program: r0 = socket$inet_sctp(0x2, 0x5, 0x84) prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r1 = landlock_create_ruleset(&(0x7f0000000100)={0x6700}, 0x9, 0x0) landlock_restrict_self(r1, 0x0) r2 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000001c0)=0x2) ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000240)={0x6, @sliced={0x1, [0x1, 0x2, 0x7, 0x6, 0x1, 0xc, 0x4, 0x8001, 0x9, 0x0, 0x7, 0xe04, 0xe, 0x401, 0xcb2f, 0x3, 0x8, 0xfffd, 0x0, 0x81, 0x3, 0x7, 0xfff9, 0x2a4d, 0x2800, 0x2, 0x8, 0x8, 0xef, 0x8, 0x2, 0x1ff, 0x2, 0x5d, 0x1, 0x5, 0x9, 0xdb0, 0x3, 0x7, 0x2, 0xff18, 0x3, 0x401, 0xfffd, 0x211c, 0x730, 0x80], 0x9}}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08006, &(0x7f0000000100)=ANY=[@ANYRES32=0x0], 0x1, 0x687, &(0x7f0000000fc0)="$eJzs3c1vHGcdB/DvrNeOHaTUfUlaUCWsRioIi8QvcsFcGjggHypUhUOFxMVKnMbKxq1sF7kVAvN+5dA/oBx8QOICEvdIReKAgFvFzeKAKiFx6cm3oJmdtdfxS9Ybv8Tw+Viz+8w8r/PbmWd3dmVNgP9bc+NpPkiRufE31sr1zY3p1ubG9IU6u5WkTDeSZvspxVJSfJzcSHvJ58uNdfnioH4+XJy9+clnm5+215r1UpVvHFavN+v1krEkA/XzXoN9tXfrwPYON7+dKrb3sAzY1U7g4Kw93GP9KNWf8LwFngZF+31zj9HkYpLh+nNA6tmhcbqjO35HmuUAAADgnHpmK1tZy6WzHgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJ/X9/4t6aXTSYyk69/8fqrelTt9snPGYn8SDsx4AAAAAAAAAAByDL25lK2u5lPrH/YftX/ZfqR5fqB4/l/eykoUs51rWMp/VrGY5k0lGuxoaWptfXV2e7KHm1L41p/ob/+/7qwYAAAAAAAAA/2t+mrn27/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC0KJKB9lO1vNBJj6bRTDKcZKgst578vZM+J4r9Nj44/XEAAADAExnuo84zW9nKWi511h8W1TX/lep6eTjvZSmrWcxqWlnI7foaurzqb2xuTLc2N6bvb25MVx1//2Fbu51v/udIw6haTPu7h/17fqkqMZI7Way2XMutajC306hqll6qx7O97O7kJ+WYRl6v9Tiy2/Vz2dmvD/oW4Tg0jlphtKo0uB2RiXpsZUPPHh6Jx746zUN7mkxj+5ufFw7pqbNLxRFjfrFTL8kvH4n56//67fd6bOYEbEeikSoSU11H35XDY5586Y+/e+tua+ne3Tsr4yd2GJ2WR4+J6a5IvHiuI9E8YvmJKhKXt9fn8u18N+MZy5tZzmJ+kPmsZiH1zJj5+nguH0e7opTsidSNXWtvPm4kQ/Xr0p5FexnTWC5Uqfm8UtW9lMUUeSe3s5DXqr+pTOZrmclMZrte4csHvsLVvlUzbeNoZ/3VL2fnVP9VOVP3Vi/5c68Fj679llrG9dmuuHbPuaNVXveWnSg918P70RHnxuYX6kTZx8/6eds4MY9GYrIrEs8fHonfVOfGSmvp3vLd+XcPaH/9kfVXB3fSv+jrnfmkpp7yeHkuw/VMsvvoKPOe355ldsdrqP7FpZ3X2JN3ucoris6Z+p19ztQy4rNV6Sv7tjRV5b24N2+gHvk//tmVt+vzVt756wkFDIDjdfErF4dG/j3yt5GPRn4+cnfkjeFvXfj6hZeHMvinwW80JwZebbxc/CEf5Uc71/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/Vt7/4N58q7WwvH+icXDW8SaK+rY8B5VpZiSnMIzTTBTJ+rG3nLPfrx4SnZsIPmk7b914KnbnXCcGktRbfpzsHD/1S9TPzUWBc+H66v13r6+8/8FXF+/Pv73w9sLS4MzM7MTszGvT1+8sthYm2o9nPUrgJOx8HuixwuAJDwgAAAAAAAAAAAB4rP3+MeAvx/yfBl3djZ3hrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1Nx4moMpMjlxbaJc39yYbpVLJ71Tspmk0UiKHybFx8mNtJeMdjVXHNTPh4uzNz/5bPPTnbaanfKNw+r1Zr1eMpZkoH7eY6i/9m4d1F7Piu09LAN2tRM4OGv/DQAA//+iHAcm") r3 = inotify_init1(0x0) inotify_add_watch(r3, &(0x7f0000000080)='.\x00', 0x40000582) setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00') openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="00020000000000008000004000"/24]) sendmsg$inet_sctp(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)="68dfe1ba03f51f5b21d31326614851009463d4244e2a8b0b58a06a2c488592f8f6d0eef00892ad8152efbb", 0x2b}, {&(0x7f0000000100)="63164439c0ba6c7fe05a8215c23a2a34c8851f770fe1ccd43e10ce1b92b8c1d8ad70cb6e94ebc41bed2f33dcd8818daae9ca9f2229c694eae1bba49d420908a904a6e7296b228f51b9947724cc5422a5ee7f6b862ce403ef0a0773b20eefe3146ca9075f98e3c1a1a92e0a14789c4ffaa798493c5af44840e22ecc3091ef35eaeed4fb5dbbe6a6eed719dda65f60d993fffe541a87b8dea561897cafc1549267d8eebb5454b00b734dd31bcdbbcfce04da79c06e9a10998b26a8ac71e387dd25409fd542d9eff7487234f9354ba88ffb1a2ac7e83fb45793738416772fee282542be85a4068b3a7218cd95a2f20bea26", 0xf0}, {&(0x7f00000000c0)="62cc2ff4e4ab7f7cb72865c3ec9c406296279fa9a76c", 0x16}], 0x3, &(0x7f00000003c0)=[@dstaddrv6={0x20, 0x84, 0x8, @remote}, @prinfo={0x18, 0x84, 0x5, {0x10}}], 0x38}, 0x1) [ 116.869670][ C0] [ 116.870781][ C0] ============================= [ 116.872418][ C0] [ BUG: Invalid wait context ] [ 116.874181][ C0] 6.13.0-syzkaller-07644-gc2da8b3f914f #0 Not tainted [ 116.876302][ C0] ----------------------------- [ 116.877891][ C0] syz.0.0/5328 is trying to lock: [ 116.879584][ C0] ffffffff8ea70198 (stack_list_lock){-.-.}-{3:3}, at: __set_page_owner+0x5cb/0x800 [ 116.882885][ C0] other info that might help us debug this: [ 116.884971][ C0] context-{2:2} [ 116.886267][ C0] 1 lock held by syz.0.0/5328: [ 116.888058][ C0] #0: ffff88801fc3e8d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 116.891679][ C0] stack backtrace: [ 116.893129][ C0] CPU: 0 UID: 0 PID: 5328 Comm: syz.0.0 Not tainted 6.13.0-syzkaller-07644-gc2da8b3f914f #0 [ 116.893167][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 116.893180][ C0] Call Trace: [ 116.893216][ C0] [ 116.893221][ C0] dump_stack_lvl+0x241/0x360 [ 116.893238][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 116.893247][ C0] ? __pfx__printk+0x10/0x10 [ 116.893259][ C0] ? stack_trace_save+0x118/0x1d0 [ 116.893272][ C0] __lock_acquire+0x15a8/0x2100 [ 116.893288][ C0] lock_acquire+0x1ed/0x550 [ 116.893299][ C0] ? __set_page_owner+0x5cb/0x800 [ 116.893313][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 116.893329][ C0] _raw_spin_lock_irqsave+0xd5/0x120 [ 116.893366][ C0] ? __set_page_owner+0x5cb/0x800 [ 116.893378][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 116.893388][ C0] ? __kmalloc_cache_noprof+0x243/0x390 [ 116.893396][ C0] ? __set_page_owner+0x55f/0x800 [ 116.893408][ C0] __set_page_owner+0x5cb/0x800 [ 116.893420][ C0] ? __pfx___set_page_owner+0x10/0x10 [ 116.893432][ C0] post_alloc_hook+0x1f3/0x230 [ 116.893444][ C0] get_page_from_freelist+0x365c/0x37a0 [ 116.893466][ C0] __alloc_pages_noprof+0x292/0x710 [ 116.893479][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 116.893495][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 116.893510][ C0] ? __kernel_text_address+0xd/0x40 [ 116.893520][ C0] ? unwind_get_return_address+0x4d/0x90 [ 116.893534][ C0] alloc_pages_mpol_noprof+0x3e1/0x780 [ 116.893550][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 116.893563][ C0] ? stack_trace_save+0x118/0x1d0 [ 116.893574][ C0] ? alloc_pages_noprof+0x43/0x170 [ 116.893583][ C0] stack_depot_save_flags+0x72d/0x940 [ 116.893627][ C0] kasan_save_stack+0x4f/0x60 [ 116.893640][ C0] ? kasan_save_stack+0x3f/0x60 [ 116.893651][ C0] ? __kasan_record_aux_stack+0xac/0xc0 [ 116.893661][ C0] ? task_work_add+0xd9/0x490 [ 116.893675][ C0] ? task_tick_fair+0x30d/0x4e0 [ 116.893688][ C0] ? sched_tick+0x21e/0x660 [ 116.893696][ C0] ? update_process_times+0x276/0x2f0 [ 116.893707][ C0] ? tick_nohz_handler+0x37c/0x500 [ 116.893718][ C0] ? __hrtimer_run_queues+0x551/0xd30 [ 116.893731][ C0] ? hrtimer_interrupt+0x403/0xa40 [ 116.893743][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x420 [ 116.893756][ C0] ? sysvec_apic_timer_interrupt+0x52/0xc0 [ 116.893767][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 116.893787][ C0] ? __phys_addr+0xba/0x170 [ 116.893800][ C0] __kasan_record_aux_stack+0xac/0xc0 [ 116.893809][ C0] task_work_add+0xd9/0x490 [ 116.893823][ C0] ? __pfx_task_work_add+0x10/0x10 [ 116.893835][ C0] ? task_scan_start+0x14c/0x430 [ 116.893870][ C0] ? task_scan_start+0x14c/0x430 [ 116.893883][ C0] ? task_scan_start+0x3f5/0x430 [ 116.893896][ C0] task_tick_fair+0x30d/0x4e0 [ 116.893910][ C0] sched_tick+0x21e/0x660 [ 116.893920][ C0] update_process_times+0x276/0x2f0 [ 116.893930][ C0] tick_nohz_handler+0x37c/0x500 [ 116.893941][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 116.893951][ C0] __hrtimer_run_queues+0x551/0xd30 [ 116.893965][ C0] ? ktime_get_update_offsets_now+0x2d/0x3b0 [ 116.893978][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 116.893992][ C0] hrtimer_interrupt+0x403/0xa40 [ 116.894010][ C0] __sysvec_apic_timer_interrupt+0x110/0x420 [ 116.894022][ C0] sysvec_apic_timer_interrupt+0x52/0xc0 [ 116.894031][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 116.894044][ C0] RIP: 0033:0x7f0ada46325c [ 116.894117][ C0] Code: 0a bf e8 03 00 00 e8 43 9a 12 00 48 8b 05 4c 25 e7 00 8b 40 08 85 c0 74 e8 bf 02 00 00 00 e8 9b ca fe ff 48 8b 15 4c ee 33 00 <48> 8b 02 48 83 f8 02 74 f7 48 8b 02 48 83 f8 03 0f 84 6a 0a 00 00 [ 116.894127][ C0] RSP: 002b:00007fff26500c50 EFLAGS: 00000246 [ 116.894137][ C0] RAX: 0000000000000002 RBX: 0000000000010000 RCX: 00007f0ada628097 [ 116.894144][ C0] RDX: 00007f0ad91ff000 RSI: 00007f0ada62808d RDI: 00007f0ada5ead08 [ 116.894151][ C0] RBP: 0000000000dffff0 R08: 0000000000000000 R09: 00007fff26500ae7 [ 116.894157][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 00007f0ada776f68 [ 116.894162][ C0] R13: 00007f0ada776260 R14: 00007fff26500f00 R15: 00007fff26500f00 [ 116.894177][ C0] [ 117.058547][ T5315] Bluetooth: hci0: command tx timeout [ 117.095946][ T5329] loop0: detected capacity change from 0 to 1024