l2cap-bind$bt_l2cap-listen-mount$bind-sendmsg$NFT_BATCH detailed listing: executing program 0: mlock(&(0x7f0000ffa000/0x4000)=nil, 0x4000) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000001180)={0x1f, 0x0, @any, 0x3}, 0xe) listen(r0, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x0, 0x1002082, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) program crashed: BUG: unable to handle kernel paging request in lock_sock_nested validation run: crashed=true reproducing took 2h0m21.361946601s repro crashed as (corrupted=false): Unable to handle kernel paging request at virtual address dfff800000000026 KASAN: null-ptr-deref in range [0x0000000000000130-0x0000000000000137] Mem abort info: ESR = 0x0000000096000006 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x06: level 2 translation fault Data abort info: ISV = 0, ISS = 0x00000006 CM = 0, WnR = 0 [dfff800000000026] address between user and kernel address ranges Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP Modules linked in: CPU: 1 PID: 4470 Comm: kworker/1:17 Not tainted syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 Workqueue: events l2cap_info_timeout pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) pc : __lock_acquire+0xe0/0x6544 kernel/locking/lockdep.c:4919 lr : lock_acquire+0x20c/0x644 kernel/locking/lockdep.c:5662 sp : ffff800020ca75e0 x29: ffff800020ca77f0 x28: dfff800000000000 x27: 0000000000000000 x26: ffff800010c143a0 x25: 1ffff00002a180b0 x24: 0000000000000000 x23: 0000000000000000 x22: 0000000000000000 x21: 0000000000000000 x20: 0000000000000130 x19: 0000000000000000 x18: ffff800011abbcc0 x17: ffff8000181f9000 x16: ffff8000082d25b8 x15: ffff800017cd9fc0 x14: ffff0000c8b02658 x13: ffff0000c8b026f8 x12: 0000000000ff0100 x11: ff0080000a893f20 x10: ffff700004194edc x9 : ffff8000150c0584 x8 : 0000000000000026 x7 : ffff800010c143a0 x6 : 0000000000000000 x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000130 Call trace: __lock_acquire+0xe0/0x6544 kernel/locking/lockdep.c:4919 lock_acquire+0x20c/0x644 kernel/locking/lockdep.c:5662 lock_sock_nested+0x70/0x130 net/core/sock.c:3493 lock_sock include/net/sock.h:1792 [inline] l2cap_sock_ready_cb+0x4c/0x130 net/bluetooth/l2cap_sock.c:1697 l2cap_chan_ready net/bluetooth/l2cap_core.c:1410 [inline] l2cap_conn_start+0x594/0xb38 net/bluetooth/l2cap_core.c:1669 l2cap_info_timeout+0x68/0xb8 net/bluetooth/l2cap_core.c:1836 process_one_work+0x7f4/0x13a8 kernel/workqueue.c:2292 worker_thread+0x8c8/0xfbc kernel/workqueue.c:2439 kthread+0x250/0x2d8 kernel/kthread.c:376 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:850 Code: b0067488 b9482108 340001c8 d343fe88 (387c6908) ---[ end trace 0000000000000000 ]--- ---------------- Code disassembly (best guess): 0: b0067488 adrp x8, 0xce91000 4: b9482108 ldr w8, [x8, #2080] 8: 340001c8 cbz w8, 0x40 c: d343fe88 lsr x8, x20, #3 * 10: 387c6908 ldrb w8, [x8, x28] <-- trapping instruction final repro crashed as (corrupted=false): Unable to handle kernel paging request at virtual address dfff800000000026 KASAN: null-ptr-deref in range [0x0000000000000130-0x0000000000000137] Mem abort info: ESR = 0x0000000096000006 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x06: level 2 translation fault Data abort info: ISV = 0, ISS = 0x00000006 CM = 0, WnR = 0 [dfff800000000026] address between user and kernel address ranges Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP Modules linked in: CPU: 1 PID: 4470 Comm: kworker/1:17 Not tainted syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 Workqueue: events l2cap_info_timeout pstate: 824000c5 (Nzcv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) pc : __lock_acquire+0xe0/0x6544 kernel/locking/lockdep.c:4919 lr : lock_acquire+0x20c/0x644 kernel/locking/lockdep.c:5662 sp : ffff800020ca75e0 x29: ffff800020ca77f0 x28: dfff800000000000 x27: 0000000000000000 x26: ffff800010c143a0 x25: 1ffff00002a180b0 x24: 0000000000000000 x23: 0000000000000000 x22: 0000000000000000 x21: 0000000000000000 x20: 0000000000000130 x19: 0000000000000000 x18: ffff800011abbcc0 x17: ffff8000181f9000 x16: ffff8000082d25b8 x15: ffff800017cd9fc0 x14: ffff0000c8b02658 x13: ffff0000c8b026f8 x12: 0000000000ff0100 x11: ff0080000a893f20 x10: ffff700004194edc x9 : ffff8000150c0584 x8 : 0000000000000026 x7 : ffff800010c143a0 x6 : 0000000000000000 x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000130 Call trace: __lock_acquire+0xe0/0x6544 kernel/locking/lockdep.c:4919 lock_acquire+0x20c/0x644 kernel/locking/lockdep.c:5662 lock_sock_nested+0x70/0x130 net/core/sock.c:3493 lock_sock include/net/sock.h:1792 [inline] l2cap_sock_ready_cb+0x4c/0x130 net/bluetooth/l2cap_sock.c:1697 l2cap_chan_ready net/bluetooth/l2cap_core.c:1410 [inline] l2cap_conn_start+0x594/0xb38 net/bluetooth/l2cap_core.c:1669 l2cap_info_timeout+0x68/0xb8 net/bluetooth/l2cap_core.c:1836 process_one_work+0x7f4/0x13a8 kernel/workqueue.c:2292 worker_thread+0x8c8/0xfbc kernel/workqueue.c:2439 kthread+0x250/0x2d8 kernel/kthread.c:376 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:850 Code: b0067488 b9482108 340001c8 d343fe88 (387c6908) ---[ end trace 0000000000000000 ]--- ---------------- Code disassembly (best guess): 0: b0067488 adrp x8, 0xce91000 4: b9482108 ldr w8, [x8, #2080] 8: 340001c8 cbz w8, 0x40 c: d343fe88 lsr x8, x20, #3 * 10: 387c6908 ldrb w8, [x8, x28] <-- trapping instruction