in_unlock+0x171/0x230 [ 944.721215][ C1] ? futex_wake+0x155/0x490 [ 944.725701][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 944.731676][ C1] do_futex+0x15b/0x1a60 [ 944.736073][ C1] ? lock_acquire+0x1f1/0xad0 [ 944.740767][ C1] ? __might_fault+0xef/0x1d0 [ 944.745527][ C1] ? find_held_lock+0x2d/0x110 [ 944.753145][ C1] ? futex_exit_release+0x220/0x220 [ 944.758337][ C1] ? lock_downgrade+0x820/0x820 [ 944.763258][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 944.769477][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 944.774481][ C1] ? __might_fault+0x190/0x1d0 [ 944.779232][ C1] ? _copy_to_user+0x126/0x160 [ 944.783976][ C1] __x64_sys_futex+0x378/0x4e0 [ 944.788725][ C1] ? do_futex+0x1a60/0x1a60 [ 944.793294][ C1] ? lock_is_held_type+0xb0/0xe0 [ 944.798209][ C1] ? do_syscall_64+0x1c/0xe0 [ 944.802782][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 944.808746][ C1] do_syscall_64+0x60/0xe0 [ 944.813242][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 944.819389][ C1] RIP: 0033:0x45cb29 [ 944.823265][ C1] Code: Bad RIP value. [ 944.827330][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 944.835720][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 944.843669][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 944.851621][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 944.859581][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 944.867543][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 944.875554][ C1] syz-executor.2 S29056 10948 7107 0x00000000 [ 944.881872][ C1] Call Trace: [ 944.885143][ C1] __schedule+0x8e1/0x1eb0 [ 944.889815][ C1] ? io_schedule_timeout+0x140/0x140 [ 944.895074][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 944.900525][ C1] schedule+0xd0/0x2a0 [ 944.904582][ C1] futex_wait_queue_me+0x2a7/0x570 [ 944.909668][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 944.914844][ C1] futex_wait+0x1df/0x560 [ 944.919154][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 944.924171][ C1] ? mark_lock+0xbc/0x1710 [ 944.928562][ C1] ? hash_futex+0x12/0x200 [ 944.932969][ C1] ? futex_wake+0x155/0x490 [ 944.937466][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 944.942475][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 944.948430][ C1] ? lock_downgrade+0x820/0x820 [ 944.953259][ C1] do_futex+0x15b/0x1a60 [ 944.957489][ C1] ? lock_acquire+0x1f1/0xad0 [ 944.962169][ C1] ? __might_fault+0xef/0x1d0 [ 944.966826][ C1] ? find_held_lock+0x2d/0x110 [ 944.971580][ C1] ? futex_exit_release+0x220/0x220 [ 944.976759][ C1] ? lock_downgrade+0x820/0x820 [ 944.981593][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 944.987839][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 944.992845][ C1] ? __might_fault+0x190/0x1d0 [ 944.997586][ C1] ? _copy_to_user+0x126/0x160 [ 945.002346][ C1] __x64_sys_futex+0x378/0x4e0 [ 945.007105][ C1] ? do_futex+0x1a60/0x1a60 [ 945.011598][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 945.017211][ C1] ? lock_is_held_type+0xb0/0xe0 [ 945.022201][ C1] ? do_syscall_64+0x1c/0xe0 [ 945.026792][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 945.032757][ C1] do_syscall_64+0x60/0xe0 [ 945.037156][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 945.043026][ C1] RIP: 0033:0x45cb29 [ 945.046897][ C1] Code: Bad RIP value. [ 945.051040][ C1] RSP: 002b:00007fd42927bcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 945.059433][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 945.067388][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 945.075402][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 945.083373][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 945.091344][ C1] R13: 0000000000c9fb6f R14: 00007fd42927c9c0 R15: 000000000078c04c [ 945.099313][ C1] syz-executor.1 S29976 10957 6984 0x00000000 [ 945.105738][ C1] Call Trace: [ 945.109101][ C1] __schedule+0x8e1/0x1eb0 [ 945.113528][ C1] ? io_schedule_timeout+0x140/0x140 [ 945.118796][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 945.124239][ C1] schedule+0xd0/0x2a0 [ 945.128291][ C1] futex_wait_queue_me+0x2a7/0x570 [ 945.133400][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 945.138597][ C1] ? futex_wake+0x1b5/0x490 [ 945.143083][ C1] ? find_held_lock+0x2d/0x110 [ 945.147825][ C1] futex_wait+0x1df/0x560 [ 945.152155][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 945.157168][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 945.162086][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 945.167276][ C1] ? futex_wake+0x155/0x490 [ 945.171768][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 945.177730][ C1] do_futex+0x15b/0x1a60 [ 945.181955][ C1] ? lock_acquire+0x1f1/0xad0 [ 945.186614][ C1] ? __might_fault+0xef/0x1d0 [ 945.191269][ C1] ? find_held_lock+0x2d/0x110 [ 945.196130][ C1] ? futex_exit_release+0x220/0x220 [ 945.201327][ C1] ? lock_downgrade+0x820/0x820 [ 945.206753][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 945.213532][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 945.218769][ C1] ? __might_fault+0x190/0x1d0 [ 945.223633][ C1] ? _copy_to_user+0x126/0x160 [ 945.228601][ C1] __x64_sys_futex+0x378/0x4e0 [ 945.233423][ C1] ? do_futex+0x1a60/0x1a60 [ 945.241150][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 945.247207][ C1] ? lock_is_held_type+0xb0/0xe0 [ 945.252127][ C1] ? do_syscall_64+0x1c/0xe0 [ 945.256698][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 945.264846][ C1] do_syscall_64+0x60/0xe0 [ 945.269786][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 945.276095][ C1] RIP: 0033:0x45cb29 [ 945.280295][ C1] Code: Bad RIP value. [ 945.284548][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 945.293523][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 945.301500][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 945.311029][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 945.318988][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 945.328013][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 945.336133][ C1] syz-executor.1 S28384 10963 6984 0x00000000 [ 945.342446][ C1] Call Trace: [ 945.345720][ C1] __schedule+0x8e1/0x1eb0 [ 945.350133][ C1] ? io_schedule_timeout+0x140/0x140 [ 945.355932][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 945.361375][ C1] schedule+0xd0/0x2a0 [ 945.365456][ C1] futex_wait_queue_me+0x2a7/0x570 [ 945.370611][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 945.377084][ C1] futex_wait+0x1df/0x560 [ 945.381400][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 945.387393][ C1] ? wake_up_q+0xa3/0x100 [ 945.391775][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 945.396963][ C1] ? futex_wake+0x155/0x490 [ 945.401631][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 945.407685][ C1] do_futex+0x15b/0x1a60 [ 945.411915][ C1] ? lock_acquire+0x1f1/0xad0 [ 945.417811][ C1] ? __might_fault+0xef/0x1d0 [ 945.422496][ C1] ? find_held_lock+0x2d/0x110 [ 945.427336][ C1] ? futex_exit_release+0x220/0x220 [ 945.432712][ C1] ? lock_downgrade+0x820/0x820 [ 945.437542][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 945.443763][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 945.449222][ C1] ? __might_fault+0x190/0x1d0 [ 945.453970][ C1] ? _copy_to_user+0x126/0x160 [ 945.459517][ C1] __x64_sys_futex+0x378/0x4e0 [ 945.465304][ C1] ? do_futex+0x1a60/0x1a60 [ 945.469789][ C1] ? lock_is_held_type+0xb0/0xe0 [ 945.474967][ C1] ? do_syscall_64+0x1c/0xe0 [ 945.479726][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 945.485714][ C1] do_syscall_64+0x60/0xe0 [ 945.490113][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 945.496157][ C1] RIP: 0033:0x45cb29 [ 945.500023][ C1] Code: Bad RIP value. [ 945.504062][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 945.512463][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 945.520903][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 945.529023][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 945.537073][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 945.545041][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 945.553274][ C1] syz-executor.1 S28384 10970 6984 0x00000000 [ 945.559713][ C1] Call Trace: [ 945.563963][ C1] __schedule+0x8e1/0x1eb0 [ 945.568458][ C1] ? io_schedule_timeout+0x140/0x140 [ 945.573755][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 945.579211][ C1] schedule+0xd0/0x2a0 [ 945.583261][ C1] futex_wait_queue_me+0x2a7/0x570 [ 945.588356][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 945.593971][ C1] futex_wait+0x1df/0x560 [ 945.599261][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 945.604370][ C1] ? wake_up_q+0xa3/0x100 [ 945.609082][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 945.614350][ C1] ? futex_wake+0x155/0x490 [ 945.619180][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 945.626515][ C1] do_futex+0x15b/0x1a60 [ 945.630766][ C1] ? lock_acquire+0x1f1/0xad0 [ 945.635604][ C1] ? __might_fault+0xef/0x1d0 [ 945.640519][ C1] ? find_held_lock+0x2d/0x110 [ 945.645677][ C1] ? futex_exit_release+0x220/0x220 [ 945.650951][ C1] ? lock_downgrade+0x820/0x820 [ 945.657057][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 945.663742][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 945.668748][ C1] ? __might_fault+0x190/0x1d0 [ 945.673577][ C1] ? _copy_to_user+0x126/0x160 [ 945.679451][ C1] __x64_sys_futex+0x378/0x4e0 [ 945.684215][ C1] ? do_futex+0x1a60/0x1a60 [ 945.689178][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 945.694820][ C1] ? lock_is_held_type+0xb0/0xe0 [ 945.699738][ C1] ? do_syscall_64+0x1c/0xe0 [ 945.704368][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 945.712278][ C1] do_syscall_64+0x60/0xe0 [ 945.716677][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 945.722550][ C1] RIP: 0033:0x45cb29 [ 945.726416][ C1] Code: Bad RIP value. [ 945.730470][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 945.739595][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 945.747898][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 945.755955][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 945.764164][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 945.772397][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 945.780711][ C1] kvm-nx-lpage-re S30224 10977 2 0x00004000 [ 945.787026][ C1] Call Trace: [ 945.790819][ C1] __schedule+0x8e1/0x1eb0 [ 945.795464][ C1] ? io_schedule_timeout+0x140/0x140 [ 945.800747][ C1] ? lock_acquire+0x1f1/0xad0 [ 945.805605][ C1] schedule+0xd0/0x2a0 [ 945.809682][ C1] schedule_timeout+0x1d8/0x250 [ 945.814743][ C1] ? usleep_range+0x170/0x170 [ 945.819406][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 945.824683][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 945.830768][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 945.836851][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 945.841942][ C1] ? _raw_spin_unlock_irq+0x55/0x80 [ 945.847142][ C1] ? finish_task_switch+0x147/0x750 [ 945.852326][ C1] ? finish_task_switch+0x119/0x750 [ 945.857625][ C1] kvm_nx_lpage_recovery_worker+0x1ca/0x760 [ 945.863523][ C1] ? __kthread_parkme+0xad/0x1e0 [ 945.869752][ C1] ? kvm_mmu_pte_write+0xd40/0xd40 [ 945.874864][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 945.880676][ C1] ? __kthread_parkme+0x4c/0x1e0 [ 945.885600][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 945.892191][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 945.897195][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 945.902299][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 945.908088][ C1] kvm_vm_worker_thread+0x1b3/0x270 [ 945.913265][ C1] ? kvm_mmu_pte_write+0xd40/0xd40 [ 945.918369][ C1] ? kvm_exit+0x80/0x80 [ 945.922503][ C1] kthread+0x3b5/0x4a0 [ 945.926552][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 945.931667][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 945.936849][ C1] ret_from_fork+0x1f/0x30 [ 945.941251][ C1] kvm-nx-lpage-re S30224 10990 2 0x00004000 [ 945.947564][ C1] Call Trace: [ 945.950832][ C1] __schedule+0x8e1/0x1eb0 [ 945.955680][ C1] ? io_schedule_timeout+0x140/0x140 [ 945.960963][ C1] schedule+0xd0/0x2a0 [ 945.965725][ C1] schedule_timeout+0x1d8/0x250 [ 945.970854][ C1] ? usleep_range+0x170/0x170 [ 945.975535][ C1] ? __schedule+0x887/0x1eb0 [ 945.980115][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 945.986079][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 945.991097][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 945.996192][ C1] kvm_nx_lpage_recovery_worker+0x1ca/0x760 [ 946.002438][ C1] ? __kthread_parkme+0xad/0x1e0 [ 946.007356][ C1] ? kvm_mmu_pte_write+0xd40/0xd40 [ 946.012453][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 946.018263][ C1] ? __kthread_parkme+0x4c/0x1e0 [ 946.025081][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 946.031063][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 946.036847][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 946.042371][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 946.047587][ C1] kvm_vm_worker_thread+0x1b3/0x270 [ 946.052777][ C1] ? kvm_mmu_pte_write+0xd40/0xd40 [ 946.057863][ C1] ? kvm_exit+0x80/0x80 [ 946.061996][ C1] kthread+0x3b5/0x4a0 [ 946.066059][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 946.071147][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 946.076993][ C1] ret_from_fork+0x1f/0x30 [ 946.081972][ C1] syz-executor.1 S28384 10992 6984 0x00000000 [ 946.089448][ C1] Call Trace: [ 946.092721][ C1] __schedule+0x8e1/0x1eb0 [ 946.097756][ C1] ? io_schedule_timeout+0x140/0x140 [ 946.103284][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 946.108733][ C1] schedule+0xd0/0x2a0 [ 946.113142][ C1] futex_wait_queue_me+0x2a7/0x570 [ 946.118462][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 946.124932][ C1] futex_wait+0x1df/0x560 [ 946.129285][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 946.135780][ C1] ? wake_up_q+0xa3/0x100 [ 946.140657][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 946.146073][ C1] ? futex_wake+0x155/0x490 [ 946.150827][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 946.157660][ C1] do_futex+0x15b/0x1a60 [ 946.162039][ C1] ? lock_acquire+0x1f1/0xad0 [ 946.167364][ C1] ? __might_fault+0xef/0x1d0 [ 946.172062][ C1] ? find_held_lock+0x2d/0x110 [ 946.177555][ C1] ? futex_exit_release+0x220/0x220 [ 946.184769][ C1] ? lock_downgrade+0x820/0x820 [ 946.189716][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 946.197249][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 946.203582][ C1] ? __might_fault+0x190/0x1d0 [ 946.209337][ C1] ? _copy_to_user+0x126/0x160 [ 946.214235][ C1] __x64_sys_futex+0x378/0x4e0 [ 946.219101][ C1] ? do_futex+0x1a60/0x1a60 [ 946.223590][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 946.229205][ C1] ? lock_is_held_type+0xb0/0xe0 [ 946.234527][ C1] ? do_syscall_64+0x1c/0xe0 [ 946.239507][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 946.245937][ C1] do_syscall_64+0x60/0xe0 [ 946.251291][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 946.258406][ C1] RIP: 0033:0x45cb29 [ 946.263732][ C1] Code: Bad RIP value. [ 946.269088][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 946.277656][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 946.285920][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 946.294164][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 946.303173][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 946.312288][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 946.322293][ C1] syz-executor.3 S28384 10999 7113 0x00000000 [ 946.329360][ C1] Call Trace: [ 946.333613][ C1] __schedule+0x8e1/0x1eb0 [ 946.338451][ C1] ? io_schedule_timeout+0x140/0x140 [ 946.343948][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 946.349396][ C1] schedule+0xd0/0x2a0 [ 946.353553][ C1] futex_wait_queue_me+0x2a7/0x570 [ 946.360207][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 946.366289][ C1] futex_wait+0x1df/0x560 [ 946.370638][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 946.377301][ C1] ? wake_up_q+0xa3/0x100 [ 946.383266][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 946.390049][ C1] ? futex_wake+0x155/0x490 [ 946.395047][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 946.401015][ C1] do_futex+0x15b/0x1a60 [ 946.405279][ C1] ? lock_acquire+0x1f1/0xad0 [ 946.410193][ C1] ? __might_fault+0xef/0x1d0 [ 946.415025][ C1] ? find_held_lock+0x2d/0x110 [ 946.421062][ C1] ? futex_exit_release+0x220/0x220 [ 946.426850][ C1] ? lock_downgrade+0x820/0x820 [ 946.431899][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 946.439642][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 946.445439][ C1] ? __might_fault+0x190/0x1d0 [ 946.450254][ C1] ? _copy_to_user+0x126/0x160 [ 946.455529][ C1] __x64_sys_futex+0x378/0x4e0 [ 946.460295][ C1] ? do_futex+0x1a60/0x1a60 [ 946.464779][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 946.470845][ C1] ? lock_is_held_type+0xb0/0xe0 [ 946.475782][ C1] ? do_syscall_64+0x1c/0xe0 [ 946.480466][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 946.487139][ C1] do_syscall_64+0x60/0xe0 [ 946.492265][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 946.499492][ C1] RIP: 0033:0x45cb29 [ 946.503556][ C1] Code: Bad RIP value. [ 946.508297][ C1] RSP: 002b:00007f6514a60cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 946.518162][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 946.526113][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 946.534236][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 946.544920][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 946.552930][ C1] R13: 0000000000c9fb6f R14: 00007f6514a619c0 R15: 000000000078bf0c [ 946.562514][ C1] syz-executor.3 S28384 11010 7113 0x00000000 [ 946.569051][ C1] Call Trace: [ 946.573784][ C1] __schedule+0x8e1/0x1eb0 [ 946.578845][ C1] ? io_schedule_timeout+0x140/0x140 [ 946.584146][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 946.589623][ C1] schedule+0xd0/0x2a0 [ 946.594195][ C1] futex_wait_queue_me+0x2a7/0x570 [ 946.599286][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 946.605612][ C1] futex_wait+0x1df/0x560 [ 946.610122][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 946.615152][ C1] ? wake_up_q+0xa3/0x100 [ 946.619464][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 946.624729][ C1] ? futex_wake+0x155/0x490 [ 946.629218][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 946.636081][ C1] do_futex+0x15b/0x1a60 [ 946.641216][ C1] ? lock_acquire+0x1f1/0xad0 [ 946.646037][ C1] ? __might_fault+0xef/0x1d0 [ 946.650807][ C1] ? find_held_lock+0x2d/0x110 [ 946.655580][ C1] ? futex_exit_release+0x220/0x220 [ 946.660765][ C1] ? lock_downgrade+0x820/0x820 [ 946.665617][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 946.671837][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 946.676940][ C1] ? __might_fault+0x190/0x1d0 [ 946.682485][ C1] ? _copy_to_user+0x126/0x160 [ 946.687234][ C1] __x64_sys_futex+0x378/0x4e0 [ 946.691997][ C1] ? do_futex+0x1a60/0x1a60 [ 946.696574][ C1] ? lock_is_held_type+0xb0/0xe0 [ 946.702707][ C1] ? do_syscall_64+0x1c/0xe0 [ 946.707927][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 946.715369][ C1] do_syscall_64+0x60/0xe0 [ 946.719770][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 946.725728][ C1] RIP: 0033:0x45cb29 [ 946.729612][ C1] Code: Bad RIP value. [ 946.733653][ C1] RSP: 002b:00007f6514a60cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 946.742244][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 946.750608][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 946.758585][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 946.767346][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 946.775688][ C1] R13: 0000000000c9fb6f R14: 00007f6514a619c0 R15: 000000000078bf0c [ 946.784847][ C1] syz-executor.1 S28384 11021 6984 0x00000000 [ 946.791188][ C1] Call Trace: [ 946.794466][ C1] __schedule+0x8e1/0x1eb0 [ 946.798876][ C1] ? io_schedule_timeout+0x140/0x140 [ 946.804147][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 946.810473][ C1] schedule+0xd0/0x2a0 [ 946.815383][ C1] futex_wait_queue_me+0x2a7/0x570 [ 946.820666][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 946.825928][ C1] futex_wait+0x1df/0x560 [ 946.830326][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 946.836164][ C1] ? wake_up_q+0xa3/0x100 [ 946.840489][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 946.845696][ C1] ? futex_wake+0x155/0x490 [ 946.850208][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 946.857251][ C1] do_futex+0x15b/0x1a60 [ 946.861485][ C1] ? lock_acquire+0x1f1/0xad0 [ 946.866143][ C1] ? __might_fault+0xef/0x1d0 [ 946.870818][ C1] ? find_held_lock+0x2d/0x110 [ 946.875567][ C1] ? futex_exit_release+0x220/0x220 [ 946.882761][ C1] ? lock_downgrade+0x820/0x820 [ 946.892596][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 946.898845][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 946.903978][ C1] ? __might_fault+0x190/0x1d0 [ 946.908737][ C1] ? _copy_to_user+0x126/0x160 [ 946.913483][ C1] __x64_sys_futex+0x378/0x4e0 [ 946.918332][ C1] ? do_futex+0x1a60/0x1a60 [ 946.922836][ C1] ? lock_is_held_type+0xb0/0xe0 [ 946.927762][ C1] ? do_syscall_64+0x1c/0xe0 [ 946.932346][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 946.938305][ C1] do_syscall_64+0x60/0xe0 [ 946.942699][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 946.948567][ C1] RIP: 0033:0x45cb29 [ 946.952432][ C1] Code: Bad RIP value. [ 946.956492][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 946.964899][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 946.972872][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 946.980834][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 946.988781][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 946.996752][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 947.004718][ C1] syz-executor.3 S27920 11027 7113 0x00000000 [ 947.011051][ C1] Call Trace: [ 947.014335][ C1] __schedule+0x8e1/0x1eb0 [ 947.018747][ C1] ? io_schedule_timeout+0x140/0x140 [ 947.024054][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 947.029510][ C1] schedule+0xd0/0x2a0 [ 947.033558][ C1] futex_wait_queue_me+0x2a7/0x570 [ 947.038643][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 947.043836][ C1] futex_wait+0x1df/0x560 [ 947.048159][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 947.053181][ C1] ? wake_up_q+0xa3/0x100 [ 947.057504][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 947.062770][ C1] ? futex_wake+0x155/0x490 [ 947.067351][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 947.073328][ C1] do_futex+0x15b/0x1a60 [ 947.077617][ C1] ? lock_acquire+0x1f1/0xad0 [ 947.082460][ C1] ? __might_fault+0xef/0x1d0 [ 947.087116][ C1] ? find_held_lock+0x2d/0x110 [ 947.091886][ C1] ? futex_exit_release+0x220/0x220 [ 947.097066][ C1] ? lock_downgrade+0x820/0x820 [ 947.101894][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 947.108112][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 947.113115][ C1] ? __might_fault+0x190/0x1d0 [ 947.117873][ C1] ? _copy_to_user+0x126/0x160 [ 947.122636][ C1] __x64_sys_futex+0x378/0x4e0 [ 947.127393][ C1] ? do_futex+0x1a60/0x1a60 [ 947.131878][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 947.137493][ C1] ? lock_is_held_type+0xb0/0xe0 [ 947.142415][ C1] ? do_syscall_64+0x1c/0xe0 [ 947.146980][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 947.152958][ C1] do_syscall_64+0x60/0xe0 [ 947.157374][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 947.163257][ C1] RIP: 0033:0x45cb29 [ 947.167213][ C1] Code: Bad RIP value. [ 947.171252][ C1] RSP: 002b:00007f6514a60cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 947.179636][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 947.187585][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 947.195533][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 947.203490][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 947.212054][ C1] R13: 0000000000c9fb6f R14: 00007f6514a619c0 R15: 000000000078bf0c [ 947.220033][ C1] syz-executor.2 S29976 11036 7107 0x00000000 [ 947.226365][ C1] Call Trace: [ 947.229635][ C1] __schedule+0x8e1/0x1eb0 [ 947.234030][ C1] ? io_schedule_timeout+0x140/0x140 [ 947.239305][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 947.244803][ C1] schedule+0xd0/0x2a0 [ 947.248883][ C1] futex_wait_queue_me+0x2a7/0x570 [ 947.254071][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 947.259259][ C1] futex_wait+0x1df/0x560 [ 947.263568][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 947.268581][ C1] ? hash_futex+0x12/0x200 [ 947.273004][ C1] ? futex_wake+0x155/0x490 [ 947.277517][ C1] ? lock_downgrade+0x820/0x820 [ 947.282368][ C1] do_futex+0x15b/0x1a60 [ 947.286593][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 947.291792][ C1] ? _raw_spin_unlock+0x24/0x40 [ 947.296636][ C1] ? do_wp_page+0x16a/0x1950 [ 947.301214][ C1] ? futex_exit_release+0x220/0x220 [ 947.306395][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 947.311399][ C1] ? find_held_lock+0x2d/0x110 [ 947.316253][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 947.321453][ C1] ? __up_read+0x1a1/0x7b0 [ 947.326217][ C1] ? _down_write_nest_lock+0x150/0x150 [ 947.331866][ C1] __x64_sys_futex+0x378/0x4e0 [ 947.336613][ C1] ? do_futex+0x1a60/0x1a60 [ 947.341183][ C1] ? lock_is_held_type+0xb0/0xe0 [ 947.346900][ C1] ? lock_is_held_type+0xb0/0xe0 [ 947.351994][ C1] ? do_syscall_64+0x1c/0xe0 [ 947.356566][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 947.362527][ C1] do_syscall_64+0x60/0xe0 [ 947.367132][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 947.373104][ C1] RIP: 0033:0x45cb29 [ 947.376969][ C1] Code: Bad RIP value. [ 947.381473][ C1] RSP: 002b:00007fd42929ccf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 947.389858][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 947.399874][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 947.407829][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 947.415778][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 947.425527][ C1] R13: 0000000000c9fb6f R14: 00007fd42929d9c0 R15: 000000000078bfac [ 947.433772][ C1] syz-executor.4 S29976 11038 7184 0x00000000 [ 947.440121][ C1] Call Trace: [ 947.443402][ C1] __schedule+0x8e1/0x1eb0 [ 947.447802][ C1] ? io_schedule_timeout+0x140/0x140 [ 947.453065][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 947.458618][ C1] schedule+0xd0/0x2a0 [ 947.462690][ C1] futex_wait_queue_me+0x2a7/0x570 [ 947.467789][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 947.472973][ C1] ? futex_wake+0x1b5/0x490 [ 947.477466][ C1] ? find_held_lock+0x2d/0x110 [ 947.482211][ C1] futex_wait+0x1df/0x560 [ 947.486530][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 947.491555][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 947.496494][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 947.501672][ C1] ? futex_wake+0x155/0x490 [ 947.506163][ C1] ? lock_downgrade+0x820/0x820 [ 947.511272][ C1] do_futex+0x15b/0x1a60 [ 947.515551][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 947.520848][ C1] ? _raw_spin_unlock+0x24/0x40 [ 947.525685][ C1] ? do_wp_page+0x16a/0x1950 [ 947.530273][ C1] ? futex_exit_release+0x220/0x220 [ 947.535463][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 947.540557][ C1] ? find_held_lock+0x2d/0x110 [ 947.545339][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 947.550527][ C1] ? __up_read+0x1a1/0x7b0 [ 947.555023][ C1] ? _down_write_nest_lock+0x150/0x150 [ 947.560466][ C1] __x64_sys_futex+0x378/0x4e0 [ 947.565219][ C1] ? do_futex+0x1a60/0x1a60 [ 947.569851][ C1] ? lock_is_held_type+0xb0/0xe0 [ 947.574782][ C1] ? lock_is_held_type+0xb0/0xe0 [ 947.579714][ C1] ? do_syscall_64+0x1c/0xe0 [ 947.584302][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 947.590283][ C1] do_syscall_64+0x60/0xe0 [ 947.594682][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 947.600552][ C1] RIP: 0033:0x45cb29 [ 947.604416][ C1] Code: Bad RIP value. [ 947.608647][ C1] RSP: 002b:00007f5d2d995cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 947.617047][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 947.625001][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 947.632993][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 947.641189][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 947.649236][ C1] R13: 0000000000c9fb6f R14: 00007f5d2d9969c0 R15: 000000000078bfac [ 947.657299][ C1] syz-executor.2 S29056 11039 7107 0x00000000 [ 947.663621][ C1] Call Trace: [ 947.666899][ C1] __schedule+0x8e1/0x1eb0 [ 947.671321][ C1] ? io_schedule_timeout+0x140/0x140 [ 947.676599][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 947.682040][ C1] schedule+0xd0/0x2a0 [ 947.686089][ C1] futex_wait_queue_me+0x2a7/0x570 [ 947.691201][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 947.696380][ C1] futex_wait+0x1df/0x560 [ 947.700708][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 947.705721][ C1] ? mark_lock+0xbc/0x1710 [ 947.710224][ C1] ? hash_futex+0x12/0x200 [ 947.714742][ C1] ? futex_wake+0x155/0x490 [ 947.719349][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 947.724385][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 947.730427][ C1] ? lock_downgrade+0x820/0x820 [ 947.735417][ C1] do_futex+0x15b/0x1a60 [ 947.739806][ C1] ? lock_acquire+0x1f1/0xad0 [ 947.744489][ C1] ? __might_fault+0xef/0x1d0 [ 947.749151][ C1] ? find_held_lock+0x2d/0x110 [ 947.753897][ C1] ? futex_exit_release+0x220/0x220 [ 947.759227][ C1] ? lock_downgrade+0x820/0x820 [ 947.764060][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 947.770279][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 947.775286][ C1] ? __might_fault+0x190/0x1d0 [ 947.780176][ C1] ? _copy_to_user+0x126/0x160 [ 947.785018][ C1] __x64_sys_futex+0x378/0x4e0 [ 947.789808][ C1] ? do_futex+0x1a60/0x1a60 [ 947.794329][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 947.799943][ C1] ? lock_is_held_type+0xb0/0xe0 [ 947.804859][ C1] ? do_syscall_64+0x1c/0xe0 [ 947.809430][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 947.815404][ C1] do_syscall_64+0x60/0xe0 [ 947.819808][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 947.825693][ C1] RIP: 0033:0x45cb29 [ 947.829560][ C1] Code: Bad RIP value. [ 947.833632][ C1] RSP: 002b:00007fd4292bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 947.842022][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 947.849971][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 947.858018][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 947.865980][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 947.873942][ C1] R13: 0000000000c9fb6f R14: 00007fd4292be9c0 R15: 000000000078bf0c [ 947.882247][ C1] syz-executor.4 S29976 11041 7184 0x00000000 [ 947.888581][ C1] Call Trace: [ 947.891866][ C1] __schedule+0x8e1/0x1eb0 [ 947.896267][ C1] ? io_schedule_timeout+0x140/0x140 [ 947.901538][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 947.906977][ C1] schedule+0xd0/0x2a0 [ 947.911023][ C1] futex_wait_queue_me+0x2a7/0x570 [ 947.916309][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 947.921490][ C1] ? futex_wake+0x1b5/0x490 [ 947.925969][ C1] ? find_held_lock+0x2d/0x110 [ 947.930710][ C1] futex_wait+0x1df/0x560 [ 947.935030][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 947.940027][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 947.944942][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 947.950113][ C1] ? futex_wake+0x155/0x490 [ 947.954601][ C1] ? lock_downgrade+0x820/0x820 [ 947.959430][ C1] do_futex+0x15b/0x1a60 [ 947.963694][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 947.968871][ C1] ? _raw_spin_unlock+0x24/0x40 [ 947.973702][ C1] ? do_wp_page+0x16a/0x1950 [ 947.978295][ C1] ? futex_exit_release+0x220/0x220 [ 947.983482][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 947.988761][ C1] ? find_held_lock+0x2d/0x110 [ 947.993509][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 947.998809][ C1] ? __up_read+0x1a1/0x7b0 [ 948.003220][ C1] ? _down_write_nest_lock+0x150/0x150 [ 948.008706][ C1] __x64_sys_futex+0x378/0x4e0 [ 948.013559][ C1] ? do_futex+0x1a60/0x1a60 [ 948.018127][ C1] ? lock_is_held_type+0xb0/0xe0 [ 948.023051][ C1] ? lock_is_held_type+0xb0/0xe0 [ 948.027980][ C1] ? do_syscall_64+0x1c/0xe0 [ 948.032560][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 948.038522][ C1] do_syscall_64+0x60/0xe0 [ 948.042918][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 948.048788][ C1] RIP: 0033:0x45cb29 [ 948.052665][ C1] Code: Bad RIP value. [ 948.056706][ C1] RSP: 002b:00007f5d2d995cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 948.065613][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 948.073560][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 948.081513][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 948.089479][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 948.097450][ C1] R13: 0000000000c9fb6f R14: 00007f5d2d9969c0 R15: 000000000078bfac [ 948.105422][ C1] syz-executor.2 S28384 11084 7107 0x00000000 [ 948.111731][ C1] Call Trace: [ 948.115100][ C1] __schedule+0x8e1/0x1eb0 [ 948.120016][ C1] ? io_schedule_timeout+0x140/0x140 [ 948.125278][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 948.130900][ C1] schedule+0xd0/0x2a0 [ 948.134966][ C1] futex_wait_queue_me+0x2a7/0x570 [ 948.140422][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 948.145613][ C1] futex_wait+0x1df/0x560 [ 948.149943][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 948.154974][ C1] ? wake_up_q+0xa3/0x100 [ 948.159281][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 948.164459][ C1] ? futex_wake+0x155/0x490 [ 948.169149][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 948.175125][ C1] do_futex+0x15b/0x1a60 [ 948.179380][ C1] ? lock_acquire+0x1f1/0xad0 [ 948.184036][ C1] ? __might_fault+0xef/0x1d0 [ 948.188712][ C1] ? find_held_lock+0x2d/0x110 [ 948.193456][ C1] ? futex_exit_release+0x220/0x220 [ 948.198646][ C1] ? lock_downgrade+0x820/0x820 [ 948.203508][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 948.209731][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 948.214999][ C1] ? __might_fault+0x190/0x1d0 [ 948.219748][ C1] ? _copy_to_user+0x126/0x160 [ 948.224511][ C1] __x64_sys_futex+0x378/0x4e0 [ 948.229281][ C1] ? do_futex+0x1a60/0x1a60 [ 948.234299][ C1] ? lock_is_held_type+0xb0/0xe0 [ 948.239220][ C1] ? do_syscall_64+0x1c/0xe0 [ 948.243793][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 948.249843][ C1] do_syscall_64+0x60/0xe0 [ 948.254326][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 948.260201][ C1] RIP: 0033:0x45cb29 [ 948.264069][ C1] Code: Bad RIP value. [ 948.268108][ C1] RSP: 002b:00007fd4292bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 948.276600][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 948.284674][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 948.292635][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 948.300586][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 948.308546][ C1] R13: 0000000000c9fb6f R14: 00007fd4292be9c0 R15: 000000000078bf0c [ 948.316524][ C1] syz-executor.3 S28384 11087 7113 0x00000000 [ 948.322924][ C1] Call Trace: [ 948.326226][ C1] __schedule+0x8e1/0x1eb0 [ 948.330647][ C1] ? io_schedule_timeout+0x140/0x140 [ 948.336414][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 948.341910][ C1] schedule+0xd0/0x2a0 [ 948.346016][ C1] futex_wait_queue_me+0x2a7/0x570 [ 948.351135][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 948.356472][ C1] futex_wait+0x1df/0x560 [ 948.360790][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 948.365797][ C1] ? wake_up_q+0xa3/0x100 [ 948.370886][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 948.377269][ C1] ? futex_wake+0x155/0x490 [ 948.381793][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 948.387759][ C1] do_futex+0x15b/0x1a60 [ 948.392009][ C1] ? lock_acquire+0x1f1/0xad0 [ 948.396666][ C1] ? __might_fault+0xef/0x1d0 [ 948.401574][ C1] ? find_held_lock+0x2d/0x110 [ 948.406337][ C1] ? futex_exit_release+0x220/0x220 [ 948.411911][ C1] ? lock_downgrade+0x820/0x820 [ 948.418217][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 948.424739][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 948.432795][ C1] ? __might_fault+0x190/0x1d0 [ 948.437826][ C1] ? _copy_to_user+0x126/0x160 [ 948.444561][ C1] __x64_sys_futex+0x378/0x4e0 [ 948.449736][ C1] ? do_futex+0x1a60/0x1a60 [ 948.454267][ C1] ? lock_is_held_type+0xb0/0xe0 [ 948.459192][ C1] ? do_syscall_64+0x1c/0xe0 [ 948.463764][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 948.469731][ C1] do_syscall_64+0x60/0xe0 [ 948.474582][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 948.480891][ C1] RIP: 0033:0x45cb29 [ 948.485073][ C1] Code: Bad RIP value. [ 948.490763][ C1] RSP: 002b:00007f6514a60cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 948.499619][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 948.507595][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 948.515550][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 948.523516][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 948.532253][ C1] R13: 0000000000c9fb6f R14: 00007f6514a619c0 R15: 000000000078bf0c [ 948.540237][ C1] kworker/u4:8 I25016 11095 2 0x00004000 [ 948.546575][ C1] Workqueue: 0x0 (events_unbound) [ 948.551663][ C1] Call Trace: [ 948.554939][ C1] __schedule+0x8e1/0x1eb0 [ 948.559620][ C1] ? io_schedule_timeout+0x140/0x140 [ 948.565060][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 948.570880][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 948.576453][ C1] schedule+0xd0/0x2a0 [ 948.580541][ C1] worker_thread+0x14c/0x1120 [ 948.585231][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 948.590239][ C1] ? process_one_work+0x1670/0x1670 [ 948.595969][ C1] kthread+0x3b5/0x4a0 [ 948.600566][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 948.605656][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 948.610746][ C1] ret_from_fork+0x1f/0x30 [ 948.615149][ C1] syz-executor.5 S28384 11098 7388 0x00000000 [ 948.621474][ C1] Call Trace: [ 948.624900][ C1] __schedule+0x8e1/0x1eb0 [ 948.629336][ C1] ? io_schedule_timeout+0x140/0x140 [ 948.634736][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 948.640344][ C1] schedule+0xd0/0x2a0 [ 948.644448][ C1] futex_wait_queue_me+0x2a7/0x570 [ 948.649964][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 948.655177][ C1] futex_wait+0x1df/0x560 [ 948.659570][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 948.664596][ C1] ? wake_up_q+0xa3/0x100 [ 948.668908][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 948.674376][ C1] ? futex_wake+0x155/0x490 [ 948.678980][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 948.684947][ C1] do_futex+0x15b/0x1a60 [ 948.689173][ C1] ? lock_acquire+0x1f1/0xad0 [ 948.693825][ C1] ? __might_fault+0xef/0x1d0 [ 948.698499][ C1] ? find_held_lock+0x2d/0x110 [ 948.703522][ C1] ? futex_exit_release+0x220/0x220 [ 948.708719][ C1] ? lock_downgrade+0x820/0x820 [ 948.717256][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 948.725085][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 948.730830][ C1] ? __might_fault+0x190/0x1d0 [ 948.736119][ C1] ? _copy_to_user+0x126/0x160 [ 948.742487][ C1] __x64_sys_futex+0x378/0x4e0 [ 948.747238][ C1] ? do_futex+0x1a60/0x1a60 [ 948.751724][ C1] ? lock_is_held_type+0xb0/0xe0 [ 948.756641][ C1] ? do_syscall_64+0x1c/0xe0 [ 948.761321][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 948.767284][ C1] do_syscall_64+0x60/0xe0 [ 948.771685][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 948.777585][ C1] RIP: 0033:0x45cb29 [ 948.781650][ C1] Code: Bad RIP value. [ 948.785792][ C1] RSP: 002b:00007f8614cd2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 948.794192][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 948.802146][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 948.810199][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 948.819418][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 948.828711][ C1] R13: 0000000000c9fb6f R14: 00007f8614cd39c0 R15: 000000000078bf0c [ 948.837554][ C1] kvm-nx-lpage-re S30224 11101 2 0x00004000 [ 948.844837][ C1] Call Trace: [ 948.848756][ C1] __schedule+0x8e1/0x1eb0 [ 948.853761][ C1] ? io_schedule_timeout+0x140/0x140 [ 948.860168][ C1] ? lock_acquire+0x1f1/0xad0 [ 948.864893][ C1] schedule+0xd0/0x2a0 [ 948.868966][ C1] schedule_timeout+0x1d8/0x250 [ 948.873801][ C1] ? usleep_range+0x170/0x170 [ 948.878458][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 948.883656][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 948.889839][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 948.896067][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 948.901245][ C1] ? _raw_spin_unlock_irq+0x55/0x80 [ 948.906828][ C1] ? finish_task_switch+0x147/0x750 [ 948.912212][ C1] ? finish_task_switch+0x119/0x750 [ 948.917397][ C1] kvm_nx_lpage_recovery_worker+0x1ca/0x760 [ 948.923269][ C1] ? __kthread_parkme+0xad/0x1e0 [ 948.928186][ C1] ? kvm_mmu_pte_write+0xd40/0xd40 [ 948.933279][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 948.940242][ C1] ? __kthread_parkme+0x4c/0x1e0 [ 948.945187][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 948.951198][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 948.956215][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 948.961316][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 948.967564][ C1] kvm_vm_worker_thread+0x1b3/0x270 [ 948.973178][ C1] ? kvm_mmu_pte_write+0xd40/0xd40 [ 948.978725][ C1] ? kvm_exit+0x80/0x80 [ 948.983263][ C1] kthread+0x3b5/0x4a0 [ 948.987905][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 948.993019][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 948.998752][ C1] ret_from_fork+0x1f/0x30 [ 949.003436][ C1] syz-executor.4 S29056 11109 7184 0x00000000 [ 949.009761][ C1] Call Trace: [ 949.013043][ C1] __schedule+0x8e1/0x1eb0 [ 949.017443][ C1] ? io_schedule_timeout+0x140/0x140 [ 949.022805][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 949.029306][ C1] schedule+0xd0/0x2a0 [ 949.034279][ C1] futex_wait_queue_me+0x2a7/0x570 [ 949.039663][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 949.044973][ C1] futex_wait+0x1df/0x560 [ 949.049312][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 949.054327][ C1] ? hash_futex+0x12/0x200 [ 949.058813][ C1] ? futex_wake+0x155/0x490 [ 949.063307][ C1] ? lock_downgrade+0x820/0x820 [ 949.068136][ C1] do_futex+0x15b/0x1a60 [ 949.072363][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 949.077545][ C1] ? _raw_spin_unlock+0x24/0x40 [ 949.082424][ C1] ? do_wp_page+0x16a/0x1950 [ 949.087003][ C1] ? futex_exit_release+0x220/0x220 [ 949.092204][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 949.097406][ C1] ? find_held_lock+0x2d/0x110 [ 949.102617][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 949.108057][ C1] ? __up_read+0x1a1/0x7b0 [ 949.112476][ C1] ? _down_write_nest_lock+0x150/0x150 [ 949.117920][ C1] __x64_sys_futex+0x378/0x4e0 [ 949.122667][ C1] ? do_futex+0x1a60/0x1a60 [ 949.127286][ C1] ? lock_is_held_type+0xb0/0xe0 [ 949.132558][ C1] ? lock_is_held_type+0xb0/0xe0 [ 949.137852][ C1] ? do_syscall_64+0x1c/0xe0 [ 949.143047][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 949.149823][ C1] do_syscall_64+0x60/0xe0 [ 949.154347][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 949.160590][ C1] RIP: 0033:0x45cb29 [ 949.164465][ C1] Code: Bad RIP value. [ 949.168507][ C1] RSP: 002b:00007f5d2d995cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 949.176894][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 949.185911][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 949.194385][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 949.203639][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 949.211851][ C1] R13: 0000000000c9fb6f R14: 00007f5d2d9969c0 R15: 000000000078bfac [ 949.219818][ C1] syz-executor.4 S29976 11110 7184 0x00000000 [ 949.226131][ C1] Call Trace: [ 949.229426][ C1] __schedule+0x8e1/0x1eb0 [ 949.233923][ C1] ? io_schedule_timeout+0x140/0x140 [ 949.239501][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 949.244967][ C1] schedule+0xd0/0x2a0 [ 949.249019][ C1] futex_wait_queue_me+0x2a7/0x570 [ 949.254108][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 949.259291][ C1] futex_wait+0x1df/0x560 [ 949.263602][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 949.269401][ C1] ? hash_futex+0x12/0x200 [ 949.274514][ C1] ? futex_wake+0x155/0x490 [ 949.279314][ C1] ? lock_downgrade+0x820/0x820 [ 949.284257][ C1] do_futex+0x15b/0x1a60 [ 949.288892][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 949.294096][ C1] ? _raw_spin_unlock+0x24/0x40 [ 949.298966][ C1] ? do_wp_page+0x16a/0x1950 [ 949.303549][ C1] ? futex_exit_release+0x220/0x220 [ 949.308771][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 949.313981][ C1] ? find_held_lock+0x2d/0x110 [ 949.318969][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 949.324199][ C1] ? __up_read+0x1a1/0x7b0 [ 949.328621][ C1] ? _down_write_nest_lock+0x150/0x150 [ 949.334202][ C1] __x64_sys_futex+0x378/0x4e0 [ 949.339685][ C1] ? do_futex+0x1a60/0x1a60 [ 949.344172][ C1] ? lock_is_held_type+0xb0/0xe0 [ 949.349160][ C1] ? lock_is_held_type+0xb0/0xe0 [ 949.354099][ C1] ? do_syscall_64+0x1c/0xe0 [ 949.358676][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 949.364641][ C1] do_syscall_64+0x60/0xe0 [ 949.369044][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 949.375509][ C1] RIP: 0033:0x45cb29 [ 949.379393][ C1] Code: Bad RIP value. [ 949.383556][ C1] RSP: 002b:00007f5d2d995cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 949.392044][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 949.400463][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 949.409506][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 949.417479][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 949.425432][ C1] R13: 0000000000c9fb6f R14: 00007f5d2d9969c0 R15: 000000000078bfac [ 949.433400][ C1] syz-executor.3 S29976 11131 7113 0x00000000 [ 949.439817][ C1] Call Trace: [ 949.444584][ C1] __schedule+0x8e1/0x1eb0 [ 949.449366][ C1] ? io_schedule_timeout+0x140/0x140 [ 949.454791][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 949.460448][ C1] schedule+0xd0/0x2a0 [ 949.464508][ C1] futex_wait_queue_me+0x2a7/0x570 [ 949.469616][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 949.474900][ C1] futex_wait+0x1df/0x560 [ 949.479236][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 949.484244][ C1] ? wake_up_q+0xa3/0x100 [ 949.488550][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 949.493929][ C1] ? futex_wake+0x155/0x490 [ 949.498935][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 949.504917][ C1] do_futex+0x15b/0x1a60 [ 949.509145][ C1] ? lock_acquire+0x1f1/0xad0 [ 949.513801][ C1] ? __might_fault+0xef/0x1d0 [ 949.518487][ C1] ? find_held_lock+0x2d/0x110 [ 949.523285][ C1] ? futex_exit_release+0x220/0x220 [ 949.528495][ C1] ? lock_downgrade+0x820/0x820 [ 949.534972][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 949.543354][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 949.549470][ C1] ? __might_fault+0x190/0x1d0 [ 949.556352][ C1] ? _copy_to_user+0x126/0x160 [ 949.561314][ C1] __x64_sys_futex+0x378/0x4e0 [ 949.566487][ C1] ? do_futex+0x1a60/0x1a60 [ 949.571155][ C1] ? lock_is_held_type+0xb0/0xe0 [ 949.576301][ C1] ? do_syscall_64+0x1c/0xe0 [ 949.580985][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 949.586947][ C1] do_syscall_64+0x60/0xe0 [ 949.591347][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 949.597217][ C1] RIP: 0033:0x45cb29 [ 949.601084][ C1] Code: Bad RIP value. [ 949.605124][ C1] RSP: 002b:00007f6514a60cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 949.616293][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 949.624927][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 949.633045][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 949.641000][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 949.648951][ C1] R13: 0000000000c9fb6f R14: 00007f6514a619c0 R15: 000000000078bf0c [ 949.656937][ C1] syz-executor.1 S28384 11133 6984 0x00000000 [ 949.663608][ C1] Call Trace: [ 949.666896][ C1] __schedule+0x8e1/0x1eb0 [ 949.671405][ C1] ? io_schedule_timeout+0x140/0x140 [ 949.677222][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 949.682735][ C1] schedule+0xd0/0x2a0 [ 949.686938][ C1] futex_wait_queue_me+0x2a7/0x570 [ 949.692433][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 949.697820][ C1] futex_wait+0x1df/0x560 [ 949.702238][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 949.707338][ C1] ? wake_up_q+0xa3/0x100 [ 949.711661][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 949.717016][ C1] ? futex_wake+0x155/0x490 [ 949.721513][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 949.727664][ C1] do_futex+0x15b/0x1a60 [ 949.732214][ C1] ? lock_acquire+0x1f1/0xad0 [ 949.736967][ C1] ? __might_fault+0xef/0x1d0 [ 949.741626][ C1] ? find_held_lock+0x2d/0x110 [ 949.747761][ C1] ? futex_exit_release+0x220/0x220 [ 949.755197][ C1] ? lock_downgrade+0x820/0x820 [ 949.760606][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 949.766863][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 949.772226][ C1] ? __might_fault+0x190/0x1d0 [ 949.776988][ C1] ? _copy_to_user+0x126/0x160 [ 949.781748][ C1] __x64_sys_futex+0x378/0x4e0 [ 949.786502][ C1] ? do_futex+0x1a60/0x1a60 [ 949.790985][ C1] ? lock_is_held_type+0xb0/0xe0 [ 949.795899][ C1] ? do_syscall_64+0x1c/0xe0 [ 949.800990][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 949.806961][ C1] do_syscall_64+0x60/0xe0 [ 949.811356][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 949.817226][ C1] RIP: 0033:0x45cb29 [ 949.821093][ C1] Code: Bad RIP value. [ 949.825134][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 949.833548][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 949.841950][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 949.849917][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 949.857961][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 949.865912][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 949.873898][ C1] syz-executor.2 S28384 11136 7107 0x00000000 [ 949.880213][ C1] Call Trace: [ 949.883573][ C1] __schedule+0x8e1/0x1eb0 [ 949.887971][ C1] ? io_schedule_timeout+0x140/0x140 [ 949.893236][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 949.899605][ C1] schedule+0xd0/0x2a0 [ 949.904501][ C1] futex_wait_queue_me+0x2a7/0x570 [ 949.910062][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 949.916137][ C1] futex_wait+0x1df/0x560 [ 949.920453][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 949.925595][ C1] ? wake_up_q+0xa3/0x100 [ 949.929900][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 949.935076][ C1] ? futex_wake+0x155/0x490 [ 949.939567][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 949.945528][ C1] do_futex+0x15b/0x1a60 [ 949.953784][ C1] ? lock_acquire+0x1f1/0xad0 [ 949.959248][ C1] ? __might_fault+0xef/0x1d0 [ 949.964205][ C1] ? find_held_lock+0x2d/0x110 [ 949.968960][ C1] ? futex_exit_release+0x220/0x220 [ 949.975762][ C1] ? lock_downgrade+0x820/0x820 [ 949.980614][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 949.986936][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 949.991987][ C1] ? __might_fault+0x190/0x1d0 [ 949.996844][ C1] ? _copy_to_user+0x126/0x160 [ 950.001740][ C1] __x64_sys_futex+0x378/0x4e0 [ 950.007057][ C1] ? do_futex+0x1a60/0x1a60 [ 950.011591][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 950.017213][ C1] ? lock_is_held_type+0xb0/0xe0 [ 950.022128][ C1] ? do_syscall_64+0x1c/0xe0 [ 950.027029][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 950.033691][ C1] do_syscall_64+0x60/0xe0 [ 950.039381][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 950.045553][ C1] RIP: 0033:0x45cb29 [ 950.049619][ C1] Code: Bad RIP value. [ 950.054714][ C1] RSP: 002b:00007fd4292bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 950.063467][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 950.071509][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 950.083188][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 950.091148][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 950.099121][ C1] R13: 0000000000c9fb6f R14: 00007fd4292be9c0 R15: 000000000078bf0c [ 950.107089][ C1] syz-executor.1 S28384 11154 6984 0x00000000 [ 950.115104][ C1] Call Trace: [ 950.118577][ C1] __schedule+0x8e1/0x1eb0 [ 950.122988][ C1] ? io_schedule_timeout+0x140/0x140 [ 950.128281][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 950.133728][ C1] schedule+0xd0/0x2a0 [ 950.137779][ C1] futex_wait_queue_me+0x2a7/0x570 [ 950.142875][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 950.149312][ C1] futex_wait+0x1df/0x560 [ 950.153827][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 950.159337][ C1] ? wake_up_q+0xa3/0x100 [ 950.165511][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 950.171494][ C1] ? futex_wake+0x155/0x490 [ 950.176699][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 950.184696][ C1] do_futex+0x15b/0x1a60 [ 950.188948][ C1] ? lock_acquire+0x1f1/0xad0 [ 950.194057][ C1] ? __might_fault+0xef/0x1d0 [ 950.198714][ C1] ? find_held_lock+0x2d/0x110 [ 950.204762][ C1] ? futex_exit_release+0x220/0x220 [ 950.210290][ C1] ? lock_downgrade+0x820/0x820 [ 950.215249][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 950.222357][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 950.227454][ C1] ? __might_fault+0x190/0x1d0 [ 950.232226][ C1] ? _copy_to_user+0x126/0x160 [ 950.238452][ C1] __x64_sys_futex+0x378/0x4e0 [ 950.243225][ C1] ? do_futex+0x1a60/0x1a60 [ 950.247726][ C1] ? lock_is_held_type+0xb0/0xe0 [ 950.252730][ C1] ? do_syscall_64+0x1c/0xe0 [ 950.257849][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 950.265565][ C1] do_syscall_64+0x60/0xe0 [ 950.269964][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 950.275925][ C1] RIP: 0033:0x45cb29 [ 950.279811][ C1] Code: Bad RIP value. [ 950.283870][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 950.292350][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 950.300303][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 950.308284][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 950.316240][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 950.324280][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 950.332697][ C1] syz-executor.3 S28384 11159 7113 0x00000000 [ 950.339049][ C1] Call Trace: [ 950.342338][ C1] __schedule+0x8e1/0x1eb0 [ 950.346757][ C1] ? io_schedule_timeout+0x140/0x140 [ 950.352021][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 950.357638][ C1] schedule+0xd0/0x2a0 [ 950.361713][ C1] futex_wait_queue_me+0x2a7/0x570 [ 950.367074][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 950.372390][ C1] futex_wait+0x1df/0x560 [ 950.376714][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 950.381745][ C1] ? wake_up_q+0xa3/0x100 [ 950.386204][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 950.393452][ C1] ? futex_wake+0x155/0x490 [ 950.398587][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 950.404746][ C1] do_futex+0x15b/0x1a60 [ 950.408982][ C1] ? lock_acquire+0x1f1/0xad0 [ 950.413732][ C1] ? __might_fault+0xef/0x1d0 [ 950.418411][ C1] ? find_held_lock+0x2d/0x110 [ 950.423154][ C1] ? futex_exit_release+0x220/0x220 [ 950.428332][ C1] ? lock_downgrade+0x820/0x820 [ 950.433170][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 950.439399][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 950.445442][ C1] ? __might_fault+0x190/0x1d0 [ 950.451805][ C1] ? _copy_to_user+0x126/0x160 [ 950.456685][ C1] __x64_sys_futex+0x378/0x4e0 [ 950.462352][ C1] ? do_futex+0x1a60/0x1a60 [ 950.466843][ C1] ? lock_is_held_type+0xb0/0xe0 [ 950.471765][ C1] ? do_syscall_64+0x1c/0xe0 [ 950.476880][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 950.483234][ C1] do_syscall_64+0x60/0xe0 [ 950.487631][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 950.493677][ C1] RIP: 0033:0x45cb29 [ 950.497561][ C1] Code: Bad RIP value. [ 950.502158][ C1] RSP: 002b:00007f6514a60cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 950.512577][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 950.522246][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 950.531825][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 950.539784][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 950.547755][ C1] R13: 0000000000c9fb6f R14: 00007f6514a619c0 R15: 000000000078bf0c [ 950.555720][ C1] syz-executor.3 S28384 11169 7113 0x00000000 [ 950.562048][ C1] Call Trace: [ 950.565324][ C1] __schedule+0x8e1/0x1eb0 [ 950.569737][ C1] ? io_schedule_timeout+0x140/0x140 [ 950.578540][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 950.583987][ C1] schedule+0xd0/0x2a0 [ 950.588037][ C1] futex_wait_queue_me+0x2a7/0x570 [ 950.593127][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 950.598314][ C1] futex_wait+0x1df/0x560 [ 950.602621][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 950.609639][ C1] ? wake_up_q+0xa3/0x100 [ 950.614605][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 950.619793][ C1] ? futex_wake+0x155/0x490 [ 950.624288][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 950.630250][ C1] do_futex+0x15b/0x1a60 [ 950.634573][ C1] ? lock_acquire+0x1f1/0xad0 [ 950.639225][ C1] ? __might_fault+0xef/0x1d0 [ 950.643895][ C1] ? find_held_lock+0x2d/0x110 [ 950.648636][ C1] ? futex_exit_release+0x220/0x220 [ 950.653814][ C1] ? lock_downgrade+0x820/0x820 [ 950.658643][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 950.664863][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 950.669883][ C1] ? __might_fault+0x190/0x1d0 [ 950.674990][ C1] ? _copy_to_user+0x126/0x160 [ 950.679736][ C1] __x64_sys_futex+0x378/0x4e0 [ 950.684482][ C1] ? do_futex+0x1a60/0x1a60 [ 950.688964][ C1] ? lock_is_held_type+0xb0/0xe0 [ 950.693878][ C1] ? do_syscall_64+0x1c/0xe0 [ 950.698445][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 950.704407][ C1] do_syscall_64+0x60/0xe0 [ 950.708803][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 950.714672][ C1] RIP: 0033:0x45cb29 [ 950.718646][ C1] Code: Bad RIP value. [ 950.722686][ C1] RSP: 002b:00007f6514a60cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 950.731070][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 950.739019][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 950.747054][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 950.755012][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 950.762960][ C1] R13: 0000000000c9fb6f R14: 00007f6514a619c0 R15: 000000000078bf0c [ 950.770920][ C1] syz-executor.1 S28384 11174 6984 0x00000000 [ 950.777231][ C1] Call Trace: [ 950.780590][ C1] __schedule+0x8e1/0x1eb0 [ 950.785067][ C1] ? io_schedule_timeout+0x140/0x140 [ 950.790335][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 950.795802][ C1] schedule+0xd0/0x2a0 [ 950.799863][ C1] futex_wait_queue_me+0x2a7/0x570 [ 950.804960][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 950.810136][ C1] futex_wait+0x1df/0x560 [ 950.814444][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 950.819452][ C1] ? wake_up_q+0xa3/0x100 [ 950.823782][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 950.828959][ C1] ? futex_wake+0x155/0x490 [ 950.833459][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 950.839425][ C1] do_futex+0x15b/0x1a60 [ 950.843650][ C1] ? lock_acquire+0x1f1/0xad0 [ 950.848302][ C1] ? __might_fault+0xef/0x1d0 [ 950.852959][ C1] ? find_held_lock+0x2d/0x110 [ 950.857697][ C1] ? futex_exit_release+0x220/0x220 [ 950.862890][ C1] ? lock_downgrade+0x820/0x820 [ 950.867740][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 950.873957][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 950.878960][ C1] ? __might_fault+0x190/0x1d0 [ 950.883702][ C1] ? _copy_to_user+0x126/0x160 [ 950.888445][ C1] __x64_sys_futex+0x378/0x4e0 [ 950.893187][ C1] ? do_futex+0x1a60/0x1a60 [ 950.897675][ C1] ? lock_is_held_type+0xb0/0xe0 [ 950.902685][ C1] ? do_syscall_64+0x1c/0xe0 [ 950.907635][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 950.913632][ C1] do_syscall_64+0x60/0xe0 [ 950.918041][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 950.923932][ C1] RIP: 0033:0x45cb29 [ 950.927804][ C1] Code: Bad RIP value. [ 950.931859][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 950.940244][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 950.948209][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 950.956160][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 950.964330][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 950.972296][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 950.980258][ C1] syz-executor.3 S28384 11188 7113 0x00000000 [ 950.986576][ C1] Call Trace: [ 950.989852][ C1] __schedule+0x8e1/0x1eb0 [ 950.994249][ C1] ? io_schedule_timeout+0x140/0x140 [ 950.999949][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 951.005477][ C1] schedule+0xd0/0x2a0 [ 951.009527][ C1] futex_wait_queue_me+0x2a7/0x570 [ 951.014854][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 951.020140][ C1] futex_wait+0x1df/0x560 [ 951.024462][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 951.029473][ C1] ? wake_up_q+0xa3/0x100 [ 951.033798][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 951.038987][ C1] ? futex_wake+0x155/0x490 [ 951.043487][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 951.049447][ C1] do_futex+0x15b/0x1a60 [ 951.053760][ C1] ? lock_acquire+0x1f1/0xad0 [ 951.058416][ C1] ? __might_fault+0xef/0x1d0 [ 951.063074][ C1] ? find_held_lock+0x2d/0x110 [ 951.068019][ C1] ? futex_exit_release+0x220/0x220 [ 951.073230][ C1] ? lock_downgrade+0x820/0x820 [ 951.078447][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 951.084689][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 951.089698][ C1] ? __might_fault+0x190/0x1d0 [ 951.094440][ C1] ? _copy_to_user+0x126/0x160 [ 951.099192][ C1] __x64_sys_futex+0x378/0x4e0 [ 951.103944][ C1] ? do_futex+0x1a60/0x1a60 [ 951.108444][ C1] ? lock_is_held_type+0xb0/0xe0 [ 951.113359][ C1] ? do_syscall_64+0x1c/0xe0 [ 951.117930][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 951.123891][ C1] do_syscall_64+0x60/0xe0 [ 951.128284][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 951.134153][ C1] RIP: 0033:0x45cb29 [ 951.138032][ C1] Code: Bad RIP value. [ 951.142072][ C1] RSP: 002b:00007f6514a3fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 951.150459][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 951.158418][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 951.166466][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 951.174598][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 951.182565][ C1] R13: 0000000000c9fb6f R14: 00007f6514a409c0 R15: 000000000078bfac [ 951.190532][ C1] syz-executor.1 S29976 11291 6984 0x00000000 [ 951.196846][ C1] Call Trace: [ 951.200114][ C1] __schedule+0x8e1/0x1eb0 [ 951.204513][ C1] ? io_schedule_timeout+0x140/0x140 [ 951.209776][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 951.215239][ C1] schedule+0xd0/0x2a0 [ 951.219286][ C1] futex_wait_queue_me+0x2a7/0x570 [ 951.224377][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 951.229555][ C1] ? save_stack+0x32/0x40 [ 951.233873][ C1] futex_wait+0x1df/0x560 [ 951.238184][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 951.243198][ C1] ? mark_lock+0xbc/0x1710 [ 951.247593][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 951.253548][ C1] ? hash_futex+0x12/0x200 [ 951.257980][ C1] ? futex_wake+0x155/0x490 [ 951.262463][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 951.267473][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 951.273426][ C1] ? __lock_acquire+0xc1e/0x56e0 [ 951.278435][ C1] do_futex+0x15b/0x1a60 [ 951.282682][ C1] ? lock_acquire+0x1f1/0xad0 [ 951.287338][ C1] ? __might_fault+0xef/0x1d0 [ 951.291993][ C1] ? find_held_lock+0x2d/0x110 [ 951.296910][ C1] ? futex_exit_release+0x220/0x220 [ 951.302089][ C1] ? lock_downgrade+0x820/0x820 [ 951.307008][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 951.313225][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 951.318254][ C1] ? __might_fault+0x190/0x1d0 [ 951.322999][ C1] ? _copy_to_user+0x126/0x160 [ 951.328286][ C1] __x64_sys_futex+0x378/0x4e0 [ 951.333220][ C1] ? do_futex+0x1a60/0x1a60 [ 951.337704][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 951.345454][ C1] ? lock_is_held_type+0xb0/0xe0 [ 951.350408][ C1] ? do_syscall_64+0x1c/0xe0 [ 951.354983][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 951.360943][ C1] do_syscall_64+0x60/0xe0 [ 951.365342][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 951.371234][ C1] RIP: 0033:0x45cb29 [ 951.375117][ C1] Code: Bad RIP value. [ 951.379160][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 951.388159][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 951.396229][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 951.404293][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 951.412255][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 951.421207][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 951.429194][ C1] syz-executor.1 S28240 11298 6984 0x00000000 [ 951.436047][ C1] Call Trace: [ 951.439329][ C1] __schedule+0x8e1/0x1eb0 [ 951.443729][ C1] ? io_schedule_timeout+0x140/0x140 [ 951.448992][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 951.454434][ C1] schedule+0xd0/0x2a0 [ 951.458485][ C1] futex_wait_queue_me+0x2a7/0x570 [ 951.463589][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 951.468782][ C1] futex_wait+0x1df/0x560 [ 951.473179][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 951.478205][ C1] ? wake_up_q+0xa3/0x100 [ 951.482544][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 951.487732][ C1] ? futex_wake+0x155/0x490 [ 951.492263][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 951.498237][ C1] do_futex+0x15b/0x1a60 [ 951.502467][ C1] ? lock_acquire+0x1f1/0xad0 [ 951.507160][ C1] ? __might_fault+0xef/0x1d0 [ 951.511812][ C1] ? find_held_lock+0x2d/0x110 [ 951.516555][ C1] ? futex_exit_release+0x220/0x220 [ 951.521917][ C1] ? lock_downgrade+0x820/0x820 [ 951.526755][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 951.532996][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 951.538030][ C1] ? __might_fault+0x190/0x1d0 [ 951.542771][ C1] ? _copy_to_user+0x126/0x160 [ 951.547515][ C1] __x64_sys_futex+0x378/0x4e0 [ 951.552260][ C1] ? do_futex+0x1a60/0x1a60 [ 951.556761][ C1] ? lock_is_held_type+0xb0/0xe0 [ 951.561690][ C1] ? do_syscall_64+0x1c/0xe0 [ 951.566350][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 951.572307][ C1] do_syscall_64+0x60/0xe0 [ 951.576703][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 951.582575][ C1] RIP: 0033:0x45cb29 [ 951.586453][ C1] Code: Bad RIP value. [ 951.590494][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 951.598893][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 951.606852][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 951.614887][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 951.622838][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 951.630813][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 951.639735][ C1] syz-executor.1 S28384 11322 6984 0x00000000 [ 951.646070][ C1] Call Trace: [ 951.649430][ C1] __schedule+0x8e1/0x1eb0 [ 951.653841][ C1] ? io_schedule_timeout+0x140/0x140 [ 951.659328][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 951.666593][ C1] schedule+0xd0/0x2a0 [ 951.671700][ C1] futex_wait_queue_me+0x2a7/0x570 [ 951.677850][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 951.683722][ C1] futex_wait+0x1df/0x560 [ 951.688433][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 951.694630][ C1] ? wake_up_q+0xa3/0x100 [ 951.699570][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 951.705570][ C1] ? futex_wake+0x155/0x490 [ 951.710544][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 951.716628][ C1] do_futex+0x15b/0x1a60 [ 951.721895][ C1] ? lock_acquire+0x1f1/0xad0 [ 951.728106][ C1] ? __might_fault+0xef/0x1d0 [ 951.733444][ C1] ? find_held_lock+0x2d/0x110 [ 951.739908][ C1] ? futex_exit_release+0x220/0x220 [ 951.746486][ C1] ? lock_downgrade+0x820/0x820 [ 951.755202][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 951.761808][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 951.767475][ C1] ? __might_fault+0x190/0x1d0 [ 951.772852][ C1] ? _copy_to_user+0x126/0x160 [ 951.779419][ C1] __x64_sys_futex+0x378/0x4e0 [ 951.784281][ C1] ? do_futex+0x1a60/0x1a60 [ 951.788983][ C1] ? lock_is_held_type+0xb0/0xe0 [ 951.793931][ C1] ? do_syscall_64+0x1c/0xe0 [ 951.798529][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 951.804541][ C1] do_syscall_64+0x60/0xe0 [ 951.808944][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 951.815949][ C1] RIP: 0033:0x45cb29 [ 951.819820][ C1] Code: Bad RIP value. [ 951.824041][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 951.833562][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 951.842052][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 951.850235][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 951.858317][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 951.867585][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 951.875563][ C1] syz-executor.1 S28384 11333 6984 0x00000000 [ 951.881994][ C1] Call Trace: [ 951.885337][ C1] __schedule+0x8e1/0x1eb0 [ 951.889738][ C1] ? io_schedule_timeout+0x140/0x140 [ 951.895250][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 951.900736][ C1] schedule+0xd0/0x2a0 [ 951.904901][ C1] futex_wait_queue_me+0x2a7/0x570 [ 951.910090][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 951.915291][ C1] futex_wait+0x1df/0x560 [ 951.919622][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 951.924630][ C1] ? wake_up_q+0xa3/0x100 [ 951.929198][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 951.934550][ C1] ? futex_wake+0x155/0x490 [ 951.939051][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 951.945030][ C1] do_futex+0x15b/0x1a60 [ 951.949294][ C1] ? lock_acquire+0x1f1/0xad0 [ 951.953997][ C1] ? __might_fault+0xef/0x1d0 [ 951.959112][ C1] ? find_held_lock+0x2d/0x110 [ 951.963875][ C1] ? futex_exit_release+0x220/0x220 [ 951.969081][ C1] ? lock_downgrade+0x820/0x820 [ 951.973925][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 951.980597][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 951.985606][ C1] ? __might_fault+0x190/0x1d0 [ 951.990351][ C1] ? _copy_to_user+0x126/0x160 [ 951.995101][ C1] __x64_sys_futex+0x378/0x4e0 [ 952.001556][ C1] ? do_futex+0x1a60/0x1a60 [ 952.007419][ C1] ? lock_is_held_type+0xb0/0xe0 [ 952.014850][ C1] ? do_syscall_64+0x1c/0xe0 [ 952.019540][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 952.025735][ C1] do_syscall_64+0x60/0xe0 [ 952.031435][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 952.037401][ C1] RIP: 0033:0x45cb29 [ 952.041654][ C1] Code: Bad RIP value. [ 952.047258][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 952.056439][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 952.067092][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 952.075178][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 952.083244][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 952.091340][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 952.102515][ C1] bond1 I30952 11339 2 0x00004000 [ 952.110696][ C1] Call Trace: [ 952.114215][ C1] __schedule+0x8e1/0x1eb0 [ 952.119730][ C1] ? io_schedule_timeout+0x140/0x140 [ 952.125158][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 952.130173][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 952.135555][ C1] schedule+0xd0/0x2a0 [ 952.139607][ C1] rescuer_thread+0x7a7/0xd30 [ 952.144291][ C1] ? worker_thread+0x1120/0x1120 [ 952.149315][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 952.154420][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 952.159610][ C1] ? worker_thread+0x1120/0x1120 [ 952.165110][ C1] kthread+0x3b5/0x4a0 [ 952.169165][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 952.174253][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 952.179450][ C1] ret_from_fork+0x1f/0x30 [ 952.183869][ C1] syz-executor.1 S28384 11367 6984 0x00000000 [ 952.190180][ C1] Call Trace: [ 952.193454][ C1] __schedule+0x8e1/0x1eb0 [ 952.197873][ C1] ? io_schedule_timeout+0x140/0x140 [ 952.203135][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 952.208591][ C1] schedule+0xd0/0x2a0 [ 952.212731][ C1] futex_wait_queue_me+0x2a7/0x570 [ 952.217925][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 952.223107][ C1] futex_wait+0x1df/0x560 [ 952.227434][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 952.232542][ C1] ? wake_up_q+0xa3/0x100 [ 952.236867][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 952.242056][ C1] ? futex_wake+0x155/0x490 [ 952.246613][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 952.252648][ C1] do_futex+0x15b/0x1a60 [ 952.256991][ C1] ? lock_acquire+0x1f1/0xad0 [ 952.261661][ C1] ? __might_fault+0xef/0x1d0 [ 952.266341][ C1] ? find_held_lock+0x2d/0x110 [ 952.271098][ C1] ? futex_exit_release+0x220/0x220 [ 952.276279][ C1] ? lock_downgrade+0x820/0x820 [ 952.281115][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 952.287515][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 952.292548][ C1] ? __might_fault+0x190/0x1d0 [ 952.297482][ C1] ? _copy_to_user+0x126/0x160 [ 952.302270][ C1] __x64_sys_futex+0x378/0x4e0 [ 952.307041][ C1] ? do_futex+0x1a60/0x1a60 [ 952.311534][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 952.317167][ C1] ? lock_is_held_type+0xb0/0xe0 [ 952.322083][ C1] ? do_syscall_64+0x1c/0xe0 [ 952.326764][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 952.332899][ C1] do_syscall_64+0x60/0xe0 [ 952.337322][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 952.343305][ C1] RIP: 0033:0x45cb29 [ 952.347328][ C1] Code: Bad RIP value. [ 952.352367][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 952.361918][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 952.373219][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 952.381173][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 952.389133][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 952.397106][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 952.405082][ C1] syz-executor.1 S28384 11389 6984 0x00000000 [ 952.412347][ C1] Call Trace: [ 952.416442][ C1] __schedule+0x8e1/0x1eb0 [ 952.423917][ C1] ? io_schedule_timeout+0x140/0x140 [ 952.429457][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 952.435375][ C1] schedule+0xd0/0x2a0 [ 952.439474][ C1] futex_wait_queue_me+0x2a7/0x570 [ 952.444872][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 952.450152][ C1] futex_wait+0x1df/0x560 [ 952.454611][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 952.460681][ C1] ? wake_up_q+0xa3/0x100 [ 952.465397][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 952.470583][ C1] ? futex_wake+0x155/0x490 [ 952.475082][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 952.482742][ C1] do_futex+0x15b/0x1a60 [ 952.487007][ C1] ? lock_acquire+0x1f1/0xad0 [ 952.491692][ C1] ? __might_fault+0xef/0x1d0 [ 952.496499][ C1] ? find_held_lock+0x2d/0x110 [ 952.502948][ C1] ? futex_exit_release+0x220/0x220 [ 952.508138][ C1] ? lock_downgrade+0x820/0x820 [ 952.513611][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 952.520935][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 952.526417][ C1] ? __might_fault+0x190/0x1d0 [ 952.531168][ C1] ? _copy_to_user+0x126/0x160 [ 952.535920][ C1] __x64_sys_futex+0x378/0x4e0 [ 952.541107][ C1] ? do_futex+0x1a60/0x1a60 [ 952.547736][ C1] ? lock_is_held_type+0xb0/0xe0 [ 952.552671][ C1] ? do_syscall_64+0x1c/0xe0 [ 952.557440][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 952.564052][ C1] do_syscall_64+0x60/0xe0 [ 952.571381][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 952.577263][ C1] RIP: 0033:0x45cb29 [ 952.581181][ C1] Code: Bad RIP value. [ 952.585254][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 952.594209][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 952.603085][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 952.611174][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 952.620935][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 952.629843][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 952.638314][ C1] syz-executor.1 S28384 11396 6984 0x00000000 [ 952.646417][ C1] Call Trace: [ 952.649708][ C1] __schedule+0x8e1/0x1eb0 [ 952.654130][ C1] ? io_schedule_timeout+0x140/0x140 [ 952.659409][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 952.664970][ C1] schedule+0xd0/0x2a0 [ 952.671069][ C1] futex_wait_queue_me+0x2a7/0x570 [ 952.677288][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 952.684157][ C1] futex_wait+0x1df/0x560 [ 952.688478][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 952.693515][ C1] ? wake_up_q+0xa3/0x100 [ 952.698371][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 952.705125][ C1] ? futex_wake+0x155/0x490 [ 952.709810][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 952.716841][ C1] do_futex+0x15b/0x1a60 [ 952.721911][ C1] ? lock_acquire+0x1f1/0xad0 [ 952.726571][ C1] ? __might_fault+0xef/0x1d0 [ 952.731228][ C1] ? find_held_lock+0x2d/0x110 [ 952.735976][ C1] ? futex_exit_release+0x220/0x220 [ 952.741154][ C1] ? lock_downgrade+0x820/0x820 [ 952.745984][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 952.753673][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 952.759511][ C1] ? __might_fault+0x190/0x1d0 [ 952.764481][ C1] ? _copy_to_user+0x126/0x160 [ 952.769274][ C1] __x64_sys_futex+0x378/0x4e0 [ 952.774042][ C1] ? do_futex+0x1a60/0x1a60 [ 952.778849][ C1] ? lock_is_held_type+0xb0/0xe0 [ 952.783994][ C1] ? do_syscall_64+0x1c/0xe0 [ 952.789406][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 952.795395][ C1] do_syscall_64+0x60/0xe0 [ 952.799811][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 952.805681][ C1] RIP: 0033:0x45cb29 [ 952.809547][ C1] Code: Bad RIP value. [ 952.813588][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 952.821975][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 952.830402][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 952.838396][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 952.847594][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 952.855689][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 952.863699][ C1] syz-executor.1 S28384 11417 6984 0x00000000 [ 952.870022][ C1] Call Trace: [ 952.873297][ C1] __schedule+0x8e1/0x1eb0 [ 952.877696][ C1] ? io_schedule_timeout+0x140/0x140 [ 952.882961][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 952.888428][ C1] schedule+0xd0/0x2a0 [ 952.893515][ C1] futex_wait_queue_me+0x2a7/0x570 [ 952.900023][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 952.905255][ C1] futex_wait+0x1df/0x560 [ 952.909597][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 952.914609][ C1] ? wake_up_q+0xa3/0x100 [ 952.918931][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 952.925672][ C1] ? futex_wake+0x155/0x490 [ 952.933391][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 952.939495][ C1] do_futex+0x15b/0x1a60 [ 952.943741][ C1] ? lock_acquire+0x1f1/0xad0 [ 952.948397][ C1] ? __might_fault+0xef/0x1d0 [ 952.953158][ C1] ? find_held_lock+0x2d/0x110 [ 952.957920][ C1] ? futex_exit_release+0x220/0x220 [ 952.963101][ C1] ? lock_downgrade+0x820/0x820 [ 952.967929][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 952.975217][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 952.980252][ C1] ? __might_fault+0x190/0x1d0 [ 952.985035][ C1] ? _copy_to_user+0x126/0x160 [ 952.989787][ C1] __x64_sys_futex+0x378/0x4e0 [ 952.994920][ C1] ? do_futex+0x1a60/0x1a60 [ 953.000559][ C1] ? lock_is_held_type+0xb0/0xe0 [ 953.005477][ C1] ? do_syscall_64+0x1c/0xe0 [ 953.010059][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 953.016023][ C1] do_syscall_64+0x60/0xe0 [ 953.020425][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 953.026299][ C1] RIP: 0033:0x45cb29 [ 953.030168][ C1] Code: Bad RIP value. [ 953.034228][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 953.042621][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 953.053035][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 953.062385][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 953.070509][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 953.078922][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 953.090147][ C1] kvm-nx-lpage-re S30224 11427 2 0x00004000 [ 953.096509][ C1] Call Trace: [ 953.099801][ C1] __schedule+0x8e1/0x1eb0 [ 953.104217][ C1] ? io_schedule_timeout+0x140/0x140 [ 953.109588][ C1] ? lock_acquire+0x1f1/0xad0 [ 953.114260][ C1] schedule+0xd0/0x2a0 [ 953.118321][ C1] schedule_timeout+0x1d8/0x250 [ 953.123153][ C1] ? usleep_range+0x170/0x170 [ 953.127950][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 953.133139][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 953.139108][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 953.145068][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 953.150160][ C1] ? _raw_spin_unlock_irq+0x55/0x80 [ 953.155427][ C1] ? finish_task_switch+0x147/0x750 [ 953.161687][ C1] ? finish_task_switch+0x119/0x750 [ 953.166892][ C1] kvm_nx_lpage_recovery_worker+0x1ca/0x760 [ 953.172787][ C1] ? __kthread_parkme+0xad/0x1e0 [ 953.177703][ C1] ? kvm_mmu_pte_write+0xd40/0xd40 [ 953.182799][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 953.190320][ C1] ? __kthread_parkme+0x4c/0x1e0 [ 953.195763][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 953.201726][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 953.206732][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 953.211827][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 953.216862][ C1] kvm_vm_worker_thread+0x1b3/0x270 [ 953.222317][ C1] ? kvm_mmu_pte_write+0xd40/0xd40 [ 953.228653][ C1] ? kvm_exit+0x80/0x80 [ 953.233064][ C1] kthread+0x3b5/0x4a0 [ 953.237122][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 953.242929][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 953.248023][ C1] ret_from_fork+0x1f/0x30 [ 953.252425][ C1] syz-executor.1 S28384 11436 6984 0x00000000 [ 953.259181][ C1] Call Trace: [ 953.262744][ C1] __schedule+0x8e1/0x1eb0 [ 953.267160][ C1] ? io_schedule_timeout+0x140/0x140 [ 953.272438][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 953.278044][ C1] schedule+0xd0/0x2a0 [ 953.282102][ C1] futex_wait_queue_me+0x2a7/0x570 [ 953.287199][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 953.292392][ C1] futex_wait+0x1df/0x560 [ 953.296703][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 953.301721][ C1] ? wake_up_q+0xa3/0x100 [ 953.306030][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 953.311207][ C1] ? futex_wake+0x155/0x490 [ 953.315699][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 953.321671][ C1] do_futex+0x15b/0x1a60 [ 953.325897][ C1] ? lock_acquire+0x1f1/0xad0 [ 953.330564][ C1] ? __might_fault+0xef/0x1d0 [ 953.336437][ C1] ? find_held_lock+0x2d/0x110 [ 953.341250][ C1] ? futex_exit_release+0x220/0x220 [ 953.346444][ C1] ? lock_downgrade+0x820/0x820 [ 953.351280][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 953.357512][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 953.362671][ C1] ? __might_fault+0x190/0x1d0 [ 953.367420][ C1] ? _copy_to_user+0x126/0x160 [ 953.372214][ C1] __x64_sys_futex+0x378/0x4e0 [ 953.376967][ C1] ? do_futex+0x1a60/0x1a60 [ 953.381454][ C1] ? lock_is_held_type+0xb0/0xe0 [ 953.386382][ C1] ? do_syscall_64+0x1c/0xe0 [ 953.390974][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 953.396948][ C1] do_syscall_64+0x60/0xe0 [ 953.401358][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 953.407246][ C1] RIP: 0033:0x45cb29 [ 953.411111][ C1] Code: Bad RIP value. [ 953.415348][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 953.423837][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 953.431823][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 953.439868][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 953.447826][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 953.455864][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 953.463955][ C1] syz-executor.1 S28384 11451 6984 0x00000000 [ 953.470962][ C1] Call Trace: [ 953.474233][ C1] __schedule+0x8e1/0x1eb0 [ 953.478633][ C1] ? io_schedule_timeout+0x140/0x140 [ 953.483900][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 953.489342][ C1] schedule+0xd0/0x2a0 [ 953.493403][ C1] futex_wait_queue_me+0x2a7/0x570 [ 953.498508][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 953.503708][ C1] futex_wait+0x1df/0x560 [ 953.508045][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 953.513125][ C1] ? wake_up_q+0xa3/0x100 [ 953.517516][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 953.522707][ C1] ? futex_wake+0x155/0x490 [ 953.527205][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 953.533259][ C1] do_futex+0x15b/0x1a60 [ 953.537515][ C1] ? lock_acquire+0x1f1/0xad0 [ 953.542213][ C1] ? __might_fault+0xef/0x1d0 [ 953.546878][ C1] ? find_held_lock+0x2d/0x110 [ 953.551622][ C1] ? futex_exit_release+0x220/0x220 [ 953.556876][ C1] ? lock_downgrade+0x820/0x820 [ 953.561819][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 953.568044][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 953.573081][ C1] ? __might_fault+0x190/0x1d0 [ 953.577839][ C1] ? _copy_to_user+0x126/0x160 [ 953.582597][ C1] __x64_sys_futex+0x378/0x4e0 [ 953.587633][ C1] ? do_futex+0x1a60/0x1a60 [ 953.592130][ C1] ? lock_is_held_type+0xb0/0xe0 [ 953.597060][ C1] ? do_syscall_64+0x1c/0xe0 [ 953.601651][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 953.607612][ C1] do_syscall_64+0x60/0xe0 [ 953.612194][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 953.618101][ C1] RIP: 0033:0x45cb29 [ 953.621990][ C1] Code: Bad RIP value. [ 953.626049][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 953.634456][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 953.642421][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 953.650370][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 953.658314][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 953.666260][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 953.674222][ C1] syz-executor.3 S29936 11460 7113 0x00000000 [ 953.680534][ C1] Call Trace: [ 953.683805][ C1] __schedule+0x8e1/0x1eb0 [ 953.688198][ C1] ? io_schedule_timeout+0x140/0x140 [ 953.693483][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 953.698943][ C1] schedule+0xd0/0x2a0 [ 953.703025][ C1] futex_wait_queue_me+0x2a7/0x570 [ 953.708113][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 953.713299][ C1] ? futex_wake+0x1b5/0x490 [ 953.718404][ C1] ? find_held_lock+0x2d/0x110 [ 953.723165][ C1] futex_wait+0x1df/0x560 [ 953.727494][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 953.732520][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 953.737445][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 953.742622][ C1] ? futex_wake+0x155/0x490 [ 953.747111][ C1] ? lock_downgrade+0x820/0x820 [ 953.751938][ C1] do_futex+0x15b/0x1a60 [ 953.756161][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 953.761424][ C1] ? _raw_spin_unlock+0x24/0x40 [ 953.766254][ C1] ? do_wp_page+0x16a/0x1950 [ 953.770827][ C1] ? futex_exit_release+0x220/0x220 [ 953.776012][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 953.781197][ C1] ? find_held_lock+0x2d/0x110 [ 953.785939][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 953.791134][ C1] ? __up_read+0x1a1/0x7b0 [ 953.795618][ C1] ? _down_write_nest_lock+0x150/0x150 [ 953.801055][ C1] __x64_sys_futex+0x378/0x4e0 [ 953.805798][ C1] ? do_futex+0x1a60/0x1a60 [ 953.810288][ C1] ? lock_is_held_type+0xb0/0xe0 [ 953.815220][ C1] ? lock_is_held_type+0xb0/0xe0 [ 953.820137][ C1] ? do_syscall_64+0x1c/0xe0 [ 953.824702][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 953.830659][ C1] do_syscall_64+0x60/0xe0 [ 953.835051][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 953.840932][ C1] RIP: 0033:0x45cb29 [ 953.844797][ C1] Code: Bad RIP value. [ 953.848839][ C1] RSP: 002b:00007f6514a3fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 953.857224][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 953.865262][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 953.873211][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 953.881159][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 953.889194][ C1] R13: 0000000000c9fb6f R14: 00007f6514a409c0 R15: 000000000078bfac [ 953.897170][ C1] syz-executor.3 S29976 11461 7113 0x00000000 [ 953.903479][ C1] Call Trace: [ 953.906759][ C1] __schedule+0x8e1/0x1eb0 [ 953.911210][ C1] ? io_schedule_timeout+0x140/0x140 [ 953.916554][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 953.922015][ C1] schedule+0xd0/0x2a0 [ 953.926170][ C1] futex_wait_queue_me+0x2a7/0x570 [ 953.931301][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 953.936477][ C1] ? kvm_sched_clock_read+0x14/0x40 [ 953.941707][ C1] futex_wait+0x1df/0x560 [ 953.946037][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 953.951038][ C1] ? mark_lock+0xbc/0x1710 [ 953.955696][ C1] ? hash_futex+0x12/0x200 [ 953.960191][ C1] ? futex_wake+0x155/0x490 [ 953.964671][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 953.969780][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 953.975739][ C1] ? lock_downgrade+0x820/0x820 [ 953.980570][ C1] do_futex+0x15b/0x1a60 [ 953.984795][ C1] ? lock_acquire+0x1f1/0xad0 [ 953.989447][ C1] ? __might_fault+0xef/0x1d0 [ 953.994101][ C1] ? find_held_lock+0x2d/0x110 [ 953.998869][ C1] ? futex_exit_release+0x220/0x220 [ 954.004046][ C1] ? lock_downgrade+0x820/0x820 [ 954.008876][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 954.015126][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 954.020132][ C1] ? __might_fault+0x190/0x1d0 [ 954.024882][ C1] ? _copy_to_user+0x126/0x160 [ 954.029628][ C1] __x64_sys_futex+0x378/0x4e0 [ 954.034638][ C1] ? do_futex+0x1a60/0x1a60 [ 954.039217][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 954.045546][ C1] ? lock_is_held_type+0xb0/0xe0 [ 954.050472][ C1] ? do_syscall_64+0x1c/0xe0 [ 954.055040][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 954.061038][ C1] do_syscall_64+0x60/0xe0 [ 954.065436][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 954.071319][ C1] RIP: 0033:0x45cb29 [ 954.075190][ C1] Code: Bad RIP value. [ 954.079247][ C1] RSP: 002b:00007f6514a60cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 954.087649][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 954.095598][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 954.103561][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 954.111515][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 954.119465][ C1] R13: 0000000000c9fb6f R14: 00007f6514a619c0 R15: 000000000078bf0c [ 954.127427][ C1] kvm-nx-lpage-re S29784 11462 2 0x00004000 [ 954.133740][ C1] Call Trace: [ 954.137024][ C1] __schedule+0x8e1/0x1eb0 [ 954.141419][ C1] ? io_schedule_timeout+0x140/0x140 [ 954.146700][ C1] schedule+0xd0/0x2a0 [ 954.150760][ C1] schedule_timeout+0x1d8/0x250 [ 954.155587][ C1] ? usleep_range+0x170/0x170 [ 954.160297][ C1] ? __schedule+0x887/0x1eb0 [ 954.164868][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 954.170830][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 954.175849][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 954.180955][ C1] kvm_nx_lpage_recovery_worker+0x1ca/0x760 [ 954.186854][ C1] ? __kthread_parkme+0xad/0x1e0 [ 954.191771][ C1] ? kvm_mmu_pte_write+0xd40/0xd40 [ 954.196863][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 954.202644][ C1] ? __kthread_parkme+0x4c/0x1e0 [ 954.207558][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 954.213518][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 954.218528][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 954.223712][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 954.228738][ C1] kvm_vm_worker_thread+0x1b3/0x270 [ 954.233931][ C1] ? kvm_mmu_pte_write+0xd40/0xd40 [ 954.239021][ C1] ? kvm_exit+0x80/0x80 [ 954.243172][ C1] kthread+0x3b5/0x4a0 [ 954.247226][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 954.252315][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 954.257409][ C1] ret_from_fork+0x1f/0x30 [ 954.261808][ C1] syz-executor.3 S29936 11470 7113 0x00000000 [ 954.268123][ C1] Call Trace: [ 954.271405][ C1] __schedule+0x8e1/0x1eb0 [ 954.275815][ C1] ? io_schedule_timeout+0x140/0x140 [ 954.281190][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 954.286648][ C1] schedule+0xd0/0x2a0 [ 954.290697][ C1] futex_wait_queue_me+0x2a7/0x570 [ 954.295810][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 954.300995][ C1] futex_wait+0x1df/0x560 [ 954.305306][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 954.310322][ C1] ? hash_futex+0x12/0x200 [ 954.314730][ C1] ? futex_wake+0x155/0x490 [ 954.319219][ C1] ? lock_downgrade+0x820/0x820 [ 954.324066][ C1] do_futex+0x15b/0x1a60 [ 954.328288][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 954.333464][ C1] ? _raw_spin_unlock+0x24/0x40 [ 954.338292][ C1] ? do_wp_page+0x16a/0x1950 [ 954.342863][ C1] ? futex_exit_release+0x220/0x220 [ 954.348047][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 954.353048][ C1] ? find_held_lock+0x2d/0x110 [ 954.357789][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 954.362964][ C1] ? __up_read+0x1a1/0x7b0 [ 954.367355][ C1] ? _down_write_nest_lock+0x150/0x150 [ 954.372844][ C1] __x64_sys_futex+0x378/0x4e0 [ 954.377598][ C1] ? do_futex+0x1a60/0x1a60 [ 954.382089][ C1] ? lock_is_held_type+0xb0/0xe0 [ 954.387008][ C1] ? lock_is_held_type+0xb0/0xe0 [ 954.391992][ C1] ? do_syscall_64+0x1c/0xe0 [ 954.396739][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 954.402711][ C1] do_syscall_64+0x60/0xe0 [ 954.407231][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 954.413113][ C1] RIP: 0033:0x45cb29 [ 954.416984][ C1] Code: Bad RIP value. [ 954.421027][ C1] RSP: 002b:00007f6514a3fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 954.429413][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 954.437534][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 954.445481][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 954.453441][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 954.461490][ C1] R13: 0000000000c9fb6f R14: 00007f6514a409c0 R15: 000000000078bfac [ 954.469901][ C1] syz-executor.3 S29976 11473 7113 0x00000000 [ 954.476322][ C1] Call Trace: [ 954.479593][ C1] __schedule+0x8e1/0x1eb0 [ 954.483992][ C1] ? io_schedule_timeout+0x140/0x140 [ 954.489259][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 954.494723][ C1] schedule+0xd0/0x2a0 [ 954.498794][ C1] futex_wait_queue_me+0x2a7/0x570 [ 954.503885][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 954.509094][ C1] futex_wait+0x1df/0x560 [ 954.513441][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 954.518451][ C1] ? hash_futex+0x12/0x200 [ 954.522845][ C1] ? futex_wake+0x155/0x490 [ 954.527338][ C1] ? lock_downgrade+0x820/0x820 [ 954.532178][ C1] do_futex+0x15b/0x1a60 [ 954.536400][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 954.541685][ C1] ? _raw_spin_unlock+0x24/0x40 [ 954.546519][ C1] ? do_wp_page+0x16a/0x1950 [ 954.551092][ C1] ? futex_exit_release+0x220/0x220 [ 954.556273][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 954.561275][ C1] ? find_held_lock+0x2d/0x110 [ 954.566113][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 954.571285][ C1] ? __up_read+0x1a1/0x7b0 [ 954.575680][ C1] ? _down_write_nest_lock+0x150/0x150 [ 954.581135][ C1] __x64_sys_futex+0x378/0x4e0 [ 954.585907][ C1] ? do_futex+0x1a60/0x1a60 [ 954.590388][ C1] ? lock_is_held_type+0xb0/0xe0 [ 954.595305][ C1] ? lock_is_held_type+0xb0/0xe0 [ 954.600223][ C1] ? do_syscall_64+0x1c/0xe0 [ 954.604794][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 954.610756][ C1] do_syscall_64+0x60/0xe0 [ 954.615421][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 954.621308][ C1] RIP: 0033:0x45cb29 [ 954.625175][ C1] Code: Bad RIP value. [ 954.629234][ C1] RSP: 002b:00007f6514a3fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 954.637622][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 954.650884][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 954.658834][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 954.666803][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 954.674775][ C1] R13: 0000000000c9fb6f R14: 00007f6514a409c0 R15: 000000000078bfac [ 954.682749][ C1] syz-executor.1 S28384 11490 6984 0x00000000 [ 954.689063][ C1] Call Trace: [ 954.692334][ C1] __schedule+0x8e1/0x1eb0 [ 954.696743][ C1] ? io_schedule_timeout+0x140/0x140 [ 954.702017][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 954.707454][ C1] schedule+0xd0/0x2a0 [ 954.711517][ C1] futex_wait_queue_me+0x2a7/0x570 [ 954.716614][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 954.721810][ C1] futex_wait+0x1df/0x560 [ 954.726124][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 954.731139][ C1] ? wake_up_q+0xa3/0x100 [ 954.735444][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 954.740634][ C1] ? futex_wake+0x155/0x490 [ 954.745307][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 954.751266][ C1] do_futex+0x15b/0x1a60 [ 954.755490][ C1] ? lock_acquire+0x1f1/0xad0 [ 954.760406][ C1] ? __might_fault+0xef/0x1d0 [ 954.765062][ C1] ? find_held_lock+0x2d/0x110 [ 954.769816][ C1] ? futex_exit_release+0x220/0x220 [ 954.775600][ C1] ? lock_downgrade+0x820/0x820 [ 954.780430][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 954.786651][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 954.791664][ C1] ? __might_fault+0x190/0x1d0 [ 954.796492][ C1] ? _copy_to_user+0x126/0x160 [ 954.801247][ C1] __x64_sys_futex+0x378/0x4e0 [ 954.805993][ C1] ? do_futex+0x1a60/0x1a60 [ 954.810473][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 954.816087][ C1] ? lock_is_held_type+0xb0/0xe0 [ 954.821016][ C1] ? do_syscall_64+0x1c/0xe0 [ 954.825585][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 954.831572][ C1] do_syscall_64+0x60/0xe0 [ 954.836141][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 954.842016][ C1] RIP: 0033:0x45cb29 [ 954.845896][ C1] Code: Bad RIP value. [ 954.850052][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 954.858462][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 954.869123][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 954.877080][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 954.885025][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 954.892988][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 954.900951][ C1] syz-executor.1 S28384 11500 6984 0x00000000 [ 954.907263][ C1] Call Trace: [ 954.910549][ C1] __schedule+0x8e1/0x1eb0 [ 954.914949][ C1] ? io_schedule_timeout+0x140/0x140 [ 954.920211][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 954.925755][ C1] schedule+0xd0/0x2a0 [ 954.929819][ C1] futex_wait_queue_me+0x2a7/0x570 [ 954.934908][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 954.940099][ C1] futex_wait+0x1df/0x560 [ 954.944509][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 954.949525][ C1] ? wake_up_q+0xa3/0x100 [ 954.953832][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 954.959005][ C1] ? futex_wake+0x155/0x490 [ 954.963495][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 954.969467][ C1] do_futex+0x15b/0x1a60 [ 954.973866][ C1] ? lock_acquire+0x1f1/0xad0 [ 954.978517][ C1] ? __might_fault+0xef/0x1d0 [ 954.983176][ C1] ? find_held_lock+0x2d/0x110 [ 954.987922][ C1] ? futex_exit_release+0x220/0x220 [ 954.993100][ C1] ? lock_downgrade+0x820/0x820 [ 954.998277][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 955.004500][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 955.009504][ C1] ? __might_fault+0x190/0x1d0 [ 955.014248][ C1] ? _copy_to_user+0x126/0x160 [ 955.019010][ C1] __x64_sys_futex+0x378/0x4e0 [ 955.023769][ C1] ? do_futex+0x1a60/0x1a60 [ 955.028249][ C1] ? lock_is_held_type+0xb0/0xe0 [ 955.033166][ C1] ? do_syscall_64+0x1c/0xe0 [ 955.037737][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 955.043695][ C1] do_syscall_64+0x60/0xe0 [ 955.048104][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 955.053973][ C1] RIP: 0033:0x45cb29 [ 955.057839][ C1] Code: Bad RIP value. [ 955.061885][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 955.070617][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 955.078575][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 955.086528][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 955.094489][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 955.102808][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 955.110769][ C1] syz-executor.1 S28384 11508 6984 0x00000000 [ 955.117087][ C1] Call Trace: [ 955.120373][ C1] __schedule+0x8e1/0x1eb0 [ 955.124769][ C1] ? io_schedule_timeout+0x140/0x140 [ 955.130034][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 955.135564][ C1] schedule+0xd0/0x2a0 [ 955.139628][ C1] futex_wait_queue_me+0x2a7/0x570 [ 955.144717][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 955.149895][ C1] futex_wait+0x1df/0x560 [ 955.154205][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 955.159214][ C1] ? wake_up_q+0xa3/0x100 [ 955.163548][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 955.168726][ C1] ? futex_wake+0x155/0x490 [ 955.173330][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 955.179387][ C1] do_futex+0x15b/0x1a60 [ 955.183632][ C1] ? lock_acquire+0x1f1/0xad0 [ 955.188309][ C1] ? __might_fault+0xef/0x1d0 [ 955.193061][ C1] ? find_held_lock+0x2d/0x110 [ 955.197814][ C1] ? futex_exit_release+0x220/0x220 [ 955.202994][ C1] ? lock_downgrade+0x820/0x820 [ 955.207861][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 955.214089][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 955.219200][ C1] ? __might_fault+0x190/0x1d0 [ 955.223966][ C1] ? _copy_to_user+0x126/0x160 [ 955.228781][ C1] __x64_sys_futex+0x378/0x4e0 [ 955.233554][ C1] ? do_futex+0x1a60/0x1a60 [ 955.238127][ C1] ? lock_is_held_type+0xb0/0xe0 [ 955.243043][ C1] ? do_syscall_64+0x1c/0xe0 [ 955.247609][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 955.253887][ C1] do_syscall_64+0x60/0xe0 [ 955.258369][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 955.264242][ C1] RIP: 0033:0x45cb29 [ 955.268109][ C1] Code: Bad RIP value. [ 955.272172][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 955.280568][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 955.288524][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 955.296542][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 955.305035][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 955.313008][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 955.320988][ C1] syz-executor.1 S28384 11517 6984 0x00000000 [ 955.327321][ C1] Call Trace: [ 955.330590][ C1] __schedule+0x8e1/0x1eb0 [ 955.334989][ C1] ? io_schedule_timeout+0x140/0x140 [ 955.340253][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 955.345712][ C1] schedule+0xd0/0x2a0 [ 955.349791][ C1] futex_wait_queue_me+0x2a7/0x570 [ 955.354890][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 955.360066][ C1] futex_wait+0x1df/0x560 [ 955.364378][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 955.369383][ C1] ? wake_up_q+0xa3/0x100 [ 955.373723][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 955.378922][ C1] ? futex_wake+0x155/0x490 [ 955.383430][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 955.389419][ C1] do_futex+0x15b/0x1a60 [ 955.393657][ C1] ? lock_acquire+0x1f1/0xad0 [ 955.399351][ C1] ? __might_fault+0xef/0x1d0 [ 955.404022][ C1] ? find_held_lock+0x2d/0x110 [ 955.408779][ C1] ? futex_exit_release+0x220/0x220 [ 955.413971][ C1] ? lock_downgrade+0x820/0x820 [ 955.418811][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 955.425029][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 955.430034][ C1] ? __might_fault+0x190/0x1d0 [ 955.434776][ C1] ? _copy_to_user+0x126/0x160 [ 955.439523][ C1] __x64_sys_futex+0x378/0x4e0 [ 955.444263][ C1] ? do_futex+0x1a60/0x1a60 [ 955.448746][ C1] ? lock_is_held_type+0xb0/0xe0 [ 955.453673][ C1] ? do_syscall_64+0x1c/0xe0 [ 955.458242][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 955.464204][ C1] do_syscall_64+0x60/0xe0 [ 955.468699][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 955.474582][ C1] RIP: 0033:0x45cb29 [ 955.478465][ C1] Code: Bad RIP value. [ 955.482513][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 955.490914][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 955.498864][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 955.506814][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 955.514792][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 955.522975][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 955.531050][ C1] syz-executor.1 S28384 11524 6984 0x00000000 [ 955.537462][ C1] Call Trace: [ 955.540806][ C1] __schedule+0x8e1/0x1eb0 [ 955.545319][ C1] ? io_schedule_timeout+0x140/0x140 [ 955.550586][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 955.556037][ C1] schedule+0xd0/0x2a0 [ 955.560091][ C1] futex_wait_queue_me+0x2a7/0x570 [ 955.565176][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 955.570439][ C1] futex_wait+0x1df/0x560 [ 955.574761][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 955.579849][ C1] ? wake_up_q+0xa3/0x100 [ 955.584151][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 955.589323][ C1] ? futex_wake+0x155/0x490 [ 955.593828][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 955.599786][ C1] do_futex+0x15b/0x1a60 [ 955.604014][ C1] ? lock_acquire+0x1f1/0xad0 [ 955.608678][ C1] ? __might_fault+0xef/0x1d0 [ 955.613435][ C1] ? find_held_lock+0x2d/0x110 [ 955.618189][ C1] ? futex_exit_release+0x220/0x220 [ 955.623381][ C1] ? lock_downgrade+0x820/0x820 [ 955.628224][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 955.634452][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 955.639999][ C1] ? __might_fault+0x190/0x1d0 [ 955.644742][ C1] ? _copy_to_user+0x126/0x160 [ 955.649504][ C1] __x64_sys_futex+0x378/0x4e0 [ 955.654246][ C1] ? do_futex+0x1a60/0x1a60 [ 955.658735][ C1] ? lock_is_held_type+0xb0/0xe0 [ 955.663647][ C1] ? do_syscall_64+0x1c/0xe0 [ 955.668211][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 955.674168][ C1] do_syscall_64+0x60/0xe0 [ 955.678573][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 955.684439][ C1] RIP: 0033:0x45cb29 [ 955.688305][ C1] Code: Bad RIP value. [ 955.692344][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 955.700742][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 955.708689][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 955.716635][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 955.724600][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 955.732561][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 955.740527][ C1] syz-executor.1 S28384 11553 6984 0x00000000 [ 955.746840][ C1] Call Trace: [ 955.750112][ C1] __schedule+0x8e1/0x1eb0 [ 955.754524][ C1] ? io_schedule_timeout+0x140/0x140 [ 955.759784][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 955.765223][ C1] schedule+0xd0/0x2a0 [ 955.769273][ C1] futex_wait_queue_me+0x2a7/0x570 [ 955.774376][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 955.779650][ C1] futex_wait+0x1df/0x560 [ 955.783961][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 955.788968][ C1] ? wake_up_q+0xa3/0x100 [ 955.793279][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 955.798476][ C1] ? futex_wake+0x155/0x490 [ 955.802971][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 955.808945][ C1] do_futex+0x15b/0x1a60 [ 955.813193][ C1] ? lock_acquire+0x1f1/0xad0 [ 955.817859][ C1] ? __might_fault+0xef/0x1d0 [ 955.822516][ C1] ? find_held_lock+0x2d/0x110 [ 955.827255][ C1] ? futex_exit_release+0x220/0x220 [ 955.832447][ C1] ? lock_downgrade+0x820/0x820 [ 955.837286][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 955.843520][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 955.848524][ C1] ? __might_fault+0x190/0x1d0 [ 955.853278][ C1] ? _copy_to_user+0x126/0x160 [ 955.858194][ C1] __x64_sys_futex+0x378/0x4e0 [ 955.862941][ C1] ? do_futex+0x1a60/0x1a60 [ 955.867441][ C1] ? lock_is_held_type+0xb0/0xe0 [ 955.872373][ C1] ? do_syscall_64+0x1c/0xe0 [ 955.876967][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 955.882941][ C1] do_syscall_64+0x60/0xe0 [ 955.887447][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 955.893332][ C1] RIP: 0033:0x45cb29 [ 955.897211][ C1] Code: Bad RIP value. [ 955.901250][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 955.909643][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 955.917612][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 955.925575][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 955.933524][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 955.941521][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 955.949536][ C1] syz-executor.1 S29488 11563 6984 0x00000000 [ 955.955890][ C1] Call Trace: [ 955.959167][ C1] __schedule+0x8e1/0x1eb0 [ 955.963582][ C1] ? io_schedule_timeout+0x140/0x140 [ 955.968860][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 955.974316][ C1] schedule+0xd0/0x2a0 [ 955.978377][ C1] futex_wait_queue_me+0x2a7/0x570 [ 955.983466][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 955.988666][ C1] ? save_stack+0x32/0x40 [ 955.992975][ C1] futex_wait+0x1df/0x560 [ 955.997294][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 956.002297][ C1] ? mark_lock+0xbc/0x1710 [ 956.006714][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 956.012682][ C1] ? hash_futex+0x12/0x200 [ 956.017082][ C1] ? futex_wake+0x155/0x490 [ 956.021588][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 956.026656][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 956.032620][ C1] ? __lock_acquire+0xc1e/0x56e0 [ 956.037550][ C1] do_futex+0x15b/0x1a60 [ 956.041776][ C1] ? lock_acquire+0x1f1/0xad0 [ 956.046455][ C1] ? __might_fault+0xef/0x1d0 [ 956.051125][ C1] ? find_held_lock+0x2d/0x110 [ 956.055873][ C1] ? futex_exit_release+0x220/0x220 [ 956.061050][ C1] ? lock_downgrade+0x820/0x820 [ 956.065895][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 956.072144][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 956.077155][ C1] ? __might_fault+0x190/0x1d0 [ 956.082007][ C1] ? _copy_to_user+0x126/0x160 [ 956.086882][ C1] __x64_sys_futex+0x378/0x4e0 [ 956.091662][ C1] ? do_futex+0x1a60/0x1a60 [ 956.096156][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 956.101783][ C1] ? lock_is_held_type+0xb0/0xe0 [ 956.106701][ C1] ? do_syscall_64+0x1c/0xe0 [ 956.111274][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 956.117232][ C1] do_syscall_64+0x60/0xe0 [ 956.121626][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 956.127519][ C1] RIP: 0033:0x45cb29 [ 956.131401][ C1] Code: Bad RIP value. [ 956.135444][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 956.144095][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 956.152058][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 956.160023][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 956.167996][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 956.175957][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 956.183933][ C1] syz-executor.1 S28384 11569 6984 0x00000000 [ 956.190347][ C1] Call Trace: [ 956.193621][ C1] __schedule+0x8e1/0x1eb0 [ 956.198110][ C1] ? io_schedule_timeout+0x140/0x140 [ 956.203392][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 956.208967][ C1] schedule+0xd0/0x2a0 [ 956.213019][ C1] futex_wait_queue_me+0x2a7/0x570 [ 956.218131][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 956.223417][ C1] futex_wait+0x1df/0x560 [ 956.227818][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 956.232837][ C1] ? wake_up_q+0xa3/0x100 [ 956.237158][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 956.242350][ C1] ? futex_wake+0x155/0x490 [ 956.246839][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 956.252901][ C1] do_futex+0x15b/0x1a60 [ 956.257249][ C1] ? lock_acquire+0x1f1/0xad0 [ 956.261923][ C1] ? __might_fault+0xef/0x1d0 [ 956.266646][ C1] ? find_held_lock+0x2d/0x110 [ 956.271391][ C1] ? futex_exit_release+0x220/0x220 [ 956.276587][ C1] ? lock_downgrade+0x820/0x820 [ 956.281429][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 956.287678][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 956.292693][ C1] ? __might_fault+0x190/0x1d0 [ 956.297435][ C1] ? _copy_to_user+0x126/0x160 [ 956.302357][ C1] __x64_sys_futex+0x378/0x4e0 [ 956.307099][ C1] ? do_futex+0x1a60/0x1a60 [ 956.311578][ C1] ? lock_is_held_type+0xb0/0xe0 [ 956.316493][ C1] ? do_syscall_64+0x1c/0xe0 [ 956.321076][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 956.327138][ C1] do_syscall_64+0x60/0xe0 [ 956.331531][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 956.337420][ C1] RIP: 0033:0x45cb29 [ 956.341326][ C1] Code: Bad RIP value. [ 956.345389][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 956.353791][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 956.361950][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 956.369911][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 956.377886][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 956.386024][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 956.393996][ C1] syz-executor.2 S28992 11603 7107 0x00000000 [ 956.400309][ C1] Call Trace: [ 956.403590][ C1] __schedule+0x8e1/0x1eb0 [ 956.408005][ C1] ? io_schedule_timeout+0x140/0x140 [ 956.413269][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 956.418714][ C1] schedule+0xd0/0x2a0 [ 956.422781][ C1] futex_wait_queue_me+0x2a7/0x570 [ 956.427870][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 956.433054][ C1] futex_wait+0x1df/0x560 [ 956.437385][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 956.442476][ C1] ? mark_lock+0xbc/0x1710 [ 956.446888][ C1] ? hash_futex+0x12/0x200 [ 956.451286][ C1] ? futex_wake+0x155/0x490 [ 956.455942][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 956.461528][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 956.467502][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 956.473488][ C1] do_futex+0x15b/0x1a60 [ 956.477736][ C1] ? lock_acquire+0x1f1/0xad0 [ 956.482391][ C1] ? __might_fault+0xef/0x1d0 [ 956.487061][ C1] ? find_held_lock+0x2d/0x110 [ 956.491803][ C1] ? futex_exit_release+0x220/0x220 [ 956.496996][ C1] ? lock_downgrade+0x820/0x820 [ 956.501846][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 956.508081][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 956.513113][ C1] ? __might_fault+0x190/0x1d0 [ 956.517861][ C1] ? _copy_to_user+0x126/0x160 [ 956.522614][ C1] __x64_sys_futex+0x378/0x4e0 [ 956.527383][ C1] ? do_futex+0x1a60/0x1a60 [ 956.531950][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 956.537648][ C1] ? lock_is_held_type+0xb0/0xe0 [ 956.542572][ C1] ? do_syscall_64+0x1c/0xe0 [ 956.547138][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 956.553096][ C1] do_syscall_64+0x60/0xe0 [ 956.557491][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 956.563360][ C1] RIP: 0033:0x45cb29 [ 956.567236][ C1] Code: Bad RIP value. [ 956.571280][ C1] RSP: 002b:00007fd4292bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 956.579689][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 956.587927][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 956.595940][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 956.605110][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 956.613125][ C1] R13: 0000000000c9fb6f R14: 00007fd4292be9c0 R15: 000000000078bf0c [ 956.621261][ C1] syz-executor.1 S29344 11612 6984 0x00000000 [ 956.627601][ C1] Call Trace: [ 956.630899][ C1] __schedule+0x8e1/0x1eb0 [ 956.635299][ C1] ? io_schedule_timeout+0x140/0x140 [ 956.640577][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 956.646034][ C1] schedule+0xd0/0x2a0 [ 956.650097][ C1] futex_wait_queue_me+0x2a7/0x570 [ 956.655204][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 956.660468][ C1] ? save_stack+0x32/0x40 [ 956.664789][ C1] futex_wait+0x1df/0x560 [ 956.669100][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 956.674121][ C1] ? mark_lock+0xbc/0x1710 [ 956.678521][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 956.684491][ C1] ? hash_futex+0x12/0x200 [ 956.688909][ C1] ? futex_wake+0x155/0x490 [ 956.693388][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 956.698502][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 956.704473][ C1] ? __lock_acquire+0xc1e/0x56e0 [ 956.709998][ C1] do_futex+0x15b/0x1a60 [ 956.714239][ C1] ? lock_acquire+0x1f1/0xad0 [ 956.718906][ C1] ? __might_fault+0xef/0x1d0 [ 956.723574][ C1] ? find_held_lock+0x2d/0x110 [ 956.728838][ C1] ? futex_exit_release+0x220/0x220 [ 956.734016][ C1] ? lock_downgrade+0x820/0x820 [ 956.738846][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 956.745176][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 956.750211][ C1] ? __might_fault+0x190/0x1d0 [ 956.755080][ C1] ? _copy_to_user+0x126/0x160 [ 956.760086][ C1] __x64_sys_futex+0x378/0x4e0 [ 956.764887][ C1] ? do_futex+0x1a60/0x1a60 [ 956.769484][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 956.775102][ C1] ? lock_is_held_type+0xb0/0xe0 [ 956.780055][ C1] ? do_syscall_64+0x1c/0xe0 [ 956.784625][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 956.790676][ C1] do_syscall_64+0x60/0xe0 [ 956.795072][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 956.800950][ C1] RIP: 0033:0x45cb29 [ 956.804816][ C1] Code: Bad RIP value. [ 956.808856][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 956.817286][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 956.825236][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 956.833197][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 956.841150][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 956.849114][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 956.857080][ C1] syz-executor.1 S28384 11618 6984 0x00000000 [ 956.863396][ C1] Call Trace: [ 956.866674][ C1] __schedule+0x8e1/0x1eb0 [ 956.871077][ C1] ? io_schedule_timeout+0x140/0x140 [ 956.876342][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 956.882998][ C1] schedule+0xd0/0x2a0 [ 956.887917][ C1] futex_wait_queue_me+0x2a7/0x570 [ 956.893023][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 956.898219][ C1] futex_wait+0x1df/0x560 [ 956.902530][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 956.907534][ C1] ? wake_up_q+0xa3/0x100 [ 956.911839][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 956.917023][ C1] ? futex_wake+0x155/0x490 [ 956.921509][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 956.927480][ C1] do_futex+0x15b/0x1a60 [ 956.931720][ C1] ? lock_acquire+0x1f1/0xad0 [ 956.936376][ C1] ? __might_fault+0xef/0x1d0 [ 956.941029][ C1] ? find_held_lock+0x2d/0x110 [ 956.945775][ C1] ? futex_exit_release+0x220/0x220 [ 956.950971][ C1] ? lock_downgrade+0x820/0x820 [ 956.955821][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 956.962040][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 956.967042][ C1] ? __might_fault+0x190/0x1d0 [ 956.971780][ C1] ? _copy_to_user+0x126/0x160 [ 956.976540][ C1] __x64_sys_futex+0x378/0x4e0 [ 956.981297][ C1] ? do_futex+0x1a60/0x1a60 [ 956.985813][ C1] ? lock_is_held_type+0xb0/0xe0 [ 956.990743][ C1] ? do_syscall_64+0x1c/0xe0 [ 956.995327][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 957.001283][ C1] do_syscall_64+0x60/0xe0 [ 957.005691][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 957.011561][ C1] RIP: 0033:0x45cb29 [ 957.015427][ C1] Code: Bad RIP value. [ 957.019485][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 957.027884][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 957.035830][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 957.043795][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 957.051829][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 957.059789][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 957.067767][ C1] syz-executor.1 S28384 11656 6984 0x00000000 [ 957.074090][ C1] Call Trace: [ 957.077461][ C1] __schedule+0x8e1/0x1eb0 [ 957.081857][ C1] ? io_schedule_timeout+0x140/0x140 [ 957.087120][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 957.092559][ C1] schedule+0xd0/0x2a0 [ 957.096608][ C1] futex_wait_queue_me+0x2a7/0x570 [ 957.101696][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 957.109133][ C1] futex_wait+0x1df/0x560 [ 957.113442][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 957.118541][ C1] ? wake_up_q+0xa3/0x100 [ 957.122934][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 957.128287][ C1] ? futex_wake+0x155/0x490 [ 957.133815][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 957.140028][ C1] do_futex+0x15b/0x1a60 [ 957.146149][ C1] ? lock_acquire+0x1f1/0xad0 [ 957.150939][ C1] ? __might_fault+0xef/0x1d0 [ 957.156072][ C1] ? find_held_lock+0x2d/0x110 [ 957.160998][ C1] ? futex_exit_release+0x220/0x220 [ 957.166717][ C1] ? lock_downgrade+0x820/0x820 [ 957.172510][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 957.178734][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 957.183739][ C1] ? __might_fault+0x190/0x1d0 [ 957.188482][ C1] ? _copy_to_user+0x126/0x160 [ 957.193227][ C1] __x64_sys_futex+0x378/0x4e0 [ 957.197996][ C1] ? do_futex+0x1a60/0x1a60 [ 957.202487][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 957.208118][ C1] ? lock_is_held_type+0xb0/0xe0 [ 957.213046][ C1] ? do_syscall_64+0x1c/0xe0 [ 957.217629][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 957.223592][ C1] do_syscall_64+0x60/0xe0 [ 957.228011][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 957.233897][ C1] RIP: 0033:0x45cb29 [ 957.237774][ C1] Code: Bad RIP value. [ 957.241818][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 957.250219][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 957.258171][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 957.266119][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 957.274079][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 957.282027][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 957.290007][ C1] syz-executor.1 S28384 11668 6984 0x00000000 [ 957.296325][ C1] Call Trace: [ 957.300251][ C1] __schedule+0x8e1/0x1eb0 [ 957.304811][ C1] ? io_schedule_timeout+0x140/0x140 [ 957.310085][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 957.315554][ C1] schedule+0xd0/0x2a0 [ 957.319606][ C1] futex_wait_queue_me+0x2a7/0x570 [ 957.324696][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 957.329879][ C1] futex_wait+0x1df/0x560 [ 957.334192][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 957.339207][ C1] ? wake_up_q+0xa3/0x100 [ 957.343514][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 957.348693][ C1] ? futex_wake+0x155/0x490 [ 957.353198][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 957.359157][ C1] do_futex+0x15b/0x1a60 [ 957.363382][ C1] ? lock_acquire+0x1f1/0xad0 [ 957.368082][ C1] ? __might_fault+0xef/0x1d0 [ 957.372764][ C1] ? find_held_lock+0x2d/0x110 [ 957.377563][ C1] ? futex_exit_release+0x220/0x220 [ 957.382765][ C1] ? lock_downgrade+0x820/0x820 [ 957.387647][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 957.393869][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 957.398907][ C1] ? __might_fault+0x190/0x1d0 [ 957.403663][ C1] ? _copy_to_user+0x126/0x160 [ 957.408610][ C1] __x64_sys_futex+0x378/0x4e0 [ 957.413370][ C1] ? do_futex+0x1a60/0x1a60 [ 957.417862][ C1] ? lock_is_held_type+0xb0/0xe0 [ 957.422904][ C1] ? do_syscall_64+0x1c/0xe0 [ 957.427505][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 957.433842][ C1] do_syscall_64+0x60/0xe0 [ 957.438894][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 957.444775][ C1] RIP: 0033:0x45cb29 [ 957.448672][ C1] Code: Bad RIP value. [ 957.453009][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 957.461505][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 957.469454][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 957.477406][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 957.485371][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 957.493334][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 957.501321][ C1] syz-executor.1 S28384 11684 6984 0x00000000 [ 957.507656][ C1] Call Trace: [ 957.510954][ C1] __schedule+0x8e1/0x1eb0 [ 957.515364][ C1] ? io_schedule_timeout+0x140/0x140 [ 957.520627][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 957.526066][ C1] schedule+0xd0/0x2a0 [ 957.530147][ C1] futex_wait_queue_me+0x2a7/0x570 [ 957.535298][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 957.540490][ C1] futex_wait+0x1df/0x560 [ 957.544802][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 957.549807][ C1] ? wake_up_q+0xa3/0x100 [ 957.554113][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 957.559287][ C1] ? futex_wake+0x155/0x490 [ 957.563784][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 957.569750][ C1] do_futex+0x15b/0x1a60 [ 957.574000][ C1] ? lock_acquire+0x1f1/0xad0 [ 957.578669][ C1] ? __might_fault+0xef/0x1d0 [ 957.583322][ C1] ? find_held_lock+0x2d/0x110 [ 957.588102][ C1] ? futex_exit_release+0x220/0x220 [ 957.593367][ C1] ? lock_downgrade+0x820/0x820 [ 957.598373][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 957.604695][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 957.609703][ C1] ? __might_fault+0x190/0x1d0 [ 957.614472][ C1] ? _copy_to_user+0x126/0x160 [ 957.619218][ C1] __x64_sys_futex+0x378/0x4e0 [ 957.623961][ C1] ? do_futex+0x1a60/0x1a60 [ 957.628722][ C1] ? lock_is_held_type+0xb0/0xe0 [ 957.633638][ C1] ? do_syscall_64+0x1c/0xe0 [ 957.638228][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 957.644199][ C1] do_syscall_64+0x60/0xe0 [ 957.648594][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 957.654465][ C1] RIP: 0033:0x45cb29 [ 957.658548][ C1] Code: Bad RIP value. [ 957.662644][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 957.671043][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 957.679293][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 957.687377][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 957.695524][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 957.703484][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 957.711463][ C1] syz-executor.1 S28384 11708 6984 0x00000000 [ 957.717811][ C1] Call Trace: [ 957.721087][ C1] __schedule+0x8e1/0x1eb0 [ 957.725503][ C1] ? io_schedule_timeout+0x140/0x140 [ 957.730794][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 957.736248][ C1] schedule+0xd0/0x2a0 [ 957.740304][ C1] futex_wait_queue_me+0x2a7/0x570 [ 957.745574][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 957.750756][ C1] futex_wait+0x1df/0x560 [ 957.755079][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 957.760084][ C1] ? wake_up_q+0xa3/0x100 [ 957.764388][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 957.769564][ C1] ? futex_wake+0x155/0x490 [ 957.774054][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 957.780114][ C1] do_futex+0x15b/0x1a60 [ 957.784339][ C1] ? lock_acquire+0x1f1/0xad0 [ 957.789008][ C1] ? __might_fault+0xef/0x1d0 [ 957.793673][ C1] ? find_held_lock+0x2d/0x110 [ 957.798416][ C1] ? futex_exit_release+0x220/0x220 [ 957.803671][ C1] ? lock_downgrade+0x820/0x820 [ 957.808589][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 957.814816][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 957.819825][ C1] ? __might_fault+0x190/0x1d0 [ 957.824566][ C1] ? _copy_to_user+0x126/0x160 [ 957.829330][ C1] __x64_sys_futex+0x378/0x4e0 [ 957.834077][ C1] ? do_futex+0x1a60/0x1a60 [ 957.838573][ C1] ? lock_is_held_type+0xb0/0xe0 [ 957.843499][ C1] ? do_syscall_64+0x1c/0xe0 [ 957.848071][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 957.854075][ C1] do_syscall_64+0x60/0xe0 [ 957.859460][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 957.865439][ C1] RIP: 0033:0x45cb29 [ 957.869742][ C1] Code: Bad RIP value. [ 957.873804][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 957.882280][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 957.890498][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 957.898463][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 957.906433][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 957.914403][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 957.922373][ C1] syz-executor.1 S28320 11722 6984 0x00000000 [ 957.928811][ C1] Call Trace: [ 957.932082][ C1] __schedule+0x8e1/0x1eb0 [ 957.936482][ C1] ? io_schedule_timeout+0x140/0x140 [ 957.941745][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 957.947185][ C1] schedule+0xd0/0x2a0 [ 957.951233][ C1] futex_wait_queue_me+0x2a7/0x570 [ 957.956339][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 957.962999][ C1] futex_wait+0x1df/0x560 [ 957.967624][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 957.972852][ C1] ? wake_up_q+0xa3/0x100 [ 957.977170][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 957.982350][ C1] ? futex_wake+0x155/0x490 [ 957.987373][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 957.993400][ C1] do_futex+0x15b/0x1a60 [ 957.997770][ C1] ? lock_acquire+0x1f1/0xad0 [ 958.002458][ C1] ? __might_fault+0xef/0x1d0 [ 958.007200][ C1] ? find_held_lock+0x2d/0x110 [ 958.011985][ C1] ? futex_exit_release+0x220/0x220 [ 958.017466][ C1] ? lock_downgrade+0x820/0x820 [ 958.022938][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 958.029174][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 958.034194][ C1] ? __might_fault+0x190/0x1d0 [ 958.038933][ C1] ? _copy_to_user+0x126/0x160 [ 958.043679][ C1] __x64_sys_futex+0x378/0x4e0 [ 958.048423][ C1] ? do_futex+0x1a60/0x1a60 [ 958.052905][ C1] ? lock_is_held_type+0xb0/0xe0 [ 958.057820][ C1] ? do_syscall_64+0x1c/0xe0 [ 958.062408][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 958.068383][ C1] do_syscall_64+0x60/0xe0 [ 958.072778][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 958.078649][ C1] RIP: 0033:0x45cb29 [ 958.082516][ C1] Code: Bad RIP value. [ 958.086558][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 958.094960][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 958.103015][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 958.111051][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 958.119023][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 958.127068][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 958.135236][ C1] syz-executor.1 S28384 11741 6984 0x00000000 [ 958.141791][ C1] Call Trace: [ 958.145073][ C1] __schedule+0x8e1/0x1eb0 [ 958.149706][ C1] ? io_schedule_timeout+0x140/0x140 [ 958.155004][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 958.160475][ C1] schedule+0xd0/0x2a0 [ 958.164533][ C1] futex_wait_queue_me+0x2a7/0x570 [ 958.169714][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 958.174893][ C1] futex_wait+0x1df/0x560 [ 958.179216][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 958.184240][ C1] ? wake_up_q+0xa3/0x100 [ 958.188566][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 958.194090][ C1] ? futex_wake+0x155/0x490 [ 958.198579][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 958.204540][ C1] do_futex+0x15b/0x1a60 [ 958.208789][ C1] ? lock_acquire+0x1f1/0xad0 [ 958.213459][ C1] ? __might_fault+0xef/0x1d0 [ 958.218114][ C1] ? find_held_lock+0x2d/0x110 [ 958.222858][ C1] ? futex_exit_release+0x220/0x220 [ 958.228036][ C1] ? lock_downgrade+0x820/0x820 [ 958.232873][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 958.239095][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 958.244102][ C1] ? __might_fault+0x190/0x1d0 [ 958.248843][ C1] ? _copy_to_user+0x126/0x160 [ 958.253594][ C1] __x64_sys_futex+0x378/0x4e0 [ 958.258342][ C1] ? do_futex+0x1a60/0x1a60 [ 958.262837][ C1] ? lock_is_held_type+0xb0/0xe0 [ 958.267949][ C1] ? do_syscall_64+0x1c/0xe0 [ 958.272702][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 958.278874][ C1] do_syscall_64+0x60/0xe0 [ 958.283398][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 958.289276][ C1] RIP: 0033:0x45cb29 [ 958.293168][ C1] Code: Bad RIP value. [ 958.297340][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 958.305757][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 958.313794][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 958.321896][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 958.329862][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 958.338596][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 958.346562][ C1] syz-executor.1 S28384 11750 6984 0x00000000 [ 958.353570][ C1] Call Trace: [ 958.356848][ C1] __schedule+0x8e1/0x1eb0 [ 958.361249][ C1] ? io_schedule_timeout+0x140/0x140 [ 958.366558][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 958.372073][ C1] schedule+0xd0/0x2a0 [ 958.376129][ C1] futex_wait_queue_me+0x2a7/0x570 [ 958.381313][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 958.386513][ C1] futex_wait+0x1df/0x560 [ 958.390828][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 958.395853][ C1] ? wake_up_q+0xa3/0x100 [ 958.400162][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 958.405360][ C1] ? futex_wake+0x155/0x490 [ 958.409868][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 958.415836][ C1] do_futex+0x15b/0x1a60 [ 958.420177][ C1] ? lock_acquire+0x1f1/0xad0 [ 958.424837][ C1] ? __might_fault+0xef/0x1d0 [ 958.429510][ C1] ? find_held_lock+0x2d/0x110 [ 958.434265][ C1] ? futex_exit_release+0x220/0x220 [ 958.439474][ C1] ? lock_downgrade+0x820/0x820 [ 958.444315][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 958.450533][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 958.455554][ C1] ? __might_fault+0x190/0x1d0 [ 958.460294][ C1] ? _copy_to_user+0x126/0x160 [ 958.465058][ C1] __x64_sys_futex+0x378/0x4e0 [ 958.469921][ C1] ? do_futex+0x1a60/0x1a60 [ 958.474407][ C1] ? lock_is_held_type+0xb0/0xe0 [ 958.479323][ C1] ? do_syscall_64+0x1c/0xe0 [ 958.483893][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 958.489869][ C1] do_syscall_64+0x60/0xe0 [ 958.494277][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 958.500147][ C1] RIP: 0033:0x45cb29 [ 958.504010][ C1] Code: Bad RIP value. [ 958.508051][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 958.516442][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 958.524392][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 958.532774][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 958.540741][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 958.548788][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 958.556759][ C1] syz-executor.1 S28384 11761 6984 0x00000000 [ 958.563075][ C1] Call Trace: [ 958.566345][ C1] __schedule+0x8e1/0x1eb0 [ 958.570744][ C1] ? io_schedule_timeout+0x140/0x140 [ 958.576007][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 958.581447][ C1] schedule+0xd0/0x2a0 [ 958.585496][ C1] futex_wait_queue_me+0x2a7/0x570 [ 958.590584][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 958.595759][ C1] futex_wait+0x1df/0x560 [ 958.600077][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 958.605178][ C1] ? wake_up_q+0xa3/0x100 [ 958.609496][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 958.614671][ C1] ? futex_wake+0x155/0x490 [ 958.619260][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 958.625229][ C1] do_futex+0x15b/0x1a60 [ 958.629455][ C1] ? lock_acquire+0x1f1/0xad0 [ 958.634122][ C1] ? __might_fault+0xef/0x1d0 [ 958.638786][ C1] ? find_held_lock+0x2d/0x110 [ 958.643541][ C1] ? futex_exit_release+0x220/0x220 [ 958.648717][ C1] ? lock_downgrade+0x820/0x820 [ 958.653566][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 958.659903][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 958.665005][ C1] ? __might_fault+0x190/0x1d0 [ 958.669772][ C1] ? _copy_to_user+0x126/0x160 [ 958.674568][ C1] __x64_sys_futex+0x378/0x4e0 [ 958.679324][ C1] ? do_futex+0x1a60/0x1a60 [ 958.683915][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 958.689876][ C1] ? lock_is_held_type+0xb0/0xe0 [ 958.694813][ C1] ? do_syscall_64+0x1c/0xe0 [ 958.699379][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 958.705339][ C1] do_syscall_64+0x60/0xe0 [ 958.709733][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 958.715603][ C1] RIP: 0033:0x45cb29 [ 958.719481][ C1] Code: Bad RIP value. [ 958.723529][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 958.731916][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 958.739879][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 958.748025][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 958.755986][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 958.763934][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 958.772158][ C1] syz-executor.1 S29976 11774 6984 0x00000000 [ 958.778474][ C1] Call Trace: [ 958.781765][ C1] __schedule+0x8e1/0x1eb0 [ 958.786165][ C1] ? io_schedule_timeout+0x140/0x140 [ 958.791444][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 958.796891][ C1] schedule+0xd0/0x2a0 [ 958.800943][ C1] futex_wait_queue_me+0x2a7/0x570 [ 958.806049][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 958.811224][ C1] ? futex_wake+0x1b5/0x490 [ 958.815726][ C1] ? find_held_lock+0x2d/0x110 [ 958.820470][ C1] futex_wait+0x1df/0x560 [ 958.824809][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 958.829809][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 958.834726][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 958.839917][ C1] ? futex_wake+0x155/0x490 [ 958.844419][ C1] ? lock_downgrade+0x820/0x820 [ 958.849251][ C1] do_futex+0x15b/0x1a60 [ 958.853473][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 958.858647][ C1] ? _raw_spin_unlock+0x24/0x40 [ 958.863501][ C1] ? do_wp_page+0x16a/0x1950 [ 958.868086][ C1] ? futex_exit_release+0x220/0x220 [ 958.873266][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 958.878275][ C1] ? find_held_lock+0x2d/0x110 [ 958.883028][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 958.888202][ C1] ? __up_read+0x1a1/0x7b0 [ 958.892617][ C1] ? _down_write_nest_lock+0x150/0x150 [ 958.898055][ C1] __x64_sys_futex+0x378/0x4e0 [ 958.902814][ C1] ? do_futex+0x1a60/0x1a60 [ 958.907294][ C1] ? lock_is_held_type+0xb0/0xe0 [ 958.912211][ C1] ? lock_is_held_type+0xb0/0xe0 [ 958.917139][ C1] ? do_syscall_64+0x1c/0xe0 [ 958.921708][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 958.927684][ C1] do_syscall_64+0x60/0xe0 [ 958.932083][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 958.937970][ C1] RIP: 0033:0x45cb29 [ 958.941848][ C1] Code: Bad RIP value. [ 958.945918][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 958.954316][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 958.962265][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 958.970213][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 958.978173][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 958.986125][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 958.994089][ C1] syz-executor.1 S29976 11805 6984 0x00000000 [ 959.000413][ C1] Call Trace: [ 959.003700][ C1] __schedule+0x8e1/0x1eb0 [ 959.008101][ C1] ? io_schedule_timeout+0x140/0x140 [ 959.013361][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 959.018801][ C1] schedule+0xd0/0x2a0 [ 959.022848][ C1] futex_wait_queue_me+0x2a7/0x570 [ 959.027979][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 959.033158][ C1] futex_wait+0x1df/0x560 [ 959.037474][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 959.042487][ C1] ? hash_futex+0x12/0x200 [ 959.046883][ C1] ? futex_wake+0x155/0x490 [ 959.051392][ C1] ? lock_downgrade+0x820/0x820 [ 959.056229][ C1] do_futex+0x15b/0x1a60 [ 959.060475][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 959.065650][ C1] ? _raw_spin_unlock+0x24/0x40 [ 959.070504][ C1] ? do_wp_page+0x16a/0x1950 [ 959.075080][ C1] ? futex_exit_release+0x220/0x220 [ 959.080268][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 959.085276][ C1] ? find_held_lock+0x2d/0x110 [ 959.090033][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 959.095207][ C1] ? __up_read+0x1a1/0x7b0 [ 959.099601][ C1] ? _down_write_nest_lock+0x150/0x150 [ 959.105042][ C1] __x64_sys_futex+0x378/0x4e0 [ 959.109804][ C1] ? do_futex+0x1a60/0x1a60 [ 959.114299][ C1] ? lock_is_held_type+0xb0/0xe0 [ 959.119213][ C1] ? lock_is_held_type+0xb0/0xe0 [ 959.124130][ C1] ? do_syscall_64+0x1c/0xe0 [ 959.128697][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 959.134658][ C1] do_syscall_64+0x60/0xe0 [ 959.139055][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 959.144923][ C1] RIP: 0033:0x45cb29 [ 959.148790][ C1] Code: Bad RIP value. [ 959.152848][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 959.161252][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 959.169221][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 959.177190][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 959.185151][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 959.193098][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 959.201072][ C1] syz-executor.1 S28384 11839 6984 0x00000000 [ 959.207608][ C1] Call Trace: [ 959.210906][ C1] __schedule+0x8e1/0x1eb0 [ 959.215328][ C1] ? io_schedule_timeout+0x140/0x140 [ 959.220825][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 959.226540][ C1] schedule+0xd0/0x2a0 [ 959.232333][ C1] futex_wait_queue_me+0x2a7/0x570 [ 959.237762][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 959.243435][ C1] futex_wait+0x1df/0x560 [ 959.247811][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 959.253655][ C1] ? wake_up_q+0xa3/0x100 [ 959.257978][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 959.263368][ C1] ? futex_wake+0x155/0x490 [ 959.268043][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 959.274015][ C1] do_futex+0x15b/0x1a60 [ 959.278243][ C1] ? lock_acquire+0x1f1/0xad0 [ 959.282898][ C1] ? __might_fault+0xef/0x1d0 [ 959.287555][ C1] ? find_held_lock+0x2d/0x110 [ 959.292300][ C1] ? futex_exit_release+0x220/0x220 [ 959.297489][ C1] ? lock_downgrade+0x820/0x820 [ 959.302616][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 959.309127][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 959.314149][ C1] ? __might_fault+0x190/0x1d0 [ 959.318904][ C1] ? _copy_to_user+0x126/0x160 [ 959.323676][ C1] __x64_sys_futex+0x378/0x4e0 [ 959.328440][ C1] ? do_futex+0x1a60/0x1a60 [ 959.332940][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 959.338654][ C1] ? lock_is_held_type+0xb0/0xe0 [ 959.343577][ C1] ? do_syscall_64+0x1c/0xe0 [ 959.348166][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 959.354144][ C1] do_syscall_64+0x60/0xe0 [ 959.358562][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 959.364440][ C1] RIP: 0033:0x45cb29 [ 959.368314][ C1] Code: Bad RIP value. [ 959.372611][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 959.381116][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 959.389071][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 959.397031][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 959.405081][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 959.413042][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 959.421182][ C1] syz-executor.1 S29976 11848 11839 0x00000000 [ 959.427520][ C1] Call Trace: [ 959.433333][ C1] __schedule+0x8e1/0x1eb0 [ 959.437743][ C1] ? io_schedule_timeout+0x140/0x140 [ 959.443009][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 959.448547][ C1] schedule+0xd0/0x2a0 [ 959.452691][ C1] futex_wait_queue_me+0x2a7/0x570 [ 959.457806][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 959.463961][ C1] futex_wait+0x1df/0x560 [ 959.468322][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 959.473328][ C1] ? mark_lock+0xbc/0x1710 [ 959.478108][ C1] ? hash_futex+0x12/0x200 [ 959.482522][ C1] ? futex_wake+0x155/0x490 [ 959.487073][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 959.492329][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 959.498406][ C1] ? lock_downgrade+0x820/0x820 [ 959.503267][ C1] do_futex+0x15b/0x1a60 [ 959.507499][ C1] ? lock_acquire+0x1f1/0xad0 [ 959.512176][ C1] ? __might_fault+0xef/0x1d0 [ 959.516848][ C1] ? find_held_lock+0x2d/0x110 [ 959.521599][ C1] ? futex_exit_release+0x220/0x220 [ 959.526812][ C1] ? lock_downgrade+0x820/0x820 [ 959.531654][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 959.537954][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 959.542983][ C1] ? __might_fault+0x190/0x1d0 [ 959.547914][ C1] ? _copy_to_user+0x126/0x160 [ 959.553186][ C1] __x64_sys_futex+0x378/0x4e0 [ 959.557929][ C1] ? do_futex+0x1a60/0x1a60 [ 959.562415][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 959.568042][ C1] ? lock_is_held_type+0xb0/0xe0 [ 959.572955][ C1] ? do_syscall_64+0x1c/0xe0 [ 959.579015][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 959.586053][ C1] do_syscall_64+0x60/0xe0 [ 959.590467][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 959.596348][ C1] RIP: 0033:0x45cb29 [ 959.600216][ C1] Code: Bad RIP value. [ 959.604362][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 959.612945][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 959.621168][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 959.629126][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 959.637091][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 959.645051][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 959.653013][ C1] syz-executor.1 S29976 11872 6984 0x00000000 [ 959.659345][ C1] Call Trace: [ 959.662619][ C1] __schedule+0x8e1/0x1eb0 [ 959.667016][ C1] ? io_schedule_timeout+0x140/0x140 [ 959.672279][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 959.677732][ C1] schedule+0xd0/0x2a0 [ 959.681783][ C1] futex_wait_queue_me+0x2a7/0x570 [ 959.686962][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 959.692487][ C1] futex_wait+0x1df/0x560 [ 959.696797][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 959.701801][ C1] ? hash_futex+0x12/0x200 [ 959.706194][ C1] ? futex_wake+0x155/0x490 [ 959.710686][ C1] ? lock_downgrade+0x820/0x820 [ 959.715531][ C1] do_futex+0x15b/0x1a60 [ 959.719780][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 959.724980][ C1] ? _raw_spin_unlock+0x24/0x40 [ 959.729816][ C1] ? do_wp_page+0x16a/0x1950 [ 959.734518][ C1] ? futex_exit_release+0x220/0x220 [ 959.739858][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 959.745160][ C1] ? find_held_lock+0x2d/0x110 [ 959.749921][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 959.755448][ C1] ? __up_read+0x1a1/0x7b0 [ 959.760153][ C1] ? _down_write_nest_lock+0x150/0x150 [ 959.765950][ C1] __x64_sys_futex+0x378/0x4e0 [ 959.771953][ C1] ? do_futex+0x1a60/0x1a60 [ 959.776526][ C1] ? lock_is_held_type+0xb0/0xe0 [ 959.782494][ C1] ? lock_is_held_type+0xb0/0xe0 [ 959.787440][ C1] ? do_syscall_64+0x1c/0xe0 [ 959.792015][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 959.798077][ C1] do_syscall_64+0x60/0xe0 [ 959.802740][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 959.809319][ C1] RIP: 0033:0x45cb29 [ 959.813185][ C1] Code: Bad RIP value. [ 959.817284][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 959.825721][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 959.833681][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 959.841633][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 959.849710][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 959.857666][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 959.865647][ C1] syz-executor.0 D26264 11905 6845 0x00004000 [ 959.871978][ C1] Call Trace: [ 959.875262][ C1] __schedule+0x8e1/0x1eb0 [ 959.880477][ C1] ? io_schedule_timeout+0x140/0x140 [ 959.885752][ C1] schedule+0xd0/0x2a0 [ 959.889801][ C1] schedule_timeout+0x1d8/0x250 [ 959.894654][ C1] ? usleep_range+0x170/0x170 [ 959.899328][ C1] ? lock_downgrade+0x820/0x820 [ 959.904176][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 959.909201][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 959.914381][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 959.920358][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 959.925365][ C1] wait_for_completion_killable+0x162/0x310 [ 959.931241][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 959.936442][ C1] ? wait_for_completion_killable_timeout+0x2e0/0x2e0 [ 959.943205][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 959.949238][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 959.954253][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 959.959418][ C1] _do_fork+0x5d7/0xa70 [ 959.963738][ C1] ? copy_init_mm+0x20/0x20 [ 959.968244][ C1] ? native_apic_msr_write+0x54/0x80 [ 959.973598][ C1] ? lapic_next_event+0x4d/0x80 [ 959.978431][ C1] __do_sys_clone+0xef/0x150 [ 959.984830][ C1] ? __do_sys_clone3+0x320/0x320 [ 959.989745][ C1] ? hrtimer_interrupt+0x6ea/0x930 [ 959.994860][ C1] ? lock_is_held_type+0xb0/0xe0 [ 959.999782][ C1] ? do_syscall_64+0x1c/0xe0 [ 960.004363][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 960.010331][ C1] do_syscall_64+0x60/0xe0 [ 960.014724][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 960.020604][ C1] RIP: 0033:0x45cb29 [ 960.024478][ C1] Code: Bad RIP value. [ 960.028530][ C1] RSP: 002b:00007fbcbd7a7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 960.036914][ C1] RAX: ffffffffffffffda RBX: 00000000004db560 RCX: 000000000045cb29 [ 960.044863][ C1] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 00000000e1004d7c [ 960.052814][ C1] RBP: 000000000078bf00 R08: ffffffffffffffff R09: 0000000000000000 [ 960.060764][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 960.068813][ C1] R13: 000000000000007c R14: 00000000004c34ba R15: 00007fbcbd7a86d4 [ 960.076892][ C1] wg-crypt-wiregu I30952 11912 2 0x00004000 [ 960.083230][ C1] Call Trace: [ 960.086506][ C1] __schedule+0x8e1/0x1eb0 [ 960.090909][ C1] ? io_schedule_timeout+0x140/0x140 [ 960.096172][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 960.101184][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 960.106373][ C1] schedule+0xd0/0x2a0 [ 960.110420][ C1] rescuer_thread+0x7a7/0xd30 [ 960.115081][ C1] ? worker_thread+0x1120/0x1120 [ 960.119995][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 960.125098][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 960.130095][ C1] ? worker_thread+0x1120/0x1120 [ 960.135022][ C1] kthread+0x3b5/0x4a0 [ 960.139065][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 960.144150][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 960.149239][ C1] ret_from_fork+0x1f/0x30 [ 960.153658][ C1] syz-executor.0 S29056 11954 11905 0x00000000 [ 960.159975][ C1] Call Trace: [ 960.163242][ C1] __schedule+0x8e1/0x1eb0 [ 960.167728][ C1] ? io_schedule_timeout+0x140/0x140 [ 960.172986][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 960.178421][ C1] schedule+0xd0/0x2a0 [ 960.182490][ C1] futex_wait_queue_me+0x2a7/0x570 [ 960.187608][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 960.193348][ C1] futex_wait+0x1df/0x560 [ 960.197869][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 960.202902][ C1] ? mark_lock+0xbc/0x1710 [ 960.207446][ C1] ? hash_futex+0x12/0x200 [ 960.211861][ C1] ? futex_wake+0x155/0x490 [ 960.216553][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 960.221581][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 960.227558][ C1] do_futex+0x15b/0x1a60 [ 960.231817][ C1] ? lock_acquire+0x1f1/0xad0 [ 960.237844][ C1] ? __might_fault+0xef/0x1d0 [ 960.242872][ C1] ? find_held_lock+0x2d/0x110 [ 960.247636][ C1] ? futex_exit_release+0x220/0x220 [ 960.252839][ C1] ? lock_downgrade+0x820/0x820 [ 960.257669][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 960.264600][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 960.269624][ C1] ? __might_fault+0x190/0x1d0 [ 960.274667][ C1] ? _copy_to_user+0x126/0x160 [ 960.279646][ C1] __x64_sys_futex+0x378/0x4e0 [ 960.284397][ C1] ? do_futex+0x1a60/0x1a60 [ 960.288879][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 960.294497][ C1] ? lock_is_held_type+0xb0/0xe0 [ 960.299419][ C1] ? do_syscall_64+0x1c/0xe0 [ 960.303988][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 960.310183][ C1] do_syscall_64+0x60/0xe0 [ 960.314611][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 960.320498][ C1] RIP: 0033:0x45cb29 [ 960.324373][ C1] Code: Bad RIP value. [ 960.328425][ C1] RSP: 002b:00007fbcbd7a7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 960.336831][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 960.344920][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 960.352887][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 960.360929][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 960.368878][ C1] R13: 0000000000c9fb6f R14: 00007fbcbd7a89c0 R15: 000000000078bf0c [ 960.376854][ C1] wg-crypt-wiregu I30952 11963 2 0x00004000 [ 960.383176][ C1] Call Trace: [ 960.386549][ C1] __schedule+0x8e1/0x1eb0 [ 960.390948][ C1] ? io_schedule_timeout+0x140/0x140 [ 960.396228][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 960.401230][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 960.406406][ C1] schedule+0xd0/0x2a0 [ 960.410499][ C1] rescuer_thread+0x7a7/0xd30 [ 960.415173][ C1] ? worker_thread+0x1120/0x1120 [ 960.420099][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 960.425198][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 960.430200][ C1] ? worker_thread+0x1120/0x1120 [ 960.435113][ C1] kthread+0x3b5/0x4a0 [ 960.439159][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 960.444249][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 960.449348][ C1] ret_from_fork+0x1f/0x30 [ 960.453773][ C1] syz-executor.1 S29976 11970 6984 0x00000000 [ 960.460090][ C1] Call Trace: [ 960.463374][ C1] __schedule+0x8e1/0x1eb0 [ 960.467795][ C1] ? io_schedule_timeout+0x140/0x140 [ 960.473122][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 960.478769][ C1] schedule+0xd0/0x2a0 [ 960.482845][ C1] futex_wait_queue_me+0x2a7/0x570 [ 960.488041][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 960.493245][ C1] futex_wait+0x1df/0x560 [ 960.497561][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 960.502585][ C1] ? hash_futex+0x12/0x200 [ 960.507001][ C1] ? futex_wake+0x155/0x490 [ 960.511504][ C1] ? lock_downgrade+0x820/0x820 [ 960.516362][ C1] do_futex+0x15b/0x1a60 [ 960.520585][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 960.525764][ C1] ? _raw_spin_unlock+0x24/0x40 [ 960.530595][ C1] ? do_wp_page+0x16a/0x1950 [ 960.535185][ C1] ? futex_exit_release+0x220/0x220 [ 960.540393][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 960.545569][ C1] ? find_held_lock+0x2d/0x110 [ 960.550330][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 960.555531][ C1] ? __up_read+0x1a1/0x7b0 [ 960.560279][ C1] ? _down_write_nest_lock+0x150/0x150 [ 960.565736][ C1] __x64_sys_futex+0x378/0x4e0 [ 960.571092][ C1] ? do_futex+0x1a60/0x1a60 [ 960.576109][ C1] ? lock_is_held_type+0xb0/0xe0 [ 960.581114][ C1] ? lock_is_held_type+0xb0/0xe0 [ 960.586049][ C1] ? do_syscall_64+0x1c/0xe0 [ 960.590630][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 960.596591][ C1] do_syscall_64+0x60/0xe0 [ 960.601001][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 960.606893][ C1] RIP: 0033:0x45cb29 [ 960.610757][ C1] Code: Bad RIP value. [ 960.614797][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 960.625197][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 960.633653][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 960.642062][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 960.651196][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 960.660916][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 960.669406][ C1] wg-crypt-wiregu I30984 11998 2 0x00004000 [ 960.676729][ C1] Call Trace: [ 960.680209][ C1] __schedule+0x8e1/0x1eb0 [ 960.684879][ C1] ? io_schedule_timeout+0x140/0x140 [ 960.691007][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 960.696022][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 960.701230][ C1] schedule+0xd0/0x2a0 [ 960.705315][ C1] rescuer_thread+0x7a7/0xd30 [ 960.710011][ C1] ? worker_thread+0x1120/0x1120 [ 960.715034][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 960.720615][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 960.727885][ C1] ? worker_thread+0x1120/0x1120 [ 960.732834][ C1] kthread+0x3b5/0x4a0 [ 960.736884][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 960.741992][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 960.747190][ C1] ret_from_fork+0x1f/0x30 [ 960.751748][ C1] syz-executor.0 S29056 12025 6845 0x00000000 [ 960.758438][ C1] Call Trace: [ 960.761911][ C1] __schedule+0x8e1/0x1eb0 [ 960.768168][ C1] ? io_schedule_timeout+0x140/0x140 [ 960.773461][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 960.779245][ C1] schedule+0xd0/0x2a0 [ 960.784823][ C1] futex_wait_queue_me+0x2a7/0x570 [ 960.790091][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 960.797199][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 960.802708][ C1] futex_wait+0x1df/0x560 [ 960.807731][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 960.812822][ C1] ? mark_lock+0xbc/0x1710 [ 960.817233][ C1] ? hash_futex+0x12/0x200 [ 960.822519][ C1] ? futex_wake+0x155/0x490 [ 960.827023][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 960.832432][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 960.839702][ C1] do_futex+0x15b/0x1a60 [ 960.844036][ C1] ? lock_acquire+0x1f1/0xad0 [ 960.849920][ C1] ? __might_fault+0xef/0x1d0 [ 960.854590][ C1] ? find_held_lock+0x2d/0x110 [ 960.859623][ C1] ? futex_exit_release+0x220/0x220 [ 960.864802][ C1] ? lock_downgrade+0x820/0x820 [ 960.870416][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 960.876741][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 960.881833][ C1] ? __might_fault+0x190/0x1d0 [ 960.886587][ C1] ? _copy_to_user+0x126/0x160 [ 960.891432][ C1] __x64_sys_futex+0x378/0x4e0 [ 960.896198][ C1] ? do_futex+0x1a60/0x1a60 [ 960.900707][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 960.908950][ C1] ? lock_is_held_type+0xb0/0xe0 [ 960.913998][ C1] ? do_syscall_64+0x1c/0xe0 [ 960.918590][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 960.924557][ C1] do_syscall_64+0x60/0xe0 [ 960.929062][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 960.935020][ C1] RIP: 0033:0x45cb29 [ 960.939321][ C1] Code: Bad RIP value. [ 960.943365][ C1] RSP: 002b:00007fbcbd7a7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 960.952190][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 960.960161][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 960.970905][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 960.982002][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 960.991942][ C1] R13: 0000000000c9fb6f R14: 00007fbcbd7a89c0 R15: 000000000078bf0c [ 961.000749][ C1] syz-executor.1 S28384 12044 6984 0x00000000 [ 961.010302][ C1] Call Trace: [ 961.013782][ C1] __schedule+0x8e1/0x1eb0 [ 961.018809][ C1] ? io_schedule_timeout+0x140/0x140 [ 961.024095][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 961.030250][ C1] schedule+0xd0/0x2a0 [ 961.034332][ C1] futex_wait_queue_me+0x2a7/0x570 [ 961.039633][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 961.045138][ C1] futex_wait+0x1df/0x560 [ 961.050364][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 961.055816][ C1] ? mark_lock+0xbc/0x1710 [ 961.060884][ C1] ? hash_futex+0x12/0x200 [ 961.065393][ C1] ? futex_wake+0x155/0x490 [ 961.069902][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 961.079155][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 961.086761][ C1] ? _kstrtoull+0x186/0x420 [ 961.091251][ C1] do_futex+0x15b/0x1a60 [ 961.096023][ C1] ? lock_acquire+0x1f1/0xad0 [ 961.101275][ C1] ? __might_fault+0xef/0x1d0 [ 961.106246][ C1] ? find_held_lock+0x2d/0x110 [ 961.111119][ C1] ? futex_exit_release+0x220/0x220 [ 961.119533][ C1] ? lock_downgrade+0x820/0x820 [ 961.124487][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 961.130825][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 961.136194][ C1] ? __might_fault+0x190/0x1d0 [ 961.141098][ C1] ? _copy_to_user+0x126/0x160 [ 961.145881][ C1] __x64_sys_futex+0x378/0x4e0 [ 961.150723][ C1] ? do_futex+0x1a60/0x1a60 [ 961.155486][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 961.162238][ C1] ? lock_is_held_type+0xb0/0xe0 [ 961.167992][ C1] ? do_syscall_64+0x1c/0xe0 [ 961.172665][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 961.178633][ C1] do_syscall_64+0x60/0xe0 [ 961.183162][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 961.189835][ C1] RIP: 0033:0x45cb29 [ 961.194178][ C1] Code: Bad RIP value. [ 961.198414][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 961.206912][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 961.215146][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 961.223332][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 961.231292][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 961.239718][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 961.249304][ C1] syz-executor.1 S29976 12084 6984 0x00000000 [ 961.255696][ C1] Call Trace: [ 961.258978][ C1] __schedule+0x8e1/0x1eb0 [ 961.264512][ C1] ? io_schedule_timeout+0x140/0x140 [ 961.269805][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 961.275286][ C1] schedule+0xd0/0x2a0 [ 961.279360][ C1] futex_wait_queue_me+0x2a7/0x570 [ 961.284556][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 961.289753][ C1] futex_wait+0x1df/0x560 [ 961.294409][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 961.299434][ C1] ? hash_futex+0x12/0x200 [ 961.303831][ C1] ? futex_wake+0x155/0x490 [ 961.308432][ C1] ? lock_downgrade+0x820/0x820 [ 961.313288][ C1] do_futex+0x15b/0x1a60 [ 961.317620][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 961.322883][ C1] ? _raw_spin_unlock+0x24/0x40 [ 961.327711][ C1] ? do_wp_page+0x16a/0x1950 [ 961.332488][ C1] ? futex_exit_release+0x220/0x220 [ 961.340767][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 961.346980][ C1] ? find_held_lock+0x2d/0x110 [ 961.352057][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 961.357526][ C1] ? __up_read+0x1a1/0x7b0 [ 961.362393][ C1] ? _down_write_nest_lock+0x150/0x150 [ 961.369923][ C1] __x64_sys_futex+0x378/0x4e0 [ 961.374798][ C1] ? do_futex+0x1a60/0x1a60 [ 961.379339][ C1] ? lock_is_held_type+0xb0/0xe0 [ 961.384262][ C1] ? lock_is_held_type+0xb0/0xe0 [ 961.390652][ C1] ? do_syscall_64+0x1c/0xe0 [ 961.395815][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 961.401998][ C1] do_syscall_64+0x60/0xe0 [ 961.406559][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 961.412451][ C1] RIP: 0033:0x45cb29 [ 961.417681][ C1] Code: Bad RIP value. [ 961.422518][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 961.432277][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 961.440671][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 961.449209][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 961.457176][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 961.465321][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 961.473573][ C1] syz-executor.1 S28384 12099 6984 0x00000000 [ 961.479986][ C1] Call Trace: [ 961.483356][ C1] __schedule+0x8e1/0x1eb0 [ 961.487872][ C1] ? io_schedule_timeout+0x140/0x140 [ 961.493187][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 961.498766][ C1] schedule+0xd0/0x2a0 [ 961.502826][ C1] futex_wait_queue_me+0x2a7/0x570 [ 961.508006][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 961.513308][ C1] futex_wait+0x1df/0x560 [ 961.517709][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 961.522717][ C1] ? wake_up_q+0xa3/0x100 [ 961.527042][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 961.532221][ C1] ? futex_wake+0x155/0x490 [ 961.536729][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 961.542743][ C1] do_futex+0x15b/0x1a60 [ 961.548568][ C1] ? lock_acquire+0x1f1/0xad0 [ 961.553231][ C1] ? __might_fault+0xef/0x1d0 [ 961.557991][ C1] ? find_held_lock+0x2d/0x110 [ 961.562732][ C1] ? futex_exit_release+0x220/0x220 [ 961.568004][ C1] ? lock_downgrade+0x820/0x820 [ 961.572918][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 961.579133][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 961.584485][ C1] ? __might_fault+0x190/0x1d0 [ 961.589223][ C1] ? _copy_to_user+0x126/0x160 [ 961.594054][ C1] __x64_sys_futex+0x378/0x4e0 [ 961.598798][ C1] ? do_futex+0x1a60/0x1a60 [ 961.603381][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 961.608991][ C1] ? lock_is_held_type+0xb0/0xe0 [ 961.614337][ C1] ? do_syscall_64+0x1c/0xe0 [ 961.619233][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 961.625248][ C1] do_syscall_64+0x60/0xe0 [ 961.630141][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 961.639665][ C1] RIP: 0033:0x45cb29 [ 961.643988][ C1] Code: Bad RIP value. [ 961.648032][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 961.657652][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 961.665812][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 961.678076][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 961.688378][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 961.698453][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 961.706966][ C1] syz-executor.1 S29976 12102 6984 0x00000000 [ 961.713480][ C1] Call Trace: [ 961.717625][ C1] __schedule+0x8e1/0x1eb0 [ 961.725007][ C1] ? io_schedule_timeout+0x140/0x140 [ 961.731261][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 961.737163][ C1] schedule+0xd0/0x2a0 [ 961.741997][ C1] futex_wait_queue_me+0x2a7/0x570 [ 961.747108][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 961.752881][ C1] ? futex_wake+0x1b5/0x490 [ 961.757637][ C1] ? find_held_lock+0x2d/0x110 [ 961.762549][ C1] futex_wait+0x1df/0x560 [ 961.767397][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 961.774882][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 961.782578][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 961.789145][ C1] ? futex_wake+0x155/0x490 [ 961.795555][ C1] ? lock_downgrade+0x820/0x820 [ 961.800952][ C1] do_futex+0x15b/0x1a60 [ 961.805512][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 961.811635][ C1] ? _raw_spin_unlock+0x24/0x40 [ 961.820545][ C1] ? do_wp_page+0x16a/0x1950 [ 961.826190][ C1] ? futex_exit_release+0x220/0x220 [ 961.831415][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 961.836446][ C1] ? find_held_lock+0x2d/0x110 [ 961.842922][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 961.848305][ C1] ? __up_read+0x1a1/0x7b0 [ 961.852850][ C1] ? _down_write_nest_lock+0x150/0x150 [ 961.858467][ C1] __x64_sys_futex+0x378/0x4e0 [ 961.863214][ C1] ? do_futex+0x1a60/0x1a60 [ 961.867787][ C1] ? lock_is_held_type+0xb0/0xe0 [ 961.872732][ C1] ? lock_is_held_type+0xb0/0xe0 [ 961.877737][ C1] ? do_syscall_64+0x1c/0xe0 [ 961.882328][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 961.888512][ C1] do_syscall_64+0x60/0xe0 [ 961.893105][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 961.900226][ C1] RIP: 0033:0x45cb29 [ 961.904707][ C1] Code: Bad RIP value. [ 961.909471][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 961.918085][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 961.927103][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 961.936640][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 961.945036][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 961.953075][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 961.962299][ C1] syz-executor.1 S29976 12141 6984 0x00000000 [ 961.969763][ C1] Call Trace: [ 961.973217][ C1] __schedule+0x8e1/0x1eb0 [ 961.977633][ C1] ? io_schedule_timeout+0x140/0x140 [ 961.982905][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 961.988349][ C1] schedule+0xd0/0x2a0 [ 961.992404][ C1] futex_wait_queue_me+0x2a7/0x570 [ 961.997493][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 962.002689][ C1] futex_wait+0x1df/0x560 [ 962.007002][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 962.012053][ C1] ? hash_futex+0x12/0x200 [ 962.016461][ C1] ? futex_wake+0x155/0x490 [ 962.020954][ C1] ? lock_downgrade+0x820/0x820 [ 962.025805][ C1] do_futex+0x15b/0x1a60 [ 962.030237][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 962.035414][ C1] ? _raw_spin_unlock+0x24/0x40 [ 962.040354][ C1] ? do_wp_page+0x16a/0x1950 [ 962.044942][ C1] ? futex_exit_release+0x220/0x220 [ 962.050469][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 962.056209][ C1] ? find_held_lock+0x2d/0x110 [ 962.062116][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 962.067573][ C1] ? __up_read+0x1a1/0x7b0 [ 962.074572][ C1] ? _down_write_nest_lock+0x150/0x150 [ 962.080033][ C1] __x64_sys_futex+0x378/0x4e0 [ 962.084806][ C1] ? do_futex+0x1a60/0x1a60 [ 962.089291][ C1] ? lock_is_held_type+0xb0/0xe0 [ 962.094212][ C1] ? lock_is_held_type+0xb0/0xe0 [ 962.099136][ C1] ? do_syscall_64+0x1c/0xe0 [ 962.103706][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 962.109670][ C1] do_syscall_64+0x60/0xe0 [ 962.114117][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 962.122526][ C1] RIP: 0033:0x45cb29 [ 962.128727][ C1] Code: Bad RIP value. [ 962.132794][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 962.141493][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 962.150032][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 962.158218][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 962.168851][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 962.176820][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 962.185004][ C1] syz-executor.1 S29856 12177 6984 0x00000000 [ 962.193761][ C1] Call Trace: [ 962.197215][ C1] __schedule+0x8e1/0x1eb0 [ 962.201649][ C1] ? io_schedule_timeout+0x140/0x140 [ 962.207041][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 962.213343][ C1] schedule+0xd0/0x2a0 [ 962.217399][ C1] futex_wait_queue_me+0x2a7/0x570 [ 962.222493][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 962.228551][ C1] ? futex_wake+0x1b5/0x490 [ 962.233819][ C1] ? find_held_lock+0x2d/0x110 [ 962.239251][ C1] futex_wait+0x1df/0x560 [ 962.243591][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 962.248599][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 962.253598][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 962.262858][ C1] ? futex_wake+0x155/0x490 [ 962.267532][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 962.273577][ C1] ? lock_downgrade+0x820/0x820 [ 962.279208][ C1] do_futex+0x15b/0x1a60 [ 962.284047][ C1] ? lock_acquire+0x1f1/0xad0 [ 962.289885][ C1] ? __might_fault+0xef/0x1d0 [ 962.294544][ C1] ? find_held_lock+0x2d/0x110 [ 962.300009][ C1] ? futex_exit_release+0x220/0x220 [ 962.305326][ C1] ? lock_downgrade+0x820/0x820 [ 962.310236][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 962.317775][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 962.322903][ C1] ? __might_fault+0x190/0x1d0 [ 962.327671][ C1] ? _copy_to_user+0x126/0x160 [ 962.332424][ C1] __x64_sys_futex+0x378/0x4e0 [ 962.337451][ C1] ? do_futex+0x1a60/0x1a60 [ 962.342831][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 962.348469][ C1] ? lock_is_held_type+0xb0/0xe0 [ 962.354002][ C1] ? do_syscall_64+0x1c/0xe0 [ 962.359292][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 962.367196][ C1] do_syscall_64+0x60/0xe0 [ 962.371599][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 962.377472][ C1] RIP: 0033:0x45cb29 [ 962.381339][ C1] Code: Bad RIP value. [ 962.385555][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 962.395924][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 962.404698][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 962.412776][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 962.421426][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 962.429652][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 962.438112][ C1] syz-executor.1 S29976 12184 6984 0x00000000 [ 962.444440][ C1] Call Trace: [ 962.447715][ C1] __schedule+0x8e1/0x1eb0 [ 962.452112][ C1] ? io_schedule_timeout+0x140/0x140 [ 962.457372][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 962.462810][ C1] schedule+0xd0/0x2a0 [ 962.470975][ C1] futex_wait_queue_me+0x2a7/0x570 [ 962.477372][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 962.482554][ C1] ? futex_wake+0x1b5/0x490 [ 962.487146][ C1] ? find_held_lock+0x2d/0x110 [ 962.492006][ C1] futex_wait+0x1df/0x560 [ 962.496408][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 962.503984][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 962.509493][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 962.514718][ C1] ? futex_wake+0x155/0x490 [ 962.519214][ C1] ? lock_downgrade+0x820/0x820 [ 962.524046][ C1] do_futex+0x15b/0x1a60 [ 962.528316][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 962.533664][ C1] ? _raw_spin_unlock+0x24/0x40 [ 962.540147][ C1] ? do_wp_page+0x16a/0x1950 [ 962.544786][ C1] ? futex_exit_release+0x220/0x220 [ 962.549976][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 962.555381][ C1] ? find_held_lock+0x2d/0x110 [ 962.562231][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 962.567426][ C1] ? __up_read+0x1a1/0x7b0 [ 962.571841][ C1] ? _down_write_nest_lock+0x150/0x150 [ 962.577489][ C1] __x64_sys_futex+0x378/0x4e0 [ 962.582240][ C1] ? do_futex+0x1a60/0x1a60 [ 962.586743][ C1] ? lock_is_held_type+0xb0/0xe0 [ 962.591680][ C1] ? lock_is_held_type+0xb0/0xe0 [ 962.596616][ C1] ? do_syscall_64+0x1c/0xe0 [ 962.601186][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 962.610012][ C1] do_syscall_64+0x60/0xe0 [ 962.615021][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 962.620911][ C1] RIP: 0033:0x45cb29 [ 962.624777][ C1] Code: Bad RIP value. [ 962.628817][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 962.638974][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 962.648843][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 962.657016][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 962.665004][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 962.672958][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 962.680925][ C1] syz-executor.5 D26784 12244 7388 0x00004000 [ 962.688133][ C1] Call Trace: [ 962.691585][ C1] __schedule+0x8e1/0x1eb0 [ 962.696027][ C1] ? io_schedule_timeout+0x140/0x140 [ 962.706010][ C1] schedule+0xd0/0x2a0 [ 962.710067][ C1] schedule_timeout+0x1d8/0x250 [ 962.714906][ C1] ? usleep_range+0x170/0x170 [ 962.719576][ C1] ? lock_downgrade+0x820/0x820 [ 962.724416][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 962.729417][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 962.734591][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 962.740563][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 962.745568][ C1] wait_for_completion_killable+0x162/0x310 [ 962.751647][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 962.757068][ C1] ? wait_for_completion_killable_timeout+0x2e0/0x2e0 [ 962.764164][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 962.770170][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 962.775201][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 962.780305][ C1] _do_fork+0x5d7/0xa70 [ 962.784467][ C1] ? copy_init_mm+0x20/0x20 [ 962.789159][ C1] ? __do_sys_clone+0x81/0x150 [ 962.793930][ C1] __do_sys_clone+0xef/0x150 [ 962.798792][ C1] ? __do_sys_clone3+0x320/0x320 [ 962.803763][ C1] ? hrtimer_interrupt+0x6ea/0x930 [ 962.809449][ C1] ? lock_is_held_type+0xb0/0xe0 [ 962.814371][ C1] ? do_syscall_64+0x1c/0xe0 [ 962.818944][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 962.824921][ C1] do_syscall_64+0x60/0xe0 [ 962.829332][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 962.835209][ C1] RIP: 0033:0x45cb29 [ 962.839078][ C1] Code: Bad RIP value. [ 962.843116][ C1] RSP: 002b:00007f8614cd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 962.851504][ C1] RAX: ffffffffffffffda RBX: 00000000004db560 RCX: 000000000045cb29 [ 962.859479][ C1] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 00000000e1004d7c [ 962.867426][ C1] RBP: 000000000078bf00 R08: ffffffffffffffff R09: 0000000000000000 [ 962.875373][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 962.883322][ C1] R13: 000000000000007c R14: 00000000004c34ba R15: 00007f8614cd36d4 [ 962.891430][ C1] syz-executor.1 S28200 12262 6984 0x00000000 [ 962.897750][ C1] Call Trace: [ 962.902532][ C1] __schedule+0x8e1/0x1eb0 [ 962.906945][ C1] ? io_schedule_timeout+0x140/0x140 [ 962.912215][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 962.917233][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 962.922332][ C1] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 962.928990][ C1] schedule+0xd0/0x2a0 [ 962.933207][ C1] schedule_timeout+0x1d8/0x250 [ 962.938042][ C1] ? usleep_range+0x170/0x170 [ 962.942703][ C1] ? _raw_spin_unlock_irqrestore+0x8c/0xe0 [ 962.948575][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 962.954372][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 962.961282][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 962.967097][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 962.972937][ C1] ? skb_free_datagram+0xf0/0xf0 [ 962.977856][ C1] ? proto_seq_start+0x50/0x50 [ 962.982596][ C1] ? skb_segment.cold+0x38/0x38 [ 962.987516][ C1] ? mark_lock+0xbc/0x1710 [ 962.991932][ C1] __skb_recv_datagram+0x171/0x220 [ 962.997114][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 963.002733][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 963.007830][ C1] skb_recv_datagram+0xa7/0xe0 [ 963.012573][ C1] ? __skb_recv_datagram+0x220/0x220 [ 963.017835][ C1] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 963.023968][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 963.029944][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 963.034947][ C1] raw_recvmsg+0xab/0x550 [ 963.039257][ C1] ? raw_release+0x890/0x890 [ 963.043827][ C1] ? ____sys_recvmsg+0x243/0x640 [ 963.048744][ C1] ? ____sys_recvmsg+0x24d/0x640 [ 963.053673][ C1] ? raw_release+0x890/0x890 [ 963.058241][ C1] ____sys_recvmsg+0x2c4/0x640 [ 963.063055][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 963.069032][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 963.074650][ C1] ? import_iovec+0x23b/0x3d0 [ 963.079309][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 963.084580][ C1] ___sys_recvmsg+0x127/0x200 [ 963.089355][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 963.094981][ C1] ? lock_downgrade+0x820/0x820 [ 963.099840][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 963.104859][ C1] ? __fget_files+0x294/0x400 [ 963.109523][ C1] ? __fget_light+0xea/0x280 [ 963.114121][ C1] do_recvmmsg+0x24d/0x6d0 [ 963.118649][ C1] ? ___sys_recvmsg+0x200/0x200 [ 963.123503][ C1] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 963.129636][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 963.135593][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 963.140611][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 963.145613][ C1] ? __do_sys_socketcall+0x550/0x550 [ 963.150899][ C1] do_syscall_64+0x60/0xe0 [ 963.155294][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 963.161443][ C1] RIP: 0033:0x45cb29 [ 963.165325][ C1] Code: Bad RIP value. [ 963.169453][ C1] RSP: 002b:00007f57eaea0c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 963.177853][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 963.185798][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000005 [ 963.193832][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 963.201799][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 963.209753][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaea16d4 [ 963.217719][ C1] syz-executor.1 S28384 12291 6984 0x00000000 [ 963.224335][ C1] Call Trace: [ 963.227666][ C1] __schedule+0x8e1/0x1eb0 [ 963.232284][ C1] ? io_schedule_timeout+0x140/0x140 [ 963.237641][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 963.243521][ C1] schedule+0xd0/0x2a0 [ 963.247578][ C1] schedule_timeout+0x1d8/0x250 [ 963.252405][ C1] ? usleep_range+0x170/0x170 [ 963.257079][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 963.262167][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 963.267969][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 963.273794][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 963.279410][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 963.285198][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 963.291163][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 963.296949][ C1] ? skb_free_datagram+0xf0/0xf0 [ 963.301862][ C1] ? proto_seq_start+0x50/0x50 [ 963.306604][ C1] ? skb_segment.cold+0x38/0x38 [ 963.311432][ C1] ? mark_lock+0xbc/0x1710 [ 963.315830][ C1] __skb_recv_datagram+0x171/0x220 [ 963.320943][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 963.326673][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 963.331771][ C1] ? __schedule+0x887/0x1eb0 [ 963.336343][ C1] ? lock_is_held_type+0xb0/0xe0 [ 963.341456][ C1] skb_recv_datagram+0xa7/0xe0 [ 963.346457][ C1] ? __skb_recv_datagram+0x220/0x220 [ 963.351814][ C1] ? aa_sk_perm+0x316/0xaa0 [ 963.356518][ C1] ? __might_fault+0xef/0x1d0 [ 963.361223][ C1] raw_recvmsg+0xab/0x550 [ 963.365782][ C1] ? raw_release+0x890/0x890 [ 963.370366][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 963.375953][ C1] ? raw_release+0x890/0x890 [ 963.380657][ C1] ____sys_recvmsg+0x2c4/0x640 [ 963.385441][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 963.392272][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 963.398414][ C1] ? import_iovec+0x23b/0x3d0 [ 963.403074][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 963.408389][ C1] ___sys_recvmsg+0x127/0x200 [ 963.413065][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 963.418692][ C1] ? lock_downgrade+0x820/0x820 [ 963.423533][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 963.428639][ C1] ? __fget_files+0x294/0x400 [ 963.433295][ C1] ? __fget_light+0xea/0x280 [ 963.437866][ C1] do_recvmmsg+0x24d/0x6d0 [ 963.442265][ C1] ? ___sys_recvmsg+0x200/0x200 [ 963.447727][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 963.454133][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 963.463166][ C1] ? put_timespec64+0xcb/0x120 [ 963.468470][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 963.473838][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 963.478887][ C1] ? __do_sys_socketcall+0x550/0x550 [ 963.484185][ C1] ? lock_is_held_type+0xb0/0xe0 [ 963.489146][ C1] ? do_syscall_64+0x1c/0xe0 [ 963.493871][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 963.501598][ C1] do_syscall_64+0x60/0xe0 [ 963.506092][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 963.511997][ C1] RIP: 0033:0x45cb29 [ 963.515991][ C1] Code: Bad RIP value. [ 963.520566][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 963.529609][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 963.537909][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 963.545870][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 963.553837][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 963.561914][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 963.569899][ C1] syz-executor.5 S29976 12313 12244 0x00000000 [ 963.576234][ C1] Call Trace: [ 963.579542][ C1] __schedule+0x8e1/0x1eb0 [ 963.583949][ C1] ? io_schedule_timeout+0x140/0x140 [ 963.589244][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 963.595054][ C1] schedule+0xd0/0x2a0 [ 963.599132][ C1] futex_wait_queue_me+0x2a7/0x570 [ 963.604238][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 963.609431][ C1] futex_wait+0x1df/0x560 [ 963.613750][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 963.618770][ C1] ? mark_lock+0xbc/0x1710 [ 963.623169][ C1] ? hash_futex+0x12/0x200 [ 963.627613][ C1] ? futex_wake+0x155/0x490 [ 963.632291][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 963.638138][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 963.644124][ C1] do_futex+0x15b/0x1a60 [ 963.648534][ C1] ? lock_acquire+0x1f1/0xad0 [ 963.653197][ C1] ? __might_fault+0xef/0x1d0 [ 963.658390][ C1] ? find_held_lock+0x2d/0x110 [ 963.663179][ C1] ? futex_exit_release+0x220/0x220 [ 963.668366][ C1] ? lock_downgrade+0x820/0x820 [ 963.673276][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 963.680831][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 963.685847][ C1] ? __might_fault+0x190/0x1d0 [ 963.691067][ C1] ? _copy_to_user+0x126/0x160 [ 963.695829][ C1] __x64_sys_futex+0x378/0x4e0 [ 963.700589][ C1] ? do_futex+0x1a60/0x1a60 [ 963.705103][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 963.710819][ C1] ? lock_is_held_type+0xb0/0xe0 [ 963.715731][ C1] ? do_syscall_64+0x1c/0xe0 [ 963.720301][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 963.726360][ C1] do_syscall_64+0x60/0xe0 [ 963.730856][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 963.736726][ C1] RIP: 0033:0x45cb29 [ 963.741048][ C1] Code: Bad RIP value. [ 963.745795][ C1] RSP: 002b:00007f8614cd2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 963.754582][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 963.763860][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 963.772604][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 963.780556][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 963.788713][ C1] R13: 0000000000c9fb6f R14: 00007f8614cd39c0 R15: 000000000078bf0c [ 963.796795][ C1] syz-executor.1 S29976 12314 6984 0x00000000 [ 963.803321][ C1] Call Trace: [ 963.806602][ C1] __schedule+0x8e1/0x1eb0 [ 963.811004][ C1] ? io_schedule_timeout+0x140/0x140 [ 963.816287][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 963.821730][ C1] schedule+0xd0/0x2a0 [ 963.825779][ C1] futex_wait_queue_me+0x2a7/0x570 [ 963.830867][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 963.836041][ C1] ? futex_wake+0x1b5/0x490 [ 963.840537][ C1] ? find_held_lock+0x2d/0x110 [ 963.846670][ C1] futex_wait+0x1df/0x560 [ 963.851112][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 963.856136][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 963.861060][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 963.866236][ C1] ? futex_wake+0x155/0x490 [ 963.870772][ C1] ? lock_downgrade+0x820/0x820 [ 963.875649][ C1] do_futex+0x15b/0x1a60 [ 963.880148][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 963.885338][ C1] ? _raw_spin_unlock+0x24/0x40 [ 963.890271][ C1] ? do_wp_page+0x16a/0x1950 [ 963.894858][ C1] ? futex_exit_release+0x220/0x220 [ 963.900052][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 963.905061][ C1] ? find_held_lock+0x2d/0x110 [ 963.909811][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 963.915019][ C1] ? __up_read+0x1a1/0x7b0 [ 963.919429][ C1] ? _down_write_nest_lock+0x150/0x150 [ 963.924960][ C1] __x64_sys_futex+0x378/0x4e0 [ 963.929709][ C1] ? do_futex+0x1a60/0x1a60 [ 963.934476][ C1] ? lock_is_held_type+0xb0/0xe0 [ 963.939596][ C1] ? lock_is_held_type+0xb0/0xe0 [ 963.944544][ C1] ? do_syscall_64+0x1c/0xe0 [ 963.949115][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 963.955082][ C1] do_syscall_64+0x60/0xe0 [ 963.959507][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 963.965378][ C1] RIP: 0033:0x45cb29 [ 963.969341][ C1] Code: Bad RIP value. [ 963.973395][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 963.981894][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 963.990737][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 963.998690][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 964.008479][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 964.016428][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 964.025557][ C1] syz-executor.1 S29728 12317 12291 0x00000000 [ 964.032000][ C1] Call Trace: [ 964.035278][ C1] __schedule+0x8e1/0x1eb0 [ 964.039680][ C1] ? io_schedule_timeout+0x140/0x140 [ 964.045331][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 964.050774][ C1] schedule+0xd0/0x2a0 [ 964.054824][ C1] futex_wait_queue_me+0x2a7/0x570 [ 964.061231][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 964.066496][ C1] ? find_held_lock+0x2d/0x110 [ 964.071239][ C1] futex_wait+0x1df/0x560 [ 964.075569][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 964.080598][ C1] ? mark_lock+0xbc/0x1710 [ 964.085001][ C1] ? hash_futex+0x12/0x200 [ 964.089399][ C1] ? futex_wake+0x155/0x490 [ 964.094596][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 964.100455][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 964.106418][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 964.112204][ C1] do_futex+0x15b/0x1a60 [ 964.116518][ C1] ? lock_acquire+0x1f1/0xad0 [ 964.121174][ C1] ? __might_fault+0xef/0x1d0 [ 964.125827][ C1] ? find_held_lock+0x2d/0x110 [ 964.130583][ C1] ? futex_exit_release+0x220/0x220 [ 964.136228][ C1] ? lock_downgrade+0x820/0x820 [ 964.143458][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 964.149702][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 964.154760][ C1] ? __might_fault+0x190/0x1d0 [ 964.159849][ C1] ? _copy_to_user+0x126/0x160 [ 964.164612][ C1] __x64_sys_futex+0x378/0x4e0 [ 964.169358][ C1] ? do_futex+0x1a60/0x1a60 [ 964.174477][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 964.180290][ C1] ? lock_is_held_type+0xb0/0xe0 [ 964.185207][ C1] ? do_syscall_64+0x1c/0xe0 [ 964.189775][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 964.196106][ C1] do_syscall_64+0x60/0xe0 [ 964.200590][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 964.206463][ C1] RIP: 0033:0x45cb29 [ 964.210976][ C1] Code: Bad RIP value. [ 964.215213][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 964.224149][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 964.232250][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 964.240484][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 964.249785][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 964.257753][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 964.265735][ C1] syz-executor.1 S29976 12322 6984 0x00000000 [ 964.272336][ C1] Call Trace: [ 964.275621][ C1] __schedule+0x8e1/0x1eb0 [ 964.280067][ C1] ? io_schedule_timeout+0x140/0x140 [ 964.285710][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 964.291765][ C1] schedule+0xd0/0x2a0 [ 964.295821][ C1] futex_wait_queue_me+0x2a7/0x570 [ 964.300932][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 964.306998][ C1] ? futex_wake+0x1b5/0x490 [ 964.311496][ C1] ? find_held_lock+0x2d/0x110 [ 964.316254][ C1] futex_wait+0x1df/0x560 [ 964.321139][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 964.327002][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 964.331983][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 964.337176][ C1] ? futex_wake+0x155/0x490 [ 964.341683][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 964.347672][ C1] ? lock_downgrade+0x820/0x820 [ 964.352555][ C1] do_futex+0x15b/0x1a60 [ 964.356979][ C1] ? lock_acquire+0x1f1/0xad0 [ 964.362447][ C1] ? __might_fault+0xef/0x1d0 [ 964.367125][ C1] ? find_held_lock+0x2d/0x110 [ 964.371873][ C1] ? futex_exit_release+0x220/0x220 [ 964.377138][ C1] ? lock_downgrade+0x820/0x820 [ 964.381967][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 964.389092][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 964.394295][ C1] ? __might_fault+0x190/0x1d0 [ 964.399074][ C1] ? _copy_to_user+0x126/0x160 [ 964.404192][ C1] __x64_sys_futex+0x378/0x4e0 [ 964.409113][ C1] ? do_futex+0x1a60/0x1a60 [ 964.413595][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 964.419205][ C1] ? lock_is_held_type+0xb0/0xe0 [ 964.425030][ C1] ? do_syscall_64+0x1c/0xe0 [ 964.429893][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 964.436163][ C1] do_syscall_64+0x60/0xe0 [ 964.440884][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 964.447635][ C1] RIP: 0033:0x45cb29 [ 964.451524][ C1] Code: Bad RIP value. [ 964.455828][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 964.464793][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 964.472755][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 964.480804][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 964.489053][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 964.497811][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 964.505780][ C1] syz-executor.5 S28872 12340 7388 0x00000000 [ 964.512354][ C1] Call Trace: [ 964.515642][ C1] __schedule+0x8e1/0x1eb0 [ 964.521376][ C1] ? io_schedule_timeout+0x140/0x140 [ 964.526761][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 964.532340][ C1] schedule+0xd0/0x2a0 [ 964.536411][ C1] futex_wait_queue_me+0x2a7/0x570 [ 964.542507][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 964.547690][ C1] ? futex_wake+0x1b5/0x490 [ 964.552371][ C1] ? find_held_lock+0x2d/0x110 [ 964.557498][ C1] futex_wait+0x1df/0x560 [ 964.562933][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 964.568490][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 964.573429][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 964.578610][ C1] ? futex_wake+0x155/0x490 [ 964.586221][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 964.592382][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 964.598630][ C1] do_futex+0x15b/0x1a60 [ 964.602864][ C1] ? lock_acquire+0x1f1/0xad0 [ 964.607939][ C1] ? __might_fault+0xef/0x1d0 [ 964.612617][ C1] ? find_held_lock+0x2d/0x110 [ 964.618005][ C1] ? futex_exit_release+0x220/0x220 [ 964.624979][ C1] ? lock_downgrade+0x820/0x820 [ 964.629903][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 964.636130][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 964.641139][ C1] ? __might_fault+0x190/0x1d0 [ 964.646167][ C1] ? _copy_to_user+0x126/0x160 [ 964.650947][ C1] __x64_sys_futex+0x378/0x4e0 [ 964.656068][ C1] ? do_futex+0x1a60/0x1a60 [ 964.660574][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 964.666197][ C1] ? lock_is_held_type+0xb0/0xe0 [ 964.671115][ C1] ? do_syscall_64+0x1c/0xe0 [ 964.675773][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 964.682099][ C1] do_syscall_64+0x60/0xe0 [ 964.686497][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 964.692470][ C1] RIP: 0033:0x45cb29 [ 964.696424][ C1] Code: Bad RIP value. [ 964.700483][ C1] RSP: 002b:00007f8614cd2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 964.708968][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 964.717150][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 964.725327][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 964.733856][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 964.741922][ C1] R13: 0000000000c9fb6f R14: 00007f8614cd39c0 R15: 000000000078bf0c [ 964.750064][ C1] syz-executor.5 S29976 12342 12340 0x00000000 [ 964.756656][ C1] Call Trace: [ 964.759933][ C1] __schedule+0x8e1/0x1eb0 [ 964.764353][ C1] ? io_schedule_timeout+0x140/0x140 [ 964.769894][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 964.776138][ C1] schedule+0xd0/0x2a0 [ 964.780211][ C1] futex_wait_queue_me+0x2a7/0x570 [ 964.785301][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 964.791639][ C1] futex_wait+0x1df/0x560 [ 964.795956][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 964.800965][ C1] ? mark_lock+0xbc/0x1710 [ 964.805762][ C1] ? hash_futex+0x12/0x200 [ 964.810185][ C1] ? futex_wake+0x155/0x490 [ 964.814689][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 964.819747][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 964.825796][ C1] ? lock_downgrade+0x820/0x820 [ 964.830720][ C1] do_futex+0x15b/0x1a60 [ 964.835955][ C1] ? lock_acquire+0x1f1/0xad0 [ 964.840656][ C1] ? __might_fault+0xef/0x1d0 [ 964.845309][ C1] ? find_held_lock+0x2d/0x110 [ 964.850490][ C1] ? futex_exit_release+0x220/0x220 [ 964.855862][ C1] ? lock_downgrade+0x820/0x820 [ 964.861014][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 964.868113][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 964.873320][ C1] ? __might_fault+0x190/0x1d0 [ 964.878904][ C1] ? _copy_to_user+0x126/0x160 [ 964.883920][ C1] __x64_sys_futex+0x378/0x4e0 [ 964.888782][ C1] ? do_futex+0x1a60/0x1a60 [ 964.894092][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 964.899749][ C1] ? lock_is_held_type+0xb0/0xe0 [ 964.904854][ C1] ? do_syscall_64+0x1c/0xe0 [ 964.909833][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 964.916346][ C1] do_syscall_64+0x60/0xe0 [ 964.920838][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 964.927409][ C1] RIP: 0033:0x45cb29 [ 964.931276][ C1] Code: Bad RIP value. [ 964.935494][ C1] RSP: 002b:00007f8614cd2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 964.944150][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 964.953260][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 964.961229][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 964.969283][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 964.977234][ C1] R13: 0000000000c9fb6f R14: 00007f8614cd39c0 R15: 000000000078bf0c [ 964.986119][ C1] syz-executor.5 S28928 12356 7388 0x00000000 [ 964.992525][ C1] Call Trace: [ 964.995796][ C1] __schedule+0x8e1/0x1eb0 [ 965.000196][ C1] ? io_schedule_timeout+0x140/0x140 [ 965.005463][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 965.010909][ C1] schedule+0xd0/0x2a0 [ 965.015663][ C1] futex_wait_queue_me+0x2a7/0x570 [ 965.021801][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 965.027098][ C1] ? find_held_lock+0x2d/0x110 [ 965.031949][ C1] futex_wait+0x1df/0x560 [ 965.036274][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 965.042533][ C1] ? mark_lock+0xbc/0x1710 [ 965.047030][ C1] ? hash_futex+0x12/0x200 [ 965.051630][ C1] ? futex_wake+0x155/0x490 [ 965.056217][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 965.061244][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 965.067409][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 965.074352][ C1] do_futex+0x15b/0x1a60 [ 965.078841][ C1] ? lock_acquire+0x1f1/0xad0 [ 965.083778][ C1] ? __might_fault+0xef/0x1d0 [ 965.088433][ C1] ? find_held_lock+0x2d/0x110 [ 965.093698][ C1] ? futex_exit_release+0x220/0x220 [ 965.098983][ C1] ? lock_downgrade+0x820/0x820 [ 965.103891][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 965.110129][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 965.115265][ C1] ? __might_fault+0x190/0x1d0 [ 965.120039][ C1] ? _copy_to_user+0x126/0x160 [ 965.124792][ C1] __x64_sys_futex+0x378/0x4e0 [ 965.129540][ C1] ? do_futex+0x1a60/0x1a60 [ 965.134491][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 965.140106][ C1] ? lock_is_held_type+0xb0/0xe0 [ 965.145241][ C1] ? do_syscall_64+0x1c/0xe0 [ 965.149985][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 965.156041][ C1] do_syscall_64+0x60/0xe0 [ 965.161480][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 965.167459][ C1] RIP: 0033:0x45cb29 [ 965.171344][ C1] Code: Bad RIP value. [ 965.175732][ C1] RSP: 002b:00007f8614cd2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 965.184229][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 965.192545][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 965.201021][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 965.209061][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 965.217721][ C1] R13: 0000000000c9fb6f R14: 00007f8614cd39c0 R15: 000000000078bf0c [ 965.225780][ C1] syz-executor.5 S29976 12357 12356 0x00000000 [ 965.232099][ C1] Call Trace: [ 965.236132][ C1] __schedule+0x8e1/0x1eb0 [ 965.240720][ C1] ? io_schedule_timeout+0x140/0x140 [ 965.246108][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 965.251850][ C1] schedule+0xd0/0x2a0 [ 965.255916][ C1] futex_wait_queue_me+0x2a7/0x570 [ 965.261273][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 965.266475][ C1] futex_wait+0x1df/0x560 [ 965.270816][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 965.275928][ C1] ? mark_lock+0xbc/0x1710 [ 965.280321][ C1] ? hash_futex+0x12/0x200 [ 965.284916][ C1] ? futex_wake+0x155/0x490 [ 965.289849][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 965.294922][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 965.301503][ C1] ? lock_downgrade+0x820/0x820 [ 965.306679][ C1] do_futex+0x15b/0x1a60 [ 965.311026][ C1] ? lock_acquire+0x1f1/0xad0 [ 965.316696][ C1] ? __might_fault+0xef/0x1d0 [ 965.321366][ C1] ? find_held_lock+0x2d/0x110 [ 965.326661][ C1] ? futex_exit_release+0x220/0x220 [ 965.331841][ C1] ? lock_downgrade+0x820/0x820 [ 965.336671][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 965.343005][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 965.348152][ C1] ? __might_fault+0x190/0x1d0 [ 965.352905][ C1] ? _copy_to_user+0x126/0x160 [ 965.357688][ C1] __x64_sys_futex+0x378/0x4e0 [ 965.363046][ C1] ? do_futex+0x1a60/0x1a60 [ 965.367619][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 965.373795][ C1] ? lock_is_held_type+0xb0/0xe0 [ 965.379413][ C1] ? do_syscall_64+0x1c/0xe0 [ 965.383986][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 965.390038][ C1] do_syscall_64+0x60/0xe0 [ 965.395010][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 965.400893][ C1] RIP: 0033:0x45cb29 [ 965.404779][ C1] Code: Bad RIP value. [ 965.408932][ C1] RSP: 002b:00007f8614cd2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 965.418404][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 965.427922][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 965.436745][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 965.444742][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 965.452699][ C1] R13: 0000000000c9fb6f R14: 00007f8614cd39c0 R15: 000000000078bf0c [ 965.461415][ C1] syz-executor.1 S28760 12366 6984 0x00000000 [ 965.470758][ C1] Call Trace: [ 965.474046][ C1] __schedule+0x8e1/0x1eb0 [ 965.478626][ C1] ? io_schedule_timeout+0x140/0x140 [ 965.485138][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 965.491521][ C1] schedule+0xd0/0x2a0 [ 965.495601][ C1] futex_wait_queue_me+0x2a7/0x570 [ 965.500916][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 965.507944][ C1] futex_wait+0x1df/0x560 [ 965.512849][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 965.517869][ C1] ? mark_lock+0xbc/0x1710 [ 965.522736][ C1] ? hash_futex+0x12/0x200 [ 965.527783][ C1] ? futex_wake+0x155/0x490 [ 965.532771][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 965.538492][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 965.545635][ C1] do_futex+0x15b/0x1a60 [ 965.549881][ C1] ? lock_acquire+0x1f1/0xad0 [ 965.554539][ C1] ? __might_fault+0xef/0x1d0 [ 965.559424][ C1] ? find_held_lock+0x2d/0x110 [ 965.565971][ C1] ? futex_exit_release+0x220/0x220 [ 965.572583][ C1] ? lock_downgrade+0x820/0x820 [ 965.577427][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 965.585522][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 965.591244][ C1] ? __might_fault+0x190/0x1d0 [ 965.598519][ C1] ? _copy_to_user+0x126/0x160 [ 965.603273][ C1] __x64_sys_futex+0x378/0x4e0 [ 965.608043][ C1] ? do_futex+0x1a60/0x1a60 [ 965.612526][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 965.618322][ C1] ? lock_is_held_type+0xb0/0xe0 [ 965.623758][ C1] ? do_syscall_64+0x1c/0xe0 [ 965.628548][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 965.634671][ C1] do_syscall_64+0x60/0xe0 [ 965.639689][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 965.646748][ C1] RIP: 0033:0x45cb29 [ 965.651389][ C1] Code: Bad RIP value. [ 965.656364][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 965.666501][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 965.674533][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 965.684108][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 965.692861][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 965.702921][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 965.711576][ C1] syz-executor.1 S29056 12370 12366 0x00000000 [ 965.718640][ C1] Call Trace: [ 965.723221][ C1] __schedule+0x8e1/0x1eb0 [ 965.727655][ C1] ? io_schedule_timeout+0x140/0x140 [ 965.732932][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 965.738378][ C1] schedule+0xd0/0x2a0 [ 965.742450][ C1] futex_wait_queue_me+0x2a7/0x570 [ 965.747687][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 965.754018][ C1] futex_wait+0x1df/0x560 [ 965.758454][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 965.763507][ C1] ? mark_lock+0xbc/0x1710 [ 965.768942][ C1] ? hash_futex+0x12/0x200 [ 965.773531][ C1] ? futex_wake+0x155/0x490 [ 965.778459][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 965.784456][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 965.790440][ C1] ? lock_downgrade+0x820/0x820 [ 965.795277][ C1] do_futex+0x15b/0x1a60 [ 965.799629][ C1] ? lock_acquire+0x1f1/0xad0 [ 965.806141][ C1] ? __might_fault+0xef/0x1d0 [ 965.811087][ C1] ? find_held_lock+0x2d/0x110 [ 965.816027][ C1] ? futex_exit_release+0x220/0x220 [ 965.821226][ C1] ? lock_downgrade+0x820/0x820 [ 965.826175][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 965.832610][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 965.837952][ C1] ? __might_fault+0x190/0x1d0 [ 965.842741][ C1] ? _copy_to_user+0x126/0x160 [ 965.847695][ C1] __x64_sys_futex+0x378/0x4e0 [ 965.852456][ C1] ? do_futex+0x1a60/0x1a60 [ 965.856959][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 965.862586][ C1] ? lock_is_held_type+0xb0/0xe0 [ 965.867607][ C1] ? do_syscall_64+0x1c/0xe0 [ 965.872264][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 965.878735][ C1] do_syscall_64+0x60/0xe0 [ 965.883388][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 965.889304][ C1] RIP: 0033:0x45cb29 [ 965.893217][ C1] Code: Bad RIP value. [ 965.897386][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 965.907717][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 965.916503][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 965.924460][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 965.932779][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 965.941942][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 965.950020][ C1] syz-executor.5 S29976 12379 7388 0x00000000 [ 965.956827][ C1] Call Trace: [ 965.961452][ C1] __schedule+0x8e1/0x1eb0 [ 965.966923][ C1] ? io_schedule_timeout+0x140/0x140 [ 965.972777][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 965.978557][ C1] schedule+0xd0/0x2a0 [ 965.982613][ C1] futex_wait_queue_me+0x2a7/0x570 [ 965.987702][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 965.992894][ C1] ? futex_wake+0x1b5/0x490 [ 965.997376][ C1] ? find_held_lock+0x2d/0x110 [ 966.002423][ C1] futex_wait+0x1df/0x560 [ 966.007043][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 966.012805][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 966.017735][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 966.023742][ C1] ? futex_wake+0x155/0x490 [ 966.030032][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 966.036830][ C1] ? lock_downgrade+0x820/0x820 [ 966.042423][ C1] do_futex+0x15b/0x1a60 [ 966.046768][ C1] ? lock_acquire+0x1f1/0xad0 [ 966.051441][ C1] ? __might_fault+0xef/0x1d0 [ 966.056098][ C1] ? find_held_lock+0x2d/0x110 [ 966.060842][ C1] ? futex_exit_release+0x220/0x220 [ 966.066142][ C1] ? lock_downgrade+0x820/0x820 [ 966.072235][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 966.078575][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 966.083590][ C1] ? __might_fault+0x190/0x1d0 [ 966.088894][ C1] ? _copy_to_user+0x126/0x160 [ 966.097428][ C1] __x64_sys_futex+0x378/0x4e0 [ 966.103759][ C1] ? do_futex+0x1a60/0x1a60 [ 966.108439][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 966.114052][ C1] ? lock_is_held_type+0xb0/0xe0 [ 966.119235][ C1] ? do_syscall_64+0x1c/0xe0 [ 966.124534][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 966.130503][ C1] do_syscall_64+0x60/0xe0 [ 966.134992][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 966.141660][ C1] RIP: 0033:0x45cb29 [ 966.145541][ C1] Code: Bad RIP value. [ 966.149597][ C1] RSP: 002b:00007f8614cd2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 966.158935][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 966.167879][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 966.176807][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 966.184778][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 966.193461][ C1] R13: 0000000000c9fb6f R14: 00007f8614cd39c0 R15: 000000000078bf0c [ 966.202929][ C1] syz-executor.1 S29976 12391 12366 0x00000000 [ 966.209269][ C1] Call Trace: [ 966.212577][ C1] __schedule+0x8e1/0x1eb0 [ 966.218716][ C1] ? io_schedule_timeout+0x140/0x140 [ 966.224181][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 966.230164][ C1] schedule+0xd0/0x2a0 [ 966.234492][ C1] futex_wait_queue_me+0x2a7/0x570 [ 966.239615][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 966.245189][ C1] futex_wait+0x1df/0x560 [ 966.249559][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 966.254574][ C1] ? mark_lock+0xbc/0x1710 [ 966.259239][ C1] ? hash_futex+0x12/0x200 [ 966.263862][ C1] ? futex_wake+0x155/0x490 [ 966.268968][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 966.273985][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 966.279980][ C1] ? lock_downgrade+0x820/0x820 [ 966.286856][ C1] do_futex+0x15b/0x1a60 [ 966.291480][ C1] ? lock_acquire+0x1f1/0xad0 [ 966.296171][ C1] ? __might_fault+0xef/0x1d0 [ 966.300844][ C1] ? find_held_lock+0x2d/0x110 [ 966.306640][ C1] ? futex_exit_release+0x220/0x220 [ 966.312043][ C1] ? lock_downgrade+0x820/0x820 [ 966.316880][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 966.325314][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 966.330329][ C1] ? __might_fault+0x190/0x1d0 [ 966.335073][ C1] ? _copy_to_user+0x126/0x160 [ 966.339926][ C1] __x64_sys_futex+0x378/0x4e0 [ 966.344961][ C1] ? do_futex+0x1a60/0x1a60 [ 966.349563][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 966.355180][ C1] ? lock_is_held_type+0xb0/0xe0 [ 966.360099][ C1] ? do_syscall_64+0x1c/0xe0 [ 966.365058][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 966.371554][ C1] do_syscall_64+0x60/0xe0 [ 966.376092][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 966.382010][ C1] RIP: 0033:0x45cb29 [ 966.386001][ C1] Code: Bad RIP value. [ 966.390046][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 966.398625][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 966.407728][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 966.416581][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 966.424538][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 966.434745][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 966.442908][ C1] syz-executor.1 S28456 12402 6984 0x00000000 [ 966.449251][ C1] Call Trace: [ 966.453651][ C1] __schedule+0x8e1/0x1eb0 [ 966.458053][ C1] ? io_schedule_timeout+0x140/0x140 [ 966.463321][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 966.469067][ C1] schedule+0xd0/0x2a0 [ 966.473136][ C1] futex_wait_queue_me+0x2a7/0x570 [ 966.478231][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 966.484292][ C1] futex_wait+0x1df/0x560 [ 966.490347][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 966.495355][ C1] ? mark_lock+0xbc/0x1710 [ 966.499770][ C1] ? hash_futex+0x12/0x200 [ 966.504189][ C1] ? futex_wake+0x155/0x490 [ 966.511389][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 966.516409][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 966.522374][ C1] do_futex+0x15b/0x1a60 [ 966.526604][ C1] ? lock_acquire+0x1f1/0xad0 [ 966.531272][ C1] ? __might_fault+0xef/0x1d0 [ 966.535931][ C1] ? find_held_lock+0x2d/0x110 [ 966.540674][ C1] ? futex_exit_release+0x220/0x220 [ 966.545871][ C1] ? lock_downgrade+0x820/0x820 [ 966.550716][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 966.556933][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 966.561951][ C1] ? __might_fault+0x190/0x1d0 [ 966.566689][ C1] ? _copy_to_user+0x126/0x160 [ 966.571434][ C1] __x64_sys_futex+0x378/0x4e0 [ 966.576176][ C1] ? do_futex+0x1a60/0x1a60 [ 966.580659][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 966.586441][ C1] ? lock_is_held_type+0xb0/0xe0 [ 966.591372][ C1] ? do_syscall_64+0x1c/0xe0 [ 966.595959][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 966.601979][ C1] do_syscall_64+0x60/0xe0 [ 966.606391][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 966.612350][ C1] RIP: 0033:0x45cb29 [ 966.616234][ C1] Code: Bad RIP value. [ 966.620525][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 966.629321][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 966.637276][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 966.645242][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 966.653191][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 966.661140][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 966.669105][ C1] syz-executor.1 S29976 12405 12402 0x00000000 [ 966.675431][ C1] Call Trace: [ 966.678726][ C1] __schedule+0x8e1/0x1eb0 [ 966.683129][ C1] ? io_schedule_timeout+0x140/0x140 [ 966.688394][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 966.693841][ C1] schedule+0xd0/0x2a0 [ 966.698003][ C1] futex_wait_queue_me+0x2a7/0x570 [ 966.703107][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 966.708289][ C1] futex_wait+0x1df/0x560 [ 966.712611][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 966.717634][ C1] ? mark_lock+0xbc/0x1710 [ 966.722033][ C1] ? hash_futex+0x12/0x200 [ 966.726436][ C1] ? futex_wake+0x155/0x490 [ 966.730916][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 966.735926][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 966.742077][ C1] ? lock_downgrade+0x820/0x820 [ 966.746932][ C1] do_futex+0x15b/0x1a60 [ 966.751230][ C1] ? lock_acquire+0x1f1/0xad0 [ 966.755996][ C1] ? __might_fault+0xef/0x1d0 [ 966.760722][ C1] ? find_held_lock+0x2d/0x110 [ 966.765485][ C1] ? futex_exit_release+0x220/0x220 [ 966.770722][ C1] ? lock_downgrade+0x820/0x820 [ 966.775552][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 966.781820][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 966.787118][ C1] ? __might_fault+0x190/0x1d0 [ 966.791867][ C1] ? _copy_to_user+0x126/0x160 [ 966.796715][ C1] __x64_sys_futex+0x378/0x4e0 [ 966.801504][ C1] ? do_futex+0x1a60/0x1a60 [ 966.806017][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 966.811632][ C1] ? lock_is_held_type+0xb0/0xe0 [ 966.816573][ C1] ? do_syscall_64+0x1c/0xe0 [ 966.821141][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 966.827101][ C1] do_syscall_64+0x60/0xe0 [ 966.831497][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 966.837445][ C1] RIP: 0033:0x45cb29 [ 966.841328][ C1] Code: Bad RIP value. [ 966.845526][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 966.854790][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 966.863013][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 966.870966][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 966.878919][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 966.886871][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 966.894863][ C1] syz-executor.1 S29760 12417 12402 0x00000000 [ 966.901183][ C1] Call Trace: [ 966.904459][ C1] __schedule+0x8e1/0x1eb0 [ 966.908862][ C1] ? io_schedule_timeout+0x140/0x140 [ 966.914163][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 966.919624][ C1] schedule+0xd0/0x2a0 [ 966.923676][ C1] futex_wait_queue_me+0x2a7/0x570 [ 966.928768][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 966.933961][ C1] ? futex_wake+0x1b5/0x490 [ 966.938444][ C1] ? find_held_lock+0x2d/0x110 [ 966.943191][ C1] futex_wait+0x1df/0x560 [ 966.947527][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 966.952728][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 966.957650][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 966.962934][ C1] ? futex_wake+0x155/0x490 [ 966.967534][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 966.973495][ C1] ? lock_downgrade+0x820/0x820 [ 966.978343][ C1] do_futex+0x15b/0x1a60 [ 966.982575][ C1] ? lock_acquire+0x1f1/0xad0 [ 966.987230][ C1] ? __might_fault+0xef/0x1d0 [ 966.991900][ C1] ? find_held_lock+0x2d/0x110 [ 966.996650][ C1] ? futex_exit_release+0x220/0x220 [ 967.001831][ C1] ? lock_downgrade+0x820/0x820 [ 967.006665][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 967.012895][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 967.017905][ C1] ? __might_fault+0x190/0x1d0 [ 967.022755][ C1] ? _copy_to_user+0x126/0x160 [ 967.027617][ C1] __x64_sys_futex+0x378/0x4e0 [ 967.032379][ C1] ? do_futex+0x1a60/0x1a60 [ 967.036949][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 967.042559][ C1] ? lock_is_held_type+0xb0/0xe0 [ 967.047570][ C1] ? do_syscall_64+0x1c/0xe0 [ 967.052140][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 967.058137][ C1] do_syscall_64+0x60/0xe0 [ 967.062714][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 967.068618][ C1] RIP: 0033:0x45cb29 [ 967.072587][ C1] Code: Bad RIP value. [ 967.076636][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 967.085296][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 967.093269][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 967.101234][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 967.109186][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 967.117137][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 967.125121][ C1] syz-executor.1 S28384 12427 6984 0x00000000 [ 967.131710][ C1] Call Trace: [ 967.135005][ C1] __schedule+0x8e1/0x1eb0 [ 967.139404][ C1] ? io_schedule_timeout+0x140/0x140 [ 967.144759][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 967.150202][ C1] schedule+0xd0/0x2a0 [ 967.154257][ C1] futex_wait_queue_me+0x2a7/0x570 [ 967.159365][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 967.164548][ C1] ? find_held_lock+0x2d/0x110 [ 967.169294][ C1] futex_wait+0x1df/0x560 [ 967.173604][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 967.178605][ C1] ? mark_lock+0xbc/0x1710 [ 967.183015][ C1] ? hash_futex+0x12/0x200 [ 967.187413][ C1] ? futex_wake+0x155/0x490 [ 967.191969][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 967.197001][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 967.203108][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 967.208931][ C1] do_futex+0x15b/0x1a60 [ 967.213218][ C1] ? lock_acquire+0x1f1/0xad0 [ 967.217879][ C1] ? __might_fault+0xef/0x1d0 [ 967.222677][ C1] ? find_held_lock+0x2d/0x110 [ 967.227949][ C1] ? futex_exit_release+0x220/0x220 [ 967.233842][ C1] ? lock_downgrade+0x820/0x820 [ 967.238786][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 967.245522][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 967.250535][ C1] ? __might_fault+0x190/0x1d0 [ 967.255301][ C1] ? _copy_to_user+0x126/0x160 [ 967.260249][ C1] __x64_sys_futex+0x378/0x4e0 [ 967.265048][ C1] ? do_futex+0x1a60/0x1a60 [ 967.269539][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 967.275697][ C1] ? lock_is_held_type+0xb0/0xe0 [ 967.280636][ C1] ? do_syscall_64+0x1c/0xe0 [ 967.285266][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 967.291260][ C1] do_syscall_64+0x60/0xe0 [ 967.295811][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 967.302090][ C1] RIP: 0033:0x45cb29 [ 967.305962][ C1] Code: Bad RIP value. [ 967.310010][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 967.318525][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 967.326662][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 967.334644][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 967.342841][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 967.350878][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 967.359175][ C1] syz-executor.1 S29976 12429 12427 0x00000000 [ 967.365519][ C1] Call Trace: [ 967.368811][ C1] __schedule+0x8e1/0x1eb0 [ 967.373487][ C1] ? io_schedule_timeout+0x140/0x140 [ 967.378930][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 967.384542][ C1] schedule+0xd0/0x2a0 [ 967.388601][ C1] futex_wait_queue_me+0x2a7/0x570 [ 967.394655][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 967.399845][ C1] futex_wait+0x1df/0x560 [ 967.404617][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 967.409688][ C1] ? mark_lock+0xbc/0x1710 [ 967.414617][ C1] ? hash_futex+0x12/0x200 [ 967.419391][ C1] ? futex_wake+0x155/0x490 [ 967.424066][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 967.429218][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 967.435182][ C1] ? lock_downgrade+0x820/0x820 [ 967.440037][ C1] do_futex+0x15b/0x1a60 [ 967.444744][ C1] ? lock_acquire+0x1f1/0xad0 [ 967.449403][ C1] ? __might_fault+0xef/0x1d0 [ 967.454094][ C1] ? find_held_lock+0x2d/0x110 [ 967.460075][ C1] ? futex_exit_release+0x220/0x220 [ 967.465281][ C1] ? lock_downgrade+0x820/0x820 [ 967.470117][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 967.476612][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 967.481632][ C1] ? __might_fault+0x190/0x1d0 [ 967.486386][ C1] ? _copy_to_user+0x126/0x160 [ 967.491155][ C1] __x64_sys_futex+0x378/0x4e0 [ 967.495934][ C1] ? do_futex+0x1a60/0x1a60 [ 967.500442][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 967.506283][ C1] ? lock_is_held_type+0xb0/0xe0 [ 967.511211][ C1] ? do_syscall_64+0x1c/0xe0 [ 967.515900][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 967.521879][ C1] do_syscall_64+0x60/0xe0 [ 967.526431][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 967.532430][ C1] RIP: 0033:0x45cb29 [ 967.536303][ C1] Code: Bad RIP value. [ 967.540434][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 967.549375][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 967.557333][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 967.565560][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 967.573521][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 967.581479][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 967.589468][ C1] syz-executor.1 S29976 12446 6984 0x00000000 [ 967.595784][ C1] Call Trace: [ 967.599072][ C1] __schedule+0x8e1/0x1eb0 [ 967.603470][ C1] ? io_schedule_timeout+0x140/0x140 [ 967.608731][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 967.614175][ C1] schedule+0xd0/0x2a0 [ 967.618224][ C1] futex_wait_queue_me+0x2a7/0x570 [ 967.623400][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 967.628582][ C1] futex_wait+0x1df/0x560 [ 967.632905][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 967.637918][ C1] ? mark_lock+0xbc/0x1710 [ 967.642309][ C1] ? hash_futex+0x12/0x200 [ 967.646701][ C1] ? futex_wake+0x155/0x490 [ 967.651194][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 967.656209][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 967.662183][ C1] ? lock_downgrade+0x820/0x820 [ 967.667015][ C1] do_futex+0x15b/0x1a60 [ 967.671260][ C1] ? lock_acquire+0x1f1/0xad0 [ 967.675923][ C1] ? __might_fault+0xef/0x1d0 [ 967.680681][ C1] ? find_held_lock+0x2d/0x110 [ 967.685430][ C1] ? futex_exit_release+0x220/0x220 [ 967.690793][ C1] ? lock_downgrade+0x820/0x820 [ 967.696086][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 967.702440][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 967.707728][ C1] ? __might_fault+0x190/0x1d0 [ 967.712484][ C1] ? _copy_to_user+0x126/0x160 [ 967.717243][ C1] __x64_sys_futex+0x378/0x4e0 [ 967.722015][ C1] ? do_futex+0x1a60/0x1a60 [ 967.726495][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 967.732120][ C1] ? lock_is_held_type+0xb0/0xe0 [ 967.737038][ C1] ? do_syscall_64+0x1c/0xe0 [ 967.741698][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 967.747684][ C1] do_syscall_64+0x60/0xe0 [ 967.752082][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 967.757953][ C1] RIP: 0033:0x45cb29 [ 967.761830][ C1] Code: Bad RIP value. [ 967.765879][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 967.774265][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 967.782215][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 967.790166][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 967.798135][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 967.807635][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 967.815821][ C1] syz-executor.1 S29856 12484 6984 0x00000000 [ 967.822241][ C1] Call Trace: [ 967.825514][ C1] __schedule+0x8e1/0x1eb0 [ 967.829910][ C1] ? io_schedule_timeout+0x140/0x140 [ 967.835171][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 967.840960][ C1] schedule+0xd0/0x2a0 [ 967.845023][ C1] futex_wait_queue_me+0x2a7/0x570 [ 967.850127][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 967.855319][ C1] futex_wait+0x1df/0x560 [ 967.859652][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 967.864679][ C1] ? mark_lock+0xbc/0x1710 [ 967.869084][ C1] ? hash_futex+0x12/0x200 [ 967.873478][ C1] ? futex_wake+0x155/0x490 [ 967.877957][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 967.882968][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 967.888946][ C1] ? lock_downgrade+0x820/0x820 [ 967.893772][ C1] do_futex+0x15b/0x1a60 [ 967.897995][ C1] ? lock_acquire+0x1f1/0xad0 [ 967.902644][ C1] ? __might_fault+0xef/0x1d0 [ 967.907296][ C1] ? find_held_lock+0x2d/0x110 [ 967.912035][ C1] ? futex_exit_release+0x220/0x220 [ 967.917208][ C1] ? lock_downgrade+0x820/0x820 [ 967.922035][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 967.928424][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 967.933457][ C1] ? __might_fault+0x190/0x1d0 [ 967.938199][ C1] ? _copy_to_user+0x126/0x160 [ 967.942954][ C1] __x64_sys_futex+0x378/0x4e0 [ 967.947700][ C1] ? do_futex+0x1a60/0x1a60 [ 967.952180][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 967.957799][ C1] ? lock_is_held_type+0xb0/0xe0 [ 967.962719][ C1] ? do_syscall_64+0x1c/0xe0 [ 967.967306][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 967.973269][ C1] do_syscall_64+0x60/0xe0 [ 967.977664][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 967.983568][ C1] RIP: 0033:0x45cb29 [ 967.987441][ C1] Code: Bad RIP value. [ 967.991478][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 967.999876][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 968.007837][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 968.015814][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 968.023768][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 968.031717][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 968.039691][ C1] syz-executor.1 S29976 12490 6984 0x00000000 [ 968.046026][ C1] Call Trace: [ 968.049317][ C1] __schedule+0x8e1/0x1eb0 [ 968.053717][ C1] ? io_schedule_timeout+0x140/0x140 [ 968.058982][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 968.064429][ C1] schedule+0xd0/0x2a0 [ 968.068487][ C1] futex_wait_queue_me+0x2a7/0x570 [ 968.073578][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 968.078775][ C1] futex_wait+0x1df/0x560 [ 968.083096][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 968.088105][ C1] ? hash_futex+0x12/0x200 [ 968.092519][ C1] ? futex_wake+0x155/0x490 [ 968.097010][ C1] ? lock_downgrade+0x820/0x820 [ 968.101840][ C1] do_futex+0x15b/0x1a60 [ 968.106079][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 968.111276][ C1] ? _raw_spin_unlock+0x24/0x40 [ 968.116113][ C1] ? do_wp_page+0x16a/0x1950 [ 968.120680][ C1] ? futex_exit_release+0x220/0x220 [ 968.125881][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 968.130897][ C1] ? find_held_lock+0x2d/0x110 [ 968.135730][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 968.140926][ C1] ? __up_read+0x1a1/0x7b0 [ 968.145325][ C1] ? _down_write_nest_lock+0x150/0x150 [ 968.150770][ C1] __x64_sys_futex+0x378/0x4e0 [ 968.155546][ C1] ? do_futex+0x1a60/0x1a60 [ 968.160137][ C1] ? lock_is_held_type+0xb0/0xe0 [ 968.165071][ C1] ? lock_is_held_type+0xb0/0xe0 [ 968.170256][ C1] ? do_syscall_64+0x1c/0xe0 [ 968.174829][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 968.180792][ C1] do_syscall_64+0x60/0xe0 [ 968.185191][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 968.191066][ C1] RIP: 0033:0x45cb29 [ 968.194946][ C1] Code: Bad RIP value. [ 968.198985][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 968.207372][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 968.215341][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 968.223307][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 968.231339][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 968.245813][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 968.254711][ C1] syz-executor.1 S29976 12538 6984 0x00000000 [ 968.261558][ C1] Call Trace: [ 968.264841][ C1] __schedule+0x8e1/0x1eb0 [ 968.269256][ C1] ? io_schedule_timeout+0x140/0x140 [ 968.274535][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 968.280007][ C1] schedule+0xd0/0x2a0 [ 968.284196][ C1] futex_wait_queue_me+0x2a7/0x570 [ 968.289316][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 968.294594][ C1] futex_wait+0x1df/0x560 [ 968.298927][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 968.303957][ C1] ? mark_lock+0xbc/0x1710 [ 968.308477][ C1] ? hash_futex+0x12/0x200 [ 968.312878][ C1] ? futex_wake+0x155/0x490 [ 968.317364][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 968.322390][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 968.328352][ C1] ? lock_downgrade+0x820/0x820 [ 968.333194][ C1] do_futex+0x15b/0x1a60 [ 968.337441][ C1] ? lock_acquire+0x1f1/0xad0 [ 968.342117][ C1] ? __might_fault+0xef/0x1d0 [ 968.346769][ C1] ? find_held_lock+0x2d/0x110 [ 968.351516][ C1] ? futex_exit_release+0x220/0x220 [ 968.356705][ C1] ? lock_downgrade+0x820/0x820 [ 968.361537][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 968.367755][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 968.372760][ C1] ? __might_fault+0x190/0x1d0 [ 968.377504][ C1] ? _copy_to_user+0x126/0x160 [ 968.382248][ C1] __x64_sys_futex+0x378/0x4e0 [ 968.386991][ C1] ? do_futex+0x1a60/0x1a60 [ 968.391470][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 968.397078][ C1] ? lock_is_held_type+0xb0/0xe0 [ 968.401996][ C1] ? do_syscall_64+0x1c/0xe0 [ 968.406585][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 968.412601][ C1] do_syscall_64+0x60/0xe0 [ 968.417000][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 968.422875][ C1] RIP: 0033:0x45cb29 [ 968.426743][ C1] Code: Bad RIP value. [ 968.430781][ C1] RSP: 002b:00007f57eae3dcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 968.439165][ C1] RAX: ffffffffffffffda RBX: 000000000078c188 RCX: 000000000045cb29 [ 968.447111][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c188 [ 968.455157][ C1] RBP: 000000000078c180 R08: 0000000000000000 R09: 0000000000000000 [ 968.463387][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c18c [ 968.472319][ C1] R13: 0000000000c9fb6f R14: 00007f57eae3e9c0 R15: 000000000078c18c [ 968.480471][ C1] syz-executor.5 S28040 12559 7388 0x00000000 [ 968.486783][ C1] Call Trace: [ 968.490165][ C1] __schedule+0x8e1/0x1eb0 [ 968.494596][ C1] ? io_schedule_timeout+0x140/0x140 [ 968.499978][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 968.505448][ C1] schedule+0xd0/0x2a0 [ 968.509517][ C1] futex_wait_queue_me+0x2a7/0x570 [ 968.514785][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 968.519964][ C1] futex_wait+0x1df/0x560 [ 968.524289][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 968.529292][ C1] ? mark_lock+0xbc/0x1710 [ 968.533713][ C1] ? hash_futex+0x12/0x200 [ 968.538148][ C1] ? futex_wake+0x155/0x490 [ 968.542665][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 968.547727][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 968.553690][ C1] do_futex+0x15b/0x1a60 [ 968.558032][ C1] ? lock_acquire+0x1f1/0xad0 [ 968.562739][ C1] ? __might_fault+0xef/0x1d0 [ 968.567405][ C1] ? find_held_lock+0x2d/0x110 [ 968.572389][ C1] ? futex_exit_release+0x220/0x220 [ 968.577573][ C1] ? lock_downgrade+0x820/0x820 [ 968.582414][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 968.588653][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 968.593673][ C1] ? __might_fault+0x190/0x1d0 [ 968.598413][ C1] ? _copy_to_user+0x126/0x160 [ 968.603157][ C1] __x64_sys_futex+0x378/0x4e0 [ 968.607921][ C1] ? do_futex+0x1a60/0x1a60 [ 968.612402][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 968.618144][ C1] ? lock_is_held_type+0xb0/0xe0 [ 968.624277][ C1] ? do_syscall_64+0x1c/0xe0 [ 968.628996][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 968.635062][ C1] do_syscall_64+0x60/0xe0 [ 968.639575][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 968.645444][ C1] RIP: 0033:0x45cb29 [ 968.649308][ C1] Code: Bad RIP value. [ 968.653372][ C1] RSP: 002b:00007f8614cd2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 968.661754][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 968.669705][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 968.677666][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 968.685691][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 968.693679][ C1] R13: 0000000000c9fb6f R14: 00007f8614cd39c0 R15: 000000000078bf0c [ 968.701661][ C1] syz-executor.5 S29080 12583 7388 0x00000000 [ 968.708270][ C1] Call Trace: [ 968.711543][ C1] __schedule+0x8e1/0x1eb0 [ 968.715942][ C1] ? io_schedule_timeout+0x140/0x140 [ 968.721295][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 968.726751][ C1] schedule+0xd0/0x2a0 [ 968.730805][ C1] futex_wait_queue_me+0x2a7/0x570 [ 968.735912][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 968.741093][ C1] futex_wait+0x1df/0x560 [ 968.745403][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 968.750406][ C1] ? rcu_read_lock_sched_held+0x3a/0xb0 [ 968.755934][ C1] ? mark_lock+0xbc/0x1710 [ 968.760327][ C1] ? ___sys_sendmsg+0x105/0x170 [ 968.765155][ C1] ? hash_futex+0x12/0x200 [ 968.769578][ C1] ? futex_wake+0x155/0x490 [ 968.774071][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 968.780134][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 968.786128][ C1] do_futex+0x15b/0x1a60 [ 968.790383][ C1] ? lock_acquire+0x1f1/0xad0 [ 968.795071][ C1] ? __might_fault+0xef/0x1d0 [ 968.800441][ C1] ? find_held_lock+0x2d/0x110 [ 968.805280][ C1] ? futex_exit_release+0x220/0x220 [ 968.810459][ C1] ? lock_downgrade+0x820/0x820 [ 968.815331][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 968.821554][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 968.826797][ C1] ? __might_fault+0x190/0x1d0 [ 968.831549][ C1] ? _copy_to_user+0x126/0x160 [ 968.836304][ C1] __x64_sys_futex+0x378/0x4e0 [ 968.841078][ C1] ? do_futex+0x1a60/0x1a60 [ 968.845734][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 968.851347][ C1] ? lock_is_held_type+0xb0/0xe0 [ 968.856268][ C1] ? do_syscall_64+0x1c/0xe0 [ 968.860855][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 968.866821][ C1] do_syscall_64+0x60/0xe0 [ 968.871242][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 968.877132][ C1] RIP: 0033:0x45cb29 [ 968.881001][ C1] Code: Bad RIP value. [ 968.885058][ C1] RSP: 002b:00007f8614cb1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 968.893446][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 968.901516][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 968.909486][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 968.917443][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 968.925478][ C1] R13: 0000000000c9fb6f R14: 00007f8614cb29c0 R15: 000000000078bfac [ 968.933442][ C1] syz-executor.1 S28632 12595 6984 0x00000000 [ 968.939757][ C1] Call Trace: [ 968.943030][ C1] __schedule+0x8e1/0x1eb0 [ 968.947447][ C1] ? io_schedule_timeout+0x140/0x140 [ 968.952805][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 968.958253][ C1] schedule+0xd0/0x2a0 [ 968.962413][ C1] futex_wait_queue_me+0x2a7/0x570 [ 968.967504][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 968.972860][ C1] futex_wait+0x1df/0x560 [ 968.977171][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 968.982176][ C1] ? mark_lock+0xbc/0x1710 [ 968.986570][ C1] ? hash_futex+0x12/0x200 [ 968.990966][ C1] ? futex_wake+0x155/0x490 [ 968.995532][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 969.000582][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 969.006542][ C1] ? lock_downgrade+0x820/0x820 [ 969.011376][ C1] do_futex+0x15b/0x1a60 [ 969.015600][ C1] ? lock_acquire+0x1f1/0xad0 [ 969.020252][ C1] ? __might_fault+0xef/0x1d0 [ 969.024910][ C1] ? find_held_lock+0x2d/0x110 [ 969.029661][ C1] ? futex_exit_release+0x220/0x220 [ 969.034838][ C1] ? lock_downgrade+0x820/0x820 [ 969.039671][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 969.046425][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 969.051434][ C1] ? __might_fault+0x190/0x1d0 [ 969.056182][ C1] ? _copy_to_user+0x126/0x160 [ 969.061924][ C1] __x64_sys_futex+0x378/0x4e0 [ 969.066671][ C1] ? do_futex+0x1a60/0x1a60 [ 969.071150][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 969.076779][ C1] ? lock_is_held_type+0xb0/0xe0 [ 969.081766][ C1] ? do_syscall_64+0x1c/0xe0 [ 969.086348][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 969.092437][ C1] do_syscall_64+0x60/0xe0 [ 969.097808][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 969.103692][ C1] RIP: 0033:0x45cb29 [ 969.107577][ C1] Code: Bad RIP value. [ 969.111663][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 969.120078][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 969.128030][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 969.136001][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 969.143971][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 969.151934][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 969.159900][ C1] syz-executor.1 S29976 12602 12595 0x00000000 [ 969.166218][ C1] Call Trace: [ 969.169504][ C1] __schedule+0x8e1/0x1eb0 [ 969.173910][ C1] ? io_schedule_timeout+0x140/0x140 [ 969.179196][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 969.184660][ C1] schedule+0xd0/0x2a0 [ 969.188734][ C1] futex_wait_queue_me+0x2a7/0x570 [ 969.194002][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 969.199585][ C1] futex_wait+0x1df/0x560 [ 969.204292][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 969.209487][ C1] ? mark_lock+0xbc/0x1710 [ 969.213888][ C1] ? hash_futex+0x12/0x200 [ 969.218286][ C1] ? futex_wake+0x155/0x490 [ 969.222780][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 969.227899][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 969.233863][ C1] ? lock_downgrade+0x820/0x820 [ 969.238699][ C1] do_futex+0x15b/0x1a60 [ 969.242937][ C1] ? lock_acquire+0x1f1/0xad0 [ 969.247597][ C1] ? __might_fault+0xef/0x1d0 [ 969.252254][ C1] ? find_held_lock+0x2d/0x110 [ 969.257135][ C1] ? futex_exit_release+0x220/0x220 [ 969.262343][ C1] ? lock_downgrade+0x820/0x820 [ 969.267180][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 969.273460][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 969.278511][ C1] ? __might_fault+0x190/0x1d0 [ 969.283255][ C1] ? _copy_to_user+0x126/0x160 [ 969.288019][ C1] __x64_sys_futex+0x378/0x4e0 [ 969.292765][ C1] ? do_futex+0x1a60/0x1a60 [ 969.297247][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 969.302872][ C1] ? lock_is_held_type+0xb0/0xe0 [ 969.307791][ C1] ? do_syscall_64+0x1c/0xe0 [ 969.312394][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 969.318732][ C1] do_syscall_64+0x60/0xe0 [ 969.323323][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 969.329231][ C1] RIP: 0033:0x45cb29 [ 969.333113][ C1] Code: Bad RIP value. [ 969.337264][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 969.345658][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 969.353633][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 969.361695][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 969.369658][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 969.377623][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 969.385594][ C1] syz-executor.1 S29976 12623 6984 0x00000000 [ 969.391926][ C1] Call Trace: [ 969.395207][ C1] __schedule+0x8e1/0x1eb0 [ 969.399608][ C1] ? io_schedule_timeout+0x140/0x140 [ 969.404877][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 969.410506][ C1] schedule+0xd0/0x2a0 [ 969.414563][ C1] futex_wait_queue_me+0x2a7/0x570 [ 969.419740][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 969.424916][ C1] ? futex_wake+0x1b5/0x490 [ 969.429399][ C1] ? find_held_lock+0x2d/0x110 [ 969.434157][ C1] futex_wait+0x1df/0x560 [ 969.438469][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 969.443483][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 969.448403][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 969.453580][ C1] ? futex_wake+0x155/0x490 [ 969.458073][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 969.464050][ C1] ? lock_downgrade+0x820/0x820 [ 969.469050][ C1] do_futex+0x15b/0x1a60 [ 969.473523][ C1] ? lock_acquire+0x1f1/0xad0 [ 969.478279][ C1] ? __might_fault+0xef/0x1d0 [ 969.482944][ C1] ? find_held_lock+0x2d/0x110 [ 969.489014][ C1] ? futex_exit_release+0x220/0x220 [ 969.494204][ C1] ? lock_downgrade+0x820/0x820 [ 969.499587][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 969.506071][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 969.511380][ C1] ? __might_fault+0x190/0x1d0 [ 969.516226][ C1] ? _copy_to_user+0x126/0x160 [ 969.520977][ C1] __x64_sys_futex+0x378/0x4e0 [ 969.525723][ C1] ? do_futex+0x1a60/0x1a60 [ 969.530225][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 969.535837][ C1] ? lock_is_held_type+0xb0/0xe0 [ 969.540862][ C1] ? do_syscall_64+0x1c/0xe0 [ 969.545444][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 969.551417][ C1] do_syscall_64+0x60/0xe0 [ 969.555812][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 969.561682][ C1] RIP: 0033:0x45cb29 [ 969.565548][ C1] Code: Bad RIP value. [ 969.569689][ C1] RSP: 002b:00007f57eae5ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 969.578111][ C1] RAX: ffffffffffffffda RBX: 000000000078c0e8 RCX: 000000000045cb29 [ 969.586066][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c0e8 [ 969.594015][ C1] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 969.601966][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c0ec [ 969.609919][ C1] R13: 0000000000c9fb6f R14: 00007f57eae5f9c0 R15: 000000000078c0ec [ 969.618174][ C1] syz-executor.1 S28928 12641 6984 0x00000000 [ 969.628761][ C1] Call Trace: [ 969.632351][ C1] __schedule+0x8e1/0x1eb0 [ 969.636782][ C1] ? io_schedule_timeout+0x140/0x140 [ 969.642412][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 969.647885][ C1] schedule+0xd0/0x2a0 [ 969.652808][ C1] futex_wait_queue_me+0x2a7/0x570 [ 969.659310][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 969.664921][ C1] ? futex_wake+0x1b5/0x490 [ 969.669420][ C1] ? find_held_lock+0x2d/0x110 [ 969.674161][ C1] futex_wait+0x1df/0x560 [ 969.678476][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 969.684353][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 969.689327][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 969.694667][ C1] ? futex_wake+0x155/0x490 [ 969.699269][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 969.705258][ C1] do_futex+0x15b/0x1a60 [ 969.709545][ C1] ? lock_acquire+0x1f1/0xad0 [ 969.714503][ C1] ? __might_fault+0xef/0x1d0 [ 969.719158][ C1] ? find_held_lock+0x2d/0x110 [ 969.723916][ C1] ? futex_exit_release+0x220/0x220 [ 969.729091][ C1] ? lock_downgrade+0x820/0x820 [ 969.734618][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 969.740974][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 969.746338][ C1] ? __might_fault+0x190/0x1d0 [ 969.751102][ C1] ? _copy_to_user+0x126/0x160 [ 969.755858][ C1] __x64_sys_futex+0x378/0x4e0 [ 969.760729][ C1] ? do_futex+0x1a60/0x1a60 [ 969.765217][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 969.770846][ C1] ? lock_is_held_type+0xb0/0xe0 [ 969.776225][ C1] ? do_syscall_64+0x1c/0xe0 [ 969.780807][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 969.786791][ C1] do_syscall_64+0x60/0xe0 [ 969.791199][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 969.797091][ C1] RIP: 0033:0x45cb29 [ 969.800974][ C1] Code: Bad RIP value. [ 969.805020][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 969.813584][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 969.821537][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 969.829579][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 969.837616][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 969.845569][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 969.854577][ C1] syz-executor.1 S29976 12642 12641 0x00000000 [ 969.860904][ C1] Call Trace: [ 969.864183][ C1] __schedule+0x8e1/0x1eb0 [ 969.868677][ C1] ? io_schedule_timeout+0x140/0x140 [ 969.873959][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 969.879423][ C1] schedule+0xd0/0x2a0 [ 969.883931][ C1] futex_wait_queue_me+0x2a7/0x570 [ 969.889101][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 969.894737][ C1] ? futex_wake+0x1b5/0x490 [ 969.899226][ C1] ? find_held_lock+0x2d/0x110 [ 969.903975][ C1] futex_wait+0x1df/0x560 [ 969.908308][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 969.914180][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 969.919099][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 969.924449][ C1] ? futex_wake+0x155/0x490 [ 969.928957][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 969.935016][ C1] ? lock_downgrade+0x820/0x820 [ 969.939849][ C1] do_futex+0x15b/0x1a60 [ 969.944423][ C1] ? lock_acquire+0x1f1/0xad0 [ 969.949080][ C1] ? __might_fault+0xef/0x1d0 [ 969.953818][ C1] ? find_held_lock+0x2d/0x110 [ 969.958671][ C1] ? futex_exit_release+0x220/0x220 [ 969.963975][ C1] ? lock_downgrade+0x820/0x820 [ 969.968820][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 969.976269][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 969.982392][ C1] ? __might_fault+0x190/0x1d0 [ 969.988290][ C1] ? _copy_to_user+0x126/0x160 [ 969.994502][ C1] __x64_sys_futex+0x378/0x4e0 [ 969.999348][ C1] ? do_futex+0x1a60/0x1a60 [ 970.003831][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 970.009449][ C1] ? lock_is_held_type+0xb0/0xe0 [ 970.014409][ C1] ? do_syscall_64+0x1c/0xe0 [ 970.018989][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 970.025045][ C1] do_syscall_64+0x60/0xe0 [ 970.030505][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 970.037888][ C1] RIP: 0033:0x45cb29 [ 970.041761][ C1] Code: Bad RIP value. [ 970.045896][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 970.054547][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 970.063042][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 970.071783][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 970.080195][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 970.089646][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 970.098807][ C1] syz-executor.1 S29680 12655 12641 0x00000000 [ 970.106191][ C1] Call Trace: [ 970.110697][ C1] __schedule+0x8e1/0x1eb0 [ 970.116226][ C1] ? io_schedule_timeout+0x140/0x140 [ 970.121524][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 970.127784][ C1] schedule+0xd0/0x2a0 [ 970.133185][ C1] futex_wait_queue_me+0x2a7/0x570 [ 970.138800][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 970.144013][ C1] futex_wait+0x1df/0x560 [ 970.148336][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 970.153342][ C1] ? mark_lock+0xbc/0x1710 [ 970.157740][ C1] ? hash_futex+0x12/0x200 [ 970.162141][ C1] ? futex_wake+0x155/0x490 [ 970.172924][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 970.177945][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 970.183902][ C1] ? lock_downgrade+0x820/0x820 [ 970.188734][ C1] do_futex+0x15b/0x1a60 [ 970.192962][ C1] ? lock_acquire+0x1f1/0xad0 [ 970.197616][ C1] ? __might_fault+0xef/0x1d0 [ 970.202362][ C1] ? find_held_lock+0x2d/0x110 [ 970.207128][ C1] ? futex_exit_release+0x220/0x220 [ 970.212505][ C1] ? lock_downgrade+0x820/0x820 [ 970.217895][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 970.224913][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 970.229945][ C1] ? __might_fault+0x190/0x1d0 [ 970.234954][ C1] ? _copy_to_user+0x126/0x160 [ 970.239792][ C1] __x64_sys_futex+0x378/0x4e0 [ 970.245518][ C1] ? do_futex+0x1a60/0x1a60 [ 970.254173][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 970.260626][ C1] ? lock_is_held_type+0xb0/0xe0 [ 970.269884][ C1] ? do_syscall_64+0x1c/0xe0 [ 970.276280][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 970.282241][ C1] do_syscall_64+0x60/0xe0 [ 970.286831][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 970.293252][ C1] RIP: 0033:0x45cb29 [ 970.298775][ C1] Code: Bad RIP value. [ 970.303329][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 970.313065][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 970.321602][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 970.329831][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 970.337786][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 970.346692][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 970.355093][ C1] syz-executor.1 S28872 12672 6984 0x00000000 [ 970.361404][ C1] Call Trace: [ 970.364684][ C1] __schedule+0x8e1/0x1eb0 [ 970.369102][ C1] ? io_schedule_timeout+0x140/0x140 [ 970.374365][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 970.380150][ C1] schedule+0xd0/0x2a0 [ 970.384215][ C1] schedule_timeout+0x1d8/0x250 [ 970.389042][ C1] ? usleep_range+0x170/0x170 [ 970.393897][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 970.398985][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 970.404874][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 970.410664][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 970.416274][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 970.422058][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 970.428029][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 970.433835][ C1] ? skb_free_datagram+0xf0/0xf0 [ 970.438946][ C1] ? proto_seq_start+0x50/0x50 [ 970.443689][ C1] ? skb_segment.cold+0x38/0x38 [ 970.448776][ C1] ? mark_lock+0xbc/0x1710 [ 970.459697][ C1] __skb_recv_datagram+0x171/0x220 [ 970.468877][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 970.475018][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 970.480203][ C1] ? __schedule+0x887/0x1eb0 [ 970.484774][ C1] ? lock_is_held_type+0xb0/0xe0 [ 970.489710][ C1] skb_recv_datagram+0xa7/0xe0 [ 970.494458][ C1] ? __skb_recv_datagram+0x220/0x220 [ 970.499727][ C1] ? aa_sk_perm+0x316/0xaa0 [ 970.504269][ C1] ? __might_fault+0xef/0x1d0 [ 970.513883][ C1] raw_recvmsg+0xab/0x550 [ 970.518467][ C1] ? raw_release+0x890/0x890 [ 970.523407][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 970.528955][ C1] ? raw_release+0x890/0x890 [ 970.534137][ C1] ____sys_recvmsg+0x2c4/0x640 [ 970.539856][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 970.546188][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 970.552198][ C1] ? import_iovec+0x23b/0x3d0 [ 970.559874][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 970.567758][ C1] ___sys_recvmsg+0x127/0x200 [ 970.573332][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 970.581904][ C1] ? lock_downgrade+0x820/0x820 [ 970.586941][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 970.591960][ C1] ? __fget_files+0x294/0x400 [ 970.598896][ C1] ? __fget_light+0xea/0x280 [ 970.603474][ C1] do_recvmmsg+0x24d/0x6d0 [ 970.607972][ C1] ? ___sys_recvmsg+0x200/0x200 [ 970.612818][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 970.619041][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 970.624070][ C1] ? put_timespec64+0xcb/0x120 [ 970.631118][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 970.636976][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 970.642279][ C1] ? __do_sys_socketcall+0x550/0x550 [ 970.647632][ C1] ? lock_is_held_type+0xb0/0xe0 [ 970.652999][ C1] ? do_syscall_64+0x1c/0xe0 [ 970.658003][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 970.664150][ C1] do_syscall_64+0x60/0xe0 [ 970.669420][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 970.675484][ C1] RIP: 0033:0x45cb29 [ 970.679353][ C1] Code: Bad RIP value. [ 970.683849][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 970.693471][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 970.701702][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 970.710033][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 970.719117][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 970.728364][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 970.736366][ C1] syz-executor.1 S29976 12675 12672 0x00000000 [ 970.743042][ C1] Call Trace: [ 970.746327][ C1] __schedule+0x8e1/0x1eb0 [ 970.750731][ C1] ? io_schedule_timeout+0x140/0x140 [ 970.756031][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 970.761493][ C1] schedule+0xd0/0x2a0 [ 970.765559][ C1] futex_wait_queue_me+0x2a7/0x570 [ 970.770649][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 970.775981][ C1] futex_wait+0x1df/0x560 [ 970.780570][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 970.785928][ C1] ? mark_lock+0xbc/0x1710 [ 970.790411][ C1] ? hash_futex+0x12/0x200 [ 970.794825][ C1] ? futex_wake+0x155/0x490 [ 970.799332][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 970.804798][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 970.810777][ C1] ? lock_downgrade+0x820/0x820 [ 970.815610][ C1] do_futex+0x15b/0x1a60 [ 970.820377][ C1] ? lock_acquire+0x1f1/0xad0 [ 970.825051][ C1] ? __might_fault+0xef/0x1d0 [ 970.829879][ C1] ? find_held_lock+0x2d/0x110 [ 970.834621][ C1] ? futex_exit_release+0x220/0x220 [ 970.839818][ C1] ? lock_downgrade+0x820/0x820 [ 970.845103][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 970.851498][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 970.857028][ C1] ? __might_fault+0x190/0x1d0 [ 970.861771][ C1] ? _copy_to_user+0x126/0x160 [ 970.866522][ C1] __x64_sys_futex+0x378/0x4e0 [ 970.871290][ C1] ? do_futex+0x1a60/0x1a60 [ 970.875774][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 970.883676][ C1] ? lock_is_held_type+0xb0/0xe0 [ 970.891616][ C1] ? do_syscall_64+0x1c/0xe0 [ 970.898206][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 970.904994][ C1] do_syscall_64+0x60/0xe0 [ 970.913149][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 970.919495][ C1] RIP: 0033:0x45cb29 [ 970.923368][ C1] Code: Bad RIP value. [ 970.927588][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 970.937294][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 970.945284][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 970.957503][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 970.967926][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 970.979409][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 970.990680][ C1] syz-executor.1 S29976 12683 6984 0x00004000 [ 970.997193][ C1] Call Trace: [ 971.000571][ C1] __schedule+0x8e1/0x1eb0 [ 971.005075][ C1] ? io_schedule_timeout+0x140/0x140 [ 971.010516][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 971.016503][ C1] schedule+0xd0/0x2a0 [ 971.020747][ C1] futex_wait_queue_me+0x2a7/0x570 [ 971.025870][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 971.031247][ C1] futex_wait+0x1df/0x560 [ 971.035563][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 971.040920][ C1] ? mark_lock+0xbc/0x1710 [ 971.045321][ C1] ? hash_futex+0x12/0x200 [ 971.049733][ C1] ? futex_wake+0x155/0x490 [ 971.054415][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 971.059477][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 971.065632][ C1] ? lock_downgrade+0x820/0x820 [ 971.070487][ C1] do_futex+0x15b/0x1a60 [ 971.074715][ C1] ? lock_acquire+0x1f1/0xad0 [ 971.079372][ C1] ? __might_fault+0xef/0x1d0 [ 971.084117][ C1] ? find_held_lock+0x2d/0x110 [ 971.088881][ C1] ? futex_exit_release+0x220/0x220 [ 971.094288][ C1] ? lock_downgrade+0x820/0x820 [ 971.099419][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 971.106033][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 971.111338][ C1] ? __might_fault+0x190/0x1d0 [ 971.116370][ C1] ? _copy_to_user+0x126/0x160 [ 971.121161][ C1] __x64_sys_futex+0x378/0x4e0 [ 971.125954][ C1] ? do_futex+0x1a60/0x1a60 [ 971.130536][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 971.136156][ C1] ? lock_is_held_type+0xb0/0xe0 [ 971.141132][ C1] ? do_syscall_64+0x1c/0xe0 [ 971.145820][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 971.151796][ C1] do_syscall_64+0x60/0xe0 [ 971.156200][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 971.162171][ C1] RIP: 0033:0x45cb29 [ 971.166036][ C1] Code: Bad RIP value. [ 971.170094][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 971.178494][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 971.186967][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 971.194915][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 971.202952][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 971.210933][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 971.219359][ C1] syz-executor.0 S28336 12704 6845 0x00000000 [ 971.225785][ C1] Call Trace: [ 971.232176][ C1] __schedule+0x8e1/0x1eb0 [ 971.237215][ C1] ? io_schedule_timeout+0x140/0x140 [ 971.244420][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 971.249980][ C1] schedule+0xd0/0x2a0 [ 971.254467][ C1] futex_wait_queue_me+0x2a7/0x570 [ 971.261136][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 971.266416][ C1] futex_wait+0x1df/0x560 [ 971.270849][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 971.276310][ C1] ? mark_lock+0xbc/0x1710 [ 971.280902][ C1] ? hash_futex+0x12/0x200 [ 971.287163][ C1] ? futex_wake+0x155/0x490 [ 971.292845][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 971.297865][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 971.304346][ C1] ? find_held_lock+0x2d/0x110 [ 971.309492][ C1] do_futex+0x15b/0x1a60 [ 971.314062][ C1] ? lock_acquire+0x1f1/0xad0 [ 971.319413][ C1] ? __might_fault+0xef/0x1d0 [ 971.324115][ C1] ? find_held_lock+0x2d/0x110 [ 971.328903][ C1] ? futex_exit_release+0x220/0x220 [ 971.334283][ C1] ? lock_downgrade+0x820/0x820 [ 971.339156][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 971.345801][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 971.350838][ C1] ? __might_fault+0x190/0x1d0 [ 971.355592][ C1] ? _copy_to_user+0x126/0x160 [ 971.360349][ C1] __x64_sys_futex+0x378/0x4e0 [ 971.365114][ C1] ? do_futex+0x1a60/0x1a60 [ 971.369609][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 971.375240][ C1] ? lock_is_held_type+0xb0/0xe0 [ 971.380185][ C1] ? do_syscall_64+0x1c/0xe0 [ 971.384785][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 971.390762][ C1] do_syscall_64+0x60/0xe0 [ 971.395171][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 971.401079][ C1] RIP: 0033:0x45cb29 [ 971.404944][ C1] Code: Bad RIP value. [ 971.408986][ C1] RSP: 002b:00007fbcbd7a7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 971.417381][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 971.425341][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 971.433308][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 971.441262][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 971.449344][ C1] R13: 0000000000c9fb6f R14: 00007fbcbd7a89c0 R15: 000000000078bf0c [ 971.457326][ C1] syz-executor.1 S29976 12712 6984 0x00000000 [ 971.463655][ C1] Call Trace: [ 971.466949][ C1] __schedule+0x8e1/0x1eb0 [ 971.471347][ C1] ? io_schedule_timeout+0x140/0x140 [ 971.476699][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 971.482139][ C1] schedule+0xd0/0x2a0 [ 971.486190][ C1] futex_wait_queue_me+0x2a7/0x570 [ 971.491285][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 971.496498][ C1] futex_wait+0x1df/0x560 [ 971.500825][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 971.505826][ C1] ? hash_futex+0x12/0x200 [ 971.510231][ C1] ? futex_wake+0x155/0x490 [ 971.514738][ C1] ? lock_downgrade+0x820/0x820 [ 971.519582][ C1] do_futex+0x15b/0x1a60 [ 971.523821][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 971.528997][ C1] ? _raw_spin_unlock+0x24/0x40 [ 971.533839][ C1] ? do_wp_page+0x16a/0x1950 [ 971.538480][ C1] ? futex_exit_release+0x220/0x220 [ 971.543679][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 971.548683][ C1] ? find_held_lock+0x2d/0x110 [ 971.553426][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 971.558638][ C1] ? __up_read+0x1a1/0x7b0 [ 971.563037][ C1] ? _down_write_nest_lock+0x150/0x150 [ 971.568496][ C1] __x64_sys_futex+0x378/0x4e0 [ 971.573264][ C1] ? do_futex+0x1a60/0x1a60 [ 971.577753][ C1] ? lock_is_held_type+0xb0/0xe0 [ 971.582672][ C1] ? lock_is_held_type+0xb0/0xe0 [ 971.587591][ C1] ? do_syscall_64+0x1c/0xe0 [ 971.592163][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 971.598484][ C1] do_syscall_64+0x60/0xe0 [ 971.602896][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 971.608776][ C1] RIP: 0033:0x45cb29 [ 971.612642][ C1] Code: Bad RIP value. [ 971.616890][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 971.625643][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 971.633620][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 971.641597][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 971.649547][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 971.657587][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 971.665895][ C1] syz-executor.0 S29976 12756 6845 0x00000000 [ 971.672791][ C1] Call Trace: [ 971.676172][ C1] __schedule+0x8e1/0x1eb0 [ 971.681418][ C1] ? io_schedule_timeout+0x140/0x140 [ 971.686902][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 971.692350][ C1] schedule+0xd0/0x2a0 [ 971.696568][ C1] futex_wait_queue_me+0x2a7/0x570 [ 971.701855][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 971.707035][ C1] futex_wait+0x1df/0x560 [ 971.712103][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 971.717122][ C1] ? wake_up_q+0xa3/0x100 [ 971.721637][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 971.726826][ C1] ? futex_wake+0x155/0x490 [ 971.731316][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 971.737274][ C1] do_futex+0x15b/0x1a60 [ 971.741500][ C1] ? lock_acquire+0x1f1/0xad0 [ 971.746153][ C1] ? __might_fault+0xef/0x1d0 [ 971.750806][ C1] ? find_held_lock+0x2d/0x110 [ 971.755550][ C1] ? futex_exit_release+0x220/0x220 [ 971.760730][ C1] ? lock_downgrade+0x820/0x820 [ 971.765582][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 971.771813][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 971.776949][ C1] ? __might_fault+0x190/0x1d0 [ 971.782745][ C1] ? _copy_to_user+0x126/0x160 [ 971.787526][ C1] __x64_sys_futex+0x378/0x4e0 [ 971.792287][ C1] ? do_futex+0x1a60/0x1a60 [ 971.796777][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 971.802392][ C1] ? lock_is_held_type+0xb0/0xe0 [ 971.807318][ C1] ? do_syscall_64+0x1c/0xe0 [ 971.811973][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 971.817937][ C1] do_syscall_64+0x60/0xe0 [ 971.822344][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 971.828217][ C1] RIP: 0033:0x45cb29 [ 971.832085][ C1] Code: Bad RIP value. [ 971.836126][ C1] RSP: 002b:00007fbcbd7a7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 971.844533][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 971.852485][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 971.860610][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 971.868562][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 971.876603][ C1] R13: 0000000000c9fb6f R14: 00007fbcbd7a89c0 R15: 000000000078bf0c [ 971.884589][ C1] syz-executor.1 S29976 12759 6984 0x00000000 [ 971.890907][ C1] Call Trace: [ 971.894209][ C1] __schedule+0x8e1/0x1eb0 [ 971.898633][ C1] ? io_schedule_timeout+0x140/0x140 [ 971.903908][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 971.909354][ C1] schedule+0xd0/0x2a0 [ 971.913589][ C1] futex_wait_queue_me+0x2a7/0x570 [ 971.918856][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 971.924292][ C1] futex_wait+0x1df/0x560 [ 971.928621][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 971.933808][ C1] ? mark_lock+0xbc/0x1710 [ 971.938211][ C1] ? hash_futex+0x12/0x200 [ 971.943128][ C1] ? futex_wake+0x155/0x490 [ 971.947612][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 971.952635][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 971.958593][ C1] ? lock_downgrade+0x820/0x820 [ 971.963425][ C1] do_futex+0x15b/0x1a60 [ 971.968607][ C1] ? lock_acquire+0x1f1/0xad0 [ 971.973261][ C1] ? __might_fault+0xef/0x1d0 [ 971.977915][ C1] ? find_held_lock+0x2d/0x110 [ 971.982658][ C1] ? futex_exit_release+0x220/0x220 [ 971.987936][ C1] ? lock_downgrade+0x820/0x820 [ 971.992770][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 971.999006][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 972.004062][ C1] ? __might_fault+0x190/0x1d0 [ 972.009766][ C1] ? _copy_to_user+0x126/0x160 [ 972.014679][ C1] __x64_sys_futex+0x378/0x4e0 [ 972.019591][ C1] ? do_futex+0x1a60/0x1a60 [ 972.024114][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 972.029745][ C1] ? lock_is_held_type+0xb0/0xe0 [ 972.034678][ C1] ? do_syscall_64+0x1c/0xe0 [ 972.039255][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 972.045933][ C1] do_syscall_64+0x60/0xe0 [ 972.050653][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 972.056545][ C1] RIP: 0033:0x45cb29 [ 972.060418][ C1] Code: Bad RIP value. [ 972.064457][ C1] RSP: 002b:00007f57eae5ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 972.072844][ C1] RAX: ffffffffffffffda RBX: 000000000078c0e8 RCX: 000000000045cb29 [ 972.080879][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c0e8 [ 972.088848][ C1] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 972.096800][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c0ec [ 972.104762][ C1] R13: 0000000000c9fb6f R14: 00007f57eae5f9c0 R15: 000000000078c0ec [ 972.112744][ C1] syz-executor.2 S29976 12767 7107 0x00000000 [ 972.119073][ C1] Call Trace: [ 972.122365][ C1] __schedule+0x8e1/0x1eb0 [ 972.126767][ C1] ? io_schedule_timeout+0x140/0x140 [ 972.132041][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 972.137746][ C1] schedule+0xd0/0x2a0 [ 972.141911][ C1] futex_wait_queue_me+0x2a7/0x570 [ 972.147028][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 972.153552][ C1] futex_wait+0x1df/0x560 [ 972.158735][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 972.163745][ C1] ? wake_up_q+0xa3/0x100 [ 972.168055][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 972.173276][ C1] ? futex_wake+0x155/0x490 [ 972.178101][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 972.184153][ C1] do_futex+0x15b/0x1a60 [ 972.188488][ C1] ? lock_acquire+0x1f1/0xad0 [ 972.193162][ C1] ? __might_fault+0xef/0x1d0 [ 972.197822][ C1] ? find_held_lock+0x2d/0x110 [ 972.202567][ C1] ? futex_exit_release+0x220/0x220 [ 972.207746][ C1] ? lock_downgrade+0x820/0x820 [ 972.212684][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 972.218907][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 972.223919][ C1] ? __might_fault+0x190/0x1d0 [ 972.228662][ C1] ? _copy_to_user+0x126/0x160 [ 972.233411][ C1] __x64_sys_futex+0x378/0x4e0 [ 972.238153][ C1] ? do_futex+0x1a60/0x1a60 [ 972.242630][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 972.248243][ C1] ? lock_is_held_type+0xb0/0xe0 [ 972.253159][ C1] ? do_syscall_64+0x1c/0xe0 [ 972.257826][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 972.263799][ C1] do_syscall_64+0x60/0xe0 [ 972.268213][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 972.274347][ C1] RIP: 0033:0x45cb29 [ 972.278250][ C1] Code: Bad RIP value. [ 972.282374][ C1] RSP: 002b:00007fd4292bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 972.292212][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 972.300251][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 972.308680][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 972.316742][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 972.324704][ C1] R13: 0000000000c9fb6f R14: 00007fd4292be9c0 R15: 000000000078bf0c [ 972.332698][ C1] syz-executor.2 S29976 12780 7107 0x00000000 [ 972.339170][ C1] Call Trace: [ 972.342459][ C1] __schedule+0x8e1/0x1eb0 [ 972.347141][ C1] ? io_schedule_timeout+0x140/0x140 [ 972.352492][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 972.357951][ C1] schedule+0xd0/0x2a0 [ 972.362022][ C1] futex_wait_queue_me+0x2a7/0x570 [ 972.367287][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 972.374686][ C1] futex_wait+0x1df/0x560 [ 972.379116][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 972.384127][ C1] ? wake_up_q+0xa3/0x100 [ 972.388604][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 972.393803][ C1] ? futex_wake+0x155/0x490 [ 972.398301][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 972.404512][ C1] do_futex+0x15b/0x1a60 [ 972.408775][ C1] ? lock_acquire+0x1f1/0xad0 [ 972.413445][ C1] ? __might_fault+0xef/0x1d0 [ 972.418122][ C1] ? find_held_lock+0x2d/0x110 [ 972.422895][ C1] ? futex_exit_release+0x220/0x220 [ 972.429685][ C1] ? lock_downgrade+0x820/0x820 [ 972.434627][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 972.441354][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 972.446370][ C1] ? __might_fault+0x190/0x1d0 [ 972.451116][ C1] ? _copy_to_user+0x126/0x160 [ 972.455889][ C1] __x64_sys_futex+0x378/0x4e0 [ 972.460647][ C1] ? do_futex+0x1a60/0x1a60 [ 972.465131][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 972.471171][ C1] ? lock_is_held_type+0xb0/0xe0 [ 972.477214][ C1] ? do_syscall_64+0x1c/0xe0 [ 972.484193][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 972.490179][ C1] do_syscall_64+0x60/0xe0 [ 972.494670][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 972.500543][ C1] RIP: 0033:0x45cb29 [ 972.504419][ C1] Code: Bad RIP value. [ 972.508705][ C1] RSP: 002b:00007fd4292bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 972.520290][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 972.528322][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 972.536285][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 972.544256][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 972.552207][ C1] R13: 0000000000c9fb6f R14: 00007fd4292be9c0 R15: 000000000078bf0c [ 972.560360][ C1] syz-executor.1 S29976 12787 6984 0x00000000 [ 972.568252][ C1] Call Trace: [ 972.571530][ C1] __schedule+0x8e1/0x1eb0 [ 972.575930][ C1] ? io_schedule_timeout+0x140/0x140 [ 972.581229][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 972.586683][ C1] schedule+0xd0/0x2a0 [ 972.590748][ C1] futex_wait_queue_me+0x2a7/0x570 [ 972.596021][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 972.601199][ C1] futex_wait+0x1df/0x560 [ 972.605529][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 972.610531][ C1] ? hash_futex+0x12/0x200 [ 972.614945][ C1] ? futex_wake+0x155/0x490 [ 972.619437][ C1] ? lock_downgrade+0x820/0x820 [ 972.624292][ C1] do_futex+0x15b/0x1a60 [ 972.629079][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 972.634448][ C1] ? _raw_spin_unlock+0x24/0x40 [ 972.639281][ C1] ? do_wp_page+0x16a/0x1950 [ 972.643850][ C1] ? futex_exit_release+0x220/0x220 [ 972.650069][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 972.655103][ C1] ? find_held_lock+0x2d/0x110 [ 972.660643][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 972.665824][ C1] ? __up_read+0x1a1/0x7b0 [ 972.670234][ C1] ? _down_write_nest_lock+0x150/0x150 [ 972.675771][ C1] __x64_sys_futex+0x378/0x4e0 [ 972.680517][ C1] ? do_futex+0x1a60/0x1a60 [ 972.685021][ C1] ? lock_is_held_type+0xb0/0xe0 [ 972.689951][ C1] ? lock_is_held_type+0xb0/0xe0 [ 972.694869][ C1] ? do_syscall_64+0x1c/0xe0 [ 972.699439][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 972.705563][ C1] do_syscall_64+0x60/0xe0 [ 972.709984][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 972.715875][ C1] RIP: 0033:0x45cb29 [ 972.719756][ C1] Code: Bad RIP value. [ 972.723812][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 972.732299][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 972.740246][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 972.748209][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 972.756266][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 972.764247][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 972.772210][ C1] syz-executor.2 S29976 12794 7107 0x00000000 [ 972.778536][ C1] Call Trace: [ 972.781825][ C1] __schedule+0x8e1/0x1eb0 [ 972.786229][ C1] ? io_schedule_timeout+0x140/0x140 [ 972.791494][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 972.796937][ C1] schedule+0xd0/0x2a0 [ 972.801000][ C1] futex_wait_queue_me+0x2a7/0x570 [ 972.806087][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 972.811351][ C1] futex_wait+0x1df/0x560 [ 972.815666][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 972.820685][ C1] ? wake_up_q+0xa3/0x100 [ 972.824988][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 972.830178][ C1] ? futex_wake+0x155/0x490 [ 972.834666][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 972.840629][ C1] do_futex+0x15b/0x1a60 [ 972.844854][ C1] ? lock_acquire+0x1f1/0xad0 [ 972.849508][ C1] ? __might_fault+0xef/0x1d0 [ 972.854190][ C1] ? find_held_lock+0x2d/0x110 [ 972.858947][ C1] ? futex_exit_release+0x220/0x220 [ 972.864137][ C1] ? lock_downgrade+0x820/0x820 [ 972.869497][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 972.875975][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 972.880996][ C1] ? __might_fault+0x190/0x1d0 [ 972.885733][ C1] ? _copy_to_user+0x126/0x160 [ 972.890476][ C1] __x64_sys_futex+0x378/0x4e0 [ 972.895219][ C1] ? do_futex+0x1a60/0x1a60 [ 972.899699][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 972.905310][ C1] ? lock_is_held_type+0xb0/0xe0 [ 972.910228][ C1] ? do_syscall_64+0x1c/0xe0 [ 972.914795][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 972.920751][ C1] do_syscall_64+0x60/0xe0 [ 972.925152][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 972.931041][ C1] RIP: 0033:0x45cb29 [ 972.935520][ C1] Code: Bad RIP value. [ 972.939648][ C1] RSP: 002b:00007fd4292bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 972.948050][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 972.955997][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 972.964061][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 972.972218][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 972.980171][ C1] R13: 0000000000c9fb6f R14: 00007fd4292be9c0 R15: 000000000078bf0c [ 972.988154][ C1] syz-executor.1 S29976 12835 6984 0x00000000 [ 972.994471][ C1] Call Trace: [ 972.997761][ C1] __schedule+0x8e1/0x1eb0 [ 973.002171][ C1] ? io_schedule_timeout+0x140/0x140 [ 973.007456][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 973.012897][ C1] schedule+0xd0/0x2a0 [ 973.016946][ C1] futex_wait_queue_me+0x2a7/0x570 [ 973.022037][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 973.027238][ C1] ? futex_wake+0x1b5/0x490 [ 973.031721][ C1] ? find_held_lock+0x2d/0x110 [ 973.036471][ C1] futex_wait+0x1df/0x560 [ 973.040953][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 973.046037][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 973.050953][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 973.056137][ C1] ? futex_wake+0x155/0x490 [ 973.060668][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 973.066653][ C1] ? lock_downgrade+0x820/0x820 [ 973.071487][ C1] do_futex+0x15b/0x1a60 [ 973.075713][ C1] ? lock_acquire+0x1f1/0xad0 [ 973.080455][ C1] ? __might_fault+0xef/0x1d0 [ 973.085283][ C1] ? find_held_lock+0x2d/0x110 [ 973.090047][ C1] ? futex_exit_release+0x220/0x220 [ 973.095434][ C1] ? lock_downgrade+0x820/0x820 [ 973.100307][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 973.106556][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 973.111582][ C1] ? __might_fault+0x190/0x1d0 [ 973.116324][ C1] ? _copy_to_user+0x126/0x160 [ 973.121607][ C1] __x64_sys_futex+0x378/0x4e0 [ 973.126350][ C1] ? do_futex+0x1a60/0x1a60 [ 973.130918][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 973.136535][ C1] ? lock_is_held_type+0xb0/0xe0 [ 973.141451][ C1] ? do_syscall_64+0x1c/0xe0 [ 973.146036][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 973.152015][ C1] do_syscall_64+0x60/0xe0 [ 973.156411][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 973.162285][ C1] RIP: 0033:0x45cb29 [ 973.166152][ C1] Code: Bad RIP value. [ 973.170194][ C1] RSP: 002b:00007f57eae5ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 973.183026][ C1] RAX: ffffffffffffffda RBX: 000000000078c0e8 RCX: 000000000045cb29 [ 973.191230][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c0e8 [ 973.199323][ C1] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 973.208864][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c0ec [ 973.216906][ C1] R13: 0000000000c9fb6f R14: 00007f57eae5f9c0 R15: 000000000078c0ec [ 973.225179][ C1] syz-executor.2 D26320 12854 7107 0x00004000 [ 973.232618][ C1] Call Trace: [ 973.235895][ C1] __schedule+0x8e1/0x1eb0 [ 973.240293][ C1] ? io_schedule_timeout+0x140/0x140 [ 973.245602][ C1] schedule+0xd0/0x2a0 [ 973.249691][ C1] schedule_timeout+0x1d8/0x250 [ 973.254525][ C1] ? usleep_range+0x170/0x170 [ 973.259181][ C1] ? lock_downgrade+0x820/0x820 [ 973.264651][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 973.269666][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 973.274855][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 973.280816][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 973.286605][ C1] wait_for_completion_killable+0x162/0x310 [ 973.292482][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 973.297935][ C1] ? wait_for_completion_killable_timeout+0x2e0/0x2e0 [ 973.304692][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 973.310736][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 973.315762][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 973.320862][ C1] _do_fork+0x5d7/0xa70 [ 973.325135][ C1] ? copy_init_mm+0x20/0x20 [ 973.329650][ C1] ? __might_fault+0x190/0x1d0 [ 973.334409][ C1] __do_sys_clone+0xef/0x150 [ 973.338982][ C1] ? __do_sys_clone3+0x320/0x320 [ 973.344137][ C1] ? lock_is_held_type+0xb0/0xe0 [ 973.349087][ C1] ? do_syscall_64+0x1c/0xe0 [ 973.353961][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 973.359927][ C1] do_syscall_64+0x60/0xe0 [ 973.364350][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 973.370309][ C1] RIP: 0033:0x45cb29 [ 973.374458][ C1] Code: Bad RIP value. [ 973.378703][ C1] RSP: 002b:00007fd4292bdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 973.387107][ C1] RAX: ffffffffffffffda RBX: 00000000004db560 RCX: 000000000045cb29 [ 973.395079][ C1] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 00000000e1004d7c [ 973.403301][ C1] RBP: 000000000078bf00 R08: ffffffffffffffff R09: 0000000000000000 [ 973.411253][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 973.419204][ C1] R13: 000000000000007c R14: 00000000004c34ba R15: 00007fd4292be6d4 [ 973.427189][ C1] syz-executor.2 S29056 12888 12854 0x00000000 [ 973.433595][ C1] Call Trace: [ 973.436868][ C1] __schedule+0x8e1/0x1eb0 [ 973.441265][ C1] ? io_schedule_timeout+0x140/0x140 [ 973.446558][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 973.452017][ C1] schedule+0xd0/0x2a0 [ 973.456186][ C1] futex_wait_queue_me+0x2a7/0x570 [ 973.461286][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 973.466489][ C1] ? lock_downgrade+0x820/0x820 [ 973.471339][ C1] futex_wait+0x1df/0x560 [ 973.475648][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 973.480651][ C1] ? finish_task_switch+0x147/0x750 [ 973.485848][ C1] ? finish_task_switch+0x119/0x750 [ 973.491049][ C1] ? __switch_to+0x4fb/0xe80 [ 973.495700][ C1] ? hash_futex+0x12/0x200 [ 973.500171][ C1] ? futex_wake+0x155/0x490 [ 973.504680][ C1] ? asm_sysvec_reschedule_ipi+0x12/0x20 [ 973.510307][ C1] do_futex+0x15b/0x1a60 [ 973.514756][ C1] ? lock_release+0x481/0x8d0 [ 973.519545][ C1] ? futex_exit_release+0x220/0x220 [ 973.524740][ C1] ? lock_downgrade+0x820/0x820 [ 973.529603][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 973.535820][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 973.540828][ C1] ? __might_fault+0x190/0x1d0 [ 973.545577][ C1] ? _copy_to_user+0x126/0x160 [ 973.550408][ C1] __x64_sys_futex+0x378/0x4e0 [ 973.555162][ C1] ? do_futex+0x1a60/0x1a60 [ 973.559662][ C1] ? lock_is_held_type+0xb0/0xe0 [ 973.564589][ C1] ? do_syscall_64+0x1c/0xe0 [ 973.569157][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 973.575138][ C1] do_syscall_64+0x60/0xe0 [ 973.579636][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 973.585526][ C1] RIP: 0033:0x45cb29 [ 973.589391][ C1] Code: Bad RIP value. [ 973.593430][ C1] RSP: 002b:00007fd4292bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 973.601832][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 973.609795][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 973.617764][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 973.625807][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 973.635002][ C1] R13: 0000000000c9fb6f R14: 00007fd4292be9c0 R15: 000000000078bf0c [ 973.642997][ C1] syz-executor.1 S28928 12910 6984 0x00000000 [ 973.649313][ C1] Call Trace: [ 973.652664][ C1] __schedule+0x8e1/0x1eb0 [ 973.657210][ C1] ? io_schedule_timeout+0x140/0x140 [ 973.662492][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 973.667948][ C1] schedule+0xd0/0x2a0 [ 973.672013][ C1] futex_wait_queue_me+0x2a7/0x570 [ 973.677107][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 973.682547][ C1] ? find_held_lock+0x2d/0x110 [ 973.687295][ C1] futex_wait+0x1df/0x560 [ 973.691613][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 973.696620][ C1] ? mark_lock+0xbc/0x1710 [ 973.701014][ C1] ? hash_futex+0x12/0x200 [ 973.705411][ C1] ? futex_wake+0x155/0x490 [ 973.710085][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 973.715116][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 973.721076][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 973.726950][ C1] do_futex+0x15b/0x1a60 [ 973.731179][ C1] ? lock_acquire+0x1f1/0xad0 [ 973.736064][ C1] ? __might_fault+0xef/0x1d0 [ 973.741205][ C1] ? find_held_lock+0x2d/0x110 [ 973.745986][ C1] ? futex_exit_release+0x220/0x220 [ 973.751204][ C1] ? lock_downgrade+0x820/0x820 [ 973.756040][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 973.762362][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 973.767542][ C1] ? __might_fault+0x190/0x1d0 [ 973.772314][ C1] ? _copy_to_user+0x126/0x160 [ 973.777071][ C1] __x64_sys_futex+0x378/0x4e0 [ 973.781844][ C1] ? do_futex+0x1a60/0x1a60 [ 973.786418][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 973.792045][ C1] ? lock_is_held_type+0xb0/0xe0 [ 973.797079][ C1] ? do_syscall_64+0x1c/0xe0 [ 973.801667][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 973.807648][ C1] do_syscall_64+0x60/0xe0 [ 973.812050][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 973.817935][ C1] RIP: 0033:0x45cb29 [ 973.821799][ C1] Code: Bad RIP value. [ 973.825879][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 973.834300][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 973.842267][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 973.850236][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 973.858221][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 973.867594][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 973.877781][ C1] syz-executor.1 S29976 12916 12910 0x00000000 [ 973.888898][ C1] Call Trace: [ 973.893127][ C1] __schedule+0x8e1/0x1eb0 [ 973.897548][ C1] ? io_schedule_timeout+0x140/0x140 [ 973.902837][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 973.908465][ C1] schedule+0xd0/0x2a0 [ 973.912516][ C1] futex_wait_queue_me+0x2a7/0x570 [ 973.917719][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 973.922915][ C1] ? futex_wake+0x1b5/0x490 [ 973.927471][ C1] ? find_held_lock+0x2d/0x110 [ 973.932256][ C1] futex_wait+0x1df/0x560 [ 973.936569][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 973.941606][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 973.946555][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 973.951743][ C1] ? futex_wake+0x155/0x490 [ 973.956331][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 973.962299][ C1] ? lock_downgrade+0x820/0x820 [ 973.967144][ C1] do_futex+0x15b/0x1a60 [ 973.971464][ C1] ? lock_acquire+0x1f1/0xad0 [ 973.976139][ C1] ? __might_fault+0xef/0x1d0 [ 973.980810][ C1] ? find_held_lock+0x2d/0x110 [ 973.985569][ C1] ? futex_exit_release+0x220/0x220 [ 973.990762][ C1] ? lock_downgrade+0x820/0x820 [ 973.995606][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 974.001827][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 974.006834][ C1] ? __might_fault+0x190/0x1d0 [ 974.011577][ C1] ? _copy_to_user+0x126/0x160 [ 974.016329][ C1] __x64_sys_futex+0x378/0x4e0 [ 974.021075][ C1] ? do_futex+0x1a60/0x1a60 [ 974.025560][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 974.031171][ C1] ? lock_is_held_type+0xb0/0xe0 [ 974.036088][ C1] ? do_syscall_64+0x1c/0xe0 [ 974.040666][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 974.046628][ C1] do_syscall_64+0x60/0xe0 [ 974.051023][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 974.057091][ C1] RIP: 0033:0x45cb29 [ 974.060973][ C1] Code: Bad RIP value. [ 974.065023][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 974.073512][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 974.081485][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 974.089442][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 974.097391][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 974.105341][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 974.113305][ C1] syz-executor.1 S29976 12938 6984 0x00000000 [ 974.119616][ C1] Call Trace: [ 974.122896][ C1] __schedule+0x8e1/0x1eb0 [ 974.127292][ C1] ? io_schedule_timeout+0x140/0x140 [ 974.132554][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 974.138081][ C1] schedule+0xd0/0x2a0 [ 974.142129][ C1] futex_wait_queue_me+0x2a7/0x570 [ 974.147242][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 974.152433][ C1] futex_wait+0x1df/0x560 [ 974.156753][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 974.161761][ C1] ? mark_lock+0xbc/0x1710 [ 974.166173][ C1] ? hash_futex+0x12/0x200 [ 974.170586][ C1] ? futex_wake+0x155/0x490 [ 974.175065][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 974.180077][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 974.186049][ C1] ? lock_downgrade+0x820/0x820 [ 974.190881][ C1] do_futex+0x15b/0x1a60 [ 974.195197][ C1] ? lock_acquire+0x1f1/0xad0 [ 974.199854][ C1] ? __might_fault+0xef/0x1d0 [ 974.204695][ C1] ? find_held_lock+0x2d/0x110 [ 974.209450][ C1] ? futex_exit_release+0x220/0x220 [ 974.214632][ C1] ? lock_downgrade+0x820/0x820 [ 974.219481][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 974.225702][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 974.230711][ C1] ? __might_fault+0x190/0x1d0 [ 974.235456][ C1] ? _copy_to_user+0x126/0x160 [ 974.240202][ C1] __x64_sys_futex+0x378/0x4e0 [ 974.244963][ C1] ? do_futex+0x1a60/0x1a60 [ 974.249445][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 974.255071][ C1] ? lock_is_held_type+0xb0/0xe0 [ 974.260444][ C1] ? do_syscall_64+0x1c/0xe0 [ 974.265026][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 974.270985][ C1] do_syscall_64+0x60/0xe0 [ 974.275516][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 974.281395][ C1] RIP: 0033:0x45cb29 [ 974.285261][ C1] Code: Bad RIP value. [ 974.289450][ C1] RSP: 002b:00007f57eae5ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 974.297855][ C1] RAX: ffffffffffffffda RBX: 000000000078c0e8 RCX: 000000000045cb29 [ 974.305807][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c0e8 [ 974.313944][ C1] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 974.321946][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c0ec [ 974.329898][ C1] R13: 0000000000c9fb6f R14: 00007f57eae5f9c0 R15: 000000000078c0ec [ 974.337861][ C1] syz-executor.1 S28280 12950 6984 0x00000000 [ 974.344175][ C1] Call Trace: [ 974.347490][ C1] __schedule+0x8e1/0x1eb0 [ 974.351890][ C1] ? io_schedule_timeout+0x140/0x140 [ 974.357249][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 974.363038][ C1] schedule+0xd0/0x2a0 [ 974.367086][ C1] schedule_timeout+0x1d8/0x250 [ 974.371912][ C1] ? usleep_range+0x170/0x170 [ 974.376565][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 974.381652][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 974.387481][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 974.393307][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 974.398940][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 974.404742][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 974.410707][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 974.416522][ C1] ? skb_free_datagram+0xf0/0xf0 [ 974.421466][ C1] ? proto_seq_start+0x50/0x50 [ 974.426211][ C1] ? skb_segment.cold+0x38/0x38 [ 974.431044][ C1] ? mark_lock+0xbc/0x1710 [ 974.435440][ C1] __skb_recv_datagram+0x171/0x220 [ 974.440533][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 974.446145][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 974.451268][ C1] ? __schedule+0x887/0x1eb0 [ 974.455838][ C1] ? lock_is_held_type+0xb0/0xe0 [ 974.460761][ C1] skb_recv_datagram+0xa7/0xe0 [ 974.465505][ C1] ? __skb_recv_datagram+0x220/0x220 [ 974.470788][ C1] ? aa_sk_perm+0x316/0xaa0 [ 974.475267][ C1] ? __might_fault+0xef/0x1d0 [ 974.479923][ C1] raw_recvmsg+0xab/0x550 [ 974.484232][ C1] ? raw_release+0x890/0x890 [ 974.488801][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 974.494263][ C1] ? raw_release+0x890/0x890 [ 974.498840][ C1] ____sys_recvmsg+0x2c4/0x640 [ 974.503657][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 974.509535][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 974.515152][ C1] ? import_iovec+0x23b/0x3d0 [ 974.519933][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 974.525261][ C1] ___sys_recvmsg+0x127/0x200 [ 974.529923][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 974.535552][ C1] ? lock_downgrade+0x820/0x820 [ 974.540398][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 974.545416][ C1] ? __fget_files+0x294/0x400 [ 974.550073][ C1] ? __fget_light+0xea/0x280 [ 974.554695][ C1] do_recvmmsg+0x24d/0x6d0 [ 974.559091][ C1] ? ___sys_recvmsg+0x200/0x200 [ 974.565097][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 974.571327][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 974.576584][ C1] ? put_timespec64+0xcb/0x120 [ 974.581326][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 974.586220][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 974.591222][ C1] ? __do_sys_socketcall+0x550/0x550 [ 974.596489][ C1] ? lock_is_held_type+0xb0/0xe0 [ 974.601510][ C1] ? do_syscall_64+0x1c/0xe0 [ 974.606131][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 974.612131][ C1] do_syscall_64+0x60/0xe0 [ 974.616542][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 974.622409][ C1] RIP: 0033:0x45cb29 [ 974.626294][ C1] Code: Bad RIP value. [ 974.630517][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 974.638907][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 974.646876][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 974.654825][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 974.662790][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 974.670740][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 974.678718][ C1] syz-executor.1 S29976 12952 12950 0x00000000 [ 974.685049][ C1] Call Trace: [ 974.688325][ C1] __schedule+0x8e1/0x1eb0 [ 974.692724][ C1] ? io_schedule_timeout+0x140/0x140 [ 974.697989][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 974.703549][ C1] schedule+0xd0/0x2a0 [ 974.707619][ C1] futex_wait_queue_me+0x2a7/0x570 [ 974.712716][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 974.717894][ C1] futex_wait+0x1df/0x560 [ 974.722202][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 974.727293][ C1] ? mark_lock+0xbc/0x1710 [ 974.731685][ C1] ? hash_futex+0x12/0x200 [ 974.736079][ C1] ? futex_wake+0x155/0x490 [ 974.740578][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 974.745598][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 974.751570][ C1] ? lock_downgrade+0x820/0x820 [ 974.756679][ C1] do_futex+0x15b/0x1a60 [ 974.761196][ C1] ? lock_acquire+0x1f1/0xad0 [ 974.765870][ C1] ? __might_fault+0xef/0x1d0 [ 974.770547][ C1] ? find_held_lock+0x2d/0x110 [ 974.775317][ C1] ? futex_exit_release+0x220/0x220 [ 974.780683][ C1] ? lock_downgrade+0x820/0x820 [ 974.785530][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 974.791765][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 974.796790][ C1] ? __might_fault+0x190/0x1d0 [ 974.801555][ C1] ? _copy_to_user+0x126/0x160 [ 974.806301][ C1] __x64_sys_futex+0x378/0x4e0 [ 974.811061][ C1] ? do_futex+0x1a60/0x1a60 [ 974.815727][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 974.821358][ C1] ? lock_is_held_type+0xb0/0xe0 [ 974.826289][ C1] ? do_syscall_64+0x1c/0xe0 [ 974.830879][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 974.836860][ C1] do_syscall_64+0x60/0xe0 [ 974.841271][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 974.847141][ C1] RIP: 0033:0x45cb29 [ 974.851009][ C1] Code: Bad RIP value. [ 974.855051][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 974.863453][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 974.872024][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 974.879981][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 974.887950][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 974.895933][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 974.904160][ C1] syz-executor.1 S29728 12960 12950 0x00000000 [ 974.910487][ C1] Call Trace: [ 974.913771][ C1] __schedule+0x8e1/0x1eb0 [ 974.918183][ C1] ? io_schedule_timeout+0x140/0x140 [ 974.923452][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 974.928912][ C1] schedule+0xd0/0x2a0 [ 974.932960][ C1] futex_wait_queue_me+0x2a7/0x570 [ 974.938096][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 974.943270][ C1] ? trace_pelt_se_tp+0x196/0x210 [ 974.948290][ C1] futex_wait+0x1df/0x560 [ 974.952617][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 974.957622][ C1] ? mark_lock+0xbc/0x1710 [ 974.962025][ C1] ? hash_futex+0x12/0x200 [ 974.966433][ C1] ? futex_wake+0x155/0x490 [ 974.970927][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 974.976912][ C1] ? lock_acquire+0x1f1/0xad0 [ 974.981572][ C1] ? __hrtimer_run_queues+0x252/0xfc0 [ 974.986946][ C1] do_futex+0x15b/0x1a60 [ 974.991173][ C1] ? find_held_lock+0x2d/0x110 [ 974.995946][ C1] ? ktime_get+0x3e/0x120 [ 975.000256][ C1] ? lock_downgrade+0x820/0x820 [ 975.005086][ C1] ? futex_exit_release+0x220/0x220 [ 975.010264][ C1] ? __hrtimer_run_queues+0xc72/0xfc0 [ 975.015615][ C1] ? find_held_lock+0x2d/0x110 [ 975.020359][ C1] ? lockdep_hardirqs_off+0x66/0xa0 [ 975.025558][ C1] ? trace_hardirqs_off+0x27/0x210 [ 975.030665][ C1] ? read_seqcount_begin.constprop.0+0x139/0x1f0 [ 975.036992][ C1] ? ktime_get+0xd8/0x120 [ 975.041301][ C1] ? native_apic_msr_write+0x54/0x80 [ 975.046562][ C1] ? lapic_next_event+0x4d/0x80 [ 975.051417][ C1] ? clockevents_program_event+0x12b/0x350 [ 975.057220][ C1] __x64_sys_futex+0x378/0x4e0 [ 975.061969][ C1] ? do_futex+0x1a60/0x1a60 [ 975.066452][ C1] ? sched_clock_cpu+0x18/0x1b0 [ 975.071293][ C1] ? lock_is_held_type+0xb0/0xe0 [ 975.076310][ C1] ? do_syscall_64+0x1c/0xe0 [ 975.080976][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 975.087035][ C1] do_syscall_64+0x60/0xe0 [ 975.091456][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 975.097328][ C1] RIP: 0033:0x45cb29 [ 975.101378][ C1] Code: Bad RIP value. [ 975.105416][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 975.113802][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 975.121836][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 975.129803][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 975.137768][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 975.145721][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 975.153782][ C1] syz-executor.1 S29976 12964 6984 0x00000000 [ 975.160215][ C1] Call Trace: [ 975.163594][ C1] __schedule+0x8e1/0x1eb0 [ 975.168024][ C1] ? io_schedule_timeout+0x140/0x140 [ 975.173408][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 975.179038][ C1] schedule+0xd0/0x2a0 [ 975.183187][ C1] futex_wait_queue_me+0x2a7/0x570 [ 975.188804][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 975.194277][ C1] ? futex_wake+0x1b5/0x490 [ 975.198787][ C1] ? find_held_lock+0x2d/0x110 [ 975.203638][ C1] futex_wait+0x1df/0x560 [ 975.208040][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 975.213197][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 975.218484][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 975.223672][ C1] ? futex_wake+0x155/0x490 [ 975.228190][ C1] ? lock_downgrade+0x820/0x820 [ 975.233133][ C1] do_futex+0x15b/0x1a60 [ 975.237370][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 975.242561][ C1] ? _raw_spin_unlock+0x24/0x40 [ 975.247488][ C1] ? do_wp_page+0x16a/0x1950 [ 975.252165][ C1] ? futex_exit_release+0x220/0x220 [ 975.257354][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 975.262367][ C1] ? find_held_lock+0x2d/0x110 [ 975.267142][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 975.272328][ C1] ? __up_read+0x1a1/0x7b0 [ 975.276977][ C1] ? _down_write_nest_lock+0x150/0x150 [ 975.282491][ C1] __x64_sys_futex+0x378/0x4e0 [ 975.287272][ C1] ? do_futex+0x1a60/0x1a60 [ 975.291856][ C1] ? lock_is_held_type+0xb0/0xe0 [ 975.296798][ C1] ? lock_is_held_type+0xb0/0xe0 [ 975.301784][ C1] ? do_syscall_64+0x1c/0xe0 [ 975.306369][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 975.312928][ C1] do_syscall_64+0x60/0xe0 [ 975.317757][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 975.323820][ C1] RIP: 0033:0x45cb29 [ 975.327699][ C1] Code: Bad RIP value. [ 975.331763][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 975.340461][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 975.348568][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 975.356582][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 975.364759][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 975.373605][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 975.382577][ C1] syz-executor.1 S28928 12975 6984 0x00000000 [ 975.388997][ C1] Call Trace: [ 975.393084][ C1] __schedule+0x8e1/0x1eb0 [ 975.397509][ C1] ? io_schedule_timeout+0x140/0x140 [ 975.402782][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 975.408346][ C1] schedule+0xd0/0x2a0 [ 975.412445][ C1] futex_wait_queue_me+0x2a7/0x570 [ 975.418228][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 975.423984][ C1] ? find_held_lock+0x2d/0x110 [ 975.429037][ C1] futex_wait+0x1df/0x560 [ 975.433748][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 975.439574][ C1] ? mark_lock+0xbc/0x1710 [ 975.446349][ C1] ? hash_futex+0x12/0x200 [ 975.453709][ C1] ? futex_wake+0x155/0x490 [ 975.459710][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 975.465081][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 975.473902][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 975.480508][ C1] do_futex+0x15b/0x1a60 [ 975.484761][ C1] ? lock_acquire+0x1f1/0xad0 [ 975.489650][ C1] ? __might_fault+0xef/0x1d0 [ 975.497750][ C1] ? find_held_lock+0x2d/0x110 [ 975.503988][ C1] ? futex_exit_release+0x220/0x220 [ 975.513323][ C1] ? lock_downgrade+0x820/0x820 [ 975.518983][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 975.525222][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 975.530266][ C1] ? __might_fault+0x190/0x1d0 [ 975.536610][ C1] ? _copy_to_user+0x126/0x160 [ 975.541376][ C1] __x64_sys_futex+0x378/0x4e0 [ 975.547320][ C1] ? do_futex+0x1a60/0x1a60 [ 975.556645][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 975.565479][ C1] ? lock_is_held_type+0xb0/0xe0 [ 975.571281][ C1] ? do_syscall_64+0x1c/0xe0 [ 975.577203][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 975.585606][ C1] do_syscall_64+0x60/0xe0 [ 975.591568][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 975.600489][ C1] RIP: 0033:0x45cb29 [ 975.605787][ C1] Code: Bad RIP value. [ 975.611447][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 975.624299][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 975.633824][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 975.644855][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 975.652895][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 975.662804][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 975.673369][ C1] syz-executor.1 S29976 12977 12975 0x00000000 [ 975.680942][ C1] Call Trace: [ 975.685043][ C1] __schedule+0x8e1/0x1eb0 [ 975.690155][ C1] ? io_schedule_timeout+0x140/0x140 [ 975.695488][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 975.701075][ C1] schedule+0xd0/0x2a0 [ 975.705788][ C1] futex_wait_queue_me+0x2a7/0x570 [ 975.712161][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 975.717678][ C1] ? futex_wake+0x1b5/0x490 [ 975.722189][ C1] ? find_held_lock+0x2d/0x110 [ 975.726951][ C1] futex_wait+0x1df/0x560 [ 975.732565][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 975.739461][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 975.745053][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 975.752198][ C1] ? futex_wake+0x155/0x490 [ 975.756904][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 975.763372][ C1] ? lock_downgrade+0x820/0x820 [ 975.768361][ C1] do_futex+0x15b/0x1a60 [ 975.773316][ C1] ? lock_acquire+0x1f1/0xad0 [ 975.778392][ C1] ? __might_fault+0xef/0x1d0 [ 975.783697][ C1] ? find_held_lock+0x2d/0x110 [ 975.788551][ C1] ? futex_exit_release+0x220/0x220 [ 975.794132][ C1] ? lock_downgrade+0x820/0x820 [ 975.803362][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 975.810840][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 975.816142][ C1] ? __might_fault+0x190/0x1d0 [ 975.822078][ C1] ? _copy_to_user+0x126/0x160 [ 975.826984][ C1] __x64_sys_futex+0x378/0x4e0 [ 975.832245][ C1] ? do_futex+0x1a60/0x1a60 [ 975.838684][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 975.845282][ C1] ? lock_is_held_type+0xb0/0xe0 [ 975.850558][ C1] ? do_syscall_64+0x1c/0xe0 [ 975.855271][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 975.865842][ C1] do_syscall_64+0x60/0xe0 [ 975.874747][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 975.881188][ C1] RIP: 0033:0x45cb29 [ 975.885237][ C1] Code: Bad RIP value. [ 975.890622][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 975.901437][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 975.909981][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 975.919105][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 975.928630][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 975.938694][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 975.946765][ C1] syz-executor.1 S29976 12986 6984 0x00000000 [ 975.953092][ C1] Call Trace: [ 975.956580][ C1] __schedule+0x8e1/0x1eb0 [ 975.961950][ C1] ? io_schedule_timeout+0x140/0x140 [ 975.968417][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 975.975008][ C1] schedule+0xd0/0x2a0 [ 975.979076][ C1] futex_wait_queue_me+0x2a7/0x570 [ 975.984734][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 975.992016][ C1] futex_wait+0x1df/0x560 [ 975.996977][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 976.003988][ C1] ? mark_lock+0xbc/0x1710 [ 976.008402][ C1] ? hash_futex+0x12/0x200 [ 976.012939][ C1] ? futex_wake+0x155/0x490 [ 976.017899][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 976.024478][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 976.031053][ C1] ? lock_downgrade+0x820/0x820 [ 976.036417][ C1] do_futex+0x15b/0x1a60 [ 976.040652][ C1] ? lock_acquire+0x1f1/0xad0 [ 976.046224][ C1] ? __might_fault+0xef/0x1d0 [ 976.052379][ C1] ? find_held_lock+0x2d/0x110 [ 976.058281][ C1] ? futex_exit_release+0x220/0x220 [ 976.064414][ C1] ? lock_downgrade+0x820/0x820 [ 976.069265][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 976.075503][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 976.081645][ C1] ? __might_fault+0x190/0x1d0 [ 976.086867][ C1] ? _copy_to_user+0x126/0x160 [ 976.091632][ C1] __x64_sys_futex+0x378/0x4e0 [ 976.096392][ C1] ? do_futex+0x1a60/0x1a60 [ 976.101746][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 976.107911][ C1] ? lock_is_held_type+0xb0/0xe0 [ 976.113462][ C1] ? do_syscall_64+0x1c/0xe0 [ 976.118114][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 976.124089][ C1] do_syscall_64+0x60/0xe0 [ 976.130240][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 976.136940][ C1] RIP: 0033:0x45cb29 [ 976.141305][ C1] Code: Bad RIP value. [ 976.147860][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 976.157110][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 976.165538][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 976.175723][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 976.184179][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 976.192715][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 976.200908][ C1] syz-executor.1 S29976 12993 6984 0x00000000 [ 976.208273][ C1] Call Trace: [ 976.212175][ C1] __schedule+0x8e1/0x1eb0 [ 976.216861][ C1] ? io_schedule_timeout+0x140/0x140 [ 976.222532][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 976.228559][ C1] schedule+0xd0/0x2a0 [ 976.233260][ C1] futex_wait_queue_me+0x2a7/0x570 [ 976.238988][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 976.244461][ C1] futex_wait+0x1df/0x560 [ 976.248873][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 976.254913][ C1] ? mark_lock+0xbc/0x1710 [ 976.259865][ C1] ? hash_futex+0x12/0x200 [ 976.264271][ C1] ? futex_wake+0x155/0x490 [ 976.268952][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 976.274083][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 976.280498][ C1] ? lock_downgrade+0x820/0x820 [ 976.285373][ C1] do_futex+0x15b/0x1a60 [ 976.290028][ C1] ? lock_acquire+0x1f1/0xad0 [ 976.294944][ C1] ? __might_fault+0xef/0x1d0 [ 976.299717][ C1] ? find_held_lock+0x2d/0x110 [ 976.304992][ C1] ? futex_exit_release+0x220/0x220 [ 976.310521][ C1] ? lock_downgrade+0x820/0x820 [ 976.316458][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 976.324022][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 976.329199][ C1] ? __might_fault+0x190/0x1d0 [ 976.334448][ C1] ? _copy_to_user+0x126/0x160 [ 976.340239][ C1] __x64_sys_futex+0x378/0x4e0 [ 976.345007][ C1] ? do_futex+0x1a60/0x1a60 [ 976.349589][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 976.356314][ C1] ? lock_is_held_type+0xb0/0xe0 [ 976.361426][ C1] ? do_syscall_64+0x1c/0xe0 [ 976.366180][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 976.372166][ C1] do_syscall_64+0x60/0xe0 [ 976.376930][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 976.383024][ C1] RIP: 0033:0x45cb29 [ 976.387388][ C1] Code: Bad RIP value. [ 976.391579][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 976.400200][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 976.408254][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 976.417382][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 976.425516][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 976.434016][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 976.441997][ C1] syz-executor.1 S29128 12995 6984 0x00000000 [ 976.448461][ C1] Call Trace: [ 976.451864][ C1] __schedule+0x8e1/0x1eb0 [ 976.456307][ C1] ? io_schedule_timeout+0x140/0x140 [ 976.461643][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 976.467133][ C1] schedule+0xd0/0x2a0 [ 976.471285][ C1] futex_wait_queue_me+0x2a7/0x570 [ 976.476385][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 976.481921][ C1] futex_wait+0x1df/0x560 [ 976.486450][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 976.491564][ C1] ? hash_futex+0x12/0x200 [ 976.496523][ C1] ? futex_wake+0x155/0x490 [ 976.501248][ C1] ? lock_downgrade+0x820/0x820 [ 976.506312][ C1] do_futex+0x15b/0x1a60 [ 976.510546][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 976.516021][ C1] ? _raw_spin_unlock+0x24/0x40 [ 976.520868][ C1] ? do_wp_page+0x16a/0x1950 [ 976.525518][ C1] ? futex_exit_release+0x220/0x220 [ 976.530995][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 976.536026][ C1] ? find_held_lock+0x2d/0x110 [ 976.540786][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 976.546370][ C1] ? __up_read+0x1a1/0x7b0 [ 976.550790][ C1] ? _down_write_nest_lock+0x150/0x150 [ 976.556245][ C1] __x64_sys_futex+0x378/0x4e0 [ 976.561072][ C1] ? do_futex+0x1a60/0x1a60 [ 976.565585][ C1] ? lock_is_held_type+0xb0/0xe0 [ 976.570583][ C1] ? lock_is_held_type+0xb0/0xe0 [ 976.576037][ C1] ? do_syscall_64+0x1c/0xe0 [ 976.580749][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 976.586838][ C1] do_syscall_64+0x60/0xe0 [ 976.591672][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 976.597617][ C1] RIP: 0033:0x45cb29 [ 976.601492][ C1] Code: Bad RIP value. [ 976.605583][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 976.614146][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 976.622345][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 976.630788][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 976.638761][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 976.647566][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 976.655557][ C1] syz-executor.1 S29976 13003 6984 0x00000000 [ 976.662464][ C1] Call Trace: [ 976.665981][ C1] __schedule+0x8e1/0x1eb0 [ 976.670670][ C1] ? io_schedule_timeout+0x140/0x140 [ 976.676080][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 976.681712][ C1] schedule+0xd0/0x2a0 [ 976.686346][ C1] futex_wait_queue_me+0x2a7/0x570 [ 976.692765][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 976.699146][ C1] ? futex_wake+0x1b5/0x490 [ 976.703841][ C1] ? find_held_lock+0x2d/0x110 [ 976.708602][ C1] futex_wait+0x1df/0x560 [ 976.712976][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 976.718079][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 976.723618][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 976.729258][ C1] ? futex_wake+0x155/0x490 [ 976.733796][ C1] ? lock_downgrade+0x820/0x820 [ 976.738640][ C1] do_futex+0x15b/0x1a60 [ 976.742868][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 976.748133][ C1] ? _raw_spin_unlock+0x24/0x40 [ 976.753675][ C1] ? do_wp_page+0x16a/0x1950 [ 976.759924][ C1] ? futex_exit_release+0x220/0x220 [ 976.766636][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 976.771690][ C1] ? find_held_lock+0x2d/0x110 [ 976.777098][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 976.782466][ C1] ? __up_read+0x1a1/0x7b0 [ 976.786910][ C1] ? _down_write_nest_lock+0x150/0x150 [ 976.792878][ C1] __x64_sys_futex+0x378/0x4e0 [ 976.797725][ C1] ? do_futex+0x1a60/0x1a60 [ 976.802220][ C1] ? lock_is_held_type+0xb0/0xe0 [ 976.807146][ C1] ? lock_is_held_type+0xb0/0xe0 [ 976.812156][ C1] ? do_syscall_64+0x1c/0xe0 [ 976.816823][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 976.822796][ C1] do_syscall_64+0x60/0xe0 [ 976.827378][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 976.833433][ C1] RIP: 0033:0x45cb29 [ 976.837370][ C1] Code: Bad RIP value. [ 976.841563][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 976.849979][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 976.858249][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 976.866420][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 976.874485][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 976.883380][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 976.891454][ C1] syz-executor.1 S29976 13007 6984 0x00000000 [ 976.898695][ C1] Call Trace: [ 976.902527][ C1] __schedule+0x8e1/0x1eb0 [ 976.907776][ C1] ? io_schedule_timeout+0x140/0x140 [ 976.914977][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 976.921124][ C1] schedule+0xd0/0x2a0 [ 976.927175][ C1] futex_wait_queue_me+0x2a7/0x570 [ 976.932662][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 976.938189][ C1] ? futex_wake+0x1b5/0x490 [ 976.942687][ C1] ? find_held_lock+0x2d/0x110 [ 976.947578][ C1] futex_wait+0x1df/0x560 [ 976.951905][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 976.957398][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 976.962961][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 976.968926][ C1] ? futex_wake+0x155/0x490 [ 976.974051][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 976.981204][ C1] ? lock_downgrade+0x820/0x820 [ 976.986429][ C1] do_futex+0x15b/0x1a60 [ 976.990672][ C1] ? lock_acquire+0x1f1/0xad0 [ 976.995341][ C1] ? __might_fault+0xef/0x1d0 [ 977.000012][ C1] ? find_held_lock+0x2d/0x110 [ 977.004852][ C1] ? futex_exit_release+0x220/0x220 [ 977.011517][ C1] ? lock_downgrade+0x820/0x820 [ 977.016485][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 977.022729][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 977.027981][ C1] ? __might_fault+0x190/0x1d0 [ 977.034594][ C1] ? _copy_to_user+0x126/0x160 [ 977.039914][ C1] __x64_sys_futex+0x378/0x4e0 [ 977.045150][ C1] ? do_futex+0x1a60/0x1a60 [ 977.049809][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 977.055710][ C1] ? lock_is_held_type+0xb0/0xe0 [ 977.061697][ C1] ? do_syscall_64+0x1c/0xe0 [ 977.067802][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 977.078676][ C1] do_syscall_64+0x60/0xe0 [ 977.083561][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 977.092556][ C1] RIP: 0033:0x45cb29 [ 977.097230][ C1] Code: Bad RIP value. [ 977.102536][ C1] RSP: 002b:00007f57eae5ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 977.110968][ C1] RAX: ffffffffffffffda RBX: 000000000078c0e8 RCX: 000000000045cb29 [ 977.119638][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c0e8 [ 977.128946][ C1] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 977.137738][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c0ec [ 977.146433][ C1] R13: 0000000000c9fb6f R14: 00007f57eae5f9c0 R15: 000000000078c0ec [ 977.154673][ C1] syz-executor.1 S28896 13032 6984 0x00000000 [ 977.161115][ C1] Call Trace: [ 977.166551][ C1] __schedule+0x8e1/0x1eb0 [ 977.171784][ C1] ? io_schedule_timeout+0x140/0x140 [ 977.178338][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 977.185038][ C1] schedule+0xd0/0x2a0 [ 977.190094][ C1] schedule_timeout+0x1d8/0x250 [ 977.196537][ C1] ? usleep_range+0x170/0x170 [ 977.203134][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 977.211626][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 977.219576][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 977.226729][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 977.235146][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 977.242697][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 977.248672][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 977.254473][ C1] ? skb_free_datagram+0xf0/0xf0 [ 977.259742][ C1] ? proto_seq_start+0x50/0x50 [ 977.264922][ C1] ? skb_segment.cold+0x38/0x38 [ 977.270347][ C1] ? mark_lock+0xbc/0x1710 [ 977.276117][ C1] __skb_recv_datagram+0x171/0x220 [ 977.281996][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 977.287851][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 977.293782][ C1] ? __schedule+0x887/0x1eb0 [ 977.298367][ C1] ? lock_is_held_type+0xb0/0xe0 [ 977.303339][ C1] skb_recv_datagram+0xa7/0xe0 [ 977.308243][ C1] ? __skb_recv_datagram+0x220/0x220 [ 977.314053][ C1] ? aa_sk_perm+0x316/0xaa0 [ 977.320573][ C1] ? __might_fault+0xef/0x1d0 [ 977.326588][ C1] raw_recvmsg+0xab/0x550 [ 977.330922][ C1] ? raw_release+0x890/0x890 [ 977.336315][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 977.342714][ C1] ? raw_release+0x890/0x890 [ 977.349920][ C1] ____sys_recvmsg+0x2c4/0x640 [ 977.357818][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 977.367003][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 977.374490][ C1] ? import_iovec+0x23b/0x3d0 [ 977.381401][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 977.386706][ C1] ___sys_recvmsg+0x127/0x200 [ 977.391378][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 977.397057][ C1] ? lock_downgrade+0x820/0x820 [ 977.402048][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 977.407836][ C1] ? __fget_files+0x294/0x400 [ 977.413897][ C1] ? __fget_light+0xea/0x280 [ 977.419321][ C1] do_recvmmsg+0x24d/0x6d0 [ 977.424339][ C1] ? ___sys_recvmsg+0x200/0x200 [ 977.430143][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 977.436474][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 977.441500][ C1] ? put_timespec64+0xcb/0x120 [ 977.446386][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 977.451233][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 977.458449][ C1] ? __do_sys_socketcall+0x550/0x550 [ 977.467008][ C1] ? lock_is_held_type+0xb0/0xe0 [ 977.472668][ C1] ? do_syscall_64+0x1c/0xe0 [ 977.478284][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 977.485053][ C1] do_syscall_64+0x60/0xe0 [ 977.493178][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 977.502548][ C1] RIP: 0033:0x45cb29 [ 977.507107][ C1] Code: Bad RIP value. [ 977.512295][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 977.523248][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 977.531216][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 977.539181][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 977.548717][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 977.557566][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 977.566550][ C1] syz-executor.1 S29976 13035 13032 0x00000000 [ 977.573947][ C1] Call Trace: [ 977.577245][ C1] __schedule+0x8e1/0x1eb0 [ 977.581832][ C1] ? io_schedule_timeout+0x140/0x140 [ 977.587122][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 977.592583][ C1] schedule+0xd0/0x2a0 [ 977.597430][ C1] futex_wait_queue_me+0x2a7/0x570 [ 977.605143][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 977.610517][ C1] ? futex_wake+0x1b5/0x490 [ 977.615328][ C1] ? find_held_lock+0x2d/0x110 [ 977.620089][ C1] futex_wait+0x1df/0x560 [ 977.624529][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 977.631014][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 977.636594][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 977.644580][ C1] ? futex_wake+0x155/0x490 [ 977.654372][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 977.663267][ C1] ? lock_downgrade+0x820/0x820 [ 977.671378][ C1] do_futex+0x15b/0x1a60 [ 977.677498][ C1] ? lock_acquire+0x1f1/0xad0 [ 977.682215][ C1] ? __might_fault+0xef/0x1d0 [ 977.686889][ C1] ? find_held_lock+0x2d/0x110 [ 977.691889][ C1] ? futex_exit_release+0x220/0x220 [ 977.697250][ C1] ? lock_downgrade+0x820/0x820 [ 977.703847][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 977.713542][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 977.718904][ C1] ? __might_fault+0x190/0x1d0 [ 977.725312][ C1] ? _copy_to_user+0x126/0x160 [ 977.730545][ C1] __x64_sys_futex+0x378/0x4e0 [ 977.735311][ C1] ? do_futex+0x1a60/0x1a60 [ 977.739806][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 977.745479][ C1] ? lock_is_held_type+0xb0/0xe0 [ 977.750548][ C1] ? do_syscall_64+0x1c/0xe0 [ 977.759369][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 977.767512][ C1] do_syscall_64+0x60/0xe0 [ 977.772711][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 977.781978][ C1] RIP: 0033:0x45cb29 [ 977.788504][ C1] Code: Bad RIP value. [ 977.793852][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 977.804533][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 977.812521][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 977.820488][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 977.828922][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 977.839996][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 977.849842][ C1] syz-executor.1 S29976 13049 6984 0x00000000 [ 977.856792][ C1] Call Trace: [ 977.860078][ C1] __schedule+0x8e1/0x1eb0 [ 977.864549][ C1] ? io_schedule_timeout+0x140/0x140 [ 977.869831][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 977.875466][ C1] schedule+0xd0/0x2a0 [ 977.879540][ C1] futex_wait_queue_me+0x2a7/0x570 [ 977.884755][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 977.891588][ C1] futex_wait+0x1df/0x560 [ 977.896092][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 977.901419][ C1] ? mark_lock+0xbc/0x1710 [ 977.906084][ C1] ? hash_futex+0x12/0x200 [ 977.911331][ C1] ? futex_wake+0x155/0x490 [ 977.915833][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 977.920861][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 977.927200][ C1] ? lock_downgrade+0x820/0x820 [ 977.932055][ C1] do_futex+0x15b/0x1a60 [ 977.936394][ C1] ? lock_acquire+0x1f1/0xad0 [ 977.941061][ C1] ? __might_fault+0xef/0x1d0 [ 977.945732][ C1] ? find_held_lock+0x2d/0x110 [ 977.950486][ C1] ? futex_exit_release+0x220/0x220 [ 977.955999][ C1] ? lock_downgrade+0x820/0x820 [ 977.961479][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 977.967928][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 977.973028][ C1] ? __might_fault+0x190/0x1d0 [ 977.978051][ C1] ? _copy_to_user+0x126/0x160 [ 977.983147][ C1] __x64_sys_futex+0x378/0x4e0 [ 977.988646][ C1] ? do_futex+0x1a60/0x1a60 [ 977.993468][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 977.999106][ C1] ? lock_is_held_type+0xb0/0xe0 [ 978.004036][ C1] ? do_syscall_64+0x1c/0xe0 [ 978.008619][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 978.014600][ C1] do_syscall_64+0x60/0xe0 [ 978.019326][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 978.025215][ C1] RIP: 0033:0x45cb29 [ 978.029314][ C1] Code: Bad RIP value. [ 978.033368][ C1] RSP: 002b:00007f57eae5ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 978.041771][ C1] RAX: ffffffffffffffda RBX: 000000000078c0e8 RCX: 000000000045cb29 [ 978.051139][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c0e8 [ 978.059525][ C1] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 978.067490][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c0ec [ 978.075770][ C1] R13: 0000000000c9fb6f R14: 00007f57eae5f9c0 R15: 000000000078c0ec [ 978.086079][ C1] syz-executor.1 S28280 13057 6984 0x00000000 [ 978.094184][ C1] Call Trace: [ 978.099184][ C1] __schedule+0x8e1/0x1eb0 [ 978.104106][ C1] ? io_schedule_timeout+0x140/0x140 [ 978.109436][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 978.114891][ C1] schedule+0xd0/0x2a0 [ 978.118966][ C1] futex_wait_queue_me+0x2a7/0x570 [ 978.124312][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 978.131180][ C1] ? find_held_lock+0x2d/0x110 [ 978.136826][ C1] futex_wait+0x1df/0x560 [ 978.141708][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 978.147260][ C1] ? mark_lock+0xbc/0x1710 [ 978.152718][ C1] ? hash_futex+0x12/0x200 [ 978.158304][ C1] ? futex_wake+0x155/0x490 [ 978.162803][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 978.167823][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 978.173882][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 978.179801][ C1] do_futex+0x15b/0x1a60 [ 978.184508][ C1] ? lock_acquire+0x1f1/0xad0 [ 978.189596][ C1] ? __might_fault+0xef/0x1d0 [ 978.195960][ C1] ? find_held_lock+0x2d/0x110 [ 978.201680][ C1] ? futex_exit_release+0x220/0x220 [ 978.207259][ C1] ? lock_downgrade+0x820/0x820 [ 978.214482][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 978.222474][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 978.227633][ C1] ? __might_fault+0x190/0x1d0 [ 978.232391][ C1] ? _copy_to_user+0x126/0x160 [ 978.237200][ C1] __x64_sys_futex+0x378/0x4e0 [ 978.241960][ C1] ? do_futex+0x1a60/0x1a60 [ 978.246456][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 978.252086][ C1] ? lock_is_held_type+0xb0/0xe0 [ 978.257022][ C1] ? do_syscall_64+0x1c/0xe0 [ 978.261611][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 978.268982][ C1] do_syscall_64+0x60/0xe0 [ 978.273401][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 978.279334][ C1] RIP: 0033:0x45cb29 [ 978.283212][ C1] Code: Bad RIP value. [ 978.287266][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 978.296950][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 978.305084][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 978.313063][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 978.321336][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 978.329479][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 978.338821][ C1] syz-executor.1 S29976 13060 13057 0x00000000 [ 978.345326][ C1] Call Trace: [ 978.348686][ C1] __schedule+0x8e1/0x1eb0 [ 978.353223][ C1] ? io_schedule_timeout+0x140/0x140 [ 978.358499][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 978.363952][ C1] schedule+0xd0/0x2a0 [ 978.368011][ C1] futex_wait_queue_me+0x2a7/0x570 [ 978.375325][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 978.381152][ C1] futex_wait+0x1df/0x560 [ 978.386638][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 978.393135][ C1] ? mark_lock+0xbc/0x1710 [ 978.398675][ C1] ? hash_futex+0x12/0x200 [ 978.404253][ C1] ? futex_wake+0x155/0x490 [ 978.408756][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 978.413824][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 978.419844][ C1] ? lock_downgrade+0x820/0x820 [ 978.424688][ C1] do_futex+0x15b/0x1a60 [ 978.428963][ C1] ? lock_acquire+0x1f1/0xad0 [ 978.433635][ C1] ? __might_fault+0xef/0x1d0 [ 978.438300][ C1] ? find_held_lock+0x2d/0x110 [ 978.443052][ C1] ? futex_exit_release+0x220/0x220 [ 978.448240][ C1] ? lock_downgrade+0x820/0x820 [ 978.454409][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 978.460704][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 978.465730][ C1] ? __might_fault+0x190/0x1d0 [ 978.470484][ C1] ? _copy_to_user+0x126/0x160 [ 978.475371][ C1] __x64_sys_futex+0x378/0x4e0 [ 978.481144][ C1] ? do_futex+0x1a60/0x1a60 [ 978.485768][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 978.491932][ C1] ? lock_is_held_type+0xb0/0xe0 [ 978.496956][ C1] ? do_syscall_64+0x1c/0xe0 [ 978.502101][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 978.508279][ C1] do_syscall_64+0x60/0xe0 [ 978.512810][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 978.518691][ C1] RIP: 0033:0x45cb29 [ 978.522568][ C1] Code: Bad RIP value. [ 978.526617][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 978.536085][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 978.544082][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 978.552777][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 978.561007][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 978.568973][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 978.576950][ C1] syz-executor.1 S29976 13077 6984 0x00000000 [ 978.583273][ C1] Call Trace: [ 978.586558][ C1] __schedule+0x8e1/0x1eb0 [ 978.590968][ C1] ? io_schedule_timeout+0x140/0x140 [ 978.596328][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 978.601844][ C1] schedule+0xd0/0x2a0 [ 978.605947][ C1] futex_wait_queue_me+0x2a7/0x570 [ 978.611137][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 978.616408][ C1] ? futex_wake+0x1b5/0x490 [ 978.620950][ C1] ? find_held_lock+0x2d/0x110 [ 978.625702][ C1] futex_wait+0x1df/0x560 [ 978.630026][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 978.635649][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 978.640840][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 978.646048][ C1] ? futex_wake+0x155/0x490 [ 978.650697][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 978.657415][ C1] ? lock_downgrade+0x820/0x820 [ 978.662262][ C1] do_futex+0x15b/0x1a60 [ 978.666615][ C1] ? lock_acquire+0x1f1/0xad0 [ 978.671280][ C1] ? __might_fault+0xef/0x1d0 [ 978.675951][ C1] ? find_held_lock+0x2d/0x110 [ 978.680700][ C1] ? futex_exit_release+0x220/0x220 [ 978.686338][ C1] ? lock_downgrade+0x820/0x820 [ 978.691225][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 978.697456][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 978.702477][ C1] ? __might_fault+0x190/0x1d0 [ 978.707362][ C1] ? _copy_to_user+0x126/0x160 [ 978.712500][ C1] __x64_sys_futex+0x378/0x4e0 [ 978.718092][ C1] ? do_futex+0x1a60/0x1a60 [ 978.722798][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 978.728613][ C1] ? lock_is_held_type+0xb0/0xe0 [ 978.733819][ C1] ? do_syscall_64+0x1c/0xe0 [ 978.738805][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 978.744925][ C1] do_syscall_64+0x60/0xe0 [ 978.749730][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 978.756139][ C1] RIP: 0033:0x45cb29 [ 978.760200][ C1] Code: Bad RIP value. [ 978.764258][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 978.772753][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 978.780861][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 978.790146][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 978.803154][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 978.811430][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 978.819570][ C1] syz-executor.1 S28600 13089 6984 0x00000000 [ 978.826785][ C1] Call Trace: [ 978.830130][ C1] __schedule+0x8e1/0x1eb0 [ 978.834549][ C1] ? io_schedule_timeout+0x140/0x140 [ 978.839876][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 978.845815][ C1] schedule+0xd0/0x2a0 [ 978.849896][ C1] schedule_timeout+0x1d8/0x250 [ 978.854919][ C1] ? usleep_range+0x170/0x170 [ 978.859777][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 978.864882][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 978.870818][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 978.876990][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 978.882714][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 978.888518][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 978.894588][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 978.900479][ C1] ? skb_free_datagram+0xf0/0xf0 [ 978.905452][ C1] ? proto_seq_start+0x50/0x50 [ 978.910325][ C1] ? skb_segment.cold+0x38/0x38 [ 978.915215][ C1] ? mark_lock+0xbc/0x1710 [ 978.919625][ C1] __skb_recv_datagram+0x171/0x220 [ 978.924729][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 978.930355][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 978.935549][ C1] ? __schedule+0x887/0x1eb0 [ 978.940177][ C1] ? lock_is_held_type+0xb0/0xe0 [ 978.945345][ C1] skb_recv_datagram+0xa7/0xe0 [ 978.950136][ C1] ? __skb_recv_datagram+0x220/0x220 [ 978.955682][ C1] ? aa_sk_perm+0x316/0xaa0 [ 978.960314][ C1] ? __might_fault+0xef/0x1d0 [ 978.964987][ C1] raw_recvmsg+0xab/0x550 [ 978.969308][ C1] ? raw_release+0x890/0x890 [ 978.973889][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 978.979334][ C1] ? raw_release+0x890/0x890 [ 978.983913][ C1] ____sys_recvmsg+0x2c4/0x640 [ 978.988900][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 978.994834][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 979.000462][ C1] ? import_iovec+0x23b/0x3d0 [ 979.005128][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 979.010428][ C1] ___sys_recvmsg+0x127/0x200 [ 979.015305][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 979.021026][ C1] ? lock_downgrade+0x820/0x820 [ 979.026049][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 979.031153][ C1] ? __fget_files+0x294/0x400 [ 979.035938][ C1] ? __fget_light+0xea/0x280 [ 979.040527][ C1] do_recvmmsg+0x24d/0x6d0 [ 979.045029][ C1] ? ___sys_recvmsg+0x200/0x200 [ 979.049869][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 979.056111][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 979.061138][ C1] ? put_timespec64+0xcb/0x120 [ 979.066064][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 979.070919][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 979.075940][ C1] ? __do_sys_socketcall+0x550/0x550 [ 979.081224][ C1] ? lock_is_held_type+0xb0/0xe0 [ 979.086512][ C1] ? do_syscall_64+0x1c/0xe0 [ 979.091112][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 979.097482][ C1] do_syscall_64+0x60/0xe0 [ 979.102571][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 979.108552][ C1] RIP: 0033:0x45cb29 [ 979.112674][ C1] Code: Bad RIP value. [ 979.117307][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 979.126053][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 979.134176][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 979.142219][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 979.150353][ C1] R10: 0000000000000003 R11: 0000000000000246 R12: 00000000ffffffff [ 979.158311][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 979.166513][ C1] syz-executor.1 S29976 13092 13089 0x00000000 [ 979.173144][ C1] Call Trace: [ 979.176434][ C1] __schedule+0x8e1/0x1eb0 [ 979.180912][ C1] ? io_schedule_timeout+0x140/0x140 [ 979.186185][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 979.191727][ C1] schedule+0xd0/0x2a0 [ 979.195790][ C1] futex_wait_queue_me+0x2a7/0x570 [ 979.200912][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 979.206102][ C1] futex_wait+0x1df/0x560 [ 979.210425][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 979.215444][ C1] ? mark_lock+0xbc/0x1710 [ 979.220030][ C1] ? hash_futex+0x12/0x200 [ 979.226056][ C1] ? futex_wake+0x155/0x490 [ 979.231267][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 979.237582][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 979.245056][ C1] ? lock_downgrade+0x820/0x820 [ 979.249911][ C1] do_futex+0x15b/0x1a60 [ 979.254239][ C1] ? lock_acquire+0x1f1/0xad0 [ 979.259071][ C1] ? __might_fault+0xef/0x1d0 [ 979.264269][ C1] ? find_held_lock+0x2d/0x110 [ 979.269726][ C1] ? futex_exit_release+0x220/0x220 [ 979.276296][ C1] ? lock_downgrade+0x820/0x820 [ 979.281145][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 979.287379][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 979.292396][ C1] ? __might_fault+0x190/0x1d0 [ 979.297156][ C1] ? _copy_to_user+0x126/0x160 [ 979.301914][ C1] __x64_sys_futex+0x378/0x4e0 [ 979.306736][ C1] ? do_futex+0x1a60/0x1a60 [ 979.311322][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 979.317299][ C1] ? lock_is_held_type+0xb0/0xe0 [ 979.322252][ C1] ? do_syscall_64+0x1c/0xe0 [ 979.326930][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 979.332906][ C1] do_syscall_64+0x60/0xe0 [ 979.337315][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 979.343207][ C1] RIP: 0033:0x45cb29 [ 979.347083][ C1] Code: Bad RIP value. [ 979.351133][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 979.359585][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 979.367589][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 979.375552][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 979.383531][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 979.391644][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 979.399686][ C1] syz-executor.1 S28384 13100 13089 0x00000000 [ 979.406070][ C1] Call Trace: [ 979.409354][ C1] __schedule+0x8e1/0x1eb0 [ 979.413766][ C1] ? io_schedule_timeout+0x140/0x140 [ 979.419039][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 979.424715][ C1] schedule+0xd0/0x2a0 [ 979.428777][ C1] futex_wait_queue_me+0x2a7/0x570 [ 979.433878][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 979.439085][ C1] futex_wait+0x1df/0x560 [ 979.443414][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 979.448425][ C1] ? mark_lock+0xbc/0x1710 [ 979.452828][ C1] ? mark_lock+0xbc/0x1710 [ 979.457344][ C1] ? hash_futex+0x12/0x200 [ 979.461839][ C1] ? futex_wake+0x155/0x490 [ 979.466333][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 979.471377][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 979.477362][ C1] do_futex+0x15b/0x1a60 [ 979.481693][ C1] ? lock_acquire+0x1f1/0xad0 [ 979.486448][ C1] ? __might_fault+0xef/0x1d0 [ 979.491117][ C1] ? find_held_lock+0x2d/0x110 [ 979.497262][ C1] ? futex_exit_release+0x220/0x220 [ 979.502545][ C1] ? lock_downgrade+0x820/0x820 [ 979.507507][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 979.513889][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 979.518915][ C1] ? __might_fault+0x190/0x1d0 [ 979.523690][ C1] ? _copy_to_user+0x126/0x160 [ 979.528465][ C1] __x64_sys_futex+0x378/0x4e0 [ 979.533225][ C1] ? do_futex+0x1a60/0x1a60 [ 979.537717][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 979.543339][ C1] ? lock_is_held_type+0xb0/0xe0 [ 979.548427][ C1] ? do_syscall_64+0x1c/0xe0 [ 979.553085][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 979.559110][ C1] do_syscall_64+0x60/0xe0 [ 979.563518][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 979.569398][ C1] RIP: 0033:0x45cb29 [ 979.573318][ C1] Code: Bad RIP value. [ 979.577377][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 979.585776][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 979.593742][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 979.601750][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 979.609949][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 979.618006][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 979.625987][ C1] syz-executor.1 S29976 13102 6984 0x00000000 [ 979.632646][ C1] Call Trace: [ 979.635942][ C1] __schedule+0x8e1/0x1eb0 [ 979.640363][ C1] ? io_schedule_timeout+0x140/0x140 [ 979.645640][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 979.651271][ C1] schedule+0xd0/0x2a0 [ 979.656072][ C1] futex_wait_queue_me+0x2a7/0x570 [ 979.661554][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 979.667078][ C1] ? futex_wake+0x1b5/0x490 [ 979.671574][ C1] ? find_held_lock+0x2d/0x110 [ 979.676424][ C1] futex_wait+0x1df/0x560 [ 979.680745][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 979.685752][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 979.690831][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 979.696120][ C1] ? futex_wake+0x155/0x490 [ 979.700616][ C1] ? lock_downgrade+0x820/0x820 [ 979.705453][ C1] do_futex+0x15b/0x1a60 [ 979.709689][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 979.714882][ C1] ? _raw_spin_unlock+0x24/0x40 [ 979.719754][ C1] ? do_wp_page+0x16a/0x1950 [ 979.725159][ C1] ? futex_exit_release+0x220/0x220 [ 979.730379][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 979.735407][ C1] ? find_held_lock+0x2d/0x110 [ 979.741543][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 979.746883][ C1] ? __up_read+0x1a1/0x7b0 [ 979.751618][ C1] ? _down_write_nest_lock+0x150/0x150 [ 979.758683][ C1] __x64_sys_futex+0x378/0x4e0 [ 979.763841][ C1] ? do_futex+0x1a60/0x1a60 [ 979.768337][ C1] ? lock_is_held_type+0xb0/0xe0 [ 979.773311][ C1] ? lock_is_held_type+0xb0/0xe0 [ 979.778241][ C1] ? do_syscall_64+0x1c/0xe0 [ 979.782819][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 979.788795][ C1] do_syscall_64+0x60/0xe0 [ 979.793586][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 979.799550][ C1] RIP: 0033:0x45cb29 [ 979.803562][ C1] Code: Bad RIP value. [ 979.807617][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 979.816059][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 979.824154][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 979.832129][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 979.840146][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 979.848107][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 979.856082][ C1] syz-executor.1 S28928 13114 6984 0x00000000 [ 979.862450][ C1] Call Trace: [ 979.865736][ C1] __schedule+0x8e1/0x1eb0 [ 979.870146][ C1] ? io_schedule_timeout+0x140/0x140 [ 979.875458][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 979.880996][ C1] schedule+0xd0/0x2a0 [ 979.885055][ C1] futex_wait_queue_me+0x2a7/0x570 [ 979.890191][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 979.895415][ C1] ? futex_wake+0x1b5/0x490 [ 979.899912][ C1] ? find_held_lock+0x2d/0x110 [ 979.905943][ C1] futex_wait+0x1df/0x560 [ 979.910534][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 979.915823][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 979.920764][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 979.926108][ C1] ? futex_wake+0x155/0x490 [ 979.930978][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 979.936948][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 979.942744][ C1] do_futex+0x15b/0x1a60 [ 979.947066][ C1] ? lock_acquire+0x1f1/0xad0 [ 979.951734][ C1] ? __might_fault+0xef/0x1d0 [ 979.956479][ C1] ? find_held_lock+0x2d/0x110 [ 979.961234][ C1] ? futex_exit_release+0x220/0x220 [ 979.966423][ C1] ? lock_downgrade+0x820/0x820 [ 979.971262][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 979.977586][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 979.982689][ C1] ? __might_fault+0x190/0x1d0 [ 979.987785][ C1] ? _copy_to_user+0x126/0x160 [ 979.992805][ C1] __x64_sys_futex+0x378/0x4e0 [ 979.997568][ C1] ? do_futex+0x1a60/0x1a60 [ 980.002067][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 980.007775][ C1] ? lock_is_held_type+0xb0/0xe0 [ 980.012700][ C1] ? do_syscall_64+0x1c/0xe0 [ 980.017487][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 980.023575][ C1] do_syscall_64+0x60/0xe0 [ 980.027992][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 980.033992][ C1] RIP: 0033:0x45cb29 [ 980.037875][ C1] Code: Bad RIP value. [ 980.042088][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 980.050826][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 980.058790][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 980.066748][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 980.074759][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 980.082858][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 980.090843][ C1] syz-executor.1 S29976 13118 13114 0x00000000 [ 980.097198][ C1] Call Trace: [ 980.100489][ C1] __schedule+0x8e1/0x1eb0 [ 980.105184][ C1] ? io_schedule_timeout+0x140/0x140 [ 980.110660][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 980.116211][ C1] schedule+0xd0/0x2a0 [ 980.120275][ C1] futex_wait_queue_me+0x2a7/0x570 [ 980.125385][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 980.130575][ C1] futex_wait+0x1df/0x560 [ 980.134892][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 980.139966][ C1] ? mark_lock+0xbc/0x1710 [ 980.144720][ C1] ? hash_futex+0x12/0x200 [ 980.149653][ C1] ? futex_wake+0x155/0x490 [ 980.154154][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 980.159361][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 980.166083][ C1] ? lock_downgrade+0x820/0x820 [ 980.171210][ C1] do_futex+0x15b/0x1a60 [ 980.175646][ C1] ? lock_acquire+0x1f1/0xad0 [ 980.180986][ C1] ? __might_fault+0xef/0x1d0 [ 980.185661][ C1] ? find_held_lock+0x2d/0x110 [ 980.191411][ C1] ? futex_exit_release+0x220/0x220 [ 980.196914][ C1] ? lock_downgrade+0x820/0x820 [ 980.201842][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 980.208484][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 980.214048][ C1] ? __might_fault+0x190/0x1d0 [ 980.218897][ C1] ? _copy_to_user+0x126/0x160 [ 980.223748][ C1] __x64_sys_futex+0x378/0x4e0 [ 980.228765][ C1] ? do_futex+0x1a60/0x1a60 [ 980.233673][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 980.239397][ C1] ? lock_is_held_type+0xb0/0xe0 [ 980.244446][ C1] ? do_syscall_64+0x1c/0xe0 [ 980.249031][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 980.255052][ C1] do_syscall_64+0x60/0xe0 [ 980.259547][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 980.265649][ C1] RIP: 0033:0x45cb29 [ 980.269528][ C1] Code: Bad RIP value. [ 980.273586][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 980.281991][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 980.290309][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 980.298336][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 980.306304][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 980.314731][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 980.322816][ C1] syz-executor.1 S29976 13131 6984 0x00000000 [ 980.329205][ C1] Call Trace: [ 980.332493][ C1] __schedule+0x8e1/0x1eb0 [ 980.337083][ C1] ? io_schedule_timeout+0x140/0x140 [ 980.342360][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 980.347827][ C1] schedule+0xd0/0x2a0 [ 980.352034][ C1] futex_wait_queue_me+0x2a7/0x570 [ 980.357277][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 980.362629][ C1] futex_wait+0x1df/0x560 [ 980.366968][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 980.371984][ C1] ? mark_lock+0xbc/0x1710 [ 980.376679][ C1] ? hash_futex+0x12/0x200 [ 980.381174][ C1] ? futex_wake+0x155/0x490 [ 980.385745][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 980.390840][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 980.396810][ C1] ? lock_downgrade+0x820/0x820 [ 980.401740][ C1] do_futex+0x15b/0x1a60 [ 980.406065][ C1] ? lock_acquire+0x1f1/0xad0 [ 980.410732][ C1] ? __might_fault+0xef/0x1d0 [ 980.415594][ C1] ? find_held_lock+0x2d/0x110 [ 980.420543][ C1] ? futex_exit_release+0x220/0x220 [ 980.426487][ C1] ? lock_downgrade+0x820/0x820 [ 980.431331][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 980.437573][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 980.442593][ C1] ? __might_fault+0x190/0x1d0 [ 980.447525][ C1] ? _copy_to_user+0x126/0x160 [ 980.452279][ C1] __x64_sys_futex+0x378/0x4e0 [ 980.457121][ C1] ? do_futex+0x1a60/0x1a60 [ 980.461789][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 980.467416][ C1] ? lock_is_held_type+0xb0/0xe0 [ 980.472515][ C1] ? do_syscall_64+0x1c/0xe0 [ 980.477139][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 980.483168][ C1] do_syscall_64+0x60/0xe0 [ 980.487574][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 980.493461][ C1] RIP: 0033:0x45cb29 [ 980.497336][ C1] Code: Bad RIP value. [ 980.501456][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 980.509886][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 980.518197][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 980.526467][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 980.538344][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 980.548584][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 980.558650][ C1] syz-executor.1 S28928 13142 6984 0x00000000 [ 980.565451][ C1] Call Trace: [ 980.568779][ C1] __schedule+0x8e1/0x1eb0 [ 980.573196][ C1] ? io_schedule_timeout+0x140/0x140 [ 980.578523][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 980.583971][ C1] schedule+0xd0/0x2a0 [ 980.588097][ C1] futex_wait_queue_me+0x2a7/0x570 [ 980.594003][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 980.599946][ C1] ? find_held_lock+0x2d/0x110 [ 980.605419][ C1] futex_wait+0x1df/0x560 [ 980.610214][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 980.615625][ C1] ? mark_lock+0xbc/0x1710 [ 980.620050][ C1] ? hash_futex+0x12/0x200 [ 980.625414][ C1] ? futex_wake+0x155/0x490 [ 980.629911][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 980.635205][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 980.641742][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 980.647538][ C1] do_futex+0x15b/0x1a60 [ 980.651772][ C1] ? lock_acquire+0x1f1/0xad0 [ 980.656874][ C1] ? __might_fault+0xef/0x1d0 [ 980.663825][ C1] ? find_held_lock+0x2d/0x110 [ 980.668581][ C1] ? futex_exit_release+0x220/0x220 [ 980.673771][ C1] ? lock_downgrade+0x820/0x820 [ 980.678612][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 980.684837][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 980.689852][ C1] ? __might_fault+0x190/0x1d0 [ 980.694603][ C1] ? _copy_to_user+0x126/0x160 [ 980.699360][ C1] __x64_sys_futex+0x378/0x4e0 [ 980.704113][ C1] ? do_futex+0x1a60/0x1a60 [ 980.708615][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 980.714232][ C1] ? lock_is_held_type+0xb0/0xe0 [ 980.719155][ C1] ? do_syscall_64+0x1c/0xe0 [ 980.723733][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 980.729872][ C1] do_syscall_64+0x60/0xe0 [ 980.734452][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 980.740439][ C1] RIP: 0033:0x45cb29 [ 980.744326][ C1] Code: Bad RIP value. [ 980.748484][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 980.757123][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 980.765159][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 980.773316][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 980.781532][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 980.789488][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 980.797464][ C1] syz-executor.1 S29976 13145 13142 0x00000000 [ 980.803976][ C1] Call Trace: [ 980.807250][ C1] __schedule+0x8e1/0x1eb0 [ 980.811654][ C1] ? io_schedule_timeout+0x140/0x140 [ 980.816930][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 980.822917][ C1] schedule+0xd0/0x2a0 [ 980.826963][ C1] futex_wait_queue_me+0x2a7/0x570 [ 980.832054][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 980.837229][ C1] futex_wait+0x1df/0x560 [ 980.841539][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 980.846556][ C1] ? mark_lock+0xbc/0x1710 [ 980.850947][ C1] ? hash_futex+0x12/0x200 [ 980.855339][ C1] ? futex_wake+0x155/0x490 [ 980.859818][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 980.864825][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 980.870784][ C1] ? lock_downgrade+0x820/0x820 [ 980.875625][ C1] do_futex+0x15b/0x1a60 [ 980.879851][ C1] ? lock_acquire+0x1f1/0xad0 [ 980.884517][ C1] ? __might_fault+0xef/0x1d0 [ 980.889184][ C1] ? find_held_lock+0x2d/0x110 [ 980.893924][ C1] ? futex_exit_release+0x220/0x220 [ 980.899097][ C1] ? lock_downgrade+0x820/0x820 [ 980.903932][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 980.910241][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 980.915261][ C1] ? __might_fault+0x190/0x1d0 [ 980.920013][ C1] ? _copy_to_user+0x126/0x160 [ 980.924782][ C1] __x64_sys_futex+0x378/0x4e0 [ 980.929896][ C1] ? do_futex+0x1a60/0x1a60 [ 980.934582][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 980.940205][ C1] ? lock_is_held_type+0xb0/0xe0 [ 980.945241][ C1] ? do_syscall_64+0x1c/0xe0 [ 980.949833][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 980.955806][ C1] do_syscall_64+0x60/0xe0 [ 980.960210][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 980.966096][ C1] RIP: 0033:0x45cb29 [ 980.969967][ C1] Code: Bad RIP value. [ 980.974033][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 980.982547][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 980.990510][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 980.998484][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 981.006432][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 981.014394][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 981.022649][ C1] syz-executor.1 S29976 13160 6984 0x00000000 [ 981.028965][ C1] Call Trace: [ 981.032237][ C1] __schedule+0x8e1/0x1eb0 [ 981.036634][ C1] ? io_schedule_timeout+0x140/0x140 [ 981.041897][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 981.047337][ C1] schedule+0xd0/0x2a0 [ 981.051390][ C1] futex_wait_queue_me+0x2a7/0x570 [ 981.056490][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 981.061667][ C1] futex_wait+0x1df/0x560 [ 981.065973][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 981.070976][ C1] ? mark_lock+0xbc/0x1710 [ 981.075370][ C1] ? hash_futex+0x12/0x200 [ 981.079781][ C1] ? futex_wake+0x155/0x490 [ 981.084274][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 981.089311][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 981.095285][ C1] ? lock_downgrade+0x820/0x820 [ 981.100129][ C1] do_futex+0x15b/0x1a60 [ 981.104356][ C1] ? lock_acquire+0x1f1/0xad0 [ 981.109008][ C1] ? __might_fault+0xef/0x1d0 [ 981.113662][ C1] ? find_held_lock+0x2d/0x110 [ 981.118429][ C1] ? futex_exit_release+0x220/0x220 [ 981.123605][ C1] ? lock_downgrade+0x820/0x820 [ 981.128449][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 981.134679][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 981.139696][ C1] ? __might_fault+0x190/0x1d0 [ 981.144438][ C1] ? _copy_to_user+0x126/0x160 [ 981.149199][ C1] __x64_sys_futex+0x378/0x4e0 [ 981.153956][ C1] ? do_futex+0x1a60/0x1a60 [ 981.158436][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 981.164047][ C1] ? lock_is_held_type+0xb0/0xe0 [ 981.168962][ C1] ? do_syscall_64+0x1c/0xe0 [ 981.173879][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 981.179927][ C1] do_syscall_64+0x60/0xe0 [ 981.184324][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 981.190207][ C1] RIP: 0033:0x45cb29 [ 981.194073][ C1] Code: Bad RIP value. [ 981.198114][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 981.206535][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 981.214484][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 981.222782][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 981.230755][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 981.238720][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 981.246694][ C1] syz-executor.1 S28384 13167 6984 0x00000000 [ 981.253027][ C1] Call Trace: [ 981.256402][ C1] __schedule+0x8e1/0x1eb0 [ 981.260806][ C1] ? io_schedule_timeout+0x140/0x140 [ 981.266351][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 981.271792][ C1] schedule+0xd0/0x2a0 [ 981.275867][ C1] futex_wait_queue_me+0x2a7/0x570 [ 981.281353][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 981.287606][ C1] futex_wait+0x1df/0x560 [ 981.291922][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 981.297016][ C1] ? mark_lock+0xbc/0x1710 [ 981.301437][ C1] ? mark_lock+0xbc/0x1710 [ 981.305851][ C1] ? hash_futex+0x12/0x200 [ 981.310268][ C1] ? futex_wake+0x155/0x490 [ 981.314754][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 981.319778][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 981.325733][ C1] do_futex+0x15b/0x1a60 [ 981.329955][ C1] ? lock_acquire+0x1f1/0xad0 [ 981.334636][ C1] ? __might_fault+0xef/0x1d0 [ 981.339305][ C1] ? find_held_lock+0x2d/0x110 [ 981.344105][ C1] ? futex_exit_release+0x220/0x220 [ 981.349286][ C1] ? lock_downgrade+0x820/0x820 [ 981.354168][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 981.360387][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 981.365657][ C1] ? __might_fault+0x190/0x1d0 [ 981.370419][ C1] ? _copy_to_user+0x126/0x160 [ 981.375267][ C1] __x64_sys_futex+0x378/0x4e0 [ 981.380027][ C1] ? do_futex+0x1a60/0x1a60 [ 981.384513][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 981.390238][ C1] ? lock_is_held_type+0xb0/0xe0 [ 981.395284][ C1] ? do_syscall_64+0x1c/0xe0 [ 981.399865][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 981.405826][ C1] do_syscall_64+0x60/0xe0 [ 981.411630][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 981.417824][ C1] RIP: 0033:0x45cb29 [ 981.424731][ C1] Code: Bad RIP value. [ 981.428780][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 981.437629][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 981.445685][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 981.454496][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 981.462779][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 981.470860][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 981.478951][ C1] syz-executor.1 S29976 13171 13167 0x00000000 [ 981.485265][ C1] Call Trace: [ 981.488573][ C1] __schedule+0x8e1/0x1eb0 [ 981.492974][ C1] ? io_schedule_timeout+0x140/0x140 [ 981.498258][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 981.503718][ C1] schedule+0xd0/0x2a0 [ 981.507794][ C1] futex_wait_queue_me+0x2a7/0x570 [ 981.512902][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 981.518617][ C1] ? futex_wake+0x1b5/0x490 [ 981.523185][ C1] ? find_held_lock+0x2d/0x110 [ 981.527930][ C1] futex_wait+0x1df/0x560 [ 981.532446][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 981.537463][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 981.542513][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 981.547971][ C1] ? futex_wake+0x155/0x490 [ 981.552479][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 981.558431][ C1] ? lock_downgrade+0x820/0x820 [ 981.563274][ C1] do_futex+0x15b/0x1a60 [ 981.567525][ C1] ? lock_acquire+0x1f1/0xad0 [ 981.572194][ C1] ? __might_fault+0xef/0x1d0 [ 981.576859][ C1] ? find_held_lock+0x2d/0x110 [ 981.581660][ C1] ? futex_exit_release+0x220/0x220 [ 981.586838][ C1] ? lock_downgrade+0x820/0x820 [ 981.591671][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 981.597914][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 981.603713][ C1] ? __might_fault+0x190/0x1d0 [ 981.608531][ C1] ? _copy_to_user+0x126/0x160 [ 981.613364][ C1] __x64_sys_futex+0x378/0x4e0 [ 981.619167][ C1] ? do_futex+0x1a60/0x1a60 [ 981.623899][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 981.630173][ C1] ? lock_is_held_type+0xb0/0xe0 [ 981.636001][ C1] ? do_syscall_64+0x1c/0xe0 [ 981.643124][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 981.649115][ C1] do_syscall_64+0x60/0xe0 [ 981.653538][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 981.659431][ C1] RIP: 0033:0x45cb29 [ 981.663302][ C1] Code: Bad RIP value. [ 981.667342][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 981.675732][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 981.683789][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 981.692571][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 981.700902][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 981.709768][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 981.718025][ C1] syz-executor.1 S29976 13189 6984 0x00000000 [ 981.725707][ C1] Call Trace: [ 981.729423][ C1] __schedule+0x8e1/0x1eb0 [ 981.734881][ C1] ? io_schedule_timeout+0x140/0x140 [ 981.740175][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 981.745885][ C1] schedule+0xd0/0x2a0 [ 981.750196][ C1] futex_wait_queue_me+0x2a7/0x570 [ 981.755914][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 981.762107][ C1] futex_wait+0x1df/0x560 [ 981.766855][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 981.773020][ C1] ? mark_lock+0xbc/0x1710 [ 981.777429][ C1] ? hash_futex+0x12/0x200 [ 981.781830][ C1] ? futex_wake+0x155/0x490 [ 981.786338][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 981.793024][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 981.800726][ C1] ? lock_downgrade+0x820/0x820 [ 981.805677][ C1] do_futex+0x15b/0x1a60 [ 981.809903][ C1] ? lock_acquire+0x1f1/0xad0 [ 981.814578][ C1] ? __might_fault+0xef/0x1d0 [ 981.819749][ C1] ? find_held_lock+0x2d/0x110 [ 981.824511][ C1] ? futex_exit_release+0x220/0x220 [ 981.829718][ C1] ? lock_downgrade+0x820/0x820 [ 981.834553][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 981.840912][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 981.846193][ C1] ? __might_fault+0x190/0x1d0 [ 981.850946][ C1] ? _copy_to_user+0x126/0x160 [ 981.855714][ C1] __x64_sys_futex+0x378/0x4e0 [ 981.860459][ C1] ? do_futex+0x1a60/0x1a60 [ 981.865406][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 981.871039][ C1] ? lock_is_held_type+0xb0/0xe0 [ 981.877226][ C1] ? do_syscall_64+0x1c/0xe0 [ 981.881807][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 981.887770][ C1] do_syscall_64+0x60/0xe0 [ 981.892224][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 981.899487][ C1] RIP: 0033:0x45cb29 [ 981.903776][ C1] Code: Bad RIP value. [ 981.908261][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 981.919740][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 981.930651][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 981.939220][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 981.948349][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 981.958362][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 981.966432][ C1] syz-executor.1 S28416 13201 6984 0x00000000 [ 981.973615][ C1] Call Trace: [ 981.977393][ C1] __schedule+0x8e1/0x1eb0 [ 981.982133][ C1] ? io_schedule_timeout+0x140/0x140 [ 981.987499][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 981.993222][ C1] schedule+0xd0/0x2a0 [ 981.997294][ C1] futex_wait_queue_me+0x2a7/0x570 [ 982.002381][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 982.007558][ C1] ? futex_wake+0x1b5/0x490 [ 982.012040][ C1] ? find_held_lock+0x2d/0x110 [ 982.016787][ C1] futex_wait+0x1df/0x560 [ 982.021116][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 982.027163][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 982.032551][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 982.037728][ C1] ? futex_wake+0x155/0x490 [ 982.042417][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 982.049200][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 982.057416][ C1] do_futex+0x15b/0x1a60 [ 982.061829][ C1] ? lock_acquire+0x1f1/0xad0 [ 982.066705][ C1] ? __might_fault+0xef/0x1d0 [ 982.071367][ C1] ? find_held_lock+0x2d/0x110 [ 982.076114][ C1] ? futex_exit_release+0x220/0x220 [ 982.083709][ C1] ? lock_downgrade+0x820/0x820 [ 982.088545][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 982.096459][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 982.101572][ C1] ? __might_fault+0x190/0x1d0 [ 982.106316][ C1] ? _copy_to_user+0x126/0x160 [ 982.111140][ C1] __x64_sys_futex+0x378/0x4e0 [ 982.117495][ C1] ? do_futex+0x1a60/0x1a60 [ 982.124135][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 982.129959][ C1] ? lock_is_held_type+0xb0/0xe0 [ 982.136063][ C1] ? do_syscall_64+0x1c/0xe0 [ 982.140732][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 982.146711][ C1] do_syscall_64+0x60/0xe0 [ 982.151109][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 982.157004][ C1] RIP: 0033:0x45cb29 [ 982.160871][ C1] Code: Bad RIP value. [ 982.164910][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 982.175285][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 982.183958][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 982.192092][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 982.200429][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 982.209825][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 982.218979][ C1] syz-executor.1 S29976 13202 13201 0x00000000 [ 982.225315][ C1] Call Trace: [ 982.228589][ C1] __schedule+0x8e1/0x1eb0 [ 982.232994][ C1] ? io_schedule_timeout+0x140/0x140 [ 982.238263][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 982.243710][ C1] schedule+0xd0/0x2a0 [ 982.248231][ C1] futex_wait_queue_me+0x2a7/0x570 [ 982.253329][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 982.258516][ C1] futex_wait+0x1df/0x560 [ 982.262875][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 982.267964][ C1] ? mark_lock+0xbc/0x1710 [ 982.272969][ C1] ? hash_futex+0x12/0x200 [ 982.277979][ C1] ? futex_wake+0x155/0x490 [ 982.282661][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 982.287681][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 982.293638][ C1] ? lock_downgrade+0x820/0x820 [ 982.298494][ C1] do_futex+0x15b/0x1a60 [ 982.302726][ C1] ? lock_acquire+0x1f1/0xad0 [ 982.307385][ C1] ? __might_fault+0xef/0x1d0 [ 982.312058][ C1] ? find_held_lock+0x2d/0x110 [ 982.316829][ C1] ? futex_exit_release+0x220/0x220 [ 982.322209][ C1] ? lock_downgrade+0x820/0x820 [ 982.327521][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 982.333776][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 982.338800][ C1] ? __might_fault+0x190/0x1d0 [ 982.343556][ C1] ? _copy_to_user+0x126/0x160 [ 982.348301][ C1] __x64_sys_futex+0x378/0x4e0 [ 982.353074][ C1] ? do_futex+0x1a60/0x1a60 [ 982.358368][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 982.364002][ C1] ? lock_is_held_type+0xb0/0xe0 [ 982.368928][ C1] ? do_syscall_64+0x1c/0xe0 [ 982.373506][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 982.379468][ C1] do_syscall_64+0x60/0xe0 [ 982.383885][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 982.389753][ C1] RIP: 0033:0x45cb29 [ 982.393620][ C1] Code: Bad RIP value. [ 982.397657][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 982.406059][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 982.414174][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 982.422489][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 982.430560][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 982.438530][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 982.446516][ C1] syz-executor.1 S29976 13209 6984 0x00000000 [ 982.452847][ C1] Call Trace: [ 982.456233][ C1] __schedule+0x8e1/0x1eb0 [ 982.460721][ C1] ? io_schedule_timeout+0x140/0x140 [ 982.467339][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 982.472798][ C1] schedule+0xd0/0x2a0 [ 982.476860][ C1] futex_wait_queue_me+0x2a7/0x570 [ 982.481948][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 982.487125][ C1] futex_wait+0x1df/0x560 [ 982.492390][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 982.497505][ C1] ? mark_lock+0xbc/0x1710 [ 982.501900][ C1] ? hash_futex+0x12/0x200 [ 982.506298][ C1] ? futex_wake+0x155/0x490 [ 982.510778][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 982.515789][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 982.521747][ C1] ? lock_downgrade+0x820/0x820 [ 982.526594][ C1] do_futex+0x15b/0x1a60 [ 982.532528][ C1] ? lock_acquire+0x1f1/0xad0 [ 982.537322][ C1] ? __might_fault+0xef/0x1d0 [ 982.541981][ C1] ? find_held_lock+0x2d/0x110 [ 982.546841][ C1] ? futex_exit_release+0x220/0x220 [ 982.552032][ C1] ? lock_downgrade+0x820/0x820 [ 982.557995][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 982.564519][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 982.570851][ C1] ? __might_fault+0x190/0x1d0 [ 982.575616][ C1] ? _copy_to_user+0x126/0x160 [ 982.580364][ C1] __x64_sys_futex+0x378/0x4e0 [ 982.585112][ C1] ? do_futex+0x1a60/0x1a60 [ 982.589594][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 982.595404][ C1] ? lock_is_held_type+0xb0/0xe0 [ 982.600851][ C1] ? do_syscall_64+0x1c/0xe0 [ 982.605639][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 982.611619][ C1] do_syscall_64+0x60/0xe0 [ 982.616022][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 982.621893][ C1] RIP: 0033:0x45cb29 [ 982.625778][ C1] Code: Bad RIP value. [ 982.630187][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 982.639232][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 982.647182][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 982.655154][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 982.663227][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 982.673263][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 982.681232][ C1] syz-executor.1 S28312 13216 6984 0x00000000 [ 982.687545][ C1] Call Trace: [ 982.690818][ C1] __schedule+0x8e1/0x1eb0 [ 982.695233][ C1] ? io_schedule_timeout+0x140/0x140 [ 982.701848][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 982.707741][ C1] schedule+0xd0/0x2a0 [ 982.712115][ C1] futex_wait_queue_me+0x2a7/0x570 [ 982.717274][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 982.722450][ C1] futex_wait+0x1df/0x560 [ 982.726776][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 982.731780][ C1] ? mark_lock+0xbc/0x1710 [ 982.736305][ C1] ? mark_lock+0xbc/0x1710 [ 982.740880][ C1] ? hash_futex+0x12/0x200 [ 982.745644][ C1] ? futex_wake+0x155/0x490 [ 982.750146][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 982.755156][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 982.761120][ C1] do_futex+0x15b/0x1a60 [ 982.765347][ C1] ? lock_acquire+0x1f1/0xad0 [ 982.770521][ C1] ? __might_fault+0xef/0x1d0 [ 982.775610][ C1] ? find_held_lock+0x2d/0x110 [ 982.782015][ C1] ? futex_exit_release+0x220/0x220 [ 982.787224][ C1] ? lock_downgrade+0x820/0x820 [ 982.792065][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 982.798288][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 982.803320][ C1] ? __might_fault+0x190/0x1d0 [ 982.809045][ C1] ? _copy_to_user+0x126/0x160 [ 982.813884][ C1] __x64_sys_futex+0x378/0x4e0 [ 982.818631][ C1] ? do_futex+0x1a60/0x1a60 [ 982.823115][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 982.828752][ C1] ? lock_is_held_type+0xb0/0xe0 [ 982.833724][ C1] ? do_syscall_64+0x1c/0xe0 [ 982.838879][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 982.844947][ C1] do_syscall_64+0x60/0xe0 [ 982.849878][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 982.855992][ C1] RIP: 0033:0x45cb29 [ 982.859880][ C1] Code: Bad RIP value. [ 982.864060][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 982.872512][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 982.881270][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 982.889747][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 982.897700][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 982.905686][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 982.916421][ C1] syz-executor.1 S29976 13221 13216 0x00000000 [ 982.923289][ C1] Call Trace: [ 982.928421][ C1] __schedule+0x8e1/0x1eb0 [ 982.932839][ C1] ? io_schedule_timeout+0x140/0x140 [ 982.938105][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 982.943567][ C1] schedule+0xd0/0x2a0 [ 982.947619][ C1] futex_wait_queue_me+0x2a7/0x570 [ 982.952729][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 982.958363][ C1] futex_wait+0x1df/0x560 [ 982.963736][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 982.968742][ C1] ? mark_lock+0xbc/0x1710 [ 982.973137][ C1] ? hash_futex+0x12/0x200 [ 982.977564][ C1] ? futex_wake+0x155/0x490 [ 982.982444][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 982.990344][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 982.996653][ C1] ? lock_downgrade+0x820/0x820 [ 983.002724][ C1] do_futex+0x15b/0x1a60 [ 983.007153][ C1] ? lock_acquire+0x1f1/0xad0 [ 983.011812][ C1] ? __might_fault+0xef/0x1d0 [ 983.016471][ C1] ? find_held_lock+0x2d/0x110 [ 983.021217][ C1] ? futex_exit_release+0x220/0x220 [ 983.026511][ C1] ? lock_downgrade+0x820/0x820 [ 983.031470][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 983.037689][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 983.042699][ C1] ? __might_fault+0x190/0x1d0 [ 983.047442][ C1] ? _copy_to_user+0x126/0x160 [ 983.052206][ C1] __x64_sys_futex+0x378/0x4e0 [ 983.056969][ C1] ? do_futex+0x1a60/0x1a60 [ 983.061454][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 983.067081][ C1] ? lock_is_held_type+0xb0/0xe0 [ 983.071996][ C1] ? do_syscall_64+0x1c/0xe0 [ 983.076564][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 983.082534][ C1] do_syscall_64+0x60/0xe0 [ 983.087073][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 983.092960][ C1] RIP: 0033:0x45cb29 [ 983.096828][ C1] Code: Bad RIP value. [ 983.100873][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 983.109267][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 983.117226][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 983.125208][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 983.133269][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 983.141247][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 983.149216][ C1] syz-executor.1 S29976 13226 13216 0x00000000 [ 983.155553][ C1] Call Trace: [ 983.158839][ C1] __schedule+0x8e1/0x1eb0 [ 983.163245][ C1] ? io_schedule_timeout+0x140/0x140 [ 983.169526][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 983.174986][ C1] schedule+0xd0/0x2a0 [ 983.187466][ C1] futex_wait_queue_me+0x2a7/0x570 [ 983.192604][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 983.197778][ C1] ? futex_wake+0x1b5/0x490 [ 983.202260][ C1] ? find_held_lock+0x2d/0x110 [ 983.207048][ C1] futex_wait+0x1df/0x560 [ 983.211358][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 983.216358][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 983.221273][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 983.226462][ C1] ? futex_wake+0x155/0x490 [ 983.230973][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 983.236948][ C1] ? lock_downgrade+0x820/0x820 [ 983.241779][ C1] do_futex+0x15b/0x1a60 [ 983.246006][ C1] ? lock_acquire+0x1f1/0xad0 [ 983.250660][ C1] ? __might_fault+0xef/0x1d0 [ 983.255311][ C1] ? find_held_lock+0x2d/0x110 [ 983.260049][ C1] ? futex_exit_release+0x220/0x220 [ 983.265329][ C1] ? lock_downgrade+0x820/0x820 [ 983.270156][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 983.276386][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 983.281403][ C1] ? __might_fault+0x190/0x1d0 [ 983.286237][ C1] ? _copy_to_user+0x126/0x160 [ 983.290983][ C1] __x64_sys_futex+0x378/0x4e0 [ 983.295725][ C1] ? do_futex+0x1a60/0x1a60 [ 983.300207][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 983.305840][ C1] ? lock_is_held_type+0xb0/0xe0 [ 983.310758][ C1] ? do_syscall_64+0x1c/0xe0 [ 983.315325][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 983.321284][ C1] do_syscall_64+0x60/0xe0 [ 983.325677][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 983.331547][ C1] RIP: 0033:0x45cb29 [ 983.335425][ C1] Code: Bad RIP value. [ 983.339476][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 983.347948][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 983.355904][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 983.363888][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 983.371939][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 983.379904][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 983.387894][ C1] syz-executor.1 S28928 13231 6984 0x00000000 [ 983.394221][ C1] Call Trace: [ 983.397495][ C1] __schedule+0x8e1/0x1eb0 [ 983.401891][ C1] ? io_schedule_timeout+0x140/0x140 [ 983.407156][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 983.412608][ C1] schedule+0xd0/0x2a0 [ 983.416656][ C1] futex_wait_queue_me+0x2a7/0x570 [ 983.421760][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 983.427046][ C1] ? futex_wake+0x1b5/0x490 [ 983.431532][ C1] ? find_held_lock+0x2d/0x110 [ 983.436274][ C1] futex_wait+0x1df/0x560 [ 983.440581][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 983.445583][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 983.450499][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 983.455688][ C1] ? futex_wake+0x155/0x490 [ 983.460200][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 983.466871][ C1] do_futex+0x15b/0x1a60 [ 983.471116][ C1] ? lock_acquire+0x1f1/0xad0 [ 983.475802][ C1] ? __might_fault+0xef/0x1d0 [ 983.480465][ C1] ? find_held_lock+0x2d/0x110 [ 983.485210][ C1] ? futex_exit_release+0x220/0x220 [ 983.490395][ C1] ? lock_downgrade+0x820/0x820 [ 983.495226][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 983.501444][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 983.506449][ C1] ? __might_fault+0x190/0x1d0 [ 983.511189][ C1] ? _copy_to_user+0x126/0x160 [ 983.515951][ C1] __x64_sys_futex+0x378/0x4e0 [ 983.521073][ C1] ? do_futex+0x1a60/0x1a60 [ 983.525562][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 983.531176][ C1] ? lock_is_held_type+0xb0/0xe0 [ 983.536093][ C1] ? do_syscall_64+0x1c/0xe0 [ 983.540709][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 983.546799][ C1] do_syscall_64+0x60/0xe0 [ 983.551197][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 983.557150][ C1] RIP: 0033:0x45cb29 [ 983.561017][ C1] Code: Bad RIP value. [ 983.565057][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 983.573444][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 983.581392][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 983.589338][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 983.597287][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 983.605254][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 983.613321][ C1] syz-executor.1 S29976 13234 13231 0x00000000 [ 983.619661][ C1] Call Trace: [ 983.622946][ C1] __schedule+0x8e1/0x1eb0 [ 983.627357][ C1] ? io_schedule_timeout+0x140/0x140 [ 983.632630][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 983.638260][ C1] schedule+0xd0/0x2a0 [ 983.642429][ C1] futex_wait_queue_me+0x2a7/0x570 [ 983.647525][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 983.652703][ C1] ? futex_wake+0x1b5/0x490 [ 983.657186][ C1] ? find_held_lock+0x2d/0x110 [ 983.661928][ C1] futex_wait+0x1df/0x560 [ 983.666338][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 983.671337][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 983.676254][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 983.681450][ C1] ? futex_wake+0x155/0x490 [ 983.685943][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 983.691984][ C1] ? lock_downgrade+0x820/0x820 [ 983.696814][ C1] do_futex+0x15b/0x1a60 [ 983.701039][ C1] ? lock_acquire+0x1f1/0xad0 [ 983.705693][ C1] ? __might_fault+0xef/0x1d0 [ 983.710346][ C1] ? find_held_lock+0x2d/0x110 [ 983.715100][ C1] ? futex_exit_release+0x220/0x220 [ 983.720279][ C1] ? lock_downgrade+0x820/0x820 [ 983.725117][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 983.731338][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 983.736345][ C1] ? __might_fault+0x190/0x1d0 [ 983.741086][ C1] ? _copy_to_user+0x126/0x160 [ 983.745849][ C1] __x64_sys_futex+0x378/0x4e0 [ 983.750618][ C1] ? do_futex+0x1a60/0x1a60 [ 983.755102][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 983.760717][ C1] ? lock_is_held_type+0xb0/0xe0 [ 983.765648][ C1] ? do_syscall_64+0x1c/0xe0 [ 983.770215][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 983.776179][ C1] do_syscall_64+0x60/0xe0 [ 983.780575][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 983.786447][ C1] RIP: 0033:0x45cb29 [ 983.790400][ C1] Code: Bad RIP value. [ 983.794456][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 983.802845][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 983.810808][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 983.818756][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 983.826703][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 983.834652][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 983.842616][ C1] syz-executor.1 S29976 13248 13231 0x00000000 [ 983.848931][ C1] Call Trace: [ 983.852203][ C1] __schedule+0x8e1/0x1eb0 [ 983.856607][ C1] ? io_schedule_timeout+0x140/0x140 [ 983.862303][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 983.867749][ C1] schedule+0xd0/0x2a0 [ 983.871813][ C1] futex_wait_queue_me+0x2a7/0x570 [ 983.876901][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 983.882079][ C1] ? futex_wake+0x1b5/0x490 [ 983.886560][ C1] ? find_held_lock+0x2d/0x110 [ 983.891301][ C1] futex_wait+0x1df/0x560 [ 983.895612][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 983.900623][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 983.905542][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 983.910721][ C1] ? futex_wake+0x155/0x490 [ 983.915209][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 983.921180][ C1] ? lock_downgrade+0x820/0x820 [ 983.926011][ C1] do_futex+0x15b/0x1a60 [ 983.930249][ C1] ? lock_acquire+0x1f1/0xad0 [ 983.934901][ C1] ? __might_fault+0xef/0x1d0 [ 983.939554][ C1] ? find_held_lock+0x2d/0x110 [ 983.944294][ C1] ? futex_exit_release+0x220/0x220 [ 983.949469][ C1] ? lock_downgrade+0x820/0x820 [ 983.954315][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 983.960529][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 983.965543][ C1] ? __might_fault+0x190/0x1d0 [ 983.970294][ C1] ? _copy_to_user+0x126/0x160 [ 983.975038][ C1] __x64_sys_futex+0x378/0x4e0 [ 983.979796][ C1] ? do_futex+0x1a60/0x1a60 [ 983.984274][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 983.989881][ C1] ? lock_is_held_type+0xb0/0xe0 [ 983.994797][ C1] ? do_syscall_64+0x1c/0xe0 [ 983.999365][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 984.005340][ C1] do_syscall_64+0x60/0xe0 [ 984.009736][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 984.015608][ C1] RIP: 0033:0x45cb29 [ 984.019474][ C1] Code: Bad RIP value. [ 984.023518][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 984.031905][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 984.039861][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 984.047827][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 984.055776][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 984.063722][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 984.071682][ C1] syz-executor.1 S28384 13273 6984 0x00000000 [ 984.077992][ C1] Call Trace: [ 984.081286][ C1] __schedule+0x8e1/0x1eb0 [ 984.085699][ C1] ? io_schedule_timeout+0x140/0x140 [ 984.090979][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 984.096420][ C1] schedule+0xd0/0x2a0 [ 984.100470][ C1] futex_wait_queue_me+0x2a7/0x570 [ 984.105670][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 984.111282][ C1] ? find_held_lock+0x2d/0x110 [ 984.116051][ C1] futex_wait+0x1df/0x560 [ 984.120378][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 984.125478][ C1] ? mark_lock+0xbc/0x1710 [ 984.129887][ C1] ? hash_futex+0x12/0x200 [ 984.134294][ C1] ? futex_wake+0x155/0x490 [ 984.138772][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 984.143833][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 984.149833][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 984.155621][ C1] do_futex+0x15b/0x1a60 [ 984.159937][ C1] ? lock_acquire+0x1f1/0xad0 [ 984.164627][ C1] ? __might_fault+0xef/0x1d0 [ 984.169448][ C1] ? find_held_lock+0x2d/0x110 [ 984.174207][ C1] ? futex_exit_release+0x220/0x220 [ 984.179393][ C1] ? lock_downgrade+0x820/0x820 [ 984.185960][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 984.192181][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 984.197197][ C1] ? __might_fault+0x190/0x1d0 [ 984.202024][ C1] ? _copy_to_user+0x126/0x160 [ 984.206768][ C1] __x64_sys_futex+0x378/0x4e0 [ 984.211517][ C1] ? do_futex+0x1a60/0x1a60 [ 984.216017][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 984.221632][ C1] ? lock_is_held_type+0xb0/0xe0 [ 984.226546][ C1] ? do_syscall_64+0x1c/0xe0 [ 984.231114][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 984.237075][ C1] do_syscall_64+0x60/0xe0 [ 984.241467][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 984.247337][ C1] RIP: 0033:0x45cb29 [ 984.251201][ C1] Code: Bad RIP value. [ 984.255242][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 984.263630][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 984.271580][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 984.279704][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 984.287676][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 984.295639][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 984.303614][ C1] syz-executor.2 S27992 13274 7107 0x00000000 [ 984.309951][ C1] Call Trace: [ 984.313225][ C1] __schedule+0x8e1/0x1eb0 [ 984.317623][ C1] ? io_schedule_timeout+0x140/0x140 [ 984.322887][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 984.328326][ C1] schedule+0xd0/0x2a0 [ 984.332374][ C1] futex_wait_queue_me+0x2a7/0x570 [ 984.337465][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 984.342644][ C1] futex_wait+0x1df/0x560 [ 984.346959][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 984.351977][ C1] ? mark_lock+0xbc/0x1710 [ 984.356487][ C1] ? hash_futex+0x12/0x200 [ 984.360892][ C1] ? futex_wake+0x155/0x490 [ 984.365376][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 984.370391][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 984.376351][ C1] do_futex+0x15b/0x1a60 [ 984.380598][ C1] ? lock_acquire+0x1f1/0xad0 [ 984.385255][ C1] ? __might_fault+0xef/0x1d0 [ 984.389915][ C1] ? find_held_lock+0x2d/0x110 [ 984.394670][ C1] ? futex_exit_release+0x220/0x220 [ 984.399863][ C1] ? lock_downgrade+0x820/0x820 [ 984.404802][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 984.411051][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 984.416158][ C1] ? __might_fault+0x190/0x1d0 [ 984.420899][ C1] ? _copy_to_user+0x126/0x160 [ 984.425644][ C1] __x64_sys_futex+0x378/0x4e0 [ 984.430391][ C1] ? do_futex+0x1a60/0x1a60 [ 984.434874][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 984.440485][ C1] ? lock_is_held_type+0xb0/0xe0 [ 984.445416][ C1] ? do_syscall_64+0x1c/0xe0 [ 984.449982][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 984.455957][ C1] do_syscall_64+0x60/0xe0 [ 984.460438][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 984.466308][ C1] RIP: 0033:0x45cb29 [ 984.470265][ C1] Code: Bad RIP value. [ 984.474318][ C1] RSP: 002b:00007fd4292bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 984.482706][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 984.490826][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 984.498796][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 984.506846][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 984.514803][ C1] R13: 0000000000c9fb6f R14: 00007fd4292be9c0 R15: 000000000078bf0c [ 984.522866][ C1] syz-executor.1 S29976 13282 13273 0x00000000 [ 984.529430][ C1] Call Trace: [ 984.532703][ C1] __schedule+0x8e1/0x1eb0 [ 984.537099][ C1] ? io_schedule_timeout+0x140/0x140 [ 984.542375][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 984.547816][ C1] schedule+0xd0/0x2a0 [ 984.551866][ C1] futex_wait_queue_me+0x2a7/0x570 [ 984.556951][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 984.562146][ C1] futex_wait+0x1df/0x560 [ 984.566466][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 984.571484][ C1] ? mark_lock+0xbc/0x1710 [ 984.575884][ C1] ? hash_futex+0x12/0x200 [ 984.580277][ C1] ? futex_wake+0x155/0x490 [ 984.584843][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 984.589865][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 984.595817][ C1] ? lock_downgrade+0x820/0x820 [ 984.600644][ C1] do_futex+0x15b/0x1a60 [ 984.604866][ C1] ? lock_acquire+0x1f1/0xad0 [ 984.609516][ C1] ? __might_fault+0xef/0x1d0 [ 984.614182][ C1] ? find_held_lock+0x2d/0x110 [ 984.619010][ C1] ? futex_exit_release+0x220/0x220 [ 984.624184][ C1] ? lock_downgrade+0x820/0x820 [ 984.629013][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 984.635231][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 984.640234][ C1] ? __might_fault+0x190/0x1d0 [ 984.644976][ C1] ? _copy_to_user+0x126/0x160 [ 984.649721][ C1] __x64_sys_futex+0x378/0x4e0 [ 984.654464][ C1] ? do_futex+0x1a60/0x1a60 [ 984.658958][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 984.664566][ C1] ? lock_is_held_type+0xb0/0xe0 [ 984.669503][ C1] ? do_syscall_64+0x1c/0xe0 [ 984.674098][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 984.680057][ C1] do_syscall_64+0x60/0xe0 [ 984.684454][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 984.690323][ C1] RIP: 0033:0x45cb29 [ 984.694190][ C1] Code: Bad RIP value. [ 984.698322][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 984.706725][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 984.714765][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 984.722802][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 984.730752][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 984.738852][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 984.746829][ C1] syz-executor.1 S29976 13299 13273 0x00000000 [ 984.753146][ C1] Call Trace: [ 984.756666][ C1] __schedule+0x8e1/0x1eb0 [ 984.761079][ C1] ? io_schedule_timeout+0x140/0x140 [ 984.766364][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 984.771806][ C1] schedule+0xd0/0x2a0 [ 984.775875][ C1] futex_wait_queue_me+0x2a7/0x570 [ 984.780964][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 984.786196][ C1] futex_wait+0x1df/0x560 [ 984.790524][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 984.795522][ C1] ? mark_lock+0xbc/0x1710 [ 984.799913][ C1] ? hash_futex+0x12/0x200 [ 984.804301][ C1] ? futex_wake+0x155/0x490 [ 984.808779][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 984.813900][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 984.819878][ C1] ? lock_downgrade+0x820/0x820 [ 984.824724][ C1] do_futex+0x15b/0x1a60 [ 984.828957][ C1] ? lock_acquire+0x1f1/0xad0 [ 984.833613][ C1] ? __might_fault+0xef/0x1d0 [ 984.838307][ C1] ? find_held_lock+0x2d/0x110 [ 984.843069][ C1] ? futex_exit_release+0x220/0x220 [ 984.848256][ C1] ? lock_downgrade+0x820/0x820 [ 984.853084][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 984.859306][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 984.864358][ C1] ? __might_fault+0x190/0x1d0 [ 984.869124][ C1] ? _copy_to_user+0x126/0x160 [ 984.873869][ C1] __x64_sys_futex+0x378/0x4e0 [ 984.878629][ C1] ? do_futex+0x1a60/0x1a60 [ 984.883108][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 984.888733][ C1] ? lock_is_held_type+0xb0/0xe0 [ 984.893649][ C1] ? do_syscall_64+0x1c/0xe0 [ 984.898238][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 984.904198][ C1] do_syscall_64+0x60/0xe0 [ 984.908615][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 984.914486][ C1] RIP: 0033:0x45cb29 [ 984.918368][ C1] Code: Bad RIP value. [ 984.922422][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 984.930808][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 984.938759][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 984.946710][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 984.954677][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 984.962655][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 984.970636][ C1] syz-executor.1 S29728 13308 6984 0x00000000 [ 984.976948][ C1] Call Trace: [ 984.980223][ C1] __schedule+0x8e1/0x1eb0 [ 984.984623][ C1] ? io_schedule_timeout+0x140/0x140 [ 984.989896][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 984.995337][ C1] schedule+0xd0/0x2a0 [ 984.999384][ C1] futex_wait_queue_me+0x2a7/0x570 [ 985.004470][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 985.009654][ C1] ? futex_wake+0x1b5/0x490 [ 985.014132][ C1] ? find_held_lock+0x2d/0x110 [ 985.018875][ C1] futex_wait+0x1df/0x560 [ 985.023201][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 985.028203][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 985.033119][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 985.038314][ C1] ? futex_wake+0x155/0x490 [ 985.042803][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 985.048763][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 985.054561][ C1] do_futex+0x15b/0x1a60 [ 985.058786][ C1] ? lock_acquire+0x1f1/0xad0 [ 985.063461][ C1] ? __might_fault+0xef/0x1d0 [ 985.068115][ C1] ? find_held_lock+0x2d/0x110 [ 985.072856][ C1] ? futex_exit_release+0x220/0x220 [ 985.078060][ C1] ? lock_downgrade+0x820/0x820 [ 985.082891][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 985.089109][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 985.094119][ C1] ? __might_fault+0x190/0x1d0 [ 985.098870][ C1] ? _copy_to_user+0x126/0x160 [ 985.103634][ C1] __x64_sys_futex+0x378/0x4e0 [ 985.108475][ C1] ? do_futex+0x1a60/0x1a60 [ 985.112968][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 985.118937][ C1] ? lock_is_held_type+0xb0/0xe0 [ 985.123863][ C1] ? do_syscall_64+0x1c/0xe0 [ 985.128468][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 985.134532][ C1] do_syscall_64+0x60/0xe0 [ 985.138962][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 985.144840][ C1] RIP: 0033:0x45cb29 [ 985.148705][ C1] Code: Bad RIP value. [ 985.152749][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 985.161151][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 985.169373][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 985.177337][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 985.185298][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 985.193248][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 985.201211][ C1] syz-executor.1 S29976 13312 6984 0x00000000 [ 985.207520][ C1] Call Trace: [ 985.210809][ C1] __schedule+0x8e1/0x1eb0 [ 985.215218][ C1] ? io_schedule_timeout+0x140/0x140 [ 985.220477][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 985.226003][ C1] schedule+0xd0/0x2a0 [ 985.230051][ C1] futex_wait_queue_me+0x2a7/0x570 [ 985.235149][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 985.240361][ C1] futex_wait+0x1df/0x560 [ 985.244695][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 985.249696][ C1] ? mark_lock+0xbc/0x1710 [ 985.254179][ C1] ? hash_futex+0x12/0x200 [ 985.259261][ C1] ? futex_wake+0x155/0x490 [ 985.263750][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 985.268771][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 985.274730][ C1] ? lock_downgrade+0x820/0x820 [ 985.279709][ C1] do_futex+0x15b/0x1a60 [ 985.283954][ C1] ? lock_acquire+0x1f1/0xad0 [ 985.288619][ C1] ? __might_fault+0xef/0x1d0 [ 985.293294][ C1] ? find_held_lock+0x2d/0x110 [ 985.298060][ C1] ? futex_exit_release+0x220/0x220 [ 985.303258][ C1] ? lock_downgrade+0x820/0x820 [ 985.308104][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 985.314603][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 985.319617][ C1] ? __might_fault+0x190/0x1d0 [ 985.324357][ C1] ? _copy_to_user+0x126/0x160 [ 985.329103][ C1] __x64_sys_futex+0x378/0x4e0 [ 985.333850][ C1] ? do_futex+0x1a60/0x1a60 [ 985.338350][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 985.343963][ C1] ? lock_is_held_type+0xb0/0xe0 [ 985.348877][ C1] ? do_syscall_64+0x1c/0xe0 [ 985.353447][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 985.359424][ C1] do_syscall_64+0x60/0xe0 [ 985.363938][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 985.369926][ C1] RIP: 0033:0x45cb29 [ 985.373802][ C1] Code: Bad RIP value. [ 985.377852][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 985.386240][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 985.394188][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 985.402151][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 985.410118][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 985.418109][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 985.426262][ C1] syz-executor.1 S29976 13317 6984 0x00000000 [ 985.432584][ C1] Call Trace: [ 985.435866][ C1] __schedule+0x8e1/0x1eb0 [ 985.440273][ C1] ? io_schedule_timeout+0x140/0x140 [ 985.445552][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 985.450992][ C1] schedule+0xd0/0x2a0 [ 985.455058][ C1] futex_wait_queue_me+0x2a7/0x570 [ 985.460551][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 985.465752][ C1] ? futex_wake+0x1b5/0x490 [ 985.470236][ C1] ? find_held_lock+0x2d/0x110 [ 985.474978][ C1] futex_wait+0x1df/0x560 [ 985.479309][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 985.484336][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 985.489436][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 985.494619][ C1] ? futex_wake+0x155/0x490 [ 985.499119][ C1] ? lock_downgrade+0x820/0x820 [ 985.503951][ C1] do_futex+0x15b/0x1a60 [ 985.508176][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 985.513356][ C1] ? _raw_spin_unlock+0x24/0x40 [ 985.518211][ C1] ? do_wp_page+0x16a/0x1950 [ 985.522799][ C1] ? futex_exit_release+0x220/0x220 [ 985.528072][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 985.533228][ C1] ? find_held_lock+0x2d/0x110 [ 985.537979][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 985.543285][ C1] ? __up_read+0x1a1/0x7b0 [ 985.547702][ C1] ? _down_write_nest_lock+0x150/0x150 [ 985.553283][ C1] __x64_sys_futex+0x378/0x4e0 [ 985.558130][ C1] ? do_futex+0x1a60/0x1a60 [ 985.562616][ C1] ? lock_is_held_type+0xb0/0xe0 [ 985.567558][ C1] ? lock_is_held_type+0xb0/0xe0 [ 985.572560][ C1] ? do_syscall_64+0x1c/0xe0 [ 985.577131][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 985.583094][ C1] do_syscall_64+0x60/0xe0 [ 985.587502][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 985.593370][ C1] RIP: 0033:0x45cb29 [ 985.597248][ C1] Code: Bad RIP value. [ 985.601287][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 985.609682][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 985.617646][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 985.625607][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 985.633568][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 985.641877][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 985.649839][ C1] syz-executor.1 S28384 13410 6984 0x00000000 [ 985.656150][ C1] Call Trace: [ 985.659423][ C1] __schedule+0x8e1/0x1eb0 [ 985.663823][ C1] ? io_schedule_timeout+0x140/0x140 [ 985.669091][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 985.674896][ C1] schedule+0xd0/0x2a0 [ 985.678952][ C1] schedule_timeout+0x1d8/0x250 [ 985.683781][ C1] ? usleep_range+0x170/0x170 [ 985.688448][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 985.693536][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 985.699323][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 985.705126][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 985.710749][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 985.716533][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 985.722492][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 985.728274][ C1] ? skb_free_datagram+0xf0/0xf0 [ 985.733344][ C1] ? proto_seq_start+0x50/0x50 [ 985.738178][ C1] ? skb_segment.cold+0x38/0x38 [ 985.743018][ C1] ? mark_lock+0xbc/0x1710 [ 985.747414][ C1] __skb_recv_datagram+0x171/0x220 [ 985.752532][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 985.758147][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 985.763236][ C1] ? __schedule+0x887/0x1eb0 [ 985.767802][ C1] ? lock_is_held_type+0xb0/0xe0 [ 985.772722][ C1] skb_recv_datagram+0xa7/0xe0 [ 985.777490][ C1] ? __skb_recv_datagram+0x220/0x220 [ 985.782770][ C1] ? aa_sk_perm+0x316/0xaa0 [ 985.787337][ C1] ? __might_fault+0xef/0x1d0 [ 985.791997][ C1] raw_recvmsg+0xab/0x550 [ 985.796407][ C1] ? raw_release+0x890/0x890 [ 985.800981][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 985.806443][ C1] ? raw_release+0x890/0x890 [ 985.811011][ C1] ____sys_recvmsg+0x2c4/0x640 [ 985.815771][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 985.821656][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 985.827294][ C1] ? import_iovec+0x23b/0x3d0 [ 985.831955][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 985.837228][ C1] ___sys_recvmsg+0x127/0x200 [ 985.841949][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 985.847573][ C1] ? lock_downgrade+0x820/0x820 [ 985.852398][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 985.857405][ C1] ? __fget_files+0x294/0x400 [ 985.862166][ C1] ? __fget_light+0xea/0x280 [ 985.866735][ C1] do_recvmmsg+0x24d/0x6d0 [ 985.871129][ C1] ? ___sys_recvmsg+0x200/0x200 [ 985.875971][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 985.882462][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 985.887756][ C1] ? put_timespec64+0xcb/0x120 [ 985.892496][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 985.897326][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 985.902337][ C1] ? __do_sys_socketcall+0x550/0x550 [ 985.907597][ C1] ? lock_is_held_type+0xb0/0xe0 [ 985.912509][ C1] ? do_syscall_64+0x1c/0xe0 [ 985.917077][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 985.923047][ C1] do_syscall_64+0x60/0xe0 [ 985.927439][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 985.933321][ C1] RIP: 0033:0x45cb29 [ 985.937185][ C1] Code: Bad RIP value. [ 985.941225][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 985.949607][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 985.957561][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 985.965521][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 985.973470][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 985.981432][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 985.989415][ C1] syz-executor.1 S29976 13416 13410 0x00000000 [ 985.995751][ C1] Call Trace: [ 985.999041][ C1] __schedule+0x8e1/0x1eb0 [ 986.003449][ C1] ? io_schedule_timeout+0x140/0x140 [ 986.008715][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 986.014171][ C1] schedule+0xd0/0x2a0 [ 986.018221][ C1] futex_wait_queue_me+0x2a7/0x570 [ 986.023312][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 986.028483][ C1] ? futex_wake+0x1b5/0x490 [ 986.033053][ C1] ? find_held_lock+0x2d/0x110 [ 986.037807][ C1] futex_wait+0x1df/0x560 [ 986.042115][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 986.047115][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 986.052033][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 986.057225][ C1] ? futex_wake+0x155/0x490 [ 986.061716][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 986.067698][ C1] ? lock_downgrade+0x820/0x820 [ 986.072528][ C1] do_futex+0x15b/0x1a60 [ 986.076754][ C1] ? lock_acquire+0x1f1/0xad0 [ 986.081427][ C1] ? __might_fault+0xef/0x1d0 [ 986.086193][ C1] ? find_held_lock+0x2d/0x110 [ 986.090933][ C1] ? futex_exit_release+0x220/0x220 [ 986.096110][ C1] ? lock_downgrade+0x820/0x820 [ 986.100938][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 986.107157][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 986.112178][ C1] ? __might_fault+0x190/0x1d0 [ 986.116923][ C1] ? _copy_to_user+0x126/0x160 [ 986.121667][ C1] __x64_sys_futex+0x378/0x4e0 [ 986.126431][ C1] ? do_futex+0x1a60/0x1a60 [ 986.130932][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 986.136545][ C1] ? lock_is_held_type+0xb0/0xe0 [ 986.141473][ C1] ? do_syscall_64+0x1c/0xe0 [ 986.146041][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 986.152005][ C1] do_syscall_64+0x60/0xe0 [ 986.156405][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 986.162289][ C1] RIP: 0033:0x45cb29 [ 986.166177][ C1] Code: Bad RIP value. [ 986.170216][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 986.179235][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 986.187358][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 986.195413][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 986.203362][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 986.211314][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 986.219297][ C1] syz-executor.1 S29976 13432 6984 0x00000000 [ 986.225636][ C1] Call Trace: [ 986.228927][ C1] __schedule+0x8e1/0x1eb0 [ 986.233514][ C1] ? io_schedule_timeout+0x140/0x140 [ 986.239063][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 986.245047][ C1] schedule+0xd0/0x2a0 [ 986.249273][ C1] futex_wait_queue_me+0x2a7/0x570 [ 986.254379][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 986.259567][ C1] ? futex_wake+0x1b5/0x490 [ 986.264044][ C1] ? find_held_lock+0x2d/0x110 [ 986.268783][ C1] futex_wait+0x1df/0x560 [ 986.273092][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 986.279257][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 986.284271][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 986.289557][ C1] ? futex_wake+0x155/0x490 [ 986.294046][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 986.300468][ C1] ? lock_downgrade+0x820/0x820 [ 986.305607][ C1] do_futex+0x15b/0x1a60 [ 986.309856][ C1] ? lock_acquire+0x1f1/0xad0 [ 986.315707][ C1] ? __might_fault+0xef/0x1d0 [ 986.320364][ C1] ? find_held_lock+0x2d/0x110 [ 986.325108][ C1] ? futex_exit_release+0x220/0x220 [ 986.330300][ C1] ? lock_downgrade+0x820/0x820 [ 986.335129][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 986.341536][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 986.346557][ C1] ? __might_fault+0x190/0x1d0 [ 986.351469][ C1] ? _copy_to_user+0x126/0x160 [ 986.356229][ C1] __x64_sys_futex+0x378/0x4e0 [ 986.360991][ C1] ? do_futex+0x1a60/0x1a60 [ 986.365579][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 986.371350][ C1] ? lock_is_held_type+0xb0/0xe0 [ 986.376284][ C1] ? do_syscall_64+0x1c/0xe0 [ 986.380878][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 986.387209][ C1] do_syscall_64+0x60/0xe0 [ 986.391607][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 986.397481][ C1] RIP: 0033:0x45cb29 [ 986.401829][ C1] Code: Bad RIP value. [ 986.405960][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 986.414347][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 986.422490][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 986.430857][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 986.438825][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 986.446788][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 986.454760][ C1] syz-executor.1 S28808 13444 6984 0x00000000 [ 986.461105][ C1] Call Trace: [ 986.464602][ C1] __schedule+0x8e1/0x1eb0 [ 986.469032][ C1] ? io_schedule_timeout+0x140/0x140 [ 986.474316][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 986.480242][ C1] schedule+0xd0/0x2a0 [ 986.484313][ C1] futex_wait_queue_me+0x2a7/0x570 [ 986.489433][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 986.495749][ C1] ? futex_wake+0x1b5/0x490 [ 986.500383][ C1] ? find_held_lock+0x2d/0x110 [ 986.505145][ C1] futex_wait+0x1df/0x560 [ 986.509464][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 986.516239][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 986.521697][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 986.526906][ C1] ? futex_wake+0x155/0x490 [ 986.531462][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 986.537455][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 986.543267][ C1] do_futex+0x15b/0x1a60 [ 986.547495][ C1] ? lock_acquire+0x1f1/0xad0 [ 986.552148][ C1] ? __might_fault+0xef/0x1d0 [ 986.557233][ C1] ? find_held_lock+0x2d/0x110 [ 986.561995][ C1] ? futex_exit_release+0x220/0x220 [ 986.567171][ C1] ? lock_downgrade+0x820/0x820 [ 986.572025][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 986.578244][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 986.583251][ C1] ? __might_fault+0x190/0x1d0 [ 986.588359][ C1] ? _copy_to_user+0x126/0x160 [ 986.593453][ C1] __x64_sys_futex+0x378/0x4e0 [ 986.598214][ C1] ? do_futex+0x1a60/0x1a60 [ 986.602702][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 986.608938][ C1] ? lock_is_held_type+0xb0/0xe0 [ 986.613857][ C1] ? do_syscall_64+0x1c/0xe0 [ 986.618519][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 986.624480][ C1] do_syscall_64+0x60/0xe0 [ 986.628880][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 986.634766][ C1] RIP: 0033:0x45cb29 [ 986.638734][ C1] Code: Bad RIP value. [ 986.642799][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 986.651202][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 986.659239][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 986.667217][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 986.676091][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 986.684592][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 986.692580][ C1] syz-executor.1 S29976 13447 13444 0x00000000 [ 986.698997][ C1] Call Trace: [ 986.702274][ C1] __schedule+0x8e1/0x1eb0 [ 986.706676][ C1] ? io_schedule_timeout+0x140/0x140 [ 986.712828][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 986.718277][ C1] schedule+0xd0/0x2a0 [ 986.722325][ C1] futex_wait_queue_me+0x2a7/0x570 [ 986.727612][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 986.732791][ C1] futex_wait+0x1df/0x560 [ 986.737110][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 986.742666][ C1] ? mark_lock+0xbc/0x1710 [ 986.747249][ C1] ? hash_futex+0x12/0x200 [ 986.751656][ C1] ? futex_wake+0x155/0x490 [ 986.757096][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 986.762120][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 986.768085][ C1] ? lock_downgrade+0x820/0x820 [ 986.772927][ C1] do_futex+0x15b/0x1a60 [ 986.777158][ C1] ? lock_acquire+0x1f1/0xad0 [ 986.781826][ C1] ? __might_fault+0xef/0x1d0 [ 986.786523][ C1] ? find_held_lock+0x2d/0x110 [ 986.791268][ C1] ? futex_exit_release+0x220/0x220 [ 986.797052][ C1] ? lock_downgrade+0x820/0x820 [ 986.801905][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 986.808130][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 986.813171][ C1] ? __might_fault+0x190/0x1d0 [ 986.817913][ C1] ? _copy_to_user+0x126/0x160 [ 986.822680][ C1] __x64_sys_futex+0x378/0x4e0 [ 986.827424][ C1] ? do_futex+0x1a60/0x1a60 [ 986.831919][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 986.837537][ C1] ? lock_is_held_type+0xb0/0xe0 [ 986.842467][ C1] ? do_syscall_64+0x1c/0xe0 [ 986.847034][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 986.852993][ C1] do_syscall_64+0x60/0xe0 [ 986.857386][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 986.863255][ C1] RIP: 0033:0x45cb29 [ 986.867119][ C1] Code: Bad RIP value. [ 986.871170][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 986.879553][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 986.887498][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 986.895976][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 986.903921][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 986.911869][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 986.919840][ C1] syz-executor.1 S29976 13465 6984 0x00000000 [ 986.926180][ C1] Call Trace: [ 986.929445][ C1] __schedule+0x8e1/0x1eb0 [ 986.933842][ C1] ? io_schedule_timeout+0x140/0x140 [ 986.939106][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 986.944562][ C1] schedule+0xd0/0x2a0 [ 986.948607][ C1] futex_wait_queue_me+0x2a7/0x570 [ 986.953696][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 986.958915][ C1] futex_wait+0x1df/0x560 [ 986.963231][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 986.968236][ C1] ? mark_lock+0xbc/0x1710 [ 986.972631][ C1] ? hash_futex+0x12/0x200 [ 986.977114][ C1] ? futex_wake+0x155/0x490 [ 986.981616][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 986.986628][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 986.992601][ C1] ? lock_downgrade+0x820/0x820 [ 986.997458][ C1] do_futex+0x15b/0x1a60 [ 987.001771][ C1] ? lock_acquire+0x1f1/0xad0 [ 987.006434][ C1] ? __might_fault+0xef/0x1d0 [ 987.011107][ C1] ? find_held_lock+0x2d/0x110 [ 987.015853][ C1] ? futex_exit_release+0x220/0x220 [ 987.021040][ C1] ? lock_downgrade+0x820/0x820 [ 987.025875][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 987.032094][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 987.037100][ C1] ? __might_fault+0x190/0x1d0 [ 987.041869][ C1] ? _copy_to_user+0x126/0x160 [ 987.046616][ C1] __x64_sys_futex+0x378/0x4e0 [ 987.051379][ C1] ? do_futex+0x1a60/0x1a60 [ 987.055897][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 987.061535][ C1] ? lock_is_held_type+0xb0/0xe0 [ 987.066467][ C1] ? do_syscall_64+0x1c/0xe0 [ 987.071034][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 987.077017][ C1] do_syscall_64+0x60/0xe0 [ 987.081443][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 987.087329][ C1] RIP: 0033:0x45cb29 [ 987.091195][ C1] Code: Bad RIP value. [ 987.095238][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 987.103633][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 987.111582][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 987.119553][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 987.127503][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 987.135583][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 987.143563][ C1] syz-executor.1 S29728 13479 6984 0x00000000 [ 987.149892][ C1] Call Trace: [ 987.153168][ C1] __schedule+0x8e1/0x1eb0 [ 987.157589][ C1] ? io_schedule_timeout+0x140/0x140 [ 987.162852][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 987.168296][ C1] schedule+0xd0/0x2a0 [ 987.172344][ C1] futex_wait_queue_me+0x2a7/0x570 [ 987.177445][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 987.182620][ C1] ? find_held_lock+0x2d/0x110 [ 987.187364][ C1] futex_wait+0x1df/0x560 [ 987.191761][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 987.196763][ C1] ? mark_lock+0xbc/0x1710 [ 987.201156][ C1] ? hash_futex+0x12/0x200 [ 987.205552][ C1] ? futex_wake+0x155/0x490 [ 987.210033][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 987.215045][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 987.221013][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 987.226802][ C1] do_futex+0x15b/0x1a60 [ 987.231052][ C1] ? lock_acquire+0x1f1/0xad0 [ 987.235718][ C1] ? __might_fault+0xef/0x1d0 [ 987.240406][ C1] ? find_held_lock+0x2d/0x110 [ 987.245186][ C1] ? futex_exit_release+0x220/0x220 [ 987.250371][ C1] ? lock_downgrade+0x820/0x820 [ 987.255198][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 987.261420][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 987.266516][ C1] ? __might_fault+0x190/0x1d0 [ 987.271257][ C1] ? _copy_to_user+0x126/0x160 [ 987.276000][ C1] __x64_sys_futex+0x378/0x4e0 [ 987.280743][ C1] ? do_futex+0x1a60/0x1a60 [ 987.285256][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 987.290865][ C1] ? lock_is_held_type+0xb0/0xe0 [ 987.295801][ C1] ? do_syscall_64+0x1c/0xe0 [ 987.300369][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 987.306354][ C1] do_syscall_64+0x60/0xe0 [ 987.310751][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 987.316650][ C1] RIP: 0033:0x45cb29 [ 987.320514][ C1] Code: Bad RIP value. [ 987.324553][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 987.332938][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 987.340887][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 987.348896][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 987.356849][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 987.364812][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 987.372785][ C1] syz-executor.1 S29976 13485 6984 0x00000000 [ 987.379110][ C1] Call Trace: [ 987.382380][ C1] __schedule+0x8e1/0x1eb0 [ 987.386796][ C1] ? io_schedule_timeout+0x140/0x140 [ 987.392057][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 987.397515][ C1] schedule+0xd0/0x2a0 [ 987.401561][ C1] futex_wait_queue_me+0x2a7/0x570 [ 987.406648][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 987.411825][ C1] futex_wait+0x1df/0x560 [ 987.416132][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 987.421132][ C1] ? mark_lock+0xbc/0x1710 [ 987.425536][ C1] ? hash_futex+0x12/0x200 [ 987.429931][ C1] ? futex_wake+0x155/0x490 [ 987.434409][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 987.439422][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 987.445380][ C1] ? preempt_schedule_thunk+0x16/0x18 [ 987.450743][ C1] do_futex+0x15b/0x1a60 [ 987.454969][ C1] ? lock_acquire+0x1f1/0xad0 [ 987.459625][ C1] ? __might_fault+0xef/0x1d0 [ 987.464367][ C1] ? find_held_lock+0x2d/0x110 [ 987.469119][ C1] ? futex_exit_release+0x220/0x220 [ 987.474300][ C1] ? lock_downgrade+0x820/0x820 [ 987.479171][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 987.485436][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 987.490451][ C1] ? __might_fault+0x190/0x1d0 [ 987.495213][ C1] ? _copy_to_user+0x126/0x160 [ 987.499974][ C1] __x64_sys_futex+0x378/0x4e0 [ 987.504731][ C1] ? do_futex+0x1a60/0x1a60 [ 987.509214][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 987.514824][ C1] ? lock_is_held_type+0xb0/0xe0 [ 987.519754][ C1] ? do_syscall_64+0x1c/0xe0 [ 987.524408][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 987.530366][ C1] do_syscall_64+0x60/0xe0 [ 987.534773][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 987.540642][ C1] RIP: 0033:0x45cb29 [ 987.544506][ C1] Code: Bad RIP value. [ 987.548546][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 987.556931][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 987.564875][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 987.572819][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 987.580774][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 987.588720][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 987.596856][ C1] syz-executor.1 S28384 13489 6984 0x00000000 [ 987.603182][ C1] Call Trace: [ 987.606462][ C1] __schedule+0x8e1/0x1eb0 [ 987.610859][ C1] ? io_schedule_timeout+0x140/0x140 [ 987.616133][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 987.621571][ C1] schedule+0xd0/0x2a0 [ 987.625628][ C1] futex_wait_queue_me+0x2a7/0x570 [ 987.630713][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 987.635907][ C1] ? futex_wake+0x1b5/0x490 [ 987.644565][ C1] ? find_held_lock+0x2d/0x110 [ 987.649310][ C1] futex_wait+0x1df/0x560 [ 987.653632][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 987.658630][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 987.663562][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 987.668749][ C1] ? futex_wake+0x155/0x490 [ 987.673410][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 987.679368][ C1] do_futex+0x15b/0x1a60 [ 987.683592][ C1] ? lock_acquire+0x1f1/0xad0 [ 987.688246][ C1] ? __might_fault+0xef/0x1d0 [ 987.692923][ C1] ? find_held_lock+0x2d/0x110 [ 987.697667][ C1] ? futex_exit_release+0x220/0x220 [ 987.702857][ C1] ? lock_downgrade+0x820/0x820 [ 987.707686][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 987.713910][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 987.718936][ C1] ? __might_fault+0x190/0x1d0 [ 987.723677][ C1] ? _copy_to_user+0x126/0x160 [ 987.728434][ C1] __x64_sys_futex+0x378/0x4e0 [ 987.733193][ C1] ? do_futex+0x1a60/0x1a60 [ 987.737675][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 987.743286][ C1] ? lock_is_held_type+0xb0/0xe0 [ 987.748199][ C1] ? do_syscall_64+0x1c/0xe0 [ 987.752787][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 987.758773][ C1] do_syscall_64+0x60/0xe0 [ 987.763184][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 987.769055][ C1] RIP: 0033:0x45cb29 [ 987.772936][ C1] Code: Bad RIP value. [ 987.777008][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 987.785394][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 987.793347][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 987.801296][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 987.809246][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 987.817195][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 987.825172][ C1] syz-executor.1 S28896 13510 6984 0x00000000 [ 987.831659][ C1] Call Trace: [ 987.834942][ C1] __schedule+0x8e1/0x1eb0 [ 987.839341][ C1] ? io_schedule_timeout+0x140/0x140 [ 987.844603][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 987.850404][ C1] schedule+0xd0/0x2a0 [ 987.854452][ C1] schedule_timeout+0x1d8/0x250 [ 987.859303][ C1] ? usleep_range+0x170/0x170 [ 987.863960][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 987.869063][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 987.874858][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 987.880645][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 987.886794][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 987.892576][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 987.898549][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 987.904339][ C1] ? skb_free_datagram+0xf0/0xf0 [ 987.909276][ C1] ? proto_seq_start+0x50/0x50 [ 987.914198][ C1] ? skb_segment.cold+0x38/0x38 [ 987.919029][ C1] ? mark_lock+0xbc/0x1710 [ 987.923437][ C1] __skb_recv_datagram+0x171/0x220 [ 987.928530][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 987.934314][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 987.939401][ C1] ? __schedule+0x887/0x1eb0 [ 987.944142][ C1] ? lock_is_held_type+0xb0/0xe0 [ 987.949074][ C1] skb_recv_datagram+0xa7/0xe0 [ 987.953839][ C1] ? __skb_recv_datagram+0x220/0x220 [ 987.959101][ C1] ? aa_sk_perm+0x316/0xaa0 [ 987.963582][ C1] ? __might_fault+0xef/0x1d0 [ 987.968252][ C1] raw_recvmsg+0xab/0x550 [ 987.972558][ C1] ? raw_release+0x890/0x890 [ 987.977148][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 987.982595][ C1] ? raw_release+0x890/0x890 [ 987.987262][ C1] ____sys_recvmsg+0x2c4/0x640 [ 987.992010][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 987.997970][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 988.003595][ C1] ? import_iovec+0x23b/0x3d0 [ 988.008249][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 988.013514][ C1] ___sys_recvmsg+0x127/0x200 [ 988.018186][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 988.023818][ C1] ? lock_downgrade+0x820/0x820 [ 988.028666][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 988.033687][ C1] ? __fget_files+0x294/0x400 [ 988.038343][ C1] ? __fget_light+0xea/0x280 [ 988.042910][ C1] do_recvmmsg+0x24d/0x6d0 [ 988.047306][ C1] ? ___sys_recvmsg+0x200/0x200 [ 988.052134][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 988.058352][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 988.063361][ C1] ? put_timespec64+0xcb/0x120 [ 988.068125][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 988.072958][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 988.077962][ C1] ? __do_sys_socketcall+0x550/0x550 [ 988.083227][ C1] ? lock_is_held_type+0xb0/0xe0 [ 988.088145][ C1] ? do_syscall_64+0x1c/0xe0 [ 988.092718][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 988.098698][ C1] do_syscall_64+0x60/0xe0 [ 988.103093][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 988.108964][ C1] RIP: 0033:0x45cb29 [ 988.112830][ C1] Code: Bad RIP value. [ 988.116893][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 988.125279][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 988.133227][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 988.141182][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 988.149153][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 988.157124][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 988.166052][ C1] syz-executor.1 S29976 13513 13510 0x00000000 [ 988.172390][ C1] Call Trace: [ 988.175679][ C1] __schedule+0x8e1/0x1eb0 [ 988.180090][ C1] ? io_schedule_timeout+0x140/0x140 [ 988.185353][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 988.190792][ C1] schedule+0xd0/0x2a0 [ 988.194839][ C1] futex_wait_queue_me+0x2a7/0x570 [ 988.199933][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 988.205109][ C1] futex_wait+0x1df/0x560 [ 988.209417][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 988.214434][ C1] ? mark_lock+0xbc/0x1710 [ 988.218832][ C1] ? hash_futex+0x12/0x200 [ 988.223249][ C1] ? futex_wake+0x155/0x490 [ 988.227739][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 988.232750][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 988.238711][ C1] ? lock_downgrade+0x820/0x820 [ 988.243538][ C1] do_futex+0x15b/0x1a60 [ 988.247763][ C1] ? lock_acquire+0x1f1/0xad0 [ 988.252413][ C1] ? __might_fault+0xef/0x1d0 [ 988.257092][ C1] ? find_held_lock+0x2d/0x110 [ 988.261832][ C1] ? futex_exit_release+0x220/0x220 [ 988.267037][ C1] ? lock_downgrade+0x820/0x820 [ 988.271870][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 988.278085][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 988.283117][ C1] ? __might_fault+0x190/0x1d0 [ 988.287899][ C1] ? _copy_to_user+0x126/0x160 [ 988.292657][ C1] __x64_sys_futex+0x378/0x4e0 [ 988.297602][ C1] ? do_futex+0x1a60/0x1a60 [ 988.302107][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 988.307724][ C1] ? lock_is_held_type+0xb0/0xe0 [ 988.312652][ C1] ? do_syscall_64+0x1c/0xe0 [ 988.317233][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 988.323197][ C1] do_syscall_64+0x60/0xe0 [ 988.327593][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 988.333479][ C1] RIP: 0033:0x45cb29 [ 988.337346][ C1] Code: Bad RIP value. [ 988.341387][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 988.350296][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 988.358257][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 988.366220][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 988.374168][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 988.382132][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 988.390093][ C1] syz-executor.1 S29976 13526 6984 0x00000000 [ 988.396423][ C1] Call Trace: [ 988.399714][ C1] __schedule+0x8e1/0x1eb0 [ 988.404129][ C1] ? io_schedule_timeout+0x140/0x140 [ 988.409402][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 988.414861][ C1] schedule+0xd0/0x2a0 [ 988.419059][ C1] futex_wait_queue_me+0x2a7/0x570 [ 988.424166][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 988.429363][ C1] futex_wait+0x1df/0x560 [ 988.433677][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 988.438695][ C1] ? mark_lock+0xbc/0x1710 [ 988.443089][ C1] ? hash_futex+0x12/0x200 [ 988.447486][ C1] ? futex_wake+0x155/0x490 [ 988.451967][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 988.457156][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 988.463157][ C1] ? lock_downgrade+0x820/0x820 [ 988.468176][ C1] do_futex+0x15b/0x1a60 [ 988.472403][ C1] ? lock_acquire+0x1f1/0xad0 [ 988.477057][ C1] ? __might_fault+0xef/0x1d0 [ 988.481712][ C1] ? find_held_lock+0x2d/0x110 [ 988.486454][ C1] ? futex_exit_release+0x220/0x220 [ 988.491689][ C1] ? lock_downgrade+0x820/0x820 [ 988.496533][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 988.502754][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 988.507761][ C1] ? __might_fault+0x190/0x1d0 [ 988.512501][ C1] ? _copy_to_user+0x126/0x160 [ 988.517243][ C1] __x64_sys_futex+0x378/0x4e0 [ 988.521983][ C1] ? do_futex+0x1a60/0x1a60 [ 988.526462][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 988.532071][ C1] ? lock_is_held_type+0xb0/0xe0 [ 988.537005][ C1] ? do_syscall_64+0x1c/0xe0 [ 988.541663][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 988.547633][ C1] do_syscall_64+0x60/0xe0 [ 988.552087][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 988.557997][ C1] RIP: 0033:0x45cb29 [ 988.561862][ C1] Code: Bad RIP value. [ 988.565903][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 988.574345][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 988.582860][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 988.590833][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 988.598809][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 988.606758][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 988.614722][ C1] syz-executor.1 S29976 13561 6984 0x00000000 [ 988.621037][ C1] Call Trace: [ 988.624311][ C1] __schedule+0x8e1/0x1eb0 [ 988.628730][ C1] ? io_schedule_timeout+0x140/0x140 [ 988.634222][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 988.640302][ C1] schedule+0xd0/0x2a0 [ 988.644412][ C1] futex_wait_queue_me+0x2a7/0x570 [ 988.649502][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 988.654722][ C1] futex_wait+0x1df/0x560 [ 988.659033][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 988.664048][ C1] ? hash_futex+0x12/0x200 [ 988.668494][ C1] ? futex_wake+0x155/0x490 [ 988.672985][ C1] ? lock_downgrade+0x820/0x820 [ 988.677814][ C1] do_futex+0x15b/0x1a60 [ 988.682060][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 988.687236][ C1] ? _raw_spin_unlock+0x24/0x40 [ 988.692095][ C1] ? do_wp_page+0x16a/0x1950 [ 988.696709][ C1] ? futex_exit_release+0x220/0x220 [ 988.701921][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 988.706940][ C1] ? find_held_lock+0x2d/0x110 [ 988.711687][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 988.716867][ C1] ? __up_read+0x1a1/0x7b0 [ 988.721263][ C1] ? _down_write_nest_lock+0x150/0x150 [ 988.726702][ C1] __x64_sys_futex+0x378/0x4e0 [ 988.731445][ C1] ? do_futex+0x1a60/0x1a60 [ 988.735931][ C1] ? lock_is_held_type+0xb0/0xe0 [ 988.740841][ C1] ? lock_is_held_type+0xb0/0xe0 [ 988.745750][ C1] ? do_syscall_64+0x1c/0xe0 [ 988.750333][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 988.756287][ C1] do_syscall_64+0x60/0xe0 [ 988.760679][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 988.766547][ C1] RIP: 0033:0x45cb29 [ 988.770412][ C1] Code: Bad RIP value. [ 988.774453][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 988.782838][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 988.790803][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 988.798750][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 988.806698][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 988.814655][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 988.822620][ C1] syz-executor.1 S29056 13596 6984 0x00000000 [ 988.828939][ C1] Call Trace: [ 988.832223][ C1] __schedule+0x8e1/0x1eb0 [ 988.836627][ C1] ? io_schedule_timeout+0x140/0x140 [ 988.841904][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 988.847343][ C1] schedule+0xd0/0x2a0 [ 988.851413][ C1] futex_wait_queue_me+0x2a7/0x570 [ 988.856500][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 988.861673][ C1] ? futex_wake+0x1b5/0x490 [ 988.866158][ C1] ? find_held_lock+0x2d/0x110 [ 988.870916][ C1] futex_wait+0x1df/0x560 [ 988.875228][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 988.880231][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 988.885148][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 988.890323][ C1] ? futex_wake+0x155/0x490 [ 988.894815][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 988.900769][ C1] ? lock_downgrade+0x820/0x820 [ 988.905602][ C1] do_futex+0x15b/0x1a60 [ 988.909829][ C1] ? lock_acquire+0x1f1/0xad0 [ 988.914483][ C1] ? __might_fault+0xef/0x1d0 [ 988.919139][ C1] ? find_held_lock+0x2d/0x110 [ 988.923878][ C1] ? futex_exit_release+0x220/0x220 [ 988.929055][ C1] ? lock_downgrade+0x820/0x820 [ 988.933883][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 988.940101][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 988.945105][ C1] ? __might_fault+0x190/0x1d0 [ 988.949848][ C1] ? _copy_to_user+0x126/0x160 [ 988.954606][ C1] __x64_sys_futex+0x378/0x4e0 [ 988.959362][ C1] ? do_futex+0x1a60/0x1a60 [ 988.963839][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 988.969452][ C1] ? lock_is_held_type+0xb0/0xe0 [ 988.974366][ C1] ? do_syscall_64+0x1c/0xe0 [ 988.978935][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 988.984891][ C1] do_syscall_64+0x60/0xe0 [ 988.989290][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 988.995157][ C1] RIP: 0033:0x45cb29 [ 988.999022][ C1] Code: Bad RIP value. [ 989.003065][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 989.011451][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 989.019404][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 989.027366][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 989.035417][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 989.043386][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 989.051375][ C1] syz-executor.1 S27152 13610 6984 0x00000000 [ 989.057725][ C1] Call Trace: [ 989.061000][ C1] __schedule+0x8e1/0x1eb0 [ 989.065413][ C1] ? io_schedule_timeout+0x140/0x140 [ 989.070679][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 989.076116][ C1] schedule+0xd0/0x2a0 [ 989.080170][ C1] futex_wait_queue_me+0x2a7/0x570 [ 989.085274][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 989.090468][ C1] ? find_held_lock+0x2d/0x110 [ 989.095229][ C1] futex_wait+0x1df/0x560 [ 989.099561][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 989.104573][ C1] ? mark_lock+0xbc/0x1710 [ 989.108984][ C1] ? hash_futex+0x12/0x200 [ 989.113388][ C1] ? futex_wake+0x155/0x490 [ 989.117880][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 989.122889][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 989.128861][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 989.134677][ C1] do_futex+0x15b/0x1a60 [ 989.138905][ C1] ? lock_acquire+0x1f1/0xad0 [ 989.143556][ C1] ? __might_fault+0xef/0x1d0 [ 989.148224][ C1] ? find_held_lock+0x2d/0x110 [ 989.152963][ C1] ? futex_exit_release+0x220/0x220 [ 989.158137][ C1] ? lock_downgrade+0x820/0x820 [ 989.162977][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 989.169209][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 989.174214][ C1] ? __might_fault+0x190/0x1d0 [ 989.179042][ C1] ? _copy_to_user+0x126/0x160 [ 989.183789][ C1] __x64_sys_futex+0x378/0x4e0 [ 989.189143][ C1] ? do_futex+0x1a60/0x1a60 [ 989.194100][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 989.199807][ C1] ? lock_is_held_type+0xb0/0xe0 [ 989.204729][ C1] ? do_syscall_64+0x1c/0xe0 [ 989.209305][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 989.215355][ C1] do_syscall_64+0x60/0xe0 [ 989.219769][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 989.225674][ C1] RIP: 0033:0x45cb29 [ 989.229543][ C1] Code: Bad RIP value. [ 989.233605][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 989.241998][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 989.249945][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 989.257915][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 989.266070][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 989.274045][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 989.282015][ C1] syz-executor.1 S29976 13615 6984 0x00000000 [ 989.288345][ C1] Call Trace: [ 989.291618][ C1] __schedule+0x8e1/0x1eb0 [ 989.296033][ C1] ? io_schedule_timeout+0x140/0x140 [ 989.301388][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 989.306846][ C1] schedule+0xd0/0x2a0 [ 989.310896][ C1] futex_wait_queue_me+0x2a7/0x570 [ 989.315986][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 989.321165][ C1] ? futex_wake+0x1b5/0x490 [ 989.325647][ C1] ? find_held_lock+0x2d/0x110 [ 989.330400][ C1] futex_wait+0x1df/0x560 [ 989.334718][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 989.339748][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 989.344808][ C1] ? lock_downgrade+0x820/0x820 [ 989.349660][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 989.354891][ C1] ? futex_wake+0x155/0x490 [ 989.359375][ C1] ? follow_pfn+0x250/0x250 [ 989.363899][ C1] ? lock_downgrade+0x820/0x820 [ 989.368861][ C1] do_futex+0x15b/0x1a60 [ 989.373123][ C1] ? do_wp_page+0x16a/0x1950 [ 989.377702][ C1] ? futex_exit_release+0x220/0x220 [ 989.382887][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 989.387889][ C1] ? find_held_lock+0x2d/0x110 [ 989.392774][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 989.397978][ C1] ? __up_read+0x1a1/0x7b0 [ 989.402393][ C1] ? _down_write_nest_lock+0x150/0x150 [ 989.407833][ C1] __x64_sys_futex+0x378/0x4e0 [ 989.412587][ C1] ? do_futex+0x1a60/0x1a60 [ 989.417066][ C1] ? lock_is_held_type+0xb0/0xe0 [ 989.421982][ C1] ? lock_is_held_type+0xb0/0xe0 [ 989.427033][ C1] ? do_syscall_64+0x1c/0xe0 [ 989.431606][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 989.437566][ C1] do_syscall_64+0x60/0xe0 [ 989.441973][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 989.447843][ C1] RIP: 0033:0x45cb29 [ 989.451724][ C1] Code: Bad RIP value. [ 989.455764][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 989.464150][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 989.472097][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 989.480278][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 989.488249][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 989.496221][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 989.504188][ C1] syz-executor.1 S29976 13637 6984 0x00000000 [ 989.510525][ C1] Call Trace: [ 989.513819][ C1] __schedule+0x8e1/0x1eb0 [ 989.518215][ C1] ? io_schedule_timeout+0x140/0x140 [ 989.523473][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 989.529000][ C1] schedule+0xd0/0x2a0 [ 989.533048][ C1] futex_wait_queue_me+0x2a7/0x570 [ 989.538142][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 989.543319][ C1] futex_wait+0x1df/0x560 [ 989.547628][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 989.552643][ C1] ? hash_futex+0x12/0x200 [ 989.557038][ C1] ? futex_wake+0x155/0x490 [ 989.561539][ C1] ? lock_downgrade+0x820/0x820 [ 989.566365][ C1] do_futex+0x15b/0x1a60 [ 989.570594][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 989.575868][ C1] ? _raw_spin_unlock+0x24/0x40 [ 989.580888][ C1] ? do_wp_page+0x16a/0x1950 [ 989.585462][ C1] ? futex_exit_release+0x220/0x220 [ 989.591200][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 989.596364][ C1] ? find_held_lock+0x2d/0x110 [ 989.601569][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 989.606756][ C1] ? __up_read+0x1a1/0x7b0 [ 989.611158][ C1] ? _down_write_nest_lock+0x150/0x150 [ 989.616882][ C1] __x64_sys_futex+0x378/0x4e0 [ 989.621697][ C1] ? do_futex+0x1a60/0x1a60 [ 989.626183][ C1] ? lock_is_held_type+0xb0/0xe0 [ 989.631147][ C1] ? lock_is_held_type+0xb0/0xe0 [ 989.636759][ C1] ? do_syscall_64+0x1c/0xe0 [ 989.642136][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 989.648098][ C1] do_syscall_64+0x60/0xe0 [ 989.653028][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 989.659113][ C1] RIP: 0033:0x45cb29 [ 989.663006][ C1] Code: Bad RIP value. [ 989.667088][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 989.675476][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 989.684080][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 989.692753][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 989.701221][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 989.709182][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 989.717149][ C1] syz-executor.1 S28280 13648 6984 0x00000000 [ 989.724175][ C1] Call Trace: [ 989.727457][ C1] __schedule+0x8e1/0x1eb0 [ 989.732135][ C1] ? io_schedule_timeout+0x140/0x140 [ 989.737548][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 989.742998][ C1] schedule+0xd0/0x2a0 [ 989.747049][ C1] futex_wait_queue_me+0x2a7/0x570 [ 989.752225][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 989.757506][ C1] ? futex_wake+0x1b5/0x490 [ 989.761998][ C1] ? find_held_lock+0x2d/0x110 [ 989.766747][ C1] futex_wait+0x1df/0x560 [ 989.771667][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 989.776855][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 989.781882][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 989.788535][ C1] ? futex_wake+0x155/0x490 [ 989.793025][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 989.798986][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 989.804918][ C1] do_futex+0x15b/0x1a60 [ 989.809165][ C1] ? lock_acquire+0x1f1/0xad0 [ 989.813993][ C1] ? __might_fault+0xef/0x1d0 [ 989.818739][ C1] ? find_held_lock+0x2d/0x110 [ 989.823481][ C1] ? futex_exit_release+0x220/0x220 [ 989.828746][ C1] ? lock_downgrade+0x820/0x820 [ 989.833583][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 989.839816][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 989.844822][ C1] ? __might_fault+0x190/0x1d0 [ 989.849564][ C1] ? _copy_to_user+0x126/0x160 [ 989.854308][ C1] __x64_sys_futex+0x378/0x4e0 [ 989.859234][ C1] ? do_futex+0x1a60/0x1a60 [ 989.863726][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 989.869345][ C1] ? lock_is_held_type+0xb0/0xe0 [ 989.874359][ C1] ? do_syscall_64+0x1c/0xe0 [ 989.878947][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 989.884951][ C1] do_syscall_64+0x60/0xe0 [ 989.889352][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 989.895219][ C1] RIP: 0033:0x45cb29 [ 989.899087][ C1] Code: Bad RIP value. [ 989.903138][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 989.911526][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 989.919475][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 989.927423][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 989.935389][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 989.943346][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 989.951308][ C1] syz-executor.1 S29976 13651 13648 0x00000000 [ 989.957621][ C1] Call Trace: [ 989.960903][ C1] __schedule+0x8e1/0x1eb0 [ 989.965384][ C1] ? io_schedule_timeout+0x140/0x140 [ 989.970668][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 989.976131][ C1] schedule+0xd0/0x2a0 [ 989.980188][ C1] futex_wait_queue_me+0x2a7/0x570 [ 989.985276][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 989.990486][ C1] ? futex_wake+0x1b5/0x490 [ 989.994979][ C1] ? find_held_lock+0x2d/0x110 [ 989.999743][ C1] futex_wait+0x1df/0x560 [ 990.004054][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 990.009143][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 990.014057][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 990.019232][ C1] ? futex_wake+0x155/0x490 [ 990.023724][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 990.031002][ C1] ? lock_downgrade+0x820/0x820 [ 990.036227][ C1] do_futex+0x15b/0x1a60 [ 990.040471][ C1] ? lock_acquire+0x1f1/0xad0 [ 990.045363][ C1] ? __might_fault+0xef/0x1d0 [ 990.050130][ C1] ? find_held_lock+0x2d/0x110 [ 990.054909][ C1] ? futex_exit_release+0x220/0x220 [ 990.060104][ C1] ? lock_downgrade+0x820/0x820 [ 990.065042][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 990.071276][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 990.076285][ C1] ? __might_fault+0x190/0x1d0 [ 990.081029][ C1] ? _copy_to_user+0x126/0x160 [ 990.085811][ C1] __x64_sys_futex+0x378/0x4e0 [ 990.090575][ C1] ? do_futex+0x1a60/0x1a60 [ 990.095153][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 990.101128][ C1] ? lock_is_held_type+0xb0/0xe0 [ 990.106140][ C1] ? do_syscall_64+0x1c/0xe0 [ 990.110707][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 990.116677][ C1] do_syscall_64+0x60/0xe0 [ 990.121079][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 990.126953][ C1] RIP: 0033:0x45cb29 [ 990.130979][ C1] Code: Bad RIP value. [ 990.135239][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 990.144025][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 990.152294][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 990.160281][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 990.169723][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 990.177681][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 990.185729][ C1] syz-executor.1 S29976 13674 6984 0x00000000 [ 990.192150][ C1] Call Trace: [ 990.195425][ C1] __schedule+0x8e1/0x1eb0 [ 990.199821][ C1] ? io_schedule_timeout+0x140/0x140 [ 990.205199][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 990.210702][ C1] schedule+0xd0/0x2a0 [ 990.214760][ C1] futex_wait_queue_me+0x2a7/0x570 [ 990.220080][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 990.225289][ C1] futex_wait+0x1df/0x560 [ 990.229637][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 990.234658][ C1] ? mark_lock+0xbc/0x1710 [ 990.239432][ C1] ? hash_futex+0x12/0x200 [ 990.243833][ C1] ? futex_wake+0x155/0x490 [ 990.248407][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 990.253431][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 990.259388][ C1] ? lock_downgrade+0x820/0x820 [ 990.264215][ C1] do_futex+0x15b/0x1a60 [ 990.268438][ C1] ? lock_acquire+0x1f1/0xad0 [ 990.273089][ C1] ? __might_fault+0xef/0x1d0 [ 990.277744][ C1] ? find_held_lock+0x2d/0x110 [ 990.282483][ C1] ? futex_exit_release+0x220/0x220 [ 990.287674][ C1] ? lock_downgrade+0x820/0x820 [ 990.292523][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 990.298762][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 990.303790][ C1] ? __might_fault+0x190/0x1d0 [ 990.308546][ C1] ? _copy_to_user+0x126/0x160 [ 990.313348][ C1] __x64_sys_futex+0x378/0x4e0 [ 990.318112][ C1] ? do_futex+0x1a60/0x1a60 [ 990.323044][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 990.328683][ C1] ? lock_is_held_type+0xb0/0xe0 [ 990.333722][ C1] ? do_syscall_64+0x1c/0xe0 [ 990.338313][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 990.344367][ C1] do_syscall_64+0x60/0xe0 [ 990.348781][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 990.354744][ C1] RIP: 0033:0x45cb29 [ 990.358618][ C1] Code: Bad RIP value. [ 990.362795][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 990.371271][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 990.379306][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 990.387253][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 990.395271][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 990.403251][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 990.411223][ C1] syz-executor.1 S29976 13694 6984 0x00000000 [ 990.417743][ C1] Call Trace: [ 990.421032][ C1] __schedule+0x8e1/0x1eb0 [ 990.425463][ C1] ? io_schedule_timeout+0x140/0x140 [ 990.430932][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 990.436375][ C1] schedule+0xd0/0x2a0 [ 990.440425][ C1] futex_wait_queue_me+0x2a7/0x570 [ 990.445516][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 990.450822][ C1] ? futex_wake+0x1b5/0x490 [ 990.456172][ C1] ? find_held_lock+0x2d/0x110 [ 990.461325][ C1] futex_wait+0x1df/0x560 [ 990.465666][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 990.470870][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 990.475995][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 990.481202][ C1] ? futex_wake+0x155/0x490 [ 990.485701][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 990.492282][ C1] ? lock_downgrade+0x820/0x820 [ 990.497125][ C1] do_futex+0x15b/0x1a60 [ 990.501382][ C1] ? lock_acquire+0x1f1/0xad0 [ 990.506051][ C1] ? __might_fault+0xef/0x1d0 [ 990.510705][ C1] ? find_held_lock+0x2d/0x110 [ 990.515547][ C1] ? futex_exit_release+0x220/0x220 [ 990.522114][ C1] ? lock_downgrade+0x820/0x820 [ 990.527063][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 990.533577][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 990.538826][ C1] ? __might_fault+0x190/0x1d0 [ 990.544014][ C1] ? _copy_to_user+0x126/0x160 [ 990.549059][ C1] __x64_sys_futex+0x378/0x4e0 [ 990.554265][ C1] ? do_futex+0x1a60/0x1a60 [ 990.558915][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 990.565155][ C1] ? lock_is_held_type+0xb0/0xe0 [ 990.570102][ C1] ? do_syscall_64+0x1c/0xe0 [ 990.574682][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 990.580658][ C1] do_syscall_64+0x60/0xe0 [ 990.585053][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 990.590942][ C1] RIP: 0033:0x45cb29 [ 990.594808][ C1] Code: Bad RIP value. [ 990.598940][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 990.607362][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 990.615324][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 990.623288][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 990.631338][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 990.639658][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 990.647632][ C1] syz-executor.1 S29976 13701 6984 0x00000000 [ 990.653961][ C1] Call Trace: [ 990.657253][ C1] __schedule+0x8e1/0x1eb0 [ 990.661739][ C1] ? io_schedule_timeout+0x140/0x140 [ 990.667003][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 990.672450][ C1] schedule+0xd0/0x2a0 [ 990.676530][ C1] futex_wait_queue_me+0x2a7/0x570 [ 990.681618][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 990.686790][ C1] ? futex_wake+0x1b5/0x490 [ 990.691270][ C1] ? find_held_lock+0x2d/0x110 [ 990.696010][ C1] futex_wait+0x1df/0x560 [ 990.700317][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 990.705315][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 990.710230][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 990.715424][ C1] ? futex_wake+0x155/0x490 [ 990.719926][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 990.725989][ C1] ? lock_downgrade+0x820/0x820 [ 990.730820][ C1] do_futex+0x15b/0x1a60 [ 990.735045][ C1] ? lock_acquire+0x1f1/0xad0 [ 990.739706][ C1] ? __might_fault+0xef/0x1d0 [ 990.744618][ C1] ? find_held_lock+0x2d/0x110 [ 990.749607][ C1] ? futex_exit_release+0x220/0x220 [ 990.754936][ C1] ? lock_downgrade+0x820/0x820 [ 990.759773][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 990.766009][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 990.771026][ C1] ? __might_fault+0x190/0x1d0 [ 990.775767][ C1] ? _copy_to_user+0x126/0x160 [ 990.780513][ C1] __x64_sys_futex+0x378/0x4e0 [ 990.785259][ C1] ? do_futex+0x1a60/0x1a60 [ 990.789778][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 990.795406][ C1] ? lock_is_held_type+0xb0/0xe0 [ 990.800329][ C1] ? do_syscall_64+0x1c/0xe0 [ 990.804901][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 990.811095][ C1] do_syscall_64+0x60/0xe0 [ 990.815503][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 990.821390][ C1] RIP: 0033:0x45cb29 [ 990.825261][ C1] Code: Bad RIP value. [ 990.829301][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 990.837797][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 990.845958][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 990.853931][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 990.863109][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 990.871073][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 990.879534][ C1] syz-executor.1 S28896 13720 6984 0x00000000 [ 990.886091][ C1] Call Trace: [ 990.889832][ C1] __schedule+0x8e1/0x1eb0 [ 990.895171][ C1] ? io_schedule_timeout+0x140/0x140 [ 990.900446][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 990.906418][ C1] schedule+0xd0/0x2a0 [ 990.910595][ C1] schedule_timeout+0x1d8/0x250 [ 990.915537][ C1] ? usleep_range+0x170/0x170 [ 990.920432][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 990.925529][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 990.931314][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 990.937103][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 990.942742][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 990.948536][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 990.954587][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 990.960417][ C1] ? skb_free_datagram+0xf0/0xf0 [ 990.965351][ C1] ? proto_seq_start+0x50/0x50 [ 990.970092][ C1] ? skb_segment.cold+0x38/0x38 [ 990.974925][ C1] ? mark_lock+0xbc/0x1710 [ 990.979334][ C1] __skb_recv_datagram+0x171/0x220 [ 990.984527][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 990.990349][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 990.995440][ C1] ? __schedule+0x887/0x1eb0 [ 991.000011][ C1] ? lock_is_held_type+0xb0/0xe0 [ 991.004928][ C1] skb_recv_datagram+0xa7/0xe0 [ 991.009698][ C1] ? __skb_recv_datagram+0x220/0x220 [ 991.014966][ C1] ? aa_sk_perm+0x316/0xaa0 [ 991.019465][ C1] ? __might_fault+0xef/0x1d0 [ 991.024126][ C1] raw_recvmsg+0xab/0x550 [ 991.028437][ C1] ? raw_release+0x890/0x890 [ 991.033024][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 991.038465][ C1] ? raw_release+0x890/0x890 [ 991.043058][ C1] ____sys_recvmsg+0x2c4/0x640 [ 991.047985][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 991.053861][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 991.059476][ C1] ? import_iovec+0x23b/0x3d0 [ 991.064133][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 991.069400][ C1] ___sys_recvmsg+0x127/0x200 [ 991.074055][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 991.079670][ C1] ? lock_downgrade+0x820/0x820 [ 991.084512][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 991.089535][ C1] ? __fget_files+0x294/0x400 [ 991.094208][ C1] ? __fget_light+0xea/0x280 [ 991.098805][ C1] do_recvmmsg+0x24d/0x6d0 [ 991.103235][ C1] ? ___sys_recvmsg+0x200/0x200 [ 991.108074][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 991.114426][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 991.119441][ C1] ? put_timespec64+0xcb/0x120 [ 991.124209][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 991.129080][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 991.134091][ C1] ? __do_sys_socketcall+0x550/0x550 [ 991.139372][ C1] ? lock_is_held_type+0xb0/0xe0 [ 991.145005][ C1] ? do_syscall_64+0x1c/0xe0 [ 991.149602][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 991.155839][ C1] do_syscall_64+0x60/0xe0 [ 991.160324][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 991.166314][ C1] RIP: 0033:0x45cb29 [ 991.170211][ C1] Code: Bad RIP value. [ 991.174341][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 991.182770][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 991.190832][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 991.199136][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 991.207483][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 991.215750][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 991.223747][ C1] syz-executor.1 S29976 13727 13720 0x00000000 [ 991.230179][ C1] Call Trace: [ 991.233480][ C1] __schedule+0x8e1/0x1eb0 [ 991.237885][ C1] ? io_schedule_timeout+0x140/0x140 [ 991.245947][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 991.252424][ C1] schedule+0xd0/0x2a0 [ 991.256858][ C1] futex_wait_queue_me+0x2a7/0x570 [ 991.262452][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 991.267708][ C1] ? futex_wake+0x1b5/0x490 [ 991.272194][ C1] ? find_held_lock+0x2d/0x110 [ 991.278006][ C1] futex_wait+0x1df/0x560 [ 991.282899][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 991.288097][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 991.293050][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 991.298280][ C1] ? futex_wake+0x155/0x490 [ 991.302776][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 991.308828][ C1] ? lock_downgrade+0x820/0x820 [ 991.313709][ C1] do_futex+0x15b/0x1a60 [ 991.317961][ C1] ? lock_acquire+0x1f1/0xad0 [ 991.322644][ C1] ? __might_fault+0xef/0x1d0 [ 991.327329][ C1] ? find_held_lock+0x2d/0x110 [ 991.332086][ C1] ? futex_exit_release+0x220/0x220 [ 991.337268][ C1] ? lock_downgrade+0x820/0x820 [ 991.342097][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 991.348317][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 991.353324][ C1] ? __might_fault+0x190/0x1d0 [ 991.358133][ C1] ? _copy_to_user+0x126/0x160 [ 991.362903][ C1] __x64_sys_futex+0x378/0x4e0 [ 991.367743][ C1] ? do_futex+0x1a60/0x1a60 [ 991.372245][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 991.377856][ C1] ? lock_is_held_type+0xb0/0xe0 [ 991.382782][ C1] ? do_syscall_64+0x1c/0xe0 [ 991.387350][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 991.393308][ C1] do_syscall_64+0x60/0xe0 [ 991.397715][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 991.403600][ C1] RIP: 0033:0x45cb29 [ 991.407484][ C1] Code: Bad RIP value. [ 991.411528][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 991.420201][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 991.428167][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 991.436133][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 991.444082][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 991.454843][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 991.463258][ C1] syz-executor.1 S29728 13738 13720 0x00000000 [ 991.469750][ C1] Call Trace: [ 991.473203][ C1] __schedule+0x8e1/0x1eb0 [ 991.477676][ C1] ? io_schedule_timeout+0x140/0x140 [ 991.482955][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 991.488418][ C1] schedule+0xd0/0x2a0 [ 991.492503][ C1] futex_wait_queue_me+0x2a7/0x570 [ 991.497650][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 991.502998][ C1] ? futex_wake+0x1b5/0x490 [ 991.507547][ C1] ? find_held_lock+0x2d/0x110 [ 991.512308][ C1] futex_wait+0x1df/0x560 [ 991.516726][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 991.521914][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 991.528381][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 991.533905][ C1] ? futex_wake+0x155/0x490 [ 991.538488][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 991.544523][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 991.550378][ C1] do_futex+0x15b/0x1a60 [ 991.554655][ C1] ? lock_acquire+0x1f1/0xad0 [ 991.559453][ C1] ? __might_fault+0xef/0x1d0 [ 991.564118][ C1] ? find_held_lock+0x2d/0x110 [ 991.569285][ C1] ? futex_exit_release+0x220/0x220 [ 991.574473][ C1] ? lock_downgrade+0x820/0x820 [ 991.580806][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 991.587061][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 991.592287][ C1] ? __might_fault+0x190/0x1d0 [ 991.597185][ C1] ? _copy_to_user+0x126/0x160 [ 991.602273][ C1] __x64_sys_futex+0x378/0x4e0 [ 991.607028][ C1] ? do_futex+0x1a60/0x1a60 [ 991.612979][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 991.620529][ C1] ? lock_is_held_type+0xb0/0xe0 [ 991.625679][ C1] ? do_syscall_64+0x1c/0xe0 [ 991.630450][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 991.637213][ C1] do_syscall_64+0x60/0xe0 [ 991.642902][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 991.649006][ C1] RIP: 0033:0x45cb29 [ 991.652890][ C1] Code: Bad RIP value. [ 991.656938][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 991.665997][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 991.674011][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 991.682525][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 991.691614][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 991.699574][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 991.708416][ C1] syz-executor.1 S29976 13744 6984 0x00000000 [ 991.715269][ C1] Call Trace: [ 991.718842][ C1] __schedule+0x8e1/0x1eb0 [ 991.723272][ C1] ? io_schedule_timeout+0x140/0x140 [ 991.728549][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 991.736310][ C1] schedule+0xd0/0x2a0 [ 991.740621][ C1] futex_wait_queue_me+0x2a7/0x570 [ 991.745720][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 991.751166][ C1] futex_wait+0x1df/0x560 [ 991.756224][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 991.762454][ C1] ? mark_lock+0xbc/0x1710 [ 991.768057][ C1] ? hash_futex+0x12/0x200 [ 991.773393][ C1] ? futex_wake+0x155/0x490 [ 991.777906][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 991.783010][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 991.789312][ C1] ? lock_downgrade+0x820/0x820 [ 991.794902][ C1] do_futex+0x15b/0x1a60 [ 991.799214][ C1] ? lock_acquire+0x1f1/0xad0 [ 991.804147][ C1] ? __might_fault+0xef/0x1d0 [ 991.809077][ C1] ? find_held_lock+0x2d/0x110 [ 991.815439][ C1] ? futex_exit_release+0x220/0x220 [ 991.822577][ C1] ? lock_downgrade+0x820/0x820 [ 991.827419][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 991.833645][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 991.839083][ C1] ? __might_fault+0x190/0x1d0 [ 991.845112][ C1] ? _copy_to_user+0x126/0x160 [ 991.850369][ C1] __x64_sys_futex+0x378/0x4e0 [ 991.857275][ C1] ? do_futex+0x1a60/0x1a60 [ 991.861897][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 991.867621][ C1] ? lock_is_held_type+0xb0/0xe0 [ 991.873604][ C1] ? do_syscall_64+0x1c/0xe0 [ 991.879819][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 991.885918][ C1] do_syscall_64+0x60/0xe0 [ 991.891301][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 991.897296][ C1] RIP: 0033:0x45cb29 [ 991.901165][ C1] Code: Bad RIP value. [ 991.905207][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 991.913602][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 991.921602][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 991.934072][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 991.942125][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 991.950269][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 991.959921][ C1] syz-executor.1 S28384 13751 6984 0x00000000 [ 991.966351][ C1] Call Trace: [ 991.969645][ C1] __schedule+0x8e1/0x1eb0 [ 991.974043][ C1] ? io_schedule_timeout+0x140/0x140 [ 991.979306][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 991.984745][ C1] schedule+0xd0/0x2a0 [ 991.988830][ C1] futex_wait_queue_me+0x2a7/0x570 [ 991.993915][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 991.999468][ C1] ? futex_wake+0x1b5/0x490 [ 992.004029][ C1] ? find_held_lock+0x2d/0x110 [ 992.008831][ C1] futex_wait+0x1df/0x560 [ 992.013389][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 992.019989][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 992.025080][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 992.030356][ C1] ? futex_wake+0x155/0x490 [ 992.034997][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 992.041002][ C1] do_futex+0x15b/0x1a60 [ 992.045230][ C1] ? lock_acquire+0x1f1/0xad0 [ 992.049999][ C1] ? __might_fault+0xef/0x1d0 [ 992.054660][ C1] ? find_held_lock+0x2d/0x110 [ 992.059429][ C1] ? futex_exit_release+0x220/0x220 [ 992.066854][ C1] ? lock_downgrade+0x820/0x820 [ 992.071868][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 992.078204][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 992.083601][ C1] ? __might_fault+0x190/0x1d0 [ 992.088345][ C1] ? _copy_to_user+0x126/0x160 [ 992.094110][ C1] __x64_sys_futex+0x378/0x4e0 [ 992.098918][ C1] ? do_futex+0x1a60/0x1a60 [ 992.107743][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 992.113372][ C1] ? lock_is_held_type+0xb0/0xe0 [ 992.118293][ C1] ? do_syscall_64+0x1c/0xe0 [ 992.122891][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 992.128868][ C1] do_syscall_64+0x60/0xe0 [ 992.133286][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 992.139247][ C1] RIP: 0033:0x45cb29 [ 992.143129][ C1] Code: Bad RIP value. [ 992.147317][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 992.155850][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 992.165658][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 992.174285][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 992.182415][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 992.190369][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 992.199243][ C1] syz-executor.1 S29976 13759 6984 0x00000000 [ 992.206042][ C1] Call Trace: [ 992.210043][ C1] __schedule+0x8e1/0x1eb0 [ 992.217373][ C1] ? io_schedule_timeout+0x140/0x140 [ 992.222777][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 992.228243][ C1] schedule+0xd0/0x2a0 [ 992.232329][ C1] futex_wait_queue_me+0x2a7/0x570 [ 992.237472][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 992.244600][ C1] futex_wait+0x1df/0x560 [ 992.250138][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 992.258770][ C1] ? hash_futex+0x12/0x200 [ 992.264147][ C1] ? futex_wake+0x155/0x490 [ 992.268820][ C1] ? lock_downgrade+0x820/0x820 [ 992.273842][ C1] do_futex+0x15b/0x1a60 [ 992.278067][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 992.283244][ C1] ? _raw_spin_unlock+0x24/0x40 [ 992.288075][ C1] ? do_wp_page+0x16a/0x1950 [ 992.292646][ C1] ? futex_exit_release+0x220/0x220 [ 992.297829][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 992.302859][ C1] ? find_held_lock+0x2d/0x110 [ 992.307604][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 992.312781][ C1] ? __up_read+0x1a1/0x7b0 [ 992.317176][ C1] ? _down_write_nest_lock+0x150/0x150 [ 992.323865][ C1] __x64_sys_futex+0x378/0x4e0 [ 992.328731][ C1] ? do_futex+0x1a60/0x1a60 [ 992.333222][ C1] ? lock_is_held_type+0xb0/0xe0 [ 992.338147][ C1] ? lock_is_held_type+0xb0/0xe0 [ 992.343082][ C1] ? do_syscall_64+0x1c/0xe0 [ 992.347649][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 992.353972][ C1] do_syscall_64+0x60/0xe0 [ 992.359769][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 992.365661][ C1] RIP: 0033:0x45cb29 [ 992.369535][ C1] Code: Bad RIP value. [ 992.373591][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 992.381989][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 992.390737][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 992.399284][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 992.407341][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 992.415310][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 992.424164][ C1] syz-executor.1 S29976 13778 13751 0x00000000 [ 992.430966][ C1] Call Trace: [ 992.434242][ C1] __schedule+0x8e1/0x1eb0 [ 992.438641][ C1] ? io_schedule_timeout+0x140/0x140 [ 992.443907][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 992.449349][ C1] schedule+0xd0/0x2a0 [ 992.453404][ C1] futex_wait_queue_me+0x2a7/0x570 [ 992.459358][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 992.467434][ C1] futex_wait+0x1df/0x560 [ 992.471760][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 992.476794][ C1] ? mark_lock+0xbc/0x1710 [ 992.481192][ C1] ? hash_futex+0x12/0x200 [ 992.485587][ C1] ? futex_wake+0x155/0x490 [ 992.490085][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 992.495258][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 992.502047][ C1] ? lock_downgrade+0x820/0x820 [ 992.506896][ C1] do_futex+0x15b/0x1a60 [ 992.511121][ C1] ? lock_acquire+0x1f1/0xad0 [ 992.515792][ C1] ? __might_fault+0xef/0x1d0 [ 992.520465][ C1] ? find_held_lock+0x2d/0x110 [ 992.525433][ C1] ? futex_exit_release+0x220/0x220 [ 992.531171][ C1] ? lock_downgrade+0x820/0x820 [ 992.538350][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 992.544574][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 992.549581][ C1] ? __might_fault+0x190/0x1d0 [ 992.554322][ C1] ? _copy_to_user+0x126/0x160 [ 992.559072][ C1] __x64_sys_futex+0x378/0x4e0 [ 992.563925][ C1] ? do_futex+0x1a60/0x1a60 [ 992.568850][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 992.574604][ C1] ? lock_is_held_type+0xb0/0xe0 [ 992.579521][ C1] ? do_syscall_64+0x1c/0xe0 [ 992.584109][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 992.590070][ C1] do_syscall_64+0x60/0xe0 [ 992.594857][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 992.603189][ C1] RIP: 0033:0x45cb29 [ 992.608047][ C1] Code: Bad RIP value. [ 992.612110][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 992.620500][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 992.628450][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 992.636489][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 992.645384][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 992.653446][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 992.661472][ C1] syz-executor.1 S28384 13789 6984 0x00000000 [ 992.669973][ C1] Call Trace: [ 992.673776][ C1] __schedule+0x8e1/0x1eb0 [ 992.679225][ C1] ? io_schedule_timeout+0x140/0x140 [ 992.685469][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 992.691256][ C1] schedule+0xd0/0x2a0 [ 992.695305][ C1] schedule_timeout+0x1d8/0x250 [ 992.700137][ C1] ? usleep_range+0x170/0x170 [ 992.705592][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 992.711380][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 992.717252][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 992.723039][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 992.728650][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 992.734434][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 992.741424][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 992.748152][ C1] ? skb_free_datagram+0xf0/0xf0 [ 992.754603][ C1] ? proto_seq_start+0x50/0x50 [ 992.759489][ C1] ? skb_segment.cold+0x38/0x38 [ 992.764327][ C1] ? mark_lock+0xbc/0x1710 [ 992.768726][ C1] __skb_recv_datagram+0x171/0x220 [ 992.773822][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 992.779588][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 992.785259][ C1] ? __schedule+0x887/0x1eb0 [ 992.790009][ C1] ? lock_is_held_type+0xb0/0xe0 [ 992.794948][ C1] skb_recv_datagram+0xa7/0xe0 [ 992.799713][ C1] ? __skb_recv_datagram+0x220/0x220 [ 992.804976][ C1] ? aa_sk_perm+0x316/0xaa0 [ 992.809738][ C1] ? __might_fault+0xef/0x1d0 [ 992.814972][ C1] raw_recvmsg+0xab/0x550 [ 992.820512][ C1] ? raw_release+0x890/0x890 [ 992.825186][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 992.832217][ C1] ? raw_release+0x890/0x890 [ 992.837352][ C1] ____sys_recvmsg+0x2c4/0x640 [ 992.842098][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 992.847969][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 992.853581][ C1] ? import_iovec+0x23b/0x3d0 [ 992.859256][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 992.865663][ C1] ___sys_recvmsg+0x127/0x200 [ 992.870324][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 992.875948][ C1] ? lock_downgrade+0x820/0x820 [ 992.880804][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 992.885917][ C1] ? __fget_files+0x294/0x400 [ 992.891499][ C1] ? __fget_light+0xea/0x280 [ 992.896191][ C1] do_recvmmsg+0x24d/0x6d0 [ 992.901161][ C1] ? ___sys_recvmsg+0x200/0x200 [ 992.906079][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 992.913624][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 992.918732][ C1] ? put_timespec64+0xcb/0x120 [ 992.923790][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 992.928734][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 992.933766][ C1] ? __do_sys_socketcall+0x550/0x550 [ 992.939044][ C1] ? lock_is_held_type+0xb0/0xe0 [ 992.944055][ C1] ? do_syscall_64+0x1c/0xe0 [ 992.948632][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 992.954610][ C1] do_syscall_64+0x60/0xe0 [ 992.959018][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 992.965024][ C1] RIP: 0033:0x45cb29 [ 992.968893][ C1] Code: Bad RIP value. [ 992.972951][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 992.981603][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 992.989586][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 992.997570][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 993.005544][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 993.013497][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 993.021461][ C1] syz-executor.1 S29976 13792 13789 0x00000000 [ 993.027789][ C1] Call Trace: [ 993.031062][ C1] __schedule+0x8e1/0x1eb0 [ 993.035460][ C1] ? io_schedule_timeout+0x140/0x140 [ 993.040736][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 993.046176][ C1] schedule+0xd0/0x2a0 [ 993.050225][ C1] futex_wait_queue_me+0x2a7/0x570 [ 993.055402][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 993.060700][ C1] ? futex_wake+0x1b5/0x490 [ 993.065222][ C1] ? find_held_lock+0x2d/0x110 [ 993.069975][ C1] futex_wait+0x1df/0x560 [ 993.074292][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 993.079331][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 993.084261][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 993.089458][ C1] ? futex_wake+0x155/0x490 [ 993.094328][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 993.100454][ C1] ? lock_downgrade+0x820/0x820 [ 993.105421][ C1] do_futex+0x15b/0x1a60 [ 993.109701][ C1] ? lock_acquire+0x1f1/0xad0 [ 993.114365][ C1] ? __might_fault+0xef/0x1d0 [ 993.119020][ C1] ? find_held_lock+0x2d/0x110 [ 993.123997][ C1] ? futex_exit_release+0x220/0x220 [ 993.129660][ C1] ? lock_downgrade+0x820/0x820 [ 993.134509][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 993.140746][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 993.145758][ C1] ? __might_fault+0x190/0x1d0 [ 993.150501][ C1] ? _copy_to_user+0x126/0x160 [ 993.155250][ C1] __x64_sys_futex+0x378/0x4e0 [ 993.159998][ C1] ? do_futex+0x1a60/0x1a60 [ 993.164831][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 993.170463][ C1] ? lock_is_held_type+0xb0/0xe0 [ 993.175398][ C1] ? do_syscall_64+0x1c/0xe0 [ 993.179982][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 993.185978][ C1] do_syscall_64+0x60/0xe0 [ 993.190383][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 993.196354][ C1] RIP: 0033:0x45cb29 [ 993.200219][ C1] Code: Bad RIP value. [ 993.204259][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 993.212658][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 993.220914][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 993.229201][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 993.237153][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 993.245116][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 993.253085][ C1] syz-executor.1 S29056 13801 6984 0x00000000 [ 993.259482][ C1] Call Trace: [ 993.262753][ C1] __schedule+0x8e1/0x1eb0 [ 993.267209][ C1] ? io_schedule_timeout+0x140/0x140 [ 993.272471][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 993.277921][ C1] schedule+0xd0/0x2a0 [ 993.281969][ C1] futex_wait_queue_me+0x2a7/0x570 [ 993.287354][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 993.292531][ C1] ? futex_wake+0x1b5/0x490 [ 993.297013][ C1] ? find_held_lock+0x2d/0x110 [ 993.301760][ C1] futex_wait+0x1df/0x560 [ 993.306079][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 993.311082][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 993.315998][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 993.321175][ C1] ? futex_wake+0x155/0x490 [ 993.325699][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 993.331665][ C1] ? lock_downgrade+0x820/0x820 [ 993.336493][ C1] do_futex+0x15b/0x1a60 [ 993.341080][ C1] ? lock_acquire+0x1f1/0xad0 [ 993.345732][ C1] ? __might_fault+0xef/0x1d0 [ 993.350397][ C1] ? find_held_lock+0x2d/0x110 [ 993.355170][ C1] ? futex_exit_release+0x220/0x220 [ 993.360360][ C1] ? lock_downgrade+0x820/0x820 [ 993.365198][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 993.371430][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 993.376436][ C1] ? __might_fault+0x190/0x1d0 [ 993.381174][ C1] ? _copy_to_user+0x126/0x160 [ 993.385917][ C1] __x64_sys_futex+0x378/0x4e0 [ 993.390659][ C1] ? do_futex+0x1a60/0x1a60 [ 993.395153][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 993.400772][ C1] ? lock_is_held_type+0xb0/0xe0 [ 993.405785][ C1] ? do_syscall_64+0x1c/0xe0 [ 993.410387][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 993.416379][ C1] do_syscall_64+0x60/0xe0 [ 993.420789][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 993.427119][ C1] RIP: 0033:0x45cb29 [ 993.430984][ C1] Code: Bad RIP value. [ 993.435037][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 993.444203][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 993.452177][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 993.461148][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 993.469278][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 993.477407][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 993.485567][ C1] syz-executor.1 S29976 13887 6984 0x00000000 [ 993.491925][ C1] Call Trace: [ 993.495199][ C1] __schedule+0x8e1/0x1eb0 [ 993.499688][ C1] ? io_schedule_timeout+0x140/0x140 [ 993.504952][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 993.510480][ C1] schedule+0xd0/0x2a0 [ 993.514530][ C1] futex_wait_queue_me+0x2a7/0x570 [ 993.519621][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 993.524813][ C1] futex_wait+0x1df/0x560 [ 993.529140][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 993.534348][ C1] ? hash_futex+0x12/0x200 [ 993.538762][ C1] ? futex_wake+0x155/0x490 [ 993.543265][ C1] ? lock_downgrade+0x820/0x820 [ 993.548095][ C1] do_futex+0x15b/0x1a60 [ 993.552324][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 993.557519][ C1] ? _raw_spin_unlock+0x24/0x40 [ 993.562351][ C1] ? do_wp_page+0x16a/0x1950 [ 993.566923][ C1] ? futex_exit_release+0x220/0x220 [ 993.572105][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 993.577130][ C1] ? find_held_lock+0x2d/0x110 [ 993.581873][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 993.587047][ C1] ? __up_read+0x1a1/0x7b0 [ 993.591442][ C1] ? _down_write_nest_lock+0x150/0x150 [ 993.596901][ C1] __x64_sys_futex+0x378/0x4e0 [ 993.601648][ C1] ? do_futex+0x1a60/0x1a60 [ 993.606133][ C1] ? lock_is_held_type+0xb0/0xe0 [ 993.611063][ C1] ? lock_is_held_type+0xb0/0xe0 [ 993.615991][ C1] ? do_syscall_64+0x1c/0xe0 [ 993.620570][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 993.626710][ C1] do_syscall_64+0x60/0xe0 [ 993.631122][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 993.637093][ C1] RIP: 0033:0x45cb29 [ 993.641176][ C1] Code: Bad RIP value. [ 993.645233][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 993.653634][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 993.661687][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 993.669694][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 993.677645][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 993.685594][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 993.693560][ C1] syz-executor.1 S29976 13914 6984 0x00000000 [ 993.699880][ C1] Call Trace: [ 993.703159][ C1] __schedule+0x8e1/0x1eb0 [ 993.707571][ C1] ? io_schedule_timeout+0x140/0x140 [ 993.712874][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 993.718358][ C1] schedule+0xd0/0x2a0 [ 993.722415][ C1] futex_wait_queue_me+0x2a7/0x570 [ 993.727519][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 993.732695][ C1] ? futex_wake+0x1b5/0x490 [ 993.737262][ C1] ? find_held_lock+0x2d/0x110 [ 993.742003][ C1] futex_wait+0x1df/0x560 [ 993.746310][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 993.751318][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 993.756346][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 993.762025][ C1] ? futex_wake+0x155/0x490 [ 993.766529][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 993.772589][ C1] ? lock_downgrade+0x820/0x820 [ 993.779130][ C1] do_futex+0x15b/0x1a60 [ 993.783372][ C1] ? lock_acquire+0x1f1/0xad0 [ 993.788105][ C1] ? __might_fault+0xef/0x1d0 [ 993.792775][ C1] ? find_held_lock+0x2d/0x110 [ 993.797533][ C1] ? futex_exit_release+0x220/0x220 [ 993.802712][ C1] ? lock_downgrade+0x820/0x820 [ 993.807631][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 993.813865][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 993.818872][ C1] ? __might_fault+0x190/0x1d0 [ 993.823633][ C1] ? _copy_to_user+0x126/0x160 [ 993.828406][ C1] __x64_sys_futex+0x378/0x4e0 [ 993.833445][ C1] ? do_futex+0x1a60/0x1a60 [ 993.837989][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 993.843733][ C1] ? lock_is_held_type+0xb0/0xe0 [ 993.848671][ C1] ? do_syscall_64+0x1c/0xe0 [ 993.853252][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 993.859299][ C1] do_syscall_64+0x60/0xe0 [ 993.863694][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 993.869575][ C1] RIP: 0033:0x45cb29 [ 993.873438][ C1] Code: Bad RIP value. [ 993.877478][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 993.885863][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 993.893915][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 993.901865][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 993.909819][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 993.917777][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 993.925737][ C1] syz-executor.1 S29976 13935 6984 0x00000000 [ 993.932054][ C1] Call Trace: [ 993.935450][ C1] __schedule+0x8e1/0x1eb0 [ 993.940015][ C1] ? io_schedule_timeout+0x140/0x140 [ 993.945745][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 993.951196][ C1] schedule+0xd0/0x2a0 [ 993.955261][ C1] futex_wait_queue_me+0x2a7/0x570 [ 993.960366][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 993.965566][ C1] futex_wait+0x1df/0x560 [ 993.969892][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 993.974895][ C1] ? mark_lock+0xbc/0x1710 [ 993.979290][ C1] ? hash_futex+0x12/0x200 [ 993.983700][ C1] ? futex_wake+0x155/0x490 [ 993.988197][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 993.993207][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 993.999182][ C1] ? lock_downgrade+0x820/0x820 [ 994.004036][ C1] do_futex+0x15b/0x1a60 [ 994.008261][ C1] ? lock_acquire+0x1f1/0xad0 [ 994.012916][ C1] ? __might_fault+0xef/0x1d0 [ 994.017583][ C1] ? find_held_lock+0x2d/0x110 [ 994.022342][ C1] ? futex_exit_release+0x220/0x220 [ 994.027516][ C1] ? lock_downgrade+0x820/0x820 [ 994.032344][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 994.038562][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 994.043570][ C1] ? __might_fault+0x190/0x1d0 [ 994.048331][ C1] ? _copy_to_user+0x126/0x160 [ 994.053077][ C1] __x64_sys_futex+0x378/0x4e0 [ 994.057820][ C1] ? do_futex+0x1a60/0x1a60 [ 994.062303][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 994.067935][ C1] ? lock_is_held_type+0xb0/0xe0 [ 994.072852][ C1] ? do_syscall_64+0x1c/0xe0 [ 994.077429][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 994.083451][ C1] do_syscall_64+0x60/0xe0 [ 994.088049][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 994.093928][ C1] RIP: 0033:0x45cb29 [ 994.097807][ C1] Code: Bad RIP value. [ 994.102005][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 994.110402][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 994.118527][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 994.126500][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 994.134537][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 994.142553][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 994.150776][ C1] syz-executor.1 S29976 13964 6984 0x00000000 [ 994.157142][ C1] Call Trace: [ 994.160424][ C1] __schedule+0x8e1/0x1eb0 [ 994.164833][ C1] ? io_schedule_timeout+0x140/0x140 [ 994.170202][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 994.175652][ C1] schedule+0xd0/0x2a0 [ 994.179834][ C1] futex_wait_queue_me+0x2a7/0x570 [ 994.184941][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 994.190126][ C1] futex_wait+0x1df/0x560 [ 994.194438][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 994.199531][ C1] ? hash_futex+0x12/0x200 [ 994.203942][ C1] ? futex_wake+0x155/0x490 [ 994.208450][ C1] ? lock_downgrade+0x820/0x820 [ 994.213283][ C1] do_futex+0x15b/0x1a60 [ 994.217509][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 994.222698][ C1] ? _raw_spin_unlock+0x24/0x40 [ 994.227528][ C1] ? do_wp_page+0x16a/0x1950 [ 994.232196][ C1] ? futex_exit_release+0x220/0x220 [ 994.237406][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 994.242417][ C1] ? find_held_lock+0x2d/0x110 [ 994.247183][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 994.252386][ C1] ? __up_read+0x1a1/0x7b0 [ 994.256799][ C1] ? _down_write_nest_lock+0x150/0x150 [ 994.262240][ C1] __x64_sys_futex+0x378/0x4e0 [ 994.266983][ C1] ? do_futex+0x1a60/0x1a60 [ 994.271467][ C1] ? lock_is_held_type+0xb0/0xe0 [ 994.276386][ C1] ? lock_is_held_type+0xb0/0xe0 [ 994.281303][ C1] ? do_syscall_64+0x1c/0xe0 [ 994.285870][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 994.291834][ C1] do_syscall_64+0x60/0xe0 [ 994.296248][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 994.307702][ C1] RIP: 0033:0x45cb29 [ 994.311575][ C1] Code: Bad RIP value. [ 994.315663][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 994.324049][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 994.332019][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 994.340010][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 994.347955][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 994.356233][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 994.364217][ C1] syz-executor.1 S29856 13981 6984 0x00000000 [ 994.370535][ C1] Call Trace: [ 994.373874][ C1] __schedule+0x8e1/0x1eb0 [ 994.378336][ C1] ? io_schedule_timeout+0x140/0x140 [ 994.383596][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 994.389031][ C1] schedule+0xd0/0x2a0 [ 994.393072][ C1] futex_wait_queue_me+0x2a7/0x570 [ 994.398162][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 994.403366][ C1] ? futex_wake+0x1b5/0x490 [ 994.407845][ C1] ? find_held_lock+0x2d/0x110 [ 994.412587][ C1] futex_wait+0x1df/0x560 [ 994.416908][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 994.421910][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 994.427016][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 994.432194][ C1] ? futex_wake+0x155/0x490 [ 994.436682][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 994.442635][ C1] ? lock_downgrade+0x820/0x820 [ 994.447477][ C1] do_futex+0x15b/0x1a60 [ 994.451700][ C1] ? lock_acquire+0x1f1/0xad0 [ 994.456613][ C1] ? __might_fault+0xef/0x1d0 [ 994.461393][ C1] ? find_held_lock+0x2d/0x110 [ 994.466178][ C1] ? futex_exit_release+0x220/0x220 [ 994.471398][ C1] ? lock_downgrade+0x820/0x820 [ 994.476250][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 994.482478][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 994.487507][ C1] ? __might_fault+0x190/0x1d0 [ 994.492351][ C1] ? _copy_to_user+0x126/0x160 [ 994.497095][ C1] __x64_sys_futex+0x378/0x4e0 [ 994.501838][ C1] ? do_futex+0x1a60/0x1a60 [ 994.506324][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 994.511932][ C1] ? lock_is_held_type+0xb0/0xe0 [ 994.516848][ C1] ? do_syscall_64+0x1c/0xe0 [ 994.521439][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 994.527411][ C1] do_syscall_64+0x60/0xe0 [ 994.531813][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 994.537685][ C1] RIP: 0033:0x45cb29 [ 994.541577][ C1] Code: Bad RIP value. [ 994.545617][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 994.554007][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 994.561973][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 994.569937][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 994.577888][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 994.586024][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 994.593992][ C1] syz-executor.1 S29944 13988 6984 0x00004000 [ 994.600322][ C1] Call Trace: [ 994.603594][ C1] __schedule+0x8e1/0x1eb0 [ 994.607992][ C1] ? io_schedule_timeout+0x140/0x140 [ 994.613271][ C1] ? preempt_schedule_thunk+0x16/0x18 [ 994.618632][ C1] schedule+0xd0/0x2a0 [ 994.622948][ C1] futex_wait_queue_me+0x2a7/0x570 [ 994.628051][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 994.633230][ C1] futex_wait+0x1df/0x560 [ 994.637558][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 994.643115][ C1] ? hash_futex+0x12/0x200 [ 994.647559][ C1] ? futex_wake+0x155/0x490 [ 994.652095][ C1] ? lock_downgrade+0x820/0x820 [ 994.656931][ C1] do_futex+0x15b/0x1a60 [ 994.661165][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 994.666347][ C1] ? _raw_spin_unlock+0x24/0x40 [ 994.671197][ C1] ? do_wp_page+0x16a/0x1950 [ 994.675787][ C1] ? futex_exit_release+0x220/0x220 [ 994.680969][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 994.685994][ C1] ? find_held_lock+0x2d/0x110 [ 994.690911][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 994.696088][ C1] ? __up_read+0x1a1/0x7b0 [ 994.700487][ C1] ? _down_write_nest_lock+0x150/0x150 [ 994.705949][ C1] __x64_sys_futex+0x378/0x4e0 [ 994.710710][ C1] ? do_futex+0x1a60/0x1a60 [ 994.715195][ C1] ? lock_is_held_type+0xb0/0xe0 [ 994.720138][ C1] ? lock_is_held_type+0xb0/0xe0 [ 994.725057][ C1] ? do_syscall_64+0x1c/0xe0 [ 994.729643][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 994.735800][ C1] do_syscall_64+0x60/0xe0 [ 994.740200][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 994.746161][ C1] RIP: 0033:0x45cb29 [ 994.750048][ C1] Code: Bad RIP value. [ 994.754091][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 994.762655][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 994.770608][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 994.778573][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 994.786612][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 994.794841][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 994.802831][ C1] syz-executor.1 S29976 14010 6984 0x00000000 [ 994.809166][ C1] Call Trace: [ 994.812546][ C1] __schedule+0x8e1/0x1eb0 [ 994.816968][ C1] ? io_schedule_timeout+0x140/0x140 [ 994.822235][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 994.827692][ C1] schedule+0xd0/0x2a0 [ 994.831741][ C1] futex_wait_queue_me+0x2a7/0x570 [ 994.836842][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 994.842015][ C1] ? futex_wake+0x1b5/0x490 [ 994.846497][ C1] ? find_held_lock+0x2d/0x110 [ 994.851241][ C1] futex_wait+0x1df/0x560 [ 994.855638][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 994.860643][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 994.865560][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 994.870736][ C1] ? futex_wake+0x155/0x490 [ 994.875236][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 994.881202][ C1] ? lock_downgrade+0x820/0x820 [ 994.886032][ C1] do_futex+0x15b/0x1a60 [ 994.890271][ C1] ? lock_acquire+0x1f1/0xad0 [ 994.894940][ C1] ? __might_fault+0xef/0x1d0 [ 994.899604][ C1] ? find_held_lock+0x2d/0x110 [ 994.904341][ C1] ? futex_exit_release+0x220/0x220 [ 994.909517][ C1] ? lock_downgrade+0x820/0x820 [ 994.914344][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 994.920566][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 994.925569][ C1] ? __might_fault+0x190/0x1d0 [ 994.930308][ C1] ? _copy_to_user+0x126/0x160 [ 994.935052][ C1] __x64_sys_futex+0x378/0x4e0 [ 994.939795][ C1] ? do_futex+0x1a60/0x1a60 [ 994.944278][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 994.949892][ C1] ? lock_is_held_type+0xb0/0xe0 [ 994.954895][ C1] ? do_syscall_64+0x1c/0xe0 [ 994.959463][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 994.965439][ C1] do_syscall_64+0x60/0xe0 [ 994.969836][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 994.975842][ C1] RIP: 0033:0x45cb29 [ 994.979968][ C1] Code: Bad RIP value. [ 994.984030][ C1] RSP: 002b:00007f57eae3dcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 994.992422][ C1] RAX: ffffffffffffffda RBX: 000000000078c188 RCX: 000000000045cb29 [ 995.000483][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c188 [ 995.009057][ C1] RBP: 000000000078c180 R08: 0000000000000000 R09: 0000000000000000 [ 995.017062][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c18c [ 995.025287][ C1] R13: 0000000000c9fb6f R14: 00007f57eae3e9c0 R15: 000000000078c18c [ 995.033518][ C1] syz-executor.1 S29056 14095 6984 0x00000000 [ 995.040005][ C1] Call Trace: [ 995.043285][ C1] __schedule+0x8e1/0x1eb0 [ 995.047697][ C1] ? io_schedule_timeout+0x140/0x140 [ 995.052992][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 995.058466][ C1] schedule+0xd0/0x2a0 [ 995.062521][ C1] futex_wait_queue_me+0x2a7/0x570 [ 995.067694][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 995.072886][ C1] futex_wait+0x1df/0x560 [ 995.077893][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 995.083138][ C1] ? mark_lock+0xbc/0x1710 [ 995.087543][ C1] ? hash_futex+0x12/0x200 [ 995.092046][ C1] ? futex_wake+0x155/0x490 [ 995.096534][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 995.101566][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 995.107534][ C1] ? lock_downgrade+0x820/0x820 [ 995.112398][ C1] do_futex+0x15b/0x1a60 [ 995.116702][ C1] ? lock_acquire+0x1f1/0xad0 [ 995.121372][ C1] ? __might_fault+0xef/0x1d0 [ 995.126036][ C1] ? find_held_lock+0x2d/0x110 [ 995.130791][ C1] ? futex_exit_release+0x220/0x220 [ 995.135994][ C1] ? lock_downgrade+0x820/0x820 [ 995.140852][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 995.147096][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 995.152104][ C1] ? __might_fault+0x190/0x1d0 [ 995.156862][ C1] ? _copy_to_user+0x126/0x160 [ 995.161620][ C1] __x64_sys_futex+0x378/0x4e0 [ 995.166382][ C1] ? do_futex+0x1a60/0x1a60 [ 995.170860][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 995.176472][ C1] ? lock_is_held_type+0xb0/0xe0 [ 995.181388][ C1] ? do_syscall_64+0x1c/0xe0 [ 995.185955][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 995.192460][ C1] do_syscall_64+0x60/0xe0 [ 995.196868][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 995.202750][ C1] RIP: 0033:0x45cb29 [ 995.207648][ C1] Code: Bad RIP value. [ 995.211726][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 995.220121][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 995.228094][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 995.236079][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 995.244136][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 995.252180][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 995.261047][ C1] syz-executor.1 S29976 14104 6984 0x00000000 [ 995.267921][ C1] Call Trace: [ 995.271197][ C1] __schedule+0x8e1/0x1eb0 [ 995.275605][ C1] ? io_schedule_timeout+0x140/0x140 [ 995.280895][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 995.286351][ C1] schedule+0xd0/0x2a0 [ 995.290417][ C1] futex_wait_queue_me+0x2a7/0x570 [ 995.295522][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 995.300711][ C1] futex_wait+0x1df/0x560 [ 995.305134][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 995.310164][ C1] ? lock_downgrade+0x820/0x820 [ 995.315278][ C1] ? hash_futex+0x12/0x200 [ 995.319699][ C1] ? futex_wake+0x155/0x490 [ 995.324189][ C1] ? follow_pfn+0x250/0x250 [ 995.328669][ C1] ? lock_downgrade+0x820/0x820 [ 995.333516][ C1] do_futex+0x15b/0x1a60 [ 995.337738][ C1] ? do_wp_page+0x16a/0x1950 [ 995.342332][ C1] ? futex_exit_release+0x220/0x220 [ 995.347517][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 995.352520][ C1] ? find_held_lock+0x2d/0x110 [ 995.357281][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 995.362456][ C1] ? __up_read+0x1a1/0x7b0 [ 995.366886][ C1] ? _down_write_nest_lock+0x150/0x150 [ 995.372334][ C1] __x64_sys_futex+0x378/0x4e0 [ 995.377090][ C1] ? do_futex+0x1a60/0x1a60 [ 995.381646][ C1] ? lock_is_held_type+0xb0/0xe0 [ 995.386602][ C1] ? lock_is_held_type+0xb0/0xe0 [ 995.391553][ C1] ? do_syscall_64+0x1c/0xe0 [ 995.396149][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 995.402141][ C1] do_syscall_64+0x60/0xe0 [ 995.406565][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 995.412443][ C1] RIP: 0033:0x45cb29 [ 995.416331][ C1] Code: Bad RIP value. [ 995.420434][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 995.428839][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 995.436981][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 995.445128][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 995.453097][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 995.461499][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 995.469465][ C1] syz-executor.1 S29976 14133 6984 0x00000000 [ 995.475807][ C1] Call Trace: [ 995.479095][ C1] __schedule+0x8e1/0x1eb0 [ 995.483584][ C1] ? io_schedule_timeout+0x140/0x140 [ 995.488864][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 995.494311][ C1] schedule+0xd0/0x2a0 [ 995.498357][ C1] futex_wait_queue_me+0x2a7/0x570 [ 995.503443][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 995.508634][ C1] futex_wait+0x1df/0x560 [ 995.512942][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 995.517946][ C1] ? mark_lock+0xbc/0x1710 [ 995.522338][ C1] ? hash_futex+0x12/0x200 [ 995.526732][ C1] ? futex_wake+0x155/0x490 [ 995.531242][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 995.536258][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 995.542229][ C1] ? lock_downgrade+0x820/0x820 [ 995.547068][ C1] do_futex+0x15b/0x1a60 [ 995.553160][ C1] ? lock_acquire+0x1f1/0xad0 [ 995.557919][ C1] ? __might_fault+0xef/0x1d0 [ 995.562590][ C1] ? find_held_lock+0x2d/0x110 [ 995.567351][ C1] ? futex_exit_release+0x220/0x220 [ 995.573058][ C1] ? lock_downgrade+0x820/0x820 [ 995.579395][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 995.587207][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 995.592771][ C1] ? __might_fault+0x190/0x1d0 [ 995.597514][ C1] ? _copy_to_user+0x126/0x160 [ 995.602319][ C1] __x64_sys_futex+0x378/0x4e0 [ 995.607173][ C1] ? do_futex+0x1a60/0x1a60 [ 995.611664][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 995.617368][ C1] ? lock_is_held_type+0xb0/0xe0 [ 995.622424][ C1] ? do_syscall_64+0x1c/0xe0 [ 995.627297][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 995.633266][ C1] do_syscall_64+0x60/0xe0 [ 995.637666][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 995.644560][ C1] RIP: 0033:0x45cb29 [ 995.648657][ C1] Code: Bad RIP value. [ 995.653141][ C1] RSP: 002b:00007f57eae3dcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 995.662831][ C1] RAX: ffffffffffffffda RBX: 000000000078c188 RCX: 000000000045cb29 [ 995.670977][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c188 [ 995.678929][ C1] RBP: 000000000078c180 R08: 0000000000000000 R09: 0000000000000000 [ 995.687924][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c18c [ 995.696657][ C1] R13: 0000000000c9fb6f R14: 00007f57eae3e9c0 R15: 000000000078c18c [ 995.704622][ C1] syz-executor.1 S28176 14163 6984 0x00000000 [ 995.711508][ C1] Call Trace: [ 995.714787][ C1] __schedule+0x8e1/0x1eb0 [ 995.719188][ C1] ? io_schedule_timeout+0x140/0x140 [ 995.724453][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 995.730192][ C1] schedule+0xd0/0x2a0 [ 995.734380][ C1] futex_wait_queue_me+0x2a7/0x570 [ 995.739488][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 995.744670][ C1] ? find_held_lock+0x2d/0x110 [ 995.749418][ C1] futex_wait+0x1df/0x560 [ 995.753726][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 995.759619][ C1] ? mark_lock+0xbc/0x1710 [ 995.768636][ C1] ? hash_futex+0x12/0x200 [ 995.773034][ C1] ? futex_wake+0x155/0x490 [ 995.777513][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 995.783417][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 995.791474][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 995.798225][ C1] do_futex+0x15b/0x1a60 [ 995.802464][ C1] ? lock_acquire+0x1f1/0xad0 [ 995.807126][ C1] ? __might_fault+0xef/0x1d0 [ 995.811783][ C1] ? find_held_lock+0x2d/0x110 [ 995.816525][ C1] ? futex_exit_release+0x220/0x220 [ 995.821700][ C1] ? lock_downgrade+0x820/0x820 [ 995.826531][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 995.833823][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 995.838829][ C1] ? __might_fault+0x190/0x1d0 [ 995.843588][ C1] ? _copy_to_user+0x126/0x160 [ 995.848609][ C1] __x64_sys_futex+0x378/0x4e0 [ 995.854060][ C1] ? do_futex+0x1a60/0x1a60 [ 995.858572][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 995.864196][ C1] ? lock_is_held_type+0xb0/0xe0 [ 995.869200][ C1] ? do_syscall_64+0x1c/0xe0 [ 995.874156][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 995.880119][ C1] do_syscall_64+0x60/0xe0 [ 995.884519][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 995.890731][ C1] RIP: 0033:0x45cb29 [ 995.894680][ C1] Code: Bad RIP value. [ 995.898724][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 995.909070][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 995.917381][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 995.925361][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 995.933934][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 995.941885][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 995.949954][ C1] syz-executor.1 S29976 14166 14163 0x00000000 [ 995.956267][ C1] Call Trace: [ 995.959540][ C1] __schedule+0x8e1/0x1eb0 [ 995.963967][ C1] ? io_schedule_timeout+0x140/0x140 [ 995.970253][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 995.975737][ C1] schedule+0xd0/0x2a0 [ 995.980165][ C1] futex_wait_queue_me+0x2a7/0x570 [ 995.985256][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 995.990454][ C1] futex_wait+0x1df/0x560 [ 995.995328][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 996.002530][ C1] ? mark_lock+0xbc/0x1710 [ 996.006924][ C1] ? hash_futex+0x12/0x200 [ 996.011318][ C1] ? futex_wake+0x155/0x490 [ 996.016140][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 996.021202][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 996.027190][ C1] ? lock_downgrade+0x820/0x820 [ 996.032345][ C1] do_futex+0x15b/0x1a60 [ 996.036771][ C1] ? lock_acquire+0x1f1/0xad0 [ 996.041439][ C1] ? __might_fault+0xef/0x1d0 [ 996.046105][ C1] ? find_held_lock+0x2d/0x110 [ 996.050876][ C1] ? futex_exit_release+0x220/0x220 [ 996.057202][ C1] ? lock_downgrade+0x820/0x820 [ 996.062033][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 996.068258][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 996.073386][ C1] ? __might_fault+0x190/0x1d0 [ 996.078627][ C1] ? _copy_to_user+0x126/0x160 [ 996.083923][ C1] __x64_sys_futex+0x378/0x4e0 [ 996.088684][ C1] ? do_futex+0x1a60/0x1a60 [ 996.093165][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 996.098921][ C1] ? lock_is_held_type+0xb0/0xe0 [ 996.103972][ C1] ? do_syscall_64+0x1c/0xe0 [ 996.108556][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 996.114714][ C1] do_syscall_64+0x60/0xe0 [ 996.119912][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 996.126885][ C1] RIP: 0033:0x45cb29 [ 996.130961][ C1] Code: Bad RIP value. [ 996.135016][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 996.143489][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 996.152233][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 996.160185][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 996.168154][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 996.177170][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 996.187035][ C1] syz-executor.1 S29976 14186 6984 0x00000000 [ 996.193457][ C1] Call Trace: [ 996.196728][ C1] __schedule+0x8e1/0x1eb0 [ 996.201128][ C1] ? io_schedule_timeout+0x140/0x140 [ 996.206391][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 996.211832][ C1] schedule+0xd0/0x2a0 [ 996.215877][ C1] futex_wait_queue_me+0x2a7/0x570 [ 996.221569][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 996.227545][ C1] futex_wait+0x1df/0x560 [ 996.231872][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 996.236873][ C1] ? mark_lock+0xbc/0x1710 [ 996.241263][ C1] ? hash_futex+0x12/0x200 [ 996.248008][ C1] ? futex_wake+0x155/0x490 [ 996.252506][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 996.257514][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 996.263760][ C1] ? lock_downgrade+0x820/0x820 [ 996.268606][ C1] do_futex+0x15b/0x1a60 [ 996.272833][ C1] ? lock_acquire+0x1f1/0xad0 [ 996.277486][ C1] ? __might_fault+0xef/0x1d0 [ 996.282593][ C1] ? find_held_lock+0x2d/0x110 [ 996.287349][ C1] ? futex_exit_release+0x220/0x220 [ 996.292545][ C1] ? lock_downgrade+0x820/0x820 [ 996.297374][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 996.303681][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 996.308686][ C1] ? __might_fault+0x190/0x1d0 [ 996.313449][ C1] ? _copy_to_user+0x126/0x160 [ 996.318196][ C1] __x64_sys_futex+0x378/0x4e0 [ 996.322960][ C1] ? do_futex+0x1a60/0x1a60 [ 996.327796][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 996.333426][ C1] ? lock_is_held_type+0xb0/0xe0 [ 996.338338][ C1] ? do_syscall_64+0x1c/0xe0 [ 996.343706][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 996.349671][ C1] do_syscall_64+0x60/0xe0 [ 996.354089][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 996.359976][ C1] RIP: 0033:0x45cb29 [ 996.363844][ C1] Code: Bad RIP value. [ 996.367891][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 996.376279][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 996.384246][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 996.392233][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 996.400752][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 996.408721][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 996.416870][ C1] syz-executor.1 S28488 14197 6984 0x00000000 [ 996.424021][ C1] Call Trace: [ 996.427403][ C1] __schedule+0x8e1/0x1eb0 [ 996.431809][ C1] ? io_schedule_timeout+0x140/0x140 [ 996.437253][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 996.442695][ C1] schedule+0xd0/0x2a0 [ 996.446742][ C1] futex_wait_queue_me+0x2a7/0x570 [ 996.451867][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 996.457055][ C1] ? __alloc_file+0xd8/0x350 [ 996.461624][ C1] ? alloc_file+0x5e/0x5a0 [ 996.466022][ C1] futex_wait+0x1df/0x560 [ 996.470354][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 996.475793][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 996.481754][ C1] ? mark_lock+0xbc/0x1710 [ 996.486149][ C1] ? hash_futex+0x12/0x200 [ 996.490924][ C1] ? futex_wake+0x155/0x490 [ 996.495772][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 996.500800][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 996.506779][ C1] do_futex+0x15b/0x1a60 [ 996.512028][ C1] ? lock_acquire+0x1f1/0xad0 [ 996.516879][ C1] ? __might_fault+0xef/0x1d0 [ 996.521584][ C1] ? find_held_lock+0x2d/0x110 [ 996.526458][ C1] ? futex_exit_release+0x220/0x220 [ 996.532680][ C1] ? lock_downgrade+0x820/0x820 [ 996.537524][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 996.543857][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 996.548996][ C1] ? __might_fault+0x190/0x1d0 [ 996.553758][ C1] ? _copy_to_user+0x126/0x160 [ 996.558672][ C1] __x64_sys_futex+0x378/0x4e0 [ 996.563625][ C1] ? do_futex+0x1a60/0x1a60 [ 996.568165][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 996.573791][ C1] ? lock_is_held_type+0xb0/0xe0 [ 996.578720][ C1] ? do_syscall_64+0x1c/0xe0 [ 996.583306][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 996.589287][ C1] do_syscall_64+0x60/0xe0 [ 996.593684][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 996.599610][ C1] RIP: 0033:0x45cb29 [ 996.603564][ C1] Code: Bad RIP value. [ 996.607617][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 996.616007][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 996.623955][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 996.632076][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 996.640039][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 996.648088][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 996.656053][ C1] syz-executor.1 S28696 14257 6984 0x00000000 [ 996.662510][ C1] Call Trace: [ 996.665791][ C1] __schedule+0x8e1/0x1eb0 [ 996.670196][ C1] ? io_schedule_timeout+0x140/0x140 [ 996.675464][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 996.681258][ C1] schedule+0xd0/0x2a0 [ 996.685306][ C1] schedule_timeout+0x1d8/0x250 [ 996.690157][ C1] ? usleep_range+0x170/0x170 [ 996.694812][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 996.699900][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 996.705696][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 996.711483][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 996.717194][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 996.722984][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 996.729035][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 996.735170][ C1] ? skb_free_datagram+0xf0/0xf0 [ 996.740097][ C1] ? proto_seq_start+0x50/0x50 [ 996.744851][ C1] ? skb_segment.cold+0x38/0x38 [ 996.749681][ C1] ? mark_lock+0xbc/0x1710 [ 996.754216][ C1] __skb_recv_datagram+0x171/0x220 [ 996.759341][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 996.764962][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 996.770149][ C1] ? __schedule+0x887/0x1eb0 [ 996.774741][ C1] ? lock_is_held_type+0xb0/0xe0 [ 996.779659][ C1] skb_recv_datagram+0xa7/0xe0 [ 996.784410][ C1] ? __skb_recv_datagram+0x220/0x220 [ 996.789673][ C1] ? aa_sk_perm+0x316/0xaa0 [ 996.794156][ C1] ? __might_fault+0xef/0x1d0 [ 996.798902][ C1] raw_recvmsg+0xab/0x550 [ 996.803433][ C1] ? raw_release+0x890/0x890 [ 996.808055][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 996.813755][ C1] ? raw_release+0x890/0x890 [ 996.818323][ C1] ____sys_recvmsg+0x2c4/0x640 [ 996.823162][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 996.829037][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 996.834654][ C1] ? import_iovec+0x23b/0x3d0 [ 996.839311][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 996.844752][ C1] ___sys_recvmsg+0x127/0x200 [ 996.849456][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 996.855247][ C1] ? lock_downgrade+0x820/0x820 [ 996.860166][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 996.865175][ C1] ? __fget_files+0x294/0x400 [ 996.869838][ C1] ? __fget_light+0xea/0x280 [ 996.874622][ C1] do_recvmmsg+0x24d/0x6d0 [ 996.879044][ C1] ? ___sys_recvmsg+0x200/0x200 [ 996.884228][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 996.890465][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 996.895626][ C1] ? put_timespec64+0xcb/0x120 [ 996.901482][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 996.906319][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 996.911321][ C1] ? __do_sys_socketcall+0x550/0x550 [ 996.916589][ C1] ? lock_is_held_type+0xb0/0xe0 [ 996.921503][ C1] ? do_syscall_64+0x1c/0xe0 [ 996.926084][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 996.932040][ C1] do_syscall_64+0x60/0xe0 [ 996.936432][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 996.942321][ C1] RIP: 0033:0x45cb29 [ 996.946296][ C1] Code: Bad RIP value. [ 996.950335][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 996.958734][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 996.966694][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000004 [ 996.974729][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 996.982678][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 996.992978][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 997.000942][ C1] syz-executor.1 S29976 14260 14257 0x00000000 [ 997.007255][ C1] Call Trace: [ 997.010526][ C1] __schedule+0x8e1/0x1eb0 [ 997.015016][ C1] ? io_schedule_timeout+0x140/0x140 [ 997.020309][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 997.025752][ C1] schedule+0xd0/0x2a0 [ 997.029822][ C1] futex_wait_queue_me+0x2a7/0x570 [ 997.034926][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 997.040101][ C1] ? futex_wake+0x1b5/0x490 [ 997.044600][ C1] ? find_held_lock+0x2d/0x110 [ 997.049365][ C1] futex_wait+0x1df/0x560 [ 997.053671][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 997.058686][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 997.063613][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 997.068786][ C1] ? futex_wake+0x155/0x490 [ 997.073813][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 997.079792][ C1] ? lock_downgrade+0x820/0x820 [ 997.084656][ C1] do_futex+0x15b/0x1a60 [ 997.088895][ C1] ? lock_acquire+0x1f1/0xad0 [ 997.093552][ C1] ? __might_fault+0xef/0x1d0 [ 997.098228][ C1] ? find_held_lock+0x2d/0x110 [ 997.102973][ C1] ? futex_exit_release+0x220/0x220 [ 997.108166][ C1] ? lock_downgrade+0x820/0x820 [ 997.112997][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 997.119246][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 997.124251][ C1] ? __might_fault+0x190/0x1d0 [ 997.129081][ C1] ? _copy_to_user+0x126/0x160 [ 997.133842][ C1] __x64_sys_futex+0x378/0x4e0 [ 997.138587][ C1] ? do_futex+0x1a60/0x1a60 [ 997.143070][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 997.148697][ C1] ? lock_is_held_type+0xb0/0xe0 [ 997.153627][ C1] ? do_syscall_64+0x1c/0xe0 [ 997.158204][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 997.165417][ C1] do_syscall_64+0x60/0xe0 [ 997.171570][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 997.178126][ C1] RIP: 0033:0x45cb29 [ 997.182031][ C1] Code: Bad RIP value. [ 997.186097][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 997.194675][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 997.202645][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 997.210610][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 997.218583][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 997.226562][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 997.234539][ C1] syz-executor.1 S29976 14273 6984 0x00000000 [ 997.240858][ C1] Call Trace: [ 997.244151][ C1] __schedule+0x8e1/0x1eb0 [ 997.248549][ C1] ? io_schedule_timeout+0x140/0x140 [ 997.253813][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 997.259483][ C1] schedule+0xd0/0x2a0 [ 997.268655][ C1] futex_wait_queue_me+0x2a7/0x570 [ 997.274203][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 997.279644][ C1] ? futex_wake+0x1b5/0x490 [ 997.284779][ C1] ? find_held_lock+0x2d/0x110 [ 997.290265][ C1] futex_wait+0x1df/0x560 [ 997.294835][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 997.299950][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 997.304871][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 997.310046][ C1] ? futex_wake+0x155/0x490 [ 997.315108][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 997.321105][ C1] ? lock_downgrade+0x820/0x820 [ 997.326037][ C1] do_futex+0x15b/0x1a60 [ 997.330304][ C1] ? lock_acquire+0x1f1/0xad0 [ 997.334966][ C1] ? __might_fault+0xef/0x1d0 [ 997.339620][ C1] ? find_held_lock+0x2d/0x110 [ 997.344446][ C1] ? futex_exit_release+0x220/0x220 [ 997.349628][ C1] ? lock_downgrade+0x820/0x820 [ 997.354547][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 997.360764][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 997.365790][ C1] ? __might_fault+0x190/0x1d0 [ 997.370542][ C1] ? _copy_to_user+0x126/0x160 [ 997.375296][ C1] __x64_sys_futex+0x378/0x4e0 [ 997.380047][ C1] ? do_futex+0x1a60/0x1a60 [ 997.384577][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 997.390230][ C1] ? lock_is_held_type+0xb0/0xe0 [ 997.395149][ C1] ? do_syscall_64+0x1c/0xe0 [ 997.399720][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 997.405678][ C1] do_syscall_64+0x60/0xe0 [ 997.410095][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 997.415965][ C1] RIP: 0033:0x45cb29 [ 997.419833][ C1] Code: Bad RIP value. [ 997.423899][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 997.432293][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 997.440243][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 997.448450][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 997.456548][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 997.464503][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 997.472494][ C1] syz-executor.1 S28680 14285 6984 0x00000000 [ 997.478834][ C1] Call Trace: [ 997.482116][ C1] __schedule+0x8e1/0x1eb0 [ 997.486606][ C1] ? io_schedule_timeout+0x140/0x140 [ 997.491872][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 997.497324][ C1] schedule+0xd0/0x2a0 [ 997.501388][ C1] futex_wait_queue_me+0x2a7/0x570 [ 997.506514][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 997.511714][ C1] ? futex_wake+0x1b5/0x490 [ 997.516196][ C1] ? find_held_lock+0x2d/0x110 [ 997.520947][ C1] futex_wait+0x1df/0x560 [ 997.525255][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 997.530256][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 997.535179][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 997.540350][ C1] ? futex_wake+0x155/0x490 [ 997.544838][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 997.550790][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 997.556577][ C1] do_futex+0x15b/0x1a60 [ 997.560800][ C1] ? lock_acquire+0x1f1/0xad0 [ 997.565452][ C1] ? __might_fault+0xef/0x1d0 [ 997.570102][ C1] ? find_held_lock+0x2d/0x110 [ 997.574856][ C1] ? futex_exit_release+0x220/0x220 [ 997.580041][ C1] ? lock_downgrade+0x820/0x820 [ 997.584873][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 997.591715][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 997.596730][ C1] ? __might_fault+0x190/0x1d0 [ 997.601528][ C1] ? _copy_to_user+0x126/0x160 [ 997.606276][ C1] __x64_sys_futex+0x378/0x4e0 [ 997.611026][ C1] ? do_futex+0x1a60/0x1a60 [ 997.615506][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 997.621156][ C1] ? lock_is_held_type+0xb0/0xe0 [ 997.626085][ C1] ? do_syscall_64+0x1c/0xe0 [ 997.630652][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 997.636731][ C1] do_syscall_64+0x60/0xe0 [ 997.641253][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 997.648224][ C1] RIP: 0033:0x45cb29 [ 997.652115][ C1] Code: Bad RIP value. [ 997.656172][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 997.664674][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 997.672795][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 997.680740][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 997.688702][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 997.696659][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 997.704618][ C1] syz-executor.1 S29976 14287 14285 0x00000000 [ 997.710963][ C1] Call Trace: [ 997.714235][ C1] __schedule+0x8e1/0x1eb0 [ 997.718649][ C1] ? io_schedule_timeout+0x140/0x140 [ 997.724455][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 997.730403][ C1] schedule+0xd0/0x2a0 [ 997.734531][ C1] futex_wait_queue_me+0x2a7/0x570 [ 997.740151][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 997.746123][ C1] futex_wait+0x1df/0x560 [ 997.750468][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 997.756282][ C1] ? mark_lock+0xbc/0x1710 [ 997.760689][ C1] ? hash_futex+0x12/0x200 [ 997.765091][ C1] ? futex_wake+0x155/0x490 [ 997.769578][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 997.774764][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 997.780720][ C1] ? lock_downgrade+0x820/0x820 [ 997.785554][ C1] do_futex+0x15b/0x1a60 [ 997.789784][ C1] ? lock_acquire+0x1f1/0xad0 [ 997.794453][ C1] ? __might_fault+0xef/0x1d0 [ 997.799124][ C1] ? find_held_lock+0x2d/0x110 [ 997.803863][ C1] ? futex_exit_release+0x220/0x220 [ 997.809043][ C1] ? lock_downgrade+0x820/0x820 [ 997.814131][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 997.820347][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 997.825360][ C1] ? __might_fault+0x190/0x1d0 [ 997.830134][ C1] ? _copy_to_user+0x126/0x160 [ 997.835019][ C1] __x64_sys_futex+0x378/0x4e0 [ 997.839790][ C1] ? do_futex+0x1a60/0x1a60 [ 997.844274][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 997.849973][ C1] ? lock_is_held_type+0xb0/0xe0 [ 997.855062][ C1] ? do_syscall_64+0x1c/0xe0 [ 997.859641][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 997.865630][ C1] do_syscall_64+0x60/0xe0 [ 997.870110][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 997.875982][ C1] RIP: 0033:0x45cb29 [ 997.879876][ C1] Code: Bad RIP value. [ 997.883915][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 997.892310][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 997.900258][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 997.908226][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 997.916184][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 997.924139][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 997.932122][ C1] syz-executor.1 S29976 14305 6984 0x00000000 [ 997.938445][ C1] Call Trace: [ 997.941720][ C1] __schedule+0x8e1/0x1eb0 [ 997.946118][ C1] ? io_schedule_timeout+0x140/0x140 [ 997.951403][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 997.957131][ C1] schedule+0xd0/0x2a0 [ 997.961449][ C1] futex_wait_queue_me+0x2a7/0x570 [ 997.967000][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 997.972172][ C1] ? futex_wake+0x1b5/0x490 [ 997.976667][ C1] ? find_held_lock+0x2d/0x110 [ 997.981408][ C1] futex_wait+0x1df/0x560 [ 997.985715][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 997.990714][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 997.995633][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 998.000832][ C1] ? futex_wake+0x155/0x490 [ 998.005328][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 998.011308][ C1] ? lock_downgrade+0x820/0x820 [ 998.016342][ C1] do_futex+0x15b/0x1a60 [ 998.020601][ C1] ? lock_acquire+0x1f1/0xad0 [ 998.025284][ C1] ? __might_fault+0xef/0x1d0 [ 998.029941][ C1] ? find_held_lock+0x2d/0x110 [ 998.034684][ C1] ? futex_exit_release+0x220/0x220 [ 998.039861][ C1] ? lock_downgrade+0x820/0x820 [ 998.044808][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 998.051558][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 998.056572][ C1] ? __might_fault+0x190/0x1d0 [ 998.061505][ C1] ? _copy_to_user+0x126/0x160 [ 998.066250][ C1] __x64_sys_futex+0x378/0x4e0 [ 998.070994][ C1] ? do_futex+0x1a60/0x1a60 [ 998.075472][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 998.081432][ C1] ? lock_is_held_type+0xb0/0xe0 [ 998.086360][ C1] ? do_syscall_64+0x1c/0xe0 [ 998.090954][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 998.096918][ C1] do_syscall_64+0x60/0xe0 [ 998.101404][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 998.107280][ C1] RIP: 0033:0x45cb29 [ 998.111168][ C1] Code: Bad RIP value. [ 998.115217][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 998.123605][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 998.131568][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 998.139702][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 998.147667][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 998.155900][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 998.163865][ C1] syz-executor.1 S28928 14315 6984 0x00000000 [ 998.170179][ C1] Call Trace: [ 998.173470][ C1] __schedule+0x8e1/0x1eb0 [ 998.177870][ C1] ? io_schedule_timeout+0x140/0x140 [ 998.183138][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 998.188854][ C1] schedule+0xd0/0x2a0 [ 998.192990][ C1] futex_wait_queue_me+0x2a7/0x570 [ 998.198292][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 998.203468][ C1] ? find_held_lock+0x2d/0x110 [ 998.208211][ C1] futex_wait+0x1df/0x560 [ 998.212539][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 998.217543][ C1] ? mark_lock+0xbc/0x1710 [ 998.221941][ C1] ? hash_futex+0x12/0x200 [ 998.226422][ C1] ? futex_wake+0x155/0x490 [ 998.231271][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 998.236310][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 998.242275][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 998.248226][ C1] do_futex+0x15b/0x1a60 [ 998.252455][ C1] ? lock_acquire+0x1f1/0xad0 [ 998.257109][ C1] ? __might_fault+0xef/0x1d0 [ 998.261764][ C1] ? find_held_lock+0x2d/0x110 [ 998.266506][ C1] ? futex_exit_release+0x220/0x220 [ 998.271682][ C1] ? lock_downgrade+0x820/0x820 [ 998.276526][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 998.282743][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 998.287818][ C1] ? __might_fault+0x190/0x1d0 [ 998.292603][ C1] ? _copy_to_user+0x126/0x160 [ 998.297376][ C1] __x64_sys_futex+0x378/0x4e0 [ 998.302127][ C1] ? do_futex+0x1a60/0x1a60 [ 998.306631][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 998.312262][ C1] ? lock_is_held_type+0xb0/0xe0 [ 998.317220][ C1] ? do_syscall_64+0x1c/0xe0 [ 998.321822][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 998.327801][ C1] do_syscall_64+0x60/0xe0 [ 998.332198][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 998.338069][ C1] RIP: 0033:0x45cb29 [ 998.341933][ C1] Code: Bad RIP value. [ 998.345989][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 998.354375][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 998.362335][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 998.370437][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 998.378398][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 998.386434][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 998.394413][ C1] syz-executor.1 S29976 14316 14315 0x00000000 [ 998.400724][ C1] Call Trace: [ 998.403998][ C1] __schedule+0x8e1/0x1eb0 [ 998.408396][ C1] ? io_schedule_timeout+0x140/0x140 [ 998.413660][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 998.419101][ C1] schedule+0xd0/0x2a0 [ 998.423166][ C1] futex_wait_queue_me+0x2a7/0x570 [ 998.428255][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 998.433427][ C1] ? futex_wake+0x1b5/0x490 [ 998.437911][ C1] ? find_held_lock+0x2d/0x110 [ 998.442655][ C1] futex_wait+0x1df/0x560 [ 998.447069][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 998.452168][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 998.457081][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 998.462271][ C1] ? futex_wake+0x155/0x490 [ 998.466761][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 998.472726][ C1] ? lock_downgrade+0x820/0x820 [ 998.477553][ C1] do_futex+0x15b/0x1a60 [ 998.481783][ C1] ? lock_acquire+0x1f1/0xad0 [ 998.486447][ C1] ? __might_fault+0xef/0x1d0 [ 998.491100][ C1] ? find_held_lock+0x2d/0x110 [ 998.495846][ C1] ? futex_exit_release+0x220/0x220 [ 998.501022][ C1] ? lock_downgrade+0x820/0x820 [ 998.505850][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 998.512202][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 998.517581][ C1] ? __might_fault+0x190/0x1d0 [ 998.522324][ C1] ? _copy_to_user+0x126/0x160 [ 998.527082][ C1] __x64_sys_futex+0x378/0x4e0 [ 998.531842][ C1] ? do_futex+0x1a60/0x1a60 [ 998.536324][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 998.541948][ C1] ? lock_is_held_type+0xb0/0xe0 [ 998.546864][ C1] ? do_syscall_64+0x1c/0xe0 [ 998.551444][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 998.557484][ C1] do_syscall_64+0x60/0xe0 [ 998.561903][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 998.567842][ C1] RIP: 0033:0x45cb29 [ 998.571709][ C1] Code: Bad RIP value. [ 998.575767][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 998.584206][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 998.592169][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 998.600218][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 998.608179][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 998.616239][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 998.624235][ C1] syz-executor.1 S29976 14323 6984 0x00000000 [ 998.630584][ C1] Call Trace: [ 998.635163][ C1] __schedule+0x8e1/0x1eb0 [ 998.639579][ C1] ? io_schedule_timeout+0x140/0x140 [ 998.645214][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 998.650691][ C1] schedule+0xd0/0x2a0 [ 998.654760][ C1] futex_wait_queue_me+0x2a7/0x570 [ 998.659934][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 998.665128][ C1] futex_wait+0x1df/0x560 [ 998.669524][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 998.674551][ C1] ? mark_lock+0xbc/0x1710 [ 998.678949][ C1] ? hash_futex+0x12/0x200 [ 998.683417][ C1] ? futex_wake+0x155/0x490 [ 998.687916][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 998.693157][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 998.699128][ C1] ? lock_downgrade+0x820/0x820 [ 998.703963][ C1] do_futex+0x15b/0x1a60 [ 998.708195][ C1] ? lock_acquire+0x1f1/0xad0 [ 998.712849][ C1] ? __might_fault+0xef/0x1d0 [ 998.717525][ C1] ? find_held_lock+0x2d/0x110 [ 998.722298][ C1] ? futex_exit_release+0x220/0x220 [ 998.727575][ C1] ? lock_downgrade+0x820/0x820 [ 998.732440][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 998.738721][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 998.743739][ C1] ? __might_fault+0x190/0x1d0 [ 998.748744][ C1] ? _copy_to_user+0x126/0x160 [ 998.753543][ C1] __x64_sys_futex+0x378/0x4e0 [ 998.758306][ C1] ? do_futex+0x1a60/0x1a60 [ 998.762794][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 998.768406][ C1] ? lock_is_held_type+0xb0/0xe0 [ 998.773346][ C1] ? do_syscall_64+0x1c/0xe0 [ 998.777926][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 998.784106][ C1] do_syscall_64+0x60/0xe0 [ 998.788537][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 998.794409][ C1] RIP: 0033:0x45cb29 [ 998.798273][ C1] Code: Bad RIP value. [ 998.802485][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 998.811038][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 998.818992][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 998.826942][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 998.834891][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 998.842861][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 998.850841][ C1] syz-executor.1 S28040 14399 6984 0x00000000 [ 998.857186][ C1] Call Trace: [ 998.860485][ C1] __schedule+0x8e1/0x1eb0 [ 998.864965][ C1] ? io_schedule_timeout+0x140/0x140 [ 998.870253][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 998.875700][ C1] schedule+0xd0/0x2a0 [ 998.879776][ C1] futex_wait_queue_me+0x2a7/0x570 [ 998.884884][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 998.890073][ C1] ? futex_wake+0x1b5/0x490 [ 998.894561][ C1] ? find_held_lock+0x2d/0x110 [ 998.899321][ C1] futex_wait+0x1df/0x560 [ 998.903630][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 998.908670][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 998.913660][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 998.918853][ C1] ? futex_wake+0x155/0x490 [ 998.923369][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 998.929330][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 998.935116][ C1] do_futex+0x15b/0x1a60 [ 998.939339][ C1] ? lock_acquire+0x1f1/0xad0 [ 998.943994][ C1] ? __might_fault+0xef/0x1d0 [ 998.948646][ C1] ? find_held_lock+0x2d/0x110 [ 998.953417][ C1] ? futex_exit_release+0x220/0x220 [ 998.958671][ C1] ? lock_downgrade+0x820/0x820 [ 998.963531][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 998.969771][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 998.974909][ C1] ? __might_fault+0x190/0x1d0 [ 998.979937][ C1] ? _copy_to_user+0x126/0x160 [ 998.984688][ C1] __x64_sys_futex+0x378/0x4e0 [ 998.989433][ C1] ? do_futex+0x1a60/0x1a60 [ 998.994458][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 999.000082][ C1] ? lock_is_held_type+0xb0/0xe0 [ 999.005019][ C1] ? do_syscall_64+0x1c/0xe0 [ 999.009595][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 999.015554][ C1] do_syscall_64+0x60/0xe0 [ 999.019962][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 999.025839][ C1] RIP: 0033:0x45cb29 [ 999.029722][ C1] Code: Bad RIP value. [ 999.033768][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 999.042157][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 999.050120][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 999.058094][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 999.066043][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 999.074007][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 999.081989][ C1] syz-executor.1 S29976 14407 14399 0x00000000 [ 999.088304][ C1] Call Trace: [ 999.091576][ C1] __schedule+0x8e1/0x1eb0 [ 999.096088][ C1] ? io_schedule_timeout+0x140/0x140 [ 999.101357][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 999.106835][ C1] schedule+0xd0/0x2a0 [ 999.110890][ C1] futex_wait_queue_me+0x2a7/0x570 [ 999.115988][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 999.121525][ C1] ? futex_wake+0x1b5/0x490 [ 999.126039][ C1] ? find_held_lock+0x2d/0x110 [ 999.130796][ C1] futex_wait+0x1df/0x560 [ 999.135130][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 999.140133][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 999.145051][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 999.150231][ C1] ? futex_wake+0x155/0x490 [ 999.154731][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 999.160809][ C1] ? lock_downgrade+0x820/0x820 [ 999.165688][ C1] do_futex+0x15b/0x1a60 [ 999.170220][ C1] ? lock_acquire+0x1f1/0xad0 [ 999.175317][ C1] ? __might_fault+0xef/0x1d0 [ 999.179981][ C1] ? find_held_lock+0x2d/0x110 [ 999.184722][ C1] ? futex_exit_release+0x220/0x220 [ 999.189896][ C1] ? lock_downgrade+0x820/0x820 [ 999.194754][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 999.200992][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 999.206226][ C1] ? __might_fault+0x190/0x1d0 [ 999.211064][ C1] ? _copy_to_user+0x126/0x160 [ 999.215821][ C1] __x64_sys_futex+0x378/0x4e0 [ 999.220578][ C1] ? do_futex+0x1a60/0x1a60 [ 999.225199][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 999.230814][ C1] ? lock_is_held_type+0xb0/0xe0 [ 999.235737][ C1] ? do_syscall_64+0x1c/0xe0 [ 999.240350][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 999.246349][ C1] do_syscall_64+0x60/0xe0 [ 999.250746][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 999.256663][ C1] RIP: 0033:0x45cb29 [ 999.260574][ C1] Code: Bad RIP value. [ 999.264612][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 999.272998][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 999.280947][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 999.288897][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 999.296846][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 999.304796][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 999.312785][ C1] syz-executor.1 S29976 14443 6984 0x00000000 [ 999.319129][ C1] Call Trace: [ 999.322412][ C1] __schedule+0x8e1/0x1eb0 [ 999.326817][ C1] ? io_schedule_timeout+0x140/0x140 [ 999.332102][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 999.337543][ C1] schedule+0xd0/0x2a0 [ 999.341605][ C1] futex_wait_queue_me+0x2a7/0x570 [ 999.346721][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 999.351910][ C1] futex_wait+0x1df/0x560 [ 999.356218][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 999.361272][ C1] ? mark_lock+0xbc/0x1710 [ 999.365699][ C1] ? hash_futex+0x12/0x200 [ 999.370102][ C1] ? futex_wake+0x155/0x490 [ 999.374584][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 999.379607][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 999.385564][ C1] ? lock_downgrade+0x820/0x820 [ 999.390479][ C1] do_futex+0x15b/0x1a60 [ 999.394722][ C1] ? lock_acquire+0x1f1/0xad0 [ 999.399375][ C1] ? __might_fault+0xef/0x1d0 [ 999.404046][ C1] ? find_held_lock+0x2d/0x110 [ 999.408807][ C1] ? futex_exit_release+0x220/0x220 [ 999.414000][ C1] ? lock_downgrade+0x820/0x820 [ 999.418849][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 999.425068][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 999.430093][ C1] ? __might_fault+0x190/0x1d0 [ 999.434859][ C1] ? _copy_to_user+0x126/0x160 [ 999.439613][ C1] __x64_sys_futex+0x378/0x4e0 [ 999.444358][ C1] ? do_futex+0x1a60/0x1a60 [ 999.449022][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 999.454729][ C1] ? lock_is_held_type+0xb0/0xe0 [ 999.459776][ C1] ? do_syscall_64+0x1c/0xe0 [ 999.464418][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 999.470434][ C1] do_syscall_64+0x60/0xe0 [ 999.475504][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 999.482165][ C1] RIP: 0033:0x45cb29 [ 999.486045][ C1] Code: Bad RIP value. [ 999.490087][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 999.498580][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 999.507152][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 999.515484][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 999.524334][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 999.532865][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 999.540922][ C1] kvm-nx-lpage-re S30224 14459 2 0x00004000 [ 999.547353][ C1] Call Trace: [ 999.550627][ C1] __schedule+0x8e1/0x1eb0 [ 999.555027][ C1] ? io_schedule_timeout+0x140/0x140 [ 999.560289][ C1] ? lock_acquire+0x1f1/0xad0 [ 999.564944][ C1] schedule+0xd0/0x2a0 [ 999.569080][ C1] schedule_timeout+0x1d8/0x250 [ 999.574324][ C1] ? usleep_range+0x170/0x170 [ 999.579170][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 999.584365][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 999.590348][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 999.596400][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 999.601498][ C1] ? _raw_spin_unlock_irq+0x55/0x80 [ 999.606687][ C1] ? finish_task_switch+0x147/0x750 [ 999.611858][ C1] ? finish_task_switch+0x119/0x750 [ 999.617033][ C1] kvm_nx_lpage_recovery_worker+0x1ca/0x760 [ 999.622905][ C1] ? __kthread_parkme+0xad/0x1e0 [ 999.627826][ C1] ? kvm_mmu_pte_write+0xd40/0xd40 [ 999.632935][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 999.638778][ C1] ? __kthread_parkme+0x4c/0x1e0 [ 999.643874][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 999.650115][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 999.655124][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 999.660240][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 999.665265][ C1] kvm_vm_worker_thread+0x1b3/0x270 [ 999.670454][ C1] ? kvm_mmu_pte_write+0xd40/0xd40 [ 999.675550][ C1] ? kvm_exit+0x80/0x80 [ 999.679684][ C1] kthread+0x3b5/0x4a0 [ 999.683747][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 999.688831][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 999.693922][ C1] ret_from_fork+0x1f/0x30 [ 999.698338][ C1] syz-executor.0 S29976 14465 6845 0x00000000 [ 999.704647][ C1] Call Trace: [ 999.707917][ C1] __schedule+0x8e1/0x1eb0 [ 999.712316][ C1] ? io_schedule_timeout+0x140/0x140 [ 999.717784][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 999.723246][ C1] schedule+0xd0/0x2a0 [ 999.727314][ C1] futex_wait_queue_me+0x2a7/0x570 [ 999.732421][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 999.737696][ C1] ? futex_wake+0x1b5/0x490 [ 999.742174][ C1] ? find_held_lock+0x2d/0x110 [ 999.746941][ C1] futex_wait+0x1df/0x560 [ 999.751270][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 999.756381][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 999.761306][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 999.766484][ C1] ? futex_wake+0x155/0x490 [ 999.770970][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 999.776933][ C1] ? lock_downgrade+0x820/0x820 [ 999.781770][ C1] do_futex+0x15b/0x1a60 [ 999.786012][ C1] ? lock_acquire+0x1f1/0xad0 [ 999.790680][ C1] ? __might_fault+0xef/0x1d0 [ 999.795626][ C1] ? find_held_lock+0x2d/0x110 [ 999.800401][ C1] ? futex_exit_release+0x220/0x220 [ 999.805596][ C1] ? lock_downgrade+0x820/0x820 [ 999.810450][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 999.817205][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 999.822473][ C1] ? __might_fault+0x190/0x1d0 [ 999.827407][ C1] ? _copy_to_user+0x126/0x160 [ 999.832176][ C1] __x64_sys_futex+0x378/0x4e0 [ 999.836928][ C1] ? do_futex+0x1a60/0x1a60 [ 999.841408][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 999.847021][ C1] ? lock_is_held_type+0xb0/0xe0 [ 999.851936][ C1] ? do_syscall_64+0x1c/0xe0 [ 999.856680][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 999.862653][ C1] do_syscall_64+0x60/0xe0 [ 999.867129][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 999.872999][ C1] RIP: 0033:0x45cb29 [ 999.876867][ C1] Code: Bad RIP value. [ 999.881951][ C1] RSP: 002b:00007fbcbd7a7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 999.890364][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 999.898312][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 999.906288][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 999.914236][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 999.922186][ C1] R13: 0000000000c9fb6f R14: 00007fbcbd7a89c0 R15: 000000000078bf0c [ 999.930152][ C1] syz-executor.0 S29976 14471 6845 0x00000000 [ 999.936469][ C1] Call Trace: [ 999.939739][ C1] __schedule+0x8e1/0x1eb0 [ 999.944137][ C1] ? io_schedule_timeout+0x140/0x140 [ 999.949400][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 999.954943][ C1] schedule+0xd0/0x2a0 [ 999.960650][ C1] futex_wait_queue_me+0x2a7/0x570 [ 999.967194][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 999.972553][ C1] futex_wait+0x1df/0x560 [ 999.977447][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 999.982575][ C1] ? mark_lock+0xbc/0x1710 [ 999.986976][ C1] ? hash_futex+0x12/0x200 [ 999.991371][ C1] ? futex_wake+0x155/0x490 [ 999.995859][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1000.000893][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1000.006873][ C1] ? lock_downgrade+0x820/0x820 [ 1000.011886][ C1] do_futex+0x15b/0x1a60 [ 1000.017682][ C1] ? lock_acquire+0x1f1/0xad0 [ 1000.022352][ C1] ? __might_fault+0xef/0x1d0 [ 1000.027188][ C1] ? find_held_lock+0x2d/0x110 [ 1000.031975][ C1] ? futex_exit_release+0x220/0x220 [ 1000.037290][ C1] ? lock_downgrade+0x820/0x820 [ 1000.042162][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1000.048720][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1000.053734][ C1] ? __might_fault+0x190/0x1d0 [ 1000.058584][ C1] ? _copy_to_user+0x126/0x160 [ 1000.064163][ C1] __x64_sys_futex+0x378/0x4e0 [ 1000.069395][ C1] ? do_futex+0x1a60/0x1a60 [ 1000.074029][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1000.079790][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1000.084727][ C1] ? do_syscall_64+0x1c/0xe0 [ 1000.089363][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1000.095336][ C1] do_syscall_64+0x60/0xe0 [ 1000.099887][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1000.106318][ C1] RIP: 0033:0x45cb29 [ 1000.110189][ C1] Code: Bad RIP value. [ 1000.114759][ C1] RSP: 002b:00007fbcbd7a7cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1000.123147][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1000.131119][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1000.139070][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1000.147042][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1000.155003][ C1] R13: 0000000000c9fb6f R14: 00007fbcbd7a89c0 R15: 000000000078bf0c [ 1000.163064][ C1] syz-executor.1 S28456 14479 6984 0x00000000 [ 1000.169379][ C1] Call Trace: [ 1000.172657][ C1] __schedule+0x8e1/0x1eb0 [ 1000.177058][ C1] ? io_schedule_timeout+0x140/0x140 [ 1000.182320][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1000.187783][ C1] schedule+0xd0/0x2a0 [ 1000.191830][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1000.196919][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1000.202097][ C1] ? futex_wake+0x1b5/0x490 [ 1000.206607][ C1] ? find_held_lock+0x2d/0x110 [ 1000.211351][ C1] futex_wait+0x1df/0x560 [ 1000.215660][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1000.220750][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1000.225666][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1000.230847][ C1] ? futex_wake+0x155/0x490 [ 1000.235338][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1000.241296][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1000.247190][ C1] do_futex+0x15b/0x1a60 [ 1000.251601][ C1] ? lock_acquire+0x1f1/0xad0 [ 1000.256273][ C1] ? __might_fault+0xef/0x1d0 [ 1000.260942][ C1] ? find_held_lock+0x2d/0x110 [ 1000.265685][ C1] ? futex_exit_release+0x220/0x220 [ 1000.270866][ C1] ? lock_downgrade+0x820/0x820 [ 1000.275696][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1000.281918][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1000.286943][ C1] ? __might_fault+0x190/0x1d0 [ 1000.291684][ C1] ? _copy_to_user+0x126/0x160 [ 1000.296521][ C1] __x64_sys_futex+0x378/0x4e0 [ 1000.301327][ C1] ? do_futex+0x1a60/0x1a60 [ 1000.305818][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1000.311499][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1000.316437][ C1] ? do_syscall_64+0x1c/0xe0 [ 1000.321050][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1000.327041][ C1] do_syscall_64+0x60/0xe0 [ 1000.331449][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1000.337414][ C1] RIP: 0033:0x45cb29 [ 1000.341294][ C1] Code: Bad RIP value. [ 1000.345333][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1000.353725][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1000.361674][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1000.369634][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1000.377579][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1000.385612][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1000.393573][ C1] syz-executor.1 S29976 14485 14479 0x00000000 [ 1000.400001][ C1] Call Trace: [ 1000.403294][ C1] __schedule+0x8e1/0x1eb0 [ 1000.408325][ C1] ? io_schedule_timeout+0x140/0x140 [ 1000.414702][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1000.420582][ C1] schedule+0xd0/0x2a0 [ 1000.424731][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1000.429834][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1000.435824][ C1] futex_wait+0x1df/0x560 [ 1000.440164][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1000.445177][ C1] ? mark_lock+0xbc/0x1710 [ 1000.449588][ C1] ? hash_futex+0x12/0x200 [ 1000.454002][ C1] ? futex_wake+0x155/0x490 [ 1000.458695][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1000.463834][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1000.471276][ C1] ? lock_downgrade+0x820/0x820 [ 1000.476725][ C1] do_futex+0x15b/0x1a60 [ 1000.481094][ C1] ? lock_acquire+0x1f1/0xad0 [ 1000.486175][ C1] ? __might_fault+0xef/0x1d0 [ 1000.491529][ C1] ? find_held_lock+0x2d/0x110 [ 1000.496297][ C1] ? futex_exit_release+0x220/0x220 [ 1000.501476][ C1] ? lock_downgrade+0x820/0x820 [ 1000.506331][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1000.512562][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1000.518553][ C1] ? __might_fault+0x190/0x1d0 [ 1000.523446][ C1] ? _copy_to_user+0x126/0x160 [ 1000.528235][ C1] __x64_sys_futex+0x378/0x4e0 [ 1000.533024][ C1] ? do_futex+0x1a60/0x1a60 [ 1000.537515][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1000.543142][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1000.548092][ C1] ? do_syscall_64+0x1c/0xe0 [ 1000.552701][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1000.558699][ C1] do_syscall_64+0x60/0xe0 [ 1000.563101][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1000.568971][ C1] RIP: 0033:0x45cb29 [ 1000.572849][ C1] Code: Bad RIP value. [ 1000.577082][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1000.585485][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1000.593437][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1000.601387][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1000.609342][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1000.617311][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1000.625293][ C1] syz-executor.1 S29976 14502 6984 0x00000000 [ 1000.632129][ C1] Call Trace: [ 1000.635420][ C1] __schedule+0x8e1/0x1eb0 [ 1000.639827][ C1] ? io_schedule_timeout+0x140/0x140 [ 1000.645092][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1000.650809][ C1] schedule+0xd0/0x2a0 [ 1000.654860][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1000.659951][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1000.665136][ C1] futex_wait+0x1df/0x560 [ 1000.669447][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1000.674539][ C1] ? hash_futex+0x12/0x200 [ 1000.679124][ C1] ? futex_wake+0x155/0x490 [ 1000.683631][ C1] ? lock_downgrade+0x820/0x820 [ 1000.688475][ C1] do_futex+0x15b/0x1a60 [ 1000.692809][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1000.698248][ C1] ? _raw_spin_unlock+0x24/0x40 [ 1000.703184][ C1] ? do_wp_page+0x16a/0x1950 [ 1000.707753][ C1] ? futex_exit_release+0x220/0x220 [ 1000.713007][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 1000.718083][ C1] ? find_held_lock+0x2d/0x110 [ 1000.722856][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 1000.728046][ C1] ? __up_read+0x1a1/0x7b0 [ 1000.732461][ C1] ? _down_write_nest_lock+0x150/0x150 [ 1000.737905][ C1] __x64_sys_futex+0x378/0x4e0 [ 1000.742770][ C1] ? do_futex+0x1a60/0x1a60 [ 1000.747350][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1000.752375][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1000.757403][ C1] ? do_syscall_64+0x1c/0xe0 [ 1000.762048][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1000.768072][ C1] do_syscall_64+0x60/0xe0 [ 1000.772493][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1000.778366][ C1] RIP: 0033:0x45cb29 [ 1000.782229][ C1] Code: Bad RIP value. [ 1000.786281][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1000.794681][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1000.804079][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1000.812036][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1000.820163][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1000.828394][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1000.836368][ C1] syz-executor.1 S28896 14545 6984 0x00000000 [ 1000.842699][ C1] Call Trace: [ 1000.846017][ C1] __schedule+0x8e1/0x1eb0 [ 1000.850523][ C1] ? io_schedule_timeout+0x140/0x140 [ 1000.855790][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1000.861595][ C1] schedule+0xd0/0x2a0 [ 1000.866115][ C1] schedule_timeout+0x1d8/0x250 [ 1000.871120][ C1] ? usleep_range+0x170/0x170 [ 1000.875827][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1000.880947][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1000.886827][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1000.892640][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 1000.898253][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1000.904042][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1000.910027][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 1000.915924][ C1] ? skb_free_datagram+0xf0/0xf0 [ 1000.920840][ C1] ? proto_seq_start+0x50/0x50 [ 1000.925581][ C1] ? skb_segment.cold+0x38/0x38 [ 1000.930421][ C1] ? mark_lock+0xbc/0x1710 [ 1000.934820][ C1] __skb_recv_datagram+0x171/0x220 [ 1000.939913][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 1000.945537][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 1000.950628][ C1] ? __schedule+0x887/0x1eb0 [ 1000.955395][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1000.960323][ C1] skb_recv_datagram+0xa7/0xe0 [ 1000.965071][ C1] ? __skb_recv_datagram+0x220/0x220 [ 1000.970334][ C1] ? aa_sk_perm+0x316/0xaa0 [ 1000.974901][ C1] ? __might_fault+0xef/0x1d0 [ 1000.979557][ C1] raw_recvmsg+0xab/0x550 [ 1000.983865][ C1] ? raw_release+0x890/0x890 [ 1000.988436][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 1000.993874][ C1] ? raw_release+0x890/0x890 [ 1000.998443][ C1] ____sys_recvmsg+0x2c4/0x640 [ 1001.003203][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 1001.009073][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 1001.014705][ C1] ? import_iovec+0x23b/0x3d0 [ 1001.019362][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 1001.024642][ C1] ___sys_recvmsg+0x127/0x200 [ 1001.029319][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 1001.035017][ C1] ? lock_downgrade+0x820/0x820 [ 1001.039842][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1001.044952][ C1] ? __fget_files+0x294/0x400 [ 1001.049612][ C1] ? __fget_light+0xea/0x280 [ 1001.054182][ C1] do_recvmmsg+0x24d/0x6d0 [ 1001.058579][ C1] ? ___sys_recvmsg+0x200/0x200 [ 1001.063753][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1001.069971][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1001.075080][ C1] ? put_timespec64+0xcb/0x120 [ 1001.079992][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 1001.084834][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 1001.090884][ C1] ? __do_sys_socketcall+0x550/0x550 [ 1001.096165][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1001.101261][ C1] ? do_syscall_64+0x1c/0xe0 [ 1001.105858][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1001.111995][ C1] do_syscall_64+0x60/0xe0 [ 1001.116405][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1001.122482][ C1] RIP: 0033:0x45cb29 [ 1001.127029][ C1] Code: Bad RIP value. [ 1001.131123][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1001.142742][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 1001.150806][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 1001.158869][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1001.167003][ C1] R10: 0000000000000001 R11: 0000000000000246 R12: 00000000ffffffff [ 1001.174978][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 1001.182950][ C1] syz-executor.1 S29976 14549 14545 0x00000000 [ 1001.189387][ C1] Call Trace: [ 1001.192887][ C1] __schedule+0x8e1/0x1eb0 [ 1001.199074][ C1] ? io_schedule_timeout+0x140/0x140 [ 1001.204492][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1001.210203][ C1] schedule+0xd0/0x2a0 [ 1001.214289][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1001.219444][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1001.225460][ C1] futex_wait+0x1df/0x560 [ 1001.229794][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1001.234800][ C1] ? mark_lock+0xbc/0x1710 [ 1001.239228][ C1] ? hash_futex+0x12/0x200 [ 1001.243644][ C1] ? futex_wake+0x155/0x490 [ 1001.248137][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1001.253159][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1001.259138][ C1] ? lock_downgrade+0x820/0x820 [ 1001.264158][ C1] do_futex+0x15b/0x1a60 [ 1001.268392][ C1] ? lock_acquire+0x1f1/0xad0 [ 1001.273049][ C1] ? __might_fault+0xef/0x1d0 [ 1001.277711][ C1] ? find_held_lock+0x2d/0x110 [ 1001.282460][ C1] ? futex_exit_release+0x220/0x220 [ 1001.287930][ C1] ? lock_downgrade+0x820/0x820 [ 1001.292791][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1001.299032][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1001.304058][ C1] ? __might_fault+0x190/0x1d0 [ 1001.308805][ C1] ? _copy_to_user+0x126/0x160 [ 1001.313551][ C1] __x64_sys_futex+0x378/0x4e0 [ 1001.318316][ C1] ? do_futex+0x1a60/0x1a60 [ 1001.322963][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1001.328596][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1001.333536][ C1] ? do_syscall_64+0x1c/0xe0 [ 1001.338216][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1001.344176][ C1] do_syscall_64+0x60/0xe0 [ 1001.348571][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1001.354469][ C1] RIP: 0033:0x45cb29 [ 1001.358365][ C1] Code: Bad RIP value. [ 1001.362410][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1001.370795][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1001.378743][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1001.386703][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1001.394664][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1001.402615][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1001.410579][ C1] syz-executor.1 S28384 14558 14545 0x00000000 [ 1001.417239][ C1] Call Trace: [ 1001.420531][ C1] __schedule+0x8e1/0x1eb0 [ 1001.424932][ C1] ? io_schedule_timeout+0x140/0x140 [ 1001.430294][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1001.436306][ C1] schedule+0xd0/0x2a0 [ 1001.441020][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1001.446110][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1001.451943][ C1] ? futex_wake+0x1b5/0x490 [ 1001.456517][ C1] ? find_held_lock+0x2d/0x110 [ 1001.463152][ C1] futex_wait+0x1df/0x560 [ 1001.467833][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1001.475691][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1001.480635][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1001.485814][ C1] ? futex_wake+0x155/0x490 [ 1001.490305][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1001.496280][ C1] do_futex+0x15b/0x1a60 [ 1001.500523][ C1] ? lock_acquire+0x1f1/0xad0 [ 1001.505217][ C1] ? __might_fault+0xef/0x1d0 [ 1001.509904][ C1] ? find_held_lock+0x2d/0x110 [ 1001.516463][ C1] ? futex_exit_release+0x220/0x220 [ 1001.522390][ C1] ? lock_downgrade+0x820/0x820 [ 1001.527337][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1001.533681][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1001.538737][ C1] ? __might_fault+0x190/0x1d0 [ 1001.543779][ C1] ? _copy_to_user+0x126/0x160 [ 1001.549685][ C1] __x64_sys_futex+0x378/0x4e0 [ 1001.554520][ C1] ? do_futex+0x1a60/0x1a60 [ 1001.559215][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1001.565652][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1001.570570][ C1] ? do_syscall_64+0x1c/0xe0 [ 1001.575140][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1001.581659][ C1] do_syscall_64+0x60/0xe0 [ 1001.587476][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1001.593891][ C1] RIP: 0033:0x45cb29 [ 1001.598265][ C1] Code: Bad RIP value. [ 1001.603032][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1001.611884][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1001.620221][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1001.629510][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1001.638424][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1001.646380][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1001.655917][ C1] syz-executor.1 S29976 14562 6984 0x00000000 [ 1001.662742][ C1] Call Trace: [ 1001.666511][ C1] __schedule+0x8e1/0x1eb0 [ 1001.671256][ C1] ? io_schedule_timeout+0x140/0x140 [ 1001.677630][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1001.683083][ C1] schedule+0xd0/0x2a0 [ 1001.687156][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1001.693118][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1001.701024][ C1] futex_wait+0x1df/0x560 [ 1001.705575][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1001.711149][ C1] ? hash_futex+0x12/0x200 [ 1001.715546][ C1] ? futex_wake+0x155/0x490 [ 1001.720160][ C1] ? lock_downgrade+0x820/0x820 [ 1001.726178][ C1] do_futex+0x15b/0x1a60 [ 1001.730520][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1001.736445][ C1] ? _raw_spin_unlock+0x24/0x40 [ 1001.741292][ C1] ? do_wp_page+0x16a/0x1950 [ 1001.748112][ C1] ? futex_exit_release+0x220/0x220 [ 1001.755715][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 1001.760753][ C1] ? find_held_lock+0x2d/0x110 [ 1001.765544][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 1001.772895][ C1] ? __up_read+0x1a1/0x7b0 [ 1001.780415][ C1] ? _down_write_nest_lock+0x150/0x150 [ 1001.788398][ C1] __x64_sys_futex+0x378/0x4e0 [ 1001.793392][ C1] ? do_futex+0x1a60/0x1a60 [ 1001.797910][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1001.803015][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1001.809376][ C1] ? do_syscall_64+0x1c/0xe0 [ 1001.813963][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1001.820476][ C1] do_syscall_64+0x60/0xe0 [ 1001.824874][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1001.830761][ C1] RIP: 0033:0x45cb29 [ 1001.834626][ C1] Code: Bad RIP value. [ 1001.838666][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1001.847053][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1001.856644][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1001.865201][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1001.875403][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1001.883740][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1001.894429][ C1] syz-executor.1 S28384 14576 6984 0x00000000 [ 1001.901007][ C1] Call Trace: [ 1001.904279][ C1] __schedule+0x8e1/0x1eb0 [ 1001.908678][ C1] ? io_schedule_timeout+0x140/0x140 [ 1001.913944][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1001.919407][ C1] schedule+0xd0/0x2a0 [ 1001.923458][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1001.929691][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1001.934889][ C1] ? find_held_lock+0x2d/0x110 [ 1001.939718][ C1] futex_wait+0x1df/0x560 [ 1001.944126][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1001.950017][ C1] ? mark_lock+0xbc/0x1710 [ 1001.954420][ C1] ? hash_futex+0x12/0x200 [ 1001.958823][ C1] ? futex_wake+0x155/0x490 [ 1001.963307][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1001.968334][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1001.974294][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1001.980082][ C1] do_futex+0x15b/0x1a60 [ 1001.984309][ C1] ? lock_acquire+0x1f1/0xad0 [ 1001.989071][ C1] ? __might_fault+0xef/0x1d0 [ 1001.993829][ C1] ? find_held_lock+0x2d/0x110 [ 1001.999164][ C1] ? futex_exit_release+0x220/0x220 [ 1002.005440][ C1] ? lock_downgrade+0x820/0x820 [ 1002.010548][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1002.016902][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1002.021936][ C1] ? __might_fault+0x190/0x1d0 [ 1002.026715][ C1] ? _copy_to_user+0x126/0x160 [ 1002.031693][ C1] __x64_sys_futex+0x378/0x4e0 [ 1002.038696][ C1] ? do_futex+0x1a60/0x1a60 [ 1002.043813][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1002.049430][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1002.054349][ C1] ? do_syscall_64+0x1c/0xe0 [ 1002.059004][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1002.064981][ C1] do_syscall_64+0x60/0xe0 [ 1002.069377][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1002.076136][ C1] RIP: 0033:0x45cb29 [ 1002.080175][ C1] Code: Bad RIP value. [ 1002.084227][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1002.095055][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1002.105667][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1002.113632][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1002.121583][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1002.129578][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1002.137645][ C1] syz-executor.1 S29976 14580 14576 0x00000000 [ 1002.145037][ C1] Call Trace: [ 1002.148466][ C1] __schedule+0x8e1/0x1eb0 [ 1002.153243][ C1] ? io_schedule_timeout+0x140/0x140 [ 1002.158591][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1002.164052][ C1] schedule+0xd0/0x2a0 [ 1002.168124][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1002.173287][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1002.178522][ C1] ? futex_wake+0x1b5/0x490 [ 1002.183015][ C1] ? find_held_lock+0x2d/0x110 [ 1002.192285][ C1] futex_wait+0x1df/0x560 [ 1002.196640][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1002.202245][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1002.207171][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1002.212349][ C1] ? futex_wake+0x155/0x490 [ 1002.216957][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1002.222911][ C1] ? lock_downgrade+0x820/0x820 [ 1002.227739][ C1] do_futex+0x15b/0x1a60 [ 1002.232140][ C1] ? lock_acquire+0x1f1/0xad0 [ 1002.236813][ C1] ? __might_fault+0xef/0x1d0 [ 1002.241524][ C1] ? find_held_lock+0x2d/0x110 [ 1002.246290][ C1] ? futex_exit_release+0x220/0x220 [ 1002.251504][ C1] ? lock_downgrade+0x820/0x820 [ 1002.256340][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1002.262559][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1002.267660][ C1] ? __might_fault+0x190/0x1d0 [ 1002.272402][ C1] ? _copy_to_user+0x126/0x160 [ 1002.277242][ C1] __x64_sys_futex+0x378/0x4e0 [ 1002.281985][ C1] ? do_futex+0x1a60/0x1a60 [ 1002.286481][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1002.292189][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1002.297103][ C1] ? do_syscall_64+0x1c/0xe0 [ 1002.301672][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1002.307636][ C1] do_syscall_64+0x60/0xe0 [ 1002.312033][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1002.317903][ C1] RIP: 0033:0x45cb29 [ 1002.321779][ C1] Code: Bad RIP value. [ 1002.325822][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1002.334220][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1002.342182][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1002.350173][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1002.358138][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1002.367056][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1002.375058][ C1] syz-executor.1 S29976 14596 6984 0x00000000 [ 1002.381384][ C1] Call Trace: [ 1002.384664][ C1] __schedule+0x8e1/0x1eb0 [ 1002.389187][ C1] ? io_schedule_timeout+0x140/0x140 [ 1002.394472][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1002.399931][ C1] schedule+0xd0/0x2a0 [ 1002.403978][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1002.409069][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1002.414253][ C1] ? futex_wake+0x1b5/0x490 [ 1002.419179][ C1] ? find_held_lock+0x2d/0x110 [ 1002.423922][ C1] futex_wait+0x1df/0x560 [ 1002.428416][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1002.433426][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1002.438423][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1002.444323][ C1] ? futex_wake+0x155/0x490 [ 1002.449182][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1002.456048][ C1] ? lock_downgrade+0x820/0x820 [ 1002.460979][ C1] do_futex+0x15b/0x1a60 [ 1002.465218][ C1] ? lock_acquire+0x1f1/0xad0 [ 1002.469888][ C1] ? __might_fault+0xef/0x1d0 [ 1002.474559][ C1] ? find_held_lock+0x2d/0x110 [ 1002.479300][ C1] ? futex_exit_release+0x220/0x220 [ 1002.484554][ C1] ? lock_downgrade+0x820/0x820 [ 1002.489491][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1002.495825][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1002.500836][ C1] ? __might_fault+0x190/0x1d0 [ 1002.505709][ C1] ? _copy_to_user+0x126/0x160 [ 1002.511581][ C1] __x64_sys_futex+0x378/0x4e0 [ 1002.516327][ C1] ? do_futex+0x1a60/0x1a60 [ 1002.520834][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1002.526458][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1002.531387][ C1] ? do_syscall_64+0x1c/0xe0 [ 1002.535954][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1002.541925][ C1] do_syscall_64+0x60/0xe0 [ 1002.546363][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1002.552285][ C1] RIP: 0033:0x45cb29 [ 1002.556151][ C1] Code: Bad RIP value. [ 1002.560297][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1002.568701][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1002.576659][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1002.584613][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1002.592562][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1002.600522][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1002.608578][ C1] syz-executor.1 S28928 14613 6984 0x00000000 [ 1002.614942][ C1] Call Trace: [ 1002.618227][ C1] __schedule+0x8e1/0x1eb0 [ 1002.622633][ C1] ? io_schedule_timeout+0x140/0x140 [ 1002.627898][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1002.633341][ C1] schedule+0xd0/0x2a0 [ 1002.637424][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1002.642518][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1002.647695][ C1] ? futex_wake+0x1b5/0x490 [ 1002.652174][ C1] ? find_held_lock+0x2d/0x110 [ 1002.656960][ C1] futex_wait+0x1df/0x560 [ 1002.661285][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1002.666303][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1002.671233][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1002.676671][ C1] ? futex_wake+0x155/0x490 [ 1002.681174][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1002.687142][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1002.692953][ C1] do_futex+0x15b/0x1a60 [ 1002.697186][ C1] ? lock_acquire+0x1f1/0xad0 [ 1002.701854][ C1] ? __might_fault+0xef/0x1d0 [ 1002.706515][ C1] ? find_held_lock+0x2d/0x110 [ 1002.711256][ C1] ? futex_exit_release+0x220/0x220 [ 1002.716448][ C1] ? lock_downgrade+0x820/0x820 [ 1002.721368][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1002.727658][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1002.732674][ C1] ? __might_fault+0x190/0x1d0 [ 1002.737456][ C1] ? _copy_to_user+0x126/0x160 [ 1002.743001][ C1] __x64_sys_futex+0x378/0x4e0 [ 1002.747779][ C1] ? do_futex+0x1a60/0x1a60 [ 1002.752532][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1002.758367][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1002.763301][ C1] ? do_syscall_64+0x1c/0xe0 [ 1002.767872][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1002.773832][ C1] do_syscall_64+0x60/0xe0 [ 1002.778227][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1002.784100][ C1] RIP: 0033:0x45cb29 [ 1002.787967][ C1] Code: Bad RIP value. [ 1002.792010][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1002.800570][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1002.808521][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1002.816494][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1002.824458][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1002.832410][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1002.840689][ C1] syz-executor.1 S29976 14615 14613 0x00000000 [ 1002.847031][ C1] Call Trace: [ 1002.850425][ C1] __schedule+0x8e1/0x1eb0 [ 1002.854847][ C1] ? io_schedule_timeout+0x140/0x140 [ 1002.860359][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1002.866064][ C1] schedule+0xd0/0x2a0 [ 1002.870166][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1002.875305][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1002.880615][ C1] futex_wait+0x1df/0x560 [ 1002.885030][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1002.890033][ C1] ? mark_lock+0xbc/0x1710 [ 1002.894428][ C1] ? hash_futex+0x12/0x200 [ 1002.898826][ C1] ? futex_wake+0x155/0x490 [ 1002.903320][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1002.908328][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1002.914372][ C1] ? lock_downgrade+0x820/0x820 [ 1002.919217][ C1] do_futex+0x15b/0x1a60 [ 1002.923463][ C1] ? lock_acquire+0x1f1/0xad0 [ 1002.928140][ C1] ? __might_fault+0xef/0x1d0 [ 1002.932956][ C1] ? find_held_lock+0x2d/0x110 [ 1002.937708][ C1] ? futex_exit_release+0x220/0x220 [ 1002.942910][ C1] ? lock_downgrade+0x820/0x820 [ 1002.947751][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1002.954239][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1002.959247][ C1] ? __might_fault+0x190/0x1d0 [ 1002.964010][ C1] ? _copy_to_user+0x126/0x160 [ 1002.968768][ C1] __x64_sys_futex+0x378/0x4e0 [ 1002.973524][ C1] ? do_futex+0x1a60/0x1a60 [ 1002.978105][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1002.983728][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1002.988655][ C1] ? do_syscall_64+0x1c/0xe0 [ 1002.993222][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1002.999201][ C1] do_syscall_64+0x60/0xe0 [ 1003.003592][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1003.009461][ C1] RIP: 0033:0x45cb29 [ 1003.013324][ C1] Code: Bad RIP value. [ 1003.017365][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1003.025765][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1003.034153][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1003.042101][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1003.050061][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1003.058022][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1003.066090][ C1] syz-executor.1 S29976 14623 6984 0x00000000 [ 1003.072400][ C1] Call Trace: [ 1003.075669][ C1] __schedule+0x8e1/0x1eb0 [ 1003.080084][ C1] ? io_schedule_timeout+0x140/0x140 [ 1003.085350][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1003.090809][ C1] schedule+0xd0/0x2a0 [ 1003.094857][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1003.099946][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1003.105137][ C1] ? futex_wake+0x1b5/0x490 [ 1003.109620][ C1] ? find_held_lock+0x2d/0x110 [ 1003.114365][ C1] futex_wait+0x1df/0x560 [ 1003.118675][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1003.123675][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1003.128590][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1003.133776][ C1] ? futex_wake+0x155/0x490 [ 1003.138276][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1003.144245][ C1] ? lock_downgrade+0x820/0x820 [ 1003.149076][ C1] do_futex+0x15b/0x1a60 [ 1003.153303][ C1] ? lock_acquire+0x1f1/0xad0 [ 1003.157961][ C1] ? __might_fault+0xef/0x1d0 [ 1003.162629][ C1] ? find_held_lock+0x2d/0x110 [ 1003.167389][ C1] ? futex_exit_release+0x220/0x220 [ 1003.172583][ C1] ? lock_downgrade+0x820/0x820 [ 1003.177411][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1003.183646][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1003.188674][ C1] ? __might_fault+0x190/0x1d0 [ 1003.193431][ C1] ? _copy_to_user+0x126/0x160 [ 1003.198211][ C1] __x64_sys_futex+0x378/0x4e0 [ 1003.202973][ C1] ? do_futex+0x1a60/0x1a60 [ 1003.207480][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1003.213115][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1003.218037][ C1] ? do_syscall_64+0x1c/0xe0 [ 1003.222608][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1003.228828][ C1] do_syscall_64+0x60/0xe0 [ 1003.233241][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1003.239126][ C1] RIP: 0033:0x45cb29 [ 1003.242991][ C1] Code: Bad RIP value. [ 1003.247030][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1003.255527][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1003.263528][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1003.271543][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1003.279702][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1003.287654][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1003.295721][ C1] syz-executor.1 S29976 14649 6984 0x00000000 [ 1003.302045][ C1] Call Trace: [ 1003.305334][ C1] __schedule+0x8e1/0x1eb0 [ 1003.309745][ C1] ? io_schedule_timeout+0x140/0x140 [ 1003.315040][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1003.320482][ C1] schedule+0xd0/0x2a0 [ 1003.324532][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1003.329637][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1003.334810][ C1] ? futex_wake+0x1b5/0x490 [ 1003.339294][ C1] ? find_held_lock+0x2d/0x110 [ 1003.344043][ C1] futex_wait+0x1df/0x560 [ 1003.348354][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1003.353354][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1003.358270][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1003.363481][ C1] ? futex_wake+0x155/0x490 [ 1003.367978][ C1] ? lock_downgrade+0x820/0x820 [ 1003.372830][ C1] do_futex+0x15b/0x1a60 [ 1003.377085][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1003.382267][ C1] ? _raw_spin_unlock+0x24/0x40 [ 1003.387098][ C1] ? do_wp_page+0x16a/0x1950 [ 1003.391756][ C1] ? futex_exit_release+0x220/0x220 [ 1003.396941][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 1003.401949][ C1] ? find_held_lock+0x2d/0x110 [ 1003.406720][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 1003.411897][ C1] ? __up_read+0x1a1/0x7b0 [ 1003.416314][ C1] ? _down_write_nest_lock+0x150/0x150 [ 1003.421753][ C1] __x64_sys_futex+0x378/0x4e0 [ 1003.426496][ C1] ? do_futex+0x1a60/0x1a60 [ 1003.430974][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1003.435893][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1003.441069][ C1] ? do_syscall_64+0x1c/0xe0 [ 1003.445722][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1003.451695][ C1] do_syscall_64+0x60/0xe0 [ 1003.456089][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1003.461956][ C1] RIP: 0033:0x45cb29 [ 1003.465820][ C1] Code: Bad RIP value. [ 1003.469874][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1003.478360][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1003.486327][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1003.494292][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1003.502238][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1003.510189][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1003.518175][ C1] syz-executor.1 S29976 14699 6984 0x00000000 [ 1003.524525][ C1] Call Trace: [ 1003.527804][ C1] __schedule+0x8e1/0x1eb0 [ 1003.532314][ C1] ? io_schedule_timeout+0x140/0x140 [ 1003.537582][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1003.543022][ C1] schedule+0xd0/0x2a0 [ 1003.547067][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1003.552163][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1003.557355][ C1] ? futex_wake+0x1b5/0x490 [ 1003.562023][ C1] ? find_held_lock+0x2d/0x110 [ 1003.566760][ C1] futex_wait+0x1df/0x560 [ 1003.571067][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1003.576075][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1003.580989][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1003.586175][ C1] ? futex_wake+0x155/0x490 [ 1003.590663][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1003.596616][ C1] ? lock_downgrade+0x820/0x820 [ 1003.601444][ C1] do_futex+0x15b/0x1a60 [ 1003.605666][ C1] ? lock_acquire+0x1f1/0xad0 [ 1003.610341][ C1] ? __might_fault+0xef/0x1d0 [ 1003.615013][ C1] ? find_held_lock+0x2d/0x110 [ 1003.619796][ C1] ? futex_exit_release+0x220/0x220 [ 1003.624979][ C1] ? lock_downgrade+0x820/0x820 [ 1003.629822][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1003.636057][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1003.641084][ C1] ? __might_fault+0x190/0x1d0 [ 1003.645848][ C1] ? _copy_to_user+0x126/0x160 [ 1003.650865][ C1] __x64_sys_futex+0x378/0x4e0 [ 1003.655609][ C1] ? do_futex+0x1a60/0x1a60 [ 1003.660093][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1003.666587][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1003.671507][ C1] ? do_syscall_64+0x1c/0xe0 [ 1003.676076][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1003.682323][ C1] do_syscall_64+0x60/0xe0 [ 1003.686818][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1003.692689][ C1] RIP: 0033:0x45cb29 [ 1003.696632][ C1] Code: Bad RIP value. [ 1003.700705][ C1] RSP: 002b:00007f57eae5ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1003.709223][ C1] RAX: ffffffffffffffda RBX: 000000000078c0e8 RCX: 000000000045cb29 [ 1003.717172][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c0e8 [ 1003.725157][ C1] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 1003.733181][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c0ec [ 1003.741258][ C1] R13: 0000000000c9fb6f R14: 00007f57eae5f9c0 R15: 000000000078c0ec [ 1003.749237][ C1] syz-executor.1 S28704 14721 6984 0x00000000 [ 1003.755631][ C1] Call Trace: [ 1003.758926][ C1] __schedule+0x8e1/0x1eb0 [ 1003.763346][ C1] ? io_schedule_timeout+0x140/0x140 [ 1003.768713][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1003.774507][ C1] schedule+0xd0/0x2a0 [ 1003.778660][ C1] schedule_timeout+0x1d8/0x250 [ 1003.783514][ C1] ? usleep_range+0x170/0x170 [ 1003.788262][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1003.793365][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1003.799349][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1003.805169][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 1003.810799][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1003.816583][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1003.822559][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 1003.828348][ C1] ? skb_free_datagram+0xf0/0xf0 [ 1003.833261][ C1] ? proto_seq_start+0x50/0x50 [ 1003.838017][ C1] ? skb_segment.cold+0x38/0x38 [ 1003.842843][ C1] ? mark_lock+0xbc/0x1710 [ 1003.847239][ C1] __skb_recv_datagram+0x171/0x220 [ 1003.852335][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 1003.858295][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 1003.863453][ C1] ? __schedule+0x887/0x1eb0 [ 1003.868131][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1003.873067][ C1] skb_recv_datagram+0xa7/0xe0 [ 1003.877833][ C1] ? __skb_recv_datagram+0x220/0x220 [ 1003.883094][ C1] ? aa_sk_perm+0x316/0xaa0 [ 1003.887576][ C1] ? __might_fault+0xef/0x1d0 [ 1003.892234][ C1] raw_recvmsg+0xab/0x550 [ 1003.897078][ C1] ? raw_release+0x890/0x890 [ 1003.901840][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 1003.907279][ C1] ? raw_release+0x890/0x890 [ 1003.911852][ C1] ____sys_recvmsg+0x2c4/0x640 [ 1003.916787][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 1003.922659][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 1003.928283][ C1] ? import_iovec+0x23b/0x3d0 [ 1003.932950][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 1003.938222][ C1] ___sys_recvmsg+0x127/0x200 [ 1003.942897][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 1003.948523][ C1] ? lock_downgrade+0x820/0x820 [ 1003.953359][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1003.958372][ C1] ? __fget_files+0x294/0x400 [ 1003.963043][ C1] ? __fget_light+0xea/0x280 [ 1003.967617][ C1] do_recvmmsg+0x24d/0x6d0 [ 1003.972016][ C1] ? ___sys_recvmsg+0x200/0x200 [ 1003.976858][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1003.983098][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1003.988159][ C1] ? put_timespec64+0xcb/0x120 [ 1003.992919][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 1003.997760][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 1004.002795][ C1] ? __do_sys_socketcall+0x550/0x550 [ 1004.008077][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1004.013012][ C1] ? do_syscall_64+0x1c/0xe0 [ 1004.017590][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1004.023555][ C1] do_syscall_64+0x60/0xe0 [ 1004.027956][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1004.033830][ C1] RIP: 0033:0x45cb29 [ 1004.037694][ C1] Code: Bad RIP value. [ 1004.041747][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1004.050147][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 1004.058185][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 1004.066135][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1004.074083][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1004.082040][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 1004.090062][ C1] syz-executor.1 S29976 14723 14721 0x00000000 [ 1004.096371][ C1] Call Trace: [ 1004.099644][ C1] __schedule+0x8e1/0x1eb0 [ 1004.104041][ C1] ? io_schedule_timeout+0x140/0x140 [ 1004.109302][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1004.114742][ C1] schedule+0xd0/0x2a0 [ 1004.118788][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1004.123883][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1004.129061][ C1] futex_wait+0x1df/0x560 [ 1004.133368][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1004.138368][ C1] ? mark_lock+0xbc/0x1710 [ 1004.142760][ C1] ? hash_futex+0x12/0x200 [ 1004.147155][ C1] ? futex_wake+0x155/0x490 [ 1004.151649][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1004.156839][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1004.162795][ C1] ? lock_downgrade+0x820/0x820 [ 1004.167629][ C1] do_futex+0x15b/0x1a60 [ 1004.171856][ C1] ? lock_acquire+0x1f1/0xad0 [ 1004.176616][ C1] ? __might_fault+0xef/0x1d0 [ 1004.181270][ C1] ? find_held_lock+0x2d/0x110 [ 1004.186179][ C1] ? futex_exit_release+0x220/0x220 [ 1004.191476][ C1] ? lock_downgrade+0x820/0x820 [ 1004.196411][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1004.202632][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1004.207689][ C1] ? __might_fault+0x190/0x1d0 [ 1004.212458][ C1] ? _copy_to_user+0x126/0x160 [ 1004.217208][ C1] __x64_sys_futex+0x378/0x4e0 [ 1004.221964][ C1] ? do_futex+0x1a60/0x1a60 [ 1004.226532][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1004.232258][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1004.237173][ C1] ? do_syscall_64+0x1c/0xe0 [ 1004.241767][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1004.247788][ C1] do_syscall_64+0x60/0xe0 [ 1004.252188][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1004.258060][ C1] RIP: 0033:0x45cb29 [ 1004.261943][ C1] Code: Bad RIP value. [ 1004.265984][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1004.274384][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1004.282422][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1004.290413][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1004.298381][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1004.306426][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1004.314403][ C1] syz-executor.1 S29976 14732 6984 0x00000000 [ 1004.320716][ C1] Call Trace: [ 1004.323988][ C1] __schedule+0x8e1/0x1eb0 [ 1004.328426][ C1] ? io_schedule_timeout+0x140/0x140 [ 1004.333692][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1004.339133][ C1] schedule+0xd0/0x2a0 [ 1004.343212][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1004.348303][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1004.353671][ C1] ? futex_wake+0x1b5/0x490 [ 1004.358184][ C1] ? find_held_lock+0x2d/0x110 [ 1004.362947][ C1] futex_wait+0x1df/0x560 [ 1004.367266][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1004.372818][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1004.377747][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1004.382932][ C1] ? futex_wake+0x155/0x490 [ 1004.387433][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1004.393393][ C1] ? lock_downgrade+0x820/0x820 [ 1004.398229][ C1] do_futex+0x15b/0x1a60 [ 1004.402541][ C1] ? lock_acquire+0x1f1/0xad0 [ 1004.407197][ C1] ? __might_fault+0xef/0x1d0 [ 1004.411938][ C1] ? find_held_lock+0x2d/0x110 [ 1004.416693][ C1] ? futex_exit_release+0x220/0x220 [ 1004.421872][ C1] ? lock_downgrade+0x820/0x820 [ 1004.426731][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1004.432955][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1004.438916][ C1] ? __might_fault+0x190/0x1d0 [ 1004.443677][ C1] ? _copy_to_user+0x126/0x160 [ 1004.448435][ C1] __x64_sys_futex+0x378/0x4e0 [ 1004.453551][ C1] ? do_futex+0x1a60/0x1a60 [ 1004.458058][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1004.463930][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1004.469486][ C1] ? do_syscall_64+0x1c/0xe0 [ 1004.474146][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1004.480272][ C1] do_syscall_64+0x60/0xe0 [ 1004.485717][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1004.491866][ C1] RIP: 0033:0x45cb29 [ 1004.496293][ C1] Code: Bad RIP value. [ 1004.500341][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1004.508819][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1004.516974][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1004.525989][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1004.533966][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1004.541931][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1004.549896][ C1] syz-executor.1 S28928 14748 6984 0x00000000 [ 1004.556225][ C1] Call Trace: [ 1004.559504][ C1] __schedule+0x8e1/0x1eb0 [ 1004.563918][ C1] ? io_schedule_timeout+0x140/0x140 [ 1004.569191][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1004.574631][ C1] schedule+0xd0/0x2a0 [ 1004.578689][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1004.583789][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1004.589052][ C1] ? find_held_lock+0x2d/0x110 [ 1004.593823][ C1] futex_wait+0x1df/0x560 [ 1004.598139][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1004.603143][ C1] ? mark_lock+0xbc/0x1710 [ 1004.607552][ C1] ? hash_futex+0x12/0x200 [ 1004.611949][ C1] ? futex_wake+0x155/0x490 [ 1004.616427][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1004.621436][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1004.627567][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1004.633354][ C1] do_futex+0x15b/0x1a60 [ 1004.637581][ C1] ? lock_acquire+0x1f1/0xad0 [ 1004.642604][ C1] ? __might_fault+0xef/0x1d0 [ 1004.647387][ C1] ? find_held_lock+0x2d/0x110 [ 1004.652222][ C1] ? futex_exit_release+0x220/0x220 [ 1004.657415][ C1] ? lock_downgrade+0x820/0x820 [ 1004.662267][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1004.668487][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1004.673518][ C1] ? __might_fault+0x190/0x1d0 [ 1004.678261][ C1] ? _copy_to_user+0x126/0x160 [ 1004.683100][ C1] __x64_sys_futex+0x378/0x4e0 [ 1004.687850][ C1] ? do_futex+0x1a60/0x1a60 [ 1004.692422][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1004.698035][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1004.702950][ C1] ? do_syscall_64+0x1c/0xe0 [ 1004.707521][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1004.713482][ C1] do_syscall_64+0x60/0xe0 [ 1004.717881][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1004.723751][ C1] RIP: 0033:0x45cb29 [ 1004.727703][ C1] Code: Bad RIP value. [ 1004.731744][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1004.740443][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1004.748594][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1004.756725][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1004.765128][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1004.773078][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1004.781047][ C1] syz-executor.1 S29976 14753 14748 0x00000000 [ 1004.787363][ C1] Call Trace: [ 1004.790635][ C1] __schedule+0x8e1/0x1eb0 [ 1004.795145][ C1] ? io_schedule_timeout+0x140/0x140 [ 1004.800423][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1004.805898][ C1] schedule+0xd0/0x2a0 [ 1004.809990][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1004.815233][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1004.820541][ C1] ? futex_wake+0x1b5/0x490 [ 1004.825029][ C1] ? find_held_lock+0x2d/0x110 [ 1004.829832][ C1] futex_wait+0x1df/0x560 [ 1004.834197][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1004.839292][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1004.844208][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1004.849469][ C1] ? futex_wake+0x155/0x490 [ 1004.853957][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1004.860605][ C1] ? lock_downgrade+0x820/0x820 [ 1004.865562][ C1] do_futex+0x15b/0x1a60 [ 1004.870593][ C1] ? lock_acquire+0x1f1/0xad0 [ 1004.875452][ C1] ? __might_fault+0xef/0x1d0 [ 1004.880765][ C1] ? find_held_lock+0x2d/0x110 [ 1004.885533][ C1] ? futex_exit_release+0x220/0x220 [ 1004.891093][ C1] ? lock_downgrade+0x820/0x820 [ 1004.895984][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1004.902443][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1004.907457][ C1] ? __might_fault+0x190/0x1d0 [ 1004.912229][ C1] ? _copy_to_user+0x126/0x160 [ 1004.916975][ C1] __x64_sys_futex+0x378/0x4e0 [ 1004.921734][ C1] ? do_futex+0x1a60/0x1a60 [ 1004.926435][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1004.932151][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1004.937657][ C1] ? do_syscall_64+0x1c/0xe0 [ 1004.942246][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1004.948337][ C1] do_syscall_64+0x60/0xe0 [ 1004.952737][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1004.959221][ C1] RIP: 0033:0x45cb29 [ 1004.963569][ C1] Code: Bad RIP value. [ 1004.967619][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1004.976008][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1004.984394][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1004.992446][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1005.000959][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1005.009128][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1005.017206][ C1] syz-executor.1 S29976 14770 6984 0x00000000 [ 1005.023840][ C1] Call Trace: [ 1005.027111][ C1] __schedule+0x8e1/0x1eb0 [ 1005.031508][ C1] ? io_schedule_timeout+0x140/0x140 [ 1005.036784][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1005.042220][ C1] schedule+0xd0/0x2a0 [ 1005.046631][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1005.052436][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1005.057641][ C1] ? futex_wake+0x1b5/0x490 [ 1005.062122][ C1] ? find_held_lock+0x2d/0x110 [ 1005.068055][ C1] futex_wait+0x1df/0x560 [ 1005.072932][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1005.078483][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1005.083419][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1005.089643][ C1] ? futex_wake+0x155/0x490 [ 1005.094148][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1005.100129][ C1] ? lock_downgrade+0x820/0x820 [ 1005.104957][ C1] do_futex+0x15b/0x1a60 [ 1005.109205][ C1] ? lock_acquire+0x1f1/0xad0 [ 1005.113870][ C1] ? __might_fault+0xef/0x1d0 [ 1005.118599][ C1] ? find_held_lock+0x2d/0x110 [ 1005.123386][ C1] ? futex_exit_release+0x220/0x220 [ 1005.128605][ C1] ? lock_downgrade+0x820/0x820 [ 1005.133739][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1005.140146][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1005.145176][ C1] ? __might_fault+0x190/0x1d0 [ 1005.149931][ C1] ? _copy_to_user+0x126/0x160 [ 1005.154683][ C1] __x64_sys_futex+0x378/0x4e0 [ 1005.159445][ C1] ? do_futex+0x1a60/0x1a60 [ 1005.164063][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1005.169865][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1005.175018][ C1] ? do_syscall_64+0x1c/0xe0 [ 1005.180073][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1005.186133][ C1] do_syscall_64+0x60/0xe0 [ 1005.190532][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1005.196407][ C1] RIP: 0033:0x45cb29 [ 1005.200363][ C1] Code: Bad RIP value. [ 1005.204424][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1005.213019][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1005.222513][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1005.230941][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1005.239044][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1005.250148][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1005.258517][ C1] syz-executor.1 S29976 14786 6984 0x00000000 [ 1005.264882][ C1] Call Trace: [ 1005.268172][ C1] __schedule+0x8e1/0x1eb0 [ 1005.272585][ C1] ? io_schedule_timeout+0x140/0x140 [ 1005.277850][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1005.284029][ C1] schedule+0xd0/0x2a0 [ 1005.288090][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1005.293204][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1005.298400][ C1] futex_wait+0x1df/0x560 [ 1005.302772][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1005.307806][ C1] ? hash_futex+0x12/0x200 [ 1005.313258][ C1] ? futex_wake+0x155/0x490 [ 1005.317847][ C1] ? lock_downgrade+0x820/0x820 [ 1005.323031][ C1] do_futex+0x15b/0x1a60 [ 1005.327338][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1005.332536][ C1] ? _raw_spin_unlock+0x24/0x40 [ 1005.337367][ C1] ? do_wp_page+0x16a/0x1950 [ 1005.341961][ C1] ? futex_exit_release+0x220/0x220 [ 1005.347164][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 1005.352266][ C1] ? find_held_lock+0x2d/0x110 [ 1005.357406][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 1005.362588][ C1] ? __up_read+0x1a1/0x7b0 [ 1005.366997][ C1] ? _down_write_nest_lock+0x150/0x150 [ 1005.372941][ C1] __x64_sys_futex+0x378/0x4e0 [ 1005.377796][ C1] ? do_futex+0x1a60/0x1a60 [ 1005.382283][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1005.387391][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1005.392663][ C1] ? do_syscall_64+0x1c/0xe0 [ 1005.397240][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1005.403203][ C1] do_syscall_64+0x60/0xe0 [ 1005.407630][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1005.413525][ C1] RIP: 0033:0x45cb29 [ 1005.417407][ C1] Code: Bad RIP value. [ 1005.421457][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1005.429875][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1005.439211][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1005.447458][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1005.457337][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1005.465384][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1005.473447][ C1] syz-executor.1 S29976 14826 6984 0x00000000 [ 1005.479769][ C1] Call Trace: [ 1005.483047][ C1] __schedule+0x8e1/0x1eb0 [ 1005.487458][ C1] ? io_schedule_timeout+0x140/0x140 [ 1005.492721][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1005.498162][ C1] schedule+0xd0/0x2a0 [ 1005.502234][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1005.507746][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1005.513292][ C1] futex_wait+0x1df/0x560 [ 1005.517622][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1005.522628][ C1] ? hash_futex+0x12/0x200 [ 1005.527021][ C1] ? futex_wake+0x155/0x490 [ 1005.531527][ C1] ? lock_downgrade+0x820/0x820 [ 1005.536367][ C1] do_futex+0x15b/0x1a60 [ 1005.540598][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1005.545793][ C1] ? _raw_spin_unlock+0x24/0x40 [ 1005.550632][ C1] ? do_wp_page+0x16a/0x1950 [ 1005.555203][ C1] ? futex_exit_release+0x220/0x220 [ 1005.560658][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 1005.565660][ C1] ? find_held_lock+0x2d/0x110 [ 1005.570402][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 1005.575587][ C1] ? __up_read+0x1a1/0x7b0 [ 1005.579994][ C1] ? _down_write_nest_lock+0x150/0x150 [ 1005.585514][ C1] __x64_sys_futex+0x378/0x4e0 [ 1005.590255][ C1] ? do_futex+0x1a60/0x1a60 [ 1005.594747][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1005.599662][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1005.604576][ C1] ? do_syscall_64+0x1c/0xe0 [ 1005.609143][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1005.615117][ C1] do_syscall_64+0x60/0xe0 [ 1005.619516][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1005.625821][ C1] RIP: 0033:0x45cb29 [ 1005.629710][ C1] Code: Bad RIP value. [ 1005.633750][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1005.642150][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1005.650392][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1005.658353][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1005.666307][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1005.674255][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1005.682226][ C1] syz-executor.2 S29000 14834 7107 0x00000000 [ 1005.688684][ C1] Call Trace: [ 1005.692216][ C1] __schedule+0x8e1/0x1eb0 [ 1005.697146][ C1] ? io_schedule_timeout+0x140/0x140 [ 1005.702429][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1005.708738][ C1] schedule+0xd0/0x2a0 [ 1005.712789][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1005.717876][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1005.723047][ C1] ? unlock_page+0x157/0x240 [ 1005.727617][ C1] futex_wait+0x1df/0x560 [ 1005.731940][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1005.737391][ C1] ? mark_lock+0xbc/0x1710 [ 1005.741789][ C1] ? hash_futex+0x12/0x200 [ 1005.746309][ C1] ? futex_wake+0x155/0x490 [ 1005.750837][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1005.755881][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1005.761854][ C1] do_futex+0x15b/0x1a60 [ 1005.766104][ C1] ? lock_acquire+0x1f1/0xad0 [ 1005.770763][ C1] ? __might_fault+0xef/0x1d0 [ 1005.775417][ C1] ? find_held_lock+0x2d/0x110 [ 1005.780163][ C1] ? futex_exit_release+0x220/0x220 [ 1005.785567][ C1] ? lock_downgrade+0x820/0x820 [ 1005.790511][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1005.796740][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1005.801891][ C1] ? __might_fault+0x190/0x1d0 [ 1005.806656][ C1] ? _copy_to_user+0x126/0x160 [ 1005.811440][ C1] __x64_sys_futex+0x378/0x4e0 [ 1005.816199][ C1] ? do_futex+0x1a60/0x1a60 [ 1005.820784][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1005.826721][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1005.831659][ C1] ? do_syscall_64+0x1c/0xe0 [ 1005.836232][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1005.842189][ C1] do_syscall_64+0x60/0xe0 [ 1005.846587][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1005.852457][ C1] RIP: 0033:0x45cb29 [ 1005.856334][ C1] Code: Bad RIP value. [ 1005.860399][ C1] RSP: 002b:00007fd4292bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1005.869758][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1005.877742][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1005.885724][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1005.893690][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1005.901651][ C1] R13: 0000000000c9fb6f R14: 00007fd4292be9c0 R15: 000000000078bf0c [ 1005.909719][ C1] syz-executor.1 S28152 14857 6984 0x00000000 [ 1005.916038][ C1] Call Trace: [ 1005.919310][ C1] __schedule+0x8e1/0x1eb0 [ 1005.923709][ C1] ? io_schedule_timeout+0x140/0x140 [ 1005.928970][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1005.934423][ C1] schedule+0xd0/0x2a0 [ 1005.938486][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1005.943570][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1005.948743][ C1] ? futex_wake+0x1b5/0x490 [ 1005.953230][ C1] ? find_held_lock+0x2d/0x110 [ 1005.957983][ C1] futex_wait+0x1df/0x560 [ 1005.962292][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1005.967290][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1005.972227][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1005.977411][ C1] ? futex_wake+0x155/0x490 [ 1005.981911][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1005.987868][ C1] do_futex+0x15b/0x1a60 [ 1005.992104][ C1] ? lock_acquire+0x1f1/0xad0 [ 1005.996770][ C1] ? __might_fault+0xef/0x1d0 [ 1006.001421][ C1] ? find_held_lock+0x2d/0x110 [ 1006.006166][ C1] ? futex_exit_release+0x220/0x220 [ 1006.011339][ C1] ? lock_downgrade+0x820/0x820 [ 1006.016168][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1006.022393][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1006.027410][ C1] ? __might_fault+0x190/0x1d0 [ 1006.032166][ C1] ? _copy_to_user+0x126/0x160 [ 1006.038213][ C1] __x64_sys_futex+0x378/0x4e0 [ 1006.042970][ C1] ? do_futex+0x1a60/0x1a60 [ 1006.047450][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1006.053335][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1006.058446][ C1] ? do_syscall_64+0x1c/0xe0 [ 1006.063115][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1006.069083][ C1] do_syscall_64+0x60/0xe0 [ 1006.073481][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1006.079353][ C1] RIP: 0033:0x45cb29 [ 1006.083385][ C1] Code: Bad RIP value. [ 1006.087433][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1006.095828][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1006.103777][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1006.111727][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1006.119678][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1006.127636][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1006.135617][ C1] syz-executor.1 S29976 14860 14857 0x00000000 [ 1006.141934][ C1] Call Trace: [ 1006.145209][ C1] __schedule+0x8e1/0x1eb0 [ 1006.149608][ C1] ? io_schedule_timeout+0x140/0x140 [ 1006.154868][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1006.160584][ C1] schedule+0xd0/0x2a0 [ 1006.164659][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1006.170028][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1006.175229][ C1] ? futex_wake+0x1b5/0x490 [ 1006.179710][ C1] ? find_held_lock+0x2d/0x110 [ 1006.184451][ C1] futex_wait+0x1df/0x560 [ 1006.188764][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1006.193779][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1006.198707][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1006.203897][ C1] ? futex_wake+0x155/0x490 [ 1006.208819][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1006.215230][ C1] ? lock_downgrade+0x820/0x820 [ 1006.220062][ C1] do_futex+0x15b/0x1a60 [ 1006.224288][ C1] ? lock_acquire+0x1f1/0xad0 [ 1006.228945][ C1] ? __might_fault+0xef/0x1d0 [ 1006.233619][ C1] ? find_held_lock+0x2d/0x110 [ 1006.238375][ C1] ? futex_exit_release+0x220/0x220 [ 1006.243551][ C1] ? lock_downgrade+0x820/0x820 [ 1006.248381][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1006.254599][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1006.259604][ C1] ? __might_fault+0x190/0x1d0 [ 1006.264372][ C1] ? _copy_to_user+0x126/0x160 [ 1006.269138][ C1] __x64_sys_futex+0x378/0x4e0 [ 1006.273888][ C1] ? do_futex+0x1a60/0x1a60 [ 1006.278368][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1006.283979][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1006.288913][ C1] ? do_syscall_64+0x1c/0xe0 [ 1006.293483][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1006.299444][ C1] do_syscall_64+0x60/0xe0 [ 1006.303844][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1006.309738][ C1] RIP: 0033:0x45cb29 [ 1006.315988][ C1] Code: Bad RIP value. [ 1006.320051][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1006.328693][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1006.336805][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1006.344870][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1006.352923][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1006.360898][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1006.368884][ C1] syz-executor.1 S29976 14872 14857 0x00000000 [ 1006.375206][ C1] Call Trace: [ 1006.378479][ C1] __schedule+0x8e1/0x1eb0 [ 1006.382876][ C1] ? io_schedule_timeout+0x140/0x140 [ 1006.388136][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1006.393575][ C1] schedule+0xd0/0x2a0 [ 1006.397637][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1006.402727][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1006.407899][ C1] ? futex_wake+0x1b5/0x490 [ 1006.412376][ C1] ? find_held_lock+0x2d/0x110 [ 1006.417203][ C1] futex_wait+0x1df/0x560 [ 1006.421529][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1006.426528][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1006.431448][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1006.436641][ C1] ? futex_wake+0x155/0x490 [ 1006.441131][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1006.447085][ C1] ? lock_downgrade+0x820/0x820 [ 1006.451924][ C1] do_futex+0x15b/0x1a60 [ 1006.456163][ C1] ? lock_acquire+0x1f1/0xad0 [ 1006.460832][ C1] ? __might_fault+0xef/0x1d0 [ 1006.465504][ C1] ? find_held_lock+0x2d/0x110 [ 1006.470259][ C1] ? futex_exit_release+0x220/0x220 [ 1006.475438][ C1] ? lock_downgrade+0x820/0x820 [ 1006.480388][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1006.486617][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1006.491631][ C1] ? __might_fault+0x190/0x1d0 [ 1006.496372][ C1] ? _copy_to_user+0x126/0x160 [ 1006.501202][ C1] __x64_sys_futex+0x378/0x4e0 [ 1006.506009][ C1] ? do_futex+0x1a60/0x1a60 [ 1006.510499][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1006.516227][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1006.521157][ C1] ? do_syscall_64+0x1c/0xe0 [ 1006.525927][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1006.531903][ C1] do_syscall_64+0x60/0xe0 [ 1006.536349][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1006.542214][ C1] RIP: 0033:0x45cb29 [ 1006.546078][ C1] Code: Bad RIP value. [ 1006.550118][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1006.558500][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1006.566446][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1006.574392][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1006.582338][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1006.590286][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1006.598249][ C1] syz-executor.1 S28928 14889 6984 0x00000000 [ 1006.604642][ C1] Call Trace: [ 1006.607946][ C1] __schedule+0x8e1/0x1eb0 [ 1006.612371][ C1] ? io_schedule_timeout+0x140/0x140 [ 1006.617638][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1006.623082][ C1] schedule+0xd0/0x2a0 [ 1006.627137][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1006.632224][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1006.637480][ C1] ? futex_wake+0x1b5/0x490 [ 1006.641960][ C1] ? find_held_lock+0x2d/0x110 [ 1006.646704][ C1] futex_wait+0x1df/0x560 [ 1006.651101][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1006.656115][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1006.661029][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1006.666215][ C1] ? futex_wake+0x155/0x490 [ 1006.670791][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1006.676763][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1006.682547][ C1] do_futex+0x15b/0x1a60 [ 1006.686771][ C1] ? lock_acquire+0x1f1/0xad0 [ 1006.691442][ C1] ? __might_fault+0xef/0x1d0 [ 1006.696105][ C1] ? find_held_lock+0x2d/0x110 [ 1006.701417][ C1] ? futex_exit_release+0x220/0x220 [ 1006.706597][ C1] ? lock_downgrade+0x820/0x820 [ 1006.711427][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1006.717645][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1006.722744][ C1] ? __might_fault+0x190/0x1d0 [ 1006.727486][ C1] ? _copy_to_user+0x126/0x160 [ 1006.732412][ C1] __x64_sys_futex+0x378/0x4e0 [ 1006.737250][ C1] ? do_futex+0x1a60/0x1a60 [ 1006.741738][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1006.747366][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1006.752296][ C1] ? do_syscall_64+0x1c/0xe0 [ 1006.756893][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1006.762865][ C1] do_syscall_64+0x60/0xe0 [ 1006.767456][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1006.773341][ C1] RIP: 0033:0x45cb29 [ 1006.777212][ C1] Code: Bad RIP value. [ 1006.781396][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1006.789850][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1006.798027][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1006.805990][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1006.813941][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1006.821979][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1006.830045][ C1] syz-executor.1 S29976 14893 14889 0x00000000 [ 1006.836387][ C1] Call Trace: [ 1006.839800][ C1] __schedule+0x8e1/0x1eb0 [ 1006.844210][ C1] ? io_schedule_timeout+0x140/0x140 [ 1006.849483][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1006.854940][ C1] schedule+0xd0/0x2a0 [ 1006.858991][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1006.864163][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1006.869341][ C1] futex_wait+0x1df/0x560 [ 1006.873647][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1006.878661][ C1] ? mark_lock+0xbc/0x1710 [ 1006.883059][ C1] ? hash_futex+0x12/0x200 [ 1006.887588][ C1] ? futex_wake+0x155/0x490 [ 1006.892086][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1006.897193][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1006.903151][ C1] ? lock_downgrade+0x820/0x820 [ 1006.907997][ C1] do_futex+0x15b/0x1a60 [ 1006.912240][ C1] ? lock_acquire+0x1f1/0xad0 [ 1006.916890][ C1] ? __might_fault+0xef/0x1d0 [ 1006.921540][ C1] ? find_held_lock+0x2d/0x110 [ 1006.926280][ C1] ? futex_exit_release+0x220/0x220 [ 1006.931569][ C1] ? lock_downgrade+0x820/0x820 [ 1006.936402][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1006.942619][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1006.947637][ C1] ? __might_fault+0x190/0x1d0 [ 1006.952391][ C1] ? _copy_to_user+0x126/0x160 [ 1006.957454][ C1] __x64_sys_futex+0x378/0x4e0 [ 1006.962210][ C1] ? do_futex+0x1a60/0x1a60 [ 1006.966699][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1006.972316][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1006.977231][ C1] ? do_syscall_64+0x1c/0xe0 [ 1006.981799][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1006.987756][ C1] do_syscall_64+0x60/0xe0 [ 1006.992154][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1006.998278][ C1] RIP: 0033:0x45cb29 [ 1007.002507][ C1] Code: Bad RIP value. [ 1007.006549][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1007.015021][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1007.023069][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1007.031170][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1007.039128][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1007.047078][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1007.055044][ C1] syz-executor.1 S28320 14899 6984 0x00000000 [ 1007.061397][ C1] Call Trace: [ 1007.064856][ C1] __schedule+0x8e1/0x1eb0 [ 1007.069278][ C1] ? io_schedule_timeout+0x140/0x140 [ 1007.074561][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1007.080027][ C1] schedule+0xd0/0x2a0 [ 1007.084077][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1007.089164][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1007.094344][ C1] futex_wait+0x1df/0x560 [ 1007.098652][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1007.103665][ C1] ? mark_lock+0xbc/0x1710 [ 1007.108059][ C1] ? mark_lock+0xbc/0x1710 [ 1007.112449][ C1] ? hash_futex+0x12/0x200 [ 1007.116846][ C1] ? futex_wake+0x155/0x490 [ 1007.121329][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1007.126353][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1007.132316][ C1] do_futex+0x15b/0x1a60 [ 1007.136543][ C1] ? lock_acquire+0x1f1/0xad0 [ 1007.141196][ C1] ? __might_fault+0xef/0x1d0 [ 1007.145865][ C1] ? find_held_lock+0x2d/0x110 [ 1007.150625][ C1] ? futex_exit_release+0x220/0x220 [ 1007.155806][ C1] ? lock_downgrade+0x820/0x820 [ 1007.160644][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1007.166984][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1007.172013][ C1] ? __might_fault+0x190/0x1d0 [ 1007.176781][ C1] ? _copy_to_user+0x126/0x160 [ 1007.181532][ C1] __x64_sys_futex+0x378/0x4e0 [ 1007.186451][ C1] ? do_futex+0x1a60/0x1a60 [ 1007.190948][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1007.197100][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1007.202112][ C1] ? do_syscall_64+0x1c/0xe0 [ 1007.206954][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1007.212923][ C1] do_syscall_64+0x60/0xe0 [ 1007.217321][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1007.223234][ C1] RIP: 0033:0x45cb29 [ 1007.227098][ C1] Code: Bad RIP value. [ 1007.231141][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1007.239530][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1007.247479][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1007.255431][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1007.263420][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1007.271375][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1007.279484][ C1] syz-executor.1 S29976 14904 14899 0x00000000 [ 1007.285810][ C1] Call Trace: [ 1007.289120][ C1] __schedule+0x8e1/0x1eb0 [ 1007.293518][ C1] ? io_schedule_timeout+0x140/0x140 [ 1007.298778][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1007.304226][ C1] schedule+0xd0/0x2a0 [ 1007.308275][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1007.313366][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1007.319124][ C1] futex_wait+0x1df/0x560 [ 1007.324623][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1007.329694][ C1] ? hash_futex+0x12/0x200 [ 1007.334367][ C1] ? futex_wake+0x155/0x490 [ 1007.339515][ C1] ? lock_downgrade+0x820/0x820 [ 1007.344704][ C1] do_futex+0x15b/0x1a60 [ 1007.349351][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1007.354581][ C1] ? _raw_spin_unlock+0x24/0x40 [ 1007.359421][ C1] ? do_wp_page+0x16a/0x1950 [ 1007.364008][ C1] ? futex_exit_release+0x220/0x220 [ 1007.369187][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 1007.374206][ C1] ? find_held_lock+0x2d/0x110 [ 1007.379138][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 1007.384314][ C1] ? __up_read+0x1a1/0x7b0 [ 1007.388711][ C1] ? _down_write_nest_lock+0x150/0x150 [ 1007.394303][ C1] __x64_sys_futex+0x378/0x4e0 [ 1007.400494][ C1] ? do_futex+0x1a60/0x1a60 [ 1007.405072][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1007.410188][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1007.415132][ C1] ? do_syscall_64+0x1c/0xe0 [ 1007.419707][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1007.425782][ C1] do_syscall_64+0x60/0xe0 [ 1007.430503][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1007.436932][ C1] RIP: 0033:0x45cb29 [ 1007.441197][ C1] Code: Bad RIP value. [ 1007.445255][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1007.453822][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1007.463011][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1007.472467][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1007.481713][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1007.490770][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1007.498742][ C1] syz-executor.1 S28896 14909 6984 0x00000000 [ 1007.505075][ C1] Call Trace: [ 1007.508907][ C1] __schedule+0x8e1/0x1eb0 [ 1007.513381][ C1] ? io_schedule_timeout+0x140/0x140 [ 1007.519738][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1007.526466][ C1] schedule+0xd0/0x2a0 [ 1007.530771][ C1] schedule_timeout+0x1d8/0x250 [ 1007.535784][ C1] ? usleep_range+0x170/0x170 [ 1007.540439][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1007.545526][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1007.551310][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1007.558430][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 1007.566218][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1007.572381][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1007.578497][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 1007.585536][ C1] ? skb_free_datagram+0xf0/0xf0 [ 1007.590655][ C1] ? proto_seq_start+0x50/0x50 [ 1007.595433][ C1] ? skb_segment.cold+0x38/0x38 [ 1007.600278][ C1] ? mark_lock+0xbc/0x1710 [ 1007.604699][ C1] __skb_recv_datagram+0x171/0x220 [ 1007.610610][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 1007.616230][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 1007.621321][ C1] ? __schedule+0x887/0x1eb0 [ 1007.625888][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1007.630828][ C1] skb_recv_datagram+0xa7/0xe0 [ 1007.635574][ C1] ? __skb_recv_datagram+0x220/0x220 [ 1007.640852][ C1] ? aa_sk_perm+0x316/0xaa0 [ 1007.645787][ C1] ? __might_fault+0xef/0x1d0 [ 1007.651129][ C1] raw_recvmsg+0xab/0x550 [ 1007.655527][ C1] ? raw_release+0x890/0x890 [ 1007.660113][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 1007.665549][ C1] ? raw_release+0x890/0x890 [ 1007.670135][ C1] ____sys_recvmsg+0x2c4/0x640 [ 1007.674897][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 1007.680768][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 1007.687262][ C1] ? import_iovec+0x23b/0x3d0 [ 1007.691919][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 1007.697201][ C1] ___sys_recvmsg+0x127/0x200 [ 1007.701854][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 1007.707467][ C1] ? lock_downgrade+0x820/0x820 [ 1007.712420][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1007.719701][ C1] ? __fget_files+0x294/0x400 [ 1007.724938][ C1] ? __fget_light+0xea/0x280 [ 1007.731216][ C1] do_recvmmsg+0x24d/0x6d0 [ 1007.735638][ C1] ? ___sys_recvmsg+0x200/0x200 [ 1007.741442][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1007.749741][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1007.755124][ C1] ? put_timespec64+0xcb/0x120 [ 1007.759870][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 1007.764704][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 1007.769708][ C1] ? __do_sys_socketcall+0x550/0x550 [ 1007.775000][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1007.780204][ C1] ? do_syscall_64+0x1c/0xe0 [ 1007.784797][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1007.790779][ C1] do_syscall_64+0x60/0xe0 [ 1007.795455][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1007.801325][ C1] RIP: 0033:0x45cb29 [ 1007.805189][ C1] Code: Bad RIP value. [ 1007.809230][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1007.817898][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 1007.826421][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 1007.836840][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1007.846174][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1007.854443][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 1007.863487][ C1] syz-executor.1 S29976 14912 14909 0x00000000 [ 1007.870720][ C1] Call Trace: [ 1007.874011][ C1] __schedule+0x8e1/0x1eb0 [ 1007.878421][ C1] ? io_schedule_timeout+0x140/0x140 [ 1007.883691][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1007.889154][ C1] schedule+0xd0/0x2a0 [ 1007.893207][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1007.898385][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1007.903579][ C1] ? futex_wake+0x1b5/0x490 [ 1007.908086][ C1] ? find_held_lock+0x2d/0x110 [ 1007.912853][ C1] futex_wait+0x1df/0x560 [ 1007.917284][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1007.922762][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1007.927696][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1007.933047][ C1] ? futex_wake+0x155/0x490 [ 1007.937563][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1007.943525][ C1] ? lock_downgrade+0x820/0x820 [ 1007.949633][ C1] do_futex+0x15b/0x1a60 [ 1007.955487][ C1] ? lock_acquire+0x1f1/0xad0 [ 1007.960333][ C1] ? __might_fault+0xef/0x1d0 [ 1007.965012][ C1] ? find_held_lock+0x2d/0x110 [ 1007.969958][ C1] ? futex_exit_release+0x220/0x220 [ 1007.975268][ C1] ? lock_downgrade+0x820/0x820 [ 1007.980117][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1007.986355][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1007.991359][ C1] ? __might_fault+0x190/0x1d0 [ 1007.996100][ C1] ? _copy_to_user+0x126/0x160 [ 1008.000847][ C1] __x64_sys_futex+0x378/0x4e0 [ 1008.005592][ C1] ? do_futex+0x1a60/0x1a60 [ 1008.010074][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1008.015698][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1008.020615][ C1] ? do_syscall_64+0x1c/0xe0 [ 1008.025182][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1008.031142][ C1] do_syscall_64+0x60/0xe0 [ 1008.035542][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1008.041472][ C1] RIP: 0033:0x45cb29 [ 1008.045337][ C1] Code: Bad RIP value. [ 1008.049487][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1008.057905][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1008.065858][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1008.073823][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1008.081769][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1008.089901][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1008.097984][ C1] syz-executor.1 S29976 14925 6984 0x00000000 [ 1008.104355][ C1] Call Trace: [ 1008.107662][ C1] __schedule+0x8e1/0x1eb0 [ 1008.112085][ C1] ? io_schedule_timeout+0x140/0x140 [ 1008.117396][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1008.123767][ C1] schedule+0xd0/0x2a0 [ 1008.128342][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1008.133439][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1008.138641][ C1] futex_wait+0x1df/0x560 [ 1008.142958][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1008.148077][ C1] ? mark_lock+0xbc/0x1710 [ 1008.152472][ C1] ? hash_futex+0x12/0x200 [ 1008.156892][ C1] ? futex_wake+0x155/0x490 [ 1008.161496][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1008.166523][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1008.172508][ C1] ? lock_downgrade+0x820/0x820 [ 1008.177368][ C1] do_futex+0x15b/0x1a60 [ 1008.181617][ C1] ? lock_acquire+0x1f1/0xad0 [ 1008.186271][ C1] ? __might_fault+0xef/0x1d0 [ 1008.190929][ C1] ? find_held_lock+0x2d/0x110 [ 1008.195772][ C1] ? futex_exit_release+0x220/0x220 [ 1008.202753][ C1] ? lock_downgrade+0x820/0x820 [ 1008.208440][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1008.215531][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1008.221388][ C1] ? __might_fault+0x190/0x1d0 [ 1008.226438][ C1] ? _copy_to_user+0x126/0x160 [ 1008.231427][ C1] __x64_sys_futex+0x378/0x4e0 [ 1008.236300][ C1] ? do_futex+0x1a60/0x1a60 [ 1008.240790][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1008.246428][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1008.251345][ C1] ? do_syscall_64+0x1c/0xe0 [ 1008.255917][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1008.262420][ C1] do_syscall_64+0x60/0xe0 [ 1008.266814][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1008.272695][ C1] RIP: 0033:0x45cb29 [ 1008.276561][ C1] Code: Bad RIP value. [ 1008.280604][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1008.289272][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1008.297604][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1008.306386][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1008.314348][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1008.322299][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1008.330295][ C1] syz-executor.1 S28680 14937 6984 0x00000000 [ 1008.336783][ C1] Call Trace: [ 1008.340088][ C1] __schedule+0x8e1/0x1eb0 [ 1008.345335][ C1] ? io_schedule_timeout+0x140/0x140 [ 1008.350694][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1008.356137][ C1] schedule+0xd0/0x2a0 [ 1008.360187][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1008.365274][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1008.370473][ C1] ? futex_wake+0x1b5/0x490 [ 1008.377271][ C1] ? find_held_lock+0x2d/0x110 [ 1008.382693][ C1] futex_wait+0x1df/0x560 [ 1008.388578][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1008.393683][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1008.398636][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1008.403848][ C1] ? futex_wake+0x155/0x490 [ 1008.408338][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1008.414299][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1008.420087][ C1] do_futex+0x15b/0x1a60 [ 1008.424466][ C1] ? lock_acquire+0x1f1/0xad0 [ 1008.429141][ C1] ? __might_fault+0xef/0x1d0 [ 1008.433800][ C1] ? find_held_lock+0x2d/0x110 [ 1008.438545][ C1] ? futex_exit_release+0x220/0x220 [ 1008.443748][ C1] ? lock_downgrade+0x820/0x820 [ 1008.448588][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1008.454811][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1008.465778][ C1] ? __might_fault+0x190/0x1d0 [ 1008.472290][ C1] ? _copy_to_user+0x126/0x160 [ 1008.477142][ C1] __x64_sys_futex+0x378/0x4e0 [ 1008.481921][ C1] ? do_futex+0x1a60/0x1a60 [ 1008.486508][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1008.492255][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1008.497181][ C1] ? do_syscall_64+0x1c/0xe0 [ 1008.501846][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1008.507814][ C1] do_syscall_64+0x60/0xe0 [ 1008.512244][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1008.518605][ C1] RIP: 0033:0x45cb29 [ 1008.525029][ C1] Code: Bad RIP value. [ 1008.529347][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1008.538734][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1008.546710][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1008.556369][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1008.564349][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1008.572387][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1008.580392][ C1] syz-executor.1 S29976 14941 14937 0x00000000 [ 1008.587180][ C1] Call Trace: [ 1008.590473][ C1] __schedule+0x8e1/0x1eb0 [ 1008.594918][ C1] ? io_schedule_timeout+0x140/0x140 [ 1008.600655][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1008.607607][ C1] schedule+0xd0/0x2a0 [ 1008.611666][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1008.616861][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1008.622156][ C1] ? futex_wake+0x1b5/0x490 [ 1008.626851][ C1] ? find_held_lock+0x2d/0x110 [ 1008.631783][ C1] futex_wait+0x1df/0x560 [ 1008.637048][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1008.642208][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1008.647131][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1008.652585][ C1] ? futex_wake+0x155/0x490 [ 1008.657088][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1008.663060][ C1] ? lock_downgrade+0x820/0x820 [ 1008.669665][ C1] do_futex+0x15b/0x1a60 [ 1008.674098][ C1] ? lock_acquire+0x1f1/0xad0 [ 1008.678757][ C1] ? __might_fault+0xef/0x1d0 [ 1008.683413][ C1] ? find_held_lock+0x2d/0x110 [ 1008.688159][ C1] ? futex_exit_release+0x220/0x220 [ 1008.693335][ C1] ? lock_downgrade+0x820/0x820 [ 1008.698167][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1008.704389][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1008.709414][ C1] ? __might_fault+0x190/0x1d0 [ 1008.714170][ C1] ? _copy_to_user+0x126/0x160 [ 1008.718944][ C1] __x64_sys_futex+0x378/0x4e0 [ 1008.724170][ C1] ? do_futex+0x1a60/0x1a60 [ 1008.728678][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1008.734312][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1008.739263][ C1] ? do_syscall_64+0x1c/0xe0 [ 1008.743840][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1008.749812][ C1] do_syscall_64+0x60/0xe0 [ 1008.754227][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1008.760115][ C1] RIP: 0033:0x45cb29 [ 1008.764001][ C1] Code: Bad RIP value. [ 1008.768059][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1008.776446][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1008.784411][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1008.792381][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1008.800338][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1008.808296][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1008.816376][ C1] syz-executor.1 S29976 14961 6984 0x00000000 [ 1008.822693][ C1] Call Trace: [ 1008.825967][ C1] __schedule+0x8e1/0x1eb0 [ 1008.830364][ C1] ? io_schedule_timeout+0x140/0x140 [ 1008.835631][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1008.841097][ C1] schedule+0xd0/0x2a0 [ 1008.845166][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1008.850326][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1008.855504][ C1] ? futex_wake+0x1b5/0x490 [ 1008.860037][ C1] ? find_held_lock+0x2d/0x110 [ 1008.864844][ C1] futex_wait+0x1df/0x560 [ 1008.869185][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1008.874303][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1008.879239][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1008.884420][ C1] ? futex_wake+0x155/0x490 [ 1008.888915][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1008.895053][ C1] do_futex+0x15b/0x1a60 [ 1008.899297][ C1] ? lock_acquire+0x1f1/0xad0 [ 1008.903957][ C1] ? __might_fault+0xef/0x1d0 [ 1008.908619][ C1] ? find_held_lock+0x2d/0x110 [ 1008.913550][ C1] ? futex_exit_release+0x220/0x220 [ 1008.918850][ C1] ? lock_downgrade+0x820/0x820 [ 1008.923789][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1008.930009][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1008.935019][ C1] ? __might_fault+0x190/0x1d0 [ 1008.940298][ C1] ? _copy_to_user+0x126/0x160 [ 1008.945175][ C1] __x64_sys_futex+0x378/0x4e0 [ 1008.949936][ C1] ? do_futex+0x1a60/0x1a60 [ 1008.954442][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1008.959370][ C1] ? do_syscall_64+0x1c/0xe0 [ 1008.963947][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1008.970372][ C1] do_syscall_64+0x60/0xe0 [ 1008.974792][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1008.980760][ C1] RIP: 0033:0x45cb29 [ 1008.984650][ C1] Code: Bad RIP value. [ 1008.988690][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1008.997095][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1009.005063][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1009.013014][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1009.020969][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1009.028917][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1009.036910][ C1] syz-executor.1 S29624 14971 6984 0x00000000 [ 1009.043227][ C1] Call Trace: [ 1009.046507][ C1] __schedule+0x8e1/0x1eb0 [ 1009.051204][ C1] ? io_schedule_timeout+0x140/0x140 [ 1009.057471][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1009.062923][ C1] schedule+0xd0/0x2a0 [ 1009.066977][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1009.076765][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1009.082041][ C1] ? futex_wake+0x1b5/0x490 [ 1009.086629][ C1] ? find_held_lock+0x2d/0x110 [ 1009.091379][ C1] futex_wait+0x1df/0x560 [ 1009.095698][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1009.100704][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1009.105623][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1009.110815][ C1] ? futex_wake+0x155/0x490 [ 1009.115309][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1009.121266][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1009.127056][ C1] do_futex+0x15b/0x1a60 [ 1009.131299][ C1] ? lock_acquire+0x1f1/0xad0 [ 1009.136240][ C1] ? __might_fault+0xef/0x1d0 [ 1009.140898][ C1] ? find_held_lock+0x2d/0x110 [ 1009.145775][ C1] ? futex_exit_release+0x220/0x220 [ 1009.150962][ C1] ? lock_downgrade+0x820/0x820 [ 1009.155792][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1009.162067][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1009.167073][ C1] ? __might_fault+0x190/0x1d0 [ 1009.173701][ C1] ? _copy_to_user+0x126/0x160 [ 1009.178844][ C1] __x64_sys_futex+0x378/0x4e0 [ 1009.184729][ C1] ? do_futex+0x1a60/0x1a60 [ 1009.189733][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1009.196030][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1009.200949][ C1] ? do_syscall_64+0x1c/0xe0 [ 1009.205696][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1009.211769][ C1] do_syscall_64+0x60/0xe0 [ 1009.217147][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1009.223219][ C1] RIP: 0033:0x45cb29 [ 1009.228223][ C1] Code: Bad RIP value. [ 1009.232438][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1009.242562][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1009.250820][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1009.259126][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1009.267793][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1009.276897][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1009.284866][ C1] syz-executor.1 S28040 14997 6984 0x00000000 [ 1009.291211][ C1] Call Trace: [ 1009.294503][ C1] __schedule+0x8e1/0x1eb0 [ 1009.299006][ C1] ? io_schedule_timeout+0x140/0x140 [ 1009.304631][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1009.310247][ C1] schedule+0xd0/0x2a0 [ 1009.314305][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1009.319413][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1009.325195][ C1] ? futex_wake+0x1b5/0x490 [ 1009.329695][ C1] ? find_held_lock+0x2d/0x110 [ 1009.334453][ C1] futex_wait+0x1df/0x560 [ 1009.338849][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1009.343885][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1009.348905][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1009.354285][ C1] ? futex_wake+0x155/0x490 [ 1009.358962][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1009.365024][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1009.370814][ C1] do_futex+0x15b/0x1a60 [ 1009.375057][ C1] ? lock_acquire+0x1f1/0xad0 [ 1009.379714][ C1] ? __might_fault+0xef/0x1d0 [ 1009.385365][ C1] ? find_held_lock+0x2d/0x110 [ 1009.390926][ C1] ? futex_exit_release+0x220/0x220 [ 1009.398407][ C1] ? lock_downgrade+0x820/0x820 [ 1009.404181][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1009.410583][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1009.415591][ C1] ? __might_fault+0x190/0x1d0 [ 1009.420350][ C1] ? _copy_to_user+0x126/0x160 [ 1009.425100][ C1] __x64_sys_futex+0x378/0x4e0 [ 1009.430038][ C1] ? do_futex+0x1a60/0x1a60 [ 1009.434534][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1009.443078][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1009.448958][ C1] ? do_syscall_64+0x1c/0xe0 [ 1009.453560][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1009.459830][ C1] do_syscall_64+0x60/0xe0 [ 1009.464339][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1009.470339][ C1] RIP: 0033:0x45cb29 [ 1009.474682][ C1] Code: Bad RIP value. [ 1009.480868][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1009.489456][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1009.500328][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1009.510644][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1009.522280][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1009.530638][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1009.538707][ C1] syz-executor.1 S29976 15001 14997 0x00000000 [ 1009.545820][ C1] Call Trace: [ 1009.549117][ C1] __schedule+0x8e1/0x1eb0 [ 1009.553543][ C1] ? io_schedule_timeout+0x140/0x140 [ 1009.558814][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1009.564259][ C1] schedule+0xd0/0x2a0 [ 1009.568308][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1009.573401][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1009.582332][ C1] ? futex_wake+0x1b5/0x490 [ 1009.586832][ C1] ? find_held_lock+0x2d/0x110 [ 1009.591584][ C1] futex_wait+0x1df/0x560 [ 1009.598468][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1009.603698][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1009.608864][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1009.614328][ C1] ? futex_wake+0x155/0x490 [ 1009.619021][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1009.625249][ C1] ? lock_downgrade+0x820/0x820 [ 1009.630640][ C1] do_futex+0x15b/0x1a60 [ 1009.635055][ C1] ? lock_acquire+0x1f1/0xad0 [ 1009.639711][ C1] ? __might_fault+0xef/0x1d0 [ 1009.644493][ C1] ? find_held_lock+0x2d/0x110 [ 1009.649409][ C1] ? futex_exit_release+0x220/0x220 [ 1009.654904][ C1] ? lock_downgrade+0x820/0x820 [ 1009.659838][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1009.666157][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1009.671440][ C1] ? __might_fault+0x190/0x1d0 [ 1009.676271][ C1] ? _copy_to_user+0x126/0x160 [ 1009.681046][ C1] __x64_sys_futex+0x378/0x4e0 [ 1009.685816][ C1] ? do_futex+0x1a60/0x1a60 [ 1009.690393][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1009.696753][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1009.702668][ C1] ? do_syscall_64+0x1c/0xe0 [ 1009.707374][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1009.713344][ C1] do_syscall_64+0x60/0xe0 [ 1009.717747][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1009.723640][ C1] RIP: 0033:0x45cb29 [ 1009.727508][ C1] Code: Bad RIP value. [ 1009.731553][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1009.739938][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1009.747919][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1009.755880][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1009.763947][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1009.772619][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1009.780602][ C1] syz-executor.1 S29976 15018 6984 0x00000000 [ 1009.786914][ C1] Call Trace: [ 1009.790198][ C1] __schedule+0x8e1/0x1eb0 [ 1009.794632][ C1] ? io_schedule_timeout+0x140/0x140 [ 1009.799913][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1009.805595][ C1] schedule+0xd0/0x2a0 [ 1009.809659][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1009.814749][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1009.819924][ C1] ? futex_wake+0x1b5/0x490 [ 1009.824406][ C1] ? find_held_lock+0x2d/0x110 [ 1009.829238][ C1] futex_wait+0x1df/0x560 [ 1009.835139][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1009.840930][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1009.846609][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1009.852005][ C1] ? futex_wake+0x155/0x490 [ 1009.856833][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1009.862801][ C1] ? lock_downgrade+0x820/0x820 [ 1009.867638][ C1] do_futex+0x15b/0x1a60 [ 1009.871865][ C1] ? lock_acquire+0x1f1/0xad0 [ 1009.876533][ C1] ? __might_fault+0xef/0x1d0 [ 1009.881185][ C1] ? find_held_lock+0x2d/0x110 [ 1009.886369][ C1] ? futex_exit_release+0x220/0x220 [ 1009.893713][ C1] ? lock_downgrade+0x820/0x820 [ 1009.898988][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1009.905321][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1009.910513][ C1] ? __might_fault+0x190/0x1d0 [ 1009.915279][ C1] ? _copy_to_user+0x126/0x160 [ 1009.920295][ C1] __x64_sys_futex+0x378/0x4e0 [ 1009.926011][ C1] ? do_futex+0x1a60/0x1a60 [ 1009.930502][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1009.936125][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1009.941049][ C1] ? do_syscall_64+0x1c/0xe0 [ 1009.945639][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1009.951790][ C1] do_syscall_64+0x60/0xe0 [ 1009.956217][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1009.962107][ C1] RIP: 0033:0x45cb29 [ 1009.966301][ C1] Code: Bad RIP value. [ 1009.970428][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1009.979422][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1009.987377][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1009.995326][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1010.003288][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1010.011240][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1010.019249][ C1] syz-executor.1 S28384 15026 6984 0x00000000 [ 1010.025578][ C1] Call Trace: [ 1010.028866][ C1] __schedule+0x8e1/0x1eb0 [ 1010.033272][ C1] ? io_schedule_timeout+0x140/0x140 [ 1010.038622][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1010.044061][ C1] schedule+0xd0/0x2a0 [ 1010.048125][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1010.053230][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1010.058404][ C1] ? futex_wake+0x1b5/0x490 [ 1010.062912][ C1] ? find_held_lock+0x2d/0x110 [ 1010.067674][ C1] futex_wait+0x1df/0x560 [ 1010.072007][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1010.077006][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1010.081924][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1010.087101][ C1] ? futex_wake+0x155/0x490 [ 1010.091605][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1010.097581][ C1] do_futex+0x15b/0x1a60 [ 1010.101821][ C1] ? lock_acquire+0x1f1/0xad0 [ 1010.106644][ C1] ? __might_fault+0xef/0x1d0 [ 1010.111317][ C1] ? find_held_lock+0x2d/0x110 [ 1010.116062][ C1] ? futex_exit_release+0x220/0x220 [ 1010.121897][ C1] ? lock_downgrade+0x820/0x820 [ 1010.126863][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1010.133154][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1010.138345][ C1] ? __might_fault+0x190/0x1d0 [ 1010.143727][ C1] ? _copy_to_user+0x126/0x160 [ 1010.148475][ C1] __x64_sys_futex+0x378/0x4e0 [ 1010.153307][ C1] ? do_futex+0x1a60/0x1a60 [ 1010.157791][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1010.163426][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1010.168550][ C1] ? do_syscall_64+0x1c/0xe0 [ 1010.173140][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1010.179117][ C1] do_syscall_64+0x60/0xe0 [ 1010.183521][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1010.189393][ C1] RIP: 0033:0x45cb29 [ 1010.193272][ C1] Code: Bad RIP value. [ 1010.197311][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1010.205715][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1010.213797][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1010.222026][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1010.229994][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1010.238048][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1010.246034][ C1] syz-executor.1 S29976 15030 15026 0x00000000 [ 1010.252365][ C1] Call Trace: [ 1010.255685][ C1] __schedule+0x8e1/0x1eb0 [ 1010.260119][ C1] ? io_schedule_timeout+0x140/0x140 [ 1010.265530][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1010.271023][ C1] schedule+0xd0/0x2a0 [ 1010.275083][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1010.280172][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1010.286472][ C1] futex_wait+0x1df/0x560 [ 1010.290913][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1010.295927][ C1] ? mark_lock+0xbc/0x1710 [ 1010.300354][ C1] ? hash_futex+0x12/0x200 [ 1010.304784][ C1] ? futex_wake+0x155/0x490 [ 1010.309269][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1010.314277][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1010.320234][ C1] ? lock_downgrade+0x820/0x820 [ 1010.325067][ C1] do_futex+0x15b/0x1a60 [ 1010.329295][ C1] ? lock_acquire+0x1f1/0xad0 [ 1010.333956][ C1] ? __might_fault+0xef/0x1d0 [ 1010.338630][ C1] ? find_held_lock+0x2d/0x110 [ 1010.343369][ C1] ? futex_exit_release+0x220/0x220 [ 1010.348545][ C1] ? lock_downgrade+0x820/0x820 [ 1010.353400][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1010.359728][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1010.364776][ C1] ? __might_fault+0x190/0x1d0 [ 1010.369543][ C1] ? _copy_to_user+0x126/0x160 [ 1010.374310][ C1] __x64_sys_futex+0x378/0x4e0 [ 1010.379246][ C1] ? do_futex+0x1a60/0x1a60 [ 1010.383727][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1010.389387][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1010.394443][ C1] ? do_syscall_64+0x1c/0xe0 [ 1010.399016][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1010.405078][ C1] do_syscall_64+0x60/0xe0 [ 1010.409473][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1010.415370][ C1] RIP: 0033:0x45cb29 [ 1010.419261][ C1] Code: Bad RIP value. [ 1010.423307][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1010.431782][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1010.439742][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1010.447693][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1010.455652][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1010.463714][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1010.471715][ C1] syz-executor.1 S29976 15045 15026 0x00000000 [ 1010.478034][ C1] Call Trace: [ 1010.481308][ C1] __schedule+0x8e1/0x1eb0 [ 1010.485719][ C1] ? io_schedule_timeout+0x140/0x140 [ 1010.491008][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1010.496460][ C1] schedule+0xd0/0x2a0 [ 1010.500510][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1010.505596][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1010.510867][ C1] ? futex_wake+0x1b5/0x490 [ 1010.515391][ C1] ? find_held_lock+0x2d/0x110 [ 1010.520172][ C1] futex_wait+0x1df/0x560 [ 1010.524503][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1010.529518][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1010.534443][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1010.539622][ C1] ? futex_wake+0x155/0x490 [ 1010.544107][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1010.550060][ C1] ? lock_downgrade+0x820/0x820 [ 1010.554890][ C1] do_futex+0x15b/0x1a60 [ 1010.559133][ C1] ? lock_acquire+0x1f1/0xad0 [ 1010.564567][ C1] ? __might_fault+0xef/0x1d0 [ 1010.569222][ C1] ? find_held_lock+0x2d/0x110 [ 1010.574100][ C1] ? futex_exit_release+0x220/0x220 [ 1010.579332][ C1] ? lock_downgrade+0x820/0x820 [ 1010.584161][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1010.590572][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1010.595664][ C1] ? __might_fault+0x190/0x1d0 [ 1010.600451][ C1] ? _copy_to_user+0x126/0x160 [ 1010.605300][ C1] __x64_sys_futex+0x378/0x4e0 [ 1010.610086][ C1] ? do_futex+0x1a60/0x1a60 [ 1010.614572][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1010.620185][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1010.625109][ C1] ? do_syscall_64+0x1c/0xe0 [ 1010.629681][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1010.635875][ C1] do_syscall_64+0x60/0xe0 [ 1010.640403][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1010.646646][ C1] RIP: 0033:0x45cb29 [ 1010.650524][ C1] Code: Bad RIP value. [ 1010.655463][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1010.663866][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1010.671872][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1010.679824][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1010.687936][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1010.697227][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1010.705379][ C1] syz-executor.1 S28384 15060 6984 0x00000000 [ 1010.711709][ C1] Call Trace: [ 1010.714988][ C1] __schedule+0x8e1/0x1eb0 [ 1010.719396][ C1] ? io_schedule_timeout+0x140/0x140 [ 1010.724674][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1010.730565][ C1] schedule+0xd0/0x2a0 [ 1010.734616][ C1] schedule_timeout+0x1d8/0x250 [ 1010.739447][ C1] ? usleep_range+0x170/0x170 [ 1010.744187][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1010.749305][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1010.755126][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1010.760943][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 1010.766559][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1010.772344][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1010.778302][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 1010.784088][ C1] ? skb_free_datagram+0xf0/0xf0 [ 1010.789013][ C1] ? proto_seq_start+0x50/0x50 [ 1010.793757][ C1] ? skb_segment.cold+0x38/0x38 [ 1010.798588][ C1] ? mark_lock+0xbc/0x1710 [ 1010.802989][ C1] __skb_recv_datagram+0x171/0x220 [ 1010.808077][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 1010.813685][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 1010.818781][ C1] ? __schedule+0x887/0x1eb0 [ 1010.823435][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1010.828379][ C1] skb_recv_datagram+0xa7/0xe0 [ 1010.833120][ C1] ? __skb_recv_datagram+0x220/0x220 [ 1010.838402][ C1] ? aa_sk_perm+0x316/0xaa0 [ 1010.842883][ C1] ? __might_fault+0xef/0x1d0 [ 1010.847626][ C1] raw_recvmsg+0xab/0x550 [ 1010.851938][ C1] ? raw_release+0x890/0x890 [ 1010.856507][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 1010.861958][ C1] ? raw_release+0x890/0x890 [ 1010.866527][ C1] ____sys_recvmsg+0x2c4/0x640 [ 1010.871282][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 1010.877154][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 1010.882775][ C1] ? import_iovec+0x23b/0x3d0 [ 1010.887431][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 1010.892699][ C1] ___sys_recvmsg+0x127/0x200 [ 1010.897354][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 1010.902968][ C1] ? lock_downgrade+0x820/0x820 [ 1010.907793][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1010.912801][ C1] ? __fget_files+0x294/0x400 [ 1010.917456][ C1] ? __fget_light+0xea/0x280 [ 1010.922024][ C1] do_recvmmsg+0x24d/0x6d0 [ 1010.926419][ C1] ? ___sys_recvmsg+0x200/0x200 [ 1010.931248][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1010.937479][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1010.942490][ C1] ? put_timespec64+0xcb/0x120 [ 1010.947330][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 1010.952174][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 1010.957663][ C1] ? __do_sys_socketcall+0x550/0x550 [ 1010.962938][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1010.967855][ C1] ? do_syscall_64+0x1c/0xe0 [ 1010.972446][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1010.978410][ C1] do_syscall_64+0x60/0xe0 [ 1010.982815][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1010.988696][ C1] RIP: 0033:0x45cb29 [ 1010.992561][ C1] Code: Bad RIP value. [ 1010.996622][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1011.005021][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 1011.012986][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 1011.020950][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1011.028897][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1011.036862][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 1011.044839][ C1] syz-executor.1 S29728 15076 15060 0x00000000 [ 1011.051918][ C1] Call Trace: [ 1011.055318][ C1] __schedule+0x8e1/0x1eb0 [ 1011.059735][ C1] ? io_schedule_timeout+0x140/0x140 [ 1011.065012][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1011.070456][ C1] schedule+0xd0/0x2a0 [ 1011.074507][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1011.079778][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1011.084959][ C1] ? futex_wake+0x1b5/0x490 [ 1011.089438][ C1] ? find_held_lock+0x2d/0x110 [ 1011.094201][ C1] futex_wait+0x1df/0x560 [ 1011.098525][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1011.103574][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1011.108517][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1011.113698][ C1] ? futex_wake+0x155/0x490 [ 1011.118194][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1011.124148][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1011.129936][ C1] do_futex+0x15b/0x1a60 [ 1011.134157][ C1] ? lock_acquire+0x1f1/0xad0 [ 1011.138840][ C1] ? __might_fault+0xef/0x1d0 [ 1011.143512][ C1] ? find_held_lock+0x2d/0x110 [ 1011.148274][ C1] ? futex_exit_release+0x220/0x220 [ 1011.153543][ C1] ? lock_downgrade+0x820/0x820 [ 1011.158387][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1011.164603][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1011.169605][ C1] ? __might_fault+0x190/0x1d0 [ 1011.174345][ C1] ? _copy_to_user+0x126/0x160 [ 1011.179085][ C1] __x64_sys_futex+0x378/0x4e0 [ 1011.183827][ C1] ? do_futex+0x1a60/0x1a60 [ 1011.188306][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1011.193959][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1011.198889][ C1] ? do_syscall_64+0x1c/0xe0 [ 1011.203479][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1011.209466][ C1] do_syscall_64+0x60/0xe0 [ 1011.213889][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1011.219765][ C1] RIP: 0033:0x45cb29 [ 1011.223632][ C1] Code: Bad RIP value. [ 1011.227694][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1011.236099][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1011.244055][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1011.252029][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1011.259980][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1011.267927][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1011.275890][ C1] syz-executor.1 S28696 15090 6984 0x00000000 [ 1011.282302][ C1] Call Trace: [ 1011.285590][ C1] __schedule+0x8e1/0x1eb0 [ 1011.290001][ C1] ? io_schedule_timeout+0x140/0x140 [ 1011.295294][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1011.300984][ C1] schedule+0xd0/0x2a0 [ 1011.305041][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1011.310182][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1011.315400][ C1] futex_wait+0x1df/0x560 [ 1011.319706][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1011.324710][ C1] ? mark_lock+0xbc/0x1710 [ 1011.329141][ C1] ? hash_futex+0x12/0x200 [ 1011.333548][ C1] ? futex_wake+0x155/0x490 [ 1011.338045][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1011.343074][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1011.349042][ C1] do_futex+0x15b/0x1a60 [ 1011.353269][ C1] ? lock_acquire+0x1f1/0xad0 [ 1011.357960][ C1] ? __might_fault+0xef/0x1d0 [ 1011.362614][ C1] ? find_held_lock+0x2d/0x110 [ 1011.367401][ C1] ? futex_exit_release+0x220/0x220 [ 1011.372576][ C1] ? lock_downgrade+0x820/0x820 [ 1011.377423][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1011.383782][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1011.388873][ C1] ? __might_fault+0x190/0x1d0 [ 1011.394421][ C1] ? _copy_to_user+0x126/0x160 [ 1011.399306][ C1] __x64_sys_futex+0x378/0x4e0 [ 1011.404079][ C1] ? do_futex+0x1a60/0x1a60 [ 1011.408587][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1011.414209][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1011.419142][ C1] ? do_syscall_64+0x1c/0xe0 [ 1011.423712][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1011.429672][ C1] do_syscall_64+0x60/0xe0 [ 1011.434066][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1011.439950][ C1] RIP: 0033:0x45cb29 [ 1011.443831][ C1] Code: Bad RIP value. [ 1011.447869][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1011.456265][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1011.464231][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1011.472216][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1011.480168][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1011.488117][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1011.496433][ C1] syz-executor.1 S29976 15093 15090 0x00000000 [ 1011.502750][ C1] Call Trace: [ 1011.506020][ C1] __schedule+0x8e1/0x1eb0 [ 1011.510415][ C1] ? io_schedule_timeout+0x140/0x140 [ 1011.515707][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1011.521158][ C1] schedule+0xd0/0x2a0 [ 1011.525207][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1011.531294][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1011.538000][ C1] futex_wait+0x1df/0x560 [ 1011.542317][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1011.547377][ C1] ? mark_lock+0xbc/0x1710 [ 1011.551948][ C1] ? hash_futex+0x12/0x200 [ 1011.556357][ C1] ? futex_wake+0x155/0x490 [ 1011.560842][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1011.565901][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1011.571855][ C1] ? lock_downgrade+0x820/0x820 [ 1011.576684][ C1] do_futex+0x15b/0x1a60 [ 1011.580906][ C1] ? lock_acquire+0x1f1/0xad0 [ 1011.585734][ C1] ? __might_fault+0xef/0x1d0 [ 1011.590552][ C1] ? find_held_lock+0x2d/0x110 [ 1011.595416][ C1] ? futex_exit_release+0x220/0x220 [ 1011.600625][ C1] ? lock_downgrade+0x820/0x820 [ 1011.606249][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1011.612562][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1011.617655][ C1] ? __might_fault+0x190/0x1d0 [ 1011.622398][ C1] ? _copy_to_user+0x126/0x160 [ 1011.627140][ C1] __x64_sys_futex+0x378/0x4e0 [ 1011.631883][ C1] ? do_futex+0x1a60/0x1a60 [ 1011.636366][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1011.641990][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1011.647250][ C1] ? do_syscall_64+0x1c/0xe0 [ 1011.651915][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1011.658050][ C1] do_syscall_64+0x60/0xe0 [ 1011.662561][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1011.668429][ C1] RIP: 0033:0x45cb29 [ 1011.672304][ C1] Code: Bad RIP value. [ 1011.676352][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1011.684740][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1011.692688][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1011.700645][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1011.708697][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1011.716651][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1011.724991][ C1] syz-executor.1 S29976 15111 6984 0x00000000 [ 1011.731587][ C1] Call Trace: [ 1011.735122][ C1] __schedule+0x8e1/0x1eb0 [ 1011.739576][ C1] ? io_schedule_timeout+0x140/0x140 [ 1011.744872][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1011.750408][ C1] schedule+0xd0/0x2a0 [ 1011.754488][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1011.759701][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1011.764880][ C1] ? futex_wake+0x1b5/0x490 [ 1011.769362][ C1] ? find_held_lock+0x2d/0x110 [ 1011.774104][ C1] futex_wait+0x1df/0x560 [ 1011.778411][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1011.783413][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1011.788330][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1011.793507][ C1] ? futex_wake+0x155/0x490 [ 1011.797996][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1011.803957][ C1] ? lock_downgrade+0x820/0x820 [ 1011.808789][ C1] do_futex+0x15b/0x1a60 [ 1011.813035][ C1] ? lock_acquire+0x1f1/0xad0 [ 1011.817690][ C1] ? __might_fault+0xef/0x1d0 [ 1011.822364][ C1] ? find_held_lock+0x2d/0x110 [ 1011.827107][ C1] ? futex_exit_release+0x220/0x220 [ 1011.832283][ C1] ? lock_downgrade+0x820/0x820 [ 1011.837111][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1011.843326][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1011.848329][ C1] ? __might_fault+0x190/0x1d0 [ 1011.853173][ C1] ? _copy_to_user+0x126/0x160 [ 1011.857962][ C1] __x64_sys_futex+0x378/0x4e0 [ 1011.862719][ C1] ? do_futex+0x1a60/0x1a60 [ 1011.867206][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1011.872816][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1011.877738][ C1] ? do_syscall_64+0x1c/0xe0 [ 1011.882316][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1011.888279][ C1] do_syscall_64+0x60/0xe0 [ 1011.892953][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1011.898822][ C1] RIP: 0033:0x45cb29 [ 1011.902687][ C1] Code: Bad RIP value. [ 1011.906727][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1011.915128][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1011.923074][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1011.931022][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1011.938982][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1011.946942][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1011.955120][ C1] syz-executor.1 S28624 15122 6984 0x00000000 [ 1011.961666][ C1] Call Trace: [ 1011.964977][ C1] __schedule+0x8e1/0x1eb0 [ 1011.969375][ C1] ? io_schedule_timeout+0x140/0x140 [ 1011.974767][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1011.980795][ C1] schedule+0xd0/0x2a0 [ 1011.985102][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1011.990207][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1011.995482][ C1] ? futex_wake+0x1b5/0x490 [ 1012.000498][ C1] ? find_held_lock+0x2d/0x110 [ 1012.005801][ C1] futex_wait+0x1df/0x560 [ 1012.010843][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1012.015867][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1012.020864][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1012.026060][ C1] ? futex_wake+0x155/0x490 [ 1012.030554][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1012.036774][ C1] do_futex+0x15b/0x1a60 [ 1012.041143][ C1] ? lock_acquire+0x1f1/0xad0 [ 1012.045824][ C1] ? __might_fault+0xef/0x1d0 [ 1012.050504][ C1] ? find_held_lock+0x2d/0x110 [ 1012.055249][ C1] ? futex_exit_release+0x220/0x220 [ 1012.060426][ C1] ? lock_downgrade+0x820/0x820 [ 1012.065258][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1012.071539][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1012.076543][ C1] ? __might_fault+0x190/0x1d0 [ 1012.081285][ C1] ? _copy_to_user+0x126/0x160 [ 1012.086051][ C1] __x64_sys_futex+0x378/0x4e0 [ 1012.090987][ C1] ? do_futex+0x1a60/0x1a60 [ 1012.095475][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1012.101093][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1012.106015][ C1] ? do_syscall_64+0x1c/0xe0 [ 1012.110724][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1012.116695][ C1] do_syscall_64+0x60/0xe0 [ 1012.121093][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1012.126965][ C1] RIP: 0033:0x45cb29 [ 1012.130829][ C1] Code: Bad RIP value. [ 1012.134924][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1012.143406][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1012.151454][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1012.159407][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1012.167361][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1012.175424][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1012.183391][ C1] syz-executor.1 S29976 15123 15122 0x00000000 [ 1012.190236][ C1] Call Trace: [ 1012.193514][ C1] __schedule+0x8e1/0x1eb0 [ 1012.198118][ C1] ? io_schedule_timeout+0x140/0x140 [ 1012.203420][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1012.208877][ C1] schedule+0xd0/0x2a0 [ 1012.212944][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1012.218045][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1012.223229][ C1] ? futex_wake+0x1b5/0x490 [ 1012.227720][ C1] ? find_held_lock+0x2d/0x110 [ 1012.232482][ C1] futex_wait+0x1df/0x560 [ 1012.236795][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1012.241818][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1012.246747][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1012.251923][ C1] ? futex_wake+0x155/0x490 [ 1012.256413][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1012.262368][ C1] ? lock_downgrade+0x820/0x820 [ 1012.267213][ C1] do_futex+0x15b/0x1a60 [ 1012.271435][ C1] ? lock_acquire+0x1f1/0xad0 [ 1012.276091][ C1] ? __might_fault+0xef/0x1d0 [ 1012.280742][ C1] ? find_held_lock+0x2d/0x110 [ 1012.285481][ C1] ? futex_exit_release+0x220/0x220 [ 1012.290656][ C1] ? lock_downgrade+0x820/0x820 [ 1012.295485][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1012.301703][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1012.306714][ C1] ? __might_fault+0x190/0x1d0 [ 1012.311462][ C1] ? _copy_to_user+0x126/0x160 [ 1012.316221][ C1] __x64_sys_futex+0x378/0x4e0 [ 1012.320982][ C1] ? do_futex+0x1a60/0x1a60 [ 1012.325484][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1012.331111][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1012.336028][ C1] ? do_syscall_64+0x1c/0xe0 [ 1012.340943][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1012.346916][ C1] do_syscall_64+0x60/0xe0 [ 1012.351328][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1012.357457][ C1] RIP: 0033:0x45cb29 [ 1012.361509][ C1] Code: Bad RIP value. [ 1012.365564][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1012.373953][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1012.381900][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1012.389847][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1012.398315][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1012.406261][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1012.414230][ C1] syz-executor.1 S29976 15139 15122 0x00000000 [ 1012.420567][ C1] Call Trace: [ 1012.424548][ C1] __schedule+0x8e1/0x1eb0 [ 1012.428950][ C1] ? io_schedule_timeout+0x140/0x140 [ 1012.434238][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1012.439688][ C1] schedule+0xd0/0x2a0 [ 1012.443735][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1012.448836][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1012.454037][ C1] ? futex_wake+0x1b5/0x490 [ 1012.458636][ C1] ? find_held_lock+0x2d/0x110 [ 1012.463399][ C1] futex_wait+0x1df/0x560 [ 1012.467735][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1012.472848][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1012.477765][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1012.482939][ C1] ? futex_wake+0x155/0x490 [ 1012.487426][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1012.493397][ C1] ? lock_downgrade+0x820/0x820 [ 1012.498237][ C1] do_futex+0x15b/0x1a60 [ 1012.502463][ C1] ? lock_acquire+0x1f1/0xad0 [ 1012.507122][ C1] ? __might_fault+0xef/0x1d0 [ 1012.511789][ C1] ? find_held_lock+0x2d/0x110 [ 1012.516531][ C1] ? futex_exit_release+0x220/0x220 [ 1012.521706][ C1] ? lock_downgrade+0x820/0x820 [ 1012.526541][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1012.532771][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1012.537795][ C1] ? __might_fault+0x190/0x1d0 [ 1012.542536][ C1] ? _copy_to_user+0x126/0x160 [ 1012.547293][ C1] __x64_sys_futex+0x378/0x4e0 [ 1012.552138][ C1] ? do_futex+0x1a60/0x1a60 [ 1012.556617][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1012.562313][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1012.567226][ C1] ? do_syscall_64+0x1c/0xe0 [ 1012.571793][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1012.577750][ C1] do_syscall_64+0x60/0xe0 [ 1012.582162][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1012.588031][ C1] RIP: 0033:0x45cb29 [ 1012.591909][ C1] Code: Bad RIP value. [ 1012.595952][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1012.604341][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1012.612294][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1012.620257][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1012.628294][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1012.636258][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1012.644304][ C1] syz-executor.1 S28384 15152 6984 0x00000000 [ 1012.650699][ C1] Call Trace: [ 1012.653967][ C1] __schedule+0x8e1/0x1eb0 [ 1012.658467][ C1] ? io_schedule_timeout+0x140/0x140 [ 1012.663865][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1012.669342][ C1] schedule+0xd0/0x2a0 [ 1012.673402][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1012.678510][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1012.683727][ C1] futex_wait+0x1df/0x560 [ 1012.688039][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1012.693043][ C1] ? mark_lock+0xbc/0x1710 [ 1012.697445][ C1] ? mark_lock+0xbc/0x1710 [ 1012.701838][ C1] ? hash_futex+0x12/0x200 [ 1012.706320][ C1] ? futex_wake+0x155/0x490 [ 1012.710803][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1012.715813][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1012.721772][ C1] do_futex+0x15b/0x1a60 [ 1012.726002][ C1] ? lock_acquire+0x1f1/0xad0 [ 1012.730667][ C1] ? __might_fault+0xef/0x1d0 [ 1012.735334][ C1] ? find_held_lock+0x2d/0x110 [ 1012.740107][ C1] ? futex_exit_release+0x220/0x220 [ 1012.745299][ C1] ? lock_downgrade+0x820/0x820 [ 1012.750129][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1012.756554][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1012.761628][ C1] ? __might_fault+0x190/0x1d0 [ 1012.766384][ C1] ? _copy_to_user+0x126/0x160 [ 1012.771266][ C1] __x64_sys_futex+0x378/0x4e0 [ 1012.776030][ C1] ? do_futex+0x1a60/0x1a60 [ 1012.780515][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1012.786125][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1012.791046][ C1] ? do_syscall_64+0x1c/0xe0 [ 1012.795667][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1012.801849][ C1] do_syscall_64+0x60/0xe0 [ 1012.806244][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1012.812136][ C1] RIP: 0033:0x45cb29 [ 1012.816000][ C1] Code: Bad RIP value. [ 1012.820052][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1012.830707][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1012.838670][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1012.846709][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1012.854760][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1012.862709][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1012.870711][ C1] syz-executor.1 S29976 15154 15152 0x00000000 [ 1012.877148][ C1] Call Trace: [ 1012.880436][ C1] __schedule+0x8e1/0x1eb0 [ 1012.885126][ C1] ? io_schedule_timeout+0x140/0x140 [ 1012.890406][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1012.895878][ C1] schedule+0xd0/0x2a0 [ 1012.899947][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1012.905041][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1012.910219][ C1] futex_wait+0x1df/0x560 [ 1012.914546][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1012.919566][ C1] ? mark_lock+0xbc/0x1710 [ 1012.923978][ C1] ? hash_futex+0x12/0x200 [ 1012.928624][ C1] ? futex_wake+0x155/0x490 [ 1012.933118][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1012.938135][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1012.944249][ C1] ? lock_downgrade+0x820/0x820 [ 1012.949084][ C1] do_futex+0x15b/0x1a60 [ 1012.953477][ C1] ? lock_acquire+0x1f1/0xad0 [ 1012.958235][ C1] ? __might_fault+0xef/0x1d0 [ 1012.962901][ C1] ? find_held_lock+0x2d/0x110 [ 1012.967660][ C1] ? futex_exit_release+0x220/0x220 [ 1012.972835][ C1] ? lock_downgrade+0x820/0x820 [ 1012.977673][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1012.984000][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1012.989015][ C1] ? __might_fault+0x190/0x1d0 [ 1012.994027][ C1] ? _copy_to_user+0x126/0x160 [ 1012.998778][ C1] __x64_sys_futex+0x378/0x4e0 [ 1013.003522][ C1] ? do_futex+0x1a60/0x1a60 [ 1013.008000][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1013.013613][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1013.018556][ C1] ? do_syscall_64+0x1c/0xe0 [ 1013.023123][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1013.029079][ C1] do_syscall_64+0x60/0xe0 [ 1013.033473][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1013.039340][ C1] RIP: 0033:0x45cb29 [ 1013.043209][ C1] Code: Bad RIP value. [ 1013.047340][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1013.055726][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1013.063812][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1013.071778][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1013.079745][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1013.087812][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1013.095791][ C1] syz-executor.1 S29976 15169 15152 0x00000000 [ 1013.102112][ C1] Call Trace: [ 1013.105384][ C1] __schedule+0x8e1/0x1eb0 [ 1013.109785][ C1] ? io_schedule_timeout+0x140/0x140 [ 1013.115062][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1013.120712][ C1] schedule+0xd0/0x2a0 [ 1013.124784][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1013.129875][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1013.135056][ C1] futex_wait+0x1df/0x560 [ 1013.139376][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1013.144383][ C1] ? mark_lock+0xbc/0x1710 [ 1013.148779][ C1] ? hash_futex+0x12/0x200 [ 1013.153187][ C1] ? futex_wake+0x155/0x490 [ 1013.157678][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1013.162689][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1013.168642][ C1] ? lock_downgrade+0x820/0x820 [ 1013.173469][ C1] do_futex+0x15b/0x1a60 [ 1013.177705][ C1] ? lock_acquire+0x1f1/0xad0 [ 1013.182360][ C1] ? __might_fault+0xef/0x1d0 [ 1013.187015][ C1] ? find_held_lock+0x2d/0x110 [ 1013.191755][ C1] ? futex_exit_release+0x220/0x220 [ 1013.196932][ C1] ? lock_downgrade+0x820/0x820 [ 1013.201764][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1013.208173][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1013.213178][ C1] ? __might_fault+0x190/0x1d0 [ 1013.217933][ C1] ? _copy_to_user+0x126/0x160 [ 1013.222695][ C1] __x64_sys_futex+0x378/0x4e0 [ 1013.227436][ C1] ? do_futex+0x1a60/0x1a60 [ 1013.231920][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1013.237552][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1013.242480][ C1] ? do_syscall_64+0x1c/0xe0 [ 1013.247062][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1013.253034][ C1] do_syscall_64+0x60/0xe0 [ 1013.257427][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1013.263320][ C1] RIP: 0033:0x45cb29 [ 1013.267190][ C1] Code: Bad RIP value. [ 1013.271243][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1013.279639][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1013.287586][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1013.295894][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1013.303864][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1013.311834][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1013.319824][ C1] syz-executor.1 S28376 15184 6984 0x00000000 [ 1013.326141][ C1] Call Trace: [ 1013.329416][ C1] __schedule+0x8e1/0x1eb0 [ 1013.333816][ C1] ? io_schedule_timeout+0x140/0x140 [ 1013.339077][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1013.344526][ C1] schedule+0xd0/0x2a0 [ 1013.348602][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1013.353713][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1013.358903][ C1] ? futex_wake+0x1b5/0x490 [ 1013.363402][ C1] ? find_held_lock+0x2d/0x110 [ 1013.368268][ C1] futex_wait+0x1df/0x560 [ 1013.372616][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1013.377819][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1013.382737][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1013.387910][ C1] ? futex_wake+0x155/0x490 [ 1013.392397][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1013.398380][ C1] do_futex+0x15b/0x1a60 [ 1013.402604][ C1] ? lock_acquire+0x1f1/0xad0 [ 1013.407261][ C1] ? __might_fault+0xef/0x1d0 [ 1013.411914][ C1] ? find_held_lock+0x2d/0x110 [ 1013.416654][ C1] ? futex_exit_release+0x220/0x220 [ 1013.421841][ C1] ? lock_downgrade+0x820/0x820 [ 1013.426669][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1013.432891][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1013.437905][ C1] ? __might_fault+0x190/0x1d0 [ 1013.442661][ C1] ? _copy_to_user+0x126/0x160 [ 1013.447427][ C1] __x64_sys_futex+0x378/0x4e0 [ 1013.452175][ C1] ? do_futex+0x1a60/0x1a60 [ 1013.456659][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1013.462270][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1013.467184][ C1] ? do_syscall_64+0x1c/0xe0 [ 1013.471754][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1013.477712][ C1] do_syscall_64+0x60/0xe0 [ 1013.482110][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1013.488248][ C1] RIP: 0033:0x45cb29 [ 1013.492112][ C1] Code: Bad RIP value. [ 1013.496163][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1013.504547][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1013.512492][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1013.520463][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1013.528503][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1013.536467][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1013.544435][ C1] syz-executor.1 S29976 15189 15184 0x00000000 [ 1013.550786][ C1] Call Trace: [ 1013.554058][ C1] __schedule+0x8e1/0x1eb0 [ 1013.558467][ C1] ? io_schedule_timeout+0x140/0x140 [ 1013.563726][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1013.569164][ C1] schedule+0xd0/0x2a0 [ 1013.573261][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1013.578351][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1013.583628][ C1] ? futex_wake+0x1b5/0x490 [ 1013.588120][ C1] ? find_held_lock+0x2d/0x110 [ 1013.592863][ C1] futex_wait+0x1df/0x560 [ 1013.597187][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1013.602210][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1013.607124][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1013.612296][ C1] ? futex_wake+0x155/0x490 [ 1013.616784][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1013.622739][ C1] ? lock_downgrade+0x820/0x820 [ 1013.627569][ C1] do_futex+0x15b/0x1a60 [ 1013.631807][ C1] ? lock_acquire+0x1f1/0xad0 [ 1013.636459][ C1] ? __might_fault+0xef/0x1d0 [ 1013.641130][ C1] ? find_held_lock+0x2d/0x110 [ 1013.645869][ C1] ? futex_exit_release+0x220/0x220 [ 1013.651058][ C1] ? lock_downgrade+0x820/0x820 [ 1013.656145][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1013.662361][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1013.667480][ C1] ? __might_fault+0x190/0x1d0 [ 1013.672229][ C1] ? _copy_to_user+0x126/0x160 [ 1013.677295][ C1] __x64_sys_futex+0x378/0x4e0 [ 1013.682250][ C1] ? do_futex+0x1a60/0x1a60 [ 1013.686744][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1013.692371][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1013.697295][ C1] ? do_syscall_64+0x1c/0xe0 [ 1013.701863][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1013.707835][ C1] do_syscall_64+0x60/0xe0 [ 1013.712265][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1013.718150][ C1] RIP: 0033:0x45cb29 [ 1013.722018][ C1] Code: Bad RIP value. [ 1013.726058][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1013.734451][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1013.742428][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1013.750495][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1013.758456][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1013.766426][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1013.774513][ C1] syz-executor.1 S29976 15202 15184 0x00000000 [ 1013.780860][ C1] Call Trace: [ 1013.784132][ C1] __schedule+0x8e1/0x1eb0 [ 1013.788541][ C1] ? io_schedule_timeout+0x140/0x140 [ 1013.793818][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1013.799379][ C1] schedule+0xd0/0x2a0 [ 1013.803451][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1013.808545][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1013.813810][ C1] futex_wait+0x1df/0x560 [ 1013.818131][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1013.823147][ C1] ? mark_lock+0xbc/0x1710 [ 1013.827547][ C1] ? hash_futex+0x12/0x200 [ 1013.831939][ C1] ? futex_wake+0x155/0x490 [ 1013.836418][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1013.841448][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1013.847404][ C1] ? lock_downgrade+0x820/0x820 [ 1013.852256][ C1] do_futex+0x15b/0x1a60 [ 1013.856653][ C1] ? lock_acquire+0x1f1/0xad0 [ 1013.861307][ C1] ? __might_fault+0xef/0x1d0 [ 1013.865978][ C1] ? find_held_lock+0x2d/0x110 [ 1013.870730][ C1] ? futex_exit_release+0x220/0x220 [ 1013.876264][ C1] ? lock_downgrade+0x820/0x820 [ 1013.881265][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1013.887486][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1013.892575][ C1] ? __might_fault+0x190/0x1d0 [ 1013.897316][ C1] ? _copy_to_user+0x126/0x160 [ 1013.902057][ C1] __x64_sys_futex+0x378/0x4e0 [ 1013.906797][ C1] ? do_futex+0x1a60/0x1a60 [ 1013.911274][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1013.916894][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1013.921827][ C1] ? do_syscall_64+0x1c/0xe0 [ 1013.926486][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1013.932444][ C1] do_syscall_64+0x60/0xe0 [ 1013.936851][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1013.942744][ C1] RIP: 0033:0x45cb29 [ 1013.946608][ C1] Code: Bad RIP value. [ 1013.950651][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1013.959036][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1013.967091][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1013.975038][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1013.982990][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1013.990962][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1013.998933][ C1] syz-executor.1 S28600 15215 6984 0x00000000 [ 1014.005261][ C1] Call Trace: [ 1014.008543][ C1] __schedule+0x8e1/0x1eb0 [ 1014.012949][ C1] ? io_schedule_timeout+0x140/0x140 [ 1014.018218][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1014.024065][ C1] schedule+0xd0/0x2a0 [ 1014.028115][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1014.033198][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1014.038388][ C1] futex_wait+0x1df/0x560 [ 1014.042715][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1014.047788][ C1] ? mark_lock+0xbc/0x1710 [ 1014.052295][ C1] ? hash_futex+0x12/0x200 [ 1014.056698][ C1] ? futex_wake+0x155/0x490 [ 1014.061201][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1014.066210][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1014.072189][ C1] do_futex+0x15b/0x1a60 [ 1014.076426][ C1] ? lock_acquire+0x1f1/0xad0 [ 1014.081079][ C1] ? __might_fault+0xef/0x1d0 [ 1014.085822][ C1] ? find_held_lock+0x2d/0x110 [ 1014.090563][ C1] ? futex_exit_release+0x220/0x220 [ 1014.095737][ C1] ? lock_downgrade+0x820/0x820 [ 1014.100580][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1014.106810][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1014.111924][ C1] ? __might_fault+0x190/0x1d0 [ 1014.116674][ C1] ? _copy_to_user+0x126/0x160 [ 1014.121435][ C1] __x64_sys_futex+0x378/0x4e0 [ 1014.126182][ C1] ? do_futex+0x1a60/0x1a60 [ 1014.130662][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1014.136274][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1014.141263][ C1] ? do_syscall_64+0x1c/0xe0 [ 1014.145855][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1014.151828][ C1] do_syscall_64+0x60/0xe0 [ 1014.156229][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1014.162097][ C1] RIP: 0033:0x45cb29 [ 1014.165962][ C1] Code: Bad RIP value. [ 1014.170103][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1014.178487][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1014.186437][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1014.194410][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1014.202358][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1014.210306][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1014.218268][ C1] syz-executor.1 S29976 15217 15215 0x00000000 [ 1014.224581][ C1] Call Trace: [ 1014.227941][ C1] __schedule+0x8e1/0x1eb0 [ 1014.232503][ C1] ? io_schedule_timeout+0x140/0x140 [ 1014.237791][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1014.243346][ C1] schedule+0xd0/0x2a0 [ 1014.247410][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1014.252514][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1014.257776][ C1] ? futex_wake+0x1b5/0x490 [ 1014.262256][ C1] ? find_held_lock+0x2d/0x110 [ 1014.267012][ C1] futex_wait+0x1df/0x560 [ 1014.271323][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1014.276325][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1014.281260][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1014.286440][ C1] ? futex_wake+0x155/0x490 [ 1014.290946][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1014.296929][ C1] ? lock_downgrade+0x820/0x820 [ 1014.301858][ C1] do_futex+0x15b/0x1a60 [ 1014.306082][ C1] ? lock_acquire+0x1f1/0xad0 [ 1014.310734][ C1] ? __might_fault+0xef/0x1d0 [ 1014.315415][ C1] ? find_held_lock+0x2d/0x110 [ 1014.320156][ C1] ? futex_exit_release+0x220/0x220 [ 1014.325331][ C1] ? lock_downgrade+0x820/0x820 [ 1014.330158][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1014.336519][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1014.341537][ C1] ? __might_fault+0x190/0x1d0 [ 1014.346280][ C1] ? _copy_to_user+0x126/0x160 [ 1014.351037][ C1] __x64_sys_futex+0x378/0x4e0 [ 1014.355829][ C1] ? do_futex+0x1a60/0x1a60 [ 1014.360330][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1014.366044][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1014.371001][ C1] ? do_syscall_64+0x1c/0xe0 [ 1014.376531][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1014.382487][ C1] do_syscall_64+0x60/0xe0 [ 1014.386887][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1014.392770][ C1] RIP: 0033:0x45cb29 [ 1014.396666][ C1] Code: Bad RIP value. [ 1014.400730][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1014.409146][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1014.417303][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1014.425262][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1014.433220][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1014.441184][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1014.449179][ C1] syz-executor.1 S29976 15235 6984 0x00000000 [ 1014.455616][ C1] Call Trace: [ 1014.458913][ C1] __schedule+0x8e1/0x1eb0 [ 1014.463334][ C1] ? io_schedule_timeout+0x140/0x140 [ 1014.468875][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1014.474322][ C1] schedule+0xd0/0x2a0 [ 1014.478367][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1014.483457][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1014.488638][ C1] ? futex_wake+0x1b5/0x490 [ 1014.493172][ C1] ? find_held_lock+0x2d/0x110 [ 1014.498011][ C1] futex_wait+0x1df/0x560 [ 1014.502346][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1014.507367][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1014.512285][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1014.517459][ C1] ? futex_wake+0x155/0x490 [ 1014.521969][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1014.527935][ C1] ? lock_downgrade+0x820/0x820 [ 1014.532772][ C1] do_futex+0x15b/0x1a60 [ 1014.536998][ C1] ? lock_acquire+0x1f1/0xad0 [ 1014.541655][ C1] ? __might_fault+0xef/0x1d0 [ 1014.546394][ C1] ? find_held_lock+0x2d/0x110 [ 1014.551140][ C1] ? futex_exit_release+0x220/0x220 [ 1014.556749][ C1] ? lock_downgrade+0x820/0x820 [ 1014.561605][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1014.567857][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1014.573021][ C1] ? __might_fault+0x190/0x1d0 [ 1014.577774][ C1] ? _copy_to_user+0x126/0x160 [ 1014.582529][ C1] __x64_sys_futex+0x378/0x4e0 [ 1014.587282][ C1] ? do_futex+0x1a60/0x1a60 [ 1014.591763][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1014.597392][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1014.602325][ C1] ? do_syscall_64+0x1c/0xe0 [ 1014.606916][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1014.612889][ C1] do_syscall_64+0x60/0xe0 [ 1014.617306][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1014.623206][ C1] RIP: 0033:0x45cb29 [ 1014.627092][ C1] Code: Bad RIP value. [ 1014.631143][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1014.639542][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1014.647593][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1014.655554][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1014.663841][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1014.671796][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1014.679770][ C1] syz-executor.1 S29976 15257 6984 0x00000000 [ 1014.686081][ C1] Call Trace: [ 1014.689350][ C1] __schedule+0x8e1/0x1eb0 [ 1014.693749][ C1] ? io_schedule_timeout+0x140/0x140 [ 1014.699026][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1014.704500][ C1] schedule+0xd0/0x2a0 [ 1014.708750][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1014.713861][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1014.719167][ C1] ? futex_wake+0x1b5/0x490 [ 1014.723677][ C1] ? find_held_lock+0x2d/0x110 [ 1014.728563][ C1] futex_wait+0x1df/0x560 [ 1014.732883][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1014.737890][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1014.742808][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1014.747986][ C1] ? futex_wake+0x155/0x490 [ 1014.752478][ C1] ? lock_downgrade+0x820/0x820 [ 1014.757320][ C1] do_futex+0x15b/0x1a60 [ 1014.761561][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1014.766738][ C1] ? _raw_spin_unlock+0x24/0x40 [ 1014.771564][ C1] ? do_wp_page+0x16a/0x1950 [ 1014.776132][ C1] ? futex_exit_release+0x220/0x220 [ 1014.781315][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 1014.786319][ C1] ? find_held_lock+0x2d/0x110 [ 1014.791138][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 1014.796339][ C1] ? __up_read+0x1a1/0x7b0 [ 1014.800759][ C1] ? _down_write_nest_lock+0x150/0x150 [ 1014.806195][ C1] __x64_sys_futex+0x378/0x4e0 [ 1014.811045][ C1] ? do_futex+0x1a60/0x1a60 [ 1014.815720][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1014.820655][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1014.825577][ C1] ? do_syscall_64+0x1c/0xe0 [ 1014.830439][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1014.836409][ C1] do_syscall_64+0x60/0xe0 [ 1014.840807][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1014.846676][ C1] RIP: 0033:0x45cb29 [ 1014.850540][ C1] Code: Bad RIP value. [ 1014.854579][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1014.862965][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1014.870927][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1014.878888][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1014.886836][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1014.895477][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1014.903773][ C1] syz-executor.1 S29056 15279 6984 0x00000000 [ 1014.910102][ C1] Call Trace: [ 1014.913397][ C1] __schedule+0x8e1/0x1eb0 [ 1014.917797][ C1] ? io_schedule_timeout+0x140/0x140 [ 1014.923106][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1014.928547][ C1] schedule+0xd0/0x2a0 [ 1014.932613][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1014.937701][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1014.942881][ C1] futex_wait+0x1df/0x560 [ 1014.947190][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1014.952207][ C1] ? mark_lock+0xbc/0x1710 [ 1014.956775][ C1] ? hash_futex+0x12/0x200 [ 1014.961373][ C1] ? futex_wake+0x155/0x490 [ 1014.965850][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1014.970858][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1014.976818][ C1] ? lock_downgrade+0x820/0x820 [ 1014.981756][ C1] do_futex+0x15b/0x1a60 [ 1014.986261][ C1] ? lock_acquire+0x1f1/0xad0 [ 1014.991090][ C1] ? __might_fault+0xef/0x1d0 [ 1014.995761][ C1] ? find_held_lock+0x2d/0x110 [ 1015.000508][ C1] ? futex_exit_release+0x220/0x220 [ 1015.005687][ C1] ? lock_downgrade+0x820/0x820 [ 1015.010518][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1015.016745][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1015.021753][ C1] ? __might_fault+0x190/0x1d0 [ 1015.026492][ C1] ? _copy_to_user+0x126/0x160 [ 1015.031238][ C1] __x64_sys_futex+0x378/0x4e0 [ 1015.035984][ C1] ? do_futex+0x1a60/0x1a60 [ 1015.040465][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1015.046075][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1015.051096][ C1] ? do_syscall_64+0x1c/0xe0 [ 1015.055667][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1015.061635][ C1] do_syscall_64+0x60/0xe0 [ 1015.066045][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1015.072005][ C1] RIP: 0033:0x45cb29 [ 1015.076065][ C1] Code: Bad RIP value. [ 1015.080118][ C1] RSP: 002b:00007f57eae5ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1015.089294][ C1] RAX: ffffffffffffffda RBX: 000000000078c0e8 RCX: 000000000045cb29 [ 1015.097255][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c0e8 [ 1015.105358][ C1] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 1015.113316][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c0ec [ 1015.121438][ C1] R13: 0000000000c9fb6f R14: 00007f57eae5f9c0 R15: 000000000078c0ec [ 1015.129491][ C1] syz-executor.1 S28384 15292 6984 0x00000000 [ 1015.135816][ C1] Call Trace: [ 1015.139089][ C1] __schedule+0x8e1/0x1eb0 [ 1015.144008][ C1] ? io_schedule_timeout+0x140/0x140 [ 1015.149308][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1015.154785][ C1] schedule+0xd0/0x2a0 [ 1015.158846][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1015.164053][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1015.169229][ C1] ? futex_wake+0x1b5/0x490 [ 1015.173714][ C1] ? find_held_lock+0x2d/0x110 [ 1015.178470][ C1] futex_wait+0x1df/0x560 [ 1015.182798][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1015.187824][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1015.192761][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1015.198927][ C1] ? futex_wake+0x155/0x490 [ 1015.204054][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1015.210040][ C1] do_futex+0x15b/0x1a60 [ 1015.214365][ C1] ? lock_acquire+0x1f1/0xad0 [ 1015.219042][ C1] ? __might_fault+0xef/0x1d0 [ 1015.224415][ C1] ? find_held_lock+0x2d/0x110 [ 1015.229173][ C1] ? futex_exit_release+0x220/0x220 [ 1015.234359][ C1] ? lock_downgrade+0x820/0x820 [ 1015.239299][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1015.245540][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1015.250641][ C1] ? __might_fault+0x190/0x1d0 [ 1015.255495][ C1] ? _copy_to_user+0x126/0x160 [ 1015.260248][ C1] __x64_sys_futex+0x378/0x4e0 [ 1015.265004][ C1] ? do_futex+0x1a60/0x1a60 [ 1015.269494][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1015.275361][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1015.280291][ C1] ? do_syscall_64+0x1c/0xe0 [ 1015.284968][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1015.290956][ C1] do_syscall_64+0x60/0xe0 [ 1015.295379][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1015.301277][ C1] RIP: 0033:0x45cb29 [ 1015.305162][ C1] Code: Bad RIP value. [ 1015.309209][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1015.317656][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1015.325604][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1015.333730][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1015.341816][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1015.349862][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1015.357829][ C1] syz-executor.1 S29976 15294 15292 0x00000000 [ 1015.364147][ C1] Call Trace: [ 1015.367418][ C1] __schedule+0x8e1/0x1eb0 [ 1015.371816][ C1] ? io_schedule_timeout+0x140/0x140 [ 1015.377329][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1015.382783][ C1] schedule+0xd0/0x2a0 [ 1015.386838][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1015.391942][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1015.397208][ C1] futex_wait+0x1df/0x560 [ 1015.401517][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1015.406538][ C1] ? mark_lock+0xbc/0x1710 [ 1015.410932][ C1] ? hash_futex+0x12/0x200 [ 1015.415417][ C1] ? futex_wake+0x155/0x490 [ 1015.419909][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1015.424928][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1015.431270][ C1] ? lock_downgrade+0x820/0x820 [ 1015.436277][ C1] do_futex+0x15b/0x1a60 [ 1015.440532][ C1] ? lock_acquire+0x1f1/0xad0 [ 1015.445191][ C1] ? __might_fault+0xef/0x1d0 [ 1015.449862][ C1] ? find_held_lock+0x2d/0x110 [ 1015.454610][ C1] ? futex_exit_release+0x220/0x220 [ 1015.459900][ C1] ? lock_downgrade+0x820/0x820 [ 1015.464903][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1015.471138][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1015.476148][ C1] ? __might_fault+0x190/0x1d0 [ 1015.480895][ C1] ? _copy_to_user+0x126/0x160 [ 1015.485640][ C1] __x64_sys_futex+0x378/0x4e0 [ 1015.490470][ C1] ? do_futex+0x1a60/0x1a60 [ 1015.494953][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1015.500564][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1015.505490][ C1] ? do_syscall_64+0x1c/0xe0 [ 1015.510080][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1015.516075][ C1] do_syscall_64+0x60/0xe0 [ 1015.520480][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1015.526369][ C1] RIP: 0033:0x45cb29 [ 1015.530277][ C1] Code: Bad RIP value. [ 1015.534337][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1015.542732][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1015.550693][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1015.558813][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1015.566766][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1015.575079][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1015.583057][ C1] syz-executor.1 S29976 15308 15292 0x00000000 [ 1015.589377][ C1] Call Trace: [ 1015.592653][ C1] __schedule+0x8e1/0x1eb0 [ 1015.597067][ C1] ? io_schedule_timeout+0x140/0x140 [ 1015.602329][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1015.607778][ C1] schedule+0xd0/0x2a0 [ 1015.611825][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1015.616927][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1015.622098][ C1] ? futex_wake+0x1b5/0x490 [ 1015.626576][ C1] ? find_held_lock+0x2d/0x110 [ 1015.631318][ C1] futex_wait+0x1df/0x560 [ 1015.635644][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1015.640659][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1015.645595][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1015.650773][ C1] ? futex_wake+0x155/0x490 [ 1015.655265][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1015.661428][ C1] ? lock_downgrade+0x820/0x820 [ 1015.666266][ C1] do_futex+0x15b/0x1a60 [ 1015.670760][ C1] ? lock_acquire+0x1f1/0xad0 [ 1015.675414][ C1] ? __might_fault+0xef/0x1d0 [ 1015.680210][ C1] ? find_held_lock+0x2d/0x110 [ 1015.684988][ C1] ? futex_exit_release+0x220/0x220 [ 1015.690180][ C1] ? lock_downgrade+0x820/0x820 [ 1015.695030][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1015.701262][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1015.706290][ C1] ? __might_fault+0x190/0x1d0 [ 1015.711234][ C1] ? _copy_to_user+0x126/0x160 [ 1015.716052][ C1] __x64_sys_futex+0x378/0x4e0 [ 1015.720872][ C1] ? do_futex+0x1a60/0x1a60 [ 1015.725438][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1015.731049][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1015.735983][ C1] ? do_syscall_64+0x1c/0xe0 [ 1015.740656][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1015.747041][ C1] do_syscall_64+0x60/0xe0 [ 1015.751456][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1015.757527][ C1] RIP: 0033:0x45cb29 [ 1015.761414][ C1] Code: Bad RIP value. [ 1015.765482][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1015.773871][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1015.781927][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1015.789894][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1015.797847][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1015.805872][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1015.813964][ C1] syz-executor.1 S28168 15318 6984 0x00000000 [ 1015.820301][ C1] Call Trace: [ 1015.823589][ C1] __schedule+0x8e1/0x1eb0 [ 1015.828174][ C1] ? io_schedule_timeout+0x140/0x140 [ 1015.833494][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1015.838946][ C1] schedule+0xd0/0x2a0 [ 1015.843009][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1015.848099][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1015.853325][ C1] ? find_held_lock+0x2d/0x110 [ 1015.858209][ C1] futex_wait+0x1df/0x560 [ 1015.862531][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1015.867544][ C1] ? mark_lock+0xbc/0x1710 [ 1015.871957][ C1] ? hash_futex+0x12/0x200 [ 1015.876390][ C1] ? futex_wake+0x155/0x490 [ 1015.880876][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1015.885988][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1015.891972][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1015.897786][ C1] do_futex+0x15b/0x1a60 [ 1015.902019][ C1] ? lock_acquire+0x1f1/0xad0 [ 1015.906676][ C1] ? __might_fault+0xef/0x1d0 [ 1015.911519][ C1] ? find_held_lock+0x2d/0x110 [ 1015.916615][ C1] ? futex_exit_release+0x220/0x220 [ 1015.921800][ C1] ? lock_downgrade+0x820/0x820 [ 1015.926650][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1015.932887][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1015.937907][ C1] ? __might_fault+0x190/0x1d0 [ 1015.942671][ C1] ? _copy_to_user+0x126/0x160 [ 1015.947434][ C1] __x64_sys_futex+0x378/0x4e0 [ 1015.952911][ C1] ? do_futex+0x1a60/0x1a60 [ 1015.957496][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1015.963123][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1015.968067][ C1] ? do_syscall_64+0x1c/0xe0 [ 1015.972739][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1015.978723][ C1] do_syscall_64+0x60/0xe0 [ 1015.983123][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1015.988997][ C1] RIP: 0033:0x45cb29 [ 1015.992885][ C1] Code: Bad RIP value. [ 1015.996925][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1016.005326][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1016.013315][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1016.021418][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1016.029411][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1016.037366][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1016.045331][ C1] syz-executor.1 S29056 15319 15318 0x00000000 [ 1016.051688][ C1] Call Trace: [ 1016.054992][ C1] __schedule+0x8e1/0x1eb0 [ 1016.059389][ C1] ? io_schedule_timeout+0x140/0x140 [ 1016.064654][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1016.070106][ C1] schedule+0xd0/0x2a0 [ 1016.074151][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1016.079238][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1016.084440][ C1] ? futex_wake+0x1b5/0x490 [ 1016.088920][ C1] ? find_held_lock+0x2d/0x110 [ 1016.093678][ C1] futex_wait+0x1df/0x560 [ 1016.097998][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1016.103011][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1016.108013][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1016.113208][ C1] ? futex_wake+0x155/0x490 [ 1016.117709][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1016.123670][ C1] ? lock_downgrade+0x820/0x820 [ 1016.128502][ C1] do_futex+0x15b/0x1a60 [ 1016.133112][ C1] ? lock_acquire+0x1f1/0xad0 [ 1016.137854][ C1] ? __might_fault+0xef/0x1d0 [ 1016.142696][ C1] ? find_held_lock+0x2d/0x110 [ 1016.147463][ C1] ? futex_exit_release+0x220/0x220 [ 1016.153612][ C1] ? lock_downgrade+0x820/0x820 [ 1016.158458][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1016.164864][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1016.169882][ C1] ? __might_fault+0x190/0x1d0 [ 1016.174623][ C1] ? _copy_to_user+0x126/0x160 [ 1016.179368][ C1] __x64_sys_futex+0x378/0x4e0 [ 1016.184127][ C1] ? do_futex+0x1a60/0x1a60 [ 1016.188641][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1016.194255][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1016.199168][ C1] ? do_syscall_64+0x1c/0xe0 [ 1016.203747][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1016.210284][ C1] do_syscall_64+0x60/0xe0 [ 1016.215066][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1016.221285][ C1] RIP: 0033:0x45cb29 [ 1016.225373][ C1] Code: Bad RIP value. [ 1016.229417][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1016.237854][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1016.245932][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1016.253933][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1016.262281][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1016.270410][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1016.278462][ C1] syz-executor.1 S29976 15343 6984 0x00000000 [ 1016.286174][ C1] Call Trace: [ 1016.289464][ C1] __schedule+0x8e1/0x1eb0 [ 1016.293879][ C1] ? io_schedule_timeout+0x140/0x140 [ 1016.299142][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1016.304598][ C1] schedule+0xd0/0x2a0 [ 1016.308665][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1016.313769][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1016.318941][ C1] ? futex_wake+0x1b5/0x490 [ 1016.324028][ C1] ? find_held_lock+0x2d/0x110 [ 1016.329385][ C1] futex_wait+0x1df/0x560 [ 1016.333723][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1016.338760][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1016.343694][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1016.349105][ C1] ? futex_wake+0x155/0x490 [ 1016.353890][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1016.361321][ C1] ? lock_downgrade+0x820/0x820 [ 1016.366220][ C1] do_futex+0x15b/0x1a60 [ 1016.370466][ C1] ? lock_acquire+0x1f1/0xad0 [ 1016.375137][ C1] ? __might_fault+0xef/0x1d0 [ 1016.379822][ C1] ? find_held_lock+0x2d/0x110 [ 1016.385716][ C1] ? futex_exit_release+0x220/0x220 [ 1016.390903][ C1] ? lock_downgrade+0x820/0x820 [ 1016.395995][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1016.402226][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1016.407231][ C1] ? __might_fault+0x190/0x1d0 [ 1016.411972][ C1] ? _copy_to_user+0x126/0x160 [ 1016.416716][ C1] __x64_sys_futex+0x378/0x4e0 [ 1016.421556][ C1] ? do_futex+0x1a60/0x1a60 [ 1016.426060][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1016.431680][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1016.436594][ C1] ? do_syscall_64+0x1c/0xe0 [ 1016.441166][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1016.447138][ C1] do_syscall_64+0x60/0xe0 [ 1016.451532][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1016.457401][ C1] RIP: 0033:0x45cb29 [ 1016.461266][ C1] Code: Bad RIP value. [ 1016.465304][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1016.473728][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1016.481686][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1016.489636][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1016.497584][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1016.505959][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1016.514557][ C1] syz-executor.1 S28384 15351 6984 0x00000000 [ 1016.520996][ C1] Call Trace: [ 1016.524293][ C1] __schedule+0x8e1/0x1eb0 [ 1016.528895][ C1] ? io_schedule_timeout+0x140/0x140 [ 1016.534164][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1016.539952][ C1] schedule+0xd0/0x2a0 [ 1016.544027][ C1] schedule_timeout+0x1d8/0x250 [ 1016.548856][ C1] ? usleep_range+0x170/0x170 [ 1016.553511][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1016.558616][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1016.564402][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1016.570201][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 1016.575819][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1016.581605][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1016.587572][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 1016.593394][ C1] ? skb_free_datagram+0xf0/0xf0 [ 1016.598431][ C1] ? proto_seq_start+0x50/0x50 [ 1016.603180][ C1] ? skb_segment.cold+0x38/0x38 [ 1016.608010][ C1] ? mark_lock+0xbc/0x1710 [ 1016.612415][ C1] __skb_recv_datagram+0x171/0x220 [ 1016.617515][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 1016.623167][ C1] ? mark_lock+0xbc/0x1710 [ 1016.627576][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1016.632493][ C1] skb_recv_datagram+0xa7/0xe0 [ 1016.637235][ C1] ? __skb_recv_datagram+0x220/0x220 [ 1016.642502][ C1] ? aa_sk_perm+0x316/0xaa0 [ 1016.646984][ C1] ? __might_fault+0xef/0x1d0 [ 1016.651643][ C1] raw_recvmsg+0xab/0x550 [ 1016.655969][ C1] ? raw_release+0x890/0x890 [ 1016.661013][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 1016.666470][ C1] ? raw_release+0x890/0x890 [ 1016.671217][ C1] ____sys_recvmsg+0x2c4/0x640 [ 1016.676058][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 1016.682155][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 1016.687777][ C1] ? import_iovec+0x23b/0x3d0 [ 1016.692440][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 1016.697735][ C1] ___sys_recvmsg+0x127/0x200 [ 1016.702413][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 1016.708040][ C1] ? lock_downgrade+0x820/0x820 [ 1016.712885][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1016.717892][ C1] ? __fget_files+0x294/0x400 [ 1016.722577][ C1] ? __fget_light+0xea/0x280 [ 1016.727145][ C1] do_recvmmsg+0x24d/0x6d0 [ 1016.732234][ C1] ? ___sys_recvmsg+0x200/0x200 [ 1016.737500][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1016.743715][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1016.748900][ C1] ? put_timespec64+0xcb/0x120 [ 1016.753691][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 1016.758538][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 1016.763546][ C1] ? __do_sys_socketcall+0x550/0x550 [ 1016.768825][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1016.773742][ C1] ? do_syscall_64+0x1c/0xe0 [ 1016.778310][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1016.784284][ C1] do_syscall_64+0x60/0xe0 [ 1016.788680][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1016.794571][ C1] RIP: 0033:0x45cb29 [ 1016.798446][ C1] Code: Bad RIP value. [ 1016.802691][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1016.811103][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 1016.819082][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 1016.827050][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1016.834995][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1016.843290][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 1016.851548][ C1] syz-executor.1 S29936 15352 15351 0x00000000 [ 1016.857893][ C1] Call Trace: [ 1016.861162][ C1] __schedule+0x8e1/0x1eb0 [ 1016.865560][ C1] ? io_schedule_timeout+0x140/0x140 [ 1016.870826][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1016.876266][ C1] schedule+0xd0/0x2a0 [ 1016.880314][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1016.885415][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1016.890591][ C1] ? futex_wake+0x1b5/0x490 [ 1016.895071][ C1] ? find_held_lock+0x2d/0x110 [ 1016.899813][ C1] futex_wait+0x1df/0x560 [ 1016.904140][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1016.909167][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1016.914181][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1016.919364][ C1] ? futex_wake+0x155/0x490 [ 1016.923877][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1016.929833][ C1] ? lock_downgrade+0x820/0x820 [ 1016.934749][ C1] do_futex+0x15b/0x1a60 [ 1016.938973][ C1] ? lock_acquire+0x1f1/0xad0 [ 1016.943624][ C1] ? __might_fault+0xef/0x1d0 [ 1016.948276][ C1] ? find_held_lock+0x2d/0x110 [ 1016.953025][ C1] ? futex_exit_release+0x220/0x220 [ 1016.958210][ C1] ? lock_downgrade+0x820/0x820 [ 1016.963999][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1016.970340][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1016.975371][ C1] ? __might_fault+0x190/0x1d0 [ 1016.980144][ C1] ? _copy_to_user+0x126/0x160 [ 1016.984888][ C1] __x64_sys_futex+0x378/0x4e0 [ 1016.989634][ C1] ? do_futex+0x1a60/0x1a60 [ 1016.994133][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1016.999753][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1017.004755][ C1] ? do_syscall_64+0x1c/0xe0 [ 1017.009322][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1017.015299][ C1] do_syscall_64+0x60/0xe0 [ 1017.019700][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1017.025835][ C1] RIP: 0033:0x45cb29 [ 1017.029746][ C1] Code: Bad RIP value. [ 1017.033877][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1017.042528][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1017.050479][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1017.058457][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1017.066828][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1017.075109][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1017.083078][ C1] syz-executor.1 S29976 15360 6984 0x00000000 [ 1017.089421][ C1] Call Trace: [ 1017.093870][ C1] __schedule+0x8e1/0x1eb0 [ 1017.098280][ C1] ? io_schedule_timeout+0x140/0x140 [ 1017.103649][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1017.109785][ C1] schedule+0xd0/0x2a0 [ 1017.114473][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1017.121595][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1017.127062][ C1] futex_wait+0x1df/0x560 [ 1017.131374][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1017.136398][ C1] ? mark_lock+0xbc/0x1710 [ 1017.140792][ C1] ? hash_futex+0x12/0x200 [ 1017.145526][ C1] ? futex_wake+0x155/0x490 [ 1017.150039][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1017.155195][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1017.161167][ C1] ? lock_downgrade+0x820/0x820 [ 1017.166753][ C1] do_futex+0x15b/0x1a60 [ 1017.170995][ C1] ? lock_acquire+0x1f1/0xad0 [ 1017.177783][ C1] ? __might_fault+0xef/0x1d0 [ 1017.182571][ C1] ? find_held_lock+0x2d/0x110 [ 1017.187351][ C1] ? futex_exit_release+0x220/0x220 [ 1017.192851][ C1] ? lock_downgrade+0x820/0x820 [ 1017.198096][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1017.204408][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1017.209648][ C1] ? __might_fault+0x190/0x1d0 [ 1017.215291][ C1] ? _copy_to_user+0x126/0x160 [ 1017.220152][ C1] __x64_sys_futex+0x378/0x4e0 [ 1017.225454][ C1] ? do_futex+0x1a60/0x1a60 [ 1017.230140][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1017.235776][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1017.240792][ C1] ? do_syscall_64+0x1c/0xe0 [ 1017.245809][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1017.252048][ C1] do_syscall_64+0x60/0xe0 [ 1017.257282][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1017.263826][ C1] RIP: 0033:0x45cb29 [ 1017.269039][ C1] Code: Bad RIP value. [ 1017.273114][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1017.281602][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1017.289840][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1017.298244][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1017.306216][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1017.314717][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1017.322885][ C1] syz-executor.1 S29976 15378 6984 0x00000000 [ 1017.329384][ C1] Call Trace: [ 1017.332835][ C1] __schedule+0x8e1/0x1eb0 [ 1017.337325][ C1] ? io_schedule_timeout+0x140/0x140 [ 1017.342611][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1017.348395][ C1] schedule+0xd0/0x2a0 [ 1017.352532][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1017.357630][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1017.362897][ C1] futex_wait+0x1df/0x560 [ 1017.367205][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1017.372206][ C1] ? mark_lock+0xbc/0x1710 [ 1017.376866][ C1] ? hash_futex+0x12/0x200 [ 1017.381719][ C1] ? futex_wake+0x155/0x490 [ 1017.386198][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1017.391318][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1017.397554][ C1] ? lock_downgrade+0x820/0x820 [ 1017.403030][ C1] do_futex+0x15b/0x1a60 [ 1017.407442][ C1] ? lock_acquire+0x1f1/0xad0 [ 1017.412094][ C1] ? __might_fault+0xef/0x1d0 [ 1017.416747][ C1] ? find_held_lock+0x2d/0x110 [ 1017.421487][ C1] ? futex_exit_release+0x220/0x220 [ 1017.427921][ C1] ? lock_downgrade+0x820/0x820 [ 1017.432751][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1017.438988][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1017.444231][ C1] ? __might_fault+0x190/0x1d0 [ 1017.449294][ C1] ? _copy_to_user+0x126/0x160 [ 1017.454113][ C1] __x64_sys_futex+0x378/0x4e0 [ 1017.458988][ C1] ? do_futex+0x1a60/0x1a60 [ 1017.463505][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1017.469127][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1017.474062][ C1] ? do_syscall_64+0x1c/0xe0 [ 1017.478653][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1017.484903][ C1] do_syscall_64+0x60/0xe0 [ 1017.489316][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1017.495193][ C1] RIP: 0033:0x45cb29 [ 1017.499065][ C1] Code: Bad RIP value. [ 1017.503106][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1017.511597][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1017.519566][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1017.529222][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1017.537410][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1017.546757][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1017.554796][ C1] syz-executor.1 S29976 15393 6984 0x00000000 [ 1017.562158][ C1] Call Trace: [ 1017.565439][ C1] __schedule+0x8e1/0x1eb0 [ 1017.569855][ C1] ? io_schedule_timeout+0x140/0x140 [ 1017.575139][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1017.580602][ C1] schedule+0xd0/0x2a0 [ 1017.584656][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1017.589747][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1017.594940][ C1] ? futex_wake+0x1b5/0x490 [ 1017.600745][ C1] ? find_held_lock+0x2d/0x110 [ 1017.606955][ C1] futex_wait+0x1df/0x560 [ 1017.611276][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1017.616325][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1017.622033][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1017.627214][ C1] ? futex_wake+0x155/0x490 [ 1017.631704][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1017.637938][ C1] ? lock_downgrade+0x820/0x820 [ 1017.643082][ C1] do_futex+0x15b/0x1a60 [ 1017.647310][ C1] ? lock_acquire+0x1f1/0xad0 [ 1017.652585][ C1] ? __might_fault+0xef/0x1d0 [ 1017.657265][ C1] ? find_held_lock+0x2d/0x110 [ 1017.662015][ C1] ? futex_exit_release+0x220/0x220 [ 1017.667200][ C1] ? lock_downgrade+0x820/0x820 [ 1017.672652][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1017.681593][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1017.686833][ C1] ? __might_fault+0x190/0x1d0 [ 1017.692509][ C1] ? _copy_to_user+0x126/0x160 [ 1017.697272][ C1] __x64_sys_futex+0x378/0x4e0 [ 1017.702033][ C1] ? do_futex+0x1a60/0x1a60 [ 1017.706517][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1017.712154][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1017.717286][ C1] ? do_syscall_64+0x1c/0xe0 [ 1017.722039][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1017.728093][ C1] do_syscall_64+0x60/0xe0 [ 1017.732530][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1017.738455][ C1] RIP: 0033:0x45cb29 [ 1017.742344][ C1] Code: Bad RIP value. [ 1017.746386][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1017.756311][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1017.765755][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1017.773703][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1017.782372][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1017.791876][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1017.799864][ C1] syz-executor.3 S29008 15413 7113 0x00000000 [ 1017.806297][ C1] Call Trace: [ 1017.809571][ C1] __schedule+0x8e1/0x1eb0 [ 1017.814006][ C1] ? io_schedule_timeout+0x140/0x140 [ 1017.819526][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1017.824998][ C1] schedule+0xd0/0x2a0 [ 1017.829073][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1017.834174][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1017.839989][ C1] futex_wait+0x1df/0x560 [ 1017.844871][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1017.850753][ C1] ? wake_up_q+0xa3/0x100 [ 1017.855077][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1017.860462][ C1] ? futex_wake+0x155/0x490 [ 1017.864968][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1017.870924][ C1] ? find_held_lock+0x2d/0x110 [ 1017.875665][ C1] do_futex+0x15b/0x1a60 [ 1017.879893][ C1] ? lock_acquire+0x1f1/0xad0 [ 1017.884546][ C1] ? __might_fault+0xef/0x1d0 [ 1017.889214][ C1] ? find_held_lock+0x2d/0x110 [ 1017.893958][ C1] ? futex_exit_release+0x220/0x220 [ 1017.899236][ C1] ? lock_downgrade+0x820/0x820 [ 1017.904069][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1017.910396][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1017.915404][ C1] ? __might_fault+0x190/0x1d0 [ 1017.920147][ C1] ? _copy_to_user+0x126/0x160 [ 1017.924894][ C1] __x64_sys_futex+0x378/0x4e0 [ 1017.929640][ C1] ? do_futex+0x1a60/0x1a60 [ 1017.934399][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1017.940504][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1017.945985][ C1] ? do_syscall_64+0x1c/0xe0 [ 1017.950560][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1017.956520][ C1] do_syscall_64+0x60/0xe0 [ 1017.960920][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1017.966790][ C1] RIP: 0033:0x45cb29 [ 1017.972463][ C1] Code: Bad RIP value. [ 1017.976594][ C1] RSP: 002b:00007f6514a1ecf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1017.987398][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1017.995355][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1018.003638][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1018.011829][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1018.019928][ C1] R13: 0000000000c9fb6f R14: 00007f6514a1f9c0 R15: 000000000078c04c [ 1018.028216][ C1] syz-executor.1 S29520 15451 6984 0x00000000 [ 1018.034983][ C1] Call Trace: [ 1018.038299][ C1] __schedule+0x8e1/0x1eb0 [ 1018.042932][ C1] ? io_schedule_timeout+0x140/0x140 [ 1018.048200][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1018.053717][ C1] schedule+0xd0/0x2a0 [ 1018.059716][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1018.064817][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1018.070002][ C1] futex_wait+0x1df/0x560 [ 1018.074312][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1018.079317][ C1] ? mark_lock+0xbc/0x1710 [ 1018.083712][ C1] ? hash_futex+0x12/0x200 [ 1018.088116][ C1] ? futex_wake+0x155/0x490 [ 1018.092611][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1018.097917][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1018.103914][ C1] ? lock_downgrade+0x820/0x820 [ 1018.109116][ C1] do_futex+0x15b/0x1a60 [ 1018.113448][ C1] ? lock_acquire+0x1f1/0xad0 [ 1018.118102][ C1] ? __might_fault+0xef/0x1d0 [ 1018.122772][ C1] ? find_held_lock+0x2d/0x110 [ 1018.127520][ C1] ? futex_exit_release+0x220/0x220 [ 1018.132719][ C1] ? lock_downgrade+0x820/0x820 [ 1018.137742][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1018.144057][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1018.149080][ C1] ? __might_fault+0x190/0x1d0 [ 1018.153822][ C1] ? _copy_to_user+0x126/0x160 [ 1018.158852][ C1] __x64_sys_futex+0x378/0x4e0 [ 1018.163743][ C1] ? do_futex+0x1a60/0x1a60 [ 1018.168288][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1018.173936][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1018.178876][ C1] ? do_syscall_64+0x1c/0xe0 [ 1018.183491][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1018.189475][ C1] do_syscall_64+0x60/0xe0 [ 1018.193913][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1018.199994][ C1] RIP: 0033:0x45cb29 [ 1018.204128][ C1] Code: Bad RIP value. [ 1018.208194][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1018.216718][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1018.224676][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1018.232645][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1018.240690][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1018.248656][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1018.256648][ C1] syz-executor.1 S29976 15468 6984 0x00000000 [ 1018.262969][ C1] Call Trace: [ 1018.266261][ C1] __schedule+0x8e1/0x1eb0 [ 1018.270835][ C1] ? io_schedule_timeout+0x140/0x140 [ 1018.276101][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1018.281541][ C1] schedule+0xd0/0x2a0 [ 1018.285591][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1018.290696][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1018.295885][ C1] futex_wait+0x1df/0x560 [ 1018.300203][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1018.305207][ C1] ? hash_futex+0x12/0x200 [ 1018.309600][ C1] ? futex_wake+0x155/0x490 [ 1018.314123][ C1] ? lock_downgrade+0x820/0x820 [ 1018.318956][ C1] do_futex+0x15b/0x1a60 [ 1018.323181][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1018.328370][ C1] ? _raw_spin_unlock+0x24/0x40 [ 1018.333202][ C1] ? do_wp_page+0x16a/0x1950 [ 1018.337772][ C1] ? futex_exit_release+0x220/0x220 [ 1018.342951][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 1018.347954][ C1] ? find_held_lock+0x2d/0x110 [ 1018.352709][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 1018.357882][ C1] ? __up_read+0x1a1/0x7b0 [ 1018.362279][ C1] ? _down_write_nest_lock+0x150/0x150 [ 1018.367742][ C1] __x64_sys_futex+0x378/0x4e0 [ 1018.372498][ C1] ? do_futex+0x1a60/0x1a60 [ 1018.376980][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1018.381908][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1018.386841][ C1] ? do_syscall_64+0x1c/0xe0 [ 1018.391408][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1018.397382][ C1] do_syscall_64+0x60/0xe0 [ 1018.402079][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1018.407960][ C1] RIP: 0033:0x45cb29 [ 1018.411827][ C1] Code: Bad RIP value. [ 1018.416058][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1018.424635][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1018.432715][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1018.441185][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1018.449180][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1018.457435][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1018.465517][ C1] syz-executor.1 S29976 15510 6984 0x00000000 [ 1018.471857][ C1] Call Trace: [ 1018.475141][ C1] __schedule+0x8e1/0x1eb0 [ 1018.479539][ C1] ? io_schedule_timeout+0x140/0x140 [ 1018.484798][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1018.490249][ C1] schedule+0xd0/0x2a0 [ 1018.494297][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1018.499381][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1018.504817][ C1] futex_wait+0x1df/0x560 [ 1018.509139][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1018.514142][ C1] ? mark_lock+0xbc/0x1710 [ 1018.518536][ C1] ? hash_futex+0x12/0x200 [ 1018.522934][ C1] ? futex_wake+0x155/0x490 [ 1018.527424][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1018.532445][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1018.538423][ C1] ? lock_downgrade+0x820/0x820 [ 1018.543264][ C1] do_futex+0x15b/0x1a60 [ 1018.547507][ C1] ? lock_acquire+0x1f1/0xad0 [ 1018.552164][ C1] ? __might_fault+0xef/0x1d0 [ 1018.556838][ C1] ? find_held_lock+0x2d/0x110 [ 1018.561625][ C1] ? futex_exit_release+0x220/0x220 [ 1018.566857][ C1] ? lock_downgrade+0x820/0x820 [ 1018.571722][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1018.577980][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1018.582990][ C1] ? __might_fault+0x190/0x1d0 [ 1018.587733][ C1] ? _copy_to_user+0x126/0x160 [ 1018.592478][ C1] __x64_sys_futex+0x378/0x4e0 [ 1018.597253][ C1] ? do_futex+0x1a60/0x1a60 [ 1018.602055][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1018.607685][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1018.612748][ C1] ? do_syscall_64+0x1c/0xe0 [ 1018.617467][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1018.623452][ C1] do_syscall_64+0x60/0xe0 [ 1018.627875][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1018.633773][ C1] RIP: 0033:0x45cb29 [ 1018.637656][ C1] Code: Bad RIP value. [ 1018.642048][ C1] RSP: 002b:00007f57eae3dcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1018.650804][ C1] RAX: ffffffffffffffda RBX: 000000000078c188 RCX: 000000000045cb29 [ 1018.660179][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c188 [ 1018.668131][ C1] RBP: 000000000078c180 R08: 0000000000000000 R09: 0000000000000000 [ 1018.676081][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c18c [ 1018.684031][ C1] R13: 0000000000c9fb6f R14: 00007f57eae3e9c0 R15: 000000000078c18c [ 1018.692019][ C1] syz-executor.1 S28384 15536 6984 0x00000000 [ 1018.698333][ C1] Call Trace: [ 1018.701609][ C1] __schedule+0x8e1/0x1eb0 [ 1018.706029][ C1] ? io_schedule_timeout+0x140/0x140 [ 1018.711294][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1018.716817][ C1] schedule+0xd0/0x2a0 [ 1018.720905][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1018.726004][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1018.731179][ C1] ? futex_wake+0x1b5/0x490 [ 1018.735674][ C1] ? find_held_lock+0x2d/0x110 [ 1018.740418][ C1] futex_wait+0x1df/0x560 [ 1018.744735][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1018.750174][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1018.755091][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1018.760282][ C1] ? futex_wake+0x155/0x490 [ 1018.764783][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1018.770741][ C1] do_futex+0x15b/0x1a60 [ 1018.774978][ C1] ? lock_acquire+0x1f1/0xad0 [ 1018.779630][ C1] ? __might_fault+0xef/0x1d0 [ 1018.784295][ C1] ? find_held_lock+0x2d/0x110 [ 1018.789040][ C1] ? futex_exit_release+0x220/0x220 [ 1018.794232][ C1] ? lock_downgrade+0x820/0x820 [ 1018.799077][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1018.805294][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1018.810318][ C1] ? __might_fault+0x190/0x1d0 [ 1018.815059][ C1] ? _copy_to_user+0x126/0x160 [ 1018.819912][ C1] __x64_sys_futex+0x378/0x4e0 [ 1018.824664][ C1] ? do_futex+0x1a60/0x1a60 [ 1018.829174][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1018.834802][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1018.839715][ C1] ? do_syscall_64+0x1c/0xe0 [ 1018.844279][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1018.850233][ C1] do_syscall_64+0x60/0xe0 [ 1018.854624][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1018.860503][ C1] RIP: 0033:0x45cb29 [ 1018.864366][ C1] Code: Bad RIP value. [ 1018.868404][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1018.876876][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1018.884822][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1018.892769][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1018.900731][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1018.908684][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1018.916649][ C1] syz-executor.1 S29976 15538 15536 0x00000000 [ 1018.922979][ C1] Call Trace: [ 1018.926250][ C1] __schedule+0x8e1/0x1eb0 [ 1018.930833][ C1] ? io_schedule_timeout+0x140/0x140 [ 1018.936094][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1018.941546][ C1] schedule+0xd0/0x2a0 [ 1018.945591][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1018.950695][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1018.955877][ C1] futex_wait+0x1df/0x560 [ 1018.960200][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1018.965217][ C1] ? mark_lock+0xbc/0x1710 [ 1018.969623][ C1] ? hash_futex+0x12/0x200 [ 1018.974039][ C1] ? futex_wake+0x155/0x490 [ 1018.978539][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1018.983549][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1018.989860][ C1] ? lock_downgrade+0x820/0x820 [ 1018.994699][ C1] do_futex+0x15b/0x1a60 [ 1018.998937][ C1] ? lock_acquire+0x1f1/0xad0 [ 1019.003611][ C1] ? __might_fault+0xef/0x1d0 [ 1019.008636][ C1] ? find_held_lock+0x2d/0x110 [ 1019.013376][ C1] ? futex_exit_release+0x220/0x220 [ 1019.018554][ C1] ? lock_downgrade+0x820/0x820 [ 1019.023393][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1019.029611][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1019.034628][ C1] ? __might_fault+0x190/0x1d0 [ 1019.039376][ C1] ? _copy_to_user+0x126/0x160 [ 1019.044121][ C1] __x64_sys_futex+0x378/0x4e0 [ 1019.048873][ C1] ? do_futex+0x1a60/0x1a60 [ 1019.053352][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1019.058979][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1019.063891][ C1] ? do_syscall_64+0x1c/0xe0 [ 1019.068458][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1019.074418][ C1] do_syscall_64+0x60/0xe0 [ 1019.078818][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1019.084732][ C1] RIP: 0033:0x45cb29 [ 1019.088618][ C1] Code: Bad RIP value. [ 1019.092670][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1019.101080][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1019.109199][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1019.117149][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1019.125098][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1019.133079][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1019.141085][ C1] syz-executor.2 S29976 15546 7107 0x00000000 [ 1019.148041][ C1] Call Trace: [ 1019.151409][ C1] __schedule+0x8e1/0x1eb0 [ 1019.155811][ C1] ? io_schedule_timeout+0x140/0x140 [ 1019.161108][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1019.166557][ C1] schedule+0xd0/0x2a0 [ 1019.170604][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1019.175701][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1019.180900][ C1] ? futex_wake+0x1b5/0x490 [ 1019.185379][ C1] ? find_held_lock+0x2d/0x110 [ 1019.190139][ C1] futex_wait+0x1df/0x560 [ 1019.194451][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1019.199450][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1019.204381][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1019.209560][ C1] ? futex_wake+0x155/0x490 [ 1019.214051][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1019.220007][ C1] ? lock_downgrade+0x820/0x820 [ 1019.224846][ C1] do_futex+0x15b/0x1a60 [ 1019.229085][ C1] ? lock_acquire+0x1f1/0xad0 [ 1019.233739][ C1] ? __might_fault+0xef/0x1d0 [ 1019.238409][ C1] ? find_held_lock+0x2d/0x110 [ 1019.243165][ C1] ? futex_exit_release+0x220/0x220 [ 1019.248341][ C1] ? lock_downgrade+0x820/0x820 [ 1019.253176][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1019.259408][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1019.264414][ C1] ? __might_fault+0x190/0x1d0 [ 1019.269172][ C1] ? _copy_to_user+0x126/0x160 [ 1019.273922][ C1] __x64_sys_futex+0x378/0x4e0 [ 1019.278669][ C1] ? do_futex+0x1a60/0x1a60 [ 1019.283243][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1019.288858][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1019.293781][ C1] ? do_syscall_64+0x1c/0xe0 [ 1019.298350][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1019.304312][ C1] do_syscall_64+0x60/0xe0 [ 1019.308713][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1019.314586][ C1] RIP: 0033:0x45cb29 [ 1019.318453][ C1] Code: Bad RIP value. [ 1019.322503][ C1] RSP: 002b:00007fd4292bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1019.330918][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1019.339219][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1019.347168][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1019.355113][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1019.363098][ C1] R13: 0000000000c9fb6f R14: 00007fd4292be9c0 R15: 000000000078bf0c [ 1019.371101][ C1] syz-executor.1 S29976 15566 15536 0x00000000 [ 1019.378289][ C1] Call Trace: [ 1019.381570][ C1] __schedule+0x8e1/0x1eb0 [ 1019.385973][ C1] ? io_schedule_timeout+0x140/0x140 [ 1019.391237][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1019.396822][ C1] schedule+0xd0/0x2a0 [ 1019.401712][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1019.406816][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1019.412010][ C1] futex_wait+0x1df/0x560 [ 1019.416462][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1019.421474][ C1] ? mark_lock+0xbc/0x1710 [ 1019.425874][ C1] ? hash_futex+0x12/0x200 [ 1019.430275][ C1] ? futex_wake+0x155/0x490 [ 1019.434785][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1019.439798][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1019.445761][ C1] do_futex+0x15b/0x1a60 [ 1019.450002][ C1] ? lock_acquire+0x1f1/0xad0 [ 1019.454657][ C1] ? __might_fault+0xef/0x1d0 [ 1019.459861][ C1] ? find_held_lock+0x2d/0x110 [ 1019.464615][ C1] ? futex_exit_release+0x220/0x220 [ 1019.469808][ C1] ? lock_downgrade+0x820/0x820 [ 1019.474651][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1019.480892][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1019.485926][ C1] ? __might_fault+0x190/0x1d0 [ 1019.490669][ C1] ? _copy_to_user+0x126/0x160 [ 1019.495420][ C1] __x64_sys_futex+0x378/0x4e0 [ 1019.500169][ C1] ? do_futex+0x1a60/0x1a60 [ 1019.504894][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1019.510548][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1019.515539][ C1] ? do_syscall_64+0x1c/0xe0 [ 1019.520194][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1019.526171][ C1] do_syscall_64+0x60/0xe0 [ 1019.530592][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1019.536470][ C1] RIP: 0033:0x45cb29 [ 1019.540358][ C1] Code: Bad RIP value. [ 1019.544397][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1019.552796][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1019.560759][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1019.568809][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1019.576765][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1019.584729][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1019.592709][ C1] syz-executor.1 S29728 15580 6984 0x00000000 [ 1019.599048][ C1] Call Trace: [ 1019.602322][ C1] __schedule+0x8e1/0x1eb0 [ 1019.606723][ C1] ? io_schedule_timeout+0x140/0x140 [ 1019.612001][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1019.617440][ C1] schedule+0xd0/0x2a0 [ 1019.621485][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1019.626570][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1019.631742][ C1] ? find_held_lock+0x2d/0x110 [ 1019.636504][ C1] futex_wait+0x1df/0x560 [ 1019.640829][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1019.645833][ C1] ? mark_lock+0xbc/0x1710 [ 1019.650312][ C1] ? hash_futex+0x12/0x200 [ 1019.654700][ C1] ? futex_wake+0x155/0x490 [ 1019.659176][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1019.669076][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1019.675129][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1019.680920][ C1] do_futex+0x15b/0x1a60 [ 1019.685145][ C1] ? lock_acquire+0x1f1/0xad0 [ 1019.689806][ C1] ? __might_fault+0xef/0x1d0 [ 1019.694476][ C1] ? find_held_lock+0x2d/0x110 [ 1019.699217][ C1] ? futex_exit_release+0x220/0x220 [ 1019.704393][ C1] ? lock_downgrade+0x820/0x820 [ 1019.709220][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1019.715464][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1019.720478][ C1] ? __might_fault+0x190/0x1d0 [ 1019.725222][ C1] ? _copy_to_user+0x126/0x160 [ 1019.729965][ C1] __x64_sys_futex+0x378/0x4e0 [ 1019.734715][ C1] ? do_futex+0x1a60/0x1a60 [ 1019.739209][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1019.744846][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1019.749782][ C1] ? do_syscall_64+0x1c/0xe0 [ 1019.754478][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1019.760473][ C1] do_syscall_64+0x60/0xe0 [ 1019.764876][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1019.770754][ C1] RIP: 0033:0x45cb29 [ 1019.774727][ C1] Code: Bad RIP value. [ 1019.778783][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1019.787177][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1019.795131][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1019.803084][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1019.811036][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1019.819011][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1019.827073][ C1] syz-executor.1 S29976 15582 6984 0x00000000 [ 1019.833412][ C1] Call Trace: [ 1019.836705][ C1] __schedule+0x8e1/0x1eb0 [ 1019.841104][ C1] ? io_schedule_timeout+0x140/0x140 [ 1019.846365][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1019.851811][ C1] schedule+0xd0/0x2a0 [ 1019.856050][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1019.861158][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1019.866345][ C1] futex_wait+0x1df/0x560 [ 1019.870655][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1019.875657][ C1] ? mark_lock+0xbc/0x1710 [ 1019.880050][ C1] ? hash_futex+0x12/0x200 [ 1019.884444][ C1] ? futex_wake+0x155/0x490 [ 1019.888923][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1019.893934][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1019.899891][ C1] ? lock_downgrade+0x820/0x820 [ 1019.904718][ C1] do_futex+0x15b/0x1a60 [ 1019.908941][ C1] ? lock_acquire+0x1f1/0xad0 [ 1019.913617][ C1] ? __might_fault+0xef/0x1d0 [ 1019.918816][ C1] ? find_held_lock+0x2d/0x110 [ 1019.923571][ C1] ? futex_exit_release+0x220/0x220 [ 1019.928749][ C1] ? lock_downgrade+0x820/0x820 [ 1019.933589][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1019.939806][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1019.944811][ C1] ? __might_fault+0x190/0x1d0 [ 1019.949564][ C1] ? _copy_to_user+0x126/0x160 [ 1019.954399][ C1] __x64_sys_futex+0x378/0x4e0 [ 1019.959141][ C1] ? do_futex+0x1a60/0x1a60 [ 1019.963618][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1019.969227][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1019.974146][ C1] ? do_syscall_64+0x1c/0xe0 [ 1019.979754][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1019.985708][ C1] do_syscall_64+0x60/0xe0 [ 1019.990102][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1019.995972][ C1] RIP: 0033:0x45cb29 [ 1019.999843][ C1] Code: Bad RIP value. [ 1020.003883][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1020.012269][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1020.020306][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1020.028256][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1020.036216][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1020.044165][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1020.052145][ C1] syz-executor.1 S29976 15588 6984 0x00000000 [ 1020.058455][ C1] Call Trace: [ 1020.061725][ C1] __schedule+0x8e1/0x1eb0 [ 1020.066121][ C1] ? io_schedule_timeout+0x140/0x140 [ 1020.071390][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1020.076830][ C1] schedule+0xd0/0x2a0 [ 1020.080876][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1020.085975][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1020.091161][ C1] ? futex_wake+0x1b5/0x490 [ 1020.095656][ C1] ? find_held_lock+0x2d/0x110 [ 1020.100397][ C1] futex_wait+0x1df/0x560 [ 1020.104708][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1020.109710][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1020.114631][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1020.119806][ C1] ? futex_wake+0x155/0x490 [ 1020.124311][ C1] ? lock_downgrade+0x820/0x820 [ 1020.129150][ C1] do_futex+0x15b/0x1a60 [ 1020.133371][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1020.138549][ C1] ? _raw_spin_unlock+0x24/0x40 [ 1020.143374][ C1] ? do_wp_page+0x16a/0x1950 [ 1020.148089][ C1] ? futex_exit_release+0x220/0x220 [ 1020.153557][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 1020.158562][ C1] ? find_held_lock+0x2d/0x110 [ 1020.163305][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 1020.168678][ C1] ? __up_read+0x1a1/0x7b0 [ 1020.173080][ C1] ? _down_write_nest_lock+0x150/0x150 [ 1020.178540][ C1] __x64_sys_futex+0x378/0x4e0 [ 1020.183288][ C1] ? do_futex+0x1a60/0x1a60 [ 1020.187771][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1020.193361][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1020.198289][ C1] ? do_syscall_64+0x1c/0xe0 [ 1020.202866][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1020.208984][ C1] do_syscall_64+0x60/0xe0 [ 1020.213388][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1020.219263][ C1] RIP: 0033:0x45cb29 [ 1020.223136][ C1] Code: Bad RIP value. [ 1020.227195][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1020.235808][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1020.243982][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1020.252032][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1020.260255][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1020.268217][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1020.276214][ C1] syz-executor.1 S28928 15601 6984 0x00000000 [ 1020.282538][ C1] Call Trace: [ 1020.285819][ C1] __schedule+0x8e1/0x1eb0 [ 1020.290224][ C1] ? io_schedule_timeout+0x140/0x140 [ 1020.295505][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1020.300944][ C1] schedule+0xd0/0x2a0 [ 1020.304989][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1020.310079][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1020.315327][ C1] ? futex_wake+0x1b5/0x490 [ 1020.319830][ C1] ? find_held_lock+0x2d/0x110 [ 1020.324593][ C1] futex_wait+0x1df/0x560 [ 1020.328922][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1020.333930][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1020.338861][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1020.344040][ C1] ? futex_wake+0x155/0x490 [ 1020.348530][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1020.354486][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1020.360354][ C1] do_futex+0x15b/0x1a60 [ 1020.364590][ C1] ? lock_acquire+0x1f1/0xad0 [ 1020.369245][ C1] ? __might_fault+0xef/0x1d0 [ 1020.373897][ C1] ? find_held_lock+0x2d/0x110 [ 1020.378639][ C1] ? futex_exit_release+0x220/0x220 [ 1020.383817][ C1] ? lock_downgrade+0x820/0x820 [ 1020.388642][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1020.394861][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1020.399952][ C1] ? __might_fault+0x190/0x1d0 [ 1020.404965][ C1] ? _copy_to_user+0x126/0x160 [ 1020.409717][ C1] __x64_sys_futex+0x378/0x4e0 [ 1020.414460][ C1] ? do_futex+0x1a60/0x1a60 [ 1020.418940][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1020.425277][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1020.430216][ C1] ? do_syscall_64+0x1c/0xe0 [ 1020.434798][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1020.440758][ C1] do_syscall_64+0x60/0xe0 [ 1020.445156][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1020.451110][ C1] RIP: 0033:0x45cb29 [ 1020.454991][ C1] Code: Bad RIP value. [ 1020.459031][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1020.467418][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1020.475368][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1020.483337][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1020.491288][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1020.499288][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1020.507657][ C1] syz-executor.1 S29976 15604 15601 0x00000000 [ 1020.514103][ C1] Call Trace: [ 1020.517389][ C1] __schedule+0x8e1/0x1eb0 [ 1020.521810][ C1] ? io_schedule_timeout+0x140/0x140 [ 1020.527205][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1020.532668][ C1] schedule+0xd0/0x2a0 [ 1020.536731][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1020.542354][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1020.547540][ C1] futex_wait+0x1df/0x560 [ 1020.551940][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1020.557205][ C1] ? mark_lock+0xbc/0x1710 [ 1020.561685][ C1] ? hash_futex+0x12/0x200 [ 1020.566093][ C1] ? futex_wake+0x155/0x490 [ 1020.570574][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1020.575594][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1020.581552][ C1] ? lock_downgrade+0x820/0x820 [ 1020.586384][ C1] do_futex+0x15b/0x1a60 [ 1020.590611][ C1] ? lock_acquire+0x1f1/0xad0 [ 1020.595267][ C1] ? __might_fault+0xef/0x1d0 [ 1020.600101][ C1] ? find_held_lock+0x2d/0x110 [ 1020.604865][ C1] ? futex_exit_release+0x220/0x220 [ 1020.610060][ C1] ? lock_downgrade+0x820/0x820 [ 1020.614953][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1020.621556][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1020.626580][ C1] ? __might_fault+0x190/0x1d0 [ 1020.631383][ C1] ? _copy_to_user+0x126/0x160 [ 1020.637157][ C1] __x64_sys_futex+0x378/0x4e0 [ 1020.641909][ C1] ? do_futex+0x1a60/0x1a60 [ 1020.646579][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1020.652191][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1020.657108][ C1] ? do_syscall_64+0x1c/0xe0 [ 1020.661859][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1020.667860][ C1] do_syscall_64+0x60/0xe0 [ 1020.672440][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1020.678309][ C1] RIP: 0033:0x45cb29 [ 1020.682174][ C1] Code: Bad RIP value. [ 1020.686219][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1020.694602][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1020.702547][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1020.710496][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1020.718446][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1020.726406][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1020.734370][ C1] syz-executor.1 S29976 15613 6984 0x00000000 [ 1020.740796][ C1] Call Trace: [ 1020.744077][ C1] __schedule+0x8e1/0x1eb0 [ 1020.748475][ C1] ? io_schedule_timeout+0x140/0x140 [ 1020.754346][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1020.759787][ C1] schedule+0xd0/0x2a0 [ 1020.763850][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1020.768946][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1020.774121][ C1] ? futex_wake+0x1b5/0x490 [ 1020.778639][ C1] ? find_held_lock+0x2d/0x110 [ 1020.783498][ C1] futex_wait+0x1df/0x560 [ 1020.787835][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1020.793225][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1020.798152][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1020.803444][ C1] ? futex_wake+0x155/0x490 [ 1020.807948][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1020.813904][ C1] ? lock_downgrade+0x820/0x820 [ 1020.818750][ C1] do_futex+0x15b/0x1a60 [ 1020.822974][ C1] ? lock_acquire+0x1f1/0xad0 [ 1020.827632][ C1] ? __might_fault+0xef/0x1d0 [ 1020.832285][ C1] ? find_held_lock+0x2d/0x110 [ 1020.837043][ C1] ? futex_exit_release+0x220/0x220 [ 1020.842233][ C1] ? lock_downgrade+0x820/0x820 [ 1020.847067][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1020.853383][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1020.858830][ C1] ? __might_fault+0x190/0x1d0 [ 1020.863570][ C1] ? _copy_to_user+0x126/0x160 [ 1020.868314][ C1] __x64_sys_futex+0x378/0x4e0 [ 1020.873072][ C1] ? do_futex+0x1a60/0x1a60 [ 1020.877575][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1020.883305][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1020.888573][ C1] ? do_syscall_64+0x1c/0xe0 [ 1020.893147][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1020.899187][ C1] do_syscall_64+0x60/0xe0 [ 1020.903618][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1020.909503][ C1] RIP: 0033:0x45cb29 [ 1020.913559][ C1] Code: Bad RIP value. [ 1020.917734][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1020.926142][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1020.934101][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1020.942140][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1020.950885][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1020.959426][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1020.967533][ C1] syz-executor.1 S28928 15630 6984 0x00000000 [ 1020.973873][ C1] Call Trace: [ 1020.977161][ C1] __schedule+0x8e1/0x1eb0 [ 1020.981573][ C1] ? io_schedule_timeout+0x140/0x140 [ 1020.987010][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1020.992510][ C1] schedule+0xd0/0x2a0 [ 1020.996584][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1021.001768][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1021.007003][ C1] ? futex_wake+0x1b5/0x490 [ 1021.011769][ C1] ? find_held_lock+0x2d/0x110 [ 1021.016538][ C1] futex_wait+0x1df/0x560 [ 1021.020909][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1021.025917][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1021.030852][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1021.036033][ C1] ? futex_wake+0x155/0x490 [ 1021.040525][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1021.046496][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1021.052322][ C1] do_futex+0x15b/0x1a60 [ 1021.057173][ C1] ? lock_acquire+0x1f1/0xad0 [ 1021.062051][ C1] ? __might_fault+0xef/0x1d0 [ 1021.066855][ C1] ? find_held_lock+0x2d/0x110 [ 1021.071628][ C1] ? futex_exit_release+0x220/0x220 [ 1021.076810][ C1] ? lock_downgrade+0x820/0x820 [ 1021.081680][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1021.087934][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1021.092960][ C1] ? __might_fault+0x190/0x1d0 [ 1021.098342][ C1] ? _copy_to_user+0x126/0x160 [ 1021.103165][ C1] __x64_sys_futex+0x378/0x4e0 [ 1021.109119][ C1] ? do_futex+0x1a60/0x1a60 [ 1021.113609][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1021.119222][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1021.124136][ C1] ? do_syscall_64+0x1c/0xe0 [ 1021.129126][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1021.135289][ C1] do_syscall_64+0x60/0xe0 [ 1021.139689][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1021.145560][ C1] RIP: 0033:0x45cb29 [ 1021.149478][ C1] Code: Bad RIP value. [ 1021.153674][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1021.162204][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1021.170238][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1021.178309][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1021.186290][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1021.194242][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1021.202222][ C1] syz-executor.1 S29976 15636 15630 0x00000000 [ 1021.209308][ C1] Call Trace: [ 1021.212802][ C1] __schedule+0x8e1/0x1eb0 [ 1021.217334][ C1] ? io_schedule_timeout+0x140/0x140 [ 1021.223212][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1021.228669][ C1] schedule+0xd0/0x2a0 [ 1021.233044][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1021.238522][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1021.243705][ C1] ? futex_wake+0x1b5/0x490 [ 1021.248189][ C1] ? find_held_lock+0x2d/0x110 [ 1021.253928][ C1] futex_wait+0x1df/0x560 [ 1021.258609][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1021.263646][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1021.269145][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1021.275988][ C1] ? futex_wake+0x155/0x490 [ 1021.280687][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1021.286841][ C1] ? lock_downgrade+0x820/0x820 [ 1021.291697][ C1] do_futex+0x15b/0x1a60 [ 1021.295933][ C1] ? lock_acquire+0x1f1/0xad0 [ 1021.300591][ C1] ? __might_fault+0xef/0x1d0 [ 1021.306287][ C1] ? find_held_lock+0x2d/0x110 [ 1021.311196][ C1] ? futex_exit_release+0x220/0x220 [ 1021.316655][ C1] ? lock_downgrade+0x820/0x820 [ 1021.321687][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1021.327928][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1021.333089][ C1] ? __might_fault+0x190/0x1d0 [ 1021.337931][ C1] ? _copy_to_user+0x126/0x160 [ 1021.342815][ C1] __x64_sys_futex+0x378/0x4e0 [ 1021.348013][ C1] ? do_futex+0x1a60/0x1a60 [ 1021.352493][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1021.358406][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1021.364959][ C1] ? do_syscall_64+0x1c/0xe0 [ 1021.369572][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1021.385113][ C1] do_syscall_64+0x60/0xe0 [ 1021.389517][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1021.395599][ C1] RIP: 0033:0x45cb29 [ 1021.399495][ C1] Code: Bad RIP value. [ 1021.403727][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1021.412167][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1021.420385][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1021.428348][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1021.436663][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1021.444678][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1021.453357][ C1] syz-executor.1 S29976 15657 6984 0x00000000 [ 1021.459772][ C1] Call Trace: [ 1021.463251][ C1] __schedule+0x8e1/0x1eb0 [ 1021.467801][ C1] ? io_schedule_timeout+0x140/0x140 [ 1021.473161][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1021.478775][ C1] schedule+0xd0/0x2a0 [ 1021.482878][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1021.487977][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1021.493170][ C1] ? futex_wake+0x1b5/0x490 [ 1021.497823][ C1] ? find_held_lock+0x2d/0x110 [ 1021.502705][ C1] futex_wait+0x1df/0x560 [ 1021.507215][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1021.512233][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1021.517157][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1021.522334][ C1] ? futex_wake+0x155/0x490 [ 1021.526847][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1021.532820][ C1] ? lock_downgrade+0x820/0x820 [ 1021.537815][ C1] do_futex+0x15b/0x1a60 [ 1021.542256][ C1] ? lock_acquire+0x1f1/0xad0 [ 1021.546923][ C1] ? __might_fault+0xef/0x1d0 [ 1021.551772][ C1] ? find_held_lock+0x2d/0x110 [ 1021.556540][ C1] ? futex_exit_release+0x220/0x220 [ 1021.561744][ C1] ? lock_downgrade+0x820/0x820 [ 1021.566583][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1021.572834][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1021.577846][ C1] ? __might_fault+0x190/0x1d0 [ 1021.582591][ C1] ? _copy_to_user+0x126/0x160 [ 1021.587340][ C1] __x64_sys_futex+0x378/0x4e0 [ 1021.592099][ C1] ? do_futex+0x1a60/0x1a60 [ 1021.596601][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1021.602250][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1021.607273][ C1] ? do_syscall_64+0x1c/0xe0 [ 1021.611886][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1021.619247][ C1] do_syscall_64+0x60/0xe0 [ 1021.623810][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1021.629704][ C1] RIP: 0033:0x45cb29 [ 1021.633574][ C1] Code: Bad RIP value. [ 1021.637637][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1021.646033][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1021.653996][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1021.662148][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1021.670381][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1021.678429][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1021.686490][ C1] syz-executor.1 S28704 15668 6984 0x00000000 [ 1021.693143][ C1] Call Trace: [ 1021.696816][ C1] __schedule+0x8e1/0x1eb0 [ 1021.701236][ C1] ? io_schedule_timeout+0x140/0x140 [ 1021.706507][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1021.712311][ C1] schedule+0xd0/0x2a0 [ 1021.716360][ C1] schedule_timeout+0x1d8/0x250 [ 1021.721186][ C1] ? usleep_range+0x170/0x170 [ 1021.725850][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1021.730945][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1021.736758][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1021.742548][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 1021.748174][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1021.753972][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1021.759936][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 1021.765823][ C1] ? skb_free_datagram+0xf0/0xf0 [ 1021.770745][ C1] ? proto_seq_start+0x50/0x50 [ 1021.775514][ C1] ? skb_segment.cold+0x38/0x38 [ 1021.780605][ C1] ? mark_lock+0xbc/0x1710 [ 1021.785002][ C1] __skb_recv_datagram+0x171/0x220 [ 1021.790712][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 1021.796346][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 1021.801450][ C1] ? __schedule+0x887/0x1eb0 [ 1021.806024][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1021.810942][ C1] skb_recv_datagram+0xa7/0xe0 [ 1021.815695][ C1] ? __skb_recv_datagram+0x220/0x220 [ 1021.820973][ C1] ? aa_sk_perm+0x316/0xaa0 [ 1021.825563][ C1] ? __might_fault+0xef/0x1d0 [ 1021.830245][ C1] raw_recvmsg+0xab/0x550 [ 1021.834575][ C1] ? raw_release+0x890/0x890 [ 1021.839149][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 1021.844581][ C1] ? raw_release+0x890/0x890 [ 1021.849160][ C1] ____sys_recvmsg+0x2c4/0x640 [ 1021.853906][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 1021.859812][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 1021.865747][ C1] ? import_iovec+0x23b/0x3d0 [ 1021.870415][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 1021.875688][ C1] ___sys_recvmsg+0x127/0x200 [ 1021.880345][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 1021.885955][ C1] ? lock_downgrade+0x820/0x820 [ 1021.890782][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1021.895813][ C1] ? __fget_files+0x294/0x400 [ 1021.900469][ C1] ? __fget_light+0xea/0x280 [ 1021.905049][ C1] do_recvmmsg+0x24d/0x6d0 [ 1021.909467][ C1] ? ___sys_recvmsg+0x200/0x200 [ 1021.914315][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1021.920544][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1021.925579][ C1] ? put_timespec64+0xcb/0x120 [ 1021.930394][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 1021.935232][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 1021.940333][ C1] ? __do_sys_socketcall+0x550/0x550 [ 1021.945595][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1021.950507][ C1] ? do_syscall_64+0x1c/0xe0 [ 1021.955185][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1021.961180][ C1] do_syscall_64+0x60/0xe0 [ 1021.965669][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1021.971549][ C1] RIP: 0033:0x45cb29 [ 1021.975411][ C1] Code: Bad RIP value. [ 1021.979449][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1021.987922][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 1021.995869][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 1022.003868][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1022.011845][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1022.019801][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 1022.027764][ C1] syz-executor.1 S29976 15671 15668 0x00000000 [ 1022.034336][ C1] Call Trace: [ 1022.037607][ C1] __schedule+0x8e1/0x1eb0 [ 1022.042003][ C1] ? io_schedule_timeout+0x140/0x140 [ 1022.047262][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1022.052802][ C1] schedule+0xd0/0x2a0 [ 1022.056882][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1022.062205][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1022.067422][ C1] ? futex_wake+0x1b5/0x490 [ 1022.072001][ C1] ? find_held_lock+0x2d/0x110 [ 1022.076993][ C1] futex_wait+0x1df/0x560 [ 1022.081403][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1022.086640][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1022.091564][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1022.096752][ C1] ? futex_wake+0x155/0x490 [ 1022.101241][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1022.107193][ C1] ? lock_downgrade+0x820/0x820 [ 1022.112022][ C1] do_futex+0x15b/0x1a60 [ 1022.116247][ C1] ? lock_acquire+0x1f1/0xad0 [ 1022.120902][ C1] ? __might_fault+0xef/0x1d0 [ 1022.125553][ C1] ? find_held_lock+0x2d/0x110 [ 1022.130309][ C1] ? futex_exit_release+0x220/0x220 [ 1022.135497][ C1] ? lock_downgrade+0x820/0x820 [ 1022.140324][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1022.146562][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1022.153323][ C1] ? __might_fault+0x190/0x1d0 [ 1022.158067][ C1] ? _copy_to_user+0x126/0x160 [ 1022.162814][ C1] __x64_sys_futex+0x378/0x4e0 [ 1022.167563][ C1] ? do_futex+0x1a60/0x1a60 [ 1022.172060][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1022.177856][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1022.182771][ C1] ? do_syscall_64+0x1c/0xe0 [ 1022.187374][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1022.193419][ C1] do_syscall_64+0x60/0xe0 [ 1022.197816][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1022.203697][ C1] RIP: 0033:0x45cb29 [ 1022.207563][ C1] Code: Bad RIP value. [ 1022.211604][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1022.220173][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1022.228141][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1022.236615][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1022.244760][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1022.252733][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1022.260704][ C1] syz-executor.1 S29976 15687 6984 0x00000000 [ 1022.267039][ C1] Call Trace: [ 1022.270485][ C1] __schedule+0x8e1/0x1eb0 [ 1022.274881][ C1] ? io_schedule_timeout+0x140/0x140 [ 1022.280151][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1022.285601][ C1] schedule+0xd0/0x2a0 [ 1022.289683][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1022.294799][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1022.305124][ C1] ? futex_wake+0x1b5/0x490 [ 1022.309621][ C1] ? find_held_lock+0x2d/0x110 [ 1022.314377][ C1] futex_wait+0x1df/0x560 [ 1022.319034][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1022.324032][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1022.329035][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1022.334223][ C1] ? futex_wake+0x155/0x490 [ 1022.338759][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1022.345115][ C1] ? lock_downgrade+0x820/0x820 [ 1022.349948][ C1] do_futex+0x15b/0x1a60 [ 1022.354274][ C1] ? lock_acquire+0x1f1/0xad0 [ 1022.358962][ C1] ? __might_fault+0xef/0x1d0 [ 1022.363645][ C1] ? find_held_lock+0x2d/0x110 [ 1022.368392][ C1] ? futex_exit_release+0x220/0x220 [ 1022.373583][ C1] ? lock_downgrade+0x820/0x820 [ 1022.378418][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1022.384953][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1022.389982][ C1] ? __might_fault+0x190/0x1d0 [ 1022.394862][ C1] ? _copy_to_user+0x126/0x160 [ 1022.399631][ C1] __x64_sys_futex+0x378/0x4e0 [ 1022.404486][ C1] ? do_futex+0x1a60/0x1a60 [ 1022.409172][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1022.415312][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1022.420236][ C1] ? do_syscall_64+0x1c/0xe0 [ 1022.424892][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1022.430938][ C1] do_syscall_64+0x60/0xe0 [ 1022.436485][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1022.442711][ C1] RIP: 0033:0x45cb29 [ 1022.446587][ C1] Code: Bad RIP value. [ 1022.450643][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1022.459806][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1022.468123][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1022.476114][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1022.484376][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1022.492332][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1022.500295][ C1] syz-executor.1 S28928 15699 6984 0x00000000 [ 1022.506995][ C1] Call Trace: [ 1022.510283][ C1] __schedule+0x8e1/0x1eb0 [ 1022.514680][ C1] ? io_schedule_timeout+0x140/0x140 [ 1022.519969][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1022.525419][ C1] schedule+0xd0/0x2a0 [ 1022.529467][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1022.534571][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1022.539769][ C1] ? futex_wake+0x1b5/0x490 [ 1022.544262][ C1] ? find_held_lock+0x2d/0x110 [ 1022.549013][ C1] futex_wait+0x1df/0x560 [ 1022.553332][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1022.558329][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1022.563255][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1022.568431][ C1] ? futex_wake+0x155/0x490 [ 1022.572926][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1022.578883][ C1] do_futex+0x15b/0x1a60 [ 1022.583133][ C1] ? lock_acquire+0x1f1/0xad0 [ 1022.587974][ C1] ? __might_fault+0xef/0x1d0 [ 1022.592631][ C1] ? find_held_lock+0x2d/0x110 [ 1022.597370][ C1] ? futex_exit_release+0x220/0x220 [ 1022.602545][ C1] ? lock_downgrade+0x820/0x820 [ 1022.607387][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1022.613604][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1022.618610][ C1] ? __might_fault+0x190/0x1d0 [ 1022.623354][ C1] ? _copy_to_user+0x126/0x160 [ 1022.628098][ C1] __x64_sys_futex+0x378/0x4e0 [ 1022.632846][ C1] ? do_futex+0x1a60/0x1a60 [ 1022.637326][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1022.642948][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1022.647871][ C1] ? do_syscall_64+0x1c/0xe0 [ 1022.652437][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1022.658394][ C1] do_syscall_64+0x60/0xe0 [ 1022.663081][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1022.669057][ C1] RIP: 0033:0x45cb29 [ 1022.672932][ C1] Code: Bad RIP value. [ 1022.677005][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1022.685392][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1022.695523][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1022.703475][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1022.711432][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1022.719379][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1022.727340][ C1] syz-executor.1 S29976 15700 15699 0x00000000 [ 1022.733666][ C1] Call Trace: [ 1022.736961][ C1] __schedule+0x8e1/0x1eb0 [ 1022.741362][ C1] ? io_schedule_timeout+0x140/0x140 [ 1022.746735][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1022.752184][ C1] schedule+0xd0/0x2a0 [ 1022.756429][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1022.761611][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1022.766831][ C1] ? futex_wake+0x1b5/0x490 [ 1022.771369][ C1] ? find_held_lock+0x2d/0x110 [ 1022.776111][ C1] futex_wait+0x1df/0x560 [ 1022.780419][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1022.785424][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1022.790361][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1022.795565][ C1] ? futex_wake+0x155/0x490 [ 1022.800825][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1022.806813][ C1] ? lock_downgrade+0x820/0x820 [ 1022.811737][ C1] do_futex+0x15b/0x1a60 [ 1022.815963][ C1] ? lock_acquire+0x1f1/0xad0 [ 1022.820628][ C1] ? __might_fault+0xef/0x1d0 [ 1022.825368][ C1] ? find_held_lock+0x2d/0x110 [ 1022.830222][ C1] ? futex_exit_release+0x220/0x220 [ 1022.835412][ C1] ? lock_downgrade+0x820/0x820 [ 1022.840253][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1022.846470][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1022.851475][ C1] ? __might_fault+0x190/0x1d0 [ 1022.856345][ C1] ? _copy_to_user+0x126/0x160 [ 1022.861100][ C1] __x64_sys_futex+0x378/0x4e0 [ 1022.865849][ C1] ? do_futex+0x1a60/0x1a60 [ 1022.870333][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1022.875943][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1022.880889][ C1] ? do_syscall_64+0x1c/0xe0 [ 1022.885503][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1022.891478][ C1] do_syscall_64+0x60/0xe0 [ 1022.895895][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1022.901776][ C1] RIP: 0033:0x45cb29 [ 1022.905645][ C1] Code: Bad RIP value. [ 1022.909699][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1022.918096][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1022.926045][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1022.934009][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1022.941971][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1022.949921][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1022.957887][ C1] syz-executor.1 S29976 15710 15699 0x00000000 [ 1022.964200][ C1] Call Trace: [ 1022.967473][ C1] __schedule+0x8e1/0x1eb0 [ 1022.971874][ C1] ? io_schedule_timeout+0x140/0x140 [ 1022.977152][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1022.982606][ C1] schedule+0xd0/0x2a0 [ 1022.986741][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1022.991831][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1022.997002][ C1] ? futex_wake+0x1b5/0x490 [ 1023.001508][ C1] ? find_held_lock+0x2d/0x110 [ 1023.006252][ C1] futex_wait+0x1df/0x560 [ 1023.010561][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1023.015563][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1023.021560][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1023.026757][ C1] ? futex_wake+0x155/0x490 [ 1023.031261][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1023.037216][ C1] ? lock_downgrade+0x820/0x820 [ 1023.042070][ C1] do_futex+0x15b/0x1a60 [ 1023.046318][ C1] ? lock_acquire+0x1f1/0xad0 [ 1023.050982][ C1] ? __might_fault+0xef/0x1d0 [ 1023.055636][ C1] ? find_held_lock+0x2d/0x110 [ 1023.060381][ C1] ? futex_exit_release+0x220/0x220 [ 1023.065561][ C1] ? lock_downgrade+0x820/0x820 [ 1023.070416][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1023.076648][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1023.081652][ C1] ? __might_fault+0x190/0x1d0 [ 1023.086399][ C1] ? _copy_to_user+0x126/0x160 [ 1023.091228][ C1] __x64_sys_futex+0x378/0x4e0 [ 1023.095972][ C1] ? do_futex+0x1a60/0x1a60 [ 1023.100550][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1023.106176][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1023.111095][ C1] ? do_syscall_64+0x1c/0xe0 [ 1023.115693][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1023.121657][ C1] do_syscall_64+0x60/0xe0 [ 1023.126091][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1023.131962][ C1] RIP: 0033:0x45cb29 [ 1023.136131][ C1] Code: Bad RIP value. [ 1023.140539][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1023.149046][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1023.157208][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1023.166430][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1023.174474][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1023.182530][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1023.190508][ C1] syz-executor.1 S28384 15730 6984 0x00000000 [ 1023.196849][ C1] Call Trace: [ 1023.200144][ C1] __schedule+0x8e1/0x1eb0 [ 1023.204549][ C1] ? io_schedule_timeout+0x140/0x140 [ 1023.209815][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1023.215602][ C1] schedule+0xd0/0x2a0 [ 1023.219739][ C1] schedule_timeout+0x1d8/0x250 [ 1023.224980][ C1] ? usleep_range+0x170/0x170 [ 1023.230835][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1023.235960][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1023.241754][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1023.247538][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 1023.253234][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1023.259216][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1023.265304][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 1023.271312][ C1] ? skb_free_datagram+0xf0/0xf0 [ 1023.276950][ C1] ? proto_seq_start+0x50/0x50 [ 1023.281735][ C1] ? skb_segment.cold+0x38/0x38 [ 1023.286604][ C1] ? mark_lock+0xbc/0x1710 [ 1023.291112][ C1] __skb_recv_datagram+0x171/0x220 [ 1023.296356][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 1023.302165][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 1023.307596][ C1] ? __schedule+0x887/0x1eb0 [ 1023.312554][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1023.317490][ C1] skb_recv_datagram+0xa7/0xe0 [ 1023.322359][ C1] ? __skb_recv_datagram+0x220/0x220 [ 1023.327674][ C1] ? aa_sk_perm+0x316/0xaa0 [ 1023.332160][ C1] ? __might_fault+0xef/0x1d0 [ 1023.338240][ C1] raw_recvmsg+0xab/0x550 [ 1023.342803][ C1] ? raw_release+0x890/0x890 [ 1023.347738][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 1023.353186][ C1] ? raw_release+0x890/0x890 [ 1023.357776][ C1] ____sys_recvmsg+0x2c4/0x640 [ 1023.362597][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 1023.368476][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 1023.375495][ C1] ? import_iovec+0x23b/0x3d0 [ 1023.380204][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 1023.385490][ C1] ___sys_recvmsg+0x127/0x200 [ 1023.390166][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 1023.395800][ C1] ? lock_downgrade+0x820/0x820 [ 1023.400733][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1023.405836][ C1] ? __fget_files+0x294/0x400 [ 1023.410961][ C1] ? __fget_light+0xea/0x280 [ 1023.415808][ C1] do_recvmmsg+0x24d/0x6d0 [ 1023.420324][ C1] ? ___sys_recvmsg+0x200/0x200 [ 1023.425197][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1023.432037][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1023.437460][ C1] ? put_timespec64+0xcb/0x120 [ 1023.442247][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 1023.447091][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 1023.452105][ C1] ? __do_sys_socketcall+0x550/0x550 [ 1023.457391][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1023.462408][ C1] ? do_syscall_64+0x1c/0xe0 [ 1023.466997][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1023.473048][ C1] do_syscall_64+0x60/0xe0 [ 1023.477456][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1023.483329][ C1] RIP: 0033:0x45cb29 [ 1023.487204][ C1] Code: Bad RIP value. [ 1023.491243][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1023.499631][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 1023.507695][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000004 [ 1023.515649][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1023.523627][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1023.531577][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 1023.539558][ C1] syz-executor.1 S29976 15734 15730 0x00000000 [ 1023.545875][ C1] Call Trace: [ 1023.549163][ C1] __schedule+0x8e1/0x1eb0 [ 1023.553561][ C1] ? io_schedule_timeout+0x140/0x140 [ 1023.558844][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1023.564283][ C1] schedule+0xd0/0x2a0 [ 1023.568331][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1023.573419][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1023.578603][ C1] ? futex_wake+0x1b5/0x490 [ 1023.583179][ C1] ? find_held_lock+0x2d/0x110 [ 1023.588110][ C1] futex_wait+0x1df/0x560 [ 1023.592419][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1023.597419][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1023.602335][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1023.607611][ C1] ? futex_wake+0x155/0x490 [ 1023.612186][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1023.618145][ C1] ? lock_downgrade+0x820/0x820 [ 1023.622986][ C1] do_futex+0x15b/0x1a60 [ 1023.627215][ C1] ? lock_acquire+0x1f1/0xad0 [ 1023.631891][ C1] ? __might_fault+0xef/0x1d0 [ 1023.636562][ C1] ? find_held_lock+0x2d/0x110 [ 1023.641374][ C1] ? futex_exit_release+0x220/0x220 [ 1023.646562][ C1] ? lock_downgrade+0x820/0x820 [ 1023.651398][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1023.657618][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1023.663574][ C1] ? __might_fault+0x190/0x1d0 [ 1023.668368][ C1] ? _copy_to_user+0x126/0x160 [ 1023.673159][ C1] __x64_sys_futex+0x378/0x4e0 [ 1023.677900][ C1] ? do_futex+0x1a60/0x1a60 [ 1023.682379][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1023.688012][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1023.692935][ C1] ? do_syscall_64+0x1c/0xe0 [ 1023.697501][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1023.703477][ C1] do_syscall_64+0x60/0xe0 [ 1023.707869][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1023.713750][ C1] RIP: 0033:0x45cb29 [ 1023.717613][ C1] Code: Bad RIP value. [ 1023.721668][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1023.730069][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1023.738043][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1023.746029][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1023.753997][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1023.762312][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1023.770300][ C1] syz-executor.1 S29976 15744 6984 0x00000000 [ 1023.776618][ C1] Call Trace: [ 1023.779889][ C1] __schedule+0x8e1/0x1eb0 [ 1023.784289][ C1] ? io_schedule_timeout+0x140/0x140 [ 1023.789650][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1023.795097][ C1] schedule+0xd0/0x2a0 [ 1023.799153][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1023.804259][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1023.809435][ C1] ? futex_wake+0x1b5/0x490 [ 1023.813928][ C1] ? find_held_lock+0x2d/0x110 [ 1023.818673][ C1] futex_wait+0x1df/0x560 [ 1023.822984][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1023.828249][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1023.833169][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1023.838364][ C1] ? futex_wake+0x155/0x490 [ 1023.842855][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1023.848812][ C1] ? lock_downgrade+0x820/0x820 [ 1023.853644][ C1] do_futex+0x15b/0x1a60 [ 1023.857871][ C1] ? lock_acquire+0x1f1/0xad0 [ 1023.862534][ C1] ? __might_fault+0xef/0x1d0 [ 1023.867209][ C1] ? find_held_lock+0x2d/0x110 [ 1023.872038][ C1] ? futex_exit_release+0x220/0x220 [ 1023.877217][ C1] ? lock_downgrade+0x820/0x820 [ 1023.882057][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1023.888287][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1023.893303][ C1] ? __might_fault+0x190/0x1d0 [ 1023.898060][ C1] ? _copy_to_user+0x126/0x160 [ 1023.902801][ C1] __x64_sys_futex+0x378/0x4e0 [ 1023.907654][ C1] ? do_futex+0x1a60/0x1a60 [ 1023.912131][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1023.917739][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1023.922659][ C1] ? do_syscall_64+0x1c/0xe0 [ 1023.927224][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1023.933192][ C1] do_syscall_64+0x60/0xe0 [ 1023.937587][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1023.943456][ C1] RIP: 0033:0x45cb29 [ 1023.947321][ C1] Code: Bad RIP value. [ 1023.951374][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1023.959846][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1023.967808][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1023.975753][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1023.983961][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1023.991911][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1023.999892][ C1] syz-executor.1 S29976 15766 6984 0x00000000 [ 1024.006203][ C1] Call Trace: [ 1024.009480][ C1] __schedule+0x8e1/0x1eb0 [ 1024.013877][ C1] ? io_schedule_timeout+0x140/0x140 [ 1024.019144][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1024.024585][ C1] schedule+0xd0/0x2a0 [ 1024.028633][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1024.033745][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1024.038954][ C1] ? futex_wake+0x1b5/0x490 [ 1024.043483][ C1] ? find_held_lock+0x2d/0x110 [ 1024.048249][ C1] futex_wait+0x1df/0x560 [ 1024.052577][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1024.057598][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1024.062517][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1024.067800][ C1] ? futex_wake+0x155/0x490 [ 1024.072376][ C1] ? lock_downgrade+0x820/0x820 [ 1024.077229][ C1] do_futex+0x15b/0x1a60 [ 1024.081464][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1024.086640][ C1] ? _raw_spin_unlock+0x24/0x40 [ 1024.091469][ C1] ? do_wp_page+0x16a/0x1950 [ 1024.096051][ C1] ? futex_exit_release+0x220/0x220 [ 1024.101339][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 1024.106359][ C1] ? find_held_lock+0x2d/0x110 [ 1024.111101][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 1024.116299][ C1] ? __up_read+0x1a1/0x7b0 [ 1024.120730][ C1] ? _down_write_nest_lock+0x150/0x150 [ 1024.126258][ C1] __x64_sys_futex+0x378/0x4e0 [ 1024.131021][ C1] ? do_futex+0x1a60/0x1a60 [ 1024.135501][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1024.140441][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1024.145358][ C1] ? do_syscall_64+0x1c/0xe0 [ 1024.149941][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1024.155964][ C1] do_syscall_64+0x60/0xe0 [ 1024.160382][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1024.166438][ C1] RIP: 0033:0x45cb29 [ 1024.170309][ C1] Code: Bad RIP value. [ 1024.174524][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1024.182910][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1024.190871][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1024.198919][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1024.206880][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1024.214934][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1024.223042][ C1] syz-executor.1 S29936 15786 6984 0x00000000 [ 1024.229387][ C1] Call Trace: [ 1024.232668][ C1] __schedule+0x8e1/0x1eb0 [ 1024.237068][ C1] ? io_schedule_timeout+0x140/0x140 [ 1024.242331][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1024.247783][ C1] schedule+0xd0/0x2a0 [ 1024.251843][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1024.256946][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1024.262125][ C1] futex_wait+0x1df/0x560 [ 1024.266461][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1024.271520][ C1] ? hash_futex+0x12/0x200 [ 1024.276810][ C1] ? futex_wake+0x155/0x490 [ 1024.281313][ C1] ? lock_downgrade+0x820/0x820 [ 1024.286161][ C1] do_futex+0x15b/0x1a60 [ 1024.290389][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1024.295580][ C1] ? _raw_spin_unlock+0x24/0x40 [ 1024.300424][ C1] ? do_wp_page+0x16a/0x1950 [ 1024.305038][ C1] ? futex_exit_release+0x220/0x220 [ 1024.311482][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 1024.317385][ C1] ? find_held_lock+0x2d/0x110 [ 1024.322150][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 1024.327433][ C1] ? __up_read+0x1a1/0x7b0 [ 1024.331854][ C1] ? _down_write_nest_lock+0x150/0x150 [ 1024.337438][ C1] __x64_sys_futex+0x378/0x4e0 [ 1024.342292][ C1] ? do_futex+0x1a60/0x1a60 [ 1024.346782][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1024.351805][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1024.356743][ C1] ? do_syscall_64+0x1c/0xe0 [ 1024.361312][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1024.367297][ C1] do_syscall_64+0x60/0xe0 [ 1024.371777][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1024.378618][ C1] RIP: 0033:0x45cb29 [ 1024.382485][ C1] Code: Bad RIP value. [ 1024.386526][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1024.394911][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1024.402878][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1024.411106][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1024.419140][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1024.427213][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1024.435185][ C1] syz-executor.1 S28384 15802 6984 0x00000000 [ 1024.442034][ C1] Call Trace: [ 1024.445322][ C1] __schedule+0x8e1/0x1eb0 [ 1024.449807][ C1] ? io_schedule_timeout+0x140/0x140 [ 1024.455078][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1024.460536][ C1] schedule+0xd0/0x2a0 [ 1024.465200][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1024.470299][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1024.475561][ C1] ? futex_wake+0x1b5/0x490 [ 1024.480282][ C1] ? find_held_lock+0x2d/0x110 [ 1024.485101][ C1] futex_wait+0x1df/0x560 [ 1024.489436][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1024.494528][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1024.499454][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1024.505170][ C1] ? futex_wake+0x155/0x490 [ 1024.509675][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1024.515660][ C1] do_futex+0x15b/0x1a60 [ 1024.519916][ C1] ? lock_acquire+0x1f1/0xad0 [ 1024.524661][ C1] ? __might_fault+0xef/0x1d0 [ 1024.529313][ C1] ? find_held_lock+0x2d/0x110 [ 1024.534097][ C1] ? futex_exit_release+0x220/0x220 [ 1024.539382][ C1] ? lock_downgrade+0x820/0x820 [ 1024.544234][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1024.550507][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1024.555513][ C1] ? __might_fault+0x190/0x1d0 [ 1024.560270][ C1] ? _copy_to_user+0x126/0x160 [ 1024.565013][ C1] __x64_sys_futex+0x378/0x4e0 [ 1024.569756][ C1] ? do_futex+0x1a60/0x1a60 [ 1024.574250][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1024.579874][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1024.584790][ C1] ? do_syscall_64+0x1c/0xe0 [ 1024.589362][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1024.595319][ C1] do_syscall_64+0x60/0xe0 [ 1024.599728][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1024.605614][ C1] RIP: 0033:0x45cb29 [ 1024.609494][ C1] Code: Bad RIP value. [ 1024.613535][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1024.621920][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1024.629870][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1024.637834][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1024.645806][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1024.653861][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1024.661957][ C1] syz-executor.1 S29976 15805 15802 0x00000000 [ 1024.668397][ C1] Call Trace: [ 1024.671686][ C1] __schedule+0x8e1/0x1eb0 [ 1024.676089][ C1] ? io_schedule_timeout+0x140/0x140 [ 1024.681408][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1024.686870][ C1] schedule+0xd0/0x2a0 [ 1024.691078][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1024.696190][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1024.701378][ C1] ? futex_wake+0x1b5/0x490 [ 1024.705870][ C1] ? find_held_lock+0x2d/0x110 [ 1024.710796][ C1] futex_wait+0x1df/0x560 [ 1024.715120][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1024.720134][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1024.725049][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1024.730224][ C1] ? futex_wake+0x155/0x490 [ 1024.734822][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1024.740805][ C1] ? lock_downgrade+0x820/0x820 [ 1024.745645][ C1] do_futex+0x15b/0x1a60 [ 1024.749877][ C1] ? lock_acquire+0x1f1/0xad0 [ 1024.754642][ C1] ? __might_fault+0xef/0x1d0 [ 1024.761156][ C1] ? find_held_lock+0x2d/0x110 [ 1024.766207][ C1] ? futex_exit_release+0x220/0x220 [ 1024.771394][ C1] ? lock_downgrade+0x820/0x820 [ 1024.776222][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1024.783569][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1024.789213][ C1] ? __might_fault+0x190/0x1d0 [ 1024.793962][ C1] ? _copy_to_user+0x126/0x160 [ 1024.799511][ C1] __x64_sys_futex+0x378/0x4e0 [ 1024.804282][ C1] ? do_futex+0x1a60/0x1a60 [ 1024.808792][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1024.814429][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1024.819383][ C1] ? do_syscall_64+0x1c/0xe0 [ 1024.823961][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1024.830747][ C1] do_syscall_64+0x60/0xe0 [ 1024.835264][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1024.841605][ C1] RIP: 0033:0x45cb29 [ 1024.845494][ C1] Code: Bad RIP value. [ 1024.850174][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1024.858867][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1024.867029][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1024.874995][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1024.883006][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1024.891277][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1024.902634][ C1] syz-executor.5 S29976 15820 7388 0x00000000 [ 1024.909578][ C1] Call Trace: [ 1024.912871][ C1] __schedule+0x8e1/0x1eb0 [ 1024.917356][ C1] ? io_schedule_timeout+0x140/0x140 [ 1024.922618][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1024.928062][ C1] schedule+0xd0/0x2a0 [ 1024.932110][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1024.937200][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1024.942400][ C1] futex_wait+0x1df/0x560 [ 1024.946739][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1024.951843][ C1] ? mark_lock+0xbc/0x1710 [ 1024.956255][ C1] ? hash_futex+0x12/0x200 [ 1024.960650][ C1] ? futex_wake+0x155/0x490 [ 1024.965142][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1024.970149][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1024.976105][ C1] do_futex+0x15b/0x1a60 [ 1024.980331][ C1] ? lock_acquire+0x1f1/0xad0 [ 1024.984980][ C1] ? __might_fault+0xef/0x1d0 [ 1024.989632][ C1] ? find_held_lock+0x2d/0x110 [ 1024.994401][ C1] ? futex_exit_release+0x220/0x220 [ 1024.999604][ C1] ? lock_downgrade+0x820/0x820 [ 1025.004451][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1025.010690][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1025.015711][ C1] ? __might_fault+0x190/0x1d0 [ 1025.020461][ C1] ? _copy_to_user+0x126/0x160 [ 1025.025209][ C1] __x64_sys_futex+0x378/0x4e0 [ 1025.029965][ C1] ? do_futex+0x1a60/0x1a60 [ 1025.034441][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1025.040068][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1025.045005][ C1] ? do_syscall_64+0x1c/0xe0 [ 1025.049590][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1025.055573][ C1] do_syscall_64+0x60/0xe0 [ 1025.059977][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1025.065854][ C1] RIP: 0033:0x45cb29 [ 1025.069904][ C1] Code: Bad RIP value. [ 1025.073946][ C1] RSP: 002b:00007f8614cd2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1025.082353][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1025.090402][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1025.098390][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1025.106336][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1025.114480][ C1] R13: 0000000000c9fb6f R14: 00007f8614cd39c0 R15: 000000000078bf0c [ 1025.122456][ C1] syz-executor.1 S29976 15824 15802 0x00000000 [ 1025.128856][ C1] Call Trace: [ 1025.132219][ C1] __schedule+0x8e1/0x1eb0 [ 1025.136645][ C1] ? io_schedule_timeout+0x140/0x140 [ 1025.141922][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1025.147544][ C1] schedule+0xd0/0x2a0 [ 1025.151593][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1025.156694][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1025.161966][ C1] ? futex_wake+0x1b5/0x490 [ 1025.166444][ C1] ? find_held_lock+0x2d/0x110 [ 1025.171186][ C1] futex_wait+0x1df/0x560 [ 1025.175513][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1025.180513][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1025.185427][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1025.190603][ C1] ? futex_wake+0x155/0x490 [ 1025.195091][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1025.201047][ C1] ? lock_downgrade+0x820/0x820 [ 1025.205876][ C1] do_futex+0x15b/0x1a60 [ 1025.210117][ C1] ? lock_acquire+0x1f1/0xad0 [ 1025.214832][ C1] ? __might_fault+0xef/0x1d0 [ 1025.219486][ C1] ? find_held_lock+0x2d/0x110 [ 1025.224296][ C1] ? futex_exit_release+0x220/0x220 [ 1025.229514][ C1] ? lock_downgrade+0x820/0x820 [ 1025.234510][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1025.240749][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1025.246421][ C1] ? __might_fault+0x190/0x1d0 [ 1025.251192][ C1] ? _copy_to_user+0x126/0x160 [ 1025.255952][ C1] __x64_sys_futex+0x378/0x4e0 [ 1025.260703][ C1] ? do_futex+0x1a60/0x1a60 [ 1025.265185][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1025.270886][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1025.275799][ C1] ? do_syscall_64+0x1c/0xe0 [ 1025.280367][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1025.286325][ C1] do_syscall_64+0x60/0xe0 [ 1025.290718][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1025.297734][ C1] RIP: 0033:0x45cb29 [ 1025.301630][ C1] Code: Bad RIP value. [ 1025.305690][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1025.314235][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1025.322617][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1025.330599][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1025.338735][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1025.346878][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1025.354899][ C1] syz-executor.5 S29976 15842 7388 0x00000000 [ 1025.361212][ C1] Call Trace: [ 1025.364532][ C1] __schedule+0x8e1/0x1eb0 [ 1025.368964][ C1] ? io_schedule_timeout+0x140/0x140 [ 1025.374251][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1025.379754][ C1] schedule+0xd0/0x2a0 [ 1025.383806][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1025.389075][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1025.394246][ C1] ? futex_wake+0x1b5/0x490 [ 1025.398818][ C1] ? find_held_lock+0x2d/0x110 [ 1025.403765][ C1] futex_wait+0x1df/0x560 [ 1025.408180][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1025.413199][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1025.418119][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1025.423668][ C1] ? futex_wake+0x155/0x490 [ 1025.428169][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1025.434167][ C1] do_futex+0x15b/0x1a60 [ 1025.438406][ C1] ? lock_acquire+0x1f1/0xad0 [ 1025.443059][ C1] ? __might_fault+0xef/0x1d0 [ 1025.447709][ C1] ? find_held_lock+0x2d/0x110 [ 1025.452453][ C1] ? futex_exit_release+0x220/0x220 [ 1025.457639][ C1] ? lock_downgrade+0x820/0x820 [ 1025.462567][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1025.468960][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1025.473977][ C1] ? __might_fault+0x190/0x1d0 [ 1025.478895][ C1] ? _copy_to_user+0x126/0x160 [ 1025.483726][ C1] __x64_sys_futex+0x378/0x4e0 [ 1025.488474][ C1] ? do_futex+0x1a60/0x1a60 [ 1025.493498][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1025.499719][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1025.505266][ C1] ? do_syscall_64+0x1c/0xe0 [ 1025.510240][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1025.516323][ C1] do_syscall_64+0x60/0xe0 [ 1025.520946][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1025.526818][ C1] RIP: 0033:0x45cb29 [ 1025.530688][ C1] Code: Bad RIP value. [ 1025.535530][ C1] RSP: 002b:00007f8614cd2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1025.544046][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1025.552026][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1025.560695][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1025.570559][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1025.578643][ C1] R13: 0000000000c9fb6f R14: 00007f8614cd39c0 R15: 000000000078bf0c [ 1025.586793][ C1] syz-executor.5 S29976 15857 7388 0x00000000 [ 1025.593229][ C1] Call Trace: [ 1025.596518][ C1] __schedule+0x8e1/0x1eb0 [ 1025.601273][ C1] ? io_schedule_timeout+0x140/0x140 [ 1025.606633][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1025.612560][ C1] schedule+0xd0/0x2a0 [ 1025.616744][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1025.621867][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1025.627058][ C1] futex_wait+0x1df/0x560 [ 1025.631370][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1025.637076][ C1] ? mark_lock+0xbc/0x1710 [ 1025.642433][ C1] ? hash_futex+0x12/0x200 [ 1025.646836][ C1] ? futex_wake+0x155/0x490 [ 1025.651318][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1025.656849][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1025.665373][ C1] do_futex+0x15b/0x1a60 [ 1025.670866][ C1] ? lock_acquire+0x1f1/0xad0 [ 1025.675567][ C1] ? __might_fault+0xef/0x1d0 [ 1025.680253][ C1] ? find_held_lock+0x2d/0x110 [ 1025.685031][ C1] ? futex_exit_release+0x220/0x220 [ 1025.690302][ C1] ? lock_downgrade+0x820/0x820 [ 1025.695867][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1025.702356][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1025.707456][ C1] ? __might_fault+0x190/0x1d0 [ 1025.713093][ C1] ? _copy_to_user+0x126/0x160 [ 1025.718387][ C1] __x64_sys_futex+0x378/0x4e0 [ 1025.728366][ C1] ? do_futex+0x1a60/0x1a60 [ 1025.733065][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1025.740090][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1025.747577][ C1] ? do_syscall_64+0x1c/0xe0 [ 1025.752170][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1025.759723][ C1] do_syscall_64+0x60/0xe0 [ 1025.764129][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1025.770027][ C1] RIP: 0033:0x45cb29 [ 1025.773914][ C1] Code: Bad RIP value. [ 1025.777988][ C1] RSP: 002b:00007f8614cd2cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1025.786661][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1025.794638][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1025.803007][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1025.813291][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1025.822466][ C1] R13: 0000000000c9fb6f R14: 00007f8614cd39c0 R15: 000000000078bf0c [ 1025.832064][ C1] syz-executor.5 S29264 15863 7388 0x00000000 [ 1025.838387][ C1] Call Trace: [ 1025.842120][ C1] __schedule+0x8e1/0x1eb0 [ 1025.847311][ C1] ? io_schedule_timeout+0x140/0x140 [ 1025.853480][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1025.858960][ C1] schedule+0xd0/0x2a0 [ 1025.863013][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1025.868273][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1025.873458][ C1] futex_wait+0x1df/0x560 [ 1025.877772][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1025.885548][ C1] ? mark_lock+0xbc/0x1710 [ 1025.891008][ C1] ? mark_lock+0xbc/0x1710 [ 1025.895549][ C1] ? hash_futex+0x12/0x200 [ 1025.900081][ C1] ? futex_wake+0x155/0x490 [ 1025.905636][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1025.912353][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1025.918451][ C1] do_futex+0x15b/0x1a60 [ 1025.923004][ C1] ? lock_acquire+0x1f1/0xad0 [ 1025.929041][ C1] ? __might_fault+0xef/0x1d0 [ 1025.933729][ C1] ? find_held_lock+0x2d/0x110 [ 1025.938620][ C1] ? futex_exit_release+0x220/0x220 [ 1025.944345][ C1] ? lock_downgrade+0x820/0x820 [ 1025.949436][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1025.955653][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1025.960674][ C1] ? __might_fault+0x190/0x1d0 [ 1025.966196][ C1] ? _copy_to_user+0x126/0x160 [ 1025.970943][ C1] __x64_sys_futex+0x378/0x4e0 [ 1025.976913][ C1] ? do_futex+0x1a60/0x1a60 [ 1025.981415][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1025.988011][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1025.993019][ C1] ? do_syscall_64+0x1c/0xe0 [ 1025.998256][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1026.005725][ C1] do_syscall_64+0x60/0xe0 [ 1026.010280][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1026.016654][ C1] RIP: 0033:0x45cb29 [ 1026.020897][ C1] Code: Bad RIP value. [ 1026.024954][ C1] RSP: 002b:00007f8614cb1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1026.034288][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1026.043411][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1026.052395][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1026.062515][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1026.072044][ C1] R13: 0000000000c9fb6f R14: 00007f8614cb29c0 R15: 000000000078bfac [ 1026.080240][ C1] syz-executor.1 S28760 15889 6984 0x00000000 [ 1026.086734][ C1] Call Trace: [ 1026.090632][ C1] __schedule+0x8e1/0x1eb0 [ 1026.095448][ C1] ? io_schedule_timeout+0x140/0x140 [ 1026.100735][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1026.107417][ C1] schedule+0xd0/0x2a0 [ 1026.111743][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1026.116848][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1026.122042][ C1] futex_wait+0x1df/0x560 [ 1026.126354][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1026.131537][ C1] ? mark_lock+0xbc/0x1710 [ 1026.136105][ C1] ? hash_futex+0x12/0x200 [ 1026.140524][ C1] ? futex_wake+0x155/0x490 [ 1026.145000][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1026.150009][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1026.156363][ C1] do_futex+0x15b/0x1a60 [ 1026.160936][ C1] ? lock_acquire+0x1f1/0xad0 [ 1026.165592][ C1] ? __might_fault+0xef/0x1d0 [ 1026.171115][ C1] ? find_held_lock+0x2d/0x110 [ 1026.175872][ C1] ? futex_exit_release+0x220/0x220 [ 1026.182491][ C1] ? lock_downgrade+0x820/0x820 [ 1026.187604][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1026.193824][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1026.199883][ C1] ? __might_fault+0x190/0x1d0 [ 1026.205117][ C1] ? _copy_to_user+0x126/0x160 [ 1026.210043][ C1] __x64_sys_futex+0x378/0x4e0 [ 1026.215081][ C1] ? do_futex+0x1a60/0x1a60 [ 1026.220753][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1026.226398][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1026.231332][ C1] ? do_syscall_64+0x1c/0xe0 [ 1026.235941][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1026.241999][ C1] do_syscall_64+0x60/0xe0 [ 1026.246697][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1026.252757][ C1] RIP: 0033:0x45cb29 [ 1026.256624][ C1] Code: Bad RIP value. [ 1026.260768][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1026.269752][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1026.277721][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1026.285679][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1026.293649][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1026.302103][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1026.310350][ C1] syz-executor.1 S28384 15906 6984 0x00000000 [ 1026.316665][ C1] Call Trace: [ 1026.319954][ C1] __schedule+0x8e1/0x1eb0 [ 1026.324759][ C1] ? io_schedule_timeout+0x140/0x140 [ 1026.330634][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1026.336107][ C1] schedule+0xd0/0x2a0 [ 1026.340195][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1026.347228][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1026.353101][ C1] futex_wait+0x1df/0x560 [ 1026.359742][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1026.366998][ C1] ? mark_lock+0xbc/0x1710 [ 1026.372323][ C1] ? mark_lock+0xbc/0x1710 [ 1026.377649][ C1] ? hash_futex+0x12/0x200 [ 1026.382751][ C1] ? futex_wake+0x155/0x490 [ 1026.389052][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1026.394275][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1026.400271][ C1] do_futex+0x15b/0x1a60 [ 1026.404503][ C1] ? lock_acquire+0x1f1/0xad0 [ 1026.409685][ C1] ? __might_fault+0xef/0x1d0 [ 1026.414455][ C1] ? find_held_lock+0x2d/0x110 [ 1026.420093][ C1] ? futex_exit_release+0x220/0x220 [ 1026.425821][ C1] ? lock_downgrade+0x820/0x820 [ 1026.431226][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1026.438823][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1026.443855][ C1] ? __might_fault+0x190/0x1d0 [ 1026.448597][ C1] ? _copy_to_user+0x126/0x160 [ 1026.453346][ C1] __x64_sys_futex+0x378/0x4e0 [ 1026.458700][ C1] ? do_futex+0x1a60/0x1a60 [ 1026.464239][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1026.469890][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1026.474810][ C1] ? do_syscall_64+0x1c/0xe0 [ 1026.479405][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1026.488717][ C1] do_syscall_64+0x60/0xe0 [ 1026.493136][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1026.499452][ C1] RIP: 0033:0x45cb29 [ 1026.503504][ C1] Code: Bad RIP value. [ 1026.510011][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1026.521881][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1026.531220][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1026.540116][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1026.548167][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1026.556135][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1026.564846][ C1] syz-executor.1 S29976 15910 15906 0x00000000 [ 1026.571662][ C1] Call Trace: [ 1026.576350][ C1] __schedule+0x8e1/0x1eb0 [ 1026.580858][ C1] ? io_schedule_timeout+0x140/0x140 [ 1026.586913][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1026.592372][ C1] schedule+0xd0/0x2a0 [ 1026.596421][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1026.601616][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1026.607432][ C1] futex_wait+0x1df/0x560 [ 1026.611788][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1026.619167][ C1] ? mark_lock+0xbc/0x1710 [ 1026.623602][ C1] ? hash_futex+0x12/0x200 [ 1026.628006][ C1] ? futex_wake+0x155/0x490 [ 1026.633349][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1026.640648][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1026.650220][ C1] ? lock_downgrade+0x820/0x820 [ 1026.656115][ C1] do_futex+0x15b/0x1a60 [ 1026.660634][ C1] ? lock_acquire+0x1f1/0xad0 [ 1026.667703][ C1] ? __might_fault+0xef/0x1d0 [ 1026.674051][ C1] ? find_held_lock+0x2d/0x110 [ 1026.678824][ C1] ? futex_exit_release+0x220/0x220 [ 1026.684143][ C1] ? lock_downgrade+0x820/0x820 [ 1026.688983][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1026.696436][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1026.701905][ C1] ? __might_fault+0x190/0x1d0 [ 1026.707087][ C1] ? _copy_to_user+0x126/0x160 [ 1026.712060][ C1] __x64_sys_futex+0x378/0x4e0 [ 1026.716813][ C1] ? do_futex+0x1a60/0x1a60 [ 1026.721314][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1026.727104][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1026.732031][ C1] ? do_syscall_64+0x1c/0xe0 [ 1026.736628][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1026.744524][ C1] do_syscall_64+0x60/0xe0 [ 1026.750341][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1026.756234][ C1] RIP: 0033:0x45cb29 [ 1026.760101][ C1] Code: Bad RIP value. [ 1026.764143][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1026.773048][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1026.781587][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1026.792165][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1026.801428][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1026.809901][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1026.819047][ C1] syz-executor.1 S29976 15924 15906 0x00000000 [ 1026.825394][ C1] Call Trace: [ 1026.828684][ C1] __schedule+0x8e1/0x1eb0 [ 1026.833083][ C1] ? io_schedule_timeout+0x140/0x140 [ 1026.839426][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1026.846286][ C1] schedule+0xd0/0x2a0 [ 1026.850714][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1026.856029][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1026.861208][ C1] ? futex_wake+0x1b5/0x490 [ 1026.865802][ C1] ? find_held_lock+0x2d/0x110 [ 1026.870566][ C1] futex_wait+0x1df/0x560 [ 1026.874875][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1026.879875][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1026.884791][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1026.891654][ C1] ? futex_wake+0x155/0x490 [ 1026.896327][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1026.902286][ C1] ? lock_downgrade+0x820/0x820 [ 1026.907165][ C1] do_futex+0x15b/0x1a60 [ 1026.911417][ C1] ? lock_acquire+0x1f1/0xad0 [ 1026.916250][ C1] ? __might_fault+0xef/0x1d0 [ 1026.920994][ C1] ? find_held_lock+0x2d/0x110 [ 1026.926950][ C1] ? futex_exit_release+0x220/0x220 [ 1026.932677][ C1] ? lock_downgrade+0x820/0x820 [ 1026.938776][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1026.945771][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1026.951605][ C1] ? __might_fault+0x190/0x1d0 [ 1026.958515][ C1] ? _copy_to_user+0x126/0x160 [ 1026.963793][ C1] __x64_sys_futex+0x378/0x4e0 [ 1026.968538][ C1] ? do_futex+0x1a60/0x1a60 [ 1026.973017][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1026.978629][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1026.987927][ C1] ? do_syscall_64+0x1c/0xe0 [ 1026.995092][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1027.001751][ C1] do_syscall_64+0x60/0xe0 [ 1027.006550][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1027.012889][ C1] RIP: 0033:0x45cb29 [ 1027.016776][ C1] Code: Bad RIP value. [ 1027.020863][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1027.029273][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1027.038894][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1027.048414][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1027.056450][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1027.066847][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1027.075966][ C1] syz-executor.1 S28600 15934 6984 0x00000000 [ 1027.085230][ C1] Call Trace: [ 1027.088710][ C1] __schedule+0x8e1/0x1eb0 [ 1027.094705][ C1] ? io_schedule_timeout+0x140/0x140 [ 1027.101791][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1027.107246][ C1] schedule+0xd0/0x2a0 [ 1027.111298][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1027.116485][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1027.121681][ C1] ? find_held_lock+0x2d/0x110 [ 1027.128290][ C1] futex_wait+0x1df/0x560 [ 1027.133105][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1027.139335][ C1] ? mark_lock+0xbc/0x1710 [ 1027.143734][ C1] ? hash_futex+0x12/0x200 [ 1027.148413][ C1] ? futex_wake+0x155/0x490 [ 1027.153256][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1027.158291][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1027.164259][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1027.170049][ C1] do_futex+0x15b/0x1a60 [ 1027.174273][ C1] ? lock_acquire+0x1f1/0xad0 [ 1027.181157][ C1] ? __might_fault+0xef/0x1d0 [ 1027.185812][ C1] ? find_held_lock+0x2d/0x110 [ 1027.190554][ C1] ? futex_exit_release+0x220/0x220 [ 1027.195730][ C1] ? lock_downgrade+0x820/0x820 [ 1027.200559][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1027.208065][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1027.213107][ C1] ? __might_fault+0x190/0x1d0 [ 1027.218360][ C1] ? _copy_to_user+0x126/0x160 [ 1027.224855][ C1] __x64_sys_futex+0x378/0x4e0 [ 1027.229831][ C1] ? do_futex+0x1a60/0x1a60 [ 1027.234616][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1027.241560][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1027.246485][ C1] ? do_syscall_64+0x1c/0xe0 [ 1027.251473][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1027.257470][ C1] do_syscall_64+0x60/0xe0 [ 1027.261876][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1027.268061][ C1] RIP: 0033:0x45cb29 [ 1027.272456][ C1] Code: Bad RIP value. [ 1027.276501][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1027.284916][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1027.293066][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1027.301135][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1027.309112][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1027.317563][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1027.325862][ C1] syz-executor.1 S29976 15939 15934 0x00000000 [ 1027.332238][ C1] Call Trace: [ 1027.335514][ C1] __schedule+0x8e1/0x1eb0 [ 1027.339916][ C1] ? io_schedule_timeout+0x140/0x140 [ 1027.345686][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1027.352295][ C1] schedule+0xd0/0x2a0 [ 1027.356347][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1027.361824][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1027.367673][ C1] ? futex_wake+0x1b5/0x490 [ 1027.373556][ C1] ? find_held_lock+0x2d/0x110 [ 1027.379288][ C1] futex_wait+0x1df/0x560 [ 1027.383603][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1027.388606][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1027.393523][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1027.398698][ C1] ? futex_wake+0x155/0x490 [ 1027.403790][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1027.409787][ C1] ? lock_downgrade+0x820/0x820 [ 1027.415232][ C1] do_futex+0x15b/0x1a60 [ 1027.420701][ C1] ? lock_acquire+0x1f1/0xad0 [ 1027.425626][ C1] ? __might_fault+0xef/0x1d0 [ 1027.430381][ C1] ? find_held_lock+0x2d/0x110 [ 1027.435139][ C1] ? futex_exit_release+0x220/0x220 [ 1027.440368][ C1] ? lock_downgrade+0x820/0x820 [ 1027.445246][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1027.451509][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1027.458584][ C1] ? __might_fault+0x190/0x1d0 [ 1027.463346][ C1] ? _copy_to_user+0x126/0x160 [ 1027.468133][ C1] __x64_sys_futex+0x378/0x4e0 [ 1027.472900][ C1] ? do_futex+0x1a60/0x1a60 [ 1027.477407][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1027.483644][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1027.489558][ C1] ? do_syscall_64+0x1c/0xe0 [ 1027.494999][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1027.503474][ C1] do_syscall_64+0x60/0xe0 [ 1027.509680][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1027.515579][ C1] RIP: 0033:0x45cb29 [ 1027.519472][ C1] Code: Bad RIP value. [ 1027.523529][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1027.532558][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1027.541234][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1027.550204][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1027.558174][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1027.567470][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1027.575573][ C1] syz-executor.3 S29976 15943 7113 0x00000000 [ 1027.581900][ C1] Call Trace: [ 1027.585210][ C1] __schedule+0x8e1/0x1eb0 [ 1027.591138][ C1] ? io_schedule_timeout+0x140/0x140 [ 1027.598752][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1027.606273][ C1] schedule+0xd0/0x2a0 [ 1027.611093][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1027.616650][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1027.621833][ C1] futex_wait+0x1df/0x560 [ 1027.626146][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1027.631149][ C1] ? mark_lock+0xbc/0x1710 [ 1027.636604][ C1] ? hash_futex+0x12/0x200 [ 1027.640995][ C1] ? futex_wake+0x155/0x490 [ 1027.645488][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1027.650495][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1027.656453][ C1] do_futex+0x15b/0x1a60 [ 1027.661219][ C1] ? lock_acquire+0x1f1/0xad0 [ 1027.665891][ C1] ? __might_fault+0xef/0x1d0 [ 1027.670548][ C1] ? find_held_lock+0x2d/0x110 [ 1027.675290][ C1] ? futex_exit_release+0x220/0x220 [ 1027.680480][ C1] ? lock_downgrade+0x820/0x820 [ 1027.687393][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1027.695518][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1027.701849][ C1] ? __might_fault+0x190/0x1d0 [ 1027.706944][ C1] ? _copy_to_user+0x126/0x160 [ 1027.712261][ C1] __x64_sys_futex+0x378/0x4e0 [ 1027.717041][ C1] ? do_futex+0x1a60/0x1a60 [ 1027.721527][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1027.727167][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1027.732107][ C1] ? do_syscall_64+0x1c/0xe0 [ 1027.737308][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1027.743921][ C1] do_syscall_64+0x60/0xe0 [ 1027.748467][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1027.754397][ C1] RIP: 0033:0x45cb29 [ 1027.758280][ C1] Code: Bad RIP value. [ 1027.762335][ C1] RSP: 002b:00007f6514a60cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1027.772243][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1027.781203][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1027.789266][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1027.797221][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1027.807658][ C1] R13: 0000000000c9fb6f R14: 00007f6514a619c0 R15: 000000000078bf0c [ 1027.816228][ C1] syz-executor.1 S29976 15956 15934 0x00000000 [ 1027.823529][ C1] Call Trace: [ 1027.827025][ C1] __schedule+0x8e1/0x1eb0 [ 1027.831514][ C1] ? io_schedule_timeout+0x140/0x140 [ 1027.837241][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1027.842997][ C1] schedule+0xd0/0x2a0 [ 1027.847061][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1027.853072][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1027.858285][ C1] futex_wait+0x1df/0x560 [ 1027.862709][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1027.868895][ C1] ? mark_lock+0xbc/0x1710 [ 1027.873381][ C1] ? hash_futex+0x12/0x200 [ 1027.877777][ C1] ? futex_wake+0x155/0x490 [ 1027.882344][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1027.887354][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1027.895027][ C1] ? lock_downgrade+0x820/0x820 [ 1027.902071][ C1] do_futex+0x15b/0x1a60 [ 1027.908569][ C1] ? lock_acquire+0x1f1/0xad0 [ 1027.913695][ C1] ? __might_fault+0xef/0x1d0 [ 1027.918746][ C1] ? find_held_lock+0x2d/0x110 [ 1027.929094][ C1] ? futex_exit_release+0x220/0x220 [ 1027.934717][ C1] ? lock_downgrade+0x820/0x820 [ 1027.940472][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1027.946981][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1027.951993][ C1] ? __might_fault+0x190/0x1d0 [ 1027.956735][ C1] ? _copy_to_user+0x126/0x160 [ 1027.961495][ C1] __x64_sys_futex+0x378/0x4e0 [ 1027.966238][ C1] ? do_futex+0x1a60/0x1a60 [ 1027.970774][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1027.979216][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1027.984847][ C1] ? do_syscall_64+0x1c/0xe0 [ 1027.990080][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1027.996061][ C1] do_syscall_64+0x60/0xe0 [ 1028.000463][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1028.006682][ C1] RIP: 0033:0x45cb29 [ 1028.010562][ C1] Code: Bad RIP value. [ 1028.014608][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1028.023448][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1028.031592][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1028.040237][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1028.049056][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1028.057728][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1028.065876][ C1] syz-executor.1 S28600 15966 6984 0x00000000 [ 1028.072289][ C1] Call Trace: [ 1028.075928][ C1] __schedule+0x8e1/0x1eb0 [ 1028.080466][ C1] ? io_schedule_timeout+0x140/0x140 [ 1028.085938][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1028.092291][ C1] schedule+0xd0/0x2a0 [ 1028.096831][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1028.101919][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1028.107636][ C1] ? futex_wake+0x1b5/0x490 [ 1028.113507][ C1] ? find_held_lock+0x2d/0x110 [ 1028.118251][ C1] futex_wait+0x1df/0x560 [ 1028.122763][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1028.128326][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1028.133276][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1028.138550][ C1] ? futex_wake+0x155/0x490 [ 1028.143047][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1028.149012][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1028.154799][ C1] do_futex+0x15b/0x1a60 [ 1028.159060][ C1] ? lock_acquire+0x1f1/0xad0 [ 1028.164091][ C1] ? __might_fault+0xef/0x1d0 [ 1028.168755][ C1] ? find_held_lock+0x2d/0x110 [ 1028.173517][ C1] ? futex_exit_release+0x220/0x220 [ 1028.178710][ C1] ? lock_downgrade+0x820/0x820 [ 1028.183563][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1028.190159][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1028.195356][ C1] ? __might_fault+0x190/0x1d0 [ 1028.200204][ C1] ? _copy_to_user+0x126/0x160 [ 1028.205302][ C1] __x64_sys_futex+0x378/0x4e0 [ 1028.210222][ C1] ? do_futex+0x1a60/0x1a60 [ 1028.214788][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1028.220399][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1028.225336][ C1] ? do_syscall_64+0x1c/0xe0 [ 1028.230095][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1028.236157][ C1] do_syscall_64+0x60/0xe0 [ 1028.240747][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1028.247149][ C1] RIP: 0033:0x45cb29 [ 1028.251226][ C1] Code: Bad RIP value. [ 1028.255443][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1028.267105][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1028.276738][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1028.284693][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1028.292654][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1028.301167][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1028.309150][ C1] syz-executor.1 S29056 15967 15966 0x00000000 [ 1028.316168][ C1] Call Trace: [ 1028.319665][ C1] __schedule+0x8e1/0x1eb0 [ 1028.324193][ C1] ? io_schedule_timeout+0x140/0x140 [ 1028.329581][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1028.335270][ C1] schedule+0xd0/0x2a0 [ 1028.339524][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1028.344649][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1028.349847][ C1] ? futex_wake+0x1b5/0x490 [ 1028.354343][ C1] ? find_held_lock+0x2d/0x110 [ 1028.359110][ C1] futex_wait+0x1df/0x560 [ 1028.363560][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1028.368564][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1028.373544][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1028.379386][ C1] ? futex_wake+0x155/0x490 [ 1028.385121][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1028.391226][ C1] ? lock_downgrade+0x820/0x820 [ 1028.396085][ C1] do_futex+0x15b/0x1a60 [ 1028.400327][ C1] ? lock_acquire+0x1f1/0xad0 [ 1028.405008][ C1] ? __might_fault+0xef/0x1d0 [ 1028.409662][ C1] ? find_held_lock+0x2d/0x110 [ 1028.414487][ C1] ? futex_exit_release+0x220/0x220 [ 1028.419660][ C1] ? lock_downgrade+0x820/0x820 [ 1028.424488][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1028.430814][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1028.435848][ C1] ? __might_fault+0x190/0x1d0 [ 1028.440716][ C1] ? _copy_to_user+0x126/0x160 [ 1028.445461][ C1] __x64_sys_futex+0x378/0x4e0 [ 1028.450203][ C1] ? do_futex+0x1a60/0x1a60 [ 1028.454682][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1028.460297][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1028.465452][ C1] ? do_syscall_64+0x1c/0xe0 [ 1028.470228][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1028.476443][ C1] do_syscall_64+0x60/0xe0 [ 1028.480854][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1028.486856][ C1] RIP: 0033:0x45cb29 [ 1028.490834][ C1] Code: Bad RIP value. [ 1028.495264][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1028.503757][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1028.511716][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1028.519669][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1028.527616][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1028.535693][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1028.543657][ C1] syz-executor.1 S29976 15979 6984 0x00000000 [ 1028.549983][ C1] Call Trace: [ 1028.553255][ C1] __schedule+0x8e1/0x1eb0 [ 1028.557661][ C1] ? io_schedule_timeout+0x140/0x140 [ 1028.563068][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1028.568626][ C1] schedule+0xd0/0x2a0 [ 1028.572875][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1028.578043][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1028.583323][ C1] ? futex_wake+0x1b5/0x490 [ 1028.587831][ C1] ? find_held_lock+0x2d/0x110 [ 1028.592607][ C1] futex_wait+0x1df/0x560 [ 1028.596942][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1028.601953][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1028.606872][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1028.612049][ C1] ? futex_wake+0x155/0x490 [ 1028.616539][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1028.622491][ C1] ? lock_downgrade+0x820/0x820 [ 1028.627316][ C1] do_futex+0x15b/0x1a60 [ 1028.631539][ C1] ? lock_acquire+0x1f1/0xad0 [ 1028.636222][ C1] ? __might_fault+0xef/0x1d0 [ 1028.640888][ C1] ? find_held_lock+0x2d/0x110 [ 1028.645634][ C1] ? futex_exit_release+0x220/0x220 [ 1028.650808][ C1] ? lock_downgrade+0x820/0x820 [ 1028.655636][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1028.661865][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1028.667132][ C1] ? __might_fault+0x190/0x1d0 [ 1028.672045][ C1] ? _copy_to_user+0x126/0x160 [ 1028.676809][ C1] __x64_sys_futex+0x378/0x4e0 [ 1028.681574][ C1] ? do_futex+0x1a60/0x1a60 [ 1028.686069][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1028.691915][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1028.696856][ C1] ? do_syscall_64+0x1c/0xe0 [ 1028.701535][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1028.707506][ C1] do_syscall_64+0x60/0xe0 [ 1028.711912][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1028.717783][ C1] RIP: 0033:0x45cb29 [ 1028.721648][ C1] Code: Bad RIP value. [ 1028.725952][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1028.734371][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1028.742331][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1028.751944][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1028.760212][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1028.768182][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1028.776173][ C1] syz-executor.1 S29728 15993 6984 0x00000000 [ 1028.782487][ C1] Call Trace: [ 1028.785940][ C1] __schedule+0x8e1/0x1eb0 [ 1028.791305][ C1] ? io_schedule_timeout+0x140/0x140 [ 1028.797284][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1028.802738][ C1] schedule+0xd0/0x2a0 [ 1028.807356][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1028.813687][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1028.818955][ C1] ? futex_wake+0x1b5/0x490 [ 1028.823468][ C1] ? find_held_lock+0x2d/0x110 [ 1028.828324][ C1] futex_wait+0x1df/0x560 [ 1028.832644][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1028.837643][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1028.842585][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1028.848023][ C1] ? futex_wake+0x155/0x490 [ 1028.852597][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1028.858553][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1028.864434][ C1] do_futex+0x15b/0x1a60 [ 1028.868707][ C1] ? lock_acquire+0x1f1/0xad0 [ 1028.875727][ C1] ? __might_fault+0xef/0x1d0 [ 1028.880517][ C1] ? find_held_lock+0x2d/0x110 [ 1028.885283][ C1] ? futex_exit_release+0x220/0x220 [ 1028.890471][ C1] ? lock_downgrade+0x820/0x820 [ 1028.895324][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1028.901540][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1028.906576][ C1] ? __might_fault+0x190/0x1d0 [ 1028.911684][ C1] ? _copy_to_user+0x126/0x160 [ 1028.916442][ C1] __x64_sys_futex+0x378/0x4e0 [ 1028.921210][ C1] ? do_futex+0x1a60/0x1a60 [ 1028.925712][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1028.931321][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1028.936234][ C1] ? do_syscall_64+0x1c/0xe0 [ 1028.940811][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1028.946855][ C1] do_syscall_64+0x60/0xe0 [ 1028.951269][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1028.957399][ C1] RIP: 0033:0x45cb29 [ 1028.961262][ C1] Code: Bad RIP value. [ 1028.965314][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1028.973871][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1028.981850][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1028.989821][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1028.997774][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1029.005721][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1029.013683][ C1] syz-executor.1 S29976 15995 6984 0x00000000 [ 1029.019995][ C1] Call Trace: [ 1029.023264][ C1] __schedule+0x8e1/0x1eb0 [ 1029.027842][ C1] ? io_schedule_timeout+0x140/0x140 [ 1029.033110][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1029.038558][ C1] schedule+0xd0/0x2a0 [ 1029.042613][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1029.047703][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1029.052873][ C1] ? futex_wake+0x1b5/0x490 [ 1029.057532][ C1] ? find_held_lock+0x2d/0x110 [ 1029.062273][ C1] futex_wait+0x1df/0x560 [ 1029.066677][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1029.071674][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1029.076593][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1029.081765][ C1] ? futex_wake+0x155/0x490 [ 1029.086250][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1029.092214][ C1] ? lock_downgrade+0x820/0x820 [ 1029.097044][ C1] do_futex+0x15b/0x1a60 [ 1029.101266][ C1] ? lock_acquire+0x1f1/0xad0 [ 1029.105922][ C1] ? __might_fault+0xef/0x1d0 [ 1029.110675][ C1] ? find_held_lock+0x2d/0x110 [ 1029.115426][ C1] ? futex_exit_release+0x220/0x220 [ 1029.120601][ C1] ? lock_downgrade+0x820/0x820 [ 1029.125425][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1029.131654][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1029.136657][ C1] ? __might_fault+0x190/0x1d0 [ 1029.141408][ C1] ? _copy_to_user+0x126/0x160 [ 1029.146150][ C1] __x64_sys_futex+0x378/0x4e0 [ 1029.150902][ C1] ? do_futex+0x1a60/0x1a60 [ 1029.155380][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1029.160987][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1029.165902][ C1] ? do_syscall_64+0x1c/0xe0 [ 1029.170475][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1029.176440][ C1] do_syscall_64+0x60/0xe0 [ 1029.180834][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1029.186707][ C1] RIP: 0033:0x45cb29 [ 1029.190753][ C1] Code: Bad RIP value. [ 1029.194795][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1029.203318][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1029.211270][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1029.219220][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1029.227340][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1029.235397][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1029.243383][ C1] syz-executor.1 S29056 16000 6984 0x00000000 [ 1029.249734][ C1] Call Trace: [ 1029.253016][ C1] __schedule+0x8e1/0x1eb0 [ 1029.257418][ C1] ? io_schedule_timeout+0x140/0x140 [ 1029.262706][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1029.268146][ C1] schedule+0xd0/0x2a0 [ 1029.272206][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1029.277305][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1029.282836][ C1] ? futex_wake+0x1b5/0x490 [ 1029.288556][ C1] ? find_held_lock+0x2d/0x110 [ 1029.293589][ C1] futex_wait+0x1df/0x560 [ 1029.297980][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1029.303000][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1029.307928][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1029.313115][ C1] ? futex_wake+0x155/0x490 [ 1029.317607][ C1] ? lock_downgrade+0x820/0x820 [ 1029.322448][ C1] do_futex+0x15b/0x1a60 [ 1029.326703][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1029.332036][ C1] ? _raw_spin_unlock+0x24/0x40 [ 1029.336989][ C1] ? do_wp_page+0x16a/0x1950 [ 1029.341686][ C1] ? futex_exit_release+0x220/0x220 [ 1029.346885][ C1] ? handle_mm_fault+0xad9/0x43f0 [ 1029.352014][ C1] ? find_held_lock+0x2d/0x110 [ 1029.356777][ C1] ? do_user_addr_fault+0x5e6/0xd00 [ 1029.362051][ C1] ? __up_read+0x1a1/0x7b0 [ 1029.366551][ C1] ? _down_write_nest_lock+0x150/0x150 [ 1029.372392][ C1] __x64_sys_futex+0x378/0x4e0 [ 1029.377301][ C1] ? do_futex+0x1a60/0x1a60 [ 1029.381894][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1029.386854][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1029.391910][ C1] ? do_syscall_64+0x1c/0xe0 [ 1029.396845][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1029.402820][ C1] do_syscall_64+0x60/0xe0 [ 1029.407245][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1029.413127][ C1] RIP: 0033:0x45cb29 [ 1029.416994][ C1] Code: Bad RIP value. [ 1029.421120][ C1] RSP: 002b:00007f57eaea0cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1029.429523][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1029.437476][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1029.445429][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1029.453502][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1029.461485][ C1] R13: 0000000000c9fb6f R14: 00007f57eaea19c0 R15: 000000000078bfac [ 1029.469545][ C1] syz-executor.1 S28384 16014 6984 0x00000000 [ 1029.476986][ C1] Call Trace: [ 1029.480258][ C1] __schedule+0x8e1/0x1eb0 [ 1029.484660][ C1] ? io_schedule_timeout+0x140/0x140 [ 1029.490073][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1029.495523][ C1] schedule+0xd0/0x2a0 [ 1029.499576][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1029.504799][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1029.509990][ C1] futex_wait+0x1df/0x560 [ 1029.514371][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1029.519376][ C1] ? mark_lock+0xbc/0x1710 [ 1029.523771][ C1] ? hash_futex+0x12/0x200 [ 1029.528250][ C1] ? futex_wake+0x155/0x490 [ 1029.533041][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1029.538202][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1029.544365][ C1] do_futex+0x15b/0x1a60 [ 1029.548683][ C1] ? lock_acquire+0x1f1/0xad0 [ 1029.553335][ C1] ? __might_fault+0xef/0x1d0 [ 1029.558004][ C1] ? find_held_lock+0x2d/0x110 [ 1029.562742][ C1] ? futex_exit_release+0x220/0x220 [ 1029.567925][ C1] ? lock_downgrade+0x820/0x820 [ 1029.572790][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1029.579005][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1029.584027][ C1] ? __might_fault+0x190/0x1d0 [ 1029.588767][ C1] ? _copy_to_user+0x126/0x160 [ 1029.593508][ C1] __x64_sys_futex+0x378/0x4e0 [ 1029.598270][ C1] ? do_futex+0x1a60/0x1a60 [ 1029.602751][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1029.608454][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1029.613365][ C1] ? do_syscall_64+0x1c/0xe0 [ 1029.617930][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1029.624848][ C1] do_syscall_64+0x60/0xe0 [ 1029.629243][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1029.635112][ C1] RIP: 0033:0x45cb29 [ 1029.638974][ C1] Code: Bad RIP value. [ 1029.643024][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1029.651405][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1029.659367][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1029.667413][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1029.675376][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1029.683323][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1029.691301][ C1] syz-executor.1 S29736 16015 16014 0x00004000 [ 1029.697650][ C1] Call Trace: [ 1029.700925][ C1] __schedule+0x8e1/0x1eb0 [ 1029.705320][ C1] ? io_schedule_timeout+0x140/0x140 [ 1029.710580][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1029.716038][ C1] schedule+0xd0/0x2a0 [ 1029.720096][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1029.725192][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1029.730381][ C1] futex_wait+0x1df/0x560 [ 1029.734688][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1029.739700][ C1] ? mark_lock+0xbc/0x1710 [ 1029.744097][ C1] ? hash_futex+0x12/0x200 [ 1029.748486][ C1] ? futex_wake+0x155/0x490 [ 1029.752982][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1029.758019][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1029.764003][ C1] ? lock_downgrade+0x820/0x820 [ 1029.768849][ C1] do_futex+0x15b/0x1a60 [ 1029.773080][ C1] ? lock_acquire+0x1f1/0xad0 [ 1029.777738][ C1] ? __might_fault+0xef/0x1d0 [ 1029.782395][ C1] ? find_held_lock+0x2d/0x110 [ 1029.787219][ C1] ? futex_exit_release+0x220/0x220 [ 1029.792441][ C1] ? lock_downgrade+0x820/0x820 [ 1029.797275][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1029.803496][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1029.808497][ C1] ? __might_fault+0x190/0x1d0 [ 1029.813243][ C1] ? _copy_to_user+0x126/0x160 [ 1029.818004][ C1] __x64_sys_futex+0x378/0x4e0 [ 1029.822767][ C1] ? do_futex+0x1a60/0x1a60 [ 1029.827258][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1029.832882][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1029.837794][ C1] ? do_syscall_64+0x1c/0xe0 [ 1029.842361][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1029.848316][ C1] do_syscall_64+0x60/0xe0 [ 1029.852707][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1029.858583][ C1] RIP: 0033:0x45cb29 [ 1029.862467][ C1] Code: Bad RIP value. [ 1029.866521][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1029.874906][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1029.882853][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1029.890808][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1029.898756][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1029.906714][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1029.914699][ C1] syz-executor.1 S29976 16028 16014 0x00000000 [ 1029.921021][ C1] Call Trace: [ 1029.924304][ C1] __schedule+0x8e1/0x1eb0 [ 1029.928730][ C1] ? io_schedule_timeout+0x140/0x140 [ 1029.934353][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1029.939795][ C1] schedule+0xd0/0x2a0 [ 1029.944903][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1029.949991][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1029.955162][ C1] ? futex_wake+0x1b5/0x490 [ 1029.959652][ C1] ? find_held_lock+0x2d/0x110 [ 1029.964395][ C1] futex_wait+0x1df/0x560 [ 1029.968708][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1029.973715][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1029.978629][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1029.983818][ C1] ? futex_wake+0x155/0x490 [ 1029.988307][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1029.994274][ C1] ? lock_downgrade+0x820/0x820 [ 1029.999103][ C1] do_futex+0x15b/0x1a60 [ 1030.003329][ C1] ? lock_acquire+0x1f1/0xad0 [ 1030.008081][ C1] ? __might_fault+0xef/0x1d0 [ 1030.012740][ C1] ? find_held_lock+0x2d/0x110 [ 1030.017503][ C1] ? futex_exit_release+0x220/0x220 [ 1030.022766][ C1] ? lock_downgrade+0x820/0x820 [ 1030.028161][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1030.034446][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1030.039558][ C1] ? __might_fault+0x190/0x1d0 [ 1030.044298][ C1] ? _copy_to_user+0x126/0x160 [ 1030.049042][ C1] __x64_sys_futex+0x378/0x4e0 [ 1030.053784][ C1] ? do_futex+0x1a60/0x1a60 [ 1030.058376][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1030.063997][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1030.069269][ C1] ? do_syscall_64+0x1c/0xe0 [ 1030.073868][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1030.080183][ C1] do_syscall_64+0x60/0xe0 [ 1030.084775][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1030.090708][ C1] RIP: 0033:0x45cb29 [ 1030.094581][ C1] Code: Bad RIP value. [ 1030.098670][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1030.107230][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1030.115193][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1030.123140][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1030.131087][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1030.139032][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1030.146992][ C1] syz-executor.1 S29976 16045 6984 0x00000000 [ 1030.153307][ C1] Call Trace: [ 1030.156581][ C1] __schedule+0x8e1/0x1eb0 [ 1030.160977][ C1] ? io_schedule_timeout+0x140/0x140 [ 1030.166432][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1030.171990][ C1] schedule+0xd0/0x2a0 [ 1030.176050][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1030.181154][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1030.186343][ C1] ? futex_wake+0x1b5/0x490 [ 1030.190829][ C1] ? find_held_lock+0x2d/0x110 [ 1030.195580][ C1] futex_wait+0x1df/0x560 [ 1030.199903][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1030.205039][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1030.210066][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1030.215346][ C1] ? futex_wake+0x155/0x490 [ 1030.220272][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1030.226624][ C1] ? lock_downgrade+0x820/0x820 [ 1030.231466][ C1] do_futex+0x15b/0x1a60 [ 1030.235719][ C1] ? lock_acquire+0x1f1/0xad0 [ 1030.240386][ C1] ? __might_fault+0xef/0x1d0 [ 1030.245038][ C1] ? find_held_lock+0x2d/0x110 [ 1030.249793][ C1] ? futex_exit_release+0x220/0x220 [ 1030.254968][ C1] ? lock_downgrade+0x820/0x820 [ 1030.260078][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1030.266297][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1030.271411][ C1] ? __might_fault+0x190/0x1d0 [ 1030.276276][ C1] ? _copy_to_user+0x126/0x160 [ 1030.281055][ C1] __x64_sys_futex+0x378/0x4e0 [ 1030.285864][ C1] ? do_futex+0x1a60/0x1a60 [ 1030.290344][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1030.295970][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1030.300884][ C1] ? do_syscall_64+0x1c/0xe0 [ 1030.305454][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1030.312021][ C1] do_syscall_64+0x60/0xe0 [ 1030.316414][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1030.322376][ C1] RIP: 0033:0x45cb29 [ 1030.327913][ C1] Code: Bad RIP value. [ 1030.332747][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1030.341137][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1030.349253][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1030.357762][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1030.366701][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1030.374670][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1030.383446][ C1] syz-executor.1 S29976 16060 6984 0x00000000 [ 1030.392057][ C1] Call Trace: [ 1030.395363][ C1] __schedule+0x8e1/0x1eb0 [ 1030.399763][ C1] ? io_schedule_timeout+0x140/0x140 [ 1030.405216][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1030.410670][ C1] schedule+0xd0/0x2a0 [ 1030.414807][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1030.421351][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1030.426538][ C1] ? futex_wake+0x1b5/0x490 [ 1030.431022][ C1] ? find_held_lock+0x2d/0x110 [ 1030.435763][ C1] futex_wait+0x1df/0x560 [ 1030.440071][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1030.445154][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1030.450095][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1030.455368][ C1] ? futex_wake+0x155/0x490 [ 1030.459858][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1030.465814][ C1] ? lock_downgrade+0x820/0x820 [ 1030.470643][ C1] do_futex+0x15b/0x1a60 [ 1030.475144][ C1] ? lock_acquire+0x1f1/0xad0 [ 1030.479822][ C1] ? __might_fault+0xef/0x1d0 [ 1030.484485][ C1] ? find_held_lock+0x2d/0x110 [ 1030.489662][ C1] ? futex_exit_release+0x220/0x220 [ 1030.494868][ C1] ? lock_downgrade+0x820/0x820 [ 1030.505695][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1030.512172][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1030.518193][ C1] ? __might_fault+0x190/0x1d0 [ 1030.523070][ C1] ? _copy_to_user+0x126/0x160 [ 1030.528283][ C1] __x64_sys_futex+0x378/0x4e0 [ 1030.533051][ C1] ? do_futex+0x1a60/0x1a60 [ 1030.537622][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1030.543259][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1030.548184][ C1] ? do_syscall_64+0x1c/0xe0 [ 1030.552753][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1030.558896][ C1] do_syscall_64+0x60/0xe0 [ 1030.563290][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1030.569171][ C1] RIP: 0033:0x45cb29 [ 1030.573119][ C1] Code: Bad RIP value. [ 1030.577162][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1030.585562][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1030.593804][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1030.601774][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1030.609749][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1030.617708][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1030.625674][ C1] syz-executor.1 S28600 16075 6984 0x00000000 [ 1030.631998][ C1] Call Trace: [ 1030.635269][ C1] __schedule+0x8e1/0x1eb0 [ 1030.639677][ C1] ? io_schedule_timeout+0x140/0x140 [ 1030.644943][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1030.650395][ C1] schedule+0xd0/0x2a0 [ 1030.654452][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1030.659541][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1030.664738][ C1] ? futex_wake+0x1b5/0x490 [ 1030.669330][ C1] ? find_held_lock+0x2d/0x110 [ 1030.674081][ C1] futex_wait+0x1df/0x560 [ 1030.678412][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1030.683419][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1030.688335][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1030.693519][ C1] ? futex_wake+0x155/0x490 [ 1030.698018][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1030.704234][ C1] do_futex+0x15b/0x1a60 [ 1030.708573][ C1] ? lock_acquire+0x1f1/0xad0 [ 1030.713232][ C1] ? __might_fault+0xef/0x1d0 [ 1030.717881][ C1] ? find_held_lock+0x2d/0x110 [ 1030.722627][ C1] ? futex_exit_release+0x220/0x220 [ 1030.727807][ C1] ? lock_downgrade+0x820/0x820 [ 1030.732644][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1030.738879][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1030.743883][ C1] ? __might_fault+0x190/0x1d0 [ 1030.748622][ C1] ? _copy_to_user+0x126/0x160 [ 1030.753449][ C1] __x64_sys_futex+0x378/0x4e0 [ 1030.758202][ C1] ? do_futex+0x1a60/0x1a60 [ 1030.762709][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1030.768350][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1030.773277][ C1] ? do_syscall_64+0x1c/0xe0 [ 1030.777853][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1030.783815][ C1] do_syscall_64+0x60/0xe0 [ 1030.788208][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1030.794074][ C1] RIP: 0033:0x45cb29 [ 1030.797951][ C1] Code: Bad RIP value. [ 1030.802075][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1030.810472][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1030.818419][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1030.826365][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1030.834331][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1030.842276][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1030.850247][ C1] syz-executor.1 S29976 16076 16075 0x00000000 [ 1030.857427][ C1] Call Trace: [ 1030.860698][ C1] __schedule+0x8e1/0x1eb0 [ 1030.865103][ C1] ? io_schedule_timeout+0x140/0x140 [ 1030.870376][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1030.875824][ C1] schedule+0xd0/0x2a0 [ 1030.879870][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1030.884968][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1030.890137][ C1] ? futex_wake+0x1b5/0x490 [ 1030.894613][ C1] ? find_held_lock+0x2d/0x110 [ 1030.899354][ C1] futex_wait+0x1df/0x560 [ 1030.903673][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1030.908672][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1030.913588][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1030.918762][ C1] ? futex_wake+0x155/0x490 [ 1030.923245][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1030.929220][ C1] ? lock_downgrade+0x820/0x820 [ 1030.934044][ C1] do_futex+0x15b/0x1a60 [ 1030.938265][ C1] ? lock_acquire+0x1f1/0xad0 [ 1030.942913][ C1] ? __might_fault+0xef/0x1d0 [ 1030.947736][ C1] ? find_held_lock+0x2d/0x110 [ 1030.952493][ C1] ? futex_exit_release+0x220/0x220 [ 1030.958794][ C1] ? lock_downgrade+0x820/0x820 [ 1030.963618][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1030.969832][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1030.974950][ C1] ? __might_fault+0x190/0x1d0 [ 1030.979729][ C1] ? _copy_to_user+0x126/0x160 [ 1030.984495][ C1] __x64_sys_futex+0x378/0x4e0 [ 1030.989245][ C1] ? do_futex+0x1a60/0x1a60 [ 1030.993738][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1030.999358][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1031.004279][ C1] ? do_syscall_64+0x1c/0xe0 [ 1031.008857][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1031.014844][ C1] do_syscall_64+0x60/0xe0 [ 1031.019243][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1031.025107][ C1] RIP: 0033:0x45cb29 [ 1031.028968][ C1] Code: Bad RIP value. [ 1031.033013][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1031.041394][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1031.049336][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1031.057290][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1031.065246][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1031.073200][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1031.081158][ C1] syz-executor.1 S29976 16091 16075 0x00000000 [ 1031.087478][ C1] Call Trace: [ 1031.090747][ C1] __schedule+0x8e1/0x1eb0 [ 1031.095158][ C1] ? io_schedule_timeout+0x140/0x140 [ 1031.100518][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1031.105969][ C1] schedule+0xd0/0x2a0 [ 1031.110012][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1031.115096][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1031.120279][ C1] ? futex_wake+0x1b5/0x490 [ 1031.124756][ C1] ? find_held_lock+0x2d/0x110 [ 1031.129494][ C1] futex_wait+0x1df/0x560 [ 1031.133799][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1031.138824][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1031.143739][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1031.148923][ C1] ? futex_wake+0x155/0x490 [ 1031.153424][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1031.159379][ C1] ? lock_downgrade+0x820/0x820 [ 1031.164208][ C1] do_futex+0x15b/0x1a60 [ 1031.168430][ C1] ? lock_acquire+0x1f1/0xad0 [ 1031.173093][ C1] ? __might_fault+0xef/0x1d0 [ 1031.177744][ C1] ? find_held_lock+0x2d/0x110 [ 1031.182483][ C1] ? futex_exit_release+0x220/0x220 [ 1031.187654][ C1] ? lock_downgrade+0x820/0x820 [ 1031.192492][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1031.199102][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1031.204175][ C1] ? __might_fault+0x190/0x1d0 [ 1031.208940][ C1] ? _copy_to_user+0x126/0x160 [ 1031.213687][ C1] __x64_sys_futex+0x378/0x4e0 [ 1031.218432][ C1] ? do_futex+0x1a60/0x1a60 [ 1031.222911][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1031.228531][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1031.233451][ C1] ? do_syscall_64+0x1c/0xe0 [ 1031.238036][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1031.244009][ C1] do_syscall_64+0x60/0xe0 [ 1031.249924][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1031.256624][ C1] RIP: 0033:0x45cb29 [ 1031.260500][ C1] Code: Bad RIP value. [ 1031.264685][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1031.273087][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1031.281299][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1031.292828][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1031.303018][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1031.312649][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1031.321443][ C1] syz-executor.1 S28896 16106 6984 0x00000000 [ 1031.327962][ C1] Call Trace: [ 1031.331247][ C1] __schedule+0x8e1/0x1eb0 [ 1031.335657][ C1] ? io_schedule_timeout+0x140/0x140 [ 1031.340943][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1031.346834][ C1] schedule+0xd0/0x2a0 [ 1031.354257][ C1] schedule_timeout+0x1d8/0x250 [ 1031.361950][ C1] ? usleep_range+0x170/0x170 [ 1031.367376][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1031.374238][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1031.380861][ C1] ? prepare_to_wait_exclusive+0x121/0x2d0 [ 1031.387012][ C1] ? __wake_up_locked_sync_key+0x20/0x20 [ 1031.393915][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1031.399823][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1031.406048][ C1] __skb_wait_for_more_packets+0x30f/0x580 [ 1031.413140][ C1] ? skb_free_datagram+0xf0/0xf0 [ 1031.418085][ C1] ? proto_seq_start+0x50/0x50 [ 1031.423013][ C1] ? skb_segment.cold+0x38/0x38 [ 1031.427856][ C1] ? mark_lock+0xbc/0x1710 [ 1031.438776][ C1] __skb_recv_datagram+0x171/0x220 [ 1031.443869][ C1] ? __skb_try_recv_datagram+0x3d0/0x3d0 [ 1031.449605][ C1] ? perf_sched_cb_inc+0x250/0x250 [ 1031.455431][ C1] ? __schedule+0x887/0x1eb0 [ 1031.460030][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1031.465023][ C1] skb_recv_datagram+0xa7/0xe0 [ 1031.471680][ C1] ? __skb_recv_datagram+0x220/0x220 [ 1031.477183][ C1] ? aa_sk_perm+0x316/0xaa0 [ 1031.481680][ C1] ? __might_fault+0xef/0x1d0 [ 1031.486417][ C1] raw_recvmsg+0xab/0x550 [ 1031.490744][ C1] ? raw_release+0x890/0x890 [ 1031.495323][ C1] ? security_socket_recvmsg+0x8f/0xc0 [ 1031.500782][ C1] ? raw_release+0x890/0x890 [ 1031.505410][ C1] ____sys_recvmsg+0x2c4/0x640 [ 1031.510195][ C1] ? move_addr_to_kernel.part.0+0x110/0x110 [ 1031.516205][ C1] ? __copy_msghdr_from_user+0x2b4/0x4b0 [ 1031.521819][ C1] ? import_iovec+0x23b/0x3d0 [ 1031.526473][ C1] ? compat_import_iovec+0x3d0/0x3d0 [ 1031.531744][ C1] ___sys_recvmsg+0x127/0x200 [ 1031.538341][ C1] ? __copy_msghdr_from_user+0x4b0/0x4b0 [ 1031.545647][ C1] ? lock_downgrade+0x820/0x820 [ 1031.550488][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1031.555515][ C1] ? __fget_files+0x294/0x400 [ 1031.560173][ C1] ? __fget_light+0xea/0x280 [ 1031.564862][ C1] do_recvmmsg+0x24d/0x6d0 [ 1031.569364][ C1] ? ___sys_recvmsg+0x200/0x200 [ 1031.574464][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1031.580709][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1031.585945][ C1] ? put_timespec64+0xcb/0x120 [ 1031.591056][ C1] ? ns_to_timespec64+0xc0/0xc0 [ 1031.595910][ C1] __x64_sys_recvmmsg+0x20b/0x260 [ 1031.602953][ C1] ? __do_sys_socketcall+0x550/0x550 [ 1031.608487][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1031.614197][ C1] ? do_syscall_64+0x1c/0xe0 [ 1031.618778][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1031.624741][ C1] do_syscall_64+0x60/0xe0 [ 1031.629137][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1031.635115][ C1] RIP: 0033:0x45cb29 [ 1031.639681][ C1] Code: Bad RIP value. [ 1031.647330][ C1] RSP: 002b:00007f57eaec1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1031.655906][ C1] RAX: ffffffffffffffda RBX: 00000000004fc820 RCX: 000000000045cb29 [ 1031.663886][ C1] RDX: 0000000000000001 RSI: 0000000020000cc0 RDI: 0000000000000003 [ 1031.674063][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1031.682666][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 1031.690640][ C1] R13: 00000000000008c7 R14: 00000000004cbb2f R15: 00007f57eaec26d4 [ 1031.698625][ C1] syz-executor.1 S29976 16109 16106 0x00000000 [ 1031.704964][ C1] Call Trace: [ 1031.708264][ C1] __schedule+0x8e1/0x1eb0 [ 1031.712923][ C1] ? io_schedule_timeout+0x140/0x140 [ 1031.718296][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1031.723741][ C1] schedule+0xd0/0x2a0 [ 1031.727791][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1031.732905][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1031.738080][ C1] ? futex_wake+0x1b5/0x490 [ 1031.744913][ C1] ? find_held_lock+0x2d/0x110 [ 1031.751439][ C1] futex_wait+0x1df/0x560 [ 1031.757652][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1031.762660][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1031.767733][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1031.772916][ C1] ? futex_wake+0x155/0x490 [ 1031.777422][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1031.785773][ C1] ? lock_downgrade+0x820/0x820 [ 1031.790814][ C1] do_futex+0x15b/0x1a60 [ 1031.795068][ C1] ? lock_acquire+0x1f1/0xad0 [ 1031.799792][ C1] ? __might_fault+0xef/0x1d0 [ 1031.804475][ C1] ? find_held_lock+0x2d/0x110 [ 1031.809229][ C1] ? futex_exit_release+0x220/0x220 [ 1031.815610][ C1] ? lock_downgrade+0x820/0x820 [ 1031.820934][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1031.828059][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1031.834434][ C1] ? __might_fault+0x190/0x1d0 [ 1031.839179][ C1] ? _copy_to_user+0x126/0x160 [ 1031.843928][ C1] __x64_sys_futex+0x378/0x4e0 [ 1031.848698][ C1] ? do_futex+0x1a60/0x1a60 [ 1031.853190][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1031.860133][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1031.866230][ C1] ? do_syscall_64+0x1c/0xe0 [ 1031.871848][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1031.877822][ C1] do_syscall_64+0x60/0xe0 [ 1031.882246][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1031.890439][ C1] RIP: 0033:0x45cb29 [ 1031.895557][ C1] Code: Bad RIP value. [ 1031.902417][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1031.911401][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1031.919373][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1031.927322][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1031.935949][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1031.944088][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1031.952173][ C1] syz-executor.1 S29976 16125 6984 0x00000000 [ 1031.958859][ C1] Call Trace: [ 1031.964872][ C1] __schedule+0x8e1/0x1eb0 [ 1031.969536][ C1] ? io_schedule_timeout+0x140/0x140 [ 1031.974948][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1031.983171][ C1] schedule+0xd0/0x2a0 [ 1031.988967][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1031.994056][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1031.999259][ C1] futex_wait+0x1df/0x560 [ 1032.003568][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1032.009110][ C1] ? mark_lock+0xbc/0x1710 [ 1032.013993][ C1] ? hash_futex+0x12/0x200 [ 1032.018443][ C1] ? futex_wake+0x155/0x490 [ 1032.022931][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1032.027959][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1032.033920][ C1] ? lock_downgrade+0x820/0x820 [ 1032.039543][ C1] do_futex+0x15b/0x1a60 [ 1032.044085][ C1] ? lock_acquire+0x1f1/0xad0 [ 1032.049060][ C1] ? __might_fault+0xef/0x1d0 [ 1032.053953][ C1] ? find_held_lock+0x2d/0x110 [ 1032.063869][ C1] ? futex_exit_release+0x220/0x220 [ 1032.069233][ C1] ? lock_downgrade+0x820/0x820 [ 1032.074068][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1032.080471][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1032.086205][ C1] ? __might_fault+0x190/0x1d0 [ 1032.091518][ C1] ? _copy_to_user+0x126/0x160 [ 1032.096274][ C1] __x64_sys_futex+0x378/0x4e0 [ 1032.101023][ C1] ? do_futex+0x1a60/0x1a60 [ 1032.105510][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1032.111121][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1032.118116][ C1] ? do_syscall_64+0x1c/0xe0 [ 1032.122900][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1032.132817][ C1] do_syscall_64+0x60/0xe0 [ 1032.141502][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1032.147902][ C1] RIP: 0033:0x45cb29 [ 1032.151784][ C1] Code: Bad RIP value. [ 1032.155963][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1032.164702][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1032.172692][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1032.180668][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1032.188660][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1032.198295][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1032.206402][ C1] syz-executor.1 S28384 16133 6984 0x00000000 [ 1032.212743][ C1] Call Trace: [ 1032.217128][ C1] __schedule+0x8e1/0x1eb0 [ 1032.221744][ C1] ? io_schedule_timeout+0x140/0x140 [ 1032.227015][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1032.232462][ C1] schedule+0xd0/0x2a0 [ 1032.236530][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1032.241793][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1032.246999][ C1] futex_wait+0x1df/0x560 [ 1032.251410][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1032.256408][ C1] ? mark_lock+0xbc/0x1710 [ 1032.260802][ C1] ? mark_lock+0xbc/0x1710 [ 1032.265214][ C1] ? hash_futex+0x12/0x200 [ 1032.270439][ C1] ? futex_wake+0x155/0x490 [ 1032.276455][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1032.281666][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1032.288013][ C1] do_futex+0x15b/0x1a60 [ 1032.292946][ C1] ? lock_acquire+0x1f1/0xad0 [ 1032.297633][ C1] ? __might_fault+0xef/0x1d0 [ 1032.302297][ C1] ? find_held_lock+0x2d/0x110 [ 1032.307045][ C1] ? futex_exit_release+0x220/0x220 [ 1032.312222][ C1] ? lock_downgrade+0x820/0x820 [ 1032.317053][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1032.323547][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1032.328664][ C1] ? __might_fault+0x190/0x1d0 [ 1032.333407][ C1] ? _copy_to_user+0x126/0x160 [ 1032.338149][ C1] __x64_sys_futex+0x378/0x4e0 [ 1032.342904][ C1] ? do_futex+0x1a60/0x1a60 [ 1032.347455][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1032.353423][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1032.358786][ C1] ? do_syscall_64+0x1c/0xe0 [ 1032.363369][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1032.370958][ C1] do_syscall_64+0x60/0xe0 [ 1032.375590][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1032.381570][ C1] RIP: 0033:0x45cb29 [ 1032.385463][ C1] Code: Bad RIP value. [ 1032.389510][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1032.397914][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1032.405863][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1032.414193][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1032.422139][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1032.430085][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1032.438569][ C1] syz-executor.1 S29976 16135 16133 0x00000000 [ 1032.444880][ C1] Call Trace: [ 1032.448150][ C1] __schedule+0x8e1/0x1eb0 [ 1032.453088][ C1] ? io_schedule_timeout+0x140/0x140 [ 1032.458372][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1032.463810][ C1] schedule+0xd0/0x2a0 [ 1032.467856][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1032.472956][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1032.478129][ C1] ? futex_wake+0x1b5/0x490 [ 1032.482635][ C1] ? find_held_lock+0x2d/0x110 [ 1032.487421][ C1] futex_wait+0x1df/0x560 [ 1032.491769][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1032.496771][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1032.501712][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1032.506895][ C1] ? futex_wake+0x155/0x490 [ 1032.511407][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1032.517389][ C1] ? lock_downgrade+0x820/0x820 [ 1032.522226][ C1] do_futex+0x15b/0x1a60 [ 1032.526473][ C1] ? lock_acquire+0x1f1/0xad0 [ 1032.531414][ C1] ? __might_fault+0xef/0x1d0 [ 1032.536075][ C1] ? find_held_lock+0x2d/0x110 [ 1032.540826][ C1] ? futex_exit_release+0x220/0x220 [ 1032.546006][ C1] ? lock_downgrade+0x820/0x820 [ 1032.551102][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1032.557318][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1032.562335][ C1] ? __might_fault+0x190/0x1d0 [ 1032.567989][ C1] ? _copy_to_user+0x126/0x160 [ 1032.572860][ C1] __x64_sys_futex+0x378/0x4e0 [ 1032.577613][ C1] ? do_futex+0x1a60/0x1a60 [ 1032.582114][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1032.587818][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1032.592731][ C1] ? do_syscall_64+0x1c/0xe0 [ 1032.597298][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1032.603382][ C1] do_syscall_64+0x60/0xe0 [ 1032.608284][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1032.614173][ C1] RIP: 0033:0x45cb29 [ 1032.618049][ C1] Code: Bad RIP value. [ 1032.622091][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1032.630824][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1032.638770][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1032.648273][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1032.656282][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1032.664238][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1032.672429][ C1] syz-executor.1 S29976 16148 16133 0x00000000 [ 1032.678750][ C1] Call Trace: [ 1032.682212][ C1] __schedule+0x8e1/0x1eb0 [ 1032.687176][ C1] ? io_schedule_timeout+0x140/0x140 [ 1032.692441][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1032.697879][ C1] schedule+0xd0/0x2a0 [ 1032.702025][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1032.707113][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1032.712282][ C1] ? futex_wake+0x1b5/0x490 [ 1032.716821][ C1] ? find_held_lock+0x2d/0x110 [ 1032.721770][ C1] futex_wait+0x1df/0x560 [ 1032.726353][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1032.731352][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1032.736287][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1032.741562][ C1] ? futex_wake+0x155/0x490 [ 1032.746049][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1032.752002][ C1] ? lock_downgrade+0x820/0x820 [ 1032.757129][ C1] do_futex+0x15b/0x1a60 [ 1032.762480][ C1] ? lock_acquire+0x1f1/0xad0 [ 1032.767131][ C1] ? __might_fault+0xef/0x1d0 [ 1032.771782][ C1] ? find_held_lock+0x2d/0x110 [ 1032.776522][ C1] ? futex_exit_release+0x220/0x220 [ 1032.781723][ C1] ? lock_downgrade+0x820/0x820 [ 1032.786550][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1032.793837][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1032.799449][ C1] ? __might_fault+0x190/0x1d0 [ 1032.805162][ C1] ? _copy_to_user+0x126/0x160 [ 1032.809906][ C1] __x64_sys_futex+0x378/0x4e0 [ 1032.814648][ C1] ? do_futex+0x1a60/0x1a60 [ 1032.819140][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1032.824765][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1032.829723][ C1] ? do_syscall_64+0x1c/0xe0 [ 1032.834944][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1032.841020][ C1] do_syscall_64+0x60/0xe0 [ 1032.845463][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1032.851335][ C1] RIP: 0033:0x45cb29 [ 1032.856270][ C1] Code: Bad RIP value. [ 1032.860311][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1032.868802][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1032.877469][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1032.885418][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1032.893451][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1032.901486][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1032.909664][ C1] syz-executor.1 S28928 16162 6984 0x00000000 [ 1032.916429][ C1] Call Trace: [ 1032.919702][ C1] __schedule+0x8e1/0x1eb0 [ 1032.924099][ C1] ? io_schedule_timeout+0x140/0x140 [ 1032.929784][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1032.935239][ C1] schedule+0xd0/0x2a0 [ 1032.939286][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1032.945085][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1032.950350][ C1] futex_wait+0x1df/0x560 [ 1032.954659][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1032.959664][ C1] ? mark_lock+0xbc/0x1710 [ 1032.964069][ C1] ? hash_futex+0x12/0x200 [ 1032.968826][ C1] ? futex_wake+0x155/0x490 [ 1032.973302][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1032.979268][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1032.987260][ C1] do_futex+0x15b/0x1a60 [ 1032.991497][ C1] ? lock_acquire+0x1f1/0xad0 [ 1032.996180][ C1] ? __might_fault+0xef/0x1d0 [ 1033.000839][ C1] ? find_held_lock+0x2d/0x110 [ 1033.005582][ C1] ? futex_exit_release+0x220/0x220 [ 1033.010760][ C1] ? lock_downgrade+0x820/0x820 [ 1033.016807][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1033.023401][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1033.028404][ C1] ? __might_fault+0x190/0x1d0 [ 1033.033265][ C1] ? _copy_to_user+0x126/0x160 [ 1033.038453][ C1] __x64_sys_futex+0x378/0x4e0 [ 1033.043281][ C1] ? do_futex+0x1a60/0x1a60 [ 1033.047957][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1033.054658][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1033.060116][ C1] ? do_syscall_64+0x1c/0xe0 [ 1033.064690][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1033.070656][ C1] do_syscall_64+0x60/0xe0 [ 1033.075274][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1033.081163][ C1] RIP: 0033:0x45cb29 [ 1033.086256][ C1] Code: Bad RIP value. [ 1033.090300][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1033.099814][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1033.108340][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1033.117515][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1033.126238][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1033.134204][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1033.142855][ C1] syz-executor.1 S29976 16165 16162 0x00000000 [ 1033.149185][ C1] Call Trace: [ 1033.156259][ C1] __schedule+0x8e1/0x1eb0 [ 1033.162036][ C1] ? io_schedule_timeout+0x140/0x140 [ 1033.167305][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1033.172913][ C1] schedule+0xd0/0x2a0 [ 1033.177049][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1033.182143][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1033.188032][ C1] ? futex_wake+0x1b5/0x490 [ 1033.192670][ C1] ? find_held_lock+0x2d/0x110 [ 1033.197575][ C1] futex_wait+0x1df/0x560 [ 1033.201896][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1033.206925][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1033.211842][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1033.217451][ C1] ? futex_wake+0x155/0x490 [ 1033.224501][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1033.231302][ C1] ? lock_downgrade+0x820/0x820 [ 1033.236136][ C1] do_futex+0x15b/0x1a60 [ 1033.240899][ C1] ? lock_acquire+0x1f1/0xad0 [ 1033.245554][ C1] ? __might_fault+0xef/0x1d0 [ 1033.251873][ C1] ? find_held_lock+0x2d/0x110 [ 1033.256700][ C1] ? futex_exit_release+0x220/0x220 [ 1033.262601][ C1] ? lock_downgrade+0x820/0x820 [ 1033.267429][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1033.273645][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1033.280213][ C1] ? __might_fault+0x190/0x1d0 [ 1033.285720][ C1] ? _copy_to_user+0x126/0x160 [ 1033.290556][ C1] __x64_sys_futex+0x378/0x4e0 [ 1033.295384][ C1] ? do_futex+0x1a60/0x1a60 [ 1033.300315][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1033.305942][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1033.310881][ C1] ? do_syscall_64+0x1c/0xe0 [ 1033.315465][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1033.321611][ C1] do_syscall_64+0x60/0xe0 [ 1033.326028][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1033.331900][ C1] RIP: 0033:0x45cb29 [ 1033.335794][ C1] Code: Bad RIP value. [ 1033.339843][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1033.348782][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1033.357294][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1033.366131][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1033.374167][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1033.382305][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1033.390271][ C1] syz-executor.1 S29976 16179 16162 0x00000000 [ 1033.396605][ C1] Call Trace: [ 1033.399877][ C1] __schedule+0x8e1/0x1eb0 [ 1033.404272][ C1] ? io_schedule_timeout+0x140/0x140 [ 1033.409550][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1033.415012][ C1] schedule+0xd0/0x2a0 [ 1033.419199][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1033.424607][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1033.429910][ C1] futex_wait+0x1df/0x560 [ 1033.434276][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1033.439310][ C1] ? mark_lock+0xbc/0x1710 [ 1033.443714][ C1] ? hash_futex+0x12/0x200 [ 1033.448117][ C1] ? futex_wake+0x155/0x490 [ 1033.452603][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1033.458066][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1033.464146][ C1] ? lock_downgrade+0x820/0x820 [ 1033.468977][ C1] do_futex+0x15b/0x1a60 [ 1033.473403][ C1] ? lock_acquire+0x1f1/0xad0 [ 1033.478157][ C1] ? __might_fault+0xef/0x1d0 [ 1033.483447][ C1] ? find_held_lock+0x2d/0x110 [ 1033.488208][ C1] ? futex_exit_release+0x220/0x220 [ 1033.493446][ C1] ? lock_downgrade+0x820/0x820 [ 1033.498282][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1033.504592][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1033.509614][ C1] ? __might_fault+0x190/0x1d0 [ 1033.514360][ C1] ? _copy_to_user+0x126/0x160 [ 1033.519315][ C1] __x64_sys_futex+0x378/0x4e0 [ 1033.524086][ C1] ? do_futex+0x1a60/0x1a60 [ 1033.528739][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1033.534351][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1033.539265][ C1] ? do_syscall_64+0x1c/0xe0 [ 1033.543919][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1033.549891][ C1] do_syscall_64+0x60/0xe0 [ 1033.554459][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1033.560591][ C1] RIP: 0033:0x45cb29 [ 1033.564486][ C1] Code: Bad RIP value. [ 1033.568526][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1033.577253][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1033.585393][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1033.593341][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1033.601285][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1033.609232][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1033.617203][ C1] syz-executor.1 S28928 16192 6984 0x00000000 [ 1033.623514][ C1] Call Trace: [ 1033.626782][ C1] __schedule+0x8e1/0x1eb0 [ 1033.631177][ C1] ? io_schedule_timeout+0x140/0x140 [ 1033.636449][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1033.641896][ C1] schedule+0xd0/0x2a0 [ 1033.645952][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1033.651037][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1033.656209][ C1] ? find_held_lock+0x2d/0x110 [ 1033.660946][ C1] futex_wait+0x1df/0x560 [ 1033.665264][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1033.670425][ C1] ? mark_lock+0xbc/0x1710 [ 1033.674840][ C1] ? hash_futex+0x12/0x200 [ 1033.679266][ C1] ? futex_wake+0x155/0x490 [ 1033.683885][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1033.688910][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1033.694872][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1033.700657][ C1] do_futex+0x15b/0x1a60 [ 1033.704879][ C1] ? lock_acquire+0x1f1/0xad0 [ 1033.709529][ C1] ? __might_fault+0xef/0x1d0 [ 1033.714180][ C1] ? find_held_lock+0x2d/0x110 [ 1033.718916][ C1] ? futex_exit_release+0x220/0x220 [ 1033.724088][ C1] ? lock_downgrade+0x820/0x820 [ 1033.728930][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1033.735158][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1033.740176][ C1] ? __might_fault+0x190/0x1d0 [ 1033.744926][ C1] ? _copy_to_user+0x126/0x160 [ 1033.749677][ C1] __x64_sys_futex+0x378/0x4e0 [ 1033.754445][ C1] ? do_futex+0x1a60/0x1a60 [ 1033.758928][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1033.764555][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1033.769464][ C1] ? do_syscall_64+0x1c/0xe0 [ 1033.774028][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1033.780008][ C1] do_syscall_64+0x60/0xe0 [ 1033.784400][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1033.790268][ C1] RIP: 0033:0x45cb29 [ 1033.794157][ C1] Code: Bad RIP value. [ 1033.798223][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1033.806607][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1033.814551][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1033.822496][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1033.830440][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1033.838383][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1033.846949][ C1] syz-executor.1 S29976 16196 16192 0x00000000 [ 1033.853260][ C1] Call Trace: [ 1033.856809][ C1] __schedule+0x8e1/0x1eb0 [ 1033.861205][ C1] ? io_schedule_timeout+0x140/0x140 [ 1033.866958][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1033.872409][ C1] schedule+0xd0/0x2a0 [ 1033.876466][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1033.881739][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1033.886909][ C1] ? futex_wake+0x1b5/0x490 [ 1033.891387][ C1] ? find_held_lock+0x2d/0x110 [ 1033.896213][ C1] futex_wait+0x1df/0x560 [ 1033.900525][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1033.905523][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1033.910471][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1033.915871][ C1] ? futex_wake+0x155/0x490 [ 1033.920820][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1033.927058][ C1] ? lock_downgrade+0x820/0x820 [ 1033.931898][ C1] do_futex+0x15b/0x1a60 [ 1033.936127][ C1] ? lock_acquire+0x1f1/0xad0 [ 1033.940781][ C1] ? __might_fault+0xef/0x1d0 [ 1033.945437][ C1] ? find_held_lock+0x2d/0x110 [ 1033.950193][ C1] ? futex_exit_release+0x220/0x220 [ 1033.955367][ C1] ? lock_downgrade+0x820/0x820 [ 1033.960214][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1033.966494][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1033.971509][ C1] ? __might_fault+0x190/0x1d0 [ 1033.976254][ C1] ? _copy_to_user+0x126/0x160 [ 1033.981050][ C1] __x64_sys_futex+0x378/0x4e0 [ 1033.985793][ C1] ? do_futex+0x1a60/0x1a60 [ 1033.990272][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1033.995879][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1034.000788][ C1] ? do_syscall_64+0x1c/0xe0 [ 1034.005352][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1034.011370][ C1] do_syscall_64+0x60/0xe0 [ 1034.015762][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1034.021671][ C1] RIP: 0033:0x45cb29 [ 1034.025542][ C1] Code: Bad RIP value. [ 1034.029578][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1034.037975][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1034.045929][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1034.053963][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1034.061993][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1034.069958][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1034.078177][ C1] syz-executor.1 S29976 16203 6984 0x00000000 [ 1034.084484][ C1] Call Trace: [ 1034.087851][ C1] __schedule+0x8e1/0x1eb0 [ 1034.092252][ C1] ? io_schedule_timeout+0x140/0x140 [ 1034.097516][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1034.102967][ C1] schedule+0xd0/0x2a0 [ 1034.107019][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1034.112107][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1034.117273][ C1] ? futex_wake+0x1b5/0x490 [ 1034.121749][ C1] ? find_held_lock+0x2d/0x110 [ 1034.126489][ C1] futex_wait+0x1df/0x560 [ 1034.130796][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1034.135793][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1034.140705][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1034.145894][ C1] ? futex_wake+0x155/0x490 [ 1034.150402][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1034.156367][ C1] ? lock_downgrade+0x820/0x820 [ 1034.161190][ C1] do_futex+0x15b/0x1a60 [ 1034.165413][ C1] ? lock_acquire+0x1f1/0xad0 [ 1034.170071][ C1] ? __might_fault+0xef/0x1d0 [ 1034.174723][ C1] ? find_held_lock+0x2d/0x110 [ 1034.179476][ C1] ? futex_exit_release+0x220/0x220 [ 1034.184786][ C1] ? lock_downgrade+0x820/0x820 [ 1034.189671][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1034.196192][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1034.201206][ C1] ? __might_fault+0x190/0x1d0 [ 1034.206214][ C1] ? _copy_to_user+0x126/0x160 [ 1034.210965][ C1] __x64_sys_futex+0x378/0x4e0 [ 1034.215709][ C1] ? do_futex+0x1a60/0x1a60 [ 1034.220187][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1034.225858][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1034.230769][ C1] ? do_syscall_64+0x1c/0xe0 [ 1034.235334][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1034.241297][ C1] do_syscall_64+0x60/0xe0 [ 1034.245780][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1034.258425][ C1] RIP: 0033:0x45cb29 [ 1034.262308][ C1] Code: Bad RIP value. [ 1034.266352][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1034.274740][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1034.282686][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1034.290720][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1034.298682][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1034.306814][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1034.314778][ C1] syz-executor.1 S28928 16216 6984 0x00000000 [ 1034.321104][ C1] Call Trace: [ 1034.324399][ C1] __schedule+0x8e1/0x1eb0 [ 1034.328801][ C1] ? io_schedule_timeout+0x140/0x140 [ 1034.334149][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1034.339604][ C1] schedule+0xd0/0x2a0 [ 1034.343680][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1034.348791][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1034.353987][ C1] ? find_held_lock+0x2d/0x110 [ 1034.358760][ C1] futex_wait+0x1df/0x560 [ 1034.363134][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1034.368140][ C1] ? mark_lock+0xbc/0x1710 [ 1034.372575][ C1] ? hash_futex+0x12/0x200 [ 1034.377217][ C1] ? futex_wake+0x155/0x490 [ 1034.381722][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1034.386841][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1034.392820][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1034.398633][ C1] do_futex+0x15b/0x1a60 [ 1034.402865][ C1] ? lock_acquire+0x1f1/0xad0 [ 1034.407531][ C1] ? __might_fault+0xef/0x1d0 [ 1034.412186][ C1] ? find_held_lock+0x2d/0x110 [ 1034.416927][ C1] ? futex_exit_release+0x220/0x220 [ 1034.422123][ C1] ? lock_downgrade+0x820/0x820 [ 1034.427090][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1034.433319][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1034.438335][ C1] ? __might_fault+0x190/0x1d0 [ 1034.443074][ C1] ? _copy_to_user+0x126/0x160 [ 1034.447828][ C1] __x64_sys_futex+0x378/0x4e0 [ 1034.452586][ C1] ? do_futex+0x1a60/0x1a60 [ 1034.457064][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1034.462696][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1034.467607][ C1] ? do_syscall_64+0x1c/0xe0 [ 1034.472184][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1034.478409][ C1] do_syscall_64+0x60/0xe0 [ 1034.482801][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1034.488679][ C1] RIP: 0033:0x45cb29 [ 1034.492553][ C1] Code: Bad RIP value. [ 1034.496606][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1034.505174][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1034.513186][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1034.521136][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1034.529091][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1034.537168][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1034.545151][ C1] syz-executor.1 S29976 16218 16216 0x00000000 [ 1034.551471][ C1] Call Trace: [ 1034.554749][ C1] __schedule+0x8e1/0x1eb0 [ 1034.559168][ C1] ? io_schedule_timeout+0x140/0x140 [ 1034.564454][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1034.569915][ C1] schedule+0xd0/0x2a0 [ 1034.575350][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1034.580523][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1034.585700][ C1] futex_wait+0x1df/0x560 [ 1034.590005][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1034.595004][ C1] ? mark_lock+0xbc/0x1710 [ 1034.599406][ C1] ? hash_futex+0x12/0x200 [ 1034.603797][ C1] ? futex_wake+0x155/0x490 [ 1034.608294][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1034.613298][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1034.619263][ C1] ? lock_downgrade+0x820/0x820 [ 1034.624092][ C1] do_futex+0x15b/0x1a60 [ 1034.628329][ C1] ? lock_acquire+0x1f1/0xad0 [ 1034.633000][ C1] ? __might_fault+0xef/0x1d0 [ 1034.637670][ C1] ? find_held_lock+0x2d/0x110 [ 1034.642428][ C1] ? futex_exit_release+0x220/0x220 [ 1034.647605][ C1] ? lock_downgrade+0x820/0x820 [ 1034.652433][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1034.658653][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1034.663685][ C1] ? __might_fault+0x190/0x1d0 [ 1034.668422][ C1] ? _copy_to_user+0x126/0x160 [ 1034.673334][ C1] __x64_sys_futex+0x378/0x4e0 [ 1034.678079][ C1] ? do_futex+0x1a60/0x1a60 [ 1034.682557][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1034.688167][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1034.693346][ C1] ? do_syscall_64+0x1c/0xe0 [ 1034.697917][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1034.703885][ C1] do_syscall_64+0x60/0xe0 [ 1034.708276][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1034.714143][ C1] RIP: 0033:0x45cb29 [ 1034.718006][ C1] Code: Bad RIP value. [ 1034.722045][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1034.730430][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1034.738376][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1034.746324][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1034.754289][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1034.762250][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1034.770342][ C1] syz-executor.1 S29976 16232 6984 0x00000000 [ 1034.776664][ C1] Call Trace: [ 1034.779937][ C1] __schedule+0x8e1/0x1eb0 [ 1034.784380][ C1] ? io_schedule_timeout+0x140/0x140 [ 1034.789653][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1034.795105][ C1] schedule+0xd0/0x2a0 [ 1034.799152][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1034.804239][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1034.809415][ C1] futex_wait+0x1df/0x560 [ 1034.813729][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1034.818744][ C1] ? mark_lock+0xbc/0x1710 [ 1034.823133][ C1] ? hash_futex+0x12/0x200 [ 1034.827543][ C1] ? futex_wake+0x155/0x490 [ 1034.832049][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1034.837074][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1034.843039][ C1] ? lock_downgrade+0x820/0x820 [ 1034.847880][ C1] do_futex+0x15b/0x1a60 [ 1034.852103][ C1] ? lock_acquire+0x1f1/0xad0 [ 1034.856771][ C1] ? __might_fault+0xef/0x1d0 [ 1034.862027][ C1] ? find_held_lock+0x2d/0x110 [ 1034.866780][ C1] ? futex_exit_release+0x220/0x220 [ 1034.871953][ C1] ? lock_downgrade+0x820/0x820 [ 1034.876803][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1034.883014][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1034.888013][ C1] ? __might_fault+0x190/0x1d0 [ 1034.892753][ C1] ? _copy_to_user+0x126/0x160 [ 1034.897501][ C1] __x64_sys_futex+0x378/0x4e0 [ 1034.902252][ C1] ? do_futex+0x1a60/0x1a60 [ 1034.906741][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1034.912378][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1034.917297][ C1] ? do_syscall_64+0x1c/0xe0 [ 1034.921869][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1034.927981][ C1] do_syscall_64+0x60/0xe0 [ 1034.932393][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1034.938262][ C1] RIP: 0033:0x45cb29 [ 1034.942173][ C1] Code: Bad RIP value. [ 1034.946218][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1034.954600][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1034.962547][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1034.970494][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1034.978452][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1034.986412][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1034.994369][ C1] syz-executor.1 S28600 16252 6984 0x00000000 [ 1035.000676][ C1] Call Trace: [ 1035.003960][ C1] __schedule+0x8e1/0x1eb0 [ 1035.008363][ C1] ? io_schedule_timeout+0x140/0x140 [ 1035.013621][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1035.019060][ C1] schedule+0xd0/0x2a0 [ 1035.023106][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1035.028190][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1035.033363][ C1] futex_wait+0x1df/0x560 [ 1035.037667][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1035.042664][ C1] ? mark_lock+0xbc/0x1710 [ 1035.047055][ C1] ? hash_futex+0x12/0x200 [ 1035.051446][ C1] ? futex_wake+0x155/0x490 [ 1035.055928][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1035.060936][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1035.066889][ C1] do_futex+0x15b/0x1a60 [ 1035.071120][ C1] ? lock_acquire+0x1f1/0xad0 [ 1035.075770][ C1] ? __might_fault+0xef/0x1d0 [ 1035.080436][ C1] ? find_held_lock+0x2d/0x110 [ 1035.085174][ C1] ? futex_exit_release+0x220/0x220 [ 1035.090344][ C1] ? lock_downgrade+0x820/0x820 [ 1035.095170][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1035.101385][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1035.106386][ C1] ? __might_fault+0x190/0x1d0 [ 1035.111135][ C1] ? _copy_to_user+0x126/0x160 [ 1035.115875][ C1] __x64_sys_futex+0x378/0x4e0 [ 1035.120627][ C1] ? do_futex+0x1a60/0x1a60 [ 1035.125104][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1035.130710][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1035.135807][ C1] ? do_syscall_64+0x1c/0xe0 [ 1035.140372][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1035.146326][ C1] do_syscall_64+0x60/0xe0 [ 1035.150718][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1035.156584][ C1] RIP: 0033:0x45cb29 [ 1035.160443][ C1] Code: Bad RIP value. [ 1035.164485][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1035.172866][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1035.180810][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1035.188755][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1035.196714][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1035.205005][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1035.212966][ C1] syz-executor.1 S29976 16253 16252 0x00000000 [ 1035.219275][ C1] Call Trace: [ 1035.222547][ C1] __schedule+0x8e1/0x1eb0 [ 1035.226950][ C1] ? io_schedule_timeout+0x140/0x140 [ 1035.232609][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1035.238059][ C1] schedule+0xd0/0x2a0 [ 1035.242103][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1035.247186][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1035.252362][ C1] futex_wait+0x1df/0x560 [ 1035.256667][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1035.261665][ C1] ? mark_lock+0xbc/0x1710 [ 1035.266053][ C1] ? hash_futex+0x12/0x200 [ 1035.270463][ C1] ? futex_wake+0x155/0x490 [ 1035.274938][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1035.279943][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1035.285892][ C1] ? lock_downgrade+0x820/0x820 [ 1035.290717][ C1] do_futex+0x15b/0x1a60 [ 1035.294938][ C1] ? lock_acquire+0x1f1/0xad0 [ 1035.299591][ C1] ? __might_fault+0xef/0x1d0 [ 1035.304241][ C1] ? find_held_lock+0x2d/0x110 [ 1035.308978][ C1] ? futex_exit_release+0x220/0x220 [ 1035.314252][ C1] ? lock_downgrade+0x820/0x820 [ 1035.319077][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1035.325488][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1035.330735][ C1] ? __might_fault+0x190/0x1d0 [ 1035.335492][ C1] ? _copy_to_user+0x126/0x160 [ 1035.340279][ C1] __x64_sys_futex+0x378/0x4e0 [ 1035.345068][ C1] ? do_futex+0x1a60/0x1a60 [ 1035.349546][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1035.355150][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1035.360060][ C1] ? do_syscall_64+0x1c/0xe0 [ 1035.364624][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1035.370600][ C1] do_syscall_64+0x60/0xe0 [ 1035.375000][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1035.380874][ C1] RIP: 0033:0x45cb29 [ 1035.384738][ C1] Code: Bad RIP value. [ 1035.388823][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1035.397210][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1035.405154][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1035.413099][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1035.421045][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1035.429039][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1035.436999][ C1] syz-executor.1 S29976 16274 16252 0x00000000 [ 1035.443306][ C1] Call Trace: [ 1035.446572][ C1] __schedule+0x8e1/0x1eb0 [ 1035.450966][ C1] ? io_schedule_timeout+0x140/0x140 [ 1035.456227][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1035.461676][ C1] schedule+0xd0/0x2a0 [ 1035.465721][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1035.470818][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1035.475992][ C1] ? futex_wake+0x1b5/0x490 [ 1035.480477][ C1] ? find_held_lock+0x2d/0x110 [ 1035.485304][ C1] futex_wait+0x1df/0x560 [ 1035.489608][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1035.494605][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1035.499535][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1035.504706][ C1] ? futex_wake+0x155/0x490 [ 1035.509189][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1035.515137][ C1] ? lock_downgrade+0x820/0x820 [ 1035.519974][ C1] do_futex+0x15b/0x1a60 [ 1035.524212][ C1] ? lock_acquire+0x1f1/0xad0 [ 1035.528874][ C1] ? __might_fault+0xef/0x1d0 [ 1035.533537][ C1] ? find_held_lock+0x2d/0x110 [ 1035.538324][ C1] ? futex_exit_release+0x220/0x220 [ 1035.543509][ C1] ? lock_downgrade+0x820/0x820 [ 1035.548350][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1035.554571][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1035.559641][ C1] ? __might_fault+0x190/0x1d0 [ 1035.564405][ C1] ? _copy_to_user+0x126/0x160 [ 1035.569155][ C1] __x64_sys_futex+0x378/0x4e0 [ 1035.573898][ C1] ? do_futex+0x1a60/0x1a60 [ 1035.578405][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1035.584018][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1035.588935][ C1] ? do_syscall_64+0x1c/0xe0 [ 1035.593506][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1035.599460][ C1] do_syscall_64+0x60/0xe0 [ 1035.603853][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1035.609719][ C1] RIP: 0033:0x45cb29 [ 1035.613624][ C1] Code: Bad RIP value. [ 1035.617661][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1035.626062][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1035.634007][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1035.641950][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1035.649947][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1035.657893][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1035.665850][ C1] syz-executor.1 S28632 16289 6984 0x00000000 [ 1035.672206][ C1] Call Trace: [ 1035.675470][ C1] __schedule+0x8e1/0x1eb0 [ 1035.679866][ C1] ? io_schedule_timeout+0x140/0x140 [ 1035.685121][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1035.690572][ C1] schedule+0xd0/0x2a0 [ 1035.694619][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1035.699702][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1035.704876][ C1] ? futex_wake+0x1b5/0x490 [ 1035.709364][ C1] ? find_held_lock+0x2d/0x110 [ 1035.714103][ C1] futex_wait+0x1df/0x560 [ 1035.718425][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1035.723531][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1035.728453][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1035.733642][ C1] ? futex_wake+0x155/0x490 [ 1035.738126][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1035.744078][ C1] ? lock_downgrade+0x820/0x820 [ 1035.748904][ C1] do_futex+0x15b/0x1a60 [ 1035.753127][ C1] ? lock_acquire+0x1f1/0xad0 [ 1035.757792][ C1] ? __might_fault+0xef/0x1d0 [ 1035.762444][ C1] ? find_held_lock+0x2d/0x110 [ 1035.767530][ C1] ? futex_exit_release+0x220/0x220 [ 1035.772703][ C1] ? lock_downgrade+0x820/0x820 [ 1035.777526][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1035.785584][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1035.790584][ C1] ? __might_fault+0x190/0x1d0 [ 1035.795322][ C1] ? _copy_to_user+0x126/0x160 [ 1035.800078][ C1] __x64_sys_futex+0x378/0x4e0 [ 1035.804817][ C1] ? do_futex+0x1a60/0x1a60 [ 1035.809294][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1035.814901][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1035.819826][ C1] ? do_syscall_64+0x1c/0xe0 [ 1035.824388][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1035.830342][ C1] do_syscall_64+0x60/0xe0 [ 1035.834749][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1035.840630][ C1] RIP: 0033:0x45cb29 [ 1035.844508][ C1] Code: Bad RIP value. [ 1035.848559][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1035.856948][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1035.864899][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1035.872846][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1035.880790][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1035.888748][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1035.896724][ C1] syz-executor.1 S29976 16290 16289 0x00000000 [ 1035.903070][ C1] Call Trace: [ 1035.906339][ C1] __schedule+0x8e1/0x1eb0 [ 1035.910733][ C1] ? io_schedule_timeout+0x140/0x140 [ 1035.916012][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1035.921445][ C1] schedule+0xd0/0x2a0 [ 1035.925488][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1035.930573][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1035.935750][ C1] ? futex_wake+0x1b5/0x490 [ 1035.940230][ C1] ? find_held_lock+0x2d/0x110 [ 1035.944971][ C1] futex_wait+0x1df/0x560 [ 1035.949276][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1035.954273][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1035.959186][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1035.964358][ C1] ? futex_wake+0x155/0x490 [ 1035.968845][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1035.974797][ C1] ? lock_downgrade+0x820/0x820 [ 1035.979623][ C1] do_futex+0x15b/0x1a60 [ 1035.983842][ C1] ? lock_acquire+0x1f1/0xad0 [ 1035.988492][ C1] ? __might_fault+0xef/0x1d0 [ 1035.993145][ C1] ? find_held_lock+0x2d/0x110 [ 1035.997880][ C1] ? futex_exit_release+0x220/0x220 [ 1036.003140][ C1] ? lock_downgrade+0x820/0x820 [ 1036.007966][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1036.014183][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1036.019190][ C1] ? __might_fault+0x190/0x1d0 [ 1036.023928][ C1] ? _copy_to_user+0x126/0x160 [ 1036.028668][ C1] __x64_sys_futex+0x378/0x4e0 [ 1036.033425][ C1] ? do_futex+0x1a60/0x1a60 [ 1036.037904][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1036.043516][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1036.048428][ C1] ? do_syscall_64+0x1c/0xe0 [ 1036.052993][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1036.058950][ C1] do_syscall_64+0x60/0xe0 [ 1036.063360][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1036.069237][ C1] RIP: 0033:0x45cb29 [ 1036.073102][ C1] Code: Bad RIP value. [ 1036.077139][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1036.085524][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1036.093485][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1036.101456][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1036.109415][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1036.117373][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1036.125354][ C1] syz-executor.1 S29976 16310 6984 0x00000000 [ 1036.131672][ C1] Call Trace: [ 1036.134937][ C1] __schedule+0x8e1/0x1eb0 [ 1036.139331][ C1] ? io_schedule_timeout+0x140/0x140 [ 1036.144591][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1036.150027][ C1] schedule+0xd0/0x2a0 [ 1036.154070][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1036.159154][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1036.167274][ C1] ? futex_wake+0x1b5/0x490 [ 1036.171763][ C1] ? find_held_lock+0x2d/0x110 [ 1036.176588][ C1] futex_wait+0x1df/0x560 [ 1036.180895][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1036.185896][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1036.190811][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1036.195997][ C1] ? futex_wake+0x155/0x490 [ 1036.200568][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1036.206519][ C1] ? lock_downgrade+0x820/0x820 [ 1036.211344][ C1] do_futex+0x15b/0x1a60 [ 1036.215578][ C1] ? lock_acquire+0x1f1/0xad0 [ 1036.220229][ C1] ? __might_fault+0xef/0x1d0 [ 1036.224881][ C1] ? find_held_lock+0x2d/0x110 [ 1036.229620][ C1] ? futex_exit_release+0x220/0x220 [ 1036.234793][ C1] ? lock_downgrade+0x820/0x820 [ 1036.239619][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1036.245834][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1036.250836][ C1] ? __might_fault+0x190/0x1d0 [ 1036.255572][ C1] ? _copy_to_user+0x126/0x160 [ 1036.260323][ C1] __x64_sys_futex+0x378/0x4e0 [ 1036.265082][ C1] ? do_futex+0x1a60/0x1a60 [ 1036.269573][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1036.275215][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1036.280150][ C1] ? do_syscall_64+0x1c/0xe0 [ 1036.284718][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1036.290676][ C1] do_syscall_64+0x60/0xe0 [ 1036.295164][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1036.301052][ C1] RIP: 0033:0x45cb29 [ 1036.304956][ C1] Code: Bad RIP value. [ 1036.309019][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1036.317443][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1036.325413][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1036.333428][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1036.341405][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1036.349442][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1036.357453][ C1] syz-executor.1 S29728 16331 6984 0x00000000 [ 1036.363961][ C1] Call Trace: [ 1036.367378][ C1] __schedule+0x8e1/0x1eb0 [ 1036.371805][ C1] ? io_schedule_timeout+0x140/0x140 [ 1036.377079][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1036.382522][ C1] schedule+0xd0/0x2a0 [ 1036.386593][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1036.391680][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1036.396855][ C1] ? futex_wake+0x1b5/0x490 [ 1036.401333][ C1] ? find_held_lock+0x2d/0x110 [ 1036.406074][ C1] futex_wait+0x1df/0x560 [ 1036.410381][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1036.415376][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1036.420293][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1036.425466][ C1] ? futex_wake+0x155/0x490 [ 1036.429953][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1036.436602][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1036.442398][ C1] do_futex+0x15b/0x1a60 [ 1036.446618][ C1] ? lock_acquire+0x1f1/0xad0 [ 1036.451269][ C1] ? __might_fault+0xef/0x1d0 [ 1036.455923][ C1] ? find_held_lock+0x2d/0x110 [ 1036.460664][ C1] ? futex_exit_release+0x220/0x220 [ 1036.466446][ C1] ? lock_downgrade+0x820/0x820 [ 1036.471628][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1036.477843][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1036.482856][ C1] ? __might_fault+0x190/0x1d0 [ 1036.487594][ C1] ? _copy_to_user+0x126/0x160 [ 1036.492350][ C1] __x64_sys_futex+0x378/0x4e0 [ 1036.497091][ C1] ? do_futex+0x1a60/0x1a60 [ 1036.501583][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1036.507203][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1036.512130][ C1] ? do_syscall_64+0x1c/0xe0 [ 1036.516704][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1036.522684][ C1] do_syscall_64+0x60/0xe0 [ 1036.527077][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1036.532959][ C1] RIP: 0033:0x45cb29 [ 1036.536850][ C1] Code: Bad RIP value. [ 1036.540993][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1036.549397][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1036.557345][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1036.565296][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1036.573243][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1036.581205][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1036.589162][ C1] syz-executor.1 S29976 16340 6984 0x00000000 [ 1036.595472][ C1] Call Trace: [ 1036.598742][ C1] __schedule+0x8e1/0x1eb0 [ 1036.603155][ C1] ? io_schedule_timeout+0x140/0x140 [ 1036.608414][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1036.613850][ C1] schedule+0xd0/0x2a0 [ 1036.617914][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1036.622999][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1036.628166][ C1] ? futex_wake+0x1b5/0x490 [ 1036.632652][ C1] ? find_held_lock+0x2d/0x110 [ 1036.637391][ C1] futex_wait+0x1df/0x560 [ 1036.641696][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1036.646691][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1036.651603][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1036.656776][ C1] ? futex_wake+0x155/0x490 [ 1036.661324][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1036.667279][ C1] ? lock_downgrade+0x820/0x820 [ 1036.672105][ C1] do_futex+0x15b/0x1a60 [ 1036.676516][ C1] ? lock_acquire+0x1f1/0xad0 [ 1036.681166][ C1] ? __might_fault+0xef/0x1d0 [ 1036.685817][ C1] ? find_held_lock+0x2d/0x110 [ 1036.690572][ C1] ? futex_exit_release+0x220/0x220 [ 1036.695757][ C1] ? lock_downgrade+0x820/0x820 [ 1036.700582][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1036.706796][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1036.711811][ C1] ? __might_fault+0x190/0x1d0 [ 1036.716569][ C1] ? _copy_to_user+0x126/0x160 [ 1036.721309][ C1] __x64_sys_futex+0x378/0x4e0 [ 1036.726049][ C1] ? do_futex+0x1a60/0x1a60 [ 1036.730527][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1036.736148][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1036.741070][ C1] ? do_syscall_64+0x1c/0xe0 [ 1036.745635][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1036.751594][ C1] do_syscall_64+0x60/0xe0 [ 1036.755988][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1036.761862][ C1] RIP: 0033:0x45cb29 [ 1036.765725][ C1] Code: Bad RIP value. [ 1036.769774][ C1] RSP: 002b:00007f57eaec1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1036.778156][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1036.786117][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1036.794082][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1036.802302][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1036.810351][ C1] R13: 0000000000c9fb6f R14: 00007f57eaec29c0 R15: 000000000078bf0c [ 1036.818311][ C1] syz-executor.1 S29976 16350 6984 0x00000000 [ 1036.824647][ C1] Call Trace: [ 1036.828002][ C1] __schedule+0x8e1/0x1eb0 [ 1036.832398][ C1] ? io_schedule_timeout+0x140/0x140 [ 1036.837658][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1036.843094][ C1] schedule+0xd0/0x2a0 [ 1036.847240][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1036.852327][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1036.857497][ C1] ? futex_wake+0x1b5/0x490 [ 1036.861973][ C1] ? find_held_lock+0x2d/0x110 [ 1036.866713][ C1] futex_wait+0x1df/0x560 [ 1036.871019][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1036.876017][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1036.880940][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1036.886113][ C1] ? futex_wake+0x155/0x490 [ 1036.890599][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1036.896550][ C1] ? lock_downgrade+0x820/0x820 [ 1036.901389][ C1] do_futex+0x15b/0x1a60 [ 1036.905609][ C1] ? lock_acquire+0x1f1/0xad0 [ 1036.910272][ C1] ? __might_fault+0xef/0x1d0 [ 1036.914923][ C1] ? find_held_lock+0x2d/0x110 [ 1036.919662][ C1] ? futex_exit_release+0x220/0x220 [ 1036.924851][ C1] ? lock_downgrade+0x820/0x820 [ 1036.929676][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1036.935891][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1036.940980][ C1] ? __might_fault+0x190/0x1d0 [ 1036.945720][ C1] ? _copy_to_user+0x126/0x160 [ 1036.950461][ C1] __x64_sys_futex+0x378/0x4e0 [ 1036.955203][ C1] ? do_futex+0x1a60/0x1a60 [ 1036.959698][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1036.965304][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1036.970219][ C1] ? do_syscall_64+0x1c/0xe0 [ 1036.974784][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1036.980740][ C1] do_syscall_64+0x60/0xe0 [ 1036.985133][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1036.991108][ C1] RIP: 0033:0x45cb29 [ 1036.994969][ C1] Code: Bad RIP value. [ 1036.999009][ C1] RSP: 002b:00007f57eae7fcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1037.007393][ C1] RAX: ffffffffffffffda RBX: 000000000078c048 RCX: 000000000045cb29 [ 1037.015344][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078c048 [ 1037.023295][ C1] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 1037.031255][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078c04c [ 1037.039203][ C1] R13: 0000000000c9fb6f R14: 00007f57eae809c0 R15: 000000000078c04c [ 1037.047208][ C1] syz-executor.2 S29976 16471 7107 0x00000000 [ 1037.053516][ C1] Call Trace: [ 1037.056788][ C1] __schedule+0x8e1/0x1eb0 [ 1037.061191][ C1] ? io_schedule_timeout+0x140/0x140 [ 1037.066451][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1037.071888][ C1] schedule+0xd0/0x2a0 [ 1037.075936][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1037.081022][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1037.086194][ C1] ? futex_wake+0x1b5/0x490 [ 1037.090671][ C1] ? find_held_lock+0x2d/0x110 [ 1037.095419][ C1] futex_wait+0x1df/0x560 [ 1037.099727][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1037.104724][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1037.109637][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1037.114809][ C1] ? futex_wake+0x155/0x490 [ 1037.119315][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1037.125292][ C1] do_futex+0x15b/0x1a60 [ 1037.129516][ C1] ? lock_acquire+0x1f1/0xad0 [ 1037.134169][ C1] ? __might_fault+0xef/0x1d0 [ 1037.138820][ C1] ? find_held_lock+0x2d/0x110 [ 1037.143557][ C1] ? futex_exit_release+0x220/0x220 [ 1037.148735][ C1] ? lock_downgrade+0x820/0x820 [ 1037.153562][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1037.159799][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1037.164805][ C1] ? __might_fault+0x190/0x1d0 [ 1037.169547][ C1] ? _copy_to_user+0x126/0x160 [ 1037.174292][ C1] __x64_sys_futex+0x378/0x4e0 [ 1037.179100][ C1] ? do_futex+0x1a60/0x1a60 [ 1037.183629][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1037.189249][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1037.194165][ C1] ? do_syscall_64+0x1c/0xe0 [ 1037.198733][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1037.204714][ C1] do_syscall_64+0x60/0xe0 [ 1037.209120][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1037.215099][ C1] RIP: 0033:0x45cb29 [ 1037.219083][ C1] Code: Bad RIP value. [ 1037.223139][ C1] RSP: 002b:00007fd4292bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1037.231535][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1037.239482][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1037.247429][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1037.255398][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1037.263344][ C1] R13: 0000000000c9fb6f R14: 00007fd4292be9c0 R15: 000000000078bf0c [ 1037.271306][ C1] syz-executor.2 S29976 16491 7107 0x00000000 [ 1037.277616][ C1] Call Trace: [ 1037.280899][ C1] __schedule+0x8e1/0x1eb0 [ 1037.285296][ C1] ? io_schedule_timeout+0x140/0x140 [ 1037.290573][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1037.296013][ C1] schedule+0xd0/0x2a0 [ 1037.300066][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1037.305157][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1037.310331][ C1] futex_wait+0x1df/0x560 [ 1037.314651][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1037.319652][ C1] ? wake_up_q+0xa3/0x100 [ 1037.323956][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1037.329126][ C1] ? futex_wake+0x155/0x490 [ 1037.333611][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1037.339740][ C1] do_futex+0x15b/0x1a60 [ 1037.343981][ C1] ? lock_acquire+0x1f1/0xad0 [ 1037.348697][ C1] ? __might_fault+0xef/0x1d0 [ 1037.353358][ C1] ? find_held_lock+0x2d/0x110 [ 1037.358116][ C1] ? futex_exit_release+0x220/0x220 [ 1037.363292][ C1] ? lock_downgrade+0x820/0x820 [ 1037.368173][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1037.374404][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1037.379496][ C1] ? __might_fault+0x190/0x1d0 [ 1037.384261][ C1] ? _copy_to_user+0x126/0x160 [ 1037.389033][ C1] __x64_sys_futex+0x378/0x4e0 [ 1037.393826][ C1] ? do_futex+0x1a60/0x1a60 [ 1037.398307][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1037.403931][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1037.408864][ C1] ? do_syscall_64+0x1c/0xe0 [ 1037.413444][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1037.419403][ C1] do_syscall_64+0x60/0xe0 [ 1037.423816][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1037.429696][ C1] RIP: 0033:0x45cb29 [ 1037.433560][ C1] Code: Bad RIP value. [ 1037.437599][ C1] RSP: 002b:00007fd42929ccf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1037.445986][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1037.454770][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1037.463789][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1037.471752][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1037.479711][ C1] R13: 0000000000c9fb6f R14: 00007fd42929d9c0 R15: 000000000078bfac [ 1037.487689][ C1] bond1 I30952 18883 2 0x00004000 [ 1037.494116][ C1] Call Trace: [ 1037.497392][ C1] __schedule+0x8e1/0x1eb0 [ 1037.501855][ C1] ? io_schedule_timeout+0x140/0x140 [ 1037.507327][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 1037.512335][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 1037.517513][ C1] schedule+0xd0/0x2a0 [ 1037.521566][ C1] rescuer_thread+0x7a7/0xd30 [ 1037.526227][ C1] ? worker_thread+0x1120/0x1120 [ 1037.531144][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1037.536231][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 1037.541229][ C1] ? worker_thread+0x1120/0x1120 [ 1037.546157][ C1] kthread+0x3b5/0x4a0 [ 1037.550199][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 1037.555288][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 1037.560378][ C1] ret_from_fork+0x1f/0x30 [ 1037.564912][ C1] bond2 I30952 18918 2 0x00004000 [ 1037.571257][ C1] Call Trace: [ 1037.574546][ C1] __schedule+0x8e1/0x1eb0 [ 1037.578962][ C1] ? io_schedule_timeout+0x140/0x140 [ 1037.584222][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 1037.589318][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 1037.594489][ C1] schedule+0xd0/0x2a0 [ 1037.598549][ C1] rescuer_thread+0x7a7/0xd30 [ 1037.603209][ C1] ? worker_thread+0x1120/0x1120 [ 1037.608492][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1037.614818][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 1037.620581][ C1] ? worker_thread+0x1120/0x1120 [ 1037.625526][ C1] kthread+0x3b5/0x4a0 [ 1037.629578][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 1037.634761][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 1037.639851][ C1] ret_from_fork+0x1f/0x30 [ 1037.644345][ C1] syz-executor.4 S29976 19733 7184 0x00000000 [ 1037.650652][ C1] Call Trace: [ 1037.653921][ C1] __schedule+0x8e1/0x1eb0 [ 1037.658314][ C1] ? io_schedule_timeout+0x140/0x140 [ 1037.663588][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1037.669114][ C1] schedule+0xd0/0x2a0 [ 1037.673175][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1037.678261][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1037.683434][ C1] futex_wait+0x1df/0x560 [ 1037.687741][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1037.692743][ C1] ? wake_up_q+0xa3/0x100 [ 1037.697047][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1037.702219][ C1] ? futex_wake+0x155/0x490 [ 1037.706704][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1037.712673][ C1] ? lock_downgrade+0x820/0x820 [ 1037.717500][ C1] do_futex+0x15b/0x1a60 [ 1037.721719][ C1] ? lock_acquire+0x1f1/0xad0 [ 1037.726368][ C1] ? __might_fault+0xef/0x1d0 [ 1037.731034][ C1] ? find_held_lock+0x2d/0x110 [ 1037.735777][ C1] ? futex_exit_release+0x220/0x220 [ 1037.740970][ C1] ? lock_downgrade+0x820/0x820 [ 1037.745807][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1037.752036][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1037.757042][ C1] ? __might_fault+0x190/0x1d0 [ 1037.761784][ C1] ? _copy_to_user+0x126/0x160 [ 1037.766561][ C1] __x64_sys_futex+0x378/0x4e0 [ 1037.771303][ C1] ? do_futex+0x1a60/0x1a60 [ 1037.775784][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1037.780696][ C1] ? do_syscall_64+0x1c/0xe0 [ 1037.785260][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1037.791219][ C1] do_syscall_64+0x60/0xe0 [ 1037.795610][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1037.801493][ C1] RIP: 0033:0x45cb29 [ 1037.805356][ C1] Code: Bad RIP value. [ 1037.809394][ C1] RSP: 002b:00007f5d2d9b6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1037.817777][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1037.825721][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1037.833679][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1037.842057][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1037.850001][ C1] R13: 0000000000c9fb6f R14: 00007f5d2d9b79c0 R15: 000000000078bf0c [ 1037.857970][ C1] syz-executor.4 S29976 19739 7184 0x00000000 [ 1037.864282][ C1] Call Trace: [ 1037.867560][ C1] __schedule+0x8e1/0x1eb0 [ 1037.871966][ C1] ? io_schedule_timeout+0x140/0x140 [ 1037.877260][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1037.882695][ C1] schedule+0xd0/0x2a0 [ 1037.886739][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1037.891822][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1037.896991][ C1] ? futex_wake+0x1b5/0x490 [ 1037.901476][ C1] ? find_held_lock+0x2d/0x110 [ 1037.906243][ C1] futex_wait+0x1df/0x560 [ 1037.910548][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1037.915543][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1037.920454][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1037.925624][ C1] ? futex_wake+0x155/0x490 [ 1037.930140][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1037.936138][ C1] ? lock_downgrade+0x820/0x820 [ 1037.940988][ C1] do_futex+0x15b/0x1a60 [ 1037.945216][ C1] ? lock_acquire+0x1f1/0xad0 [ 1037.954355][ C1] ? __might_fault+0xef/0x1d0 [ 1037.959334][ C1] ? find_held_lock+0x2d/0x110 [ 1037.964090][ C1] ? futex_exit_release+0x220/0x220 [ 1037.969270][ C1] ? lock_downgrade+0x820/0x820 [ 1037.974112][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1037.980333][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1037.985340][ C1] ? __might_fault+0x190/0x1d0 [ 1037.990088][ C1] ? _copy_to_user+0x126/0x160 [ 1037.994828][ C1] __x64_sys_futex+0x378/0x4e0 [ 1037.999568][ C1] ? do_futex+0x1a60/0x1a60 [ 1038.004060][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1038.009670][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1038.014588][ C1] ? do_syscall_64+0x1c/0xe0 [ 1038.019234][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1038.025191][ C1] do_syscall_64+0x60/0xe0 [ 1038.029585][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1038.035468][ C1] RIP: 0033:0x45cb29 [ 1038.039347][ C1] Code: Bad RIP value. [ 1038.043415][ C1] RSP: 002b:00007f5d2d9b6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1038.051801][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1038.059749][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1038.067697][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1038.075654][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1038.083598][ C1] R13: 0000000000c9fb6f R14: 00007f5d2d9b79c0 R15: 000000000078bf0c [ 1038.091562][ C1] syz-executor.4 S29976 19745 7184 0x00000000 [ 1038.097885][ C1] Call Trace: [ 1038.101165][ C1] __schedule+0x8e1/0x1eb0 [ 1038.105560][ C1] ? io_schedule_timeout+0x140/0x140 [ 1038.110819][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1038.116270][ C1] schedule+0xd0/0x2a0 [ 1038.120325][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1038.125583][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1038.130759][ C1] futex_wait+0x1df/0x560 [ 1038.135063][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1038.140062][ C1] ? wake_up_q+0xa3/0x100 [ 1038.144366][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1038.149540][ C1] ? futex_wake+0x155/0x490 [ 1038.154029][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1038.159980][ C1] ? lock_downgrade+0x820/0x820 [ 1038.164806][ C1] do_futex+0x15b/0x1a60 [ 1038.169027][ C1] ? lock_acquire+0x1f1/0xad0 [ 1038.173950][ C1] ? __might_fault+0xef/0x1d0 [ 1038.178599][ C1] ? find_held_lock+0x2d/0x110 [ 1038.183346][ C1] ? futex_exit_release+0x220/0x220 [ 1038.188518][ C1] ? lock_downgrade+0x820/0x820 [ 1038.193339][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1038.199566][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1038.204568][ C1] ? __might_fault+0x190/0x1d0 [ 1038.209306][ C1] ? _copy_to_user+0x126/0x160 [ 1038.214049][ C1] __x64_sys_futex+0x378/0x4e0 [ 1038.218805][ C1] ? do_futex+0x1a60/0x1a60 [ 1038.223282][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1038.228888][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1038.233799][ C1] ? do_syscall_64+0x1c/0xe0 [ 1038.238377][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1038.244332][ C1] do_syscall_64+0x60/0xe0 [ 1038.248740][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1038.254605][ C1] RIP: 0033:0x45cb29 [ 1038.258468][ C1] Code: Bad RIP value. [ 1038.262504][ C1] RSP: 002b:00007f5d2d9b6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1038.270886][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1038.278839][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1038.286809][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1038.294842][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1038.302788][ C1] R13: 0000000000c9fb6f R14: 00007f5d2d9b79c0 R15: 000000000078bf0c [ 1038.310779][ C1] syz-executor.4 S29976 19747 7184 0x00000000 [ 1038.317107][ C1] Call Trace: [ 1038.320373][ C1] __schedule+0x8e1/0x1eb0 [ 1038.324770][ C1] ? io_schedule_timeout+0x140/0x140 [ 1038.330036][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1038.335474][ C1] schedule+0xd0/0x2a0 [ 1038.339523][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1038.344605][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1038.349792][ C1] futex_wait+0x1df/0x560 [ 1038.354124][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1038.359136][ C1] ? mark_lock+0xbc/0x1710 [ 1038.363537][ C1] ? hash_futex+0x12/0x200 [ 1038.367934][ C1] ? futex_wake+0x155/0x490 [ 1038.372412][ C1] ? __lock_acquire+0x16e3/0x56e0 [ 1038.377418][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1038.383371][ C1] ? lock_downgrade+0x820/0x820 [ 1038.388197][ C1] do_futex+0x15b/0x1a60 [ 1038.392464][ C1] ? lock_acquire+0x1f1/0xad0 [ 1038.397240][ C1] ? __might_fault+0xef/0x1d0 [ 1038.401894][ C1] ? find_held_lock+0x2d/0x110 [ 1038.406680][ C1] ? futex_exit_release+0x220/0x220 [ 1038.411853][ C1] ? lock_downgrade+0x820/0x820 [ 1038.416773][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1038.423018][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1038.428308][ C1] ? __might_fault+0x190/0x1d0 [ 1038.433331][ C1] ? _copy_to_user+0x126/0x160 [ 1038.438121][ C1] __x64_sys_futex+0x378/0x4e0 [ 1038.442899][ C1] ? do_futex+0x1a60/0x1a60 [ 1038.447486][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1038.454502][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1038.459428][ C1] ? do_syscall_64+0x1c/0xe0 [ 1038.464010][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1038.469994][ C1] do_syscall_64+0x60/0xe0 [ 1038.474584][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1038.480453][ C1] RIP: 0033:0x45cb29 [ 1038.484317][ C1] Code: Bad RIP value. [ 1038.488374][ C1] RSP: 002b:00007f5d2d9b6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1038.497020][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1038.504976][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1038.513097][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1038.521175][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1038.529214][ C1] R13: 0000000000c9fb6f R14: 00007f5d2d9b79c0 R15: 000000000078bf0c [ 1038.537179][ C1] syz-executor.4 S29976 19758 7184 0x00000000 [ 1038.543486][ C1] Call Trace: [ 1038.546756][ C1] __schedule+0x8e1/0x1eb0 [ 1038.551165][ C1] ? io_schedule_timeout+0x140/0x140 [ 1038.556424][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1038.561878][ C1] schedule+0xd0/0x2a0 [ 1038.565934][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1038.571019][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1038.576186][ C1] ? futex_wake+0x1b5/0x490 [ 1038.580686][ C1] ? find_held_lock+0x2d/0x110 [ 1038.585424][ C1] futex_wait+0x1df/0x560 [ 1038.589742][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1038.594737][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1038.599662][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1038.604836][ C1] ? futex_wake+0x155/0x490 [ 1038.609332][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1038.615296][ C1] ? lock_downgrade+0x820/0x820 [ 1038.620120][ C1] do_futex+0x15b/0x1a60 [ 1038.624340][ C1] ? lock_acquire+0x1f1/0xad0 [ 1038.628989][ C1] ? __might_fault+0xef/0x1d0 [ 1038.633638][ C1] ? find_held_lock+0x2d/0x110 [ 1038.638461][ C1] ? futex_exit_release+0x220/0x220 [ 1038.644155][ C1] ? lock_downgrade+0x820/0x820 [ 1038.648992][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1038.655204][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1038.660206][ C1] ? __might_fault+0x190/0x1d0 [ 1038.664944][ C1] ? _copy_to_user+0x126/0x160 [ 1038.669696][ C1] __x64_sys_futex+0x378/0x4e0 [ 1038.674435][ C1] ? do_futex+0x1a60/0x1a60 [ 1038.678955][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1038.684579][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1038.689489][ C1] ? do_syscall_64+0x1c/0xe0 [ 1038.695010][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1038.700965][ C1] do_syscall_64+0x60/0xe0 [ 1038.705378][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1038.711273][ C1] RIP: 0033:0x45cb29 [ 1038.715148][ C1] Code: Bad RIP value. [ 1038.719191][ C1] RSP: 002b:00007f5d2d9b6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1038.727588][ C1] RAX: ffffffffffffffda RBX: 000000000078bf08 RCX: 000000000045cb29 [ 1038.735553][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf08 [ 1038.743499][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1038.751441][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c [ 1038.759390][ C1] R13: 0000000000c9fb6f R14: 00007f5d2d9b79c0 R15: 000000000078bf0c [ 1038.767350][ C1] kworker/0:6 I23272 24361 2 0x00004000 [ 1038.773664][ C1] Workqueue: 0x0 (events_power_efficient) [ 1038.779441][ C1] Call Trace: [ 1038.782724][ C1] __schedule+0x8e1/0x1eb0 [ 1038.787120][ C1] ? io_schedule_timeout+0x140/0x140 [ 1038.792386][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 1038.797562][ C1] schedule+0xd0/0x2a0 [ 1038.801612][ C1] worker_thread+0x14c/0x1120 [ 1038.806285][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 1038.811324][ C1] ? process_one_work+0x1670/0x1670 [ 1038.816510][ C1] kthread+0x3b5/0x4a0 [ 1038.820575][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 1038.825666][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 1038.830768][ C1] ret_from_fork+0x1f/0x30 [ 1038.835172][ C1] kworker/0:7 I29920 24659 2 0x00004000 [ 1038.841491][ C1] Call Trace: [ 1038.844760][ C1] __schedule+0x8e1/0x1eb0 [ 1038.849159][ C1] ? io_schedule_timeout+0x140/0x140 [ 1038.854528][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 1038.859525][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 1038.864698][ C1] schedule+0xd0/0x2a0 [ 1038.868740][ C1] worker_thread+0x14c/0x1120 [ 1038.873391][ C1] ? __kthread_parkme+0x4c/0x1e0 [ 1038.878308][ C1] ? process_one_work+0x1670/0x1670 [ 1038.883481][ C1] kthread+0x3b5/0x4a0 [ 1038.887524][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 1038.892605][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 1038.897692][ C1] ret_from_fork+0x1f/0x30 [ 1038.902089][ C1] kworker/0:8 I31072 24661 2 0x00004000 [ 1038.908409][ C1] Call Trace: [ 1038.911675][ C1] __schedule+0x8e1/0x1eb0 [ 1038.916070][ C1] ? io_schedule_timeout+0x140/0x140 [ 1038.921326][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 1038.926325][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 1038.931511][ C1] schedule+0xd0/0x2a0 [ 1038.935553][ C1] worker_thread+0x14c/0x1120 [ 1038.940217][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1038.946098][ C1] ? __kthread_parkme+0x4c/0x1e0 [ 1038.951012][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1038.956968][ C1] ? __kthread_parkme+0x13f/0x1e0 [ 1038.961986][ C1] ? process_one_work+0x1670/0x1670 [ 1038.967160][ C1] kthread+0x3b5/0x4a0 [ 1038.971375][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 1038.976459][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 1038.981546][ C1] ret_from_fork+0x1f/0x30 [ 1038.985946][ C1] syz-executor.5 R running task 28384 321 7388 0x00000000 [ 1038.993828][ C1] Call Trace: [ 1038.997120][ C1] __schedule+0x8e1/0x1eb0 [ 1039.001514][ C1] ? io_schedule_timeout+0x140/0x140 [ 1039.006772][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1039.012553][ C1] schedule+0xd0/0x2a0 [ 1039.016617][ C1] do_nanosleep+0x222/0x650 [ 1039.021097][ C1] ? find_held_lock+0x2d/0x110 [ 1039.025837][ C1] ? schedule_timeout_idle+0x80/0x80 [ 1039.031113][ C1] ? __free_object+0xdd0/0xdd0 [ 1039.035851][ C1] ? memset+0x20/0x40 [ 1039.039805][ C1] ? __hrtimer_init+0x12c/0x260 [ 1039.044632][ C1] hrtimer_nanosleep+0x1f6/0x430 [ 1039.049542][ C1] ? nanosleep_copyout+0x100/0x100 [ 1039.054628][ C1] ? _copy_from_user+0x138/0x190 [ 1039.059552][ C1] ? hrtimer_init_sleeper_on_stack+0x90/0x90 [ 1039.065517][ C1] ? put_timespec64+0x120/0x120 [ 1039.070341][ C1] ? __x64_sys_futex+0x382/0x4e0 [ 1039.075255][ C1] __x64_sys_nanosleep+0x1dc/0x260 [ 1039.080341][ C1] ? hrtimer_nanosleep+0x430/0x430 [ 1039.085425][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1039.090342][ C1] ? do_syscall_64+0x1c/0xe0 [ 1039.094907][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1039.100860][ C1] do_syscall_64+0x60/0xe0 [ 1039.105250][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1039.111116][ C1] RIP: 0033:0x45b051 [ 1039.115019][ C1] Code: Bad RIP value. [ 1039.119059][ C1] RSP: 002b:0000000000c9fbc0 EFLAGS: 00000293 ORIG_RAX: 0000000000000023 [ 1039.127446][ C1] RAX: ffffffffffffffda RBX: 00000000000d8fb8 RCX: 000000000045b051 [ 1039.135405][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000c9fbd0 [ 1039.143350][ C1] RBP: 0000000000000001 R08: 00000000856ee438 R09: 00000000856ee43c [ 1039.151296][ C1] R10: 0000000000c9fcd0 R11: 0000000000000293 R12: 000000000078bf00 [ 1039.159253][ C1] R13: 000000000078c900 R14: ffffffffffffffff R15: 000000000078bfac [ 1039.167219][ C1] syz-executor.5 S28728 331 7388 0x00000000 [ 1039.173540][ C1] Call Trace: [ 1039.176806][ C1] __schedule+0x8e1/0x1eb0 [ 1039.181202][ C1] ? io_schedule_timeout+0x140/0x140 [ 1039.186466][ C1] schedule+0xd0/0x2a0 [ 1039.190523][ C1] schedule_timeout+0x1d8/0x250 [ 1039.195350][ C1] ? usleep_range+0x170/0x170 [ 1039.200003][ C1] ? lock_downgrade+0x820/0x820 [ 1039.204912][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 1039.209908][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 1039.215101][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1039.221067][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1039.226078][ C1] wait_for_completion_interruptible+0x162/0x2e0 [ 1039.232381][ C1] ? wait_for_completion_killable+0x310/0x310 [ 1039.238437][ C1] ? rcu_read_lock_sched_held+0x3a/0xb0 [ 1039.243959][ C1] raw_process_ep_io+0x5af/0x880 [ 1039.248923][ C1] ? raw_process_ep0_io+0x740/0x740 [ 1039.254103][ C1] ? memdup_user+0x7c/0xd0 [ 1039.258497][ C1] raw_ioctl+0x96d/0x1ca2 [ 1039.262829][ C1] ? gadget_bind+0x780/0x780 [ 1039.267396][ C1] ? gadget_bind+0x780/0x780 [ 1039.271961][ C1] ksys_ioctl+0x11a/0x180 [ 1039.276297][ C1] __x64_sys_ioctl+0x6f/0xb0 [ 1039.280862][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1039.285949][ C1] do_syscall_64+0x60/0xe0 [ 1039.290340][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1039.296208][ C1] RIP: 0033:0x45c9f7 [ 1039.300074][ C1] Code: Bad RIP value. [ 1039.304124][ C1] RSP: 002b:00007f8614cd1bf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1039.312505][ C1] RAX: ffffffffffffffda RBX: 00000000000000d0 RCX: 000000000045c9f7 [ 1039.320448][ C1] RDX: 00007f8614cd1c40 RSI: 0000000040085507 RDI: 0000000000000003 [ 1039.328393][ C1] RBP: 0000000000000000 R08: 60846152557c89c8 R09: e84aa42d3dc3973f [ 1039.336359][ C1] R10: a44727f4cccffe49 R11: 0000000000000246 R12: 00000000ffffffff [ 1039.344375][ C1] R13: 0000000000000c7a R14: 00000000004cedd9 R15: 00007f8614cd36d4 [ 1039.352375][ C1] syz-executor.5 S29400 433 7388 0x00000000 [ 1039.358685][ C1] Call Trace: [ 1039.361952][ C1] __schedule+0x8e1/0x1eb0 [ 1039.366349][ C1] ? io_schedule_timeout+0x140/0x140 [ 1039.371608][ C1] ? plist_check_prev_next+0x126/0x1a0 [ 1039.377044][ C1] schedule+0xd0/0x2a0 [ 1039.381131][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1039.386231][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1039.391405][ C1] futex_wait+0x1df/0x560 [ 1039.395712][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1039.400730][ C1] ? wake_up_q+0xa3/0x100 [ 1039.405034][ C1] ? do_raw_spin_unlock+0x171/0x230 [ 1039.410214][ C1] ? futex_wake+0x155/0x490 [ 1039.414704][ C1] ? lockdep_hardirqs_on_prepare+0x590/0x590 [ 1039.420670][ C1] do_futex+0x15b/0x1a60 [ 1039.424894][ C1] ? lock_acquire+0x1f1/0xad0 [ 1039.429545][ C1] ? __might_fault+0xef/0x1d0 [ 1039.434196][ C1] ? find_held_lock+0x2d/0x110 [ 1039.438951][ C1] ? futex_exit_release+0x220/0x220 [ 1039.444138][ C1] ? lock_downgrade+0x820/0x820 [ 1039.448964][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1039.455190][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1039.460195][ C1] ? __might_fault+0x190/0x1d0 [ 1039.464945][ C1] ? _copy_to_user+0x126/0x160 [ 1039.469702][ C1] __x64_sys_futex+0x378/0x4e0 [ 1039.474458][ C1] ? do_futex+0x1a60/0x1a60 [ 1039.478943][ C1] ? __x64_sys_clock_gettime+0x165/0x240 [ 1039.484549][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1039.489459][ C1] ? do_syscall_64+0x1c/0xe0 [ 1039.494024][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1039.499984][ C1] do_syscall_64+0x60/0xe0 [ 1039.504563][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1039.510443][ C1] RIP: 0033:0x45cb29 [ 1039.514309][ C1] Code: Bad RIP value. [ 1039.518347][ C1] RSP: 002b:00007f8614cb1cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1039.526739][ C1] RAX: ffffffffffffffda RBX: 000000000078bfa8 RCX: 000000000045cb29 [ 1039.534684][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bfa8 [ 1039.542628][ C1] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1039.550572][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bfac [ 1039.558517][ C1] R13: 0000000000c9fb6f R14: 00007f8614cb29c0 R15: 000000000078bfac [ 1039.566475][ C1] syz-executor.1 R running task 28200 323 6984 0x00000000 [ 1039.574357][ C1] Call Trace: [ 1039.577625][ C1] __schedule+0x8e1/0x1eb0 [ 1039.582019][ C1] ? io_schedule_timeout+0x140/0x140 [ 1039.587279][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1039.593076][ C1] schedule+0xd0/0x2a0 [ 1039.597122][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1039.602213][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1039.607386][ C1] futex_wait+0x1df/0x560 [ 1039.611701][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1039.616712][ C1] ? hrtimer_init_sleeper_on_stack+0x90/0x90 [ 1039.622666][ C1] ? mark_lock+0xbc/0x1710 [ 1039.627068][ C1] do_futex+0x15b/0x1a60 [ 1039.631291][ C1] ? __might_fault+0x11f/0x1d0 [ 1039.636030][ C1] ? lock_acquire+0x1f1/0xad0 [ 1039.640687][ C1] ? futex_exit_release+0x220/0x220 [ 1039.645859][ C1] ? ktime_get+0x3e/0x120 [ 1039.650164][ C1] ? lock_downgrade+0x820/0x820 [ 1039.654989][ C1] ? __might_fault+0x190/0x1d0 [ 1039.659727][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1039.665977][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1039.671932][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1039.679295][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1039.684392][ C1] ? read_seqcount_begin.constprop.0+0x139/0x1f0 [ 1039.690693][ C1] ? ktime_get+0xd8/0x120 [ 1039.694999][ C1] __x64_sys_futex+0x378/0x4e0 [ 1039.699738][ C1] ? do_futex+0x1a60/0x1a60 [ 1039.704227][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1039.709140][ C1] ? do_syscall_64+0x1c/0xe0 [ 1039.713702][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1039.719657][ C1] do_syscall_64+0x60/0xe0 [ 1039.724051][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1039.729917][ C1] RIP: 0033:0x45cb29 [ 1039.733777][ C1] Code: Bad RIP value. [ 1039.737813][ C1] RSP: 002b:0000000000c9fbe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1039.746213][ C1] RAX: ffffffffffffffda RBX: 0000000000000159 RCX: 000000000045cb29 [ 1039.754160][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf0c [ 1039.762105][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1039.770155][ C1] R10: 0000000000c9fcd0 R11: 0000000000000246 R12: 00000000000003e8 [ 1039.778124][ C1] R13: 00000000000d843b R14: 00000000000d82e2 R15: 000000000078bf0c [ 1039.786095][ C1] syz-executor.1 R running task 28728 330 6984 0x00000000 [ 1039.793993][ C1] Call Trace: [ 1039.797265][ C1] __schedule+0x8e1/0x1eb0 [ 1039.801670][ C1] ? io_schedule_timeout+0x140/0x140 [ 1039.806939][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1039.813415][ C1] schedule+0xd0/0x2a0 [ 1039.817458][ C1] do_nanosleep+0x222/0x650 [ 1039.821940][ C1] ? find_held_lock+0x2d/0x110 [ 1039.826699][ C1] ? schedule_timeout_idle+0x80/0x80 [ 1039.831959][ C1] ? __free_object+0xdd0/0xdd0 [ 1039.836698][ C1] ? memset+0x20/0x40 [ 1039.840740][ C1] ? __hrtimer_init+0x12c/0x260 [ 1039.845563][ C1] hrtimer_nanosleep+0x1f6/0x430 [ 1039.850477][ C1] ? nanosleep_copyout+0x100/0x100 [ 1039.855561][ C1] ? _copy_from_user+0x138/0x190 [ 1039.860474][ C1] ? hrtimer_init_sleeper_on_stack+0x90/0x90 [ 1039.866427][ C1] ? put_timespec64+0x120/0x120 [ 1039.871253][ C1] ? gadget_bind+0x780/0x780 [ 1039.875819][ C1] __x64_sys_nanosleep+0x1dc/0x260 [ 1039.880905][ C1] ? hrtimer_nanosleep+0x430/0x430 [ 1039.885993][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1039.890917][ C1] ? do_syscall_64+0x1c/0xe0 [ 1039.895483][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1039.902482][ C1] do_syscall_64+0x60/0xe0 [ 1039.906872][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1039.912739][ C1] RIP: 0033:0x45b051 [ 1039.916604][ C1] Code: Bad RIP value. [ 1039.920642][ C1] RSP: 002b:00007f57eaebfba0 EFLAGS: 00000293 ORIG_RAX: 0000000000000023 [ 1039.929027][ C1] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 000000000045b051 [ 1039.936991][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007f57eaebfbb0 [ 1039.944935][ C1] RBP: 0000000000000000 R08: 000000000040649f R09: 0000000000000000 [ 1039.952879][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1039.960834][ C1] R13: 0000000000000000 R14: 00000000004ced6c R15: 00007f57eaec26d4 [ 1039.968792][ C1] syz-executor.2 S28384 365 7107 0x00000000 [ 1039.975101][ C1] Call Trace: [ 1039.978366][ C1] __schedule+0x8e1/0x1eb0 [ 1039.982772][ C1] ? io_schedule_timeout+0x140/0x140 [ 1039.988035][ C1] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1039.993814][ C1] schedule+0xd0/0x2a0 [ 1039.997859][ C1] futex_wait_queue_me+0x2a7/0x570 [ 1040.002944][ C1] ? attach_to_pi_state+0x2c0/0x2c0 [ 1040.008116][ C1] futex_wait+0x1df/0x560 [ 1040.012422][ C1] ? futex_wait_setup+0x2d0/0x2d0 [ 1040.017511][ C1] ? hrtimer_init_sleeper_on_stack+0x90/0x90 [ 1040.023489][ C1] ? mark_lock+0xbc/0x1710 [ 1040.027911][ C1] do_futex+0x15b/0x1a60 [ 1040.032139][ C1] ? __might_fault+0x11f/0x1d0 [ 1040.036885][ C1] ? lock_acquire+0x1f1/0xad0 [ 1040.041556][ C1] ? futex_exit_release+0x220/0x220 [ 1040.046729][ C1] ? ktime_get+0x3e/0x120 [ 1040.051033][ C1] ? lock_downgrade+0x820/0x820 [ 1040.056467][ C1] ? __might_fault+0x190/0x1d0 [ 1040.061467][ C1] ? read_seqcount_begin.constprop.0+0xd9/0x1f0 [ 1040.067679][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1040.073631][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1040.078639][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1040.083724][ C1] ? read_seqcount_begin.constprop.0+0x139/0x1f0 [ 1040.090024][ C1] ? ktime_get+0xd8/0x120 [ 1040.094330][ C1] __x64_sys_futex+0x378/0x4e0 [ 1040.099071][ C1] ? do_futex+0x1a60/0x1a60 [ 1040.103549][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1040.108467][ C1] ? do_syscall_64+0x1c/0xe0 [ 1040.113030][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1040.119100][ C1] do_syscall_64+0x60/0xe0 [ 1040.123585][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1040.129454][ C1] RIP: 0033:0x45cb29 [ 1040.133317][ C1] Code: Bad RIP value. [ 1040.137354][ C1] RSP: 002b:0000000000c9fbe8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1040.145752][ C1] RAX: ffffffffffffffda RBX: 0000000000000be5 RCX: 000000000045cb29 [ 1040.153715][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000078bf0c [ 1040.161671][ C1] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 1040.169621][ C1] R10: 0000000000c9fcd0 R11: 0000000000000246 R12: 00000000000003e8 [ 1040.177591][ C1] R13: 00000000000d88c7 R14: 00000000000d7ce2 R15: 000000000078bf0c [ 1040.185551][ C1] syz-executor.2 S27488 369 7107 0x00000000 [ 1040.191861][ C1] Call Trace: [ 1040.195130][ C1] __schedule+0x8e1/0x1eb0 [ 1040.199567][ C1] ? io_schedule_timeout+0x140/0x140 [ 1040.204829][ C1] schedule+0xd0/0x2a0 [ 1040.208876][ C1] schedule_timeout+0x1d8/0x250 [ 1040.213704][ C1] ? usleep_range+0x170/0x170 [ 1040.218356][ C1] ? lock_downgrade+0x820/0x820 [ 1040.223199][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 1040.228381][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1040.234353][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1040.239363][ C1] __down_interruptible+0x17d/0x360 [ 1040.244536][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 1040.249553][ C1] ? __down+0x2a0/0x2a0 [ 1040.253696][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1040.258623][ C1] ? lockdep_hardirqs_off+0x66/0xa0 [ 1040.263803][ C1] down_interruptible+0x62/0x80 [ 1040.268651][ C1] raw_ioctl+0x10a6/0x1ca2 [ 1040.273049][ C1] ? gadget_bind+0x780/0x780 [ 1040.277659][ C1] ? gadget_bind+0x780/0x780 [ 1040.282245][ C1] ksys_ioctl+0x11a/0x180 [ 1040.286558][ C1] __x64_sys_ioctl+0x6f/0xb0 [ 1040.291125][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1040.296261][ C1] do_syscall_64+0x60/0xe0 [ 1040.300653][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1040.306520][ C1] RIP: 0033:0x45c9f7 [ 1040.310382][ C1] Code: Bad RIP value. [ 1040.314419][ C1] RSP: 002b:00007fd4292bbaa8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1040.322806][ C1] RAX: ffffffffffffffda RBX: 0000000000000024 RCX: 000000000045c9f7 [ 1040.330923][ C1] RDX: 00007fd4292bcc10 RSI: 0000000080085502 RDI: 0000000000000004 [ 1040.338880][ C1] RBP: 0000000000000080 R08: 0003810509002222 R09: 0000000000000000 [ 1040.346832][ C1] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000002 [ 1040.354783][ C1] R13: 0000000000000c6e R14: 00000000004ceccc R15: 00007fd4292be6d4 [ 1040.362744][ C1] systemd-udevd S27784 378 3882 0x00000100 [ 1040.369058][ C1] Call Trace: [ 1040.372377][ C1] __schedule+0x8e1/0x1eb0 [ 1040.376774][ C1] ? io_schedule_timeout+0x140/0x140 [ 1040.382041][ C1] ? __mutex_unlock_slowpath+0xe2/0x610 [ 1040.387577][ C1] schedule+0xd0/0x2a0 [ 1040.391623][ C1] schedule_hrtimeout_range_clock+0x31d/0x370 [ 1040.397681][ C1] ? hrtimer_nanosleep_restart+0x170/0x170 [ 1040.403467][ C1] ? lock_downgrade+0x820/0x820 [ 1040.408386][ C1] ? do_raw_write_lock+0x11a/0x280 [ 1040.413504][ C1] ? _raw_write_unlock_irq+0x1f/0x80 [ 1040.418858][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1040.424843][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1040.429858][ C1] do_epoll_wait+0xf59/0x1190 [ 1040.434540][ C1] ? ep_poll_callback+0xfc0/0xfc0 [ 1040.439553][ C1] ? security_file_permission+0x239/0x470 [ 1040.445249][ C1] ? __vfs_write+0x7e/0x100 [ 1040.449726][ C1] ? vfs_write+0x161/0x5d0 [ 1040.454116][ C1] ? finish_wait+0x260/0x260 [ 1040.458686][ C1] ? __secure_computing+0x104/0x360 [ 1040.463862][ C1] ? syscall_trace_enter+0x14a/0x340 [ 1040.470750][ C1] __x64_sys_epoll_wait+0x93/0xf0 [ 1040.475859][ C1] do_syscall_64+0x60/0xe0 [ 1040.480266][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1040.486136][ C1] RIP: 0033:0x7fc966a662e3 [ 1040.490520][ C1] Code: Bad RIP value. [ 1040.494561][ C1] RSP: 002b:00007fffec085178 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8 [ 1040.503059][ C1] RAX: ffffffffffffffda RBX: 0000559fc06e0960 RCX: 00007fc966a662e3 [ 1040.511040][ C1] RDX: 0000000000000004 RSI: 00007fffec085240 RDI: 0000000000000004 [ 1040.518994][ C1] RBP: 00007fffec0852f0 R08: 0000559fc06e97e0 R09: 0000000000000000 [ 1040.526945][ C1] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffec085240 [ 1040.534979][ C1] R13: 000000000aba9500 R14: 0000000000000003 R15: 000000000000000e [ 1040.542963][ C1] systemd-udevd S28168 379 3882 0x00000100 [ 1040.549289][ C1] Call Trace: [ 1040.552567][ C1] __schedule+0x8e1/0x1eb0 [ 1040.556968][ C1] ? io_schedule_timeout+0x140/0x140 [ 1040.562231][ C1] ? __mutex_unlock_slowpath+0xe2/0x610 [ 1040.567754][ C1] schedule+0xd0/0x2a0 [ 1040.571801][ C1] schedule_hrtimeout_range_clock+0x31d/0x370 [ 1040.577858][ C1] ? hrtimer_nanosleep_restart+0x170/0x170 [ 1040.583641][ C1] ? lock_downgrade+0x820/0x820 [ 1040.588532][ C1] ? do_raw_write_lock+0x11a/0x280 [ 1040.593689][ C1] ? _raw_write_unlock_irq+0x1f/0x80 [ 1040.598963][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1040.604968][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1040.610009][ C1] do_epoll_wait+0xf59/0x1190 [ 1040.614665][ C1] ? ep_poll_callback+0xfc0/0xfc0 [ 1040.619663][ C1] ? security_file_permission+0x239/0x470 [ 1040.625360][ C1] ? __vfs_write+0x7e/0x100 [ 1040.629842][ C1] ? vfs_write+0x161/0x5d0 [ 1040.634234][ C1] ? finish_wait+0x260/0x260 [ 1040.638798][ C1] ? __secure_computing+0x104/0x360 [ 1040.643987][ C1] ? syscall_trace_enter+0x14a/0x340 [ 1040.649252][ C1] __x64_sys_epoll_wait+0x93/0xf0 [ 1040.654252][ C1] do_syscall_64+0x60/0xe0 [ 1040.658642][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1040.664533][ C1] RIP: 0033:0x7fc966a662e3 [ 1040.668919][ C1] Code: Bad RIP value. [ 1040.672957][ C1] RSP: 002b:00007fffec085178 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8 [ 1040.681352][ C1] RAX: ffffffffffffffda RBX: 0000559fc06e0960 RCX: 00007fc966a662e3 [ 1040.689396][ C1] RDX: 0000000000000004 RSI: 00007fffec085240 RDI: 0000000000000004 [ 1040.697349][ C1] RBP: 00007fffec0852f0 R08: 0000559fc06de5d0 R09: 0000000000000000 [ 1040.705295][ C1] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffec085240 [ 1040.713239][ C1] R13: 0000559fc06e1df0 R14: 0000000000000003 R15: 000000000000000e [ 1040.721882][ C1] systemd-udevd S28160 382 3882 0x00000100 [ 1040.728198][ C1] Call Trace: [ 1040.731474][ C1] __schedule+0x8e1/0x1eb0 [ 1040.735872][ C1] ? io_schedule_timeout+0x140/0x140 [ 1040.741179][ C1] ? __mutex_unlock_slowpath+0xe2/0x610 [ 1040.746739][ C1] schedule+0xd0/0x2a0 [ 1040.750823][ C1] schedule_hrtimeout_range_clock+0x31d/0x370 [ 1040.756864][ C1] ? hrtimer_nanosleep_restart+0x170/0x170 [ 1040.762645][ C1] ? lock_downgrade+0x820/0x820 [ 1040.767468][ C1] ? do_raw_write_lock+0x11a/0x280 [ 1040.772553][ C1] ? _raw_write_unlock_irq+0x1f/0x80 [ 1040.777813][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1040.783770][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1040.788810][ C1] do_epoll_wait+0xf59/0x1190 [ 1040.793470][ C1] ? ep_poll_callback+0xfc0/0xfc0 [ 1040.798468][ C1] ? security_file_permission+0x239/0x470 [ 1040.804162][ C1] ? __vfs_write+0x7e/0x100 [ 1040.808638][ C1] ? vfs_write+0x161/0x5d0 [ 1040.813041][ C1] ? finish_wait+0x260/0x260 [ 1040.817606][ C1] ? __secure_computing+0x104/0x360 [ 1040.822799][ C1] ? syscall_trace_enter+0x14a/0x340 [ 1040.828059][ C1] __x64_sys_epoll_wait+0x93/0xf0 [ 1040.833069][ C1] do_syscall_64+0x60/0xe0 [ 1040.837458][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1040.843330][ C1] RIP: 0033:0x7fc966a662e3 [ 1040.847715][ C1] Code: Bad RIP value. [ 1040.851753][ C1] RSP: 002b:00007fffec085178 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8 [ 1040.860144][ C1] RAX: ffffffffffffffda RBX: 0000559fc06cd120 RCX: 00007fc966a662e3 [ 1040.868088][ C1] RDX: 0000000000000004 RSI: 00007fffec085240 RDI: 0000000000000004 [ 1040.876053][ C1] RBP: 00007fffec0852f0 R08: 0000559fc06daa30 R09: 0000000000000000 [ 1040.883998][ C1] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffec085240 [ 1040.891956][ C1] R13: 0000559fc06de690 R14: 0000000000000003 R15: 000000000000000e [ 1040.899921][ C1] systemd-udevd S27432 384 3882 0x00000100 [ 1040.906228][ C1] Call Trace: [ 1040.909494][ C1] __schedule+0x8e1/0x1eb0 [ 1040.913940][ C1] ? io_schedule_timeout+0x140/0x140 [ 1040.919212][ C1] ? __mutex_unlock_slowpath+0xe2/0x610 [ 1040.924733][ C1] schedule+0xd0/0x2a0 [ 1040.928776][ C1] schedule_hrtimeout_range_clock+0x31d/0x370 [ 1040.934816][ C1] ? hrtimer_nanosleep_restart+0x170/0x170 [ 1040.940624][ C1] ? lock_downgrade+0x820/0x820 [ 1040.945448][ C1] ? do_raw_write_lock+0x11a/0x280 [ 1040.950538][ C1] ? _raw_write_unlock_irq+0x1f/0x80 [ 1040.955797][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1040.961748][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1040.966759][ C1] do_epoll_wait+0xf59/0x1190 [ 1040.971424][ C1] ? ep_poll_callback+0xfc0/0xfc0 [ 1040.976435][ C1] ? security_file_permission+0x239/0x470 [ 1040.982128][ C1] ? __vfs_write+0x7e/0x100 [ 1040.986605][ C1] ? vfs_write+0x161/0x5d0 [ 1040.991270][ C1] ? finish_wait+0x260/0x260 [ 1040.996270][ C1] ? __secure_computing+0x104/0x360 [ 1041.001441][ C1] ? syscall_trace_enter+0x14a/0x340 [ 1041.006723][ C1] __x64_sys_epoll_wait+0x93/0xf0 [ 1041.011743][ C1] do_syscall_64+0x60/0xe0 [ 1041.016149][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1041.022059][ C1] RIP: 0033:0x7fc966a662e3 [ 1041.026446][ C1] Code: Bad RIP value. [ 1041.030482][ C1] RSP: 002b:00007fffec085178 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8 [ 1041.038864][ C1] RAX: ffffffffffffffda RBX: 0000559fc06e0960 RCX: 00007fc966a662e3 [ 1041.046809][ C1] RDX: 0000000000000004 RSI: 00007fffec085240 RDI: 0000000000000004 [ 1041.054755][ C1] RBP: 00007fffec0852f0 R08: 0000000000000049 R09: 0000000000000018 [ 1041.062710][ C1] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffec085240 [ 1041.071001][ C1] R13: 0000559fc06cd120 R14: 0000000000000003 R15: 000000000000000e [ 1041.078977][ C1] systemd-udevd S28160 390 3882 0x00000100 [ 1041.085282][ C1] Call Trace: [ 1041.088546][ C1] __schedule+0x8e1/0x1eb0 [ 1041.092941][ C1] ? io_schedule_timeout+0x140/0x140 [ 1041.098202][ C1] ? __mutex_unlock_slowpath+0xe2/0x610 [ 1041.103738][ C1] schedule+0xd0/0x2a0 [ 1041.107805][ C1] schedule_hrtimeout_range_clock+0x31d/0x370 [ 1041.113849][ C1] ? hrtimer_nanosleep_restart+0x170/0x170 [ 1041.119634][ C1] ? lock_downgrade+0x820/0x820 [ 1041.124458][ C1] ? do_raw_write_lock+0x11a/0x280 [ 1041.129542][ C1] ? _raw_write_unlock_irq+0x1f/0x80 [ 1041.134799][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1041.140751][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1041.145751][ C1] do_epoll_wait+0xf59/0x1190 [ 1041.150407][ C1] ? ep_poll_callback+0xfc0/0xfc0 [ 1041.155408][ C1] ? security_file_permission+0x239/0x470 [ 1041.161103][ C1] ? __vfs_write+0x7e/0x100 [ 1041.169056][ C1] ? vfs_write+0x161/0x5d0 [ 1041.173533][ C1] ? finish_wait+0x260/0x260 [ 1041.178147][ C1] ? __secure_computing+0x104/0x360 [ 1041.183332][ C1] ? syscall_trace_enter+0x14a/0x340 [ 1041.188713][ C1] __x64_sys_epoll_wait+0x93/0xf0 [ 1041.193721][ C1] do_syscall_64+0x60/0xe0 [ 1041.198150][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1041.205517][ C1] RIP: 0033:0x7fc966a662e3 [ 1041.210708][ C1] Code: Bad RIP value. [ 1041.215552][ C1] RSP: 002b:00007fffec085178 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8 [ 1041.223951][ C1] RAX: ffffffffffffffda RBX: 0000559fc06cd120 RCX: 00007fc966a662e3 [ 1041.232005][ C1] RDX: 0000000000000004 RSI: 00007fffec085240 RDI: 0000000000000004 [ 1041.239974][ C1] RBP: 00007fffec0852f0 R08: 0000559fc06de740 R09: 0000000000000000 [ 1041.248210][ C1] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffec085240 [ 1041.256165][ C1] R13: 0000559fc06de030 R14: 0000000000000003 R15: 000000000000000e [ 1041.266554][ C1] systemd-udevd S28384 415 3882 0x00000100 [ 1041.273333][ C1] Call Trace: [ 1041.277241][ C1] __schedule+0x8e1/0x1eb0 [ 1041.281640][ C1] ? io_schedule_timeout+0x140/0x140 [ 1041.287075][ C1] ? sock_write_iter+0x307/0x3c0 [ 1041.291988][ C1] ? sock_sendmsg+0x120/0x120 [ 1041.296761][ C1] schedule+0xd0/0x2a0 [ 1041.300837][ C1] schedule_hrtimeout_range_clock+0x31d/0x370 [ 1041.306895][ C1] ? hrtimer_nanosleep_restart+0x170/0x170 [ 1041.313082][ C1] ? lock_downgrade+0x820/0x820 [ 1041.319068][ C1] ? do_raw_write_lock+0x11a/0x280 [ 1041.326435][ C1] ? _raw_write_unlock_irq+0x1f/0x80 [ 1041.331819][ C1] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1041.337799][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1041.343280][ C1] do_epoll_wait+0xf59/0x1190 [ 1041.347949][ C1] ? ep_poll_callback+0xfc0/0xfc0 [ 1041.354601][ C1] ? security_file_permission+0x239/0x470 [ 1041.363003][ C1] ? __vfs_write+0x7e/0x100 [ 1041.367543][ C1] ? vfs_write+0x161/0x5d0 [ 1041.371952][ C1] ? finish_wait+0x260/0x260 [ 1041.376532][ C1] ? __secure_computing+0x104/0x360 [ 1041.381740][ C1] ? syscall_trace_enter+0x14a/0x340 [ 1041.387004][ C1] __x64_sys_epoll_wait+0x93/0xf0 [ 1041.392601][ C1] do_syscall_64+0x60/0xe0 [ 1041.397023][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1041.402915][ C1] RIP: 0033:0x7fc966a662e3 [ 1041.407306][ C1] Code: Bad RIP value. [ 1041.412075][ C1] RSP: 002b:00007fffec085178 EFLAGS: 00000246 ORIG_RAX: 00000000000000e8 [ 1041.422126][ C1] RAX: ffffffffffffffda RBX: 0000559fc06e0960 RCX: 00007fc966a662e3 [ 1041.430083][ C1] RDX: 0000000000000004 RSI: 00007fffec085240 RDI: 0000000000000004 [ 1041.438122][ C1] RBP: 00007fffec0852f0 R08: 0000559fc06e90d0 R09: 0000000000000018 [ 1041.446071][ C1] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffec085240 [ 1041.454016][ C1] R13: 0000559fc06e8fc0 R14: 0000000000000003 R15: 000000000000000e [ 1041.462424][ C1] [ 1041.462424][ C1] Showing all locks held in the system: [ 1041.473414][ C1] 3 locks held by kworker/0:1/12: [ 1041.478881][ C1] 10 locks held by kworker/u4:4/146: [ 1041.484354][ C1] #0: ffff888214f5a938 ((wq_completion)krdsd){+.+.}-{0:0}, at: process_one_work+0x82b/0x1670 [ 1041.494588][ C1] #1: ffffc900014b7da8 ((work_completion)(&cp->cp_down_w)){+.+.}-{0:0}, at: process_one_work+0x85f/0x1670 [ 1041.507710][ C1] #2: ffff8880a17833a0 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: tcp_close+0x25/0x11f0 [ 1041.518133][ C1] #3: ffffffff89bc1140 (rcu_read_lock){....}-{1:2}, at: inet6_csk_xmit+0x12f/0x610 [ 1041.527493][ C1] #4: ffffffff89bc1140 (rcu_read_lock){....}-{1:2}, at: nf_hook+0x0/0x620 [ 1041.536059][ C1] #5: ffffc90000da8d78 ((&dev->timer)){+.-.}-{0:0}, at: call_timer_fn+0xdb/0x760 [ 1041.545258][ C1] #6: ffff88800f1b6230 (&dev->event_lock){-.-.}-{2:2}, at: input_repeat_key+0x78/0x380 [ 1041.555041][ C1] #7: ffffffff89bc1140 (rcu_read_lock){....}-{1:2}, at: input_pass_values.part.0+0x0/0x700 [ 1041.565082][ C1] #8: ffffffff8a17dbf8 (kbd_event_lock){..-.}-{2:2}, at: kbd_event+0x87/0x1830 [ 1041.576220][ C1] #9: ffffffff89bc1140 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 1041.586081][ C1] 5 locks held by systemd-udevd/3882: [ 1041.591516][ C1] 1 lock held by in:imklog/6518: [ 1041.596443][ C1] 2 locks held by agetty/6532: [ 1041.601265][ C1] #0: ffff8880a8547098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80 [ 1041.611329][ C1] #1: ffffc900011242e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x223/0x1a30 [ 1041.621550][ C1] [ 1041.623858][ C1] ============================================= [ 1041.623858][ C1] [ 1041.633053][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 1041.641961][ C0] rcu: 1-...!: (1 GPs behind) idle=632/1/0x4000000000000000 softirq=77934/77935 fqs=1 [ 1041.652418][ C0] (detected by 0, t=15605 jiffies, g=131441, q=220) [ 1041.659100][ C0] Sending NMI from CPU 0 to CPUs 1: [ 1041.665772][ C1] NMI backtrace for cpu 1 [ 1041.665780][ C1] CPU: 1 PID: 146 Comm: kworker/u4:4 Not tainted 5.8.0-rc3-syzkaller #0 [ 1041.665788][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1041.665792][ C1] Workqueue: krdsd rds_shutdown_worker [ 1041.665799][ C1] RIP: 0010:unwind_next_frame+0x106/0x1f90 [ 1041.665814][ C1] Code: 1e 16 00 00 49 8b 47 48 48 89 44 24 08 49 8d 47 38 48 89 c2 48 89 04 24 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 <0f> 85 ff 15 00 00 49 8b 47 38 bf 01 00 00 00 48 89 44 24 10 e8 51 [ 1041.665819][ C1] RSP: 0018:ffffc90000da8838 EFLAGS: 00000046 [ 1041.665827][ C1] RAX: dffffc0000000000 RBX: 1ffff920001b510f RCX: 0000000000000000 [ 1041.665833][ C1] RDX: 1ffff920001b5129 RSI: 0000000000000000 RDI: ffffc90000da8910 [ 1041.665839][ C1] RBP: 0000000000000001 R08: ffffffff8b18f052 R09: 0000000000000001 [ 1041.665850][ C1] R10: 000000000007201e R11: 0000000000000001 R12: ffffc90000da8958 [ 1041.665856][ C1] R13: 0000000000000000 R14: ffff8880a8eb40c0 R15: ffffc90000da8910 [ 1041.665863][ C1] FS: 0000000000000000(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000 [ 1041.665868][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1041.665874][ C1] CR2: 00000000004f4bf0 CR3: 000000008fcdd000 CR4: 00000000001426e0 [ 1041.665880][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1041.665887][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1041.665889][ C1] Call Trace: [ 1041.665892][ C1] [ 1041.665896][ C1] ? ret_from_fork+0x1f/0x30 [ 1041.665900][ C1] ? deref_stack_reg+0x150/0x150 [ 1041.665904][ C1] ? __unwind_start+0x4dd/0x7c0 [ 1041.665908][ C1] ? profile_setup.cold+0xc1/0xc1 [ 1041.665911][ C1] arch_stack_walk+0x81/0xf0 [ 1041.665915][ C1] ? ret_from_fork+0x1f/0x30 [ 1041.665919][ C1] stack_trace_save+0x8c/0xc0 [ 1041.665923][ C1] ? stack_trace_consume_entry+0x160/0x160 [ 1041.665933][ C1] save_stack+0x1b/0x40 [ 1041.665936][ C1] ? save_stack+0x1b/0x40 [ 1041.665940][ C1] ? __kasan_slab_free+0xf5/0x140 [ 1041.665944][ C1] ? kmem_cache_free+0x7f/0x310 [ 1041.665949][ C1] ? inet_bind_bucket_destroy+0xdf/0x120 [ 1041.665953][ C1] ? inet_twsk_bind_unhash+0x121/0x1b0 [ 1041.665957][ C1] ? inet_twsk_kill+0x21d/0x470 [ 1041.665961][ C1] ? call_timer_fn+0x1ac/0x760 [ 1041.665965][ C1] ? __run_timers.part.0+0x54c/0xa20 [ 1041.665969][ C1] ? run_timer_softirq+0xae/0x1a0 [ 1041.665973][ C1] ? __do_softirq+0x34c/0xa60 [ 1041.665977][ C1] ? asm_call_on_stack+0xf/0x20 [ 1041.665981][ C1] ? do_softirq_own_stack+0x111/0x170 [ 1041.665985][ C1] ? irq_exit_rcu+0x229/0x270 [ 1041.665990][ C1] ? sysvec_apic_timer_interrupt+0x54/0x120 [ 1041.665995][ C1] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1041.665999][ C1] ? __sanitizer_cov_trace_pc+0x2a/0x60 [ 1041.666003][ C1] ? nf_hook_slow+0x74/0x1e0 [ 1041.666007][ C1] ? nf_hook+0x38f/0x620 [ 1041.666011][ C1] ? ip6_xmit+0xdd2/0x1e80 [ 1041.666014][ C1] ? inet6_csk_xmit+0x339/0x610 [ 1041.666019][ C1] ? __tcp_transmit_skb+0x1884/0x3690 [ 1041.666022][ C1] ? tcp_write_xmit+0xebf/0x5c70 [ 1041.666027][ C1] ? __tcp_push_pending_frames+0xaa/0x330 [ 1041.666031][ C1] ? tcp_send_fin+0x117/0xbb0 [ 1041.666034][ C1] ? tcp_close+0xb31/0x11f0 [ 1041.666038][ C1] ? inet_release+0xe4/0x1f0 [ 1041.666042][ C1] ? inet6_release+0x4c/0x70 [ 1041.666045][ C1] ? sock_release+0x87/0x1b0 [ 1041.666050][ C1] ? rds_tcp_conn_path_shutdown+0x1e5/0x3f0 [ 1041.666054][ C1] ? rds_conn_shutdown+0x23e/0x904 [ 1041.666058][ C1] ? process_one_work+0x94c/0x1670 [ 1041.666062][ C1] ? worker_thread+0x64c/0x1120 [ 1041.666066][ C1] ? kthread+0x3b5/0x4a0 [ 1041.666070][ C1] ? ret_from_fork+0x1f/0x30 [ 1041.666074][ C1] ? lockdep_hardirqs_off+0x66/0xa0 [ 1041.666078][ C1] ? trace_hardirqs_off+0x27/0x210 [ 1041.666082][ C1] ? _raw_spin_unlock_irqrestore+0x9b/0xe0 [ 1041.666087][ C1] ? debug_check_no_obj_freed+0x20c/0x41c [ 1041.666090][ C1] ? __phys_addr+0x9a/0x110 [ 1041.666095][ C1] ? inet_bind_bucket_destroy+0xdf/0x120 [ 1041.666099][ C1] __kasan_slab_free+0xf5/0x140 [ 1041.666103][ C1] ? inet_bind_bucket_destroy+0xdf/0x120 [ 1041.666107][ C1] kmem_cache_free+0x7f/0x310 [ 1041.666111][ C1] inet_bind_bucket_destroy+0xdf/0x120 [ 1041.666116][ C1] inet_twsk_bind_unhash+0x121/0x1b0 [ 1041.666119][ C1] inet_twsk_kill+0x21d/0x470 [ 1041.666123][ C1] call_timer_fn+0x1ac/0x760 [ 1041.666127][ C1] ? inet_twsk_kill+0x470/0x470 [ 1041.666131][ C1] ? add_timer_on+0x490/0x490 [ 1041.666135][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 1041.666140][ C1] ? lockdep_hardirqs_on_prepare+0x1bc/0x590 [ 1041.666144][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1041.666148][ C1] ? inet_twsk_kill+0x470/0x470 [ 1041.666152][ C1] __run_timers.part.0+0x54c/0xa20 [ 1041.666155][ C1] ? call_timer_fn+0x760/0x760 [ 1041.666160][ C1] ? clockevents_program_event+0x12b/0x350 [ 1041.666164][ C1] ? mark_held_locks+0x9f/0xe0 [ 1041.666167][ C1] ? sched_clock_cpu+0x18/0x1b0 [ 1041.666171][ C1] run_timer_softirq+0xae/0x1a0 [ 1041.666175][ C1] __do_softirq+0x34c/0xa60 [ 1041.666179][ C1] asm_call_on_stack+0xf/0x20 [ 1041.666181][ C1] [ 1041.666185][ C1] do_softirq_own_stack+0x111/0x170 [ 1041.666189][ C1] irq_exit_rcu+0x229/0x270 [ 1041.666194][ C1] sysvec_apic_timer_interrupt+0x54/0x120 [ 1041.666198][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1041.666203][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x2a/0x60 [ 1041.666218][ C1] Code: 65 48 8b 14 25 00 ff 01 00 65 8b 05 90 47 8e 7e a9 00 01 ff 00 48 8b 34 24 74 0f f6 c4 01 74 35 8b 82 04 14 00 00 85 c0 74 2b <8b> 82 e0 13 00 00 83 f8 02 75 20 48 8b 8a e8 13 00 00 8b 92 e4 13 [ 1041.666222][ C1] RSP: 0018:ffffc900014b73a8 EFLAGS: 00000246 [ 1041.666231][ C1] RAX: 0000000080000000 RBX: ffff88809285ba00 RCX: ffffffff866cdff9 [ 1041.666237][ C1] RDX: ffff8880a8eb40c0 RSI: ffffffff866cdf14 RDI: 0000000000000004 [ 1041.666243][ C1] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000000000000 [ 1041.666249][ C1] R10: 0000000000000009 R11: 0000000000000000 R12: 0000000000000009 [ 1041.666255][ C1] R13: ffff88805f835160 R14: ffffc900014b7450 R15: dffffc0000000000 [ 1041.666259][ C1] ? nf_hook_slow+0x159/0x1e0 [ 1041.666263][ C1] ? nf_hook_slow+0x74/0x1e0 [ 1041.666266][ C1] nf_hook_slow+0x74/0x1e0 [ 1041.666270][ C1] nf_hook+0x38f/0x620 [ 1041.666274][ C1] ? ip6_flush_pending_frames+0xc0/0xc0 [ 1041.666278][ C1] ? ip6_fraglist_init+0x890/0x890 [ 1041.666282][ C1] ? lock_downgrade+0x820/0x820 [ 1041.666286][ C1] ? lock_downgrade+0x820/0x820 [ 1041.666290][ C1] ? ip6_flush_pending_frames+0xc0/0xc0 [ 1041.666294][ C1] ip6_xmit+0xdd2/0x1e80 [ 1041.666300][ C1] ? ip6_flush_pending_frames+0xc0/0xc0 [ 1041.666305][ C1] ? ip6_append_data+0x330/0x330 [ 1041.666310][ C1] ? lock_release+0x8d0/0x8d0 [ 1041.666313][ C1] ? inet6_csk_route_socket+0x70e/0xee0 [ 1041.666317][ C1] ? inet6_csk_route_req+0x7d0/0x7d0 [ 1041.666320][ C1] ? unwind_next_frame+0x3f2/0x1f90 [ 1041.666324][ C1] ? ret_from_fork+0x1f/0x30 [ 1041.666327][ C1] inet6_csk_xmit+0x339/0x610 [ 1041.666331][ C1] ? inet6_csk_update_pmtu+0x180/0x180 [ 1041.666334][ C1] ? __skb_clone+0x586/0x770 [ 1041.666337][ C1] ? csum_ipv6_magic+0x1b/0x70 [ 1041.666341][ C1] __tcp_transmit_skb+0x1884/0x3690 [ 1041.666345][ C1] ? __tcp_select_window+0xa00/0xa00 [ 1041.666348][ C1] ? ktime_get+0x3e/0x120 [ 1041.666352][ C1] ? find_held_lock+0x2d/0x110 [ 1041.666355][ C1] ? mark_lock+0xbc/0x1710 [ 1041.666359][ C1] ? trace_hardirqs_on+0x5f/0x220 [ 1041.666363][ C1] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1041.666367][ C1] ? read_seqcount_begin.constprop.0+0x139/0x1f0 [ 1041.666370][ C1] tcp_write_xmit+0xebf/0x5c70 [ 1041.666373][ C1] ? memset+0x20/0x40 [ 1041.666377][ C1] __tcp_push_pending_frames+0xaa/0x330 [ 1041.666380][ C1] tcp_send_fin+0x117/0xbb0 [ 1041.666384][ C1] tcp_close+0xb31/0x11f0 [ 1041.666387][ C1] inet_release+0xe4/0x1f0 [ 1041.666390][ C1] inet6_release+0x4c/0x70 [ 1041.666394][ C1] sock_release+0x87/0x1b0 [ 1041.666398][ C1] rds_tcp_conn_path_shutdown+0x1e5/0x3f0 [ 1041.666401][ C1] rds_conn_shutdown+0x23e/0x904 [ 1041.666405][ C1] ? __rds_conn_path_error+0x100/0x100 [ 1041.666410][ C1] ? lock_downgrade+0x820/0x820 [ 1041.666413][ C1] ? _raw_spin_unlock_irq+0x1f/0x80 [ 1041.666417][ C1] ? lock_is_held_type+0xb0/0xe0 [ 1041.666421][ C1] process_one_work+0x94c/0x1670 [ 1041.666424][ C1] ? lock_release+0x8d0/0x8d0 [ 1041.666428][ C1] ? pwq_dec_nr_in_flight+0x2d0/0x2d0 [ 1041.666432][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 1041.666436][ C1] ? lockdep_hardirqs_off+0x66/0xa0 [ 1041.666439][ C1] worker_thread+0x64c/0x1120 [ 1041.666443][ C1] ? process_one_work+0x1670/0x1670 [ 1041.666446][ C1] kthread+0x3b5/0x4a0 [ 1041.666450][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 1041.666454][ C1] ? __kthread_bind_mask+0xc0/0xc0 [ 1041.666458][ C1] ret_from_fork+0x1f/0x30 [ 1041.666584][ C0] rcu: rcu_preempt kthread starved for 15603 jiffies! g131441 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 1041.968861][ T17] usb 2-1: USB disconnect, device number 15 [ 1041.974112][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 1041.974118][ C0] rcu: RCU grace-period kthread stack dump: [ 1041.974126][ C0] rcu_preempt R running task 29120 10 2 0x00004000 [ 1041.974153][ C0] Call Trace: [ 1041.974176][ C0] __schedule+0x8e1/0x1eb0 [ 1041.974197][ C0] ? io_schedule_timeout+0x140/0x140 [ 1042.598738][ C0] ? enqueue_timer+0x420/0x420 [ 1042.598758][ C0] ? lock_downgrade+0x820/0x820 2020/07/01 18:23:06 Manager.Poll call failed: connection is shut down [ 1042.598777][ C0] schedule+0xd0/0x2a0 [ 1042.598796][ C0] schedule_timeout+0x148/0x250 [ 1042.598812][ C0] ? usleep_range+0x170/0x170 [ 1042.598829][ C0] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1042.598844][ C0] ? __next_timer_interrupt+0x190/0x190 [ 1042.598866][ C0] ? prepare_to_swait_exclusive+0x2d0/0x2d0 [ 1042.598882][ C0] rcu_gp_kthread+0xae5/0x1b50 [ 1042.598900][ C0] ? call_rcu+0x7e0/0x7e0 [ 1042.598912][ C0] ? _raw_spin_unlock_irqrestore+0x62/0xe0 [ 1042.598924][ C0] ? lockdep_hardirqs_on_prepare+0x3a2/0x590 [ 1042.598941][ C0] ? lockdep_hardirqs_on+0x6a/0xe0 [ 1042.598957][ C0] ? __kthread_parkme+0x13f/0x1e0 [ 1042.598969][ C0] ? call_rcu+0x7e0/0x7e0 [ 1042.598984][ C0] kthread+0x3b5/0x4a0 [ 1042.598997][ C0] ? __kthread_bind_mask+0xc0/0xc0 [ 1042.599010][ C0] ? __kthread_bind_mask+0xc0/0xc0 [ 1042.599028][ C0] ret_from_fork+0x1f/0x30 [ 1042.789281][ T3869] systemd-journald[3869]: /dev/kmsg buffer overrun, some messages lost. [ 1043.109662][ T3233] usb 3-1: USB disconnect, device number 88 [ 1045.429111][ T3234] usb 6-1: USB disconnect, device number 55 [ 1046.792285][ T1] systemd[1]: systemd-journald.service: Main process exited, code=killed, status=6/ABRT [ 1046.799254][ T26] tipc: TX() has been purged, node left! [ 1046.980651][ T1] systemd[1]: systemd-journald.service: Unit entered failed state. [ 1046.982000][ T1] systemd[1]: systemd-journald.service: Failed with result 'watchdog'. [ 1047.077214][ T1] systemd[1]: systemd-journald.service: Service has no hold-off time, scheduling restart. [ 1047.326154][ T1] systemd[1]: Stopped Flush Journal to Persistent Storage. [ 1047.327344][ T1] systemd[1]: Stopping Flush Journal to Persistent Storage... [ 1047.327392][ T1] systemd[1]: Stopped Journal Service. [ 1047.484886][ T1] systemd[1]: Starting Journal Service... [ 1047.673920][ T1] systemd[1]: Started Cleanup of Temporary Directories. [ 1047.783752][ T512] systemd-journald[512]: File /run/log/journal/64dd78f1a75445a997c532444ad0f085/system.journal corrupted or uncleanly shut down, renaming and replacing.