------------[ cut here ]------------
WARNING: CPU: 1 PID: 16103 at mm/maccess.c:226 copy_from_user_nofault+0x160/0x1c0 mm/maccess.c:226
Modules linked in:
CPU: 1 PID: 16103 Comm: syz.7.2627 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
RIP: 0010:copy_from_user_nofault+0x160/0x1c0 mm/maccess.c:226
Code: 24 45 31 f6 31 ff 89 de e8 5d 95 d8 ff 85 db 48 c7 c0 f2 ff ff ff 49 0f 44 c6 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 e0 91 d8 ff <0f> 0b e9 1c ff ff ff 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ea fe
RSP: 0000:ffffc900030af938 EFLAGS: 00010006
RAX: ffffffff81a0b710 RBX: 0000000000000008 RCX: ffff888021809dc0
RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: ffff888021809dc7 R09: 1ffff110043013b8
R10: dffffc0000000000 R11: ffffed10043013b9 R12: ffff88802180b548
R13: 00007ffffffff000 R14: ffffc900030af9a8 R15: 0000000000000005
FS:  000055556c0da500(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000005 CR3: 00000000782b1000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000200000000300
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
 <TASK>
 bpf_probe_read_user_common kernel/trace/bpf_trace.c:157 [inline]
 ____bpf_probe_read_compat kernel/trace/bpf_trace.c:281 [inline]
 bpf_probe_read_compat+0xdd/0x170 kernel/trace/bpf_trace.c:277
 bpf_prog_35c2aeabad5a7bfe+0x45/0xda0
 bpf_dispatcher_nop_func include/linux/bpf.h:888 [inline]
 __bpf_prog_run include/linux/filter.h:628 [inline]
 bpf_prog_run include/linux/filter.h:635 [inline]
 BPF_PROG_RUN_ARRAY include/linux/bpf.h:1439 [inline]
 trace_call_bpf+0x2b1/0x5b0 kernel/trace/bpf_trace.c:127
 perf_trace_run_bpf_submit+0x79/0x1c0 kernel/events/core.c:10016
 perf_trace_lock_acquire+0x340/0x3e0 include/trace/events/lock.h:13
 trace_lock_acquire include/trace/events/lock.h:13 [inline]
 lock_acquire+0x3d7/0x400 kernel/locking/lockdep.c:5594
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0xb0/0x100 kernel/locking/spinlock.c:162
 hrtimer_interrupt+0xf8/0x8d0 kernel/time/hrtimer.c:1792
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1097 [inline]
 __sysvec_apic_timer_interrupt+0x137/0x4a0 arch/x86/kernel/apic/apic.c:1114
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1108 [inline]
 sysvec_apic_timer_interrupt+0x4d/0xc0 arch/x86/kernel/apic/apic.c:1108
 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:676
RIP: 0033:0x7f755b4bc4de
Code: 83 f0 3d 8d 04 c0 89 c3 c1 eb 04 31 c3 69 db 2d eb d4 27 89 d8 c1 e8 0f 31 c3 81 e3 ff 0f 00 00 48 31 d3 80 3d 6a 0b 3a 00 00 <0f> 84 1c 01 00 00 4c 89 f6 48 8b 0d 4a 0b 3a 00 31 c0 48 81 ce ff
RSP: 002b:00007ffe86ac8620 EFLAGS: 00000246
RAX: 000000000001f14c RBX: ffffffff817f737c RCX: ffffffff817f7a70
RDX: ffffffff817f75ea RSI: ffffffff817f7a70 RDI: 00007f755b04a008
RBP: 0000000000000000 R08: 00007f755b84b000 R09: 00007f755b84d000
R10: 00000000817f7a74 R11: 0000000000000003 R12: 00007f755b861038
R13: 0000000000008b3e R14: ffffffff817f75ea R15: 00007f755c390720
 </TASK>