last executing test programs: 411.172103ms ago: executing program 0 (id=1): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000008c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0 #6 (hrtimer_bases.lock){-.-.}-{2:2}: [ 77.118186][ C0] _raw_spin_lock_irqsave+0xa4/0xf0 [ 77.118211][ C0] hrtimer_start_range_ns+0xff/0xc20 [ 77.118232][ C0] enqueue_task_rt+0x60c/0xc00 [ 77.118250][ C0] enqueue_task+0x182/0x2b0 [ 77.118269][ C0] __sched_setscheduler+0x1379/0x1be0 [ 77.118290][ C0] sched_set_fifo+0xbc/0x120 [ 77.118310][ C0] drm_vblank_worker_init+0x149/0x1a0 [ 77.118331][ C0] drm_vblank_init+0x265/0x330 [ 77.118350][ C0] vkms_init+0x31a/0x700 [ 77.118369][ C0] do_one_initcall+0x1ee/0x680 [ 77.118390][ C0] do_initcall_level+0x137/0x1f0 [ 77.118406][ C0] do_initcalls+0x4b/0x90 [ 77.118423][ C0] kernel_init_freeable+0x3ce/0x560 [ 77.118440][ C0] kernel_init+0x19/0x1b0 [ 77.118461][ C0] ret_from_fork+0x1f/0x30 [ 77.118479][ C0] [ 77.118479][ C0] -> #5 (&rt_b->rt_runtime_lock){-...}-{2:2}: [ 77.118505][ C0] _raw_spin_lock+0x2a/0x40 [ 77.118524][ C0] rq_online_rt+0x125/0x310 [ 77.118541][ C0] sched_cpu_activate+0x4ae/0x650 [ 77.118558][ C0] cpuhp_invoke_callback+0x431/0x830 [ 77.118579][ C0] cpuhp_thread_fun+0x39a/0x7d0 [ 77.118598][ C0] smpboot_thread_fn+0x4f6/0x970 [ 77.118618][ C0] kthread+0x436/0x520 [ 77.118634][ C0] ret_from_fork+0x1f/0x30 [ 77.118652][ C0] [ 77.118652][ C0] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 77.118684][ C0] _raw_spin_lock_nested+0x2e/0x40 [ 77.118706][ C0] raw_spin_rq_lock_nested+0x26/0x140 [ 77.118726][ C0] task_fork_fair+0x5c/0x350 [ 77.118740][ C0] sched_cgroup_fork+0x2c6/0x320 [ 77.118759][ C0] copy_process+0x22d1/0x3e00 [ 77.118777][ C0] kernel_clone+0x219/0x930 [ 77.118794][ C0] kernel_thread+0xc8/0x120 [ 77.118811][ C0] rest_init+0x21/0x330 [ 77.118830][ C0] start_kernel+0x486/0x530 [ 77.118845][ C0] secondary_startup_64_no_verify+0xb1/0xbb [ 77.118866][ C0] [ 77.118866][ C0] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 77.118889][ C0] _raw_spin_lock_irqsave+0xa4/0xf0 [ 77.118909][ C0] try_to_wake_up+0x5c/0x1050 [ 77.118928][ C0] __wake_up_common+0x2a4/0x4e0 [ 77.118948][ C0] __wake_up+0x108/0x180 [ 77.118967][ C0] tty_port_default_wakeup+0xa5/0xf0 [ 77.118988][ C0] serial8250_tx_chars+0x629/0x830 [ 77.119011][ C0] serial8250_handle_irq+0x519/0x610 [ 77.119032][ C0] serial8250_default_handle_irq+0xb4/0x1a0 [ 77.119047][ C0] serial8250_interrupt+0x9b/0x1c0 [ 77.119063][ C0] __handle_irq_event_percpu+0x291/0x9b0 [ 77.119080][ C0] handle_irq_event+0xa5/0x220 [ 77.119098][ C0] handle_edge_irq+0x243/0xb20 [ 77.119117][ C0] __common_interrupt+0xd7/0x1e0 [ 77.119138][ C0] common_interrupt+0x59/0xd0 [ 77.119157][ C0] asm_common_interrupt+0x22/0x40 [ 77.119174][ C0] [ 77.119174][ C0] -> #2 (&tty->write_wait){-...}-{2:2}: [ 77.119198][ C0] _raw_spin_lock_irqsave+0xa4/0xf0 [ 77.119220][ C0] __wake_up+0xed/0x180 [ 77.119238][ C0] tty_port_default_wakeup+0xa5/0xf0 [ 77.119258][ C0] serial8250_tx_chars+0x629/0x830 [ 77.119279][ C0] serial8250_handle_irq+0x519/0x610 [ 77.119301][ C0] serial8250_default_handle_irq+0xb4/0x1a0 [ 77.119320][ C0] serial8250_interrupt+0x9b/0x1c0 [ 77.119340][ C0] __handle_irq_event_percpu+0x291/0x9b0 [ 77.119360][ C0] handle_irq_event+0xa5/0x220 [ 77.119378][ C0] handle_edge_irq+0x243/0xb20 [ 77.119398][ C0] __common_interrupt+0xd7/0x1e0 [ 77.119415][ C0] common_interrupt+0xb0/0xd0 [ 77.119434][ C0] asm_common_interrupt+0x22/0x40 [ 77.119451][ C0] default_idle+0xb/0x10 [ 77.119469][ C0] default_idle_call+0x81/0xc0 [ 77.119490][ C0] do_idle+0x21b/0x5b0 [ 77.119509][ C0] cpu_startup_entry+0x14/0x20 [ 77.119528][ C0] start_kernel+0x486/0x530 [ 77.119545][ C0] secondary_startup_64_no_verify+0xb1/0xbb [ 77.119565][ C0] [ 77.119565][ C0] -> #1 (&port_lock_key){-...}-{2:2}: [ 77.119590][ C0] _raw_spin_lock_irqsave+0xa4/0xf0 [ 77.119611][ C0] serial8250_console_write+0x170/0xf80 [ 77.119634][ C0] console_unlock+0xc86/0x1200 [ 77.119654][ C0] vprintk_emit+0xc0/0x150 [ 77.119682][ C0] _printk+0xcc/0x110 [ 77.119698][ C0] register_console+0x682/0x960 [ 77.119715][ C0] univ8250_console_init+0x41/0x50 [ 77.119733][ C0] console_init+0x177/0x5d0 [ 77.119753][ C0] start_kernel+0x2f9/0x530 [ 77.119770][ C0] secondary_startup_64_no_verify+0xb1/0xbb [ 77.119790][ C0] [ 77.119790][ C0] -> #0 (console_owner){-...}-{0:0}: [ 77.119815][ C0] __lock_acquire+0x2c33/0x7c60 [ 77.119837][ C0] lock_acquire+0x197/0x3f0 [ 77.119857][ C0] console_trylock_spinning+0x170/0x350 [ 77.119878][ C0] vprintk_emit+0xa7/0x150 [ 77.119898][ C0] _printk+0xcc/0x110 [ 77.119912][ C0] report_bug+0x1e5/0x2e0 [ 77.119928][ C0] handle_bug+0x3a/0x70 [ 77.119946][ C0] exc_invalid_op+0x16/0x40 [ 77.119964][ C0] asm_exc_invalid_op+0x16/0x20 [ 77.119981][ C0] copy_from_user_nofault+0x160/0x1c0 [ 77.120003][ C0] bpf_probe_read_user+0x26/0x70 [ 77.120023][ C0] bpf_prog_02073d59a3c0f06f+0x3d/0xcf0 [ 77.120040][ C0] bpf_trace_run2+0x15b/0x2d0 [ 77.120055][ C0] enqueue_hrtimer+0x314/0x370 [ 77.120075][ C0] __hrtimer_run_queues+0x65a/0xc40 [ 77.120097][ C0] hrtimer_interrupt+0x3bb/0x8d0 [ 77.120116][ C0] __sysvec_apic_timer_interrupt+0x137/0x4a0 [ 77.120135][ C0] sysvec_apic_timer_interrupt+0x9b/0xc0 [ 77.120157][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 77.120176][ C0] lock_release+0x6/0x870 [ 77.120195][ C0] _raw_spin_unlock+0x12/0x40 [ 77.120214][ C0] d_instantiate+0x6b/0x90 [ 77.120234][ C0] alloc_file_pseudo+0x169/0x1f0 [ 77.120255][ C0] sock_alloc_file+0xb3/0x240 [ 77.120275][ C0] __sys_socket+0x11d/0x170 [ 77.120294][ C0] __x64_sys_socket+0x76/0x80 [ 77.120313][ C0] do_syscall_64+0x4c/0xa0 [ 77.120331][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 77.120355][ C0] [ 77.120355][ C0] other info that might help us debug this: [ 77.120355][ C0] [ 77.120361][ C0] Chain exists of: [ 77.120361][ C0] console_owner --> &rt_b->rt_runtime_lock --> hrtimer_bases.lock [ 77.120361][ C0] [ 77.120390][ C0] Possible unsafe locking scenario: [ 77.120390][ C0] [ 77.120394][ C0] CPU0 CPU1 [ 77.120399][ C0] ---- ---- [ 77.120402][ C0] lock(hrtimer_bases.lock); [ 77.120415][ C0] lock(&rt_b->rt_runtime_lock); [ 77.120427][ C0] lock(hrtimer_bases.lock); [ 77.120441][ C0] lock(console_owner); [ 77.120451][ C0] [ 77.120451][ C0] *** DEADLOCK *** [ 77.120451][ C0] [ 77.120455][ C0] 4 locks held by syz.0.7/4261: [ 77.120465][ C0] #0: ffff888060106760 (&sb->s_type->i_lock_key#8){+.+.}-{2:2}, at: d_instantiate+0x60/0x90 [ 77.120518][ C0] #1: ffff8880601d8510 (&dentry->d_lock){+.+.}-{2:2}, at: __d_instantiate+0x197/0x740 [ 77.120564][ C0] #2: ffff8880b902a218 (hrtimer_bases.lock){-.-.}-{2:2}, at: __hrtimer_run_queues+0x5ff/0xc40 [ 77.120612][ C0] #3: ffffffff8c11bfa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 77.120662][ C0] [ 77.120662][ C0] stack backtrace: [ 77.120679][ C0] CPU: 0 PID: 4261 Comm: syz.0.7 Not tainted 5.15.185-syzkaller #0 [ 77.120699][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 77.120719][ C0] Call Trace: [ 77.120728][ C0] [ 77.120737][ C0] dump_stack_lvl+0x168/0x230 [ 77.120757][ C0] ? load_image+0x3b0/0x3b0 [ 77.120776][ C0] ? show_regs_print_info+0x20/0x20 [ 77.120801][ C0] ? print_circular_bug+0x12b/0x1a0 [ 77.120823][ C0] check_noncircular+0x274/0x310 [ 77.120843][ C0] ? add_chain_block+0x940/0x940 [ 77.120861][ C0] ? lockdep_lock+0xdc/0x1e0 [ 77.120887][ C0] ? mark_lock+0x94/0x320 [ 77.120910][ C0] __lock_acquire+0x2c33/0x7c60 [ 77.120945][ C0] ? verify_lock_unused+0x140/0x140 [ 77.120969][ C0] ? verify_lock_unused+0x140/0x140 [ 77.120994][ C0] ? _prb_commit+0x289/0x340 [ 77.121016][ C0] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 77.121040][ C0] ? _raw_spin_unlock+0x40/0x40 [ 77.121066][ C0] lock_acquire+0x197/0x3f0 [ 77.121087][ C0] ? console_trylock_spinning+0x150/0x350 [ 77.121111][ C0] ? console_trylock_spinning+0x150/0x350 [ 77.121137][ C0] ? __lock_acquire+0x7c60/0x7c60 [ 77.121158][ C0] ? do_raw_spin_lock+0x11d/0x280 [ 77.121177][ C0] ? read_lock_is_recursive+0x10/0x10 [ 77.121201][ C0] ? __rwlock_init+0x140/0x140 [ 77.121221][ C0] ? do_raw_spin_unlock+0x11d/0x230 [ 77.121243][ C0] console_trylock_spinning+0x170/0x350 [ 77.121265][ C0] ? console_trylock_spinning+0x150/0x350 [ 77.121290][ C0] ? vprintk_emit+0x150/0x150 [ 77.121312][ C0] ? mark_lock+0x94/0x320 [ 77.121340][ C0] vprintk_emit+0xa7/0x150 [ 77.121364][ C0] _printk+0xcc/0x110 [ 77.121381][ C0] ? verify_lock_unused+0x140/0x140 [ 77.121405][ C0] ? load_image+0x3b0/0x3b0 [ 77.121425][ C0] ? verify_lock_unused+0x140/0x140 [ 77.121448][ C0] ? find_bug+0xa1/0x350 [ 77.121464][ C0] ? copy_from_user_nofault+0x160/0x1c0 [ 77.121487][ C0] ? copy_from_user_nofault+0x160/0x1c0 [ 77.121511][ C0] report_bug+0x1e5/0x2e0 [ 77.121532][ C0] handle_bug+0x3a/0x70 [ 77.121551][ C0] exc_invalid_op+0x16/0x40 [ 77.121572][ C0] asm_exc_invalid_op+0x16/0x20 [ 77.121596][ C0] RIP: 0010:copy_from_user_nofault+0x160/0x1c0 [ 77.121622][ C0] Code: 24 45 31 f6 31 ff 89 de e8 ad e2 d7 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 30 df d7 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe [ 77.121639][ C0] RSP: 0018:ffffc90000007ba0 EFLAGS: 00010006 [ 77.121667][ C0] RAX: ffffffff819fe2f0 RBX: 0000000000000008 RCX: ffff888025c21dc0 [ 77.121688][ C0] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000 [ 77.121701][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff3619 [ 77.121714][ C0] R10: fffffbfff1ff3619 R11: 1ffffffff1ff3618 R12: ffff888025c23548 [ 77.121730][ C0] R13: dffffc0000000000 R14: ffffc90000007c08 R15: 0000000000000000 [ 77.121748][ C0] ? copy_from_user_nofault+0x160/0x1c0 [ 77.121776][ C0] bpf_probe_read_user+0x26/0x70 [ 77.121800][ C0] bpf_prog_02073d59a3c0f06f+0x3d/0xcf0 [ 77.121818][ C0] bpf_trace_run2+0x15b/0x2d0 [ 77.121837][ C0] ? posix_cpu_timers_work+0x1120/0x1120 [ 77.121862][ C0] ? bpf_trace_run1+0x2d0/0x2d0 [ 77.121881][ C0] ? debug_object_activate+0x2d2/0x480 [ 77.121901][ C0] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 77.121925][ C0] enqueue_hrtimer+0x314/0x370 [ 77.121948][ C0] __hrtimer_run_queues+0x65a/0xc40 [ 77.121975][ C0] ? tick_setup_sched_timer+0x2c0/0x2c0 [ 77.122004][ C0] ? hrtimer_interrupt+0x8d0/0x8d0 [ 77.122027][ C0] ? ktime_get_update_offsets_now+0x3ce/0x3e0 [ 77.122052][ C0] hrtimer_interrupt+0x3bb/0x8d0 [ 77.122087][ C0] __sysvec_apic_timer_interrupt+0x137/0x4a0 [ 77.122108][ C0] sysvec_apic_timer_interrupt+0x9b/0xc0 [ 77.122132][ C0] [ 77.122136][ C0] [ 77.122143][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 77.122164][ C0] RIP: 0010:lock_release+0x6/0x870 [ 77.122186][ C0] Code: c1 03 38 c1 0f 8c c1 f8 ff ff 48 89 df e8 22 d3 60 00 e9 b4 f8 ff ff bb 2f 00 00 00 e9 ca f8 ff ff 0f 1f 00 55 48 89 e5 41 57 <41> 56 41 55 41 54 53 48 83 e4 e0 48 81 ec e0 00 00 00 48 89 74 24 [ 77.122202][ C0] RSP: 0018:ffffc9000328fd58 EFLAGS: 00000292 [ 77.122218][ C0] RAX: 0000000040500000 RBX: ffff8880601d84f8 RCX: 0000000040500000 [ 77.122231][ C0] RDX: 0000000000000002 RSI: ffffffff81cd903b RDI: ffff8880601d8510 [ 77.122244][ C0] RBP: ffffc9000328fd60 R08: dffffc0000000000 R09: ffffed100c03b0a0 [ 77.122260][ C0] R10: ffffed100c03b0a0 R11: 1ffff1100c03b09f R12: ffff888140764da0 [ 77.122276][ C0] R13: ffff8880601d8468 R14: ffff8880601d8468 R15: ffff888060106748 [ 77.122296][ C0] ? d_instantiate+0x6b/0x90 [ 77.122320][ C0] _raw_spin_unlock+0x12/0x40 [ 77.122342][ C0] d_instantiate+0x6b/0x90 [ 77.122359][ C0] alloc_file_pseudo+0x169/0x1f0 [ 77.122377][ C0] ? alloc_empty_file_noaccount+0x80/0x80 [ 77.122396][ C0] ? alloc_fd+0x598/0x630 [ 77.122411][ C0] sock_alloc_file+0xb3/0x240 [ 77.122431][ C0] __sys_socket+0x11d/0x170 [ 77.122452][ C0] __x64_sys_socket+0x76/0x80 [ 77.122472][ C0] do_syscall_64+0x4c/0xa0 [ 77.122489][ C0] ? clear_bhb_loop+0x30/0x80 [ 77.122505][ C0] ? clear_bhb_loop+0x30/0x80 [ 77.122519][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 77.122540][ C0] RIP: 0033:0x7fe70dd59929 [ 77.122554][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.122566][ C0] RSP: 002b:00007fe70bbc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 77.122583][ C0] RAX: ffffffffffffffda RBX: 00007fe70df80fa0 RCX: 00007fe70dd59929 [ 77.122596][ C0] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 77.122608][ C0] RBP: 00007fe70dddbb39 R08: 0000000000000000 R09: 0000000000000000 [ 77.122620][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 77.122631][ C0] R13: 0000000000000000 R14: 00007fe70df80fa0 R15: 00007ffcdbf7ea88 [ 77.122650][ C0] [ 77.123131][ T4172] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.128141][ C0] WARNING: CPU: 0 PID: 4261 at mm/maccess.c:226 copy_from_user_nofault+0x160/0x1c0 [ 77.128181][ C0] Modules linked in: [ 77.128191][ C0] CPU: 0 PID: 4261 Comm: syz.0.7 Not tainted 5.15.185-syzkaller #0 [ 77.128209][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 77.128220][ C0] RIP: 0010:copy_from_user_nofault+0x160/0x1c0 [ 77.128244][ C0] Code: 24 45 31 f6 31 ff 89 de e8 ad e2 d7 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 30 df d7 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe [ 77.128258][ C0] RSP: 0018:ffffc90000007ba0 EFLAGS: 00010006 [ 77.128275][ C0] RAX: ffffffff819fe2f0 RBX: 0000000000000008 RCX: ffff888025c21dc0 [ 78.630913][ C0] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000 [ 78.638883][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff3619 [ 78.646855][ C0] R10: fffffbfff1ff3619 R11: 1ffffffff1ff3618 R12: ffff888025c23548 [ 78.654848][ C0] R13: dffffc0000000000 R14: ffffc90000007c08 R15: 0000000000000000 [ 78.662812][ C0] FS: 00007fe70bbc16c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 78.671916][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 78.678509][ C0] CR2: 0000000000000000 CR3: 000000002b7d9000 CR4: 00000000003506f0 [ 78.686493][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 78.694579][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 78.702555][ C0] Call Trace: [ 78.705837][ C0] [ 78.708681][ C0] bpf_probe_read_user+0x26/0x70 [ 78.713624][ C0] bpf_prog_02073d59a3c0f06f+0x3d/0xcf0 [ 78.719166][ C0] bpf_trace_run2+0x15b/0x2d0 [ 78.723848][ C0] ? posix_cpu_timers_work+0x1120/0x1120 [ 78.729568][ C0] ? bpf_trace_run1+0x2d0/0x2d0 [ 78.734411][ C0] ? debug_object_activate+0x2d2/0x480 [ 78.739864][ C0] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 78.745233][ C0] enqueue_hrtimer+0x314/0x370 [ 78.750015][ C0] __hrtimer_run_queues+0x65a/0xc40 [ 78.755244][ C0] ? tick_setup_sched_timer+0x2c0/0x2c0 [ 78.760877][ C0] ? hrtimer_interrupt+0x8d0/0x8d0 [ 78.765989][ C0] ? ktime_get_update_offsets_now+0x3ce/0x3e0 [ 78.772055][ C0] hrtimer_interrupt+0x3bb/0x8d0 [ 78.777111][ C0] __sysvec_apic_timer_interrupt+0x137/0x4a0 [ 78.783140][ C0] sysvec_apic_timer_interrupt+0x9b/0xc0 [ 78.788795][ C0] [ 78.791849][ C0] [ 78.794918][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 78.800930][ C0] RIP: 0010:lock_release+0x6/0x870 [ 78.806050][ C0] Code: c1 03 38 c1 0f 8c c1 f8 ff ff 48 89 df e8 22 d3 60 00 e9 b4 f8 ff ff bb 2f 00 00 00 e9 ca f8 ff ff 0f 1f 00 55 48 89 e5 41 57 <41> 56 41 55 41 54 53 48 83 e4 e0 48 81 ec e0 00 00 00 48 89 74 24 [ 78.825850][ C0] RSP: 0018:ffffc9000328fd58 EFLAGS: 00000292 [ 78.832107][ C0] RAX: 0000000040500000 RBX: ffff8880601d84f8 RCX: 0000000040500000 [ 78.840122][ C0] RDX: 0000000000000002 RSI: ffffffff81cd903b RDI: ffff8880601d8510 [ 78.848092][ C0] RBP: ffffc9000328fd60 R08: dffffc0000000000 R09: ffffed100c03b0a0 [ 78.856058][ C0] R10: ffffed100c03b0a0 R11: 1ffff1100c03b09f R12: ffff888140764da0 [ 78.864028][ C0] R13: ffff8880601d8468 R14: ffff8880601d8468 R15: ffff888060106748 [ 78.872265][ C0] ? d_instantiate+0x6b/0x90 [ 78.877041][ C0] _raw_spin_unlock+0x12/0x40 [ 78.881756][ C0] d_instantiate+0x6b/0x90 [ 78.886187][ C0] alloc_file_pseudo+0x169/0x1f0 [ 78.891283][ C0] ? alloc_empty_file_noaccount+0x80/0x80 [ 78.897139][ C0] ? alloc_fd+0x598/0x630 [ 78.901481][ C0] sock_alloc_file+0xb3/0x240 [ 78.906165][ C0] __sys_socket+0x11d/0x170 [ 78.910671][ C0] __x64_sys_socket+0x76/0x80 [ 78.915352][ C0] do_syscall_64+0x4c/0xa0 [ 78.919768][ C0] ? clear_bhb_loop+0x30/0x80 [ 78.924475][ C0] ? clear_bhb_loop+0x30/0x80 [ 78.929150][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 78.935499][ C0] RIP: 0033:0x7fe70dd59929 [ 78.939927][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.959677][ C0] RSP: 002b:00007fe70bbc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 78.968214][ C0] RAX: ffffffffffffffda RBX: 00007fe70df80fa0 RCX: 00007fe70dd59929 [ 78.976296][ C0] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 78.984940][ C0] RBP: 00007fe70dddbb39 R08: 0000000000000000 R09: 0000000000000000 [ 78.993150][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 79.001162][ C0] R13: 0000000000000000 R14: 00007fe70df80fa0 R15: 00007ffcdbf7ea88 [ 79.009173][ C0] [ 79.012200][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 79.019651][ C0] CPU: 0 PID: 4261 Comm: syz.0.7 Not tainted 5.15.185-syzkaller #0 [ 79.027767][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 79.038003][ C0] Call Trace: [ 79.041299][ C0] [ 79.044140][ C0] dump_stack_lvl+0x168/0x230 [ 79.048817][ C0] ? show_regs_print_info+0x20/0x20 [ 79.054008][ C0] ? load_image+0x3b0/0x3b0 [ 79.058664][ C0] panic+0x2c9/0x7f0 [ 79.062691][ C0] ? bpf_jit_dump+0xd0/0xd0 [ 79.067311][ C0] ? copy_from_user_nofault+0x160/0x1c0 [ 79.072882][ C0] __warn+0x248/0x2b0 [ 79.076892][ C0] ? copy_from_user_nofault+0x160/0x1c0 [ 79.082467][ C0] report_bug+0x1b7/0x2e0 [ 79.086968][ C0] handle_bug+0x3a/0x70 [ 79.091350][ C0] exc_invalid_op+0x16/0x40 [ 79.096024][ C0] asm_exc_invalid_op+0x16/0x20 [ 79.100889][ C0] RIP: 0010:copy_from_user_nofault+0x160/0x1c0 [ 79.107232][ C0] Code: 24 45 31 f6 31 ff 89 de e8 ad e2 d7 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 30 df d7 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe [ 79.127649][ C0] RSP: 0018:ffffc90000007ba0 EFLAGS: 00010006 [ 79.134468][ C0] RAX: ffffffff819fe2f0 RBX: 0000000000000008 RCX: ffff888025c21dc0 [ 79.142863][ C0] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000 [ 79.152279][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff3619 [ 79.160522][ C0] R10: fffffbfff1ff3619 R11: 1ffffffff1ff3618 R12: ffff888025c23548 [ 79.168508][ C0] R13: dffffc0000000000 R14: ffffc90000007c08 R15: 0000000000000000 [ 79.176783][ C0] ? copy_from_user_nofault+0x160/0x1c0 [ 79.182428][ C0] bpf_probe_read_user+0x26/0x70 [ 79.187374][ C0] bpf_prog_02073d59a3c0f06f+0x3d/0xcf0 [ 79.192929][ C0] bpf_trace_run2+0x15b/0x2d0 [ 79.197706][ C0] ? posix_cpu_timers_work+0x1120/0x1120 [ 79.203442][ C0] ? bpf_trace_run1+0x2d0/0x2d0 [ 79.208291][ C0] ? debug_object_activate+0x2d2/0x480 [ 79.213742][ C0] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 79.219139][ C0] enqueue_hrtimer+0x314/0x370 [ 79.223903][ C0] __hrtimer_run_queues+0x65a/0xc40 [ 79.229224][ C0] ? tick_setup_sched_timer+0x2c0/0x2c0 [ 79.234798][ C0] ? hrtimer_interrupt+0x8d0/0x8d0 [ 79.240113][ C0] ? ktime_get_update_offsets_now+0x3ce/0x3e0 [ 79.246196][ C0] hrtimer_interrupt+0x3bb/0x8d0 [ 79.251158][ C0] __sysvec_apic_timer_interrupt+0x137/0x4a0 [ 79.257140][ C0] sysvec_apic_timer_interrupt+0x9b/0xc0 [ 79.262787][ C0] [ 79.265727][ C0] [ 79.268679][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 79.274779][ C0] RIP: 0010:lock_release+0x6/0x870 [ 79.279905][ C0] Code: c1 03 38 c1 0f 8c c1 f8 ff ff 48 89 df e8 22 d3 60 00 e9 b4 f8 ff ff bb 2f 00 00 00 e9 ca f8 ff ff 0f 1f 00 55 48 89 e5 41 57 <41> 56 41 55 41 54 53 48 83 e4 e0 48 81 ec e0 00 00 00 48 89 74 24 [ 79.299689][ C0] RSP: 0018:ffffc9000328fd58 EFLAGS: 00000292 [ 79.305758][ C0] RAX: 0000000040500000 RBX: ffff8880601d84f8 RCX: 0000000040500000 [ 79.313726][ C0] RDX: 0000000000000002 RSI: ffffffff81cd903b RDI: ffff8880601d8510 [ 79.321708][ C0] RBP: ffffc9000328fd60 R08: dffffc0000000000 R09: ffffed100c03b0a0 [ 79.329692][ C0] R10: ffffed100c03b0a0 R11: 1ffff1100c03b09f R12: ffff888140764da0 [ 79.337660][ C0] R13: ffff8880601d8468 R14: ffff8880601d8468 R15: ffff888060106748 [ 79.345712][ C0] ? d_instantiate+0x6b/0x90 [ 79.350321][ C0] _raw_spin_unlock+0x12/0x40 [ 79.355021][ C0] d_instantiate+0x6b/0x90 [ 79.359547][ C0] alloc_file_pseudo+0x169/0x1f0 [ 79.364581][ C0] ? alloc_empty_file_noaccount+0x80/0x80 [ 79.370435][ C0] ? alloc_fd+0x598/0x630 [ 79.375054][ C0] sock_alloc_file+0xb3/0x240 [ 79.379802][ C0] __sys_socket+0x11d/0x170 [ 79.384355][ C0] __x64_sys_socket+0x76/0x80 [ 79.389164][ C0] do_syscall_64+0x4c/0xa0 [ 79.393585][ C0] ? clear_bhb_loop+0x30/0x80 [ 79.398286][ C0] ? clear_bhb_loop+0x30/0x80 [ 79.403242][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 79.409168][ C0] RIP: 0033:0x7fe70dd59929 [ 79.413591][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.433197][ C0] RSP: 002b:00007fe70bbc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 79.441621][ C0] RAX: ffffffffffffffda RBX: 00007fe70df80fa0 RCX: 00007fe70dd59929 [ 79.449725][ C0] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 79.457826][ C0] RBP: 00007fe70dddbb39 R08: 0000000000000000 R09: 0000000000000000 [ 79.465799][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 79.473856][ C0] R13: 0000000000000000 R14: 00007fe70df80fa0 R15: 00007ffcdbf7ea88 [ 79.481837][ C0] [ 79.485089][ C0] Kernel Offset: disabled [ 79.489439][ C0] Rebooting in 86400 seconds..