[ 76.302826][ T7] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.1.223' (ED25519) to the list of known hosts.
2025/07/15 08:55:02 ignoring optional flag "sandboxArg"="0"
2025/07/15 08:55:02 ignoring optional flag "type"="gce"
2025/07/15 08:55:02 parsed 1 programs
[ 82.819291][ T4590] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 84.213459][ T1278] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 84.221512][ T1278] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 84.234543][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 84.236414][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 84.243515][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 84.260376][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 84.914541][ T4642] chnl_net:caif_netlink_parms(): no params data found
[ 84.964821][ T4642] bridge0: port 1(bridge_slave_0) entered blocking state
[ 84.973049][ T4642] bridge0: port 1(bridge_slave_0) entered disabled state
[ 84.981017][ T4642] device bridge_slave_0 entered promiscuous mode
[ 84.989932][ T4642] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.004433][ T4642] bridge0: port 2(bridge_slave_1) entered disabled state
[ 85.012964][ T4642] device bridge_slave_1 entered promiscuous mode
[ 85.038344][ T4642] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 85.051024][ T4642] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 85.079867][ T4642] team0: Port device team_slave_0 added
[ 85.087619][ T4642] team0: Port device team_slave_1 added
[ 85.109419][ T4642] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 85.117632][ T4642] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 85.143767][ T4642] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 85.156106][ T4642] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 85.164130][ T4642] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 85.191383][ T4642] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 85.228714][ T4642] device hsr_slave_0 entered promiscuous mode
[ 85.236528][ T4642] device hsr_slave_1 entered promiscuous mode
[ 85.755662][ T4642] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 85.764858][ T4642] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 85.776945][ T4642] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 85.786245][ T4642] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 85.845422][ T4642] 8021q: adding VLAN 0 to HW filter on device bond0
[ 85.860053][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 85.868587][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 85.878592][ T4642] 8021q: adding VLAN 0 to HW filter on device team0
[ 85.888549][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 85.897914][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 85.907449][ T4618] bridge0: port 1(bridge_slave_0) entered blocking state
[ 85.914555][ T4618] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 85.932250][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 85.940505][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 85.949477][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 85.958704][ T4618] bridge0: port 2(bridge_slave_1) entered blocking state
[ 85.965819][ T4618] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 85.976326][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 85.991226][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 86.013769][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 86.023760][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 86.035242][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 86.045870][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 86.055339][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 86.064030][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 86.076236][ T4642] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 86.087699][ T4642] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 86.096918][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 86.105358][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 86.114161][ T4618] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 86.286936][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 86.294932][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 86.307440][ T4642] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 86.325957][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 86.335144][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 86.374117][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 86.383347][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 86.394925][ T4642] device veth0_vlan entered promiscuous mode
[ 86.403500][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 86.412733][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 86.423509][ T4642] device veth1_vlan entered promiscuous mode
[ 86.464601][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 86.477565][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 86.486187][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 86.496157][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 86.507419][ T4642] device veth0_macvtap entered promiscuous mode
[ 86.539054][ T4642] device veth1_macvtap entered promiscuous mode
[ 86.563090][ T4642] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 86.570643][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 86.580709][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 86.588936][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 86.597846][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 86.610448][ T4642] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 86.619400][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 86.629601][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 86.660263][ T4642] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.679884][ T4642] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.689070][ T4642] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 86.698321][ T4642] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/07/15 08:55:09 executed programs: 0
[ 87.643263][ T4768] chnl_net:caif_netlink_parms(): no params data found
[ 87.765725][ T4768] bridge0: port 1(bridge_slave_0) entered blocking state
[ 87.781788][ T4768] bridge0: port 1(bridge_slave_0) entered disabled state
[ 87.789816][ T4768] device bridge_slave_0 entered promiscuous mode
[ 87.805906][ T4768] bridge0: port 2(bridge_slave_1) entered blocking state
[ 87.812994][ T4768] bridge0: port 2(bridge_slave_1) entered disabled state
[ 87.820861][ T4768] device bridge_slave_1 entered promiscuous mode
[ 87.854660][ T4768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 87.868569][ T4768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 87.897655][ T4768] team0: Port device team_slave_0 added
[ 87.907366][ T4768] team0: Port device team_slave_1 added
[ 87.931557][ T4768] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 87.938686][ T4768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 87.988574][ T4768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 88.000839][ T4768] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 88.015481][ T4768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 88.041915][ T4768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 88.080390][ T4768] device hsr_slave_0 entered promiscuous mode
[ 88.104885][ T4768] device hsr_slave_1 entered promiscuous mode
[ 88.121812][ T4768] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 88.129385][ T4768] Cannot create hsr debugfs directory
[ 88.257872][ T4768] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 89.502478][ T4819] Bluetooth: hci0: command 0x0409 tx timeout
[ 90.867007][ T4768] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 91.285828][ T4768] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 91.347391][ T4768] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 91.417454][ T4768] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 91.426097][ T4768] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 91.435881][ T4768] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 91.450769][ T4768] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 91.489308][ T4768] 8021q: adding VLAN 0 to HW filter on device bond0
[ 91.507703][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 91.515399][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 91.525354][ T4768] 8021q: adding VLAN 0 to HW filter on device team0
[ 91.535206][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 91.543998][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 91.552518][ T154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 91.559811][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 91.567455][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 91.582082][ T4670] Bluetooth: hci0: command 0x041b tx timeout
[ 91.590103][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 91.599002][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 91.607646][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 91.614717][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 91.630249][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 91.642771][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 91.651188][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 91.661093][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 91.670166][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 91.680713][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 91.689406][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 91.706686][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 91.714955][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 91.725294][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 91.734631][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 91.751226][ T4768] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 91.820346][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 91.828460][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 91.839444][ T4768] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 91.860752][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 91.870632][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 91.886407][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 91.895146][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 91.904183][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 91.911897][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 91.927232][ T4768] device veth0_vlan entered promiscuous mode
[ 91.938158][ T4768] device veth1_vlan entered promiscuous mode
[ 91.954781][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 91.963064][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 91.970981][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 91.979921][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 91.990812][ T4768] device veth0_macvtap entered promiscuous mode
[ 92.000799][ T1288] device hsr_slave_0 left promiscuous mode
[ 92.007441][ T1288] device hsr_slave_1 left promiscuous mode
[ 92.014032][ T1288] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 92.021415][ T1288] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 92.029001][ T1288] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 92.036717][ T1288] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 92.044339][ T1288] device bridge_slave_1 left promiscuous mode
[ 92.050488][ T1288] bridge0: port 2(bridge_slave_1) entered disabled state
[ 92.058695][ T1288] device bridge_slave_0 left promiscuous mode
[ 92.065695][ T1288] bridge0: port 1(bridge_slave_0) entered disabled state
[ 92.075817][ T1288] device veth1_macvtap left promiscuous mode
[ 92.082036][ T1288] device veth0_macvtap left promiscuous mode
[ 92.088069][ T1288] device veth1_vlan left promiscuous mode
[ 92.094337][ T1288] device veth0_vlan left promiscuous mode
[ 92.190990][ T1288] team0 (unregistering): Port device team_slave_1 removed
[ 92.204856][ T1288] team0 (unregistering): Port device team_slave_0 removed
[ 92.215515][ T1288] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 92.229048][ T1288] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 92.268957][ T1288] bond0 (unregistering): Released all slaves
[ 92.315409][ T4768] device veth1_macvtap entered promiscuous mode
[ 92.330045][ T4768] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 92.337621][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 92.345859][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 92.353739][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 92.362449][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 92.376651][ T4768] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 92.392643][ T4768] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.401477][ T4768] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.411331][ T4768] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.420055][ T4768] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 92.430887][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 92.439671][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 92.494646][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 92.503667][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.518179][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 92.533715][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
2025/07/15 08:55:14 executed programs: 2
[ 92.553117][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 92.561324][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 93.511793][ C1] ------------[ cut here ]------------
[ 93.511792][ C0] ------------[ cut here ]------------
[ 93.512511][ C1] WARNING: CPU: 1 PID: 5109 at mm/maccess.c:226 copy_from_user_nofault+0x160/0x1c0
[ 93.512548][ C1] Modules linked in:
[ 93.512566][ C1] CPU: 1 PID: 5109 Comm: syz.0.49 Not tainted 5.15.188-syzkaller #0
[ 93.512579][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 93.512594][ C1] RIP: 0010:copy_from_user_nofault+0x160/0x1c0
[ 93.512612][ C1] Code: 24 45 31 f6 31 ff 89 de e8 2d e2 d7 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 b0 de d7 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe
[ 93.512624][ C1] RSP: 0018:ffffc90000dd0ba0 EFLAGS: 00010006
[ 93.512639][ C1] RAX: ffffffff819ff470 RBX: 0000000000000008 RCX: ffff888027690000
[ 93.512650][ C1] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000
[ 93.512693][ C1]
[ 93.512696][ C1] ======================================================
[ 93.512699][ C1] WARNING: possible circular locking dependency detected
[ 93.512706][ C1] 5.15.188-syzkaller #0 Not tainted
[ 93.512711][ C1] ------------------------------------------------------
[ 93.512714][ C1] syz.0.49/5109 is trying to acquire lock:
[ 93.512720][ C1] ffffffff8c110da0 (console_owner){-...}-{0:0}, at: console_trylock_spinning+0x150/0x350
[ 93.512754][ C1]
[ 93.512754][ C1] but task is already holding lock:
[ 93.512757][ C1] ffff8880b912a218 (hrtimer_bases.lock){-.-.}-{2:2}, at: __hrtimer_run_queues+0x5ff/0xc40
[ 93.512788][ C1]
[ 93.512788][ C1] which lock already depends on the new lock.
[ 93.512788][ C1]
[ 93.512791][ C1]
[ 93.512791][ C1] the existing dependency chain (in reverse order) is:
[ 93.512795][ C1]
[ 93.512795][ C1] -> #6 (hrtimer_bases.lock){-.-.}-{2:2}:
[ 93.512812][ C1] _raw_spin_lock_irqsave+0xa4/0xf0
[ 93.512826][ C1] hrtimer_start_range_ns+0xff/0xc20
[ 93.512839][ C1] enqueue_task_rt+0x60c/0xc00
[ 93.512851][ C1] enqueue_task+0x182/0x2b0
[ 93.512864][ C1] __sched_setscheduler+0x1379/0x1be0
[ 93.512878][ C1] sched_set_fifo+0xbc/0x120
[ 93.512891][ C1] drm_vblank_worker_init+0x149/0x1a0
[ 93.512905][ C1] drm_vblank_init+0x265/0x330
[ 93.512918][ C1] vkms_init+0x31a/0x700
[ 93.512931][ C1] do_one_initcall+0x1ee/0x680
[ 93.512943][ C1] do_initcall_level+0x137/0x1f0
[ 93.512954][ C1] do_initcalls+0x4b/0x90
[ 93.512964][ C1] kernel_init_freeable+0x3ce/0x560
[ 93.512975][ C1] kernel_init+0x19/0x1b0
[ 93.512989][ C1] ret_from_fork+0x1f/0x30
[ 93.513001][ C1]
[ 93.513001][ C1] -> #5 (&rt_b->rt_runtime_lock){-...}-{2:2}:
[ 93.513018][ C1] _raw_spin_lock+0x2a/0x40
[ 93.513029][ C1] rq_online_rt+0x125/0x310
[ 93.513046][ C1] sched_cpu_activate+0x4ae/0x650
[ 93.513057][ C1] cpuhp_invoke_callback+0x431/0x830
[ 93.513072][ C1] cpuhp_thread_fun+0x39a/0x7d0
[ 93.513085][ C1] smpboot_thread_fn+0x4f6/0x970
[ 93.513100][ C1] kthread+0x436/0x520
[ 93.513109][ C1] ret_from_fork+0x1f/0x30
[ 93.513122][ C1]
[ 93.513122][ C1] -> #4 (&rq->__lock){-.-.}-{2:2}:
[ 93.513138][ C1] _raw_spin_lock_nested+0x2e/0x40
[ 93.513149][ C1] raw_spin_rq_lock_nested+0x26/0x140
[ 93.513162][ C1] task_fork_fair+0x5c/0x350
[ 93.513172][ C1] sched_cgroup_fork+0x2c6/0x320
[ 93.513185][ C1] copy_process+0x22d1/0x3e00
[ 93.513196][ C1] kernel_clone+0x219/0x930
[ 93.513207][ C1] kernel_thread+0xc8/0x120
[ 93.513218][ C1] rest_init+0x21/0x330
[ 93.513229][ C1] start_kernel+0x486/0x530
[ 93.513239][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 93.513253][ C1]
[ 93.513253][ C1] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[ 93.513269][ C1] _raw_spin_lock_irqsave+0xa4/0xf0
[ 93.513280][ C1] try_to_wake_up+0x5c/0x1050
[ 93.513291][ C1] __wake_up_common+0x2a4/0x4e0
[ 93.513303][ C1] __wake_up+0x108/0x180
[ 93.513315][ C1] tty_port_default_wakeup+0xa5/0xf0
[ 93.513329][ C1] serial8250_tx_chars+0x629/0x830
[ 93.513343][ C1] serial8250_handle_irq+0x519/0x610
[ 93.513356][ C1] serial8250_default_handle_irq+0xb4/0x1a0
[ 93.513368][ C1] serial8250_interrupt+0x9b/0x1c0
[ 93.513381][ C1] __handle_irq_event_percpu+0x291/0x9b0
[ 93.513394][ C1] handle_irq_event+0xa5/0x220
[ 93.513406][ C1] handle_edge_irq+0x243/0xb20
[ 93.513419][ C1] __common_interrupt+0xd7/0x1e0
[ 93.513430][ C1] common_interrupt+0xb0/0xd0
[ 93.513442][ C1] asm_common_interrupt+0x22/0x40
[ 93.513454][ C1] __percpu_counter_compare+0x0/0x130
[ 93.513469][ C1] shmem_alloc_and_acct_page+0x235/0xb70
[ 93.513481][ C1] shmem_getpage_gfp+0x14f4/0x2d40
[ 93.513495][ C1] shmem_write_begin+0xcd/0x1a0
[ 93.513508][ C1] generic_perform_write+0x2aa/0x530
[ 93.513520][ C1] __generic_file_write_iter+0x25f/0x4e0
[ 93.513533][ C1] generic_file_write_iter+0xa6/0x1b0
[ 93.513545][ C1] vfs_write+0x712/0xd00
[ 93.513557][ C1] ksys_write+0x14d/0x250
[ 93.513568][ C1] do_syscall_64+0x4c/0xa0
[ 93.513579][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 93.513592][ C1]
[ 93.513592][ C1] -> #2 (&tty->write_wait){-...}-{2:2}:
[ 93.513609][ C1] _raw_spin_lock_irqsave+0xa4/0xf0
[ 93.513619][ C1] __wake_up+0xed/0x180
[ 93.513632][ C1] tty_port_default_wakeup+0xa5/0xf0
[ 93.513645][ C1] serial8250_tx_chars+0x629/0x830
[ 93.513658][ C1] serial8250_handle_irq+0x519/0x610
[ 93.513672][ C1] serial8250_default_handle_irq+0xb4/0x1a0
[ 93.513684][ C1] serial8250_interrupt+0x9b/0x1c0
[ 93.513697][ C1] __handle_irq_event_percpu+0x291/0x9b0
[ 93.513709][ C1] handle_irq_event+0xa5/0x220
[ 93.513720][ C1] handle_edge_irq+0x243/0xb20
[ 93.513733][ C1] __common_interrupt+0xd7/0x1e0
[ 93.513745][ C1] common_interrupt+0xb0/0xd0
[ 93.513756][ C1] asm_common_interrupt+0x22/0x40
[ 93.513768][ C1] _raw_spin_unlock_irqrestore+0xa5/0x100
[ 93.513780][ C1] uart_write+0x62f/0x880
[ 93.513792][ C1] n_tty_write+0xd21/0x1210
[ 93.513803][ C1] file_tty_write+0x557/0x910
[ 93.513813][ C1] vfs_write+0x712/0xd00
[ 93.513824][ C1] ksys_write+0x14d/0x250
[ 93.513835][ C1] do_syscall_64+0x4c/0xa0
[ 93.513847][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 93.513860][ C1]
[ 93.513860][ C1] -> #1 (&port_lock_key){-...}-{2:2}:
[ 93.513876][ C1] _raw_spin_lock_irqsave+0xa4/0xf0
[ 93.513887][ C1] serial8250_console_write+0x170/0xf80
[ 93.513901][ C1] console_unlock+0xc86/0x1200
[ 93.513914][ C1] vprintk_emit+0xc0/0x150
[ 93.513927][ C1] _printk+0xcc/0x110
[ 93.513941][ C1] register_console+0x682/0x960
[ 93.513951][ C1] univ8250_console_init+0x41/0x50
[ 93.513963][ C1] console_init+0x177/0x5d0
[ 93.513975][ C1] start_kernel+0x2f9/0x530
[ 93.513985][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 93.513998][ C1]
[ 93.513998][ C1] -> #0 (console_owner){-...}-{0:0}:
[ 93.514015][ C1] __lock_acquire+0x2c33/0x7c60
[ 93.514028][ C1] lock_acquire+0x197/0x3f0
[ 93.514046][ C1] console_trylock_spinning+0x170/0x350
[ 93.514060][ C1] vprintk_emit+0xa7/0x150
[ 93.514073][ C1] _printk+0xcc/0x110
[ 93.514085][ C1] __show_regs+0x131/0x500
[ 93.514097][ C1] show_regs+0x32/0x60
[ 93.514108][ C1] __warn+0x15e/0x2b0
[ 93.514120][ C1] report_bug+0x1b7/0x2e0
[ 93.514130][ C1] handle_bug+0x3a/0x70
[ 93.514141][ C1] exc_invalid_op+0x16/0x40
[ 93.514152][ C1] asm_exc_invalid_op+0x16/0x20
[ 93.514164][ C1] copy_from_user_nofault+0x160/0x1c0
[ 93.514177][ C1] bpf_probe_read_user+0x26/0x70
[ 93.514190][ C1] bpf_prog_02073d59a3c0f06f+0x3d/0x444
[ 93.514201][ C1] bpf_trace_run2+0x15b/0x2d0
[ 93.514212][ C1] enqueue_hrtimer+0x314/0x370
[ 93.514225][ C1] __hrtimer_run_queues+0x65a/0xc40
[ 93.514238][ C1] hrtimer_interrupt+0x3bb/0x8d0
[ 93.514251][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0
[ 93.514263][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0
[ 93.514276][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 93.514288][ C1] lock_release+0x13c/0x870
[ 93.514301][ C1] _raw_spin_unlock+0x12/0x40
[ 93.514312][ C1] pick_file+0x18c/0x220
[ 93.514323][ C1] __close_range+0x1cd/0x4d0
[ 93.514334][ C1] __x64_sys_close_range+0x76/0x80
[ 93.514346][ C1] do_syscall_64+0x4c/0xa0
[ 93.514356][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 93.514369][ C1]
[ 93.514369][ C1] other info that might help us debug this:
[ 93.514369][ C1]
[ 93.514373][ C1] Chain exists of:
[ 93.514373][ C1] console_owner --> &rt_b->rt_runtime_lock --> hrtimer_bases.lock
[ 93.514373][ C1]
[ 93.514393][ C1] Possible unsafe locking scenario:
[ 93.514393][ C1]
[ 93.514396][ C1] CPU0 CPU1
[ 93.514399][ C1] ---- ----
[ 93.514401][ C1] lock(hrtimer_bases.lock);
[ 93.514409][ C1] lock(&rt_b->rt_runtime_lock);
[ 93.514417][ C1] lock(hrtimer_bases.lock);
[ 93.514426][ C1] lock(console_owner);
[ 93.514434][ C1]
[ 93.514434][ C1] *** DEADLOCK ***
[ 93.514434][ C1]
[ 93.514437][ C1] 3 locks held by syz.0.49/5109:
[ 93.514444][ C1] #0: ffff888024153198 (&newf->file_lock){+.+.}-{2:2}, at: pick_file+0x2e/0x220
[ 93.514473][ C1] #1: ffff8880b912a218 (hrtimer_bases.lock){-.-.}-{2:2}, at: __hrtimer_run_queues+0x5ff/0xc40
[ 93.514506][ C1] #2: ffffffff8c11c360 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30
[ 93.514535][ C1]
[ 93.514535][ C1] stack backtrace:
[ 93.514538][ C1] CPU: 1 PID: 5109 Comm: syz.0.49 Not tainted 5.15.188-syzkaller #0
[ 93.514551][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 93.514558][ C1] Call Trace:
[ 93.514563][ C1]
[ 93.514568][ C1] dump_stack_lvl+0x168/0x230
[ 93.514583][ C1] ? load_image+0x3b0/0x3b0
[ 93.514598][ C1] ? show_regs_print_info+0x20/0x20
[ 93.514616][ C1] ? print_circular_bug+0x12b/0x1a0
[ 93.514630][ C1] check_noncircular+0x274/0x310
[ 93.514642][ C1] ? add_chain_block+0x940/0x940
[ 93.514654][ C1] ? lockdep_lock+0x141/0x1e0
[ 93.514668][ C1] ? data_alloc+0x4c6/0x7b0
[ 93.514680][ C1] ? mark_lock+0x94/0x320
[ 93.514694][ C1] ? mark_lock+0x94/0x320
[ 93.514710][ C1] __lock_acquire+0x2c33/0x7c60
[ 93.514730][ C1] ? down_trylock+0x4c/0xa0
[ 93.514743][ C1] ? verify_lock_unused+0x140/0x140
[ 93.514758][ C1] ? verify_lock_unused+0x140/0x140
[ 93.514773][ C1] ? __rwlock_init+0x140/0x140
[ 93.514786][ C1] ? _prb_commit+0x289/0x340
[ 93.514798][ C1] ? do_raw_spin_unlock+0x11d/0x230
[ 93.514812][ C1] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 93.514825][ C1] ? _raw_spin_unlock+0x40/0x40
[ 93.514840][ C1] lock_acquire+0x197/0x3f0
[ 93.514854][ C1] ? console_trylock_spinning+0x150/0x350
[ 93.514869][ C1] ? console_trylock_spinning+0x150/0x350
[ 93.514886][ C1] ? __lock_acquire+0x7c60/0x7c60
[ 93.514901][ C1] ? do_raw_spin_lock+0x11d/0x280
[ 93.514913][ C1] ? read_lock_is_recursive+0x10/0x10
[ 93.514927][ C1] ? __rwlock_init+0x140/0x140
[ 93.514941][ C1] ? do_raw_spin_unlock+0x11d/0x230
[ 93.514955][ C1] console_trylock_spinning+0x170/0x350
[ 93.514970][ C1] ? console_trylock_spinning+0x150/0x350
[ 93.514985][ C1] ? vprintk_emit+0x150/0x150
[ 93.515000][ C1] ? vprintk_emit+0xf9/0x150
[ 93.515016][ C1] ? irq_work_queue+0xbf/0x140
[ 93.515036][ C1] vprintk_emit+0xa7/0x150
[ 93.515052][ C1] _printk+0xcc/0x110
[ 93.515066][ C1] ? copy_from_user_nofault+0x136/0x1c0
[ 93.515082][ C1] ? load_image+0x3b0/0x3b0
[ 93.515100][ C1] __show_regs+0x131/0x500
[ 93.515113][ C1] ? dump_stack_print_info+0xf1/0x150
[ 93.515128][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 93.515144][ C1] show_regs+0x32/0x60
[ 93.515156][ C1] __warn+0x15e/0x2b0
[ 93.515169][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 93.515185][ C1] report_bug+0x1b7/0x2e0
[ 93.515198][ C1] handle_bug+0x3a/0x70
[ 93.515209][ C1] exc_invalid_op+0x16/0x40
[ 93.515222][ C1] asm_exc_invalid_op+0x16/0x20
[ 93.515235][ C1] RIP: 0010:copy_from_user_nofault+0x160/0x1c0
[ 93.515251][ C1] Code: 24 45 31 f6 31 ff 89 de e8 2d e2 d7 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 b0 de d7 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe
[ 93.515261][ C1] RSP: 0018:ffffc90000dd0ba0 EFLAGS: 00010006
[ 93.515272][ C1] RAX: ffffffff819ff470 RBX: 0000000000000008 RCX: ffff888027690000
[ 93.515281][ C1] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000
[ 93.515289][ C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff7619
[ 93.515298][ C1] R10: fffffbfff1ff7619 R11: 1ffffffff1ff7618 R12: ffff888027691788
[ 93.515308][ C1] R13: dffffc0000000000 R14: ffffc90000dd0c08 R15: 0000000000000000
[ 93.515320][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 93.515339][ C1] bpf_probe_read_user+0x26/0x70
[ 93.515354][ C1] bpf_prog_02073d59a3c0f06f+0x3d/0x444
[ 93.515365][ C1] bpf_trace_run2+0x15b/0x2d0
[ 93.515376][ C1] ? posix_cpu_timers_work+0x1120/0x1120
[ 93.515392][ C1] ? bpf_trace_run1+0x2d0/0x2d0
[ 93.515404][ C1] ? _raw_spin_lock_irq+0xab/0xe0
[ 93.515417][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 93.515431][ C1] enqueue_hrtimer+0x314/0x370
[ 93.515447][ C1] __hrtimer_run_queues+0x65a/0xc40
[ 93.515464][ C1] ? tick_setup_sched_timer+0x2c0/0x2c0
[ 93.515481][ C1] ? hrtimer_interrupt+0x8d0/0x8d0
[ 93.515496][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0
[ 93.515512][ C1] hrtimer_interrupt+0x3bb/0x8d0
[ 93.515533][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0
[ 93.515548][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0
[ 93.515562][ C1]
[ 93.515566][ C1]
[ 93.515570][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 93.515584][ C1] RIP: 0010:lock_release+0x13c/0x870
[ 93.515599][ C1] Code: c0 0f 85 28 05 00 00 41 83 3e 00 0f 85 58 04 00 00 48 89 5c 24 18 48 c7 84 24 a0 00 00 00 00 00 00 00 9c 8f 84 24 a0 00 00 00 <48> 8b 84 24 a0 00 00 00 48 89 44 24 50 fa 48 c7 c7 c0 23 0b 8a e8
[ 93.515609][ C1] RSP: 0018:ffffc900030dfca0 EFLAGS: 00000246
[ 93.515619][ C1] RAX: 0000000000000000 RBX: ffff888027690000 RCX: 1b459b0c3536cd00
[ 93.515629][ C1] RDX: 0000000000000000 RSI: ffffffff8a59afe0 RDI: ffffffff8a59afa0
[ 93.515638][ C1] RBP: ffffc900030dfdc0 R08: dffffc0000000000 R09: fffffbfff1ad3056
[ 93.515648][ C1] R10: fffffbfff1ad3056 R11: 1ffffffff1ad3055 R12: 0000000000000017
[ 93.515657][ C1] R13: dffffc0000000000 R14: ffff888027690aec R15: 1ffff9200061bfa0
[ 93.515674][ C1] ? pick_file+0x18c/0x220
[ 93.515687][ C1] ? __lock_acquire+0x7c60/0x7c60
[ 93.515701][ C1] ? do_raw_spin_lock+0x11d/0x280
[ 93.515715][ C1] ? __rwlock_init+0x140/0x140
[ 93.515729][ C1] _raw_spin_unlock+0x12/0x40
[ 93.515741][ C1] pick_file+0x18c/0x220
[ 93.515754][ C1] __close_range+0x1cd/0x4d0
[ 93.515769][ C1] ? pick_file+0x220/0x220
[ 93.515781][ C1] ? vtime_user_exit+0x2dc/0x400
[ 93.515796][ C1] __x64_sys_close_range+0x76/0x80
[ 93.515810][ C1] do_syscall_64+0x4c/0xa0
[ 93.515822][ C1] ? clear_bhb_loop+0x30/0x80
[ 93.515835][ C1] ? clear_bhb_loop+0x30/0x80
[ 93.515848][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 93.515862][ C1] RIP: 0033:0x7ff161fe79f9
[ 93.515872][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 93.515882][ C1] RSP: 002b:00007ffcdfb56dd8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 93.515895][ C1] RAX: ffffffffffffffda RBX: 0000000000016d25 RCX: 00007ff161fe79f9
[ 93.515904][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 93.515912][ C1] RBP: 00007ffcdfb56eb0 R08: 0000000000000001 R09: 00007ffcdfb570bf
[ 93.515921][ C1] R10: 00007ff161e70000 R11: 0000000000000246 R12: 0000000000000226
[ 93.515930][ C1] R13: 00007ffcdfb56ed0 R14: 00007ffcdfb56ef0 R15: ffffffffffffffff
[ 93.515944][ C1]
[ 93.518142][ C0] WARNING: CPU: 0 PID: 1288 at mm/maccess.c:226 copy_from_user_nofault+0x160/0x1c0
[ 93.523664][ C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff7619
[ 93.532908][ C0] Modules linked in:
[ 93.536857][ C1] R10: fffffbfff1ff7619 R11: 1ffffffff1ff7618 R12: ffff888027691788
[ 93.544800][ C0] CPU: 0 PID: 1288 Comm: kworker/u4:4 Not tainted 5.15.188-syzkaller #0
[ 93.554824][ C1] R13: dffffc0000000000 R14: ffffc90000dd0c08 R15: 0000000000000000
[ 93.560954][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 93.580652][ C1] FS: 0000555589dc5500(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[ 93.586690][ C0] Workqueue: netns cleanup_net
[ 93.594631][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 93.602574][ C0]
[ 93.602579][ C0] RIP: 0010:copy_from_user_nofault+0x160/0x1c0
[ 93.604879][ C1] CR2: 00007ff1621720c0 CR3: 000000006b6c5000 CR4: 00000000003506e0
[ 93.611864][ C0] Code: 24 45 31 f6 31 ff 89 de e8 2d e2 d7 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 b0 de d7 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe
[ 93.618854][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 93.624020][ C0] RSP: 0018:ffffc90000007ba0 EFLAGS: 00010006
[ 93.624034][ C0] RAX: ffffffff819ff470 RBX: 0000000000000008 RCX: ffff888022621dc0
[ 93.631014][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 93.636786][ C0] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000
[ 93.646547][ C1] Call Trace:
[ 93.646555][ C1]
[ 93.653884][ C0] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff7619
[ 93.663742][ C1] bpf_probe_read_user+0x26/0x70
[ 93.674112][ C0] R10: fffffbfff1ff7619 R11: 1ffffffff1ff7618 R12: ffff888022623548
[ 93.683104][ C1] bpf_prog_02073d59a3c0f06f+0x3d/0x444
[ 93.690955][ C0] R13: dffffc0000000000 R14: ffffc90000007c08 R15: 0000000000000000
[ 93.696641][ C1] bpf_trace_run2+0x15b/0x2d0
[ 93.702412][ C0] FS: 0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[ 93.707663][ C1] ? posix_cpu_timers_work+0x1120/0x1120
[ 93.712654][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 93.718512][ C1] ? bpf_trace_run1+0x2d0/0x2d0
[ 93.723592][ C0] CR2: 00007ff162177a8c CR3: 000000006b6c5000 CR4: 00000000003506f0
[ 93.729452][ C1] ? _raw_spin_lock_irq+0xab/0xe0
[ 93.734711][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 93.739443][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 93.744692][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 93.750119][ C1] enqueue_hrtimer+0x314/0x370
[ 93.754936][ C0] Call Trace:
[ 93.754943][ C0]
[ 93.760627][ C1] __hrtimer_run_queues+0x65a/0xc40
[ 93.765447][ C0] bpf_probe_read_user+0x26/0x70
[ 93.770354][ C1] ? tick_setup_sched_timer+0x2c0/0x2c0
[ 93.778567][ C0] bpf_prog_02073d59a3c0f06f+0x3d/0x444
[ 93.783565][ C1] ? hrtimer_interrupt+0x8d0/0x8d0
[ 93.788561][ C0] bpf_trace_run2+0x15b/0x2d0
[ 93.794077][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0
[ 93.799849][ C0] ? posix_cpu_timers_work+0x1120/0x1120
[ 93.805190][ C1] hrtimer_interrupt+0x3bb/0x8d0
[ 93.810616][ C0] ? bpf_trace_run1+0x2d0/0x2d0
[ 93.815179][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0
[ 93.820076][ C0] ? _raw_spin_lock_irq+0xab/0xe0
[ 93.827354][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0
[ 93.832952][ C0] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 93.838812][ C1]
[ 93.843887][ C0] enqueue_hrtimer+0x314/0x370
[ 93.849308][ C1]
[ 93.849314][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 93.854477][ C0] __hrtimer_run_queues+0x65a/0xc40
[ 93.859468][ C1] RIP: 0010:lock_release+0x13c/0x870
[ 93.864464][ C0] ? tick_setup_sched_timer+0x2c0/0x2c0
[ 93.869116][ C1] Code: c0 0f 85 28 05 00 00 41 83 3e 00 0f 85 58 04 00 00 48 89 5c 24 18 48 c7 84 24 a0 00 00 00 00 00 00 00 9c 8f 84 24 a0 00 00 00 <48> 8b 84 24 a0 00 00 00 48 89 44 24 50 fa 48 c7 c7 c0 23 0b 8a e8
[ 93.874109][ C0] ? hrtimer_interrupt+0x8d0/0x8d0
[ 93.880486][ C1] RSP: 0018:ffffc900030dfca0 EFLAGS: 00000246
[ 93.887733][ C0] ? ktime_get_update_offsets_now+0x3ce/0x3e0
[ 93.893418][ C1]
[ 93.893423][ C1] RAX: 0000000000000000 RBX: ffff888027690000 RCX: 1b459b0c3536cd00
[ 93.898588][ C0] hrtimer_interrupt+0x3bb/0x8d0
[ 93.903920][ C1] RDX: 0000000000000000 RSI: ffffffff8a59afe0 RDI: ffffffff8a59afa0
[ 93.908661][ C0] __sysvec_apic_timer_interrupt+0x137/0x4a0
[ 93.914430][ C1] RBP: ffffc900030dfdc0 R08: dffffc0000000000 R09: fffffbfff1ad3056
[ 93.920118][ C0] sysvec_apic_timer_interrupt+0x9b/0xc0
[ 93.925888][ C1] R10: fffffbfff1ad3056 R11: 1ffffffff1ad3055 R12: 0000000000000017
[ 93.932273][ C0]
[ 93.937867][ C1] R13: dffffc0000000000 R14: ffff888027690aec R15: 1ffff9200061bfa0
[ 93.943986][ C0]
[ 93.949251][ C1] ? pick_file+0x18c/0x220
[ 93.954497][ C0] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 93.959921][ C1] ? __lock_acquire+0x7c60/0x7c60
[ 93.965085][ C0] RIP: 0010:lock_acquire+0x1f2/0x3f0
[ 93.970596][ C1] ? do_raw_spin_lock+0x11d/0x280
[ 93.976453][ C0] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f6 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 44 3d 00 00 00 00 00 66 43 c7 44 3d 09 00 00 43 c6 44 3d 0b
[ 93.982585][ C1] ? __rwlock_init+0x140/0x140
[ 93.988182][ C0] RSP: 0018:ffffc900052e7900 EFLAGS: 00000206
[ 93.993522][ C1] _raw_spin_unlock+0x12/0x40
[ 94.000159][ C0]
[ 94.000163][ C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ac5acfcb97259e00
[ 94.006280][ C1] pick_file+0x18c/0x220
[ 94.012134][ C0] RDX: 0000000000000000 RSI: ffffffff8a0b2860 RDI: ffffffff8a59b000
[ 94.016869][ C1] __close_range+0x1cd/0x4d0
[ 94.021684][ C0] RBP: ffffc900052e7a20 R08: dffffc0000000000 R09: fffffbfff1ff7619
[ 94.026589][ C1] ? pick_file+0x220/0x220
[ 94.032970][ C0] R10: fffffbfff1ff7619 R11: 1ffffffff1ff7618 R12: ffffffff8c11c360
[ 94.040650][ C1] ? vtime_user_exit+0x2dc/0x400
[ 94.046332][ C0] R13: 1ffff92000a5cf2c R14: 0000000000000246 R15: dffffc0000000000
[ 94.050976][ C1] __x64_sys_close_range+0x76/0x80
[ 94.056750][ C0] ? rcu_lock_release+0x5/0x20
[ 94.062342][ C1] do_syscall_64+0x4c/0xa0
[ 94.068112][ C0] ? read_lock_is_recursive+0x10/0x10
[ 94.074497][ C1] ? clear_bhb_loop+0x30/0x80
[ 94.080093][ C0] ? __lock_acquire+0x7c60/0x7c60
[ 94.086209][ C1] ? clear_bhb_loop+0x30/0x80
[ 94.091463][ C0] rcu_lock_acquire+0x2a/0x30
[ 94.096712][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 94.102137][ C0] ? rcu_lock_acquire+0x5/0x30
[ 94.107309][ C1] RIP: 0033:0x7ff161fe79f9
[ 94.112912][ C0] inet_twsk_purge+0x119/0x810
[ 94.119137][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 94.123960][ C0] ? __inet_twsk_schedule+0x130/0x130
[ 94.128946][ C1] RSP: 002b:00007ffcdfb56dd8 EFLAGS: 00000246
[ 94.134116][ C0] ? iput+0x706/0x8a0
[ 94.138846][ C1] ORIG_RAX: 00000000000001b4
[ 94.143668][ C0] ? dccp_v4_exit_net+0x80/0x80
[ 94.148573][ C1] RAX: ffffffffffffffda RBX: 0000000000016d25 RCX: 00007ff161fe79f9
[ 94.154953][ C0] cleanup_net+0x77b/0xb80
[ 94.162456][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 94.168145][ C0] ? ops_free_list+0x330/0x330
[ 94.174353][ C1] RBP: 00007ffcdfb56eb0 R08: 0000000000000001 R09: 00007ffcdfb570bf
[ 94.179620][ C0] ? _raw_spin_unlock_irq+0x1f/0x40
[ 94.184530][ C1] R10: 00007ff161e70000 R11: 0000000000000246 R12: 0000000000000226
[ 94.189002][ C0] process_one_work+0x863/0x1000
[ 94.194335][ C1] R13: 00007ffcdfb56ed0 R14: 00007ffcdfb56ef0 R15: ffffffffffffffff
[ 94.199938][ C0] ? worker_detach_from_pool+0x240/0x240
[ 94.204934][ C1]
[ 94.209915][ C0] ? lockdep_hardirqs_off+0x70/0x100
[ 94.216305][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 94.223715][ C0] ? _raw_spin_lock_irq+0xab/0xe0
[ 94.229060][ C1] CPU: 1 PID: 5109 Comm: syz.0.49 Not tainted 5.15.188-syzkaller #0
[ 94.234059][ C0] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 94.240101][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 94.245027][ C0] ? wq_worker_running+0x97/0x170
[ 94.249616][ C1] Call Trace:
[ 94.254519][ C0] worker_thread+0xaa8/0x12a0
[ 94.259078][ C1]
[ 94.263547][ C0] ? lockdep_hardirqs_on+0x94/0x140
[ 94.268452][ C1] dump_stack_lvl+0x168/0x230
[ 94.273099][ C0] ? lockdep_hardirqs_on+0x94/0x140
[ 94.278091][ C1] ? show_regs_print_info+0x20/0x20
[ 94.283424][ C0] ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 94.289285][ C1] ? load_image+0x3b0/0x3b0
[ 94.294712][ C0] kthread+0x436/0x520
[ 94.300743][ C1] panic+0x2c9/0x7f0
[ 94.305907][ C0] ? rcu_lock_release+0x20/0x20
[ 94.311159][ C1] ? bpf_jit_dump+0xd0/0xd0
[ 94.316840][ C0] ? kthread_blkcg+0xd0/0xd0
[ 94.322267][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 94.328901][ C0] ret_from_fork+0x1f/0x30
[ 94.335019][ C1] __warn+0x248/0x2b0
[ 94.341490][ C0]
[ 94.346475][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 94.351647][ C0] irq event stamp: 1836790
[ 94.356368][ C1] report_bug+0x1b7/0x2e0
[ 94.361441][ C0] hardirqs last enabled at (1836789): [] asm_sysvec_call_function_single+0x16/0x20
[ 94.367050][ C1] handle_bug+0x3a/0x70
[ 94.371952][ C0] hardirqs last disabled at (1836790): [] sysvec_apic_timer_interrupt+0xa/0xc0
[ 94.378334][ C1] exc_invalid_op+0x16/0x40
[ 94.388530][ C0] softirqs last enabled at (1836742): [] __irq_exit_rcu+0x12f/0x220
[ 94.402209][ C1] asm_exc_invalid_op+0x16/0x20
[ 94.409631][ C0] softirqs last disabled at (1836709): [] __irq_exit_rcu+0x12f/0x220
[ 94.414978][ C1] RIP: 0010:copy_from_user_nofault+0x160/0x1c0
[ 94.420314][ C0] ---[ end trace 0ea47d18634e1822 ]---
[ 94.424957][ C1] Code: 24 45 31 f6 31 ff 89 de e8 2d e2 d7 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 b0 de d7 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe
[ 94.434549][ T4671] Bluetooth: hci0: command 0x040f tx timeout
[ 94.439717][ C1] RSP: 0018:ffffc90000dd0ba0 EFLAGS: 00010006
[ 96.119008][ C1] RAX: ffffffff819ff470 RBX: 0000000000000008 RCX: ffff888027690000
[ 96.126959][ C1] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000
[ 96.134912][ C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff7619
[ 96.142859][ C1] R10: fffffbfff1ff7619 R11: 1ffffffff1ff7618 R12: ffff888027691788
[ 96.150838][ C1] R13: dffffc0000000000 R14: ffffc90000dd0c08 R15: 0000000000000000
[ 96.159000][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 96.164643][ C1] bpf_probe_read_user+0x26/0x70
[ 96.169664][ C1] bpf_prog_02073d59a3c0f06f+0x3d/0x444
[ 96.175252][ C1] bpf_trace_run2+0x15b/0x2d0
[ 96.179926][ C1] ? posix_cpu_timers_work+0x1120/0x1120
[ 96.185544][ C1] ? bpf_trace_run1+0x2d0/0x2d0
[ 96.190377][ C1] ? _raw_spin_lock_irq+0xab/0xe0
[ 96.195380][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 96.200729][ C1] enqueue_hrtimer+0x314/0x370
[ 96.205477][ C1] __hrtimer_run_queues+0x65a/0xc40
[ 96.210739][ C1] ? tick_setup_sched_timer+0x2c0/0x2c0
[ 96.216266][ C1] ? hrtimer_interrupt+0x8d0/0x8d0
[ 96.221352][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0
[ 96.227397][ C1] hrtimer_interrupt+0x3bb/0x8d0
[ 96.232322][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0
[ 96.238287][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0
[ 96.243897][ C1]
[ 96.246805][ C1]
[ 96.249712][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 96.255670][ C1] RIP: 0010:lock_release+0x13c/0x870
[ 96.260932][ C1] Code: c0 0f 85 28 05 00 00 41 83 3e 00 0f 85 58 04 00 00 48 89 5c 24 18 48 c7 84 24 a0 00 00 00 00 00 00 00 9c 8f 84 24 a0 00 00 00 <48> 8b 84 24 a0 00 00 00 48 89 44 24 50 fa 48 c7 c7 c0 23 0b 8a e8
[ 96.280684][ C1] RSP: 0018:ffffc900030dfca0 EFLAGS: 00000246
[ 96.286728][ C1] RAX: 0000000000000000 RBX: ffff888027690000 RCX: 1b459b0c3536cd00
[ 96.294674][ C1] RDX: 0000000000000000 RSI: ffffffff8a59afe0 RDI: ffffffff8a59afa0
[ 96.302624][ C1] RBP: ffffc900030dfdc0 R08: dffffc0000000000 R09: fffffbfff1ad3056
[ 96.310570][ C1] R10: fffffbfff1ad3056 R11: 1ffffffff1ad3055 R12: 0000000000000017
[ 96.318518][ C1] R13: dffffc0000000000 R14: ffff888027690aec R15: 1ffff9200061bfa0
[ 96.326478][ C1] ? pick_file+0x18c/0x220
[ 96.330873][ C1] ? __lock_acquire+0x7c60/0x7c60
[ 96.335874][ C1] ? do_raw_spin_lock+0x11d/0x280
[ 96.340876][ C1] ? __rwlock_init+0x140/0x140
[ 96.345613][ C1] _raw_spin_unlock+0x12/0x40
[ 96.350269][ C1] pick_file+0x18c/0x220
[ 96.354488][ C1] __close_range+0x1cd/0x4d0
[ 96.359056][ C1] ? pick_file+0x220/0x220
[ 96.363445][ C1] ? vtime_user_exit+0x2dc/0x400
[ 96.368360][ C1] __x64_sys_close_range+0x76/0x80
[ 96.373621][ C1] do_syscall_64+0x4c/0xa0
[ 96.378014][ C1] ? clear_bhb_loop+0x30/0x80
[ 96.382664][ C1] ? clear_bhb_loop+0x30/0x80
[ 96.387315][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 96.393194][ C1] RIP: 0033:0x7ff161fe79f9
[ 96.397594][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 96.417298][ C1] RSP: 002b:00007ffcdfb56dd8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 96.425689][ C1] RAX: ffffffffffffffda RBX: 0000000000016d25 RCX: 00007ff161fe79f9
[ 96.433636][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 96.441581][ C1] RBP: 00007ffcdfb56eb0 R08: 0000000000000001 R09: 00007ffcdfb570bf
[ 96.449532][ C1] R10: 00007ff161e70000 R11: 0000000000000246 R12: 0000000000000226
[ 96.457481][ C1] R13: 00007ffcdfb56ed0 R14: 00007ffcdfb56ef0 R15: ffffffffffffffff
[ 96.465460][ C1]
[ 96.468626][ C1] Kernel Offset: disabled
[ 96.472937][ C1] Rebooting in 86400 seconds..