=============================
[ BUG: Invalid wait context ]
6.13.0-rc7-syzkaller-g1950a0af2d55 #0 Not tainted
-----------------------------
syz.0.2089/13439 is trying to lock:
ffff0001fea8ef58 (&zone->lock){-.-.}-{3:3}, at: rmqueue_bulk mm/page_alloc.c:2309 [inline]
ffff0001fea8ef58 (&zone->lock){-.-.}-{3:3}, at: __rmqueue_pcplist+0x39c/0x30ec mm/page_alloc.c:3003
other info that might help us debug this:
context-{2:2}
3 locks held by syz.0.2089/13439:
 #0: ffff8000913e6008 (tty_mutex){+.+.}-{4:4}, at: ptmx_open+0xec/0x2d0 drivers/tty/pty.c:823
 #1: ffff0000ef82b1c0 (&tty->legacy_mutex){+.+.}-{4:4}, at: tty_lock+0x78/0xc8 drivers/tty/tty_mutex.c:18
 #2: ffff0001b380c618 (&pcp->lock){+.+.}-{3:3}, at: spin_trylock include/linux/spinlock.h:361 [inline]
 #2: ffff0001b380c618 (&pcp->lock){+.+.}-{3:3}, at: rmqueue_pcplist mm/page_alloc.c:3032 [inline]
 #2: ffff0001b380c618 (&pcp->lock){+.+.}-{3:3}, at: rmqueue mm/page_alloc.c:3076 [inline]
 #2: ffff0001b380c618 (&pcp->lock){+.+.}-{3:3}, at: get_page_from_freelist+0x6a0/0x42b8 mm/page_alloc.c:3473
stack backtrace:
CPU: 1 UID: 0 PID: 13439 Comm: syz.0.2089 Not tainted 6.13.0-rc7-syzkaller-g1950a0af2d55 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Call trace:
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120
 dump_stack+0x1c/0x28 lib/dump_stack.c:129
 print_lock_invalid_wait_context kernel/locking/lockdep.c:4826 [inline]
 check_wait_context kernel/locking/lockdep.c:4898 [inline]
 __lock_acquire+0x2034/0x7904 kernel/locking/lockdep.c:5176
 lock_acquire+0x23c/0x724 kernel/locking/lockdep.c:5849
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0x5c/0x7c kernel/locking/spinlock.c:162
 rmqueue_bulk mm/page_alloc.c:2309 [inline]
 __rmqueue_pcplist+0x39c/0x30ec mm/page_alloc.c:3003
 rmqueue_pcplist mm/page_alloc.c:3045 [inline]
 rmqueue mm/page_alloc.c:3076 [inline]
 get_page_from_freelist+0x778/0x42b8 mm/page_alloc.c:3473
 __alloc_pages_noprof+0x220/0x6a8 mm/page_alloc.c:4753
 alloc_pages_mpol_noprof+0x33c/0x5f0 mm/mempolicy.c:2269
 alloc_pages_noprof+0x168/0x200 mm/mempolicy.c:2348
 stack_depot_save_flags+0x5b4/0x8b4 lib/stackdepot.c:627
 kasan_save_stack+0x54/0x6c mm/kasan/common.c:48
 __kasan_record_aux_stack+0xb8/0xd0 mm/kasan/generic.c:544
 kasan_record_aux_stack+0x14/0x20 mm/kasan/generic.c:549
 task_work_add+0xcc/0x484 kernel/task_work.c:77
 __run_posix_cpu_timers kernel/time/posix-cpu-timers.c:1223 [inline]
 run_posix_cpu_timers+0x694/0x8fc kernel/time/posix-cpu-timers.c:1422
 update_process_times+0x3b0/0x558 kernel/time/timer.c:2526
 tick_sched_handle kernel/time/tick-sched.c:276 [inline]
 tick_nohz_handler+0x324/0x478 kernel/time/tick-sched.c:297
 __run_hrtimer kernel/time/hrtimer.c:1739 [inline]
 __hrtimer_run_queues+0x44c/0xca4 kernel/time/hrtimer.c:1803
 hrtimer_interrupt+0x2bc/0xb58 kernel/time/hrtimer.c:1865
 timer_handler drivers/clocksource/arm_arch_timer.c:674 [inline]
 arch_timer_handler_virt+0x74/0x88 drivers/clocksource/arm_arch_timer.c:685
 handle_percpu_devid_irq+0x174/0x308 kernel/irq/chip.c:942
 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline]
 handle_irq_desc kernel/irq/irqdesc.c:714 [inline]
 generic_handle_domain_irq+0x7c/0xc4 kernel/irq/irqdesc.c:770
 __gic_handle_irq drivers/irqchip/irq-gic-v3.c:865 [inline]
 __gic_handle_irq_from_irqson drivers/irqchip/irq-gic-v3.c:916 [inline]
 gic_handle_irq+0x6c/0x190 drivers/irqchip/irq-gic-v3.c:960
 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:891
 do_interrupt_handler+0xd4/0x138 arch/arm64/kernel/entry-common.c:310
 __el1_irq arch/arm64/kernel/entry-common.c:560 [inline]
 el1_interrupt+0x34/0x68 arch/arm64/kernel/entry-common.c:575
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:580
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P)
 arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P)
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] (P)
 _raw_spin_unlock_irqrestore+0x44/0x98 kernel/locking/spinlock.c:194 (P)
 __debug_object_init+0x1ac/0x43c lib/debugobjects.c:755
 debug_object_init+0x20/0x2c lib/debugobjects.c:779
 __init_work+0x58/0x68 kernel/workqueue.c:677
 alloc_tty_struct+0x1e4/0x684 drivers/tty/tty_io.c:3134
 pty_common_install+0x154/0x720 drivers/tty/pty.c:379
 pty_unix98_install+0x2c/0x3c drivers/tty/pty.c:721
 tty_driver_install_tty drivers/tty/tty_io.c:1304 [inline]
 tty_init_dev+0xb4/0x3ec drivers/tty/tty_io.c:1416
 ptmx_open+0xfc/0x2d0 drivers/tty/pty.c:824
 chrdev_open+0x3b0/0x4bc fs/char_dev.c:414
 do_dentry_open+0xc0c/0x168c fs/open.c:945
 vfs_open+0x48/0x2d4 fs/open.c:1075
 do_open fs/namei.c:3828 [inline]
 path_openat+0x2300/0x2b14 fs/namei.c:3987
 do_filp_open+0x1e8/0x404 fs/namei.c:4014
 do_sys_openat2+0x124/0x1b8 fs/open.c:1402
 do_sys_open fs/open.c:1417 [inline]
 __do_sys_openat fs/open.c:1433 [inline]
 __se_sys_openat fs/open.c:1428 [inline]
 __arm64_sys_openat+0x1f0/0x240 fs/open.c:1428
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744
 el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600