program:
clock_nanosleep(0x2, 0xfffffdfc, &(0x7f0000000080)={0x0, 0x989680}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1d, 0x0, 0x0)
syz_clone(0x40200080, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f00000000c0)={0x18, 0x0, {0x1, @broadcast, 'geneve1\x00'}}, 0x1e)
ioctl$PPPIOCSMRU(r0, 0x40047452, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
[ 58.545436][ C0]
[ 58.547223][ C0] =============================
[ 58.550683][ C0] [ BUG: Invalid wait context ]
[ 58.554764][ C0] 6.13.0-syzkaller-07644-gc2da8b3f914f #0 Not tainted
[ 58.558725][ C0] -----------------------------
[ 58.561133][ C0] syz.0.0/5315 is trying to lock:
[ 58.563874][ C0] ffffffff8ea70198 (stack_list_lock){-.-.}-{3:3}, at: __set_page_owner+0x5cb/0x800
[ 58.568000][ C0] other info that might help us debug this:
[ 58.570518][ C0] context-{2:2}
[ 58.571927][ C0] 8 locks held by syz.0.0/5315:
[ 58.573928][ C0] #0: ffffffff8e9ef2d0 (dup_mmap_sem){.+.+}-{0:0}, at: copy_mm+0x1db/0x2110
[ 58.577445][ C0] #1: ffff8880122f6fe0 (&mm->mmap_lock){++++}-{4:4}, at: copy_mm+0x2b4/0x2110
[ 58.580892][ C0] #2: ffff8880122f3de0 (&mm->mmap_lock/1){+.+.}-{4:4}, at: copy_mm+0x455/0x2110
[ 58.584665][ C0] #3: ffffffff8e93a020 (rcu_read_lock){....}-{1:3}, at: ___pte_offset_map+0x82/0x380
[ 58.588213][ C0] #4: ffff8880427a0498 (ptlock_ptr(ptdesc)#2){+.+.}-{3:3}, at: __pte_offset_map_lock+0x1ba/0x300
[ 58.592229][ C0] #5: ffffffff8e93a020 (rcu_read_lock){....}-{1:3}, at: ___pte_offset_map+0x82/0x380
[ 58.596173][ C0] #6: ffff88804008a498 (ptlock_ptr(ptdesc)#2/1){+.+.}-{3:3}, at: copy_pmd_range+0x75e/0x77a0
[ 58.600023][ C0] #7: ffffffff8e93a020 (rcu_read_lock){....}-{1:3}, at: page_ext_get+0x20/0x2a0
[ 58.604749][ C0] stack backtrace:
[ 58.610098][ C0] CPU: 0 UID: 0 PID: 5315 Comm: syz.0.0 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0
[ 58.610113][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 58.610119][ C0] Call Trace:
[ 58.610125][ C0]
[ 58.610130][ C0] dump_stack_lvl+0x241/0x360
[ 58.610146][ C0] ? __pfx_dump_stack_lvl+0x10/0x10
[ 58.610156][ C0] ? __pfx__printk+0x10/0x10
[ 58.610169][ C0] ? stack_trace_save+0x118/0x1d0
[ 58.610183][ C0] __lock_acquire+0x15a8/0x2100
[ 58.610200][ C0] ? __alloc_pages_noprof+0x292/0x710
[ 58.610215][ C0] lock_acquire+0x1ed/0x550
[ 58.610227][ C0] ? __set_page_owner+0x5cb/0x800
[ 58.610240][ C0] ? __page_table_check_ptes_set+0x30f/0x410
[ 58.610253][ C0] ? copy_pmd_range+0x450f/0x77a0
[ 58.610265][ C0] ? copy_page_range+0x99f/0xe90
[ 58.610280][ C0] ? __pfx_lock_acquire+0x10/0x10
[ 58.610297][ C0] _raw_spin_lock_irqsave+0xd5/0x120
[ 58.610344][ C0] ? __set_page_owner+0x5cb/0x800
[ 58.610356][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[ 58.610366][ C0] ? __kmalloc_cache_noprof+0x243/0x390
[ 58.610375][ C0] ? __set_page_owner+0x55f/0x800
[ 58.610388][ C0] __set_page_owner+0x5cb/0x800
[ 58.610402][ C0] ? __pfx___set_page_owner+0x10/0x10
[ 58.610415][ C0] post_alloc_hook+0x1f3/0x230
[ 58.610427][ C0] get_page_from_freelist+0x365c/0x37a0
[ 58.610451][ C0] __alloc_pages_noprof+0x292/0x710
[ 58.610464][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10
[ 58.610500][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 58.610512][ C0] ? __kernel_text_address+0xd/0x40
[ 58.610522][ C0] ? unwind_get_return_address+0x4d/0x90
[ 58.610537][ C0] alloc_pages_mpol_noprof+0x3e1/0x780
[ 58.610554][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 58.610568][ C0] ? stack_trace_save+0x118/0x1d0
[ 58.610582][ C0] ? alloc_pages_noprof+0x43/0x170
[ 58.610591][ C0] stack_depot_save_flags+0x72d/0x940
[ 58.610631][ C0] kasan_save_stack+0x4f/0x60
[ 58.610643][ C0] ? kasan_save_stack+0x3f/0x60
[ 58.610654][ C0] ? __kasan_record_aux_stack+0xac/0xc0
[ 58.610664][ C0] ? task_work_add+0xd9/0x490
[ 58.610678][ C0] ? run_posix_cpu_timers+0x6ac/0x810
[ 58.610687][ C0] ? tick_nohz_handler+0x37c/0x500
[ 58.610697][ C0] ? __hrtimer_run_queues+0x551/0xd30
[ 58.610711][ C0] ? hrtimer_interrupt+0x403/0xa40
[ 58.610724][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x420
[ 58.610739][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0
[ 58.610749][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 58.610763][ C0] ? lock_acquire+0x264/0x550
[ 58.610773][ C0] ? page_ext_get+0x3d/0x2a0
[ 58.610785][ C0] ? page_table_check_set+0x4f/0x540
[ 58.610798][ C0] ? __page_table_check_ptes_set+0x30f/0x410
[ 58.610811][ C0] ? copy_pmd_range+0x450f/0x77a0
[ 58.610822][ C0] ? copy_page_range+0x99f/0xe90
[ 58.610835][ C0] ? copy_mm+0x1279/0x2110
[ 58.610845][ C0] ? copy_process+0x1845/0x3d50
[ 58.610855][ C0] ? kernel_clone+0x226/0x8e0
[ 58.610868][ C0] ? __x64_sys_clone+0x258/0x2a0
[ 58.610879][ C0] ? do_syscall_64+0xf3/0x230
[ 58.610894][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 58.610913][ C0] ? __phys_addr+0xba/0x170
[ 58.610926][ C0] __kasan_record_aux_stack+0xac/0xc0
[ 58.610941][ C0] task_work_add+0xd9/0x490
[ 58.610955][ C0] ? __pfx_lock_acquire+0x10/0x10
[ 58.610967][ C0] ? __pfx_task_work_add+0x10/0x10
[ 58.610982][ C0] run_posix_cpu_timers+0x6ac/0x810
[ 58.610994][ C0] ? __pfx_run_posix_cpu_timers+0x10/0x10
[ 58.611003][ C0] ? sched_balance_trigger+0x51/0x890
[ 58.611018][ C0] tick_nohz_handler+0x37c/0x500
[ 58.611035][ C0] ? __pfx_tick_nohz_handler+0x10/0x10
[ 58.611045][ C0] __hrtimer_run_queues+0x551/0xd30
[ 58.611063][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10
[ 58.611077][ C0] ? kvm_clock_get_cycles+0x52/0x70
[ 58.611087][ C0] ? ktime_get_update_offsets_now+0x38e/0x3b0
[ 58.611105][ C0] hrtimer_interrupt+0x403/0xa40
[ 58.611124][ C0] __sysvec_apic_timer_interrupt+0x110/0x420
[ 58.611138][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0
[ 58.611150][ C0]
[ 58.611153][ C0]
[ 58.611156][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 58.611170][ C0] RIP: 0010:lock_acquire+0x264/0x550
[ 58.611183][ C0] Code: 2b 00 74 08 4c 89 f7 e8 ca 40 8b 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[ 58.611195][ C0] RSP: 0018:ffffc9000d4bf020 EFLAGS: 00000206
[ 58.611205][ C0] RAX: 0000000000000001 RBX: 1ffff92001a97e10 RCX: ffff888000b58ad8
[ 58.611216][ C0] RDX: dffffc0000000000 RSI: ffffffff8c0aa400 RDI: ffffffff8c602960
[ 58.611223][ C0] RBP: ffffc9000d4bf178 R08: ffffffff942f9847 R09: 1ffffffff285f308
[ 58.611229][ C0] R10: dffffc0000000000 R11: fffffbfff285f309 R12: 1ffff92001a97e0c
[ 58.611240][ C0] R13: dffffc0000000000 R14: ffffc9000d4bf080 R15: 0000000000000246
[ 58.611252][ C0] ? __pfx_lock_acquire+0x10/0x10
[ 58.611265][ C0] ? pfn_valid+0xf6/0x450
[ 58.611277][ C0] ? __pfx_lock_release+0x10/0x10
[ 58.611294][ C0] ? __pfx_lock_release+0x10/0x10
[ 58.611307][ C0] ? page_ext_get+0x20/0x2a0
[ 58.611320][ C0] page_ext_get+0x3d/0x2a0
[ 58.611332][ C0] ? page_ext_get+0x20/0x2a0
[ 58.611345][ C0] page_table_check_set+0x4f/0x540
[ 58.611359][ C0] __page_table_check_ptes_set+0x30f/0x410
[ 58.611378][ C0] ? __pfx___page_table_check_ptes_set+0x10/0x10
[ 58.611391][ C0] ? do_raw_spin_unlock+0x58/0x8b0
[ 58.611403][ C0] ? __folio_rmap_sanity_checks+0x15d/0x3a0
[ 58.611415][ C0] copy_pmd_range+0x450f/0x77a0
[ 58.611430][ C0] ? is_bpf_text_address+0x26/0x2a0
[ 58.611446][ C0] ? __pfx_copy_pmd_range+0x10/0x10
[ 58.611459][ C0] ? look_up_lock_class+0x77/0x170
[ 58.611470][ C0] ? register_lock_class+0x102/0x980
[ 58.611483][ C0] ? __pfx_mas_destroy+0x10/0x10
[ 58.611493][ C0] ? mark_lock+0x9a/0x360
[ 58.611507][ C0] ? __lock_acquire+0x1397/0x2100
[ 58.611525][ C0] copy_page_range+0x99f/0xe90
[ 58.611546][ C0] ? __pfx_copy_page_range+0x10/0x10
[ 58.611561][ C0] ? __pfx_up_write+0x10/0x10
[ 58.611570][ C0] ? __asan_memset+0x23/0x50
[ 58.611581][ C0] ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10
[ 58.611591][ C0] ? vma_interval_tree_augment_rotate+0x1b4/0x1c0
[ 58.611605][ C0] copy_mm+0x1279/0x2110
[ 58.611620][ C0] ? __pfx_copy_mm+0x10/0x10
[ 58.611636][ C0] ? __init_rwsem+0x122/0x160
[ 58.611650][ C0] ? copy_signal+0x51c/0x640
[ 58.611660][ C0] copy_process+0x1845/0x3d50
[ 58.611674][ C0] ? copy_process+0x9fa/0x3d50
[ 58.611685][ C0] ? __pfx_copy_process+0x10/0x10
[ 58.611699][ C0] kernel_clone+0x226/0x8e0
[ 58.611710][ C0] ? __might_fault+0xaa/0x120
[ 58.611721][ C0] ? __pfx_kernel_clone+0x10/0x10
[ 58.611737][ C0] ? __might_fault+0xaa/0x120
[ 58.611749][ C0] __x64_sys_clone+0x258/0x2a0
[ 58.611761][ C0] ? __pfx___x64_sys_clone+0x10/0x10
[ 58.611775][ C0] ? do_syscall_64+0x100/0x230
[ 58.611786][ C0] ? do_syscall_64+0xb6/0x230
[ 58.611798][ C0] do_syscall_64+0xf3/0x230
[ 58.611809][ C0] ? clear_bhb_loop+0x35/0x90
[ 58.611822][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 58.611834][ C0] RIP: 0033:0x7f66dc18cd29
[ 58.611843][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 58.611850][ C0] RSP: 002b:00007f66dd034fe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 58.611860][ C0] RAX: ffffffffffffffda RBX: 00007f66dc3a6080 RCX: 00007f66dc18cd29
[ 58.611867][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040200080
[ 58.611873][ C0] RBP: 00007f66dc20e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 58.611879][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 58.611884][ C0] R13: 0000000000000000 R14: 00007f66dc3a6080 R15: 00007ffcf70b5398
[ 58.611894][ C0]
[ 58.947616][ T5300] Bluetooth: hci0: command tx timeout