[ 86.623112][ T1111] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.209' (ED25519) to the list of known hosts.
2025/09/20 16:07:34 ignoring optional flag "type"="gce"
2025/09/20 16:07:34 parsed 1 programs
[ 93.985295][ T4608] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 95.025874][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 95.038860][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 95.064414][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 95.073709][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 95.082886][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 95.093159][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 95.321981][ T4667] chnl_net:caif_netlink_parms(): no params data found
[ 95.382733][ T4667] bridge0: port 1(bridge_slave_0) entered blocking state
[ 95.389909][ T4667] bridge0: port 1(bridge_slave_0) entered disabled state
[ 95.399647][ T4667] device bridge_slave_0 entered promiscuous mode
[ 95.408915][ T4667] bridge0: port 2(bridge_slave_1) entered blocking state
[ 95.416403][ T4667] bridge0: port 2(bridge_slave_1) entered disabled state
[ 95.425118][ T4667] device bridge_slave_1 entered promiscuous mode
[ 95.455323][ T4667] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 95.468488][ T4667] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 95.502705][ T4667] team0: Port device team_slave_0 added
[ 95.512527][ T4667] team0: Port device team_slave_1 added
[ 95.538490][ T4667] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 95.547087][ T4667] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 95.574729][ T4667] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 95.587692][ T4667] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 95.596250][ T4667] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 95.624207][ T4667] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 95.666436][ T4667] device hsr_slave_0 entered promiscuous mode
[ 95.673472][ T4667] device hsr_slave_1 entered promiscuous mode
[ 96.404617][ T4667] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 96.414623][ T4667] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 96.425715][ T4667] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 96.436399][ T4667] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 96.507951][ T4667] 8021q: adding VLAN 0 to HW filter on device bond0
[ 96.542721][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 96.551567][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 96.563011][ T4667] 8021q: adding VLAN 0 to HW filter on device team0
[ 96.573619][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 96.584826][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 96.595665][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.602809][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 96.624927][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 96.635038][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 96.645426][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 96.656095][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.663243][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 96.672232][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 96.683533][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 96.692728][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 96.703514][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 96.723497][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 96.732638][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 96.742060][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 96.750685][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 96.762574][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 96.771596][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 96.780670][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 96.792535][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 96.965274][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 96.972927][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 96.989772][ T4667] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 97.010031][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 97.019038][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 97.056289][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 97.065249][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 97.077253][ T4667] device veth0_vlan entered promiscuous mode
[ 97.084369][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 97.093304][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 97.106316][ T4667] device veth1_vlan entered promiscuous mode
[ 97.148627][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 97.158950][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 97.169638][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 97.179655][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 97.190221][ T4667] device veth0_macvtap entered promiscuous mode
[ 97.213707][ T4667] device veth1_macvtap entered promiscuous mode
[ 97.234395][ T4667] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 97.245091][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 97.261928][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 97.270334][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 97.279576][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 97.290519][ T4667] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 97.302559][ T4667] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.311365][ T4667] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.320070][ T4667] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.329066][ T4667] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 97.342787][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 97.353988][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2025/09/20 16:07:40 executed programs: 0
[ 98.731295][ T4790] chnl_net:caif_netlink_parms(): no params data found
[ 98.890359][ T4790] bridge0: port 1(bridge_slave_0) entered blocking state
[ 98.913611][ T4790] bridge0: port 1(bridge_slave_0) entered disabled state
[ 98.922327][ T4790] device bridge_slave_0 entered promiscuous mode
[ 98.935261][ T4790] bridge0: port 2(bridge_slave_1) entered blocking state
[ 98.945255][ T4790] bridge0: port 2(bridge_slave_1) entered disabled state
[ 98.953868][ T4790] device bridge_slave_1 entered promiscuous mode
[ 99.015433][ T4790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 99.041954][ T4790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 99.076365][ T4790] team0: Port device team_slave_0 added
[ 99.087367][ T4790] team0: Port device team_slave_1 added
[ 99.145640][ T4790] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 99.161655][ T4790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.223570][ T4790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 99.244869][ T4790] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 99.261151][ T4790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.321156][ T4790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 99.407751][ T4790] device hsr_slave_0 entered promiscuous mode
[ 99.435086][ T4790] device hsr_slave_1 entered promiscuous mode
[ 99.442252][ T4790] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 99.449846][ T4790] Cannot create hsr debugfs directory
[ 99.590255][ T4790] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 100.541373][ T4301] Bluetooth: hci0: command 0x0409 tx timeout
[ 101.938205][ T4790] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 101.999275][ T4790] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 102.087663][ T4790] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 102.197045][ T4790] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 102.209051][ T4790] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 102.232515][ T4790] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 102.242782][ T4790] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 102.337673][ T4790] 8021q: adding VLAN 0 to HW filter on device bond0
[ 102.352079][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 102.360890][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 102.392007][ T4790] 8021q: adding VLAN 0 to HW filter on device team0
[ 102.403064][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 102.412654][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 102.423814][ T4320] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.431018][ T4320] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 102.465555][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 102.474678][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 102.484590][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 102.495800][ T4320] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.503024][ T4320] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.539518][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 102.548786][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 102.573342][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 102.583775][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 102.595195][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 102.604301][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 102.613390][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 102.621955][ T4301] Bluetooth: hci0: command 0x041b tx timeout
[ 102.629433][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 102.638247][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 102.647067][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 102.658627][ T4790] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 102.667379][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 102.726891][ T155] device hsr_slave_0 left promiscuous mode
[ 102.742236][ T155] device hsr_slave_1 left promiscuous mode
[ 102.762233][ T155] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 102.781407][ T155] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 102.789447][ T155] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 102.800784][ T155] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 102.809368][ T155] device bridge_slave_1 left promiscuous mode
[ 102.818665][ T155] bridge0: port 2(bridge_slave_1) entered disabled state
[ 102.827919][ T155] device bridge_slave_0 left promiscuous mode
[ 102.838990][ T155] bridge0: port 1(bridge_slave_0) entered disabled state
[ 102.866468][ T155] device veth1_macvtap left promiscuous mode
[ 102.872927][ T155] device veth0_macvtap left promiscuous mode
[ 102.879017][ T155] device veth1_vlan left promiscuous mode
[ 102.885112][ T155] device veth0_vlan left promiscuous mode
[ 103.029323][ T155] team0 (unregistering): Port device team_slave_1 removed
[ 103.043649][ T155] team0 (unregistering): Port device team_slave_0 removed
[ 103.055954][ T155] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 103.070002][ T155] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 103.128207][ T155] bond0 (unregistering): Released all slaves
[ 103.268266][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 103.276351][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 103.294456][ T4790] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 103.316340][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 103.328330][ T4320] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 103.384621][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 103.396490][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 103.406919][ T4790] device veth0_vlan entered promiscuous mode
[ 103.414895][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 103.424043][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 103.439067][ T4790] device veth1_vlan entered promiscuous mode
[ 103.482247][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 103.491074][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 103.499761][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 103.513689][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 103.527078][ T4790] device veth0_macvtap entered promiscuous mode
[ 103.538015][ T4790] device veth1_macvtap entered promiscuous mode
[ 103.555858][ T4790] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 103.568061][ T4790] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 103.577464][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 103.586445][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 103.595087][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 103.604412][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 103.613481][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 103.622982][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 103.635936][ T4790] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.646395][ T4790] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.655876][ T4790] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.675244][ T4790] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.775807][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 103.789781][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 103.823472][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 103.836971][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 103.846546][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 103.859148][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2025/09/20 16:07:46 executed programs: 1
[ 104.361264][ C0] ------------[ cut here ]------------
[ 104.361264][ C1] ------------[ cut here ]------------
[ 104.362184][ C1] WARNING: CPU: 1 PID: 155 at mm/maccess.c:226 copy_from_user_nofault+0x160/0x1c0
[ 104.362229][ C1] Modules linked in:
[ 104.362250][ C1] CPU: 1 PID: 155 Comm: kworker/u4:3 Not tainted syzkaller #0
[ 104.362268][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 104.362279][ C1] Workqueue: netns cleanup_net
[ 104.362314][ C1] RIP: 0010:copy_from_user_nofault+0x160/0x1c0
[ 104.362336][ C1] Code: 24 45 31 f6 31 ff 89 de e8 3d f7 d8 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 c0 f3 d8 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe
[ 104.362351][ C1] RSP: 0018:ffffc90000dd0868 EFLAGS: 00010046
[ 104.362407][ C1]
[ 104.362409][ C1] ======================================================
[ 104.362414][ C1] WARNING: possible circular locking dependency detected
[ 104.362422][ C1] syzkaller #0 Not tainted
[ 104.362429][ C1] ------------------------------------------------------
[ 104.362435][ C1] kworker/u4:3/155 is trying to acquire lock:
[ 104.362443][ C1] ffffffff8c1110c0 (console_owner){..-.}-{0:0}, at: console_trylock_spinning+0x150/0x350
[ 104.362493][ C1]
[ 104.362493][ C1] but task is already holding lock:
[ 104.362497][ C1] ffff8880b91280d8 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x123/0x270
[ 104.362541][ C1]
[ 104.362541][ C1] which lock already depends on the new lock.
[ 104.362541][ C1]
[ 104.362548][ C1]
[ 104.362548][ C1] the existing dependency chain (in reverse order) is:
[ 104.362553][ C1]
[ 104.362553][ C1] -> #5 (&base->lock){-.-.}-{2:2}:
[ 104.362573][ C1] _raw_spin_lock_irqsave+0xa4/0xf0
[ 104.362604][ C1] lock_timer_base+0x123/0x270
[ 104.362623][ C1] __mod_timer+0x117/0xd20
[ 104.362643][ C1] queue_delayed_work_on+0x126/0x1e0
[ 104.362662][ C1] enqueue_task+0x26d/0x2b0
[ 104.362682][ C1] wake_up_new_task+0x442/0x9a0
[ 104.362702][ C1] kernel_clone+0x421/0x930
[ 104.362720][ C1] kernel_thread+0xc8/0x120
[ 104.362738][ C1] rest_init+0x21/0x330
[ 104.362758][ C1] start_kernel+0x486/0x530
[ 104.362775][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 104.362798][ C1]
[ 104.362798][ C1] -> #4 (&rq->__lock){-.-.}-{2:2}:
[ 104.362823][ C1] _raw_spin_lock_nested+0x2e/0x40
[ 104.362841][ C1] raw_spin_rq_lock_nested+0x26/0x140
[ 104.362861][ C1] task_fork_fair+0x5c/0x350
[ 104.362878][ C1] sched_cgroup_fork+0x2c6/0x320
[ 104.362897][ C1] copy_process+0x22d1/0x3e00
[ 104.362915][ C1] kernel_clone+0x219/0x930
[ 104.362932][ C1] kernel_thread+0xc8/0x120
[ 104.362949][ C1] rest_init+0x21/0x330
[ 104.362967][ C1] start_kernel+0x486/0x530
[ 104.362984][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 104.363004][ C1]
[ 104.363004][ C1] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[ 104.363029][ C1] _raw_spin_lock_irqsave+0xa4/0xf0
[ 104.363050][ C1] try_to_wake_up+0x5c/0x1050
[ 104.363071][ C1] __wake_up_common+0x2a4/0x4e0
[ 104.363092][ C1] __wake_up+0x108/0x180
[ 104.363110][ C1] tty_port_default_wakeup+0xa5/0xf0
[ 104.363132][ C1] serial8250_tx_chars+0x629/0x830
[ 104.363153][ C1] serial8250_handle_irq+0x519/0x610
[ 104.363173][ C1] serial8250_default_handle_irq+0xb4/0x1a0
[ 104.363192][ C1] serial8250_interrupt+0x9b/0x1c0
[ 104.363209][ C1] __handle_irq_event_percpu+0x291/0x9b0
[ 104.363226][ C1] handle_irq_event+0xa5/0x220
[ 104.363245][ C1] handle_edge_irq+0x243/0xb20
[ 104.363264][ C1] __common_interrupt+0xd7/0x1e0
[ 104.363284][ C1] common_interrupt+0xb0/0xd0
[ 104.363308][ C1] asm_common_interrupt+0x22/0x40
[ 104.363326][ C1] default_idle+0xb/0x10
[ 104.363348][ C1] default_idle_call+0x81/0xc0
[ 104.363368][ C1] do_idle+0x21b/0x5b0
[ 104.363387][ C1] cpu_startup_entry+0x14/0x20
[ 104.363407][ C1] start_kernel+0x486/0x530
[ 104.363424][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 104.363446][ C1]
[ 104.363446][ C1] -> #2 (&tty->write_wait){-.-.}-{2:2}:
[ 104.363472][ C1] _raw_spin_lock_irqsave+0xa4/0xf0
[ 104.363493][ C1] __wake_up+0xed/0x180
[ 104.363511][ C1] tty_port_default_wakeup+0xa5/0xf0
[ 104.363531][ C1] serial8250_tx_chars+0x629/0x830
[ 104.363552][ C1] serial8250_handle_irq+0x519/0x610
[ 104.363572][ C1] serial8250_default_handle_irq+0xb4/0x1a0
[ 104.363594][ C1] serial8250_interrupt+0x9b/0x1c0
[ 104.363613][ C1] __handle_irq_event_percpu+0x291/0x9b0
[ 104.363634][ C1] handle_irq_event+0xa5/0x220
[ 104.363652][ C1] handle_edge_irq+0x243/0xb20
[ 104.363671][ C1] __common_interrupt+0xd7/0x1e0
[ 104.363688][ C1] common_interrupt+0xb0/0xd0
[ 104.363706][ C1] asm_common_interrupt+0x22/0x40
[ 104.363723][ C1] default_idle+0xb/0x10
[ 104.363743][ C1] default_idle_call+0x81/0xc0
[ 104.363764][ C1] do_idle+0x21b/0x5b0
[ 104.363783][ C1] cpu_startup_entry+0x14/0x20
[ 104.363802][ C1] start_kernel+0x486/0x530
[ 104.363819][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 104.363851][ C1]
[ 104.363851][ C1] -> #1 (&port_lock_key){-.-.}-{2:2}:
[ 104.363876][ C1] _raw_spin_lock_irqsave+0xa4/0xf0
[ 104.363898][ C1] serial8250_console_write+0x170/0xf80
[ 104.363918][ C1] console_unlock+0xc86/0x1200
[ 104.363934][ C1] vprintk_emit+0xc0/0x150
[ 104.363953][ C1] _printk+0xcc/0x110
[ 104.363971][ C1] register_console+0x682/0x960
[ 104.363988][ C1] univ8250_console_init+0x41/0x50
[ 104.364006][ C1] console_init+0x177/0x5d0
[ 104.364025][ C1] start_kernel+0x2f9/0x530
[ 104.364041][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 104.364062][ C1]
[ 104.364062][ C1] -> #0 (console_owner){..-.}-{0:0}:
[ 104.364084][ C1] __lock_acquire+0x2c33/0x7c60
[ 104.364104][ C1] lock_acquire+0x197/0x3f0
[ 104.364124][ C1] console_trylock_spinning+0x170/0x350
[ 104.364145][ C1] vprintk_emit+0xa7/0x150
[ 104.364166][ C1] _printk+0xcc/0x110
[ 104.364185][ C1] __show_regs+0x28/0x500
[ 104.364202][ C1] show_regs+0x32/0x60
[ 104.364217][ C1] __warn+0x15e/0x2b0
[ 104.364234][ C1] report_bug+0x1b7/0x2e0
[ 104.364255][ C1] handle_bug+0x3a/0x70
[ 104.364270][ C1] exc_invalid_op+0x16/0x40
[ 104.364285][ C1] asm_exc_invalid_op+0x16/0x20
[ 104.364310][ C1] copy_from_user_nofault+0x160/0x1c0
[ 104.364332][ C1] bpf_probe_read_user+0x26/0x70
[ 104.364351][ C1] bpf_prog_64e63e24eee51416+0x3a/0x300
[ 104.364367][ C1] bpf_trace_run3+0x17e/0x320
[ 104.364383][ C1] enqueue_timer+0x394/0x520
[ 104.364402][ C1] __mod_timer+0x8e1/0xd20
[ 104.364419][ C1] dsp_cmx_send+0x1ab4/0x1b30
[ 104.364437][ C1] call_timer_fn+0x16c/0x530
[ 104.364456][ C1] __run_timers+0x525/0x7c0
[ 104.364474][ C1] run_timer_softirq+0x63/0xf0
[ 104.364494][ C1] handle_softirqs+0x328/0x820
[ 104.364510][ C1] __irq_exit_rcu+0x12f/0x220
[ 104.364526][ C1] irq_exit_rcu+0x5/0x20
[ 104.364542][ C1] sysvec_apic_timer_interrupt+0xa0/0xc0
[ 104.364559][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 104.364579][ C1] inet_twsk_purge+0x792/0x810
[ 104.364599][ C1] cleanup_net+0x77b/0xb80
[ 104.364617][ C1] process_one_work+0x863/0x1000
[ 104.364635][ C1] worker_thread+0xaa8/0x12a0
[ 104.364653][ C1] kthread+0x436/0x520
[ 104.364669][ C1] ret_from_fork+0x1f/0x30
[ 104.364687][ C1]
[ 104.364687][ C1] other info that might help us debug this:
[ 104.364687][ C1]
[ 104.364693][ C1] Chain exists of:
[ 104.364693][ C1] console_owner --> &rq->__lock --> &base->lock
[ 104.364693][ C1]
[ 104.364719][ C1] Possible unsafe locking scenario:
[ 104.364719][ C1]
[ 104.364723][ C1] CPU0 CPU1
[ 104.364728][ C1] ---- ----
[ 104.364731][ C1] lock(&base->lock);
[ 104.364760][ C1] lock(&rq->__lock);
[ 104.364773][ C1] lock(&base->lock);
[ 104.364785][ C1] lock(console_owner);
[ 104.364797][ C1]
[ 104.364797][ C1] *** DEADLOCK ***
[ 104.364797][ C1]
[ 104.364800][ C1] 7 locks held by kworker/u4:3/155:
[ 104.364811][ C1] #0: ffff8880169cd938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x760/0x1000
[ 104.364860][ C1] #1: ffffc90002047d00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7a3/0x1000
[ 104.364907][ C1] #2: ffffffff8d22c3d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x132/0xb80
[ 104.364953][ C1] #3: ffffc90000dd0be0 ((&dsp_spl_tl)){+.-.}-{0:0}, at: call_timer_fn+0xbb/0x530
[ 104.365000][ C1] #4: ffffffff8cfdc6b8 (dsp_lock){..-.}-{2:2}, at: dsp_cmx_send+0x22/0x1b30
[ 104.365045][ C1] #5: ffff8880b91280d8 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x123/0x270
[ 104.365092][ C1] #6: ffffffff8c11c660 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30
[ 104.365137][ C1]
[ 104.365137][ C1] stack backtrace:
[ 104.365142][ C1] CPU: 1 PID: 155 Comm: kworker/u4:3 Not tainted syzkaller #0
[ 104.365161][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 104.365174][ C1] Workqueue: netns cleanup_net
[ 104.365191][ C1] Call Trace:
[ 104.365198][ C1]
[ 104.365205][ C1] dump_stack_lvl+0x168/0x230
[ 104.365230][ C1] ? load_image+0x3b0/0x3b0
[ 104.365249][ C1] ? show_regs_print_info+0x20/0x20
[ 104.365277][ C1] ? print_circular_bug+0x12b/0x1a0
[ 104.365299][ C1] check_noncircular+0x274/0x310
[ 104.365328][ C1] ? add_chain_block+0x940/0x940
[ 104.365346][ C1] ? lockdep_lock+0x141/0x1e0
[ 104.365370][ C1] ? data_alloc+0x4c6/0x7b0
[ 104.365388][ C1] ? mark_lock+0x94/0x320
[ 104.365410][ C1] ? mark_lock+0x94/0x320
[ 104.365434][ C1] __lock_acquire+0x2c33/0x7c60
[ 104.365469][ C1] ? down_trylock+0x4c/0xa0
[ 104.365489][ C1] ? verify_lock_unused+0x140/0x140
[ 104.365513][ C1] ? verify_lock_unused+0x140/0x140
[ 104.365537][ C1] ? __rwlock_init+0x140/0x140
[ 104.365555][ C1] ? prb_reserve+0x1140/0x1140
[ 104.365577][ C1] ? do_raw_spin_unlock+0x11d/0x230
[ 104.365598][ C1] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 104.365623][ C1] ? _raw_spin_unlock+0x40/0x40
[ 104.365650][ C1] lock_acquire+0x197/0x3f0
[ 104.365671][ C1] ? console_trylock_spinning+0x150/0x350
[ 104.365697][ C1] ? console_trylock_spinning+0x150/0x350
[ 104.365723][ C1] ? __lock_acquire+0x7c60/0x7c60
[ 104.365746][ C1] ? do_raw_spin_lock+0x11d/0x280
[ 104.365765][ C1] ? read_lock_is_recursive+0x10/0x10
[ 104.365790][ C1] ? __rwlock_init+0x140/0x140
[ 104.365811][ C1] ? do_raw_spin_unlock+0x11d/0x230
[ 104.365833][ C1] console_trylock_spinning+0x170/0x350
[ 104.365856][ C1] ? console_trylock_spinning+0x150/0x350
[ 104.365881][ C1] ? vprintk_emit+0x150/0x150
[ 104.365905][ C1] ? vprintk_emit+0xf9/0x150
[ 104.365928][ C1] ? _printk+0xcc/0x110
[ 104.365953][ C1] vprintk_emit+0xa7/0x150
[ 104.365977][ C1] _printk+0xcc/0x110
[ 104.365998][ C1] ? copy_from_user_nofault+0x136/0x1c0
[ 104.366023][ C1] ? load_image+0x3b0/0x3b0
[ 104.366049][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 104.366071][ C1] __show_regs+0x28/0x500
[ 104.366092][ C1] ? dump_stack_print_info+0xf1/0x150
[ 104.366114][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 104.366137][ C1] show_regs+0x32/0x60
[ 104.366156][ C1] __warn+0x15e/0x2b0
[ 104.366176][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 104.366200][ C1] report_bug+0x1b7/0x2e0
[ 104.366225][ C1] handle_bug+0x3a/0x70
[ 104.366243][ C1] exc_invalid_op+0x16/0x40
[ 104.366262][ C1] asm_exc_invalid_op+0x16/0x20
[ 104.366281][ C1] RIP: 0010:copy_from_user_nofault+0x160/0x1c0
[ 104.366310][ C1] Code: 24 45 31 f6 31 ff 89 de e8 3d f7 d8 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 c0 f3 d8 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe
[ 104.366327][ C1] RSP: 0018:ffffc90000dd0868 EFLAGS: 00010046
[ 104.366344][ C1] RAX: ffffffff819ed760 RBX: 0000000000000008 RCX: ffff88801d559dc0
[ 104.366360][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 104.366372][ C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff7819
[ 104.366387][ C1] R10: fffffbfff1ff7819 R11: 1ffffffff1ff7818 R12: ffff88801d55b548
[ 104.366403][ C1] R13: 1ffff920001ba11c R14: ffffc90000dd08c8 R15: ffffffffb2ec0000
[ 104.366422][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 104.366448][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 104.366471][ C1] bpf_probe_read_user+0x26/0x70
[ 104.366495][ C1] bpf_prog_64e63e24eee51416+0x3a/0x300
[ 104.366513][ C1] bpf_trace_run3+0x17e/0x320
[ 104.366531][ C1] ? bpf_trace_run2+0x2d0/0x2d0
[ 104.366548][ C1] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 104.366574][ C1] ? __lock_acquire+0x7c60/0x7c60
[ 104.366598][ C1] ? dsp_cmx_receive+0x13c0/0x13c0
[ 104.366621][ C1] enqueue_timer+0x394/0x520
[ 104.366646][ C1] __mod_timer+0x8e1/0xd20
[ 104.366678][ C1] dsp_cmx_send+0x1ab4/0x1b30
[ 104.366702][ C1] ? detach_timer+0x33/0x2b0
[ 104.366721][ C1] ? read_lock_is_recursive+0x10/0x10
[ 104.366751][ C1] ? dsp_cmx_receive+0x13c0/0x13c0
[ 104.366772][ C1] call_timer_fn+0x16c/0x530
[ 104.366793][ C1] ? dsp_cmx_receive+0x13c0/0x13c0
[ 104.366814][ C1] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 104.366839][ C1] ? __run_timers+0x7c0/0x7c0
[ 104.366863][ C1] ? rcu_is_watching+0x11/0xa0
[ 104.366882][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 104.366905][ C1] ? lockdep_hardirqs_on+0x94/0x140
[ 104.366924][ C1] ? dsp_cmx_receive+0x13c0/0x13c0
[ 104.366945][ C1] __run_timers+0x525/0x7c0
[ 104.366972][ C1] ? detach_timer+0x2b0/0x2b0
[ 104.366992][ C1] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 104.367019][ C1] ? sched_clock_cpu+0x15/0x3c0
[ 104.367039][ C1] ? ktime_get_real_ts64+0x420/0x420
[ 104.367067][ C1] run_timer_softirq+0x63/0xf0
[ 104.367088][ C1] handle_softirqs+0x328/0x820
[ 104.367109][ C1] ? __irq_exit_rcu+0x12f/0x220
[ 104.367131][ C1] ? do_softirq+0x200/0x200
[ 104.367156][ C1] __irq_exit_rcu+0x12f/0x220
[ 104.367175][ C1] ? irq_exit_rcu+0x20/0x20
[ 104.367201][ C1] irq_exit_rcu+0x5/0x20
[ 104.367218][ C1] sysvec_apic_timer_interrupt+0xa0/0xc0
[ 104.367239][ C1]
[ 104.367245][ C1]
[ 104.367251][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 104.367273][ C1] RIP: 0010:inet_twsk_purge+0x792/0x810
[ 104.367296][ C1] Code: c7 c2 e0 9f 08 8b e8 8d 6e 49 01 e8 c8 83 0f f9 e8 03 01 00 00 48 8b 54 24 30 48 89 d0 48 c1 e8 03 42 0f b6 04 28 84 c0 75 1a <48> 8b 44 24 38 ff c0 48 89 44 24 38 3b 02 77 27 e8 e9 f3 22 f9 e9
[ 104.367319][ C1] RSP: 0018:ffffc90002047a40 EFLAGS: 00000246
[ 104.367336][ C1] RAX: 0000000000000000 RBX: ffffffff964b7760 RCX: 0298ce64642e2d00
[ 104.367352][ C1] RDX: ffffffff964b7770 RSI: ffffffff8a0b2ac0 RDI: ffffffff8a59a480
[ 104.367367][ C1] RBP: ffffc90002047b50 R08: dffffc0000000000 R09: fffffbfff1ad323e
[ 104.367382][ C1] R10: fffffbfff1ad323e R11: 1ffffffff1ad323d R12: 0000000000056f10
[ 104.367397][ C1] R13: dffffc0000000000 R14: ffff88814ceb7880 R15: ffffffff8d4138a0
[ 104.367430][ C1] ? __inet_twsk_schedule+0x130/0x130
[ 104.367453][ C1] ? iput+0x706/0x8a0
[ 104.367476][ C1] ? dccp_v6_exit_net+0x80/0x80
[ 104.367502][ C1] cleanup_net+0x77b/0xb80
[ 104.367523][ C1] ? ops_free_list+0x330/0x330
[ 104.367542][ C1] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 104.367568][ C1] ? _raw_spin_unlock+0x40/0x40
[ 104.367592][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 104.367620][ C1] process_one_work+0x863/0x1000
[ 104.367649][ C1] ? worker_detach_from_pool+0x240/0x240
[ 104.367669][ C1] ? lockdep_hardirqs_off+0x70/0x100
[ 104.367692][ C1] ? _raw_spin_lock_irq+0xab/0xe0
[ 104.367715][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 104.367740][ C1] ? wq_worker_running+0x97/0x170
[ 104.367762][ C1] worker_thread+0xaa8/0x12a0
[ 104.367796][ C1] kthread+0x436/0x520
[ 104.367813][ C1] ? rcu_lock_release+0x20/0x20
[ 104.367841][ C1] ? kthread_blkcg+0xd0/0xd0
[ 104.367861][ C1] ret_from_fork+0x1f/0x30
[ 104.367886][ C1]
[ 104.367880][ C0] WARNING: CPU: 0 PID: 5071 at mm/maccess.c:226 copy_from_user_nofault+0x160/0x1c0
[ 104.373356][ C1]
[ 104.373362][ C1] RAX: ffffffff819ed760 RBX: 0000000000000008 RCX: ffff88801d559dc0
[ 104.382537][ C0] Modules linked in:
[ 104.386424][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 104.393891][ C0] CPU: 0 PID: 5071 Comm: syz-executor Not tainted syzkaller #0
[ 104.403939][ C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff7819
[ 104.408883][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 104.415025][ C1] R10: fffffbfff1ff7819 R11: 1ffffffff1ff7818 R12: ffff88801d55b548
[ 104.434627][ C0] RIP: 0010:copy_from_user_nofault+0x160/0x1c0
[ 104.440712][ C1] R13: 1ffff920001ba11c R14: ffffc90000dd08c8 R15: ffffffffb2ec0000
[ 104.443119][ C0] Code: 24 45 31 f6 31 ff 89 de e8 3d f7 d8 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 c0 f3 d8 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe
[ 104.450164][ C1] FS: 0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[ 104.457215][ C0] RSP: 0018:ffffc90000007828 EFLAGS: 00010046
[ 104.461627][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 104.468666][ C0]
[ 104.468674][ C0] RAX: ffffffff819ed760 RBX: 0000000000000008 RCX: ffff8880663f1dc0
[ 104.474721][ C1] CR2: 00007f91f3d7d988 CR3: 00000000251b4000 CR4: 00000000003506e0
[ 104.484510][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 104.491875][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 104.500701][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff7819
[ 104.511091][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 104.520118][ C0] R10: fffffbfff1ff7819 R11: 1ffffffff1ff7818 R12: ffff8880663f3548
[ 104.527475][ C1] Call Trace:
[ 104.527485][ C1]
[ 104.533191][ C0] R13: 1ffff92000000f14 R14: ffffc90000007888 R15: ffffffffb2ec0000
[ 104.538465][ C1] bpf_probe_read_user+0x26/0x70
[ 104.543382][ C0] FS: 000055556beb5480(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[ 104.549178][ C1] bpf_prog_64e63e24eee51416+0x3a/0x300
[ 104.554189][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 104.559547][ C1] bpf_trace_run3+0x17e/0x320
[ 104.564678][ C0] CR2: 00007f91f3d780c0 CR3: 000000007a126000 CR4: 00000000003506f0
[ 104.569708][ C1] ? bpf_trace_run2+0x2d0/0x2d0
[ 104.574374][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 104.579387][ C1] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 104.585804][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 104.593112][ C1] ? __lock_acquire+0x7c60/0x7c60
[ 104.598787][ C0] Call Trace:
[ 104.598797][ C0]
[ 104.604666][ C1] ? dsp_cmx_receive+0x13c0/0x13c0
[ 104.609762][ C0] bpf_probe_read_user+0x26/0x70
[ 104.615210][ C1] enqueue_timer+0x394/0x520
[ 104.620411][ C0] bpf_prog_64e63e24eee51416+0x3a/0x300
[ 104.625421][ C1] __mod_timer+0x8e1/0xd20
[ 104.630428][ C0] bpf_trace_run3+0x17e/0x320
[ 104.635099][ C1] dsp_cmx_send+0x1ab4/0x1b30
[ 104.640152][ C0] ? bpf_trace_run2+0x2d0/0x2d0
[ 104.646563][ C1] ? detach_timer+0x33/0x2b0
[ 104.653826][ C0] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 104.659534][ C1] ? read_lock_is_recursive+0x10/0x10
[ 104.664739][ C0] ? rcu_core+0x962/0x15d0
[ 104.670108][ C1] ? dsp_cmx_receive+0x13c0/0x13c0
[ 104.674858][ C0] ? irq_exit_rcu+0x5/0x20
[ 104.680656][ C1] call_timer_fn+0x16c/0x530
[ 104.686281][ C0] ? sysvec_apic_timer_interrupt+0xa0/0xc0
[ 104.692102][ C1] ? dsp_cmx_receive+0x13c0/0x13c0
[ 104.698525][ C0] enqueue_timer+0x394/0x520
[ 104.704178][ C1] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 104.710360][ C0] __mod_timer+0x8e1/0xd20
[ 104.715630][ C1] ? __run_timers+0x7c0/0x7c0
[ 104.720909][ C0] queue_delayed_work_on+0x126/0x1e0
[ 104.726356][ C1] ? rcu_is_watching+0x11/0xa0
[ 104.731537][ C0] ? delayed_work_timer_fn+0x80/0x80
[ 104.737066][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 104.741837][ C0] ? _raw_spin_unlock+0x24/0x40
[ 104.747205][ C1] ? lockdep_hardirqs_on+0x94/0x140
[ 104.751906][ C0] ? srcu_gp_start+0x14a/0x210
[ 104.757196][ C1] ? dsp_cmx_receive+0x13c0/0x13c0
[ 104.762210][ C0] srcu_gp_start_if_needed+0x60d/0x960
[ 104.768608][ C1] __run_timers+0x525/0x7c0
[ 104.776313][ C0] rcu_core+0x962/0x15d0
[ 104.782026][ C1] ? detach_timer+0x2b0/0x2b0
[ 104.786788][ C0] ? local_bh_disable+0x20/0x20
[ 104.792576][ C1] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 104.798404][ C0] ? lockdep_softirqs_on+0x570/0x570
[ 104.804210][ C1] ? sched_clock_cpu+0x15/0x3c0
[ 104.811076][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 104.816698][ C1] ? ktime_get_real_ts64+0x420/0x420
[ 104.822843][ C0] ? lock_chain_count+0x20/0x20
[ 104.828116][ C1] run_timer_softirq+0x63/0xf0
[ 104.833387][ C0] ? sched_clock_cpu+0x15/0x3c0
[ 104.838852][ C1] handle_softirqs+0x328/0x820
[ 104.844035][ C0] ? ktime_get_real_ts64+0x420/0x420
[ 104.849571][ C1] ? __irq_exit_rcu+0x12f/0x220
[ 104.854330][ C0] handle_softirqs+0x328/0x820
[ 104.859617][ C1] ? do_softirq+0x200/0x200
[ 104.864201][ C0] ? __irq_exit_rcu+0x12f/0x220
[ 104.869478][ C1] __irq_exit_rcu+0x12f/0x220
[ 104.874532][ C0] ? do_softirq+0x200/0x200
[ 104.880936][ C1] ? irq_exit_rcu+0x20/0x20
[ 104.888467][ C0] ? irqtime_account_irq+0xb2/0x1b0
[ 104.894174][ C1] irq_exit_rcu+0x5/0x20
[ 104.900242][ C0] __irq_exit_rcu+0x12f/0x220
[ 104.905512][ C1] sysvec_apic_timer_interrupt+0xa0/0xc0
[ 104.910441][ C0] ? irq_exit_rcu+0x20/0x20
[ 104.914946][ C1]
[ 104.920307][ C0] irq_exit_rcu+0x5/0x20
[ 104.925935][ C1]
[ 104.930945][ C0] sysvec_apic_timer_interrupt+0xa0/0xc0
[ 104.935955][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 104.942361][ C0]
[ 104.950112][ C1] RIP: 0010:inet_twsk_purge+0x792/0x810
[ 104.955491][ C0]
[ 104.955502][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 104.960516][ C1] Code: c7 c2 e0 9f 08 8b e8 8d 6e 49 01 e8 c8 83 0f f9 e8 03 01 00 00 48 8b 54 24 30 48 89 d0 48 c1 e8 03 42 0f b6 04 28 84 c0 75 1a <48> 8b 44 24 38 ff c0 48 89 44 24 38 3b 02 77 27 e8 e9 f3 22 f9 e9
[ 104.966596][ C0] RIP: 0010:memset_erms+0xb/0x10
[ 104.971532][ C1] RSP: 0018:ffffc90002047a40 EFLAGS: 00000246
[ 104.976054][ C0] Code: 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 f3 aa <4c> 89 c8 c3 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 01 01 01
[ 104.981064][ C1]
[ 104.981071][ C1] RAX: 0000000000000000 RBX: ffffffff964b7760 RCX: 0298ce64642e2d00
[ 104.985646][ C0] RSP: 0018:ffffc90002dff8c0 EFLAGS: 00000202
[ 104.990136][ C1] RDX: ffffffff964b7770 RSI: ffffffff8a0b2ac0 RDI: ffffffff8a59a480
[ 104.994976][ C0]
[ 104.994981][ C0] RAX: 0000000000000000 RBX: ffffc90002dff988 RCX: 0000000000000000
[ 104.999637][ C1] RBP: ffffc90002047b50 R08: dffffc0000000000 R09: fffffbfff1ad323e
[ 105.004646][ C0] RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc90002dff9e8
[ 105.010129][ C1] R10: fffffbfff1ad323e R11: 1ffffffff1ad323d R12: 0000000000056f10
[ 105.016013][ C0] RBP: ffffc90002dff9d0 R08: dffffc0000000000 R09: ffffc90002dff9d8
[ 105.021463][ C1] R13: dffffc0000000000 R14: ffff88814ceb7880 R15: ffffffff8d4138a0
[ 105.027627][ C0] R10: fffff520005bff3d R11: 1ffff920005bff3b R12: 1ffffffff1ced3de
[ 105.032829][ C1] ? __inet_twsk_schedule+0x130/0x130
[ 105.037907][ C0] R13: dffffc0000000000 R14: ffffc90002dff9d8 R15: ffffc90002dff9bd
[ 105.042832][ C1] ? iput+0x706/0x8a0
[ 105.048021][ C0] unwind_next_frame+0xa3d/0x1d90
[ 105.053115][ C1] ? dccp_v6_exit_net+0x80/0x80
[ 105.058226][ C0] ? syscall_exit_to_user_mode+0x16/0x40
[ 105.063499][ C1] cleanup_net+0x77b/0xb80
[ 105.068777][ C0] ? stack_trace_save+0xe0/0xe0
[ 105.073962][ C1] ? ops_free_list+0x330/0x330
[ 105.078710][ C0] arch_stack_walk+0x10c/0x140
[ 105.084852][ C1] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 105.091350][ C0] ? do_syscall_64+0x58/0xa0
[ 105.096620][ C1] ? _raw_spin_unlock+0x40/0x40
[ 105.101545][ C0] ? kmem_cache_free+0x8f/0x210
[ 105.106992][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 105.112181][ C0] stack_trace_save+0x98/0xe0
[ 105.116759][ C1] process_one_work+0x863/0x1000
[ 105.121684][ C0] ? stack_trace_snprint+0xf0/0xf0
[ 105.131943][ C1] ? worker_detach_from_pool+0x240/0x240
[ 105.144086][ C0] ? slab_free_freelist_hook+0xea/0x170
[ 105.151540][ C1] ? lockdep_hardirqs_off+0x70/0x100
[ 105.156908][ C0] ? dput+0xd8/0x1a0
[ 105.162270][ C1] ? _raw_spin_lock_irq+0xab/0xe0
[ 105.166331][ C0] ? verify_lock_unused+0x140/0x140
[ 105.172908][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 105.179498][ C0] ? exit_to_user_mode_prepare+0xee/0x180
[ 105.183731][ C1] ? wq_worker_running+0x97/0x170
[ 105.191961][ C0] kasan_set_track+0x4b/0x70
[ 105.197175][ C1] worker_thread+0xaa8/0x12a0
[ 105.207404][ C0] ? kasan_set_track+0x4b/0x70
[ 105.217291][ C1] kthread+0x436/0x520
[ 105.226633][ C0] ? kasan_set_free_info+0x1f/0x40
[ 105.235837][ C1] ? rcu_lock_release+0x20/0x20
[ 105.244838][ C0] ? ____kasan_slab_free+0xd5/0x110
[ 105.254191][ C1] ? kthread_blkcg+0xd0/0xd0
[ 105.263467][ C0] ? slab_free_freelist_hook+0xea/0x170
[ 105.269352][ C1] ret_from_fork+0x1f/0x30
[ 105.276789][ C0] ? kmem_cache_free+0x8f/0x210
[ 105.286844][ C1]
[ 105.291586][ C0] ? __fput+0x627/0x930
[ 105.294880][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 105.297703][ C0] ? task_work_run+0x125/0x1a0
[ 105.302372][ C1] CPU: 1 PID: 155 Comm: kworker/u4:3 Not tainted syzkaller #0
[ 105.306860][ C0] ? exit_to_user_mode_loop+0x10f/0x130
[ 105.312129][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 105.317402][ C0] ? exit_to_user_mode_prepare+0xee/0x180
[ 105.322335][ C1] Workqueue: netns cleanup_net
[ 105.327259][ C0] ? syscall_exit_to_user_mode+0x16/0x40
[ 105.331924][ C1]
[ 105.331931][ C1] Call Trace:
[ 105.336536][ C0] kasan_set_free_info+0x1f/0x40
[ 105.340842][ C1]
[ 105.345156][ C0] ____kasan_slab_free+0xd5/0x110
[ 105.349996][ C1] dump_stack_lvl+0x168/0x230
[ 105.354490][ C0] slab_free_freelist_hook+0xea/0x170
[ 105.359671][ C1] ? show_regs_print_info+0x20/0x20
[ 105.364851][ C0] ? __fput+0x627/0x930
[ 105.369598][ C1] ? load_image+0x3b0/0x3b0
[ 105.374350][ C0] kmem_cache_free+0x8f/0x210
[ 105.379546][ C1] panic+0x2c9/0x7f0
[ 105.385433][ C0] __fput+0x627/0x930
[ 105.390271][ C1] ? bpf_jit_dump+0xd0/0xd0
[ 105.394766][ C0] task_work_run+0x125/0x1a0
[ 105.400469][ C1] ? ret_from_fork+0x1f/0x30
[ 105.406176][ C0] exit_to_user_mode_loop+0x10f/0x130
[ 105.411184][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 105.416206][ C0] exit_to_user_mode_prepare+0xee/0x180
[ 105.421561][ C1] __warn+0x248/0x2b0
[ 105.426311][ C0] syscall_exit_to_user_mode+0x16/0x40
[ 105.431494][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 105.437029][ C0] do_syscall_64+0x58/0xa0
[ 105.442745][ C1] report_bug+0x1b7/0x2e0
[ 105.447426][ C0] ? clear_bhb_loop+0x30/0x80
[ 105.452021][ C1] handle_bug+0x3a/0x70
[ 105.456162][ C0] ? clear_bhb_loop+0x30/0x80
[ 105.460565][ C1] exc_invalid_op+0x16/0x40
[ 105.464545][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 105.470162][ C1] asm_exc_invalid_op+0x16/0x20
[ 105.474661][ C0] RIP: 0033:0x7f91f3c4bdda
[ 105.480224][ C1] RIP: 0010:copy_from_user_nofault+0x160/0x1c0
[ 105.484634][ C0] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 03 7f 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 63 7f 02 00 8b 44 24
[ 105.489993][ C1] Code: 24 45 31 f6 31 ff 89 de e8 3d f7 d8 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 c0 f3 d8 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe
[ 105.495529][ C0] RSP: 002b:00007ffdbc52c6f0 EFLAGS: 00000293
[ 105.499587][ C1] RSP: 0018:ffffc90000dd0868 EFLAGS: 00010046
[ 105.503561][ C0] ORIG_RAX: 0000000000000003
[ 105.509094][ C1]
[ 105.509100][ C1] RAX: ffffffff819ed760 RBX: 0000000000000008 RCX: ffff88801d559dc0
[ 105.513410][ C0] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f91f3c4bdda
[ 105.517554][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 105.522062][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 105.526895][ C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff7819
[ 105.533118][ C0] RBP: 00007ffdbc52c7c8 R08: 00007f91f3bd0000 R09: 0000000000000001
[ 105.552807][ C1] R10: fffffbfff1ff7819 R11: 1ffffffff1ff7818 R12: ffff88801d55b548
[ 105.558883][ C0] R10: 0000000000000001 R11: 0000000000000293 R12: 000000000001999b
[ 105.566860][ C1] R13: 1ffff920001ba11c R14: ffffc90000dd08c8 R15: ffffffffb2ec0000
[ 105.574936][ C0] R13: 00007f91f3d7bf8c R14: 00007f91f3d7bf80 R15: 0000000000000226
[ 105.582951][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 105.590915][ C0]
[ 105.599005][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 105.604545][ C0] irq event stamp: 1529
[ 105.610066][ C1] bpf_probe_read_user+0x26/0x70
[ 105.614990][ C0] hardirqs last enabled at (1528): [] _raw_spin_unlock_irqrestore+0x82/0x100
[ 105.620531][ C1] bpf_prog_64e63e24eee51416+0x3a/0x300
[ 105.625198][ C0] hardirqs last disabled at (1529): [] _raw_spin_lock_irqsave+0x7f/0xf0
[ 105.630035][ C1] bpf_trace_run3+0x17e/0x320
[ 105.635913][ C0] softirqs last enabled at (1228): [] local_bh_enable+0x5/0x20
[ 105.640929][ C1] ? bpf_trace_run2+0x2d0/0x2d0
[ 105.646027][ C0] softirqs last disabled at (1493): [] __irq_exit_rcu+0x12f/0x220
[ 105.650607][ C1] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 105.655138][ C0] ---[ end trace 33e210b2143948d3 ]---
[ 105.659844][ C1] ? __lock_acquire+0x7c60/0x7c60
[ 107.305656][ C1] ? dsp_cmx_receive+0x13c0/0x13c0
[ 107.310775][ C1] enqueue_timer+0x394/0x520
[ 107.315371][ C1] __mod_timer+0x8e1/0xd20
[ 107.319810][ C1] dsp_cmx_send+0x1ab4/0x1b30
[ 107.324485][ C1] ? detach_timer+0x33/0x2b0
[ 107.329186][ C1] ? read_lock_is_recursive+0x10/0x10
[ 107.334569][ C1] ? dsp_cmx_receive+0x13c0/0x13c0
[ 107.339676][ C1] call_timer_fn+0x16c/0x530
[ 107.344264][ C1] ? dsp_cmx_receive+0x13c0/0x13c0
[ 107.349370][ C1] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 107.355346][ C1] ? __run_timers+0x7c0/0x7c0
[ 107.360028][ C1] ? rcu_is_watching+0x11/0xa0
[ 107.364787][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 107.370003][ C1] ? lockdep_hardirqs_on+0x94/0x140
[ 107.375198][ C1] ? dsp_cmx_receive+0x13c0/0x13c0
[ 107.380306][ C1] __run_timers+0x525/0x7c0
[ 107.384822][ C1] ? detach_timer+0x2b0/0x2b0
[ 107.389497][ C1] ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[ 107.395497][ C1] ? sched_clock_cpu+0x15/0x3c0
[ 107.400436][ C1] ? ktime_get_real_ts64+0x420/0x420
[ 107.405767][ C1] run_timer_softirq+0x63/0xf0
[ 107.410622][ C1] handle_softirqs+0x328/0x820
[ 107.415438][ C1] ? __irq_exit_rcu+0x12f/0x220
[ 107.420307][ C1] ? do_softirq+0x200/0x200
[ 107.424815][ C1] __irq_exit_rcu+0x12f/0x220
[ 107.429488][ C1] ? irq_exit_rcu+0x20/0x20
[ 107.433990][ C1] irq_exit_rcu+0x5/0x20
[ 107.438242][ C1] sysvec_apic_timer_interrupt+0xa0/0xc0
[ 107.443877][ C1]
[ 107.446890][ C1]
[ 107.449816][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 107.455810][ C1] RIP: 0010:inet_twsk_purge+0x792/0x810
[ 107.461374][ C1] Code: c7 c2 e0 9f 08 8b e8 8d 6e 49 01 e8 c8 83 0f f9 e8 03 01 00 00 48 8b 54 24 30 48 89 d0 48 c1 e8 03 42 0f b6 04 28 84 c0 75 1a <48> 8b 44 24 38 ff c0 48 89 44 24 38 3b 02 77 27 e8 e9 f3 22 f9 e9
[ 107.481219][ C1] RSP: 0018:ffffc90002047a40 EFLAGS: 00000246
[ 107.487310][ C1] RAX: 0000000000000000 RBX: ffffffff964b7760 RCX: 0298ce64642e2d00
[ 107.495301][ C1] RDX: ffffffff964b7770 RSI: ffffffff8a0b2ac0 RDI: ffffffff8a59a480
[ 107.503286][ C1] RBP: ffffc90002047b50 R08: dffffc0000000000 R09: fffffbfff1ad323e
[ 107.511523][ C1] R10: fffffbfff1ad323e R11: 1ffffffff1ad323d R12: 0000000000056f10
[ 107.519506][ C1] R13: dffffc0000000000 R14: ffff88814ceb7880 R15: ffffffff8d4138a0
[ 107.527512][ C1] ? __inet_twsk_schedule+0x130/0x130
[ 107.532930][ C1] ? iput+0x706/0x8a0
[ 107.537054][ C1] ? dccp_v6_exit_net+0x80/0x80
[ 107.541925][ C1] cleanup_net+0x77b/0xb80
[ 107.546367][ C1] ? ops_free_list+0x330/0x330
[ 107.551139][ C1] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 107.557037][ C1] ? _raw_spin_unlock+0x40/0x40
[ 107.561890][ C1] ? _raw_spin_unlock_irq+0x1f/0x40
[ 107.567096][ C1] process_one_work+0x863/0x1000
[ 107.572047][ C1] ? worker_detach_from_pool+0x240/0x240
[ 107.577693][ C1] ? lockdep_hardirqs_off+0x70/0x100
[ 107.582980][ C1] ? _raw_spin_lock_irq+0xab/0xe0
[ 107.588010][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 107.593387][ C1] ? wq_worker_running+0x97/0x170
[ 107.598412][ C1] worker_thread+0xaa8/0x12a0
[ 107.603114][ C1] kthread+0x436/0x520
[ 107.607301][ C1] ? rcu_lock_release+0x20/0x20
[ 107.612145][ C1] ? kthread_blkcg+0xd0/0xd0
[ 107.616825][ C1] ret_from_fork+0x1f/0x30
[ 107.621424][ C1]
[ 107.624758][ C1] Kernel Offset: disabled
[ 107.629092][ C1] Rebooting in 86400 seconds..