Warning: Permanently added '10.128.1.242' (ED25519) to the list of known hosts.
2025/07/16 15:19:18 ignoring optional flag "sandboxArg"="0"
2025/07/16 15:19:19 parsed 1 programs
[ 70.296735][ T4189] cgroup: Unknown subsys name 'net'
[ 70.436842][ T4189] cgroup: Unknown subsys name 'rlimit'
[ 71.443306][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.449890][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.911555][ T4189] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 74.575215][ T4229] chnl_net:caif_netlink_parms(): no params data found
[ 74.641721][ T4229] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.649866][ T4229] bridge0: port 1(bridge_slave_0) entered disabled state
[ 74.658267][ T4229] device bridge_slave_0 entered promiscuous mode
[ 74.669506][ T4229] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.676761][ T4229] bridge0: port 2(bridge_slave_1) entered disabled state
[ 74.686328][ T4229] device bridge_slave_1 entered promiscuous mode
[ 74.717064][ T4229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 74.728757][ T4229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 74.762536][ T4229] team0: Port device team_slave_0 added
[ 74.770713][ T4229] team0: Port device team_slave_1 added
[ 74.797047][ T4229] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 74.805423][ T4229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.833004][ T4229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 74.846322][ T4229] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 74.854543][ T4229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.882113][ T4229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 74.923523][ T4229] device hsr_slave_0 entered promiscuous mode
[ 74.931893][ T4229] device hsr_slave_1 entered promiscuous mode
[ 75.064781][ T4229] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 75.077936][ T4229] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 75.088596][ T4229] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 75.100519][ T4229] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 75.134899][ T4229] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.142360][ T4229] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 75.150471][ T4229] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.157578][ T4229] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 75.216949][ T4229] 8021q: adding VLAN 0 to HW filter on device bond0
[ 75.234108][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 75.245427][ T144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 75.254698][ T144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 75.271168][ T4229] 8021q: adding VLAN 0 to HW filter on device team0
[ 75.285435][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 75.295161][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 75.302397][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 75.314485][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 75.322958][ T1216] bridge0: port 2(bridge_slave_1) entered blocking state
[ 75.330071][ T1216] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 75.350122][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 75.362700][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 75.372073][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 75.385970][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 75.398968][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 75.413499][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 75.545314][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 75.553171][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 75.565656][ T4229] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 75.584720][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 75.594097][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 75.613162][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 75.622339][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 75.632589][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 75.640508][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 75.661003][ T4229] device veth0_vlan entered promiscuous mode
[ 75.672620][ T4229] device veth1_vlan entered promiscuous mode
[ 75.693416][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 75.701946][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 75.710464][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 75.718884][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 75.730503][ T4229] device veth0_macvtap entered promiscuous mode
[ 75.755309][ T4229] device veth1_macvtap entered promiscuous mode
[ 75.772384][ T4229] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 75.780181][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 75.788330][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 75.797305][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 75.806682][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 75.818384][ T4229] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 75.826333][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 75.835733][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 75.858673][ T4229] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.867753][ T4229] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.876850][ T4229] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 75.885843][ T4229] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 76.861329][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 76.881020][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 76.897897][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 76.907582][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 76.918418][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 76.931034][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2025/07/16 15:19:29 executed programs: 0
[ 77.735433][ T4287] chnl_net:caif_netlink_parms(): no params data found
[ 77.802698][ T4287] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.810089][ T4287] bridge0: port 1(bridge_slave_0) entered disabled state
[ 77.818019][ T4287] device bridge_slave_0 entered promiscuous mode
[ 77.826656][ T4287] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.834471][ T4287] bridge0: port 2(bridge_slave_1) entered disabled state
[ 77.842876][ T4287] device bridge_slave_1 entered promiscuous mode
[ 77.868631][ T4287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 77.882801][ T4287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 77.925579][ T155] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 77.944750][ T4287] team0: Port device team_slave_0 added
[ 77.952987][ T4287] team0: Port device team_slave_1 added
[ 77.973100][ T4287] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 77.980343][ T4287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 78.007105][ T4287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 78.020438][ T4287] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 78.027415][ T4287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 78.053520][ T4287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 78.085654][ T4287] device hsr_slave_0 entered promiscuous mode
[ 78.092614][ T4287] device hsr_slave_1 entered promiscuous mode
[ 78.099835][ T4287] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 78.107741][ T4287] Cannot create hsr debugfs directory
[ 79.690159][ T4253] Bluetooth: hci0: command 0x0409 tx timeout
[ 81.446329][ T155] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 81.525077][ T155] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 81.586672][ T155] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 81.761130][ T1108] Bluetooth: hci0: command 0x041b tx timeout
[ 82.394983][ T4287] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 82.408618][ T4287] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 82.419055][ T4287] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 82.432038][ T4287] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 82.506539][ T4287] 8021q: adding VLAN 0 to HW filter on device bond0
[ 82.520958][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 82.530565][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 82.542686][ T4287] 8021q: adding VLAN 0 to HW filter on device team0
[ 82.554743][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 82.567018][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 82.578773][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 82.585913][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 82.595154][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 82.631980][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 82.640863][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 82.649603][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 82.656689][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 82.667859][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 82.680765][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 82.711713][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 82.721256][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 82.731502][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 82.743258][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 82.754046][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 82.786090][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 82.794927][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 82.810271][ T4287] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 82.822156][ T4287] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 82.832254][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 82.842805][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 82.972085][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 82.980646][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 82.993439][ T4287] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 83.031200][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 83.040671][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 83.082128][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 83.090631][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 83.098991][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 83.108021][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 83.117473][ T4287] device veth0_vlan entered promiscuous mode
[ 83.147392][ T4287] device veth1_vlan entered promiscuous mode
[ 83.166209][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 83.175158][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 83.183842][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 83.193129][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 83.205404][ T4287] device veth0_macvtap entered promiscuous mode
[ 83.229761][ T4287] device veth1_macvtap entered promiscuous mode
[ 83.247787][ T4287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 83.259481][ T4287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 83.271330][ T4287] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 83.282509][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 83.291096][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 83.299511][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 83.308269][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 83.317403][ T4287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 83.329136][ T4287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 83.340594][ T4287] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 83.348824][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 83.358222][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 83.390677][ T4287] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.399816][ T4287] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.410671][ T4287] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.420869][ T4287] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.506486][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 83.518426][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 83.541812][ T155] device hsr_slave_0 left promiscuous mode
[ 83.548482][ T155] device hsr_slave_1 left promiscuous mode
[ 83.555405][ T155] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 83.563155][ T155] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 83.571624][ T155] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 83.579061][ T155] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 83.587689][ T155] device bridge_slave_1 left promiscuous mode
[ 83.595540][ T155] bridge0: port 2(bridge_slave_1) entered disabled state
[ 83.610626][ T155] device bridge_slave_0 left promiscuous mode
[ 83.617039][ T155] bridge0: port 1(bridge_slave_0) entered disabled state
[ 83.635404][ T155] device veth1_macvtap left promiscuous mode
[ 83.641986][ T155] device veth0_macvtap left promiscuous mode
[ 83.648031][ T155] device veth1_vlan left promiscuous mode
[ 83.654212][ T155] device veth0_vlan left promiscuous mode
[ 83.827970][ T155] team0 (unregistering): Port device team_slave_1 removed
[ 83.839822][ T4254] Bluetooth: hci0: command 0x040f tx timeout
[ 83.854623][ T155] team0 (unregistering): Port device team_slave_0 removed
[ 83.867243][ T155] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 83.883469][ T155] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 83.943952][ T155] bond0 (unregistering): Released all slaves
[ 84.035400][ T1216] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 84.054998][ T1216] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 84.066834][ T1216] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/07/16 15:19:35 executed programs: 2
[ 84.086897][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 84.909369][ C1] ------------[ cut here ]------------
[ 84.910297][ C1]
[ 84.910303][ C1] ======================================================
[ 84.910309][ C1] WARNING: possible circular locking dependency detected
[ 84.910323][ C1] 5.15.188-syzkaller #0 Not tainted
[ 84.910332][ C1] ------------------------------------------------------
[ 84.910337][ C1] syz.0.42/4375 is trying to acquire lock:
[ 84.910345][ C1] ffffffff8c110da0 (console_owner){-...}-{0:0}, at: console_lock_spinning_enable+0x2c/0x60
[ 84.910393][ C1]
[ 84.910393][ C1] but task is already holding lock:
[ 84.910397][ C1] ffff8880b912a218 (hrtimer_bases.lock){-.-.}-{2:2}, at: __hrtimer_run_queues+0x5ff/0xc40
[ 84.910438][ C1]
[ 84.910438][ C1] which lock already depends on the new lock.
[ 84.910438][ C1]
[ 84.910443][ C1]
[ 84.910443][ C1] the existing dependency chain (in reverse order) is:
[ 84.910448][ C1]
[ 84.910448][ C1] -> #6 (hrtimer_bases.lock){-.-.}-{2:2}:
[ 84.910470][ C1] _raw_spin_lock_irqsave+0xa4/0xf0
[ 84.910487][ C1] hrtimer_start_range_ns+0xff/0xc20
[ 84.910506][ C1] enqueue_task_rt+0x60c/0xc00
[ 84.910522][ C1] enqueue_task+0x182/0x2b0
[ 84.910539][ C1] __sched_setscheduler+0x1379/0x1be0
[ 84.910559][ C1] sched_set_fifo+0xbc/0x120
[ 84.910578][ C1] drm_vblank_worker_init+0x149/0x1a0
[ 84.910597][ C1] drm_vblank_init+0x265/0x330
[ 84.910616][ C1] vkms_init+0x31a/0x700
[ 84.910633][ C1] do_one_initcall+0x1ee/0x680
[ 84.910651][ C1] do_initcall_level+0x137/0x1f0
[ 84.910667][ C1] do_initcalls+0x4b/0x90
[ 84.910681][ C1] kernel_init_freeable+0x3ce/0x560
[ 84.910696][ C1] kernel_init+0x19/0x1b0
[ 84.910715][ C1] ret_from_fork+0x1f/0x30
[ 84.910732][ C1]
[ 84.910732][ C1] -> #5 (&rt_b->rt_runtime_lock){-...}-{2:2}:
[ 84.910756][ C1] _raw_spin_lock+0x2a/0x40
[ 84.910771][ C1] rq_online_rt+0x125/0x310
[ 84.910786][ C1] sched_cpu_activate+0x4ae/0x650
[ 84.910802][ C1] cpuhp_invoke_callback+0x431/0x830
[ 84.910822][ C1] cpuhp_thread_fun+0x39a/0x7d0
[ 84.910840][ C1] smpboot_thread_fn+0x4f6/0x970
[ 84.910859][ C1] kthread+0x436/0x520
[ 84.910873][ C1] ret_from_fork+0x1f/0x30
[ 84.910890][ C1]
[ 84.910890][ C1] -> #4 (&rq->__lock){-.-.}-{2:2}:
[ 84.910911][ C1] _raw_spin_lock_nested+0x2e/0x40
[ 84.910928][ C1] raw_spin_rq_lock_nested+0x26/0x140
[ 84.910946][ C1] task_fork_fair+0x5c/0x350
[ 84.910960][ C1] sched_cgroup_fork+0x2c6/0x320
[ 84.910978][ C1] copy_process+0x22d1/0x3e00
[ 84.910994][ C1] kernel_clone+0x219/0x930
[ 84.911007][ C1] kernel_thread+0xc8/0x120
[ 84.911020][ C1] rest_init+0x21/0x330
[ 84.911034][ C1] start_kernel+0x486/0x530
[ 84.911047][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 84.911072][ C1]
[ 84.911072][ C1] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[ 84.911093][ C1] _raw_spin_lock_irqsave+0xa4/0xf0
[ 84.911109][ C1] try_to_wake_up+0x5c/0x1050
[ 84.911125][ C1] __wake_up_common+0x2a4/0x4e0
[ 84.911142][ C1] __wake_up+0x108/0x180
[ 84.911158][ C1] tty_port_default_wakeup+0xa5/0xf0
[ 84.911177][ C1] serial8250_tx_chars+0x629/0x830
[ 84.911195][ C1] serial8250_handle_irq+0x519/0x610
[ 84.911211][ C1] serial8250_default_handle_irq+0xb4/0x1a0
[ 84.911224][ C1] serial8250_interrupt+0x9b/0x1c0
[ 84.911240][ C1] __handle_irq_event_percpu+0x291/0x9b0
[ 84.911258][ C1] handle_irq_event+0xa5/0x220
[ 84.911272][ C1] handle_edge_irq+0x243/0xb20
[ 84.911290][ C1] __common_interrupt+0xd7/0x1e0
[ 84.911306][ C1] common_interrupt+0xb0/0xd0
[ 84.911322][ C1] asm_common_interrupt+0x22/0x40
[ 84.911337][ C1] default_idle+0xb/0x10
[ 84.911349][ C1] default_idle_call+0x81/0xc0
[ 84.911362][ C1] do_idle+0x21b/0x5b0
[ 84.911379][ C1] cpu_startup_entry+0x14/0x20
[ 84.911396][ C1] start_kernel+0x486/0x530
[ 84.911409][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 84.911428][ C1]
[ 84.911428][ C1] -> #2 (&tty->write_wait){-.-.}-{2:2}:
[ 84.911450][ C1] _raw_spin_lock_irqsave+0xa4/0xf0
[ 84.911466][ C1] __wake_up+0xed/0x180
[ 84.911480][ C1] tty_port_default_wakeup+0xa5/0xf0
[ 84.911498][ C1] serial8250_tx_chars+0x629/0x830
[ 84.911516][ C1] serial8250_handle_irq+0x519/0x610
[ 84.911535][ C1] serial8250_default_handle_irq+0xb4/0x1a0
[ 84.911551][ C1] serial8250_interrupt+0x9b/0x1c0
[ 84.911568][ C1] __handle_irq_event_percpu+0x291/0x9b0
[ 84.911584][ C1] handle_irq_event+0xa5/0x220
[ 84.911599][ C1] handle_edge_irq+0x243/0xb20
[ 84.911617][ C1] __common_interrupt+0xd7/0x1e0
[ 84.911632][ C1] common_interrupt+0xb0/0xd0
[ 84.911648][ C1] asm_common_interrupt+0x22/0x40
[ 84.911664][ C1] default_idle+0xb/0x10
[ 84.911679][ C1] default_idle_call+0x81/0xc0
[ 84.911693][ C1] do_idle+0x21b/0x5b0
[ 84.911709][ C1] cpu_startup_entry+0x14/0x20
[ 84.911726][ C1] start_kernel+0x486/0x530
[ 84.911740][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 84.911758][ C1]
[ 84.911758][ C1] -> #1 (&port_lock_key){-.-.}-{2:2}:
[ 84.911780][ C1] _raw_spin_lock_irqsave+0xa4/0xf0
[ 84.911796][ C1] serial8250_console_write+0x170/0xf80
[ 84.911816][ C1] console_unlock+0xc86/0x1200
[ 84.911835][ C1] vprintk_emit+0xc0/0x150
[ 84.911853][ C1] _printk+0xcc/0x110
[ 84.911872][ C1] register_console+0x682/0x960
[ 84.911887][ C1] univ8250_console_init+0x41/0x50
[ 84.911903][ C1] console_init+0x177/0x5d0
[ 84.911918][ C1] start_kernel+0x2f9/0x530
[ 84.911931][ C1] secondary_startup_64_no_verify+0xb1/0xbb
[ 84.911948][ C1]
[ 84.911948][ C1] -> #0 (console_owner){-...}-{0:0}:
[ 84.911971][ C1] __lock_acquire+0x2c33/0x7c60
[ 84.911989][ C1] lock_acquire+0x197/0x3f0
[ 84.912007][ C1] console_lock_spinning_enable+0x51/0x60
[ 84.912022][ C1] console_unlock+0x9f8/0x1200
[ 84.912040][ C1] vprintk_emit+0xc0/0x150
[ 84.912068][ C1] _printk+0xcc/0x110
[ 84.912085][ C1] report_bug+0x1e5/0x2e0
[ 84.912099][ C1] handle_bug+0x3a/0x70
[ 84.912113][ C1] exc_invalid_op+0x16/0x40
[ 84.912129][ C1] asm_exc_invalid_op+0x16/0x20
[ 84.912146][ C1] copy_from_user_nofault+0x160/0x1c0
[ 84.912167][ C1] bpf_probe_read_user+0x26/0x70
[ 84.912185][ C1] bpf_prog_02073d59a3c0f06f+0x3d/0x9dc
[ 84.912199][ C1] bpf_trace_run2+0x15b/0x2d0
[ 84.912212][ C1] enqueue_hrtimer+0x314/0x370
[ 84.912231][ C1] __hrtimer_run_queues+0x65a/0xc40
[ 84.912248][ C1] hrtimer_interrupt+0x3bb/0x8d0
[ 84.912265][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0
[ 84.912280][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0
[ 84.912298][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 84.912316][ C1] __sanitizer_cov_trace_pc+0x32/0x60
[ 84.912332][ C1] is_bpf_text_address+0x11e/0x270
[ 84.912351][ C1] __kernel_text_address+0x9a/0x100
[ 84.912370][ C1] unwind_get_return_address+0x49/0x80
[ 84.912388][ C1] arch_stack_walk+0xf2/0x140
[ 84.912406][ C1] stack_trace_save+0x98/0xe0
[ 84.912420][ C1] kasan_save_stack+0x35/0x60
[ 84.912438][ C1] kasan_record_aux_stack+0xb8/0x100
[ 84.912454][ C1] task_work_add+0x2f/0x1d0
[ 84.912469][ C1] fput_many+0xde/0x1a0
[ 84.912486][ C1] filp_close+0x10e/0x150
[ 84.912501][ C1] __close_range+0x208/0x4d0
[ 84.912517][ C1] __x64_sys_close_range+0x76/0x80
[ 84.912533][ C1] do_syscall_64+0x4c/0xa0
[ 84.912548][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 84.912566][ C1]
[ 84.912566][ C1] other info that might help us debug this:
[ 84.912566][ C1]
[ 84.912571][ C1] Chain exists of:
[ 84.912571][ C1] console_owner --> &rt_b->rt_runtime_lock --> hrtimer_bases.lock
[ 84.912571][ C1]
[ 84.912599][ C1] Possible unsafe locking scenario:
[ 84.912599][ C1]
[ 84.912603][ C1] CPU0 CPU1
[ 84.912607][ C1] ---- ----
[ 84.912611][ C1] lock(hrtimer_bases.lock);
[ 84.912621][ C1] lock(&rt_b->rt_runtime_lock);
[ 84.912632][ C1] lock(hrtimer_bases.lock);
[ 84.912643][ C1] lock(console_owner);
[ 84.912652][ C1]
[ 84.912652][ C1] *** DEADLOCK ***
[ 84.912652][ C1]
[ 84.912655][ C1] 4 locks held by syz.0.42/4375:
[ 84.912665][ C1] #0: ffffffff8c11c360 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30
[ 84.912705][ C1] #1: ffff8880b912a218 (hrtimer_bases.lock){-.-.}-{2:2}, at: __hrtimer_run_queues+0x5ff/0xc40
[ 84.912749][ C1] #2: ffffffff8c11c360 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30
[ 84.912788][ C1] #3: ffffffff8c110e80 (console_lock){+.+.}-{0:0}, at: vprintk_emit+0xa7/0x150
[ 84.912829][ C1]
[ 84.912829][ C1] stack backtrace:
[ 84.912842][ C1] CPU: 1 PID: 4375 Comm: syz.0.42 Not tainted 5.15.188-syzkaller #0
[ 84.912858][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 84.912876][ C1] Call Trace:
[ 84.912882][ C1]
[ 84.912889][ C1] dump_stack_lvl+0x168/0x230
[ 84.912912][ C1] ? load_image+0x3b0/0x3b0
[ 84.912932][ C1] ? show_regs_print_info+0x20/0x20
[ 84.912957][ C1] ? print_circular_bug+0x12b/0x1a0
[ 84.912976][ C1] check_noncircular+0x274/0x310
[ 84.912994][ C1] ? add_chain_block+0x940/0x940
[ 84.913009][ C1] ? lockdep_lock+0xdc/0x1e0
[ 84.913031][ C1] ? mark_lock+0x94/0x320
[ 84.913051][ C1] __lock_acquire+0x2c33/0x7c60
[ 84.913093][ C1] ? verify_lock_unused+0x140/0x140
[ 84.913121][ C1] ? sprintf+0xd6/0x120
[ 84.913139][ C1] lock_acquire+0x197/0x3f0
[ 84.913157][ C1] ? console_lock_spinning_enable+0x2c/0x60
[ 84.913175][ C1] ? prb_read_valid+0x60/0x60
[ 84.913192][ C1] ? read_lock_is_recursive+0x10/0x10
[ 84.913212][ C1] ? do_raw_spin_lock+0x11d/0x280
[ 84.913231][ C1] ? __rwlock_init+0x140/0x140
[ 84.913249][ C1] ? do_raw_spin_unlock+0x11d/0x230
[ 84.913268][ C1] console_lock_spinning_enable+0x51/0x60
[ 84.913285][ C1] ? console_lock_spinning_enable+0x2c/0x60
[ 84.913301][ C1] console_unlock+0x9f8/0x1200
[ 84.913326][ C1] ? console_trylock_spinning+0x350/0x350
[ 84.913349][ C1] ? __down_trylock_console_sem+0x184/0x1e0
[ 84.913367][ C1] ? vprintk_emit+0xa7/0x150
[ 84.913387][ C1] ? printk_parse_prefix+0x330/0x330
[ 84.913407][ C1] ? vprintk_emit+0xa7/0x150
[ 84.913426][ C1] ? console_trylock+0x70/0x70
[ 84.913441][ C1] ? mark_lock+0x94/0x320
[ 84.913462][ C1] ? mark_lock+0x94/0x320
[ 84.913485][ C1] ? vprintk_emit+0x150/0x150
[ 84.913513][ C1] vprintk_emit+0xc0/0x150
[ 84.913535][ C1] _printk+0xcc/0x110
[ 84.913555][ C1] ? verify_lock_unused+0x140/0x140
[ 84.913578][ C1] ? load_image+0x3b0/0x3b0
[ 84.913599][ C1] ? verify_lock_unused+0x140/0x140
[ 84.913620][ C1] ? find_bug+0xa1/0x350
[ 84.913635][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 84.913656][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 84.913677][ C1] report_bug+0x1e5/0x2e0
[ 84.913695][ C1] handle_bug+0x3a/0x70
[ 84.913712][ C1] exc_invalid_op+0x16/0x40
[ 84.913729][ C1] asm_exc_invalid_op+0x16/0x20
[ 84.913752][ C1] RIP: 0010:copy_from_user_nofault+0x160/0x1c0
[ 84.913776][ C1] Code: 24 45 31 f6 31 ff 89 de e8 2d e2 d7 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 b0 de d7 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe
[ 84.913792][ C1] RSP: 0018:ffffc90000dd0ba0 EFLAGS: 00010006
[ 84.913808][ C1] RAX: ffffffff819ff470 RBX: 0000000000000008 RCX: ffff88807a8b3b80
[ 84.913821][ C1] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000
[ 84.913833][ C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff7619
[ 84.913845][ C1] R10: fffffbfff1ff7619 R11: 1ffffffff1ff7618 R12: ffff88807a8b5308
[ 84.913859][ C1] R13: dffffc0000000000 R14: ffffc90000dd0c08 R15: 0000000000000000
[ 84.913875][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 84.913902][ C1] bpf_probe_read_user+0x26/0x70
[ 84.913924][ C1] bpf_prog_02073d59a3c0f06f+0x3d/0x9dc
[ 84.913940][ C1] bpf_trace_run2+0x15b/0x2d0
[ 84.913956][ C1] ? posix_cpu_timers_work+0x1120/0x1120
[ 84.913978][ C1] ? bpf_trace_run1+0x2d0/0x2d0
[ 84.913996][ C1] ? debug_object_activate+0x2d2/0x480
[ 84.914013][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 84.914034][ C1] enqueue_hrtimer+0x314/0x370
[ 84.914064][ C1] __hrtimer_run_queues+0x65a/0xc40
[ 84.914089][ C1] ? tick_setup_sched_timer+0x2c0/0x2c0
[ 84.914114][ C1] ? hrtimer_interrupt+0x8d0/0x8d0
[ 84.914134][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0
[ 84.914155][ C1] hrtimer_interrupt+0x3bb/0x8d0
[ 84.914186][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0
[ 84.914204][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0
[ 84.914224][ C1]
[ 84.914229][ C1]
[ 84.914234][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 84.914253][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x32/0x60
[ 84.914272][ C1] Code: 94 9c 8a 7e 65 8b 15 95 9c 8a 7e 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 34 16 00 00 00 74 2c 8b 91 10 16 00 00 <83> fa 02 75 21 48 8b 91 18 16 00 00 48 8b 32 48 8d 7e 01 8b 89 14
[ 84.914286][ C1] RSP: 0018:ffffc9000111f958 EFLAGS: 00000246
[ 84.914299][ C1] RAX: ffffffff8183ddde RBX: 00007ff1f1d52929 RCX: ffff88807a8b3b80
[ 84.914312][ C1] RDX: 0000000000000000 RSI: 00007ff1f1d52929 RDI: ffffffffa001a624
[ 84.914324][ C1] RBP: 0000000000000001 R08: dffffc0000000000 R09: fffffbfff1ff7619
[ 84.914336][ C1] R10: fffffbfff1ff7619 R11: 1ffffffff1ff7618 R12: dffffc0000000000
[ 84.914349][ C1] R13: 0000000000000000 R14: ffff888078e009e8 R15: ffffffffa001a624
[ 84.914363][ C1] ? 0xffffffffa001a624
[ 84.914377][ C1] ? is_bpf_text_address+0x11e/0x270
[ 84.914400][ C1] ? 0xffffffffa001a624
[ 84.914415][ C1] is_bpf_text_address+0x11e/0x270
[ 84.914438][ C1] __kernel_text_address+0x9a/0x100
[ 84.914459][ C1] unwind_get_return_address+0x49/0x80
[ 84.914479][ C1] ? stack_trace_save+0xe0/0xe0
[ 84.914495][ C1] arch_stack_walk+0xf2/0x140
[ 84.914520][ C1] stack_trace_save+0x98/0xe0
[ 84.914537][ C1] ? stack_trace_snprint+0xf0/0xf0
[ 84.914556][ C1] ? __lock_acquire+0x13ad/0x7c60
[ 84.914578][ C1] ? memset+0x1e/0x40
[ 84.914593][ C1] kasan_save_stack+0x35/0x60
[ 84.914611][ C1] ? kasan_save_stack+0x35/0x60
[ 84.914630][ C1] ? kasan_record_aux_stack+0xb8/0x100
[ 84.914646][ C1] ? task_work_add+0x2f/0x1d0
[ 84.914664][ C1] ? fput_many+0xde/0x1a0
[ 84.914681][ C1] ? filp_close+0x10e/0x150
[ 84.914697][ C1] ? __close_range+0x208/0x4d0
[ 84.914714][ C1] ? __x64_sys_close_range+0x76/0x80
[ 84.914731][ C1] ? do_syscall_64+0x4c/0xa0
[ 84.914747][ C1] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 84.914786][ C1] kasan_record_aux_stack+0xb8/0x100
[ 84.914804][ C1] task_work_add+0x2f/0x1d0
[ 84.914824][ C1] fput_many+0xde/0x1a0
[ 84.914841][ C1] filp_close+0x10e/0x150
[ 84.914859][ C1] __close_range+0x208/0x4d0
[ 84.914875][ C1] ? pick_file+0x220/0x220
[ 84.914886][ C1] ? vtime_user_exit+0x2dc/0x400
[ 84.914903][ C1] __x64_sys_close_range+0x76/0x80
[ 84.914916][ C1] do_syscall_64+0x4c/0xa0
[ 84.914928][ C1] ? clear_bhb_loop+0x30/0x80
[ 84.914940][ C1] ? clear_bhb_loop+0x30/0x80
[ 84.914953][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 84.914967][ C1] RIP: 0033:0x7ff1f1d52929
[ 84.914978][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 84.914988][ C1] RSP: 002b:00007fffb099b198 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 84.915000][ C1] RAX: ffffffffffffffda RBX: 0000000000014b70 RCX: 00007ff1f1d52929
[ 84.915010][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 84.915017][ C1] RBP: 0000000000000000 R08: 0000000000000001 R09: 00000004b099b48f
[ 84.915025][ C1] R10: 00007ff1f1bc4000 R11: 0000000000000246 R12: 00007ff1f1f79fac
[ 84.915034][ C1] R13: 00007ff1f1f79fa0 R14: ffffffffffffffff R15: 0000000000000003
[ 84.915048][ C1]
[ 86.531711][ C1] WARNING: CPU: 1 PID: 4375 at mm/maccess.c:226 copy_from_user_nofault+0x160/0x1c0
[ 86.541192][ C1] Modules linked in:
[ 86.545549][ C1] CPU: 1 PID: 4375 Comm: syz.0.42 Not tainted 5.15.188-syzkaller #0
[ 86.553662][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 86.563722][ C1] RIP: 0010:copy_from_user_nofault+0x160/0x1c0
[ 86.569905][ C1] Code: 24 45 31 f6 31 ff 89 de e8 2d e2 d7 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 b0 de d7 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe
[ 86.589634][ C1] RSP: 0018:ffffc90000dd0ba0 EFLAGS: 00010006
[ 86.595712][ C1] RAX: ffffffff819ff470 RBX: 0000000000000008 RCX: ffff88807a8b3b80
[ 86.603766][ C1] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000
[ 86.611746][ C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff7619
[ 86.619710][ C1] R10: fffffbfff1ff7619 R11: 1ffffffff1ff7618 R12: ffff88807a8b5308
[ 86.627681][ C1] R13: dffffc0000000000 R14: ffffc90000dd0c08 R15: 0000000000000000
[ 86.635645][ C1] FS: 0000555555a4b500(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[ 86.644719][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 86.651327][ C1] CR2: 0000001b2fa5ffff CR3: 0000000029d95000 CR4: 00000000003506e0
[ 86.659301][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 86.667267][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 86.675285][ C1] Call Trace:
[ 86.678567][ C1]
[ 86.681407][ C1] bpf_probe_read_user+0x26/0x70
[ 86.686441][ C1] bpf_prog_02073d59a3c0f06f+0x3d/0x9dc
[ 86.691979][ C1] bpf_trace_run2+0x15b/0x2d0
[ 86.696647][ C1] ? posix_cpu_timers_work+0x1120/0x1120
[ 86.702272][ C1] ? bpf_trace_run1+0x2d0/0x2d0
[ 86.707126][ C1] ? debug_object_activate+0x2d2/0x480
[ 86.712585][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 86.718038][ C1] enqueue_hrtimer+0x314/0x370
[ 86.722794][ C1] __hrtimer_run_queues+0x65a/0xc40
[ 86.728001][ C1] ? tick_setup_sched_timer+0x2c0/0x2c0
[ 86.733544][ C1] ? hrtimer_interrupt+0x8d0/0x8d0
[ 86.738648][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0
[ 86.744722][ C1] hrtimer_interrupt+0x3bb/0x8d0
[ 86.749659][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0
[ 86.755633][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0
[ 86.761264][ C1]
[ 86.764186][ C1]
[ 86.767109][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 86.773097][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x32/0x60
[ 86.779331][ C1] Code: 94 9c 8a 7e 65 8b 15 95 9c 8a 7e 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 34 16 00 00 00 74 2c 8b 91 10 16 00 00 <83> fa 02 75 21 48 8b 91 18 16 00 00 48 8b 32 48 8d 7e 01 8b 89 14
[ 86.799017][ C1] RSP: 0018:ffffc9000111f958 EFLAGS: 00000246
[ 86.805264][ C1] RAX: ffffffff8183ddde RBX: 00007ff1f1d52929 RCX: ffff88807a8b3b80
[ 86.813354][ C1] RDX: 0000000000000000 RSI: 00007ff1f1d52929 RDI: ffffffffa001a624
[ 86.821338][ C1] RBP: 0000000000000001 R08: dffffc0000000000 R09: fffffbfff1ff7619
[ 86.829313][ C1] R10: fffffbfff1ff7619 R11: 1ffffffff1ff7618 R12: dffffc0000000000
[ 86.837547][ C1] R13: 0000000000000000 R14: ffff888078e009e8 R15: ffffffffa001a624
[ 86.845712][ C1] ? 0xffffffffa001a624
[ 86.850298][ C1] ? is_bpf_text_address+0x11e/0x270
[ 86.855690][ C1] ? 0xffffffffa001a624
[ 86.859850][ C1] is_bpf_text_address+0x11e/0x270
[ 86.865205][ C1] __kernel_text_address+0x9a/0x100
[ 86.870566][ C1] unwind_get_return_address+0x49/0x80
[ 86.876194][ C1] ? stack_trace_save+0xe0/0xe0
[ 86.881219][ C1] arch_stack_walk+0xf2/0x140
[ 86.886106][ C1] stack_trace_save+0x98/0xe0
[ 86.890787][ C1] ? stack_trace_snprint+0xf0/0xf0
[ 86.895918][ C1] ? __lock_acquire+0x13ad/0x7c60
[ 86.900963][ C1] ? memset+0x1e/0x40
[ 86.905044][ C1] kasan_save_stack+0x35/0x60
[ 86.909739][ C1] ? kasan_save_stack+0x35/0x60
[ 86.914595][ C1] ? kasan_record_aux_stack+0xb8/0x100
[ 86.920139][ C1] ? task_work_add+0x2f/0x1d0
[ 86.924815][ C1] ? fput_many+0xde/0x1a0
[ 86.929448][ C1] ? filp_close+0x10e/0x150
[ 86.933984][ C1] ? __close_range+0x208/0x4d0
[ 86.938984][ C1] ? __x64_sys_close_range+0x76/0x80
[ 86.944361][ C1] ? do_syscall_64+0x4c/0xa0
[ 86.949347][ C1] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 86.955989][ C1] kasan_record_aux_stack+0xb8/0x100
[ 86.961554][ C1] task_work_add+0x2f/0x1d0
[ 86.966099][ C1] fput_many+0xde/0x1a0
[ 86.970270][ C1] filp_close+0x10e/0x150
[ 86.974610][ C1] __close_range+0x208/0x4d0
[ 86.979233][ C1] ? pick_file+0x220/0x220
[ 86.983654][ C1] ? vtime_user_exit+0x2dc/0x400
[ 86.988588][ C1] __x64_sys_close_range+0x76/0x80
[ 86.993697][ C1] do_syscall_64+0x4c/0xa0
[ 86.998112][ C1] ? clear_bhb_loop+0x30/0x80
[ 87.002781][ C1] ? clear_bhb_loop+0x30/0x80
[ 87.007449][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 87.013337][ C1] RIP: 0033:0x7ff1f1d52929
[ 87.017747][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 87.037756][ C1] RSP: 002b:00007fffb099b198 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 87.046355][ C1] RAX: ffffffffffffffda RBX: 0000000000014b70 RCX: 00007ff1f1d52929
[ 87.054414][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 87.062607][ C1] RBP: 0000000000000000 R08: 0000000000000001 R09: 00000004b099b48f
[ 87.071224][ C1] R10: 00007ff1f1bc4000 R11: 0000000000000246 R12: 00007ff1f1f79fac
[ 87.079202][ C1] R13: 00007ff1f1f79fa0 R14: ffffffffffffffff R15: 0000000000000003
[ 87.087362][ C1]
[ 87.090532][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 87.098406][ C1] CPU: 1 PID: 4375 Comm: syz.0.42 Not tainted 5.15.188-syzkaller #0
[ 87.108071][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 87.119617][ C1] Call Trace:
[ 87.123986][ C1]
[ 87.127125][ C1] dump_stack_lvl+0x168/0x230
[ 87.132438][ C1] ? show_regs_print_info+0x20/0x20
[ 87.137755][ C1] ? load_image+0x3b0/0x3b0
[ 87.142539][ C1] panic+0x2c9/0x7f0
[ 87.147013][ C1] ? bpf_jit_dump+0xd0/0xd0
[ 87.152087][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 87.158350][ C1] __warn+0x248/0x2b0
[ 87.162782][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 87.168509][ C1] report_bug+0x1b7/0x2e0
[ 87.173312][ C1] handle_bug+0x3a/0x70
[ 87.177894][ C1] exc_invalid_op+0x16/0x40
[ 87.183529][ C1] asm_exc_invalid_op+0x16/0x20
[ 87.188808][ C1] RIP: 0010:copy_from_user_nofault+0x160/0x1c0
[ 87.196237][ C1] Code: 24 45 31 f6 31 ff 89 de e8 2d e2 d7 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 b0 de d7 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe
[ 87.215950][ C1] RSP: 0018:ffffc90000dd0ba0 EFLAGS: 00010006
[ 87.222055][ C1] RAX: ffffffff819ff470 RBX: 0000000000000008 RCX: ffff88807a8b3b80
[ 87.230220][ C1] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000
[ 87.238301][ C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1ff7619
[ 87.246422][ C1] R10: fffffbfff1ff7619 R11: 1ffffffff1ff7618 R12: ffff88807a8b5308
[ 87.254409][ C1] R13: dffffc0000000000 R14: ffffc90000dd0c08 R15: 0000000000000000
[ 87.262957][ C1] ? copy_from_user_nofault+0x160/0x1c0
[ 87.268544][ C1] bpf_probe_read_user+0x26/0x70
[ 87.273806][ C1] bpf_prog_02073d59a3c0f06f+0x3d/0x9dc
[ 87.280498][ C1] bpf_trace_run2+0x15b/0x2d0
[ 87.285555][ C1] ? posix_cpu_timers_work+0x1120/0x1120
[ 87.291702][ C1] ? bpf_trace_run1+0x2d0/0x2d0
[ 87.296750][ C1] ? debug_object_activate+0x2d2/0x480
[ 87.302975][ C1] ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 87.308786][ C1] enqueue_hrtimer+0x314/0x370
[ 87.313673][ C1] __hrtimer_run_queues+0x65a/0xc40
[ 87.318999][ C1] ? tick_setup_sched_timer+0x2c0/0x2c0
[ 87.324837][ C1] ? hrtimer_interrupt+0x8d0/0x8d0
[ 87.330253][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0
[ 87.336337][ C1] hrtimer_interrupt+0x3bb/0x8d0
[ 87.342147][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0
[ 87.348481][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0
[ 87.354437][ C1]
[ 87.357464][ C1]
[ 87.360673][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 87.367090][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x32/0x60
[ 87.374067][ C1] Code: 94 9c 8a 7e 65 8b 15 95 9c 8a 7e 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 35 83 b9 34 16 00 00 00 74 2c 8b 91 10 16 00 00 <83> fa 02 75 21 48 8b 91 18 16 00 00 48 8b 32 48 8d 7e 01 8b 89 14
[ 87.394055][ C1] RSP: 0018:ffffc9000111f958 EFLAGS: 00000246
[ 87.400469][ C1] RAX: ffffffff8183ddde RBX: 00007ff1f1d52929 RCX: ffff88807a8b3b80
[ 87.408454][ C1] RDX: 0000000000000000 RSI: 00007ff1f1d52929 RDI: ffffffffa001a624
[ 87.416508][ C1] RBP: 0000000000000001 R08: dffffc0000000000 R09: fffffbfff1ff7619
[ 87.425505][ C1] R10: fffffbfff1ff7619 R11: 1ffffffff1ff7618 R12: dffffc0000000000
[ 87.434775][ C1] R13: 0000000000000000 R14: ffff888078e009e8 R15: ffffffffa001a624
[ 87.443202][ C1] ? 0xffffffffa001a624
[ 87.447367][ C1] ? is_bpf_text_address+0x11e/0x270
[ 87.452828][ C1] ? 0xffffffffa001a624
[ 87.456981][ C1] is_bpf_text_address+0x11e/0x270
[ 87.462409][ C1] __kernel_text_address+0x9a/0x100
[ 87.467782][ C1] unwind_get_return_address+0x49/0x80
[ 87.473337][ C1] ? stack_trace_save+0xe0/0xe0
[ 87.478299][ C1] arch_stack_walk+0xf2/0x140
[ 87.483011][ C1] stack_trace_save+0x98/0xe0
[ 87.487798][ C1] ? stack_trace_snprint+0xf0/0xf0
[ 87.492924][ C1] ? __lock_acquire+0x13ad/0x7c60
[ 87.497975][ C1] ? memset+0x1e/0x40
[ 87.502180][ C1] kasan_save_stack+0x35/0x60
[ 87.507324][ C1] ? kasan_save_stack+0x35/0x60
[ 87.512188][ C1] ? kasan_record_aux_stack+0xb8/0x100
[ 87.517651][ C1] ? task_work_add+0x2f/0x1d0
[ 87.522443][ C1] ? fput_many+0xde/0x1a0
[ 87.526785][ C1] ? filp_close+0x10e/0x150
[ 87.531288][ C1] ? __close_range+0x208/0x4d0
[ 87.536046][ C1] ? __x64_sys_close_range+0x76/0x80
[ 87.541324][ C1] ? do_syscall_64+0x4c/0xa0
[ 87.545909][ C1] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 87.551989][ C1] kasan_record_aux_stack+0xb8/0x100
[ 87.557533][ C1] task_work_add+0x2f/0x1d0
[ 87.562037][ C1] fput_many+0xde/0x1a0
[ 87.566190][ C1] filp_close+0x10e/0x150
[ 87.570522][ C1] __close_range+0x208/0x4d0
[ 87.575108][ C1] ? pick_file+0x220/0x220
[ 87.579648][ C1] ? vtime_user_exit+0x2dc/0x400
[ 87.584688][ C1] __x64_sys_close_range+0x76/0x80
[ 87.590022][ C1] do_syscall_64+0x4c/0xa0
[ 87.594574][ C1] ? clear_bhb_loop+0x30/0x80
[ 87.599617][ C1] ? clear_bhb_loop+0x30/0x80
[ 87.604545][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 87.610553][ C1] RIP: 0033:0x7ff1f1d52929
[ 87.615239][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 87.635228][ C1] RSP: 002b:00007fffb099b198 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 87.643817][ C1] RAX: ffffffffffffffda RBX: 0000000000014b70 RCX: 00007ff1f1d52929
[ 87.651799][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 87.659780][ C1] RBP: 0000000000000000 R08: 0000000000000001 R09: 00000004b099b48f
[ 87.667936][ C1] R10: 00007ff1f1bc4000 R11: 0000000000000246 R12: 00007ff1f1f79fac
[ 87.675918][ C1] R13: 00007ff1f1f79fa0 R14: ffffffffffffffff R15: 0000000000000003
[ 87.683903][ C1]
[ 88.791162][ C1] Shutting down cpus with NMI
[ 88.796118][ C1] Kernel Offset: disabled
[ 88.800459][ C1] Rebooting in 86400 seconds..