4][ C0] Call Trace:
[ 510.497999][ C0]
[ 510.498006][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 510.498033][ C0] __run_hrtimer+0x163/0x460
[ 510.498050][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 510.498068][ C0] hrtimer_interrupt+0x380/0xaf0
[ 510.498103][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 510.498128][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 510.498148][ C0]
[ 510.498154][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 510.527178][ T36] audit: type=1804 audit(1616268586.976:65): pid=27533 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir305265564/syzkaller.cmtTL6/836/file0" dev="sda1" ino=14032 res=1 errno=0
[ 510.531103][ C0] RIP: 0010:delay_tsc+0x62/0xa0
[ 510.546976][ T36] audit: type=1804 audit(1616268586.976:66): pid=27532 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir305265564/syzkaller.cmtTL6/836/file0" dev="sda1" ino=14032 res=1 errno=0
[ 510.552263][ C0] Code: 48 39 fa 73 59 0f 1f 00 a8 01 75 05 e8 6e 5d 57 fe f3 90 65 83 05 95 9b 58 7d 01 65 8b 35 d6 43 58 7d 41 39 f0 75 20 0f 01 f9 <66> 90 48 c1 e2 20 48 09 c2 4c 29 ca 65 ff 0d 73 9b 58 7d 0f 95 c0
[ 510.552284][ C0] RSP: 0018:ffffc900052f7cb8 EFLAGS: 00000246
[ 510.552299][ C0] RAX: 00000000508bdcba RBX: 0000000000000001 RCX: 0000000000000000
[ 510.552310][ C0] RDX: 0000000000000112 RSI: 0000000000000000 RDI: 0000000000002ced
[ 510.552327][ C0] RBP: ffffc900052f7d10 R08: 0000000000000000 R09: 00000112508bba51
[ 510.552339][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: ffffffff8779a828
[ 510.552350][ C0] R13: 0000000000000000 R14: ffffffff8779a818 R15: 0000000000000102
[ 510.552372][ C0] try_check_zero+0x1e6/0x200
[ 510.560249][ T36] audit: type=1804 audit(1616268586.976:67): pid=27533 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir305265564/syzkaller.cmtTL6/836/file0" dev="sda1" ino=14032 res=1 errno=0
[ 510.563980][ C0] process_srcu+0x13d/0x760
[ 510.564006][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 510.564025][ C0] ? pwq_dec_nr_in_flight+0x318/0x560
[ 510.738950][ C0] ? strscpy+0x12f/0x160
[ 510.743324][ C0] process_one_work+0x3e1/0x950
[ 510.748207][ C0] worker_thread+0x616/0xa70
[ 510.752806][ C0] ? finish_task_switch+0xc0/0x2a0
[ 510.757939][ C0] ? process_one_work+0x950/0x950
[ 510.762971][ C0] kthread+0x20b/0x230
[ 510.767028][ C0] ? process_one_work+0x950/0x950
[ 510.772037][ C0] ? kthread_blkcg+0x80/0x80
[ 510.776725][ C0] ret_from_fork+0x1f/0x30
[ 510.781130][ C0] ---[ end trace 6a9a87c08c22e02d ]---
[ 510.886879][ C0] ------------[ cut here ]------------
[ 510.892362][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 510.902873][ C0] Modules linked in:
[ 510.906796][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 510.916294][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 510.926441][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 510.932421][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 510.952033][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 510.958090][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000022 RCX: ffffffff87630780
[ 510.966040][ C0] RDX: 0000000080010001 RSI: 0000000000000022 RDI: 0000000000000001
[ 510.974009][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 510.981970][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 510.989963][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 510.997941][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 511.007151][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 511.013736][ C0] CR2: 00007f858a903d58 CR3: 00000001092a3000 CR4: 00000000001506f0
[ 511.021777][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 511.029750][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 511.037720][ C0] Call Trace:
[ 511.041001][ C0]
[ 511.043835][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 511.049679][ C0] __run_hrtimer+0x163/0x460
[ 511.054320][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 511.060587][ C0] hrtimer_interrupt+0x380/0xaf0
[ 511.065529][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 511.071822][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 511.077448][ C0]
[ 511.080370][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 511.086333][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 511.091871][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 511.111461][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 511.117535][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 511.125502][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 511.133466][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 511.141427][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 511.149388][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 511.157363][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 511.162303][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 511.167238][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 511.172387][ C0] cpuidle_enter+0x3c/0x60
[ 511.176786][ C0] do_idle+0x193/0x230
[ 511.181032][ C0] cpu_startup_entry+0x15/0x20
[ 511.185784][ C0] rest_init+0xd7/0xe0
[ 511.189852][ C0] ? time_init+0xc/0xc
[ 511.193907][ C0] arch_call_rest_init+0xa/0xb
[ 511.198697][ C0] start_kernel+0x5a1/0x626
[ 511.203190][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 511.209092][ C0] ---[ end trace 6a9a87c08c22e02e ]---
[ 511.214972][ C0] ------------[ cut here ]------------
[ 511.220435][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 511.230957][ C0] Modules linked in:
19:29:47 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x8, 0x6})
19:29:47 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:29:47 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x7000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:29:47 executing program 3:
perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x4, @perf_bp={&(0x7f0000000100), 0xa}, 0x2400, 0x1}, 0x0, 0xffff7fffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x7f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x42300}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x11011, r0, 0x0)
r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/udmabuf\x00', 0x2)
fdatasync(r1)
mremap(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000006000/0x2000)=nil)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='clear_refs\x00')
sendfile(r2, 0xffffffffffffffff, 0x0, 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={0xffffffffffffffff, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
preadv(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f00000001c0)=""/69, 0x45}, {&(0x7f0000000240)=""/56, 0x38}, {&(0x7f0000000280)=""/100, 0x64}, {&(0x7f0000000300)=""/63, 0x3f}, {&(0x7f0000000340)=""/126, 0x7e}, {&(0x7f00000003c0)=""/93, 0x5d}], 0x6, 0x3, 0x3f)
read(r3, &(0x7f0000000000), 0x20002000)
socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
creat(&(0x7f0000000180)='./file0\x00', 0x120)
19:29:47 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r4, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 511.234854][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 511.244321][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 511.254393][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 511.260410][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 511.280029][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 511.286117][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 511.294092][ C0] RDX: 0000000080010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 511.302072][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 511.310052][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 511.318035][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 511.326045][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 511.335001][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 511.341593][ C0] CR2: 00007f858a903d58 CR3: 00000001092a3000 CR4: 00000000001506f0
[ 511.349570][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 511.357564][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 511.365540][ C0] Call Trace:
[ 511.368820][ C0]
[ 511.371671][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 511.378286][ C0] __run_hrtimer+0x163/0x460
[ 511.382886][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 511.389395][ C0] hrtimer_interrupt+0x380/0xaf0
[ 511.394352][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 511.400270][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 511.405939][ C0]
[ 511.408869][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 511.414860][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 511.420429][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 511.440061][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 511.446147][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 511.454126][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 511.462160][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 511.470197][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 511.478171][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 511.486338][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 511.491303][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 511.496262][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 511.501395][ C0] cpuidle_enter+0x3c/0x60
[ 511.505857][ C0] do_idle+0x193/0x230
[ 511.509954][ C0] cpu_startup_entry+0x15/0x20
[ 511.514745][ C0] rest_init+0xd7/0xe0
[ 511.519013][ C0] ? time_init+0xc/0xc
[ 511.523134][ C0] arch_call_rest_init+0xa/0xb
[ 511.527933][ C0] start_kernel+0x5a1/0x626
[ 511.532442][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 511.538350][ C0] ---[ end trace 6a9a87c08c22e02f ]---
[ 511.544240][ C0] ------------[ cut here ]------------
[ 511.549718][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 511.560228][ C0] Modules linked in:
[ 511.564116][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 511.573491][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 511.583550][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 511.589639][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 511.609545][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 511.615615][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 511.623776][ C0] RDX: 0000000080010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 511.631950][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 511.639940][ C0] R10: 0001ffffffffffff R11: 0000000000000152 R12: ffff88813bc1da58
[ 511.647919][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 511.655897][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 511.664857][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 511.671444][ C0] CR2: 00007f858a903d58 CR3: 00000001092a3000 CR4: 00000000001506f0
[ 511.679437][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 511.687433][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 511.695933][ C0] Call Trace:
[ 511.699300][ C0]
[ 511.702141][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 511.707950][ C0] __run_hrtimer+0x163/0x460
[ 511.712545][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 511.718409][ C0] hrtimer_interrupt+0x380/0xaf0
[ 511.723360][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 511.729273][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 511.734916][ C0]
[ 511.737857][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 511.743851][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 511.749410][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 511.769209][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 511.775298][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 511.783276][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 511.791251][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 511.799228][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 511.807304][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 511.815283][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 511.820248][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 511.825219][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 511.830345][ C0] cpuidle_enter+0x3c/0x60
[ 511.834793][ C0] do_idle+0x193/0x230
19:29:48 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x8000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 511.838887][ C0] cpu_startup_entry+0x15/0x20
[ 511.843687][ C0] rest_init+0xd7/0xe0
[ 511.847780][ C0] ? time_init+0xc/0xc
[ 511.851898][ C0] arch_call_rest_init+0xa/0xb
[ 511.856688][ C0] start_kernel+0x5a1/0x626
[ 511.861215][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 511.867123][ C0] ---[ end trace 6a9a87c08c22e030 ]---
19:29:48 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x9000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 511.972963][ C0] ------------[ cut here ]------------
[ 511.978539][ C0] WARNING: CPU: 0 PID: 27541 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 511.989405][ C0] Modules linked in:
[ 511.993508][ C0] CPU: 0 PID: 27541 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 512.003876][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 512.014246][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 512.020261][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 512.039898][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 512.046223][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88803477a000
[ 512.054221][ C0] RDX: 0000000080010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 512.062219][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 512.070216][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 512.078293][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 512.086290][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 512.095230][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 512.102008][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 512.109982][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 512.117967][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 512.126155][ C0] Call Trace:
[ 512.129433][ C0]
[ 512.132272][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 512.138088][ C0] __run_hrtimer+0x163/0x460
[ 512.142696][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 512.148875][ C0] hrtimer_interrupt+0x380/0xaf0
[ 512.153838][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 512.159754][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 512.165423][ C0]
[ 512.168354][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 512.174341][ C0] RIP: 0010:lock_page_memcg+0x40/0xf0
[ 512.179854][ C0] Code: 49 8b 47 08 89 c1 83 e1 01 48 85 c9 0f 85 bc 00 00 00 e8 73 ce ca ff 45 31 f6 0f 1f 44 00 00 4d 8d 67 38 45 31 f6 0f 1f 40 00 <4c> 89 e7 e8 48 bf e6 ff 49 8b 6f 38 48 83 e5 fc 0f 84 80 00 00 00
[ 512.199912][ C0] RSP: 0018:ffffc900012bf7f8 EFLAGS: 00000246
[ 512.206112][ C0] RAX: ffff88803477aac0 RBX: 0000000000000000 RCX: 0000000000000028
[ 512.214118][ C0] RDX: 000188803477a3cc RSI: 0000000000000000 RDI: ffff88803477a3cc
[ 512.222120][ C0] RBP: ffffc900012bf960 R08: 0000000000000000 R09: 000188803477a3cf
[ 512.230099][ C0] R10: 0001ffffffffffff R11: 0000000000000200 R12: ffffea0000abe5f8
[ 512.238077][ C0] R13: dead000000000100 R14: 0000000000000000 R15: ffffea0000abe5c0
[ 512.246085][ C0] ? lock_page_memcg+0x2d/0xf0
[ 512.250883][ C0] page_remove_rmap+0x1e/0x640
[ 512.255669][ C0] zap_pte_range+0x5b9/0x13f0
[ 512.260375][ C0] ? xas_store+0x88f/0xcf0
[ 512.264801][ C0] unmap_page_range+0x540/0x650
[ 512.269671][ C0] unmap_single_vma+0x157/0x210
[ 512.274543][ C0] unmap_vmas+0xc0/0x170
[ 512.278806][ C0] exit_mmap+0x1be/0x400
[ 512.283059][ C0] __mmput+0xa2/0x220
[ 512.287051][ C0] mmput+0x3d/0x50
[ 512.290789][ C0] exit_mm+0x344/0x430
[ 512.294885][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 512.300715][ C0] ? taskstats_exit+0x334/0x730
[ 512.305592][ C0] ? acct_collect+0x3a4/0x400
[ 512.310290][ C0] do_exit+0x3ff/0x1670
[ 512.314480][ C0] ? do_futex+0x1080/0x1cd0
[ 512.318998][ C0] do_group_exit+0xce/0x180
[ 512.323538][ C0] get_signal+0xdce/0x14e0
[ 512.327979][ C0] ? __mm_populate+0x32c/0x380
[ 512.332783][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 512.338335][ C0] ? __se_sys_futex+0x2a8/0x390
[ 512.343389][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 512.348951][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 512.354695][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 512.360170][ C0] do_syscall_64+0x45/0x80
[ 512.364591][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 512.370503][ C0] RIP: 0033:0x466459
[ 512.374395][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 512.381229][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 512.389665][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 512.397640][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 512.405624][ C0] RBP: 000000000056bf60 R08: 0000000000000009 R09: 0000000000000000
[ 512.413604][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 512.421583][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 512.429567][ C0] ---[ end trace 6a9a87c08c22e031 ]---
[ 512.435365][ C0] ------------[ cut here ]------------
[ 512.440909][ C0] WARNING: CPU: 0 PID: 27541 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 512.451780][ C0] Modules linked in:
[ 512.455678][ C0] CPU: 0 PID: 27541 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 512.465828][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 512.475892][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 512.481901][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 512.502120][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 512.508192][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff88803477a000
[ 512.516272][ C0] RDX: 0000000080010001 RSI: 000000000000001c RDI: 0000000000000001
[ 512.524255][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 512.532227][ C0] R10: 0001ffffffffffff R11: ffff88803477a000 R12: ffff88813bc1da58
[ 512.540212][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 512.548285][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 512.557242][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 512.563828][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 512.571900][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 512.579869][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 512.587853][ C0] Call Trace:
[ 512.591136][ C0]
[ 512.593999][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 512.599817][ C0] __run_hrtimer+0x163/0x460
[ 512.604412][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 512.610240][ C0] hrtimer_interrupt+0x380/0xaf0
[ 512.615191][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 512.621096][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 512.626759][ C0]
[ 512.629689][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 512.635695][ C0] RIP: 0010:lock_page_memcg+0x40/0xf0
[ 512.641078][ C0] Code: 49 8b 47 08 89 c1 83 e1 01 48 85 c9 0f 85 bc 00 00 00 e8 73 ce ca ff 45 31 f6 0f 1f 44 00 00 4d 8d 67 38 45 31 f6 0f 1f 40 00 <4c> 89 e7 e8 48 bf e6 ff 49 8b 6f 38 48 83 e5 fc 0f 84 80 00 00 00
[ 512.660778][ C0] RSP: 0018:ffffc900012bf7f8 EFLAGS: 00000246
[ 512.666888][ C0] RAX: ffff88803477aac0 RBX: 0000000000000000 RCX: 0000000000000028
[ 512.674886][ C0] RDX: 000188803477a3cc RSI: 0000000000000000 RDI: ffff88803477a3cc
[ 512.682857][ C0] RBP: ffffc900012bf960 R08: 0000000000000000 R09: 000188803477a3cf
[ 512.690826][ C0] R10: 0001ffffffffffff R11: 0000000000000200 R12: ffffea0000abe5f8
[ 512.698794][ C0] R13: dead000000000100 R14: 0000000000000000 R15: ffffea0000abe5c0
[ 512.706778][ C0] ? lock_page_memcg+0x2d/0xf0
[ 512.711570][ C0] page_remove_rmap+0x1e/0x640
[ 512.716339][ C0] zap_pte_range+0x5b9/0x13f0
[ 512.721047][ C0] ? xas_store+0x88f/0xcf0
[ 512.725504][ C0] unmap_page_range+0x540/0x650
[ 512.730365][ C0] unmap_single_vma+0x157/0x210
[ 512.735226][ C0] unmap_vmas+0xc0/0x170
[ 512.739481][ C0] exit_mmap+0x1be/0x400
[ 512.743725][ C0] __mmput+0xa2/0x220
[ 512.747738][ C0] mmput+0x3d/0x50
[ 512.751472][ C0] exit_mm+0x344/0x430
[ 512.755557][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 512.761366][ C0] ? taskstats_exit+0x334/0x730
[ 512.766227][ C0] ? acct_collect+0x3a4/0x400
[ 512.770931][ C0] do_exit+0x3ff/0x1670
[ 512.775087][ C0] ? do_futex+0x1080/0x1cd0
[ 512.779591][ C0] do_group_exit+0xce/0x180
[ 512.784093][ C0] get_signal+0xdce/0x14e0
[ 512.788509][ C0] ? __mm_populate+0x32c/0x380
[ 512.793306][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 512.798860][ C0] ? __se_sys_futex+0x2a8/0x390
[ 512.804412][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 512.809961][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 512.815598][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 512.821078][ C0] do_syscall_64+0x45/0x80
[ 512.825513][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 512.831407][ C0] RIP: 0033:0x466459
[ 512.835323][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 512.842185][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 512.850619][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 512.858614][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 512.866589][ C0] RBP: 000000000056bf60 R08: 0000000000000009 R09: 0000000000000000
[ 512.874587][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 512.882579][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 512.890568][ C0] ---[ end trace 6a9a87c08c22e032 ]---
[ 512.896378][ C0] ------------[ cut here ]------------
[ 512.901840][ C0] WARNING: CPU: 0 PID: 27541 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 512.912716][ C0] Modules linked in:
[ 512.916621][ C0] CPU: 0 PID: 27541 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 512.926774][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 512.936851][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 512.942864][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 512.962562][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 512.968642][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff88803477a000
[ 512.976611][ C0] RDX: 0000000080010001 RSI: 000000000000001c RDI: 0000000000000001
[ 512.984583][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 512.992567][ C0] R10: 0001ffffffffffff R11: ffff88803477a000 R12: ffff88813bc1da58
[ 513.000734][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 513.008720][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 513.017761][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 513.024546][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 513.032524][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 513.040507][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 513.048489][ C0] Call Trace:
[ 513.051770][ C0]
[ 513.054615][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 513.060430][ C0] __run_hrtimer+0x163/0x460
[ 513.065113][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 513.070928][ C0] hrtimer_interrupt+0x380/0xaf0
[ 513.076225][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 513.082147][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 513.087811][ C0]
[ 513.090740][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 513.096726][ C0] RIP: 0010:lock_page_memcg+0x40/0xf0
[ 513.102111][ C0] Code: 49 8b 47 08 89 c1 83 e1 01 48 85 c9 0f 85 bc 00 00 00 e8 73 ce ca ff 45 31 f6 0f 1f 44 00 00 4d 8d 67 38 45 31 f6 0f 1f 40 00 <4c> 89 e7 e8 48 bf e6 ff 49 8b 6f 38 48 83 e5 fc 0f 84 80 00 00 00
[ 513.121746][ C0] RSP: 0018:ffffc900012bf7f8 EFLAGS: 00000246
[ 513.127821][ C0] RAX: ffff88803477aac0 RBX: 0000000000000000 RCX: 0000000000000028
[ 513.135927][ C0] RDX: 000188803477a3cc RSI: 0000000000000000 RDI: ffff88803477a3cc
[ 513.144011][ C0] RBP: ffffc900012bf960 R08: 0000000000000000 R09: 000188803477a3cf
[ 513.152455][ C0] R10: 0001ffffffffffff R11: 0000000000000200 R12: ffffea0000abe5f8
[ 513.161406][ C0] R13: dead000000000100 R14: 0000000000000000 R15: ffffea0000abe5c0
[ 513.169522][ C0] ? lock_page_memcg+0x2d/0xf0
[ 513.174331][ C0] page_remove_rmap+0x1e/0x640
[ 513.179119][ C0] zap_pte_range+0x5b9/0x13f0
[ 513.183883][ C0] ? xas_store+0x88f/0xcf0
[ 513.188359][ C0] unmap_page_range+0x540/0x650
[ 513.193250][ C0] unmap_single_vma+0x157/0x210
[ 513.198139][ C0] unmap_vmas+0xc0/0x170
[ 513.202405][ C0] exit_mmap+0x1be/0x400
[ 513.206662][ C0] __mmput+0xa2/0x220
[ 513.210662][ C0] mmput+0x3d/0x50
[ 513.214388][ C0] exit_mm+0x344/0x430
[ 513.218463][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 513.224300][ C0] ? taskstats_exit+0x334/0x730
[ 513.229164][ C0] ? acct_collect+0x3a4/0x400
[ 513.233851][ C0] do_exit+0x3ff/0x1670
[ 513.238016][ C0] ? do_futex+0x1080/0x1cd0
[ 513.242537][ C0] do_group_exit+0xce/0x180
[ 513.247133][ C0] get_signal+0xdce/0x14e0
[ 513.251560][ C0] ? __mm_populate+0x32c/0x380
[ 513.256344][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 513.261934][ C0] ? __se_sys_futex+0x2a8/0x390
[ 513.266813][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 513.272368][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 513.278027][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 513.283497][ C0] do_syscall_64+0x45/0x80
[ 513.287920][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 513.293855][ C0] RIP: 0033:0x466459
[ 513.297752][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 513.304589][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 513.313013][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 513.321012][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
19:29:50 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 513.328987][ C0] RBP: 000000000056bf60 R08: 0000000000000009 R09: 0000000000000000
[ 513.336964][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 513.345374][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 513.353410][ C0] ---[ end trace 6a9a87c08c22e033 ]---
19:29:50 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r4, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:29:50 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x4c01, &(0x7f0000000040)={0x4})
[ 513.459256][ C0] ------------[ cut here ]------------
[ 513.464735][ C0] WARNING: CPU: 0 PID: 27555 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 513.475620][ C0] Modules linked in:
[ 513.479541][ C0] CPU: 0 PID: 27555 Comm: syz-executor.3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 513.489720][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 513.499806][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 513.505828][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 513.525444][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 513.531550][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000022 RCX: ffff888109155000
[ 513.539542][ C0] RDX: 0000000080010001 RSI: 0000000000000022 RDI: 0000000000000001
[ 513.547548][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 513.555527][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 513.563518][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 513.571496][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 513.580444][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 513.587053][ C0] CR2: 0000000000510ed0 CR3: 000000010db38000 CR4: 00000000001526f0
[ 513.595034][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 513.604245][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 513.612223][ C0] Call Trace:
[ 513.615505][ C0]
[ 513.618434][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 513.624261][ C0] __run_hrtimer+0x163/0x460
[ 513.628861][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 513.635028][ C0] hrtimer_interrupt+0x380/0xaf0
[ 513.639995][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 513.645899][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 513.651725][ C0]
[ 513.654654][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 513.660666][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 513.666832][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 513.686468][ C0] RSP: 0018:ffffc9000357f748 EFLAGS: 00000246
[ 513.692541][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00098881091553cc
[ 513.700553][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 513.708545][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 513.717163][ C0] R10: ffffffff88f36fe0 R11: 0000000000000200 R12: 0000000000000016
[ 513.725137][ C0] R13: ffffffff8167f7a8 R14: ffff8881091553cc R15: 0000000000000004
[ 513.733138][ C0] ? __alloc_pages_nodemask+0x1a8/0x350
[ 513.738706][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 513.744446][ C0] ? __alloc_pages_nodemask+0x1a8/0x350
[ 513.749999][ C0] __rcu_read_unlock+0x36/0x250
[ 513.754864][ C0] unlock_page_memcg+0xac/0xc0
[ 513.759631][ C0] page_remove_rmap+0x5a9/0x640
[ 513.764505][ C0] zap_pte_range+0x5b9/0x13f0
[ 513.769221][ C0] ? __down_write_common+0x45/0x870
[ 513.774434][ C0] unmap_page_range+0x540/0x650
[ 513.779565][ C0] unmap_single_vma+0x157/0x210
[ 513.784430][ C0] unmap_vmas+0xc0/0x170
[ 513.788685][ C0] exit_mmap+0x1be/0x400
[ 513.792992][ C0] __mmput+0xa2/0x220
[ 513.796976][ C0] mmput+0x3d/0x50
[ 513.800722][ C0] exit_mm+0x344/0x430
[ 513.804801][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 513.810678][ C0] ? taskstats_exit+0x334/0x730
[ 513.815598][ C0] ? acct_collect+0x3a4/0x400
[ 513.820290][ C0] do_exit+0x3ff/0x1670
[ 513.824464][ C0] ? do_futex+0x1062/0x1cd0
[ 513.829063][ C0] do_group_exit+0xce/0x180
[ 513.833600][ C0] get_signal+0xdce/0x14e0
[ 513.838063][ C0] ? putname+0xa5/0xc0
[ 513.842147][ C0] ? kmem_cache_free+0x59/0x100
[ 513.847020][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 513.852583][ C0] ? __se_sys_futex+0x2a8/0x390
[ 513.857447][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 513.862996][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 513.868731][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 513.874209][ C0] do_syscall_64+0x45/0x80
[ 513.878628][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 513.884541][ C0] RIP: 0033:0x466459
[ 513.888442][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 513.895305][ C0] RSP: 002b:00007f1ce1ef3218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 513.903728][ C0] RAX: fffffffffffffe00 RBX: 000000000056c0b8 RCX: 0000000000466459
[ 513.911726][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000056c0b8
[ 513.919702][ C0] RBP: 000000000056c0b0 R08: 0000000000000000 R09: 0000000000000000
[ 513.927696][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0bc
[ 513.935690][ C0] R13: 00007ffce2f6f37f R14: 00007f1ce1ef3300 R15: 0000000000022000
[ 513.943684][ C0] ---[ end trace 6a9a87c08c22e034 ]---
[ 513.949500][ C0] ------------[ cut here ]------------
[ 513.954979][ C0] WARNING: CPU: 0 PID: 27555 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 513.965859][ C0] Modules linked in:
[ 513.969765][ C0] CPU: 0 PID: 27555 Comm: syz-executor.3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 513.979970][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 513.990030][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 513.996295][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 514.016089][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 514.022188][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001d RCX: ffff888109155000
[ 514.030176][ C0] RDX: 0000000080010001 RSI: 000000000000001d RDI: 0000000000000001
[ 514.038164][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 514.046162][ C0] R10: 0001ffffffffffff R11: 000000000000009f R12: ffff88813bc1da58
[ 514.054148][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 514.062125][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 514.071088][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 514.077688][ C0] CR2: 0000000000510ed0 CR3: 000000010db38000 CR4: 00000000001526f0
[ 514.085706][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 514.093694][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 514.101731][ C0] Call Trace:
[ 514.105018][ C0]
[ 514.107858][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 514.113690][ C0] __run_hrtimer+0x163/0x460
[ 514.118285][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 514.124125][ C0] hrtimer_interrupt+0x380/0xaf0
[ 514.129093][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 514.134999][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 514.140659][ C0]
[ 514.143597][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 514.149717][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 514.156030][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 514.175653][ C0] RSP: 0018:ffffc9000357f748 EFLAGS: 00000246
[ 514.181736][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00098881091553cc
[ 514.189714][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 514.197696][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 514.205689][ C0] R10: ffffffff88f36fe0 R11: 0000000000000200 R12: 0000000000000016
[ 514.213666][ C0] R13: ffffffff8167f7a8 R14: ffff8881091553cc R15: 0000000000000004
[ 514.221667][ C0] ? __alloc_pages_nodemask+0x1a8/0x350
[ 514.227259][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 514.232821][ C0] ? __alloc_pages_nodemask+0x1a8/0x350
[ 514.238385][ C0] __rcu_read_unlock+0x36/0x250
[ 514.243257][ C0] unlock_page_memcg+0xac/0xc0
[ 514.248036][ C0] page_remove_rmap+0x5a9/0x640
[ 514.252921][ C0] zap_pte_range+0x5b9/0x13f0
[ 514.257897][ C0] ? __down_write_common+0x45/0x870
[ 514.263132][ C0] unmap_page_range+0x540/0x650
[ 514.268001][ C0] unmap_single_vma+0x157/0x210
[ 514.272870][ C0] unmap_vmas+0xc0/0x170
[ 514.277139][ C0] exit_mmap+0x1be/0x400
[ 514.281393][ C0] __mmput+0xa2/0x220
[ 514.285392][ C0] mmput+0x3d/0x50
[ 514.289125][ C0] exit_mm+0x344/0x430
[ 514.293196][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 514.299030][ C0] ? taskstats_exit+0x334/0x730
[ 514.303913][ C0] ? acct_collect+0x3a4/0x400
[ 514.308632][ C0] do_exit+0x3ff/0x1670
[ 514.312810][ C0] ? do_futex+0x1062/0x1cd0
[ 514.317322][ C0] do_group_exit+0xce/0x180
[ 514.321851][ C0] get_signal+0xdce/0x14e0
[ 514.326275][ C0] ? putname+0xa5/0xc0
[ 514.330343][ C0] ? kmem_cache_free+0x59/0x100
[ 514.335208][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 514.340788][ C0] ? __se_sys_futex+0x2a8/0x390
[ 514.345656][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 514.351210][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 514.356849][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 514.362354][ C0] do_syscall_64+0x45/0x80
[ 514.366804][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 514.372739][ C0] RIP: 0033:0x466459
[ 514.376633][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 514.383473][ C0] RSP: 002b:00007f1ce1ef3218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 514.391998][ C0] RAX: fffffffffffffe00 RBX: 000000000056c0b8 RCX: 0000000000466459
[ 514.399977][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000056c0b8
[ 514.407966][ C0] RBP: 000000000056c0b0 R08: 0000000000000000 R09: 0000000000000000
[ 514.416049][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0bc
[ 514.424026][ C0] R13: 00007ffce2f6f37f R14: 00007f1ce1ef3300 R15: 0000000000022000
[ 514.432101][ C0] ---[ end trace 6a9a87c08c22e035 ]---
[ 514.437952][ C0] ------------[ cut here ]------------
[ 514.443418][ C0] WARNING: CPU: 0 PID: 27555 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 514.454302][ C0] Modules linked in:
[ 514.458207][ C0] CPU: 0 PID: 27555 Comm: syz-executor.3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 514.468362][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 514.478425][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 514.484437][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 514.504074][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 514.510145][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001d RCX: ffff888109155000
[ 514.518125][ C0] RDX: 0000000000010001 RSI: 000000000000001d RDI: 0000000000000001
[ 514.526535][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 514.534514][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 514.542757][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 514.550915][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 514.559860][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 514.566448][ C0] CR2: 0000000000510ed0 CR3: 000000010db38000 CR4: 00000000001526f0
[ 514.574426][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 514.582522][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 514.590615][ C0] Call Trace:
[ 514.593900][ C0]
[ 514.596744][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 514.602561][ C0] __run_hrtimer+0x163/0x460
[ 514.607157][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 514.612999][ C0] hrtimer_interrupt+0x380/0xaf0
[ 514.617948][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 514.623890][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 514.629547][ C0]
[ 514.632488][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 514.638505][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 514.644703][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 514.664346][ C0] RSP: 0018:ffffc9000357f748 EFLAGS: 00000246
[ 514.670419][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00098881091553cc
[ 514.678405][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 514.686386][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 514.694513][ C0] R10: ffffffff88f36fe0 R11: 0000000000000200 R12: 0000000000000016
[ 514.702699][ C0] R13: ffffffff8167f7a8 R14: ffff8881091553cc R15: 0000000000000004
[ 514.710678][ C0] ? __alloc_pages_nodemask+0x1a8/0x350
[ 514.716235][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 514.721794][ C0] ? __alloc_pages_nodemask+0x1a8/0x350
[ 514.727352][ C0] __rcu_read_unlock+0x36/0x250
[ 514.732317][ C0] unlock_page_memcg+0xac/0xc0
[ 514.737105][ C0] page_remove_rmap+0x5a9/0x640
[ 514.741970][ C0] zap_pte_range+0x5b9/0x13f0
[ 514.746721][ C0] ? __down_write_common+0x45/0x870
[ 514.751926][ C0] unmap_page_range+0x540/0x650
[ 514.756797][ C0] unmap_single_vma+0x157/0x210
[ 514.761669][ C0] unmap_vmas+0xc0/0x170
[ 514.765917][ C0] exit_mmap+0x1be/0x400
[ 514.770187][ C0] __mmput+0xa2/0x220
[ 514.774211][ C0] mmput+0x3d/0x50
[ 514.778112][ C0] exit_mm+0x344/0x430
[ 514.782215][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 514.788031][ C0] ? taskstats_exit+0x334/0x730
[ 514.792900][ C0] ? acct_collect+0x3a4/0x400
[ 514.797591][ C0] do_exit+0x3ff/0x1670
[ 514.801760][ C0] ? do_futex+0x1062/0x1cd0
[ 514.806282][ C0] do_group_exit+0xce/0x180
[ 514.810805][ C0] get_signal+0xdce/0x14e0
[ 514.815245][ C0] ? putname+0xa5/0xc0
[ 514.819357][ C0] ? kmem_cache_free+0x59/0x100
[ 514.824205][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 514.829768][ C0] ? __se_sys_futex+0x2a8/0x390
[ 514.834639][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 514.840195][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 514.845834][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 514.851316][ C0] do_syscall_64+0x45/0x80
[ 514.855740][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 514.861643][ C0] RIP: 0033:0x466459
[ 514.865538][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 514.872424][ C0] RSP: 002b:00007f1ce1ef3218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 514.880846][ C0] RAX: fffffffffffffe00 RBX: 000000000056c0b8 RCX: 0000000000466459
[ 514.888825][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000056c0b8
[ 514.896803][ C0] RBP: 000000000056c0b0 R08: 0000000000000000 R09: 0000000000000000
[ 514.905478][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0bc
19:29:51 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x4c00, &(0x7f0000000040)={0x4})
[ 514.913473][ C0] R13: 00007ffce2f6f37f R14: 00007f1ce1ef3300 R15: 0000000000022000
[ 514.921477][ C0] ---[ end trace 6a9a87c08c22e036 ]---
19:29:51 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x9, 0x6})
19:29:51 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xa000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 515.027260][ C0] ------------[ cut here ]------------
[ 515.032791][ C0] WARNING: CPU: 0 PID: 27561 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 515.043847][ C0] Modules linked in:
[ 515.047743][ C0] CPU: 0 PID: 27561 Comm: syz-executor.0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 515.057896][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 515.067976][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:29:51 executing program 3:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r4, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 515.073972][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 515.093609][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 515.099682][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000024 RCX: ffff88810d996000
[ 515.108119][ C0] RDX: 0000000080010000 RSI: 0000000000000024 RDI: 0000000000000001
[ 515.116190][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 515.124190][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 515.132177][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 515.140157][ C0] FS: 00007fed45add700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 515.149105][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 515.155697][ C0] CR2: 00007fed45adb6b8 CR3: 000000010db38000 CR4: 00000000001526f0
[ 515.163695][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
19:29:51 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 515.171698][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 515.179684][ C0] Call Trace:
[ 515.182972][ C0]
[ 515.185822][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 515.191672][ C0] __run_hrtimer+0x163/0x460
[ 515.196280][ C0] ? virtnet_poll_tx+0x179/0x1b0
[ 515.201244][ C0] hrtimer_interrupt+0x380/0xaf0
[ 515.206205][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 515.212136][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 515.217806][ C0]
[ 515.220732][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 515.226759][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 515.232943][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 515.252567][ C0] RSP: 0018:ffffc90000f47bb8 EFLAGS: 00000246
[ 515.258663][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000988802096e7e8
[ 515.266639][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 515.274735][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 515.282695][ C0] R10: ffffffff88f370a8 R11: 0000000000000200 R12: 000000000000002f
[ 515.290934][ C0] R13: 0000000000000246 R14: ffff88802096e7e8 R15: 0000000000000004
[ 515.298907][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 515.304452][ C0] htab_map_hash+0x54/0x2b0
[ 515.308985][ C0] htab_map_get_next_key+0x55/0x290
[ 515.314190][ C0] __do_sys_bpf+0x3cfa/0x9990
[ 515.318895][ C0] ? _raw_spin_unlock+0x22/0x40
[ 515.323757][ C0] ? do_anonymous_page+0x89d/0xd20
[ 515.328882][ C0] ? __se_sys_futex+0x2a8/0x390
[ 515.333771][ C0] ? do_user_addr_fault+0x751/0xc00
[ 515.338964][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 515.344593][ C0] __x64_sys_bpf+0x3d/0x50
[ 515.349192][ C0] do_syscall_64+0x39/0x80
[ 515.353611][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 515.359546][ C0] RIP: 0033:0x466459
[ 515.363430][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 515.383031][ C0] RSP: 002b:00007fed45add188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 515.391439][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 515.399421][ C0] RDX: 0000000000000020 RSI: 0000000020003200 RDI: 0000000000000004
[ 515.407407][ C0] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[ 515.415368][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
[ 515.423341][ C0] R13: 00007ffdd9640b4f R14: 00007fed45add300 R15: 0000000000022000
[ 515.431324][ C0] ---[ end trace 6a9a87c08c22e037 ]---
[ 515.437149][ C0] ------------[ cut here ]------------
[ 515.442603][ C0] WARNING: CPU: 0 PID: 27561 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 515.453523][ C0] Modules linked in:
[ 515.457440][ C0] CPU: 0 PID: 27561 Comm: syz-executor.0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 515.467590][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 515.477652][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 515.483651][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 515.503266][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 515.509353][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff88810d996000
[ 515.517326][ C0] RDX: 0000000080010000 RSI: 0000000000000018 RDI: 0000000000000001
[ 515.525303][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 515.533277][ C0] R10: 0001ffffffffffff R11: ffff88810d996000 R12: ffff88813bc1da58
[ 515.541251][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 515.549229][ C0] FS: 00007fed45add700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 515.558339][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 515.564936][ C0] CR2: 00007fed45adb6b8 CR3: 000000010db38000 CR4: 00000000001526f0
[ 515.572913][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 515.580897][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 515.588960][ C0] Call Trace:
[ 515.592255][ C0]
[ 515.595138][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 515.600956][ C0] __run_hrtimer+0x163/0x460
[ 515.605639][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 515.611450][ C0] hrtimer_interrupt+0x380/0xaf0
[ 515.616830][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 515.622734][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 515.628392][ C0]
[ 515.631334][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 515.637323][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 515.643484][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 515.663095][ C0] RSP: 0018:ffffc90000f47bb8 EFLAGS: 00000246
[ 515.669179][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000988802096e7e8
[ 515.677336][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 515.685321][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 515.693293][ C0] R10: ffffffff88f370a8 R11: 0000000000000200 R12: 000000000000002f
[ 515.701287][ C0] R13: 0000000000000246 R14: ffff88802096e7e8 R15: 0000000000000004
[ 515.710652][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 515.716205][ C0] htab_map_hash+0x54/0x2b0
[ 515.720710][ C0] htab_map_get_next_key+0x55/0x290
[ 515.725927][ C0] __do_sys_bpf+0x3cfa/0x9990
[ 515.730611][ C0] ? _raw_spin_unlock+0x22/0x40
[ 515.735461][ C0] ? do_anonymous_page+0x89d/0xd20
[ 515.740764][ C0] ? __se_sys_futex+0x2a8/0x390
[ 515.745641][ C0] ? do_user_addr_fault+0x751/0xc00
[ 515.750839][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 515.756417][ C0] __x64_sys_bpf+0x3d/0x50
[ 515.760854][ C0] do_syscall_64+0x39/0x80
[ 515.765266][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 515.771193][ C0] RIP: 0033:0x466459
[ 515.775101][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 515.794835][ C0] RSP: 002b:00007fed45add188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 515.803273][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 515.811550][ C0] RDX: 0000000000000020 RSI: 0000000020003200 RDI: 0000000000000004
[ 515.819519][ C0] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[ 515.827486][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
[ 515.835455][ C0] R13: 00007ffdd9640b4f R14: 00007fed45add300 R15: 0000000000022000
[ 515.843437][ C0] ---[ end trace 6a9a87c08c22e038 ]---
[ 515.849336][ C0] ------------[ cut here ]------------
[ 515.855048][ C0] WARNING: CPU: 0 PID: 27561 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 515.865935][ C0] Modules linked in:
[ 515.869829][ C0] CPU: 0 PID: 27561 Comm: syz-executor.0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 515.879994][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 515.890141][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 515.896158][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 515.915785][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 515.921856][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810d996000
[ 515.929824][ C0] RDX: 0000000080010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 515.937803][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 515.945787][ C0] R10: 0001ffffffffffff R11: ffff88810d996000 R12: ffff88813bc1da58
[ 515.953758][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 515.961738][ C0] FS: 00007fed45add700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 515.970712][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 515.977301][ C0] CR2: 00007fed45adb6b8 CR3: 000000010db38000 CR4: 00000000001526f0
[ 515.985535][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 515.993513][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 516.001517][ C0] Call Trace:
[ 516.004800][ C0]
[ 516.007638][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 516.013456][ C0] __run_hrtimer+0x163/0x460
[ 516.018073][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 516.023894][ C0] hrtimer_interrupt+0x380/0xaf0
[ 516.028847][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 516.034762][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 516.040512][ C0]
[ 516.043444][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 516.049610][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 516.055791][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 516.075433][ C0] RSP: 0018:ffffc90000f47bb8 EFLAGS: 00000246
[ 516.081508][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000988802096e7e8
[ 516.089481][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 516.097574][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 516.105547][ C0] R10: ffffffff88f370a8 R11: 0000000000000200 R12: 000000000000002f
[ 516.113531][ C0] R13: 0000000000000246 R14: ffff88802096e7e8 R15: 0000000000000004
[ 516.121548][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 516.127111][ C0] htab_map_hash+0x54/0x2b0
[ 516.131797][ C0] htab_map_get_next_key+0x55/0x290
[ 516.136995][ C0] __do_sys_bpf+0x3cfa/0x9990
[ 516.141694][ C0] ? _raw_spin_unlock+0x22/0x40
[ 516.146570][ C0] ? do_anonymous_page+0x89d/0xd20
[ 516.151761][ C0] ? __se_sys_futex+0x2a8/0x390
[ 516.156622][ C0] ? do_user_addr_fault+0x751/0xc00
[ 516.161912][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 516.167464][ C0] __x64_sys_bpf+0x3d/0x50
[ 516.171898][ C0] do_syscall_64+0x39/0x80
[ 516.176322][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 516.182265][ C0] RIP: 0033:0x466459
[ 516.186528][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 516.206267][ C0] RSP: 002b:00007fed45add188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 516.214711][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 516.222693][ C0] RDX: 0000000000000020 RSI: 0000000020003200 RDI: 0000000000000004
[ 516.230681][ C0] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[ 516.238663][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
[ 516.246645][ C0] R13: 00007ffdd9640b4f R14: 00007fed45add300 R15: 0000000000022000
[ 516.254636][ C0] ---[ end trace 6a9a87c08c22e039 ]---
19:29:52 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xb000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 516.360507][ C0] ------------[ cut here ]------------
[ 516.366018][ C0] WARNING: CPU: 0 PID: 27584 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 516.376980][ C0] Modules linked in:
[ 516.380868][ C0] CPU: 0 PID: 27584 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 516.391013][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 516.401084][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 516.407115][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 516.426729][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 516.432822][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff88810fa2c000
[ 516.440811][ C0] RDX: 0000000080010000 RSI: 000000000000001f RDI: 0000000000000001
[ 516.448802][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 516.456791][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 516.464777][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 516.472770][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 516.481715][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 516.488300][ C0] CR2: 00000000005400f8 CR3: 0000000027caf000 CR4: 00000000001526f0
[ 516.496274][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 516.504252][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 516.512237][ C0] Call Trace:
[ 516.515529][ C0]
[ 516.518367][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 516.524183][ C0] __run_hrtimer+0x163/0x460
[ 516.528775][ C0] hrtimer_interrupt+0x380/0xaf0
[ 516.533711][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 516.539627][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 516.545274][ C0]
[ 516.548204][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 516.554207][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 516.560382][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 516.579995][ C0] RSP: 0018:ffffc90003537b38 EFLAGS: 00000246
[ 516.586078][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000988810fa2c4dc
[ 516.594050][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 516.602038][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 516.610009][ C0] R10: ffffffff88f37098 R11: 0000000000000200 R12: 000000000000002d
[ 516.617983][ C0] R13: ffffffff815da61f R14: ffff88810fa2c4dc R15: 0000000000000004
[ 516.625961][ C0] ? mark_page_accessed+0x52f/0x5f0
[ 516.631177][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 516.636720][ C0] ? mark_page_accessed+0x52f/0x5f0
[ 516.641943][ C0] sync_mm_rss+0x48/0x190
[ 516.646272][ C0] handle_mm_fault+0x16b7/0x1840
[ 516.651223][ C0] ? follow_pmd_mask+0x4b0/0xee0
[ 516.656194][ C0] ? follow_page_mask+0x382/0x540
[ 516.661262][ C0] __get_user_pages+0xa47/0x1000
[ 516.666224][ C0] __mm_populate+0x24d/0x380
[ 516.670816][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 516.675434][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 516.680107][ C0] ? switch_fpu_return+0xa/0x10
[ 516.684958][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 516.690679][ C0] do_syscall_64+0x39/0x80
[ 516.695207][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 516.701126][ C0] RIP: 0033:0x466459
[ 516.705047][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 516.724840][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 516.733275][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 516.741250][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 516.749245][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 516.757224][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 516.767630][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 516.775636][ C0] ---[ end trace 6a9a87c08c22e03a ]---
[ 516.781453][ C0] ------------[ cut here ]------------
[ 516.786905][ C0] WARNING: CPU: 0 PID: 27584 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 516.797765][ C0] Modules linked in:
[ 516.801692][ C0] CPU: 0 PID: 27584 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 516.811852][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 516.821923][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 516.827916][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 516.847550][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 516.853628][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810fa2c000
[ 516.861613][ C0] RDX: 0000000080010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 516.869603][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 516.877593][ C0] R10: 0001ffffffffffff R11: ffff88810fa2c000 R12: ffff88813bc1da58
[ 516.885582][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 516.893570][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 516.902536][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 516.909131][ C0] CR2: 00000000005400f8 CR3: 0000000027caf000 CR4: 00000000001526f0
[ 516.917102][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 516.925073][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 516.933226][ C0] Call Trace:
[ 516.936528][ C0]
[ 516.939380][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 516.945219][ C0] __run_hrtimer+0x163/0x460
[ 516.950084][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 516.955907][ C0] hrtimer_interrupt+0x380/0xaf0
[ 516.960866][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 516.966788][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 516.972432][ C0]
[ 516.975360][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 516.981344][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 516.987508][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 517.007259][ C0] RSP: 0018:ffffc90003537b38 EFLAGS: 00000246
[ 517.013337][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000988810fa2c4dc
[ 517.021323][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 517.029299][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 517.037279][ C0] R10: ffffffff88f37098 R11: 0000000000000200 R12: 000000000000002d
[ 517.045260][ C0] R13: ffffffff815da61f R14: ffff88810fa2c4dc R15: 0000000000000004
[ 517.053238][ C0] ? mark_page_accessed+0x52f/0x5f0
[ 517.058460][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 517.064019][ C0] ? mark_page_accessed+0x52f/0x5f0
[ 517.069218][ C0] sync_mm_rss+0x48/0x190
[ 517.073571][ C0] handle_mm_fault+0x16b7/0x1840
[ 517.078552][ C0] ? follow_pmd_mask+0x4b0/0xee0
[ 517.083512][ C0] ? follow_page_mask+0x382/0x540
[ 517.088546][ C0] __get_user_pages+0xa47/0x1000
[ 517.093490][ C0] __mm_populate+0x24d/0x380
[ 517.098111][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 517.102720][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 517.107411][ C0] ? switch_fpu_return+0xa/0x10
[ 517.112276][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 517.118024][ C0] do_syscall_64+0x39/0x80
[ 517.123490][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 517.129419][ C0] RIP: 0033:0x466459
[ 517.133336][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 517.153369][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 517.161880][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 517.169856][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 517.177854][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 517.185840][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 517.193844][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 517.201846][ C0] ---[ end trace 6a9a87c08c22e03b ]---
[ 517.207672][ C0] ------------[ cut here ]------------
[ 517.213135][ C0] WARNING: CPU: 0 PID: 27584 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 517.224020][ C0] Modules linked in:
[ 517.227916][ C0] CPU: 0 PID: 27584 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 517.238064][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 517.248138][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 517.254140][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 517.273838][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 517.279928][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88810fa2c000
[ 517.287901][ C0] RDX: 0000000080010000 RSI: 000000000000001a RDI: 0000000000000001
[ 517.295898][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 517.303872][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 517.311869][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 517.320109][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 517.329062][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 517.335667][ C0] CR2: 00000000005400f8 CR3: 0000000027caf000 CR4: 00000000001526f0
[ 517.343660][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 517.351636][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 517.359637][ C0] Call Trace:
[ 517.362912][ C0]
[ 517.365743][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 517.371554][ C0] __run_hrtimer+0x163/0x460
[ 517.376262][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 517.382082][ C0] hrtimer_interrupt+0x380/0xaf0
[ 517.387028][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 517.392933][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 517.398618][ C0]
[ 517.401548][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 517.407632][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 517.413794][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 517.433594][ C0] RSP: 0018:ffffc90003537b38 EFLAGS: 00000246
[ 517.439677][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000988810fa2c4dc
[ 517.447652][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 517.455627][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 517.463605][ C0] R10: ffffffff88f37098 R11: 0000000000000200 R12: 000000000000002d
[ 517.471582][ C0] R13: ffffffff815da61f R14: ffff88810fa2c4dc R15: 0000000000000004
[ 517.479572][ C0] ? mark_page_accessed+0x52f/0x5f0
[ 517.484831][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 517.490399][ C0] ? mark_page_accessed+0x52f/0x5f0
[ 517.495614][ C0] sync_mm_rss+0x48/0x190
[ 517.500132][ C0] handle_mm_fault+0x16b7/0x1840
[ 517.505105][ C0] ? follow_pmd_mask+0x4b0/0xee0
[ 517.510067][ C0] ? follow_page_mask+0x382/0x540
[ 517.515103][ C0] __get_user_pages+0xa47/0x1000
[ 517.520055][ C0] __mm_populate+0x24d/0x380
[ 517.524680][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 517.529307][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 517.533993][ C0] ? switch_fpu_return+0xa/0x10
[ 517.538869][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 517.544594][ C0] do_syscall_64+0x39/0x80
[ 517.549015][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 517.554920][ C0] RIP: 0033:0x466459
[ 517.558822][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 517.578429][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 517.586864][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 517.594850][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 517.602837][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 517.610829][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 517.618804][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 517.626784][ C0] ---[ end trace 6a9a87c08c22e03c ]---
19:29:54 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x4c81, &(0x7f0000000040)={0x4})
19:29:54 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xc000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 517.732608][ C0] ------------[ cut here ]------------
[ 517.738095][ C0] WARNING: CPU: 0 PID: 27584 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 517.748955][ C0] Modules linked in:
[ 517.752890][ C0] CPU: 0 PID: 27584 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 517.763046][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 517.773121][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:29:54 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xd000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:29:54 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xe000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 517.779115][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 517.798844][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 517.805026][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff88810fa2c000
[ 517.813012][ C0] RDX: 0000000080010000 RSI: 000000000000001f RDI: 0000000000000001
[ 517.821026][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 517.829300][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 517.837316][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 517.845307][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 517.854246][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 517.860831][ C0] CR2: 00007fff78b3b4b8 CR3: 0000000027caf000 CR4: 00000000001526f0
[ 517.868850][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 517.876826][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 517.884799][ C0] Call Trace:
[ 517.888165][ C0]
[ 517.891015][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 517.896844][ C0] __run_hrtimer+0x163/0x460
[ 517.901453][ C0] hrtimer_interrupt+0x380/0xaf0
[ 517.908751][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 517.914656][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 517.920326][ C0]
[ 517.923258][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 517.929248][ C0] RIP: 0010:__tsan_read8+0x4a/0x180
[ 517.934469][ C0] Code: 30 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 5b 4c 8b 04 c5 38 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 74 4c 8b 04 c5 40 6f f3 88 <49> 83 f8 02 0f 82 95 00 00 00 4d 85 c0 0f 89 8c 00 00 00 4c 21 c1
[ 517.954076][ C0] RSP: 0018:ffffc900035379c0 EFLAGS: 00000293
[ 517.960592][ C0] RAX: 000000000000001c RBX: ffff88810a49c5b8 RCX: 0001ffffffffffff
[ 517.968561][ C0] RDX: 000188810a49c5b8 RSI: 000000000003ffff RDI: ffff88810a49c5b8
[ 517.976622][ C0] RBP: 0000000000a0c000 R08: 0000000000000000 R09: 000188810a49c5bf
[ 517.984719][ C0] R10: 0001ffffffffffff R11: ffff88810fa2c000 R12: ffff8881093f39a0
[ 517.992692][ C0] R13: ffff8881093f3b18 R14: 0000000000000a0c R15: ffff88810a49c578
[ 518.000697][ C0] shmem_getpage_gfp+0x2bd/0x1980
[ 518.005760][ C0] ? filemap_map_pages+0x732/0x770
[ 518.010890][ C0] shmem_fault+0x16c/0x450
[ 518.015331][ C0] do_read_fault+0x2e1/0x530
[ 518.019964][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 518.025772][ C0] handle_mm_fault+0x1019/0x1840
[ 518.030731][ C0] __get_user_pages+0xa47/0x1000
[ 518.035871][ C0] __mm_populate+0x24d/0x380
[ 518.040484][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 518.045616][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 518.050413][ C0] ? switch_fpu_return+0xa/0x10
[ 518.055265][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 518.060996][ C0] do_syscall_64+0x39/0x80
[ 518.066025][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 518.071962][ C0] RIP: 0033:0x466459
[ 518.075878][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 518.095587][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 518.104039][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 518.112015][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 518.120949][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 518.128923][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 518.136984][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 518.144966][ C0] ---[ end trace 6a9a87c08c22e03d ]---
[ 518.150775][ C0] ------------[ cut here ]------------
[ 518.156504][ C0] WARNING: CPU: 0 PID: 27584 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 518.167486][ C0] Modules linked in:
[ 518.171398][ C0] CPU: 0 PID: 27584 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 518.181560][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 518.191620][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 518.197622][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 518.217396][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 518.223467][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810fa2c000
[ 518.231457][ C0] RDX: 0000000080010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 518.239433][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 518.247417][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: ffff88813bc1da58
[ 518.255394][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 518.263372][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 518.272336][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 518.279040][ C0] CR2: 00007fff78b3b4b8 CR3: 0000000027caf000 CR4: 00000000001526f0
[ 518.287018][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 518.296942][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 518.304941][ C0] Call Trace:
[ 518.308225][ C0]
[ 518.311070][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 518.316882][ C0] __run_hrtimer+0x163/0x460
[ 518.321486][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 518.327303][ C0] hrtimer_interrupt+0x380/0xaf0
[ 518.332269][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 518.338207][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 518.343855][ C0]
[ 518.346790][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 518.352801][ C0] RIP: 0010:__tsan_read8+0x4a/0x180
[ 518.358034][ C0] Code: 30 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 5b 4c 8b 04 c5 38 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 74 4c 8b 04 c5 40 6f f3 88 <49> 83 f8 02 0f 82 95 00 00 00 4d 85 c0 0f 89 8c 00 00 00 4c 21 c1
[ 518.377660][ C0] RSP: 0018:ffffc900035379c0 EFLAGS: 00000293
[ 518.383737][ C0] RAX: 000000000000001c RBX: ffff88810a49c5b8 RCX: 0001ffffffffffff
[ 518.391748][ C0] RDX: 000188810a49c5b8 RSI: 000000000003ffff RDI: ffff88810a49c5b8
[ 518.399724][ C0] RBP: 0000000000a0c000 R08: 0000000000000000 R09: 000188810a49c5bf
[ 518.407699][ C0] R10: 0001ffffffffffff R11: ffff88810fa2c000 R12: ffff8881093f39a0
[ 518.415675][ C0] R13: ffff8881093f3b18 R14: 0000000000000a0c R15: ffff88810a49c578
[ 518.423662][ C0] shmem_getpage_gfp+0x2bd/0x1980
[ 518.428724][ C0] ? filemap_map_pages+0x732/0x770
[ 518.433878][ C0] shmem_fault+0x16c/0x450
[ 518.438308][ C0] do_read_fault+0x2e1/0x530
[ 518.442926][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 518.448736][ C0] handle_mm_fault+0x1019/0x1840
[ 518.453686][ C0] __get_user_pages+0xa47/0x1000
[ 518.458726][ C0] __mm_populate+0x24d/0x380
[ 518.463341][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 518.467948][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 518.472628][ C0] ? switch_fpu_return+0xa/0x10
[ 518.477489][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 518.483309][ C0] do_syscall_64+0x39/0x80
[ 518.487734][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 518.493635][ C0] RIP: 0033:0x466459
[ 518.497542][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 518.517150][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 518.525569][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 518.533547][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 518.541523][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 518.549501][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 518.557480][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 518.565487][ C0] ---[ end trace 6a9a87c08c22e03e ]---
[ 518.571333][ C0] ------------[ cut here ]------------
[ 518.576793][ C0] WARNING: CPU: 0 PID: 27584 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 518.587655][ C0] Modules linked in:
[ 518.591558][ C0] CPU: 0 PID: 27584 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 518.601717][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 518.611793][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 518.617893][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 518.637526][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 518.643596][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810fa2c000
[ 518.651573][ C0] RDX: 0000000080010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 518.659579][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 518.667547][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 518.675518][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 518.683485][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 518.692417][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 518.699012][ C0] CR2: 00007fff78b3b4b8 CR3: 0000000027caf000 CR4: 00000000001526f0
[ 518.707039][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 518.715026][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 518.723005][ C0] Call Trace:
[ 518.726276][ C0]
[ 518.729133][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 518.734978][ C0] __run_hrtimer+0x163/0x460
[ 518.739574][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 518.745424][ C0] hrtimer_interrupt+0x380/0xaf0
[ 518.750391][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 518.756378][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 518.762016][ C0]
[ 518.764951][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 518.770936][ C0] RIP: 0010:__tsan_read8+0x4a/0x180
[ 518.776135][ C0] Code: 30 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 5b 4c 8b 04 c5 38 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 74 4c 8b 04 c5 40 6f f3 88 <49> 83 f8 02 0f 82 95 00 00 00 4d 85 c0 0f 89 8c 00 00 00 4c 21 c1
[ 518.795738][ C0] RSP: 0018:ffffc900035379c0 EFLAGS: 00000293
[ 518.801827][ C0] RAX: 000000000000001c RBX: ffff88810a49c5b8 RCX: 0001ffffffffffff
[ 518.810575][ C0] RDX: 000188810a49c5b8 RSI: 000000000003ffff RDI: ffff88810a49c5b8
[ 518.818550][ C0] RBP: 0000000000a0c000 R08: 0000000000000000 R09: 000188810a49c5bf
[ 518.826519][ C0] R10: 0001ffffffffffff R11: ffff88810fa2c000 R12: ffff8881093f39a0
[ 518.834486][ C0] R13: ffff8881093f3b18 R14: 0000000000000a0c R15: ffff88810a49c578
[ 518.842462][ C0] shmem_getpage_gfp+0x2bd/0x1980
[ 518.847501][ C0] ? filemap_map_pages+0x732/0x770
[ 518.852606][ C0] shmem_fault+0x16c/0x450
[ 518.857040][ C0] do_read_fault+0x2e1/0x530
[ 518.861630][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 518.867440][ C0] handle_mm_fault+0x1019/0x1840
[ 518.872407][ C0] __get_user_pages+0xa47/0x1000
[ 518.877381][ C0] __mm_populate+0x24d/0x380
[ 518.881995][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 518.886595][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 518.891268][ C0] ? switch_fpu_return+0xa/0x10
[ 518.896124][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 518.901943][ C0] do_syscall_64+0x39/0x80
[ 518.906369][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 518.912279][ C0] RIP: 0033:0x466459
[ 518.916172][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 518.935778][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 518.944195][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 518.952166][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 518.960132][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 518.968111][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 518.976078][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
19:29:55 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:29:55 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xf000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 518.984065][ C0] ---[ end trace 6a9a87c08c22e03f ]---
19:29:55 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0xa, 0x6})
[ 519.089850][ C0] ------------[ cut here ]------------
[ 519.095331][ C0] WARNING: CPU: 0 PID: 8037 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 519.106109][ C0] Modules linked in:
[ 519.109999][ C0] CPU: 0 PID: 8037 Comm: kworker/0:3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 519.119824][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 519.131395][ C0] Workqueue: rcu_gp process_srcu
19:29:55 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x10000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 519.136348][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 519.142362][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 519.162006][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 519.168105][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff888100e68000
[ 519.176074][ C0] RDX: 0000000080010000 RSI: 000000000000001f RDI: 0000000000000001
19:29:55 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 519.184050][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 519.192141][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 519.200129][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 519.208134][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 519.217101][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 519.223684][ C0] CR2: 00007fff78b3b4b8 CR3: 00000001092a5000 CR4: 00000000001526f0
[ 519.231658][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 519.239646][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 519.247623][ C0] Call Trace:
[ 519.250908][ C0]
[ 519.253755][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 519.259599][ C0] __run_hrtimer+0x163/0x460
[ 519.264197][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 519.270395][ C0] hrtimer_interrupt+0x380/0xaf0
[ 519.275379][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 519.281284][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 519.286925][ C0]
[ 519.289859][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 519.295853][ C0] RIP: 0010:delay_tsc+0x4b/0xa0
[ 519.300710][ C0] Code: f9 66 90 48 c1 e2 20 48 09 c2 4c 29 ca 65 ff 0d b3 9b 58 7d 0f 95 c0 48 39 fa 73 59 0f 1f 00 a8 01 75 05 e8 6e 5d 57 fe f3 90 <65> 83 05 95 9b 58 7d 01 65 8b 35 d6 43 58 7d 41 39 f0 75 20 0f 01
[ 519.320456][ C0] RSP: 0018:ffffc900052f7cb8 EFLAGS: 00000202
[ 519.326538][ C0] RAX: 0000000071817001 RBX: 0000000000000001 RCX: 0000000000000000
[ 519.334736][ C0] RDX: 000000000000169d RSI: 0000000000000000 RDI: 0000000000002ced
[ 519.342719][ C0] RBP: ffffc900052f7d10 R08: 0000000000000000 R09: 0000011771815a12
[ 519.350719][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: ffffffff8779a828
[ 519.358724][ C0] R13: 0000000000000001 R14: ffffffff8779a818 R15: 0000000000000141
[ 519.366691][ C0] try_check_zero+0x1e6/0x200
[ 519.371489][ C0] process_srcu+0x13d/0x760
[ 519.375978][ C0] ? pwq_dec_nr_in_flight+0x318/0x560
[ 519.381348][ C0] ? strscpy+0x12f/0x160
[ 519.385628][ C0] process_one_work+0x3e1/0x950
[ 519.390479][ C0] worker_thread+0x616/0xa70
[ 519.395065][ C0] ? finish_task_switch+0xc0/0x2a0
[ 519.400202][ C0] ? process_one_work+0x950/0x950
[ 519.405216][ C0] kthread+0x20b/0x230
[ 519.409264][ C0] ? process_one_work+0x950/0x950
[ 519.414290][ C0] ? kthread_blkcg+0x80/0x80
[ 519.418872][ C0] ret_from_fork+0x1f/0x30
[ 519.423292][ C0] ---[ end trace 6a9a87c08c22e040 ]---
[ 519.429111][ C0] ------------[ cut here ]------------
[ 519.434598][ C0] WARNING: CPU: 0 PID: 8037 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 519.445375][ C0] Modules linked in:
[ 519.449270][ C0] CPU: 0 PID: 8037 Comm: kworker/0:3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 519.459101][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 519.469156][ C0] Workqueue: rcu_gp process_srcu
[ 519.474092][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 519.480338][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 519.499954][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 519.506026][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000015 RCX: ffff888100e68000
[ 519.513992][ C0] RDX: 0000000080010000 RSI: 0000000000000015 RDI: 0000000000000001
[ 519.522070][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 519.530164][ C0] R10: 0001ffffffffffff R11: ffff888100e68000 R12: ffff88813bc1da58
[ 519.538127][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 519.546087][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 519.555019][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 519.561594][ C0] CR2: 00007fff78b3b4b8 CR3: 00000001092a5000 CR4: 00000000001526f0
[ 519.569610][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 519.577562][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 519.585515][ C0] Call Trace:
[ 519.588986][ C0]
[ 519.591812][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 519.597639][ C0] __run_hrtimer+0x163/0x460
[ 519.602218][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 519.608021][ C0] hrtimer_interrupt+0x380/0xaf0
[ 519.612986][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 519.618892][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 519.624525][ C0]
[ 519.627437][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 519.633510][ C0] RIP: 0010:delay_tsc+0x4b/0xa0
[ 519.638356][ C0] Code: f9 66 90 48 c1 e2 20 48 09 c2 4c 29 ca 65 ff 0d b3 9b 58 7d 0f 95 c0 48 39 fa 73 59 0f 1f 00 a8 01 75 05 e8 6e 5d 57 fe f3 90 <65> 83 05 95 9b 58 7d 01 65 8b 35 d6 43 58 7d 41 39 f0 75 20 0f 01
[ 519.657967][ C0] RSP: 0018:ffffc900052f7cb8 EFLAGS: 00000202
[ 519.664142][ C0] RAX: 0000000071817001 RBX: 0000000000000001 RCX: 0000000000000000
[ 519.672139][ C0] RDX: 000000000000169d RSI: 0000000000000000 RDI: 0000000000002ced
[ 519.680098][ C0] RBP: ffffc900052f7d10 R08: 0000000000000000 R09: 0000011771815a12
[ 519.688062][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: ffffffff8779a828
[ 519.696042][ C0] R13: 0000000000000001 R14: ffffffff8779a818 R15: 0000000000000141
[ 519.704039][ C0] try_check_zero+0x1e6/0x200
[ 519.708753][ C0] process_srcu+0x13d/0x760
[ 519.713244][ C0] ? pwq_dec_nr_in_flight+0x318/0x560
[ 519.718614][ C0] ? strscpy+0x12f/0x160
[ 519.722886][ C0] process_one_work+0x3e1/0x950
[ 519.727719][ C0] worker_thread+0x616/0xa70
[ 519.732292][ C0] ? finish_task_switch+0xc0/0x2a0
[ 519.737925][ C0] ? process_one_work+0x950/0x950
[ 519.742984][ C0] kthread+0x20b/0x230
[ 519.747173][ C0] ? process_one_work+0x950/0x950
[ 519.752182][ C0] ? kthread_blkcg+0x80/0x80
[ 519.756865][ C0] ret_from_fork+0x1f/0x30
[ 519.761395][ C0] ---[ end trace 6a9a87c08c22e041 ]---
[ 519.767244][ C0] ------------[ cut here ]------------
[ 519.772836][ C0] WARNING: CPU: 0 PID: 8037 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 519.783648][ C0] Modules linked in:
[ 519.787525][ C0] CPU: 0 PID: 8037 Comm: kworker/0:3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 519.797303][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 519.807365][ C0] Workqueue: rcu_gp process_srcu
[ 519.812304][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 519.818445][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 519.838085][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 519.844162][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffff888100e68000
[ 519.852144][ C0] RDX: 0000000080010000 RSI: 0000000000000014 RDI: 0000000000000001
[ 519.860116][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 519.868088][ C0] R10: 0001ffffffffffff R11: 0000000000000164 R12: ffff88813bc1da58
[ 519.876062][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 519.884036][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 519.893375][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 519.899987][ C0] CR2: 00007fff78b3b4b8 CR3: 00000001092a5000 CR4: 00000000001526f0
[ 519.907953][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 519.915911][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 519.924008][ C0] Call Trace:
[ 519.927290][ C0]
[ 519.930123][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 519.936066][ C0] __run_hrtimer+0x163/0x460
[ 519.940653][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 519.946472][ C0] hrtimer_interrupt+0x380/0xaf0
[ 519.951401][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 519.957295][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 519.962921][ C0]
[ 519.965833][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 519.971837][ C0] RIP: 0010:delay_tsc+0x4b/0xa0
[ 519.976688][ C0] Code: f9 66 90 48 c1 e2 20 48 09 c2 4c 29 ca 65 ff 0d b3 9b 58 7d 0f 95 c0 48 39 fa 73 59 0f 1f 00 a8 01 75 05 e8 6e 5d 57 fe f3 90 <65> 83 05 95 9b 58 7d 01 65 8b 35 d6 43 58 7d 41 39 f0 75 20 0f 01
[ 519.996279][ C0] RSP: 0018:ffffc900052f7cb8 EFLAGS: 00000202
[ 520.002352][ C0] RAX: 0000000071817001 RBX: 0000000000000001 RCX: 0000000000000000
[ 520.010336][ C0] RDX: 000000000000169d RSI: 0000000000000000 RDI: 0000000000002ced
[ 520.018397][ C0] RBP: ffffc900052f7d10 R08: 0000000000000000 R09: 0000011771815a12
[ 520.026480][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: ffffffff8779a828
[ 520.034502][ C0] R13: 0000000000000001 R14: ffffffff8779a818 R15: 0000000000000141
[ 520.042480][ C0] try_check_zero+0x1e6/0x200
[ 520.047161][ C0] process_srcu+0x13d/0x760
[ 520.051653][ C0] ? pwq_dec_nr_in_flight+0x318/0x560
[ 520.057028][ C0] ? strscpy+0x12f/0x160
[ 520.061258][ C0] process_one_work+0x3e1/0x950
[ 520.066117][ C0] worker_thread+0x616/0xa70
[ 520.070731][ C0] ? finish_task_switch+0xc0/0x2a0
[ 520.075892][ C0] ? process_one_work+0x950/0x950
[ 520.080913][ C0] kthread+0x20b/0x230
[ 520.085073][ C0] ? process_one_work+0x950/0x950
19:29:56 executing program 3:
r0 = gettid()
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000758000/0x3000)=nil, 0x3000, 0x5, 0x7f, 0x2000)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r0, &(0x7f0000003800), 0x0, &(0x7f0000000000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0)
19:29:56 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:29:56 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x541b, &(0x7f0000000040)={0x4})
[ 520.090085][ C0] ? kthread_blkcg+0x80/0x80
[ 520.094670][ C0] ret_from_fork+0x1f/0x30
[ 520.099071][ C0] ---[ end trace 6a9a87c08c22e042 ]---
19:29:56 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:29:56 executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r0, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, &(0x7f0000000280)={0x70000, 0x401, 0x8c03, r0, 0x0, &(0x7f0000000240)={0x990a93, 0x6, [], @p_u8=&(0x7f00000002c0)=0xa0}})
r1 = syz_mount_image$exfat(&(0x7f0000000000)='exfat\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="49eddb8e3f1a8d04a0f0a9cb0558a95cae38a2c2b24c914cad4a70bd5eacdcb057a92bd103a3a0ab5f70284f75df66a55d2b91dfb118d84dc20c95e7e5f235034ea18b877fe8ce6fd5ca7c52a98bc2375653e4898f112e3c1e9056528c64c4fa2e01430dabfc12f69cd7082dba4cd9fc236b2cf0651f51cf51e28c93fd3c071b5ab2ee1277b9e68dc9ae256e666ef6f91ec9e7ea1029699a4fad9a502f543dc4a6fec56a40a55c39dcbab6ebc132e7076bf80b05caa2f4090bde8371b187f107d9dc973385521644c1afea769767546ae154cffa51973f6aa1", @ANYRES32, @ANYRES32=0x0])
mkdirat(r1, &(0x7f0000000080)='./file1\x00', 0x188)
mkdirat(r1, &(0x7f00000001c0)='./file0/file0\x00', 0x1d)
[ 520.205739][ C0] ------------[ cut here ]------------
[ 520.211349][ C0] WARNING: CPU: 0 PID: 27622 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 520.222230][ C0] Modules linked in:
[ 520.226129][ C0] CPU: 0 PID: 27622 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 520.236427][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 520.246602][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 520.252603][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 520.272649][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 520.278730][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff8880394f5000
[ 520.286710][ C0] RDX: 0000000080010001 RSI: 000000000000001a RDI: 0000000000000001
[ 520.294703][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:29:56 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x3}, 0x1c)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000100)=0x2e4, 0x4)
socket(0x11, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000000))
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000004540)={0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast2}}, 0x1c)
sendmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x2000000, &(0x7f0000001500)=[{&(0x7f0000000040)="d3622fe131479cee20fb607a9585dc0b411519fd3b65066522d73df58b9257b566c6fc626776defc3a2e249c910ccab00220bc31d41e44f96f67971b8ed8a3dc9eb4133a903d58da02dd1eca653150422bc91e9585fbf8", 0x57}, {&(0x7f00000011c0)="7cc3be44ec866303c11f9ec49c2fe80d4ccef580f3bf717b5e129f1dc7766fdf864b7bc35924f34bb5fd1dd89172a4b0db90eea51bdfec78bb53e8d41773cba7f1305a8a40b7368445a71ef7870273f1544930baf73a8bfa6ece09d54376b821b65fdf1e0704f1f3c5a823fa67f635159af010053f5b909f8e944c43d6fb1c4fca639b470d3e6ad140d0838958ecf0fc98a780205474fdeb93a97d27b4f3314a9585129aaec893d7fe36d87fd746841ac5c60b31e1732a1a3ca0afcc4068cdde63b142700c563c1ab59dc0b7200723bf21c694583ed8fed1b2bc5c204df3812c223ce0de2f40b69e7f4e8ba1c3ebc31de2f4190e3f1ceb", 0xf7}, {&(0x7f00000012c0), 0x80fe}, {&(0x7f0000000280)="0c22fcc306e8a4d628dc3f33cd1758b784d34ef62ecd943b96c5573b05e34886b55503a08eeac42aafc204e9fec654b4b0853f4c32d8d6f8968a96b81710a9ed49ae96ea22eb07accdc99ed31fb48b921b4c9af7278829eb32247169da3593e5e73371e82e3558cd87b9c876b91e091e933496ae3a6b5a00a79f50110980c83af2fd44e0f08908f806be4146080def894a3ac87c3d214e32b0e031c8873b6ed3cdb9c160ee236576cb5a749ee356d4f5df961b35ec3667bcfa641e2c812a5eefbd78546783b6bd280dc4ec1cd015bee7d07f0993d6", 0xd5}, {&(0x7f0000001440)="7b18908bcd34b2f4eef2193c5f89bb79551b5d7000ccc31628374b03e7f0b8bbfe45", 0x22}], 0x5, 0x0, 0x0, 0xffffffe0}}], 0x400000000000132, 0x4000000)
sendto$inet6(r0, &(0x7f0000000380)="64cbd14110f449f7f6d1159b3e4d69c1b58513ad81d4538eaad7ed242daf5d49145af31d7bc2ab507b028488b74ceb1d3597e5c50c184805cc546d9bc60000e5bcc3d0dd58422fa4f16219fe25dc64da04c331067d55466c236090a3d08a3ba6d576ecefe29df22574c1ac5396fd1157bb29a82138f6837f8472391190fe9aae01cc89acc9d657df3bcea9dafa5edd62dd1706d194e123b0d21cdce4f7f644e95888a6f7e53272b6806c207bf28649cb6d4ec417d6a6ca5862e1e2ccbc6afe06479f2e156e2d1b46bde130a50f04ec5b29988599ab75809ae728b35dc653b1010f428aafe730b2874033742df634362c071009dbf9334b", 0xf7, 0x0, &(0x7f00000000c0)={0xa, 0x4e24, 0x1, @ipv4={[], [], @local}}, 0x1c)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x15, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x180000c, 0x12, 0xffffffffffffffff, 0x0)
[ 520.302778][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 520.310767][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 520.318768][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 520.327711][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 520.334313][ C0] CR2: 00007f858a903d58 CR3: 000000010acb6000 CR4: 00000000001506f0
[ 520.342289][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 520.350279][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 520.361400][ C0] Call Trace:
[ 520.364691][ C0]
[ 520.367558][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 520.373382][ C0] __run_hrtimer+0x163/0x460
[ 520.377995][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 520.385312][ C0] hrtimer_interrupt+0x380/0xaf0
[ 520.390263][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 520.396209][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 520.401866][ C0]
[ 520.404847][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 520.410850][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x2d/0x60
[ 520.417023][ C0] Code: 24 65 48 8b 0c 25 00 6d 01 00 65 8b 15 f4 3b bb 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74 35 83 b9 1c 0b 00 00 00 74 2c <8b> 91 f8 0a 00 00 83 fa 02 75 21 48 8b 91 00 0b 00 00 48 8b 32 48
[ 520.437454][ C0] RSP: 0018:ffffc90003977aa8 EFLAGS: 00000246
[ 520.443527][ C0] RAX: ffffffff816a58d9 RBX: 0000000000000000 RCX: ffff8880394f5000
[ 520.451518][ C0] RDX: 0000000080000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 520.460993][ C0] RBP: ffffea0004dd2bc0 R08: ffffffff816a58ce R09: 0001c90003977b47
[ 520.468997][ C0] R10: 0000000000000002 R11: ffff8880394f5000 R12: 0000000000000000
[ 520.476977][ C0] R13: 0000000000000661 R14: ffffea0004dd2bc0 R15: 0000000000000000
[ 520.484957][ C0] ? PageHuge+0x4e/0xc0
[ 520.489122][ C0] ? PageHuge+0x59/0xc0
[ 520.493318][ C0] PageHuge+0x59/0xc0
[ 520.497314][ C0] filemap_map_pages+0x24d/0x770
[ 520.502268][ C0] do_read_fault+0x217/0x530
19:29:57 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mice\x00', 0x2)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, 0x140c, 0x202, 0x70bd2c, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x40}}, 0x48000)
getsockopt(r0, 0x10000, 0x7fffffff, 0x0, &(0x7f0000000000))
syz_genetlink_get_family_id$gtp(&(0x7f0000000040)='gtp\x00', r0)
19:29:57 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 520.506993][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 520.512877][ C0] handle_mm_fault+0x1019/0x1840
[ 520.517860][ C0] __get_user_pages+0xa47/0x1000
[ 520.522912][ C0] __mm_populate+0x24d/0x380
[ 520.527521][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 520.532143][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 520.536913][ C0] ? switch_fpu_return+0xa/0x10
[ 520.541900][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 520.547627][ C0] do_syscall_64+0x39/0x80
[ 520.552053][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 520.557967][ C0] RIP: 0033:0x466459
[ 520.561873][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 520.581515][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 520.590011][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 520.597994][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 520.606082][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 520.614052][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 520.622098][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 520.631111][ C0] ---[ end trace 6a9a87c08c22e043 ]---
[ 520.636971][ C0] ------------[ cut here ]------------
[ 520.642870][ C0] WARNING: CPU: 0 PID: 27622 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 520.653773][ C0] Modules linked in:
19:29:57 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x11000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:29:57 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0xb, 0x6})
[ 520.657689][ C0] CPU: 0 PID: 27622 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 520.667938][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 520.679234][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 520.685250][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 520.705006][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 520.711302][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff8880394f5000
[ 520.719259][ C0] RDX: 0000000000010001 RSI: 000000000000001a RDI: 0000000000000001
[ 520.727219][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 520.736144][ C0] R10: 0001ffffffffffff R11: ffff8880394f5000 R12: ffff88813bc1da58
[ 520.744345][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 520.752310][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 520.761229][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 520.767898][ C0] CR2: 00007f858a903d58 CR3: 000000010acb6000 CR4: 00000000001506f0
[ 520.775867][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 520.784099][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 520.792080][ C0] Call Trace:
[ 520.795360][ C0]
[ 520.798424][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 520.804634][ C0] __run_hrtimer+0x163/0x460
[ 520.809229][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 520.815110][ C0] hrtimer_interrupt+0x380/0xaf0
[ 520.820204][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 520.826126][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 520.831926][ C0]
[ 520.835176][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 520.841374][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x2d/0x60
[ 520.847527][ C0] Code: 24 65 48 8b 0c 25 00 6d 01 00 65 8b 15 f4 3b bb 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74 35 83 b9 1c 0b 00 00 00 74 2c <8b> 91 f8 0a 00 00 83 fa 02 75 21 48 8b 91 00 0b 00 00 48 8b 32 48
[ 520.867763][ C0] RSP: 0018:ffffc90003977aa8 EFLAGS: 00000246
[ 520.873937][ C0] RAX: ffffffff816a58d9 RBX: 0000000000000000 RCX: ffff8880394f5000
[ 520.881902][ C0] RDX: 0000000080000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 520.889890][ C0] RBP: ffffea0004dd2bc0 R08: ffffffff816a58ce R09: 0001c90003977b47
[ 520.897847][ C0] R10: 0000000000000002 R11: ffff8880394f5000 R12: 0000000000000000
[ 520.905840][ C0] R13: 0000000000000661 R14: ffffea0004dd2bc0 R15: 0000000000000000
[ 520.913836][ C0] ? PageHuge+0x4e/0xc0
[ 520.918244][ C0] ? PageHuge+0x59/0xc0
[ 520.922398][ C0] PageHuge+0x59/0xc0
[ 520.926375][ C0] filemap_map_pages+0x24d/0x770
[ 520.931298][ C0] do_read_fault+0x217/0x530
[ 520.935890][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 520.941711][ C0] handle_mm_fault+0x1019/0x1840
[ 520.946675][ C0] __get_user_pages+0xa47/0x1000
[ 520.951619][ C0] __mm_populate+0x24d/0x380
[ 520.956217][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 520.960795][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 520.965453][ C0] ? switch_fpu_return+0xa/0x10
[ 520.970298][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 520.976001][ C0] do_syscall_64+0x39/0x80
[ 520.980401][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 520.986296][ C0] RIP: 0033:0x466459
[ 520.990337][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 521.011943][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 521.020402][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 521.028372][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 521.036346][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 521.044321][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 521.052371][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 521.060351][ C0] ---[ end trace 6a9a87c08c22e044 ]---
[ 521.066037][ C0] ------------[ cut here ]------------
[ 521.071576][ C0] WARNING: CPU: 0 PID: 27622 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 521.082430][ C0] Modules linked in:
[ 521.086421][ C0] CPU: 0 PID: 27622 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 521.096754][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 521.106794][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 521.112814][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 521.132430][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 521.138501][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff8880394f5000
[ 521.146570][ C0] RDX: 0000000000010001 RSI: 000000000000001a RDI: 0000000000000001
[ 521.154540][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 521.162500][ C0] R10: 0001ffffffffffff R11: ffff8880394f5000 R12: ffff88813bc1da58
[ 521.170463][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 521.178436][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 521.187349][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 521.193945][ C0] CR2: 00007f858a903d58 CR3: 000000010acb6000 CR4: 00000000001506f0
[ 521.201908][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 521.209906][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 521.217974][ C0] Call Trace:
[ 521.221255][ C0]
[ 521.224085][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 521.229907][ C0] __run_hrtimer+0x163/0x460
[ 521.234480][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 521.240335][ C0] hrtimer_interrupt+0x380/0xaf0
[ 521.245275][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 521.251157][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 521.256784][ C0]
[ 521.259708][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 521.265702][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x2d/0x60
[ 521.271844][ C0] Code: 24 65 48 8b 0c 25 00 6d 01 00 65 8b 15 f4 3b bb 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74 35 83 b9 1c 0b 00 00 00 74 2c <8b> 91 f8 0a 00 00 83 fa 02 75 21 48 8b 91 00 0b 00 00 48 8b 32 48
[ 521.291453][ C0] RSP: 0018:ffffc90003977aa8 EFLAGS: 00000246
[ 521.297521][ C0] RAX: ffffffff816a58d9 RBX: 0000000000000000 RCX: ffff8880394f5000
[ 521.305652][ C0] RDX: 0000000080000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 521.313618][ C0] RBP: ffffea0004dd2bc0 R08: ffffffff816a58ce R09: 0001c90003977b47
[ 521.321591][ C0] R10: 0000000000000002 R11: ffff8880394f5000 R12: 0000000000000000
[ 521.329561][ C0] R13: 0000000000000661 R14: ffffea0004dd2bc0 R15: 0000000000000000
[ 521.337529][ C0] ? PageHuge+0x4e/0xc0
[ 521.341684][ C0] ? PageHuge+0x59/0xc0
[ 521.345835][ C0] PageHuge+0x59/0xc0
[ 521.349831][ C0] filemap_map_pages+0x24d/0x770
[ 521.354797][ C0] do_read_fault+0x217/0x530
[ 521.359374][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 521.365160][ C0] handle_mm_fault+0x1019/0x1840
[ 521.370138][ C0] __get_user_pages+0xa47/0x1000
[ 521.375082][ C0] __mm_populate+0x24d/0x380
[ 521.379661][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 521.384239][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 521.388913][ C0] ? switch_fpu_return+0xa/0x10
[ 521.393756][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 521.399489][ C0] do_syscall_64+0x39/0x80
[ 521.403886][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 521.409761][ C0] RIP: 0033:0x466459
[ 521.413644][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 521.433269][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 521.441679][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 521.449656][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 521.457628][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 521.466034][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 521.474084][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 521.482085][ C0] ---[ end trace 6a9a87c08c22e045 ]---
19:29:58 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:29:58 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:29:58 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x12000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 521.587934][ C0] ------------[ cut here ]------------
[ 521.593436][ C0] WARNING: CPU: 0 PID: 27653 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 521.604307][ C0] Modules linked in:
[ 521.608203][ C0] CPU: 0 PID: 27653 Comm: syz-executor.0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 521.618373][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 521.628608][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:29:58 executing program 3:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0, 0xfffffeb5}], 0x1, 0x0, 0x0)
r1 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x7, 0x400001)
ioctl$KDGKBENT(r1, 0x4b46, &(0x7f0000000080)={0x6, 0x7, 0xfffe})
r2 = socket$nl_generic(0xa, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='veth1_to_batadv\x00', 0x10)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000240)={'syztnl1\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x4, 0xaa, 0x1, 0x8, 0x20, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}, @remote, 0x40, 0x8740, 0x7, 0x3}})
sendmsg(r2, &(0x7f0000000100)={&(0x7f00000002c0)=@nfc={0x27, 0x0, 0x0, 0x7}, 0x80, 0x0, 0x0, &(0x7f00000002c0)}, 0x20000081)
[ 521.634691][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 521.656055][ C0] RSP: 0000:ffffc90003edfd60 EFLAGS: 00010046
[ 521.662143][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff88810db4e000
[ 521.670139][ C0] RDX: 0000000080010000 RSI: 000000000000001f RDI: 0000000000000001
[ 521.678145][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 521.686139][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: ffff88813bc1da58
[ 521.694104][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 521.702092][ C0] FS: 0000000002121400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 521.711024][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 521.717596][ C0] CR2: 0000000000510e90 CR3: 0000000026eff000 CR4: 00000000001506f0
[ 521.725554][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 521.733511][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 521.741732][ C0] Call Trace:
[ 521.745008][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 521.750909][ C0] __run_hrtimer+0x163/0x460
[ 521.755482][ C0] hrtimer_interrupt+0x380/0xaf0
[ 521.760403][ C0] ? asm_sysvec_apic_timer_interrupt+0xa/0x20
[ 521.766453][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 521.772391][ C0] sysvec_apic_timer_interrupt+0x32/0x80
[ 521.778160][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 521.784147][ C0] RIP: 0033:0x440501
[ 521.788035][ C0] Code: 03 00 00 0f 82 d0 03 00 00 49 89 d3 89 f8 31 d2 c5 c5 ef ff 09 f0 25 ff 0f 00 00 3d 80 0f 00 00 0f 8f f3 03 00 00 c5 fe 6f 0f f5 74 06 c5 fd da c1 c5 fd 74 c7 c5 fd d7 c8 85 c9 74 7b f3 0f
[ 521.807745][ C0] RSP: 002b:00007ffdd9640bc8 EFLAGS: 00000283
[ 521.813805][ C0] RAX: 0000000000000b53 RBX: 00000000004fc780 RCX: 0000000000000008
[ 521.821782][ C0] RDX: 0000000000000000 RSI: 00000000004bf853 RDI: 00000000004c4300
[ 521.829757][ C0] RBP: 00000000004c4300 R08: 0000000000970000 R09: 0000001b303207d0
[ 521.837835][ C0] R10: 00007ffdd9640ca0 R11: 0000000000000007 R12: 000000000007f561
[ 521.845791][ C0] R13: 00000000000003e8 R14: 000000000056bf60 R15: 000000000007f559
[ 521.853754][ C0] ---[ end trace 6a9a87c08c22e046 ]---
[ 521.859598][ C0] ------------[ cut here ]------------
[ 521.865059][ C0] WARNING: CPU: 0 PID: 27653 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 521.875920][ C0] Modules linked in:
19:29:58 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x5421, &(0x7f0000000040)={0x4})
[ 521.879824][ C0] CPU: 0 PID: 27653 Comm: syz-executor.0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 521.889972][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 521.900052][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 521.906048][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 521.925743][ C0] RSP: 0000:ffffc90003edfd60 EFLAGS: 00010046
[ 521.931811][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000011 RCX: ffff88810db4e000
[ 521.939781][ C0] RDX: 0000000080010000 RSI: 0000000000000011 RDI: 0000000000000001
[ 521.947774][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 521.955941][ C0] R10: 0001ffffffffffff R11: 0000000000000312 R12: ffff88813bc1da58
[ 521.963917][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 521.971878][ C0] FS: 0000000002121400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 521.980934][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 521.987552][ C0] CR2: 0000000000510e90 CR3: 0000000026eff000 CR4: 00000000001506f0
[ 521.995539][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 522.003519][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 522.011746][ C0] Call Trace:
[ 522.015034][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 522.020876][ C0] __run_hrtimer+0x163/0x460
[ 522.025468][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 522.031265][ C0] hrtimer_interrupt+0x380/0xaf0
[ 522.036215][ C0] ? asm_sysvec_apic_timer_interrupt+0xa/0x20
[ 522.042291][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 522.048191][ C0] sysvec_apic_timer_interrupt+0x32/0x80
[ 522.053846][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 522.060039][ C0] RIP: 0033:0x440501
[ 522.064050][ C0] Code: 03 00 00 0f 82 d0 03 00 00 49 89 d3 89 f8 31 d2 c5 c5 ef ff 09 f0 25 ff 0f 00 00 3d 80 0f 00 00 0f 8f f3 03 00 00 c5 fe 6f 0f f5 74 06 c5 fd da c1 c5 fd 74 c7 c5 fd d7 c8 85 c9 74 7b f3 0f
[ 522.083696][ C0] RSP: 002b:00007ffdd9640bc8 EFLAGS: 00000283
[ 522.089750][ C0] RAX: 0000000000000b53 RBX: 00000000004fc780 RCX: 0000000000000008
[ 522.097838][ C0] RDX: 0000000000000000 RSI: 00000000004bf853 RDI: 00000000004c4300
[ 522.105792][ C0] RBP: 00000000004c4300 R08: 0000000000970000 R09: 0000001b303207d0
[ 522.113755][ C0] R10: 00007ffdd9640ca0 R11: 0000000000000007 R12: 000000000007f561
[ 522.121755][ C0] R13: 00000000000003e8 R14: 000000000056bf60 R15: 000000000007f559
[ 522.129738][ C0] ---[ end trace 6a9a87c08c22e047 ]---
[ 522.135537][ C0] ------------[ cut here ]------------
[ 522.140995][ C0] WARNING: CPU: 0 PID: 27653 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 522.152016][ C0] Modules linked in:
[ 522.155908][ C0] CPU: 0 PID: 27653 Comm: syz-executor.0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 522.166038][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 522.176219][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 522.182239][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 522.201939][ C0] RSP: 0000:ffffc90003edfd60 EFLAGS: 00010046
[ 522.208011][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000010 RCX: ffff88810db4e000
[ 522.215972][ C0] RDX: 0000000080010000 RSI: 0000000000000010 RDI: 0000000000000001
[ 522.223957][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 522.231921][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 522.239894][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 522.247877][ C0] FS: 0000000002121400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 522.256818][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 522.263404][ C0] CR2: 0000000000510e90 CR3: 0000000026eff000 CR4: 00000000001506f0
[ 522.271397][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 522.279492][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 522.287468][ C0] Call Trace:
[ 522.290767][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 522.296569][ C0] __run_hrtimer+0x163/0x460
[ 522.301436][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 522.307242][ C0] hrtimer_interrupt+0x380/0xaf0
[ 522.312174][ C0] ? asm_sysvec_apic_timer_interrupt+0xa/0x20
[ 522.318251][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 522.324142][ C0] sysvec_apic_timer_interrupt+0x32/0x80
[ 522.329957][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 522.336050][ C0] RIP: 0033:0x440501
[ 522.339964][ C0] Code: 03 00 00 0f 82 d0 03 00 00 49 89 d3 89 f8 31 d2 c5 c5 ef ff 09 f0 25 ff 0f 00 00 3d 80 0f 00 00 0f 8f f3 03 00 00 c5 fe 6f 0f f5 74 06 c5 fd da c1 c5 fd 74 c7 c5 fd d7 c8 85 c9 74 7b f3 0f
[ 522.359578][ C0] RSP: 002b:00007ffdd9640bc8 EFLAGS: 00000283
[ 522.365631][ C0] RAX: 0000000000000b53 RBX: 00000000004fc780 RCX: 0000000000000008
[ 522.373602][ C0] RDX: 0000000000000000 RSI: 00000000004bf853 RDI: 00000000004c4300
[ 522.381695][ C0] RBP: 00000000004c4300 R08: 0000000000970000 R09: 0000001b303207d0
19:29:59 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 522.389673][ C0] R10: 00007ffdd9640ca0 R11: 0000000000000007 R12: 000000000007f561
[ 522.397633][ C0] R13: 00000000000003e8 R14: 000000000056bf60 R15: 000000000007f559
[ 522.405674][ C0] ---[ end trace 6a9a87c08c22e048 ]---
19:29:59 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x25000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 522.511490][ C0] ------------[ cut here ]------------
[ 522.517041][ C0] WARNING: CPU: 0 PID: 27664 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 522.528018][ C0] Modules linked in:
[ 522.531925][ C0] CPU: 0 PID: 27664 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 522.542105][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 522.552169][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:29:59 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:29:59 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x60000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 522.558190][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 522.577820][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 522.583899][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000017 RCX: ffff88803477a000
[ 522.591888][ C0] RDX: 0000000080010001 RSI: 0000000000000017 RDI: 0000000000000001
[ 522.599872][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:29:59 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x65580000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 522.607884][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 522.615864][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 522.623846][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 522.632791][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 522.639498][ C0] CR2: 0000001b30d23000 CR3: 000000002686d000 CR4: 00000000001506f0
[ 522.647479][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
19:29:59 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 522.655468][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 522.663442][ C0] Call Trace:
[ 522.666721][ C0]
[ 522.669568][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 522.675394][ C0] __run_hrtimer+0x163/0x460
[ 522.679992][ C0] hrtimer_interrupt+0x380/0xaf0
[ 522.684950][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 522.690884][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 522.696526][ C0]
[ 522.699457][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 522.705449][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 522.711625][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 522.731251][ C0] RSP: 0018:ffffc90003edf780 EFLAGS: 00000246
[ 522.737674][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011ea0004c19ab8
[ 522.745672][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 522.753648][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 522.761631][ C0] R10: ffffffff88f37000 R11: 0000000000000200 R12: 000000000000001a
[ 522.769636][ C0] R13: 0000000000000000 R14: ffffea0004c19ab8 R15: 0000000000000008
[ 522.777627][ C0] __mod_lruvec_page_state+0x3a/0x110
[ 522.783029][ C0] page_remove_rmap+0x203/0x640
[ 522.787888][ C0] ? zap_pte_range+0x59e/0x13f0
[ 522.792756][ C0] zap_pte_range+0x5b9/0x13f0
[ 522.797460][ C0] ? xas_store+0x88f/0xcf0
[ 522.801892][ C0] unmap_page_range+0x540/0x650
[ 522.806768][ C0] unmap_single_vma+0x157/0x210
[ 522.811719][ C0] unmap_vmas+0xc0/0x170
[ 522.815991][ C0] exit_mmap+0x1be/0x400
[ 522.820529][ C0] __mmput+0xa2/0x220
[ 522.824524][ C0] mmput+0x3d/0x50
[ 522.828239][ C0] exit_mm+0x344/0x430
[ 522.832350][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 522.838154][ C0] ? taskstats_exit+0x334/0x730
[ 522.843133][ C0] ? acct_collect+0x3a4/0x400
[ 522.847819][ C0] do_exit+0x3ff/0x1670
[ 522.851962][ C0] ? do_futex+0x1080/0x1cd0
[ 522.856459][ C0] do_group_exit+0xce/0x180
[ 522.860965][ C0] get_signal+0xdce/0x14e0
[ 522.865379][ C0] ? __mm_populate+0x32c/0x380
[ 522.870284][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 522.875879][ C0] ? __se_sys_futex+0x2a8/0x390
[ 522.880806][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 522.886619][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 522.892395][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 522.897882][ C0] do_syscall_64+0x45/0x80
[ 522.902288][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 522.908166][ C0] RIP: 0033:0x466459
[ 522.912054][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 522.918878][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 522.927291][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 522.935278][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 522.943234][ C0] RBP: 000000000056bf60 R08: 0000000000000009 R09: 0000000000000000
[ 522.951207][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
19:29:59 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0xc, 0x6})
19:29:59 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 522.959194][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 522.967175][ C0] ---[ end trace 6a9a87c08c22e049 ]---
[ 522.972953][ C0] ------------[ cut here ]------------
[ 522.978497][ C0] WARNING: CPU: 0 PID: 27664 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 522.989362][ C0] Modules linked in:
[ 522.993255][ C0] CPU: 0 PID: 27664 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 523.003426][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 523.013603][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 523.019642][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 523.039264][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 523.045343][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff88803477a000
[ 523.053319][ C0] RDX: 0000000000010001 RSI: 000000000000001b RDI: 0000000000000001
[ 523.061331][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 523.069328][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 523.077302][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 523.085299][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 523.094509][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 523.101086][ C0] CR2: 0000001b30d23000 CR3: 000000002686d000 CR4: 00000000001506f0
[ 523.109048][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 523.117028][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 523.125875][ C0] Call Trace:
[ 523.129168][ C0]
[ 523.131995][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 523.137795][ C0] __run_hrtimer+0x163/0x460
[ 523.142429][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 523.148224][ C0] hrtimer_interrupt+0x380/0xaf0
[ 523.153168][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 523.159056][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 523.165326][ C0]
[ 523.168264][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 523.174233][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 523.180400][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 523.200014][ C0] RSP: 0018:ffffc90003edf780 EFLAGS: 00000246
[ 523.206073][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011ea0004c19ab8
[ 523.214067][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 523.222027][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 523.230020][ C0] R10: ffffffff88f37000 R11: 0000000000000200 R12: 000000000000001a
[ 523.237991][ C0] R13: 0000000000000000 R14: ffffea0004c19ab8 R15: 0000000000000008
[ 523.248838][ C0] __mod_lruvec_page_state+0x3a/0x110
[ 523.254279][ C0] page_remove_rmap+0x203/0x640
[ 523.259267][ C0] ? zap_pte_range+0x59e/0x13f0
[ 523.264128][ C0] zap_pte_range+0x5b9/0x13f0
[ 523.268809][ C0] ? xas_store+0x88f/0xcf0
[ 523.273251][ C0] unmap_page_range+0x540/0x650
[ 523.278348][ C0] unmap_single_vma+0x157/0x210
[ 523.283193][ C0] unmap_vmas+0xc0/0x170
[ 523.287442][ C0] exit_mmap+0x1be/0x400
[ 523.291669][ C0] __mmput+0xa2/0x220
[ 523.295633][ C0] mmput+0x3d/0x50
[ 523.299343][ C0] exit_mm+0x344/0x430
[ 523.303407][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 523.309197][ C0] ? taskstats_exit+0x334/0x730
[ 523.314046][ C0] ? acct_collect+0x3a4/0x400
[ 523.318718][ C0] do_exit+0x3ff/0x1670
[ 523.322874][ C0] ? do_futex+0x1080/0x1cd0
[ 523.327360][ C0] do_group_exit+0xce/0x180
[ 523.331879][ C0] get_signal+0xdce/0x14e0
[ 523.336281][ C0] ? __mm_populate+0x32c/0x380
[ 523.341389][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 523.346919][ C0] ? __se_sys_futex+0x2a8/0x390
[ 523.351805][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 523.357370][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 523.363041][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 523.368500][ C0] do_syscall_64+0x45/0x80
[ 523.373091][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 523.378987][ C0] RIP: 0033:0x466459
[ 523.382878][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 523.389714][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 523.398146][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 523.406122][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 523.414081][ C0] RBP: 000000000056bf60 R08: 0000000000000009 R09: 0000000000000000
[ 523.422092][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 523.430055][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 523.438038][ C0] ---[ end trace 6a9a87c08c22e04a ]---
[ 523.443733][ C0] ------------[ cut here ]------------
[ 523.449172][ C0] WARNING: CPU: 0 PID: 27664 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 523.460007][ C0] Modules linked in:
[ 523.463989][ C0] CPU: 0 PID: 27664 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 523.474128][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 523.484169][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 523.490164][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 523.510806][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 523.516871][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001d RCX: ffff88803477a000
[ 523.524838][ C0] RDX: 0000000000010001 RSI: 000000000000001d RDI: 0000000000000001
[ 523.532866][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 523.540831][ C0] R10: 0001ffffffffffff R11: ffff88803477a000 R12: ffff88813bc1da58
[ 523.548812][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 523.556788][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 523.565703][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 523.572272][ C0] CR2: 0000001b30d23000 CR3: 000000002686d000 CR4: 00000000001506f0
[ 523.580266][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 523.588262][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 523.596250][ C0] Call Trace:
[ 523.599542][ C0]
[ 523.602372][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 523.608198][ C0] __run_hrtimer+0x163/0x460
[ 523.612770][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 523.618557][ C0] hrtimer_interrupt+0x380/0xaf0
[ 523.623483][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 523.629376][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 523.635432][ C0]
[ 523.638351][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 523.644362][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 523.650531][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 523.670522][ C0] RSP: 0018:ffffc90003edf780 EFLAGS: 00000246
[ 523.676573][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011ea0004c19ab8
[ 523.684530][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 523.692507][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 523.700504][ C0] R10: ffffffff88f37000 R11: 0000000000000200 R12: 000000000000001a
[ 523.708562][ C0] R13: 0000000000000000 R14: ffffea0004c19ab8 R15: 0000000000000008
[ 523.716538][ C0] __mod_lruvec_page_state+0x3a/0x110
[ 523.722016][ C0] page_remove_rmap+0x203/0x640
[ 523.726871][ C0] ? zap_pte_range+0x59e/0x13f0
[ 523.731829][ C0] zap_pte_range+0x5b9/0x13f0
[ 523.736513][ C0] ? xas_store+0x88f/0xcf0
[ 523.740958][ C0] unmap_page_range+0x540/0x650
[ 523.745824][ C0] unmap_single_vma+0x157/0x210
[ 523.750684][ C0] unmap_vmas+0xc0/0x170
[ 523.754941][ C0] exit_mmap+0x1be/0x400
[ 523.759884][ C0] __mmput+0xa2/0x220
[ 523.763880][ C0] mmput+0x3d/0x50
[ 523.767625][ C0] exit_mm+0x344/0x430
[ 523.771677][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 523.777503][ C0] ? taskstats_exit+0x334/0x730
[ 523.782423][ C0] ? acct_collect+0x3a4/0x400
[ 523.787083][ C0] do_exit+0x3ff/0x1670
[ 523.791236][ C0] ? do_futex+0x1080/0x1cd0
[ 523.795744][ C0] do_group_exit+0xce/0x180
[ 523.800248][ C0] get_signal+0xdce/0x14e0
[ 523.804670][ C0] ? __mm_populate+0x32c/0x380
[ 523.809446][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 523.815446][ C0] ? __se_sys_futex+0x2a8/0x390
[ 523.820317][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 523.825872][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 523.831513][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 523.836997][ C0] do_syscall_64+0x45/0x80
[ 523.841402][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 523.847382][ C0] RIP: 0033:0x466459
[ 523.851273][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 523.858106][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 523.866505][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 523.874479][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 523.882449][ C0] RBP: 000000000056bf60 R08: 0000000000000009 R09: 0000000000000000
[ 523.890512][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 523.898565][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 523.907047][ C0] ---[ end trace 6a9a87c08c22e04b ]---
19:30:00 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:30:00 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x81000000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:00 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0xb, 0x6})
19:30:00 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x5450, &(0x7f0000000040)={0x4})
19:30:00 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 524.012928][ C0] ------------[ cut here ]------------
[ 524.018435][ C0] WARNING: CPU: 0 PID: 4838 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 524.029444][ C0] Modules linked in:
[ 524.033345][ C0] CPU: 0 PID: 4838 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 524.043331][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 524.053405][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:00 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:00 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x81ffffff, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 524.059402][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 524.079015][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 524.085109][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000022 RCX: ffff888105e21000
[ 524.093084][ C0] RDX: 0000000080010000 RSI: 0000000000000022 RDI: 0000000000000001
[ 524.101070][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 524.109049][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 524.117042][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 524.125022][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 524.133993][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 524.140587][ C0] CR2: 00005599450071c0 CR3: 0000000107aec000 CR4: 00000000001506f0
[ 524.148565][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 524.156652][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 524.164650][ C0] Call Trace:
[ 524.167931][ C0]
[ 524.170774][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 524.176606][ C0] __run_hrtimer+0x163/0x460
[ 524.181206][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 524.187467][ C0] hrtimer_interrupt+0x380/0xaf0
[ 524.192913][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 524.199025][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 524.204678][ C0]
[ 524.207743][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
19:30:00 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x0, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 524.213926][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 524.220103][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 524.240968][ C0] RSP: 0018:ffffc90000dc3a98 EFLAGS: 00000246
[ 524.247301][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 001188810b80c3e8
[ 524.255475][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 524.263439][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 524.271414][ C0] R10: ffffffff88f36f98 R11: 0000000000000200 R12: 000000000000000d
[ 524.279386][ C0] R13: ffff88802cac3000 R14: ffff88810b80c3e8 R15: 0000000000000008
[ 524.287349][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 524.292926][ C0] tomoyo_check_path_acl+0x5c/0xe0
[ 524.298845][ C0] tomoyo_check_acl+0xcc/0x220
[ 524.303801][ C0] ? tomoyo_execute_permission+0x190/0x190
[ 524.310591][ C0] tomoyo_path_perm+0x22f/0x330
[ 524.315469][ C0] tomoyo_inode_getattr+0x18/0x20
[ 524.320659][ C0] security_inode_getattr+0x7f/0xd0
[ 524.325872][ C0] vfs_statx+0xf8/0x290
[ 524.330038][ C0] __se_sys_newlstat+0x46/0x250
[ 524.334915][ C0] ? __secure_computing+0x12e/0x1c0
[ 524.340118][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 524.345405][ C0] __x64_sys_newlstat+0x2d/0x40
[ 524.350259][ C0] do_syscall_64+0x39/0x80
[ 524.354843][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 524.360752][ C0] RIP: 0033:0x7f6cba8ec335
[ 524.365166][ C0] Code: 69 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 48 89 f0 77 30 48 89 c7 48 89 d6 b8 06 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 03 f3 c3 90 48 8b 15 31 db 2b 00 f7 d8 64 89
[ 524.384891][ C0] RSP: 002b:00007fff78b3ac68 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[ 524.393423][ C0] RAX: ffffffffffffffda RBX: 0000559944fbda20 RCX: 00007f6cba8ec335
[ 524.401381][ C0] RDX: 00007fff78b3aca0 RSI: 00007fff78b3aca0 RDI: 0000559944fbca20
[ 524.409368][ C0] RBP: 00007fff78b3ad60 R08: 00007f6cbabab1e8 R09: 0000000000001010
[ 524.417325][ C0] R10: 0000000000000020 R11: 0000000000000246 R12: 0000559944fbca20
[ 524.425289][ C0] R13: 0000559944fbca40 R14: 0000559944fc11db R15: 0000559944fc11e0
[ 524.433550][ C0] ---[ end trace 6a9a87c08c22e04c ]---
[ 524.439375][ C0] ------------[ cut here ]------------
[ 524.445022][ C0] WARNING: CPU: 0 PID: 4838 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 524.455894][ C0] Modules linked in:
19:30:01 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x5451, &(0x7f0000000040)={0x4})
19:30:01 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0xd, 0x6})
[ 524.459785][ C0] CPU: 0 PID: 4838 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 524.470131][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 524.480248][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 524.486225][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 524.506011][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 524.512085][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff888105e21000
[ 524.520051][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 524.528010][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 524.535991][ C0] R10: 0001ffffffffffff R11: ffff888105e21000 R12: ffff88813bc1da58
[ 524.544093][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 524.552051][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 524.560989][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 524.567930][ C0] CR2: 00005599450071c0 CR3: 0000000107aec000 CR4: 00000000001506f0
[ 524.576002][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 524.583987][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 524.591983][ C0] Call Trace:
[ 524.595271][ C0]
[ 524.598132][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 524.604124][ C0] __run_hrtimer+0x163/0x460
[ 524.608908][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 524.614809][ C0] hrtimer_interrupt+0x380/0xaf0
[ 524.619783][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 524.625682][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 524.631311][ C0]
[ 524.634740][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 524.640886][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 524.647057][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 524.666655][ C0] RSP: 0018:ffffc90000dc3a98 EFLAGS: 00000246
[ 524.673075][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 001188810b80c3e8
[ 524.681234][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 524.689222][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 524.697215][ C0] R10: ffffffff88f36f98 R11: 0000000000000200 R12: 000000000000000d
[ 524.705272][ C0] R13: ffff88802cac3000 R14: ffff88810b80c3e8 R15: 0000000000000008
[ 524.713499][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 524.719167][ C0] tomoyo_check_path_acl+0x5c/0xe0
[ 524.724274][ C0] tomoyo_check_acl+0xcc/0x220
[ 524.729028][ C0] ? tomoyo_execute_permission+0x190/0x190
[ 524.734956][ C0] tomoyo_path_perm+0x22f/0x330
[ 524.739823][ C0] tomoyo_inode_getattr+0x18/0x20
[ 524.744942][ C0] security_inode_getattr+0x7f/0xd0
[ 524.750162][ C0] vfs_statx+0xf8/0x290
[ 524.754330][ C0] __se_sys_newlstat+0x46/0x250
[ 524.759185][ C0] ? __secure_computing+0x12e/0x1c0
[ 524.764431][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 524.769726][ C0] __x64_sys_newlstat+0x2d/0x40
[ 524.774569][ C0] do_syscall_64+0x39/0x80
[ 524.778974][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 524.784861][ C0] RIP: 0033:0x7f6cba8ec335
[ 524.789262][ C0] Code: 69 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 48 89 f0 77 30 48 89 c7 48 89 d6 b8 06 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 03 f3 c3 90 48 8b 15 31 db 2b 00 f7 d8 64 89
[ 524.810468][ C0] RSP: 002b:00007fff78b3ac68 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[ 524.819014][ C0] RAX: ffffffffffffffda RBX: 0000559944fbda20 RCX: 00007f6cba8ec335
[ 524.827324][ C0] RDX: 00007fff78b3aca0 RSI: 00007fff78b3aca0 RDI: 0000559944fbca20
[ 524.835286][ C0] RBP: 00007fff78b3ad60 R08: 00007f6cbabab1e8 R09: 0000000000001010
[ 524.843279][ C0] R10: 0000000000000020 R11: 0000000000000246 R12: 0000559944fbca20
[ 524.851239][ C0] R13: 0000559944fbca40 R14: 0000559944fc11db R15: 0000559944fc11e0
[ 524.859261][ C0] ---[ end trace 6a9a87c08c22e04d ]---
[ 524.865019][ C0] ------------[ cut here ]------------
[ 524.870615][ C0] WARNING: CPU: 0 PID: 4838 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 524.881959][ C0] Modules linked in:
[ 524.885840][ C0] CPU: 0 PID: 4838 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 524.895804][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 524.906064][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 524.912041][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 524.931636][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 524.937763][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff888105e21000
[ 524.945749][ C0] RDX: 0000000000010000 RSI: 000000000000001a RDI: 0000000000000001
[ 524.953744][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 524.961717][ C0] R10: 0001ffffffffffff R11: ffff888105e21000 R12: ffff88813bc1da58
[ 524.969708][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 524.977679][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 524.986608][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 524.993183][ C0] CR2: 00005599450071c0 CR3: 0000000107aec000 CR4: 00000000001506f0
[ 525.001250][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 525.009224][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 525.017210][ C0] Call Trace:
[ 525.020488][ C0]
[ 525.023323][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 525.029167][ C0] __run_hrtimer+0x163/0x460
[ 525.033795][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 525.039589][ C0] hrtimer_interrupt+0x380/0xaf0
[ 525.044521][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 525.050414][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 525.056067][ C0]
[ 525.058980][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 525.064971][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 525.071116][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 525.090865][ C0] RSP: 0018:ffffc90000dc3a98 EFLAGS: 00000246
[ 525.097153][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 001188810b80c3e8
[ 525.105114][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 525.113090][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 525.121060][ C0] R10: ffffffff88f36f98 R11: 0000000000000200 R12: 000000000000000d
[ 525.129039][ C0] R13: ffff88802cac3000 R14: ffff88810b80c3e8 R15: 0000000000000008
[ 525.137025][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 525.142589][ C0] tomoyo_check_path_acl+0x5c/0xe0
[ 525.147724][ C0] tomoyo_check_acl+0xcc/0x220
[ 525.152641][ C0] ? tomoyo_execute_permission+0x190/0x190
[ 525.158492][ C0] tomoyo_path_perm+0x22f/0x330
[ 525.163965][ C0] tomoyo_inode_getattr+0x18/0x20
[ 525.168994][ C0] security_inode_getattr+0x7f/0xd0
[ 525.174237][ C0] vfs_statx+0xf8/0x290
[ 525.178401][ C0] __se_sys_newlstat+0x46/0x250
[ 525.183272][ C0] ? __secure_computing+0x12e/0x1c0
[ 525.188483][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 525.193777][ C0] __x64_sys_newlstat+0x2d/0x40
[ 525.198764][ C0] do_syscall_64+0x39/0x80
[ 525.203181][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 525.209074][ C0] RIP: 0033:0x7f6cba8ec335
[ 525.213483][ C0] Code: 69 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 48 89 f0 77 30 48 89 c7 48 89 d6 b8 06 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 03 f3 c3 90 48 8b 15 31 db 2b 00 f7 d8 64 89
[ 525.233116][ C0] RSP: 002b:00007fff78b3ac68 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[ 525.241518][ C0] RAX: ffffffffffffffda RBX: 0000559944fbda20 RCX: 00007f6cba8ec335
[ 525.249606][ C0] RDX: 00007fff78b3aca0 RSI: 00007fff78b3aca0 RDI: 0000559944fbca20
[ 525.257583][ C0] RBP: 00007fff78b3ad60 R08: 00007f6cbabab1e8 R09: 0000000000001010
[ 525.265633][ C0] R10: 0000000000000020 R11: 0000000000000246 R12: 0000559944fbca20
[ 525.273639][ C0] R13: 0000559944fbca40 R14: 0000559944fc11db R15: 0000559944fc11e0
[ 525.281604][ C0] ---[ end trace 6a9a87c08c22e04e ]---
19:30:02 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x88470000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 525.387439][ C0] ------------[ cut here ]------------
[ 525.392939][ C0] WARNING: CPU: 0 PID: 4838 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 525.403724][ C0] Modules linked in:
[ 525.407651][ C0] CPU: 0 PID: 4838 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 525.418697][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 525.428757][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:02 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x88480000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 525.434778][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 525.454420][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 525.460491][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff888105e21000
[ 525.468492][ C0] RDX: 0000000080010000 RSI: 000000000000001f RDI: 0000000000000001
[ 525.476477][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:30:02 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x88a8ffff, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 525.484487][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 525.492468][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 525.500447][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 525.509399][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 525.515995][ C0] CR2: 00007fff78b38c97 CR3: 0000000107aec000 CR4: 00000000001506f0
[ 525.523977][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
19:30:02 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x8f070000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 525.531955][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 525.539954][ C0] Call Trace:
[ 525.543234][ C0]
[ 525.546072][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 525.551887][ C0] __run_hrtimer+0x163/0x460
[ 525.556528][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 525.562808][ C0] hrtimer_interrupt+0x380/0xaf0
[ 525.567782][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 525.573710][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 525.579358][ C0]
[ 525.582318][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 525.588329][ C0] RIP: 0010:__tsan_read1+0x46/0x180
[ 525.593570][ C0] Code: 30 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 5b 4c 8b 04 c5 38 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 74 4c 8b 04 c5 40 6f f3 88 <49> 83 f8 02 0f 82 95 00 00 00 4d 85 c0 0f 89 8c 00 00 00 4c 21 c1
[ 525.613298][ C0] RSP: 0018:ffffc90000dc3b40 EFLAGS: 00000293
[ 525.619464][ C0] RAX: 0000000000000009 RBX: ffffc90000dc3bd0 RCX: 0001ffffffffffff
[ 525.627444][ C0] RDX: 0001888103849f98 RSI: 000000000886db1e RDI: ffff888103849f98
[ 525.635855][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0001c90000dc3bf7
[ 525.643837][ C0] R10: 0001ffffffffffff R11: 0000000000000200 R12: ffff888103849f80
[ 525.651822][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888107a43810
[ 525.659812][ C0] tomoyo_check_acl+0x6a/0x220
[ 525.664637][ C0] ? tomoyo_execute_permission+0x190/0x190
[ 525.670559][ C0] tomoyo_path_perm+0x22f/0x330
[ 525.675450][ C0] tomoyo_inode_getattr+0x18/0x20
[ 525.680504][ C0] security_inode_getattr+0x7f/0xd0
[ 525.685730][ C0] vfs_statx+0xf8/0x290
[ 525.689922][ C0] __se_sys_newlstat+0x46/0x250
[ 525.694893][ C0] ? __secure_computing+0x12e/0x1c0
[ 525.700088][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 525.705382][ C0] __x64_sys_newlstat+0x2d/0x40
[ 525.710236][ C0] do_syscall_64+0x39/0x80
[ 525.714683][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 525.720577][ C0] RIP: 0033:0x7f6cba8ec335
[ 525.724997][ C0] Code: 69 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 48 89 f0 77 30 48 89 c7 48 89 d6 b8 06 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 03 f3 c3 90 48 8b 15 31 db 2b 00 f7 d8 64 89
[ 525.744593][ C0] RSP: 002b:00007fff78b3abc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[ 525.752990][ C0] RAX: ffffffffffffffda RBX: 0000559944fbda20 RCX: 00007f6cba8ec335
[ 525.760949][ C0] RDX: 00007fff78b3ac00 RSI: 00007fff78b3ac00 RDI: 0000559944fbca20
[ 525.768912][ C0] RBP: 00007fff78b3acc0 R08: 00007f6cbabab1e8 R09: 0000000000001010
[ 525.776901][ C0] R10: 00007f6cbabaab58 R11: 0000000000000246 R12: 0000559944fbca20
19:30:02 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x5450, &(0x7f0000000040)={0x4})
19:30:02 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x9effffff, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:02 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x0, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:30:02 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:02 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x5452, &(0x7f0000000040)={0x4})
[ 525.785050][ C0] R13: 0000559944fbca3a R14: 0000559944fc4875 R15: 0000559944fc487a
[ 525.793047][ C0] ---[ end trace 6a9a87c08c22e04f ]---
[ 525.799549][ C0] ------------[ cut here ]------------
[ 525.805070][ C0] WARNING: CPU: 0 PID: 4838 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 525.815944][ C0] Modules linked in:
[ 525.819840][ C0] CPU: 0 PID: 4838 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 525.829826][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
19:30:02 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xefffffff, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 525.839897][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 525.845901][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 525.865550][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 525.871628][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff888105e21000
[ 525.879616][ C0] RDX: 0000000080010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 525.887599][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 525.895576][ C0] R10: 0001ffffffffffff R11: ffff888105e21000 R12: ffff88813bc1da58
[ 525.903666][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 525.911661][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 525.920638][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 525.927227][ C0] CR2: 00007fff78b38c97 CR3: 0000000107aec000 CR4: 00000000001506f0
[ 525.935204][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 525.943180][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 525.951159][ C0] Call Trace:
[ 525.954439][ C0]
[ 525.957280][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 525.963814][ C0] __run_hrtimer+0x163/0x460
[ 525.968444][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 525.974259][ C0] hrtimer_interrupt+0x380/0xaf0
[ 525.979477][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
19:30:02 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x0, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 525.985393][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 525.991046][ C0]
[ 525.993982][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 525.999986][ C0] RIP: 0010:__tsan_read1+0x46/0x180
[ 526.005217][ C0] Code: 30 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 5b 4c 8b 04 c5 38 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 74 4c 8b 04 c5 40 6f f3 88 <49> 83 f8 02 0f 82 95 00 00 00 4d 85 c0 0f 89 8c 00 00 00 4c 21 c1
[ 526.024940][ C0] RSP: 0018:ffffc90000dc3b40 EFLAGS: 00000293
[ 526.031008][ C0] RAX: 0000000000000009 RBX: ffffc90000dc3bd0 RCX: 0001ffffffffffff
[ 526.039254][ C0] RDX: 0001888103849f98 RSI: 000000000886db1e RDI: ffff888103849f98
[ 526.047243][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0001c90000dc3bf7
[ 526.055243][ C0] R10: 0001ffffffffffff R11: 0000000000000200 R12: ffff888103849f80
[ 526.063223][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888107a43810
[ 526.071192][ C0] tomoyo_check_acl+0x6a/0x220
[ 526.075972][ C0] ? tomoyo_execute_permission+0x190/0x190
[ 526.081860][ C0] tomoyo_path_perm+0x22f/0x330
[ 526.086761][ C0] tomoyo_inode_getattr+0x18/0x20
[ 526.091821][ C0] security_inode_getattr+0x7f/0xd0
[ 526.097031][ C0] vfs_statx+0xf8/0x290
[ 526.101203][ C0] __se_sys_newlstat+0x46/0x250
[ 526.106155][ C0] ? __secure_computing+0x12e/0x1c0
[ 526.111353][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 526.116644][ C0] __x64_sys_newlstat+0x2d/0x40
[ 526.121577][ C0] do_syscall_64+0x39/0x80
[ 526.125979][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 526.131895][ C0] RIP: 0033:0x7f6cba8ec335
[ 526.136355][ C0] Code: 69 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 48 89 f0 77 30 48 89 c7 48 89 d6 b8 06 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 03 f3 c3 90 48 8b 15 31 db 2b 00 f7 d8 64 89
[ 526.156365][ C0] RSP: 002b:00007fff78b3abc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[ 526.164770][ C0] RAX: ffffffffffffffda RBX: 0000559944fbda20 RCX: 00007f6cba8ec335
[ 526.172731][ C0] RDX: 00007fff78b3ac00 RSI: 00007fff78b3ac00 RDI: 0000559944fbca20
[ 526.180694][ C0] RBP: 00007fff78b3acc0 R08: 00007f6cbabab1e8 R09: 0000000000001010
[ 526.188947][ C0] R10: 00007f6cbabaab58 R11: 0000000000000246 R12: 0000559944fbca20
[ 526.196907][ C0] R13: 0000559944fbca3a R14: 0000559944fc4875 R15: 0000559944fc487a
[ 526.204878][ C0] ---[ end trace 6a9a87c08c22e050 ]---
[ 526.210710][ C0] ------------[ cut here ]------------
[ 526.216233][ C0] WARNING: CPU: 0 PID: 4838 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 526.227001][ C0] Modules linked in:
[ 526.230905][ C0] CPU: 0 PID: 4838 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 526.240861][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 526.251040][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 526.257063][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 526.276763][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 526.282824][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff888105e21000
[ 526.290808][ C0] RDX: 0000000080010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 526.298783][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 526.306897][ C0] R10: 0001ffffffffffff R11: 0000000000000144 R12: ffff88813bc1da58
[ 526.314930][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 526.322946][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 526.332392][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 526.339183][ C0] CR2: 00007fff78b38c97 CR3: 0000000107aec000 CR4: 00000000001506f0
[ 526.347397][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 526.355368][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 526.363606][ C0] Call Trace:
[ 526.366870][ C0]
[ 526.369699][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 526.375492][ C0] __run_hrtimer+0x163/0x460
[ 526.380071][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 526.385990][ C0] hrtimer_interrupt+0x380/0xaf0
[ 526.391037][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 526.396953][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 526.402690][ C0]
[ 526.405648][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 526.411687][ C0] RIP: 0010:__tsan_read1+0x46/0x180
[ 526.417034][ C0] Code: 30 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 5b 4c 8b 04 c5 38 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 74 4c 8b 04 c5 40 6f f3 88 <49> 83 f8 02 0f 82 95 00 00 00 4d 85 c0 0f 89 8c 00 00 00 4c 21 c1
[ 526.436835][ C0] RSP: 0018:ffffc90000dc3b40 EFLAGS: 00000293
[ 526.442909][ C0] RAX: 0000000000000009 RBX: ffffc90000dc3bd0 RCX: 0001ffffffffffff
[ 526.450891][ C0] RDX: 0001888103849f98 RSI: 000000000886db1e RDI: ffff888103849f98
[ 526.458882][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0001c90000dc3bf7
[ 526.466847][ C0] R10: 0001ffffffffffff R11: 0000000000000200 R12: ffff888103849f80
[ 526.474837][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888107a43810
[ 526.482808][ C0] tomoyo_check_acl+0x6a/0x220
[ 526.487564][ C0] ? tomoyo_execute_permission+0x190/0x190
[ 526.493391][ C0] tomoyo_path_perm+0x22f/0x330
[ 526.498773][ C0] tomoyo_inode_getattr+0x18/0x20
[ 526.503987][ C0] security_inode_getattr+0x7f/0xd0
[ 526.509190][ C0] vfs_statx+0xf8/0x290
[ 526.513359][ C0] __se_sys_newlstat+0x46/0x250
[ 526.518215][ C0] ? __secure_computing+0x12e/0x1c0
[ 526.523410][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 526.528687][ C0] __x64_sys_newlstat+0x2d/0x40
[ 526.533523][ C0] do_syscall_64+0x39/0x80
[ 526.538041][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 526.543941][ C0] RIP: 0033:0x7f6cba8ec335
[ 526.548361][ C0] Code: 69 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 48 89 f0 77 30 48 89 c7 48 89 d6 b8 06 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 03 f3 c3 90 48 8b 15 31 db 2b 00 f7 d8 64 89
[ 526.568149][ C0] RSP: 002b:00007fff78b3abc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[ 526.576594][ C0] RAX: ffffffffffffffda RBX: 0000559944fbda20 RCX: 00007f6cba8ec335
[ 526.585208][ C0] RDX: 00007fff78b3ac00 RSI: 00007fff78b3ac00 RDI: 0000559944fbca20
[ 526.593165][ C0] RBP: 00007fff78b3acc0 R08: 00007f6cbabab1e8 R09: 0000000000001010
[ 526.601404][ C0] R10: 00007f6cbabaab58 R11: 0000000000000246 R12: 0000559944fbca20
[ 526.609386][ C0] R13: 0000559944fbca3a R14: 0000559944fc4875 R15: 0000559944fc487a
[ 526.617384][ C0] ---[ end trace 6a9a87c08c22e051 ]---
[ 526.723184][ C0] ------------[ cut here ]------------
[ 526.728684][ C0] WARNING: CPU: 0 PID: 27744 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 526.739568][ C0] Modules linked in:
[ 526.743481][ C0] CPU: 0 PID: 27744 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 526.753609][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 526.763667][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 526.770823][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 526.790420][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 526.796493][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff88810e7ce000
[ 526.804503][ C0] RDX: 0000000080010001 RSI: 000000000000001f RDI: 0000000000000001
[ 526.812493][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 526.821190][ C0] R10: 0001ffffffffffff R11: 0000000000000061 R12: ffff88813bc1da58
[ 526.829375][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 526.837341][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 526.846313][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 526.852879][ C0] CR2: 0000001b30321000 CR3: 0000000026c14000 CR4: 00000000001506f0
[ 526.860913][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 526.868981][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 526.877048][ C0] Call Trace:
[ 526.880328][ C0]
[ 526.883174][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 526.889415][ C0] __run_hrtimer+0x163/0x460
[ 526.894017][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 526.900276][ C0] hrtimer_interrupt+0x380/0xaf0
[ 526.905221][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 526.911111][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 526.916828][ C0]
[ 526.919784][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 526.925929][ C0] RIP: 0010:__tsan_unaligned_volatile_read8+0x0/0x190
[ 526.932693][ C0] Code: 48 83 78 20 00 75 01 c3 e9 1d 19 00 00 be 04 00 00 00 ba 01 00 00 00 e9 9e 14 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <40> f6 c7 07 0f 84 5c 01 00 00 48 b9 ff ff ff ff ff ff 01 00 89 f8
[ 526.952379][ C0] RSP: 0018:ffffc9000504bb48 EFLAGS: 00000246
[ 526.958538][ C0] RAX: 0000000000000002 RBX: ffffea0004d3d7c0 RCX: 0000000000040000
[ 526.966526][ C0] RDX: ffff88810e7ce000 RSI: 0000000000000000 RDI: ffffea0004d3d7c0
[ 526.974499][ C0] RBP: 0000000000000000 R08: ffffffff815da14c R09: 0001ffff87bb785f
[ 526.982461][ C0] R10: 0001ffffffffffff R11: ffff88810e7ce000 R12: ffffea0004d3d7c0
[ 526.990507][ C0] R13: ffffea00009bb4a8 R14: ffffea0004d3d7c8 R15: dead000000000100
[ 526.998494][ C0] ? mark_page_accessed+0x5c/0x5f0
[ 527.003645][ C0] ? _raw_spin_unlock+0x22/0x40
[ 527.008506][ C0] mark_page_accessed+0x70/0x5f0
[ 527.013468][ C0] ? follow_page_pte+0x87a/0xb90
[ 527.018412][ C0] follow_page_pte+0x8a1/0xb90
[ 527.023283][ C0] ? handle_mm_fault+0x1686/0x1840
[ 527.028408][ C0] follow_pmd_mask+0x4b0/0xee0
[ 527.033187][ C0] follow_page_mask+0x382/0x540
[ 527.038383][ C0] __get_user_pages+0xa00/0x1000
[ 527.043326][ C0] __mm_populate+0x24d/0x380
[ 527.047902][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 527.052525][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 527.057181][ C0] ? switch_fpu_return+0xa/0x10
[ 527.062026][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 527.067772][ C0] do_syscall_64+0x39/0x80
[ 527.072176][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 527.078616][ C0] RIP: 0033:0x466459
[ 527.082639][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 527.102421][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 527.110849][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 527.119541][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 527.127689][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 527.135645][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 527.143616][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 527.151579][ C0] ---[ end trace 6a9a87c08c22e052 ]---
[ 527.157380][ C0] ------------[ cut here ]------------
[ 527.162910][ C0] WARNING: CPU: 0 PID: 27744 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 527.173829][ C0] Modules linked in:
[ 527.177746][ C0] CPU: 0 PID: 27744 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 527.187897][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 527.197972][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 527.203969][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 527.223685][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 527.229755][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88810e7ce000
[ 527.237739][ C0] RDX: 0000000080010001 RSI: 000000000000001a RDI: 0000000000000001
[ 527.245748][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 527.253727][ C0] R10: 0001ffffffffffff R11: 00000000000000b9 R12: ffff88813bc1da58
[ 527.261751][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
19:30:03 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0xe, 0x6})
19:30:03 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xf0ffffff, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:03 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x5460, &(0x7f0000000040)={0x4})
19:30:03 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:03 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xfeff0000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 527.269754][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 527.278806][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 527.285384][ C0] CR2: 0000001b30321000 CR3: 0000000026c14000 CR4: 00000000001506f0
[ 527.293362][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 527.301447][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 527.309441][ C0] Call Trace:
[ 527.312705][ C0]
[ 527.315539][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 527.321384][ C0] __run_hrtimer+0x163/0x460
[ 527.325984][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 527.331794][ C0] hrtimer_interrupt+0x380/0xaf0
[ 527.336766][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 527.342716][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 527.348474][ C0]
[ 527.351390][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 527.357470][ C0] RIP: 0010:__tsan_unaligned_volatile_read8+0x0/0x190
[ 527.364235][ C0] Code: 48 83 78 20 00 75 01 c3 e9 1d 19 00 00 be 04 00 00 00 ba 01 00 00 00 e9 9e 14 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <40> f6 c7 07 0f 84 5c 01 00 00 48 b9 ff ff ff ff ff ff 01 00 89 f8
[ 527.383842][ C0] RSP: 0018:ffffc9000504bb48 EFLAGS: 00000246
[ 527.389895][ C0] RAX: 0000000000000002 RBX: ffffea0004d3d7c0 RCX: 0000000000040000
[ 527.397862][ C0] RDX: ffff88810e7ce000 RSI: 0000000000000000 RDI: ffffea0004d3d7c0
[ 527.405824][ C0] RBP: 0000000000000000 R08: ffffffff815da14c R09: 0001ffff87bb785f
[ 527.413799][ C0] R10: 0001ffffffffffff R11: ffff88810e7ce000 R12: ffffea0004d3d7c0
[ 527.421754][ C0] R13: ffffea00009bb4a8 R14: ffffea0004d3d7c8 R15: dead000000000100
[ 527.429715][ C0] ? mark_page_accessed+0x5c/0x5f0
[ 527.434856][ C0] ? _raw_spin_unlock+0x22/0x40
[ 527.439697][ C0] mark_page_accessed+0x70/0x5f0
[ 527.444654][ C0] ? follow_page_pte+0x87a/0xb90
[ 527.449585][ C0] follow_page_pte+0x8a1/0xb90
[ 527.454366][ C0] ? handle_mm_fault+0x1686/0x1840
[ 527.459470][ C0] follow_pmd_mask+0x4b0/0xee0
[ 527.464229][ C0] follow_page_mask+0x382/0x540
[ 527.469087][ C0] __get_user_pages+0xa00/0x1000
[ 527.474038][ C0] __mm_populate+0x24d/0x380
[ 527.478625][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 527.483225][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 527.487898][ C0] ? switch_fpu_return+0xa/0x10
[ 527.492754][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 527.498493][ C0] do_syscall_64+0x39/0x80
[ 527.504814][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 527.510717][ C0] RIP: 0033:0x466459
[ 527.514612][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 527.534686][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 527.543184][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 527.551142][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 527.559100][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 527.567200][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 527.575192][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 527.583260][ C0] ---[ end trace 6a9a87c08c22e053 ]---
[ 527.589042][ C0] ------------[ cut here ]------------
[ 527.594579][ C0] WARNING: CPU: 0 PID: 27744 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 527.605457][ C0] Modules linked in:
[ 527.609357][ C0] CPU: 0 PID: 27744 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 527.619496][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 527.629768][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 527.635779][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 527.655373][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 527.661421][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88810e7ce000
[ 527.669462][ C0] RDX: 0000000080010001 RSI: 000000000000001a RDI: 0000000000000001
[ 527.677435][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 527.685580][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 527.694597][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 527.702570][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 527.711486][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 527.718081][ C0] CR2: 0000001b30321000 CR3: 0000000026c14000 CR4: 00000000001506f0
[ 527.726396][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 527.734566][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 527.742618][ C0] Call Trace:
[ 527.745892][ C0]
[ 527.748724][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 527.754543][ C0] __run_hrtimer+0x163/0x460
[ 527.759122][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 527.764927][ C0] hrtimer_interrupt+0x380/0xaf0
[ 527.769875][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 527.775756][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 527.781374][ C0]
[ 527.784313][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 527.790307][ C0] RIP: 0010:__tsan_unaligned_volatile_read8+0x0/0x190
[ 527.797090][ C0] Code: 48 83 78 20 00 75 01 c3 e9 1d 19 00 00 be 04 00 00 00 ba 01 00 00 00 e9 9e 14 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <40> f6 c7 07 0f 84 5c 01 00 00 48 b9 ff ff ff ff ff ff 01 00 89 f8
[ 527.816950][ C0] RSP: 0018:ffffc9000504bb48 EFLAGS: 00000246
[ 527.823030][ C0] RAX: 0000000000000002 RBX: ffffea0004d3d7c0 RCX: 0000000000040000
[ 527.831393][ C0] RDX: ffff88810e7ce000 RSI: 0000000000000000 RDI: ffffea0004d3d7c0
[ 527.839364][ C0] RBP: 0000000000000000 R08: ffffffff815da14c R09: 0001ffff87bb785f
[ 527.847326][ C0] R10: 0001ffffffffffff R11: ffff88810e7ce000 R12: ffffea0004d3d7c0
[ 527.855292][ C0] R13: ffffea00009bb4a8 R14: ffffea0004d3d7c8 R15: dead000000000100
[ 527.863314][ C0] ? mark_page_accessed+0x5c/0x5f0
[ 527.870164][ C0] ? _raw_spin_unlock+0x22/0x40
[ 527.875028][ C0] mark_page_accessed+0x70/0x5f0
[ 527.879971][ C0] ? follow_page_pte+0x87a/0xb90
[ 527.885084][ C0] follow_page_pte+0x8a1/0xb90
[ 527.889893][ C0] ? handle_mm_fault+0x1686/0x1840
[ 527.895271][ C0] follow_pmd_mask+0x4b0/0xee0
[ 527.900066][ C0] follow_page_mask+0x382/0x540
[ 527.905102][ C0] __get_user_pages+0xa00/0x1000
[ 527.910060][ C0] __mm_populate+0x24d/0x380
[ 527.914634][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 527.919246][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 527.923937][ C0] ? switch_fpu_return+0xa/0x10
[ 527.928859][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 527.934594][ C0] do_syscall_64+0x39/0x80
[ 527.938995][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 527.944879][ C0] RIP: 0033:0x466459
[ 527.948781][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 527.968420][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 527.977029][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 527.985004][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 527.992988][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 528.001001][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 528.008976][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 528.017231][ C0] ---[ end trace 6a9a87c08c22e054 ]---
19:30:04 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x5452, &(0x7f0000000040)={0x4})
19:30:04 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xff0f0000, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 528.123077][ C0] ------------[ cut here ]------------
[ 528.128583][ C0] WARNING: CPU: 0 PID: 27744 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 528.139484][ C0] Modules linked in:
[ 528.143439][ C0] CPU: 0 PID: 27744 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 528.153600][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 528.163667][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:04 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 528.169680][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 528.189315][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 528.195384][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000020 RCX: ffff88810e7ce000
[ 528.203361][ C0] RDX: 0000000000010000 RSI: 0000000000000020 RDI: 0000000000000001
[ 528.211525][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 528.219991][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 528.227963][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 528.236013][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 528.245109][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 528.251711][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 528.259704][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 528.268141][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 528.276109][ C0] Call Trace:
[ 528.279382][ C0]
[ 528.282221][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 528.288142][ C0] __run_hrtimer+0x163/0x460
[ 528.292755][ C0] hrtimer_interrupt+0x380/0xaf0
[ 528.297703][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 528.303612][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 528.309254][ C0]
[ 528.312202][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 528.319179][ C0] RIP: 0010:__tsan_read8+0x2f/0x180
[ 528.324555][ C0] Code: ff ff ff 01 00 89 f8 c1 e8 0c 83 e0 3f 48 89 fa 48 21 ca 4c 8d 4a 07 4c 8b 04 c5 30 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 5b <4c> 8b 04 c5 38 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 74 4c 8b 04
[ 528.344511][ C0] RSP: 0018:ffffc9000504b6e8 EFLAGS: 00000293
[ 528.350604][ C0] RAX: 000000000000000b RBX: ffffc9000504b770 RCX: 0001ffffffffffff
[ 528.358711][ C0] RDX: 0001c9000504b788 RSI: fffffffffffffffe RDI: ffffc9000504b788
[ 528.366677][ C0] RBP: 0000000000010000 R08: 0000000000000000 R09: 0001c9000504b78f
[ 528.374875][ C0] R10: 0001ffffffffffff R11: ffff88810e7ce000 R12: fffffffffffffffe
[ 528.382948][ C0] R13: ffffc9000504b770 R14: 000000000000035f R15: ffffc9000504b8d0
[ 528.391038][ C0] xas_find+0x26/0x3d0
[ 528.395122][ C0] find_lock_entries+0x90/0x7a0
[ 528.400021][ C0] shmem_undo_range+0x105/0x1220
[ 528.404963][ C0] ? __list_add_valid+0x28/0x90
[ 528.409810][ C0] shmem_evict_inode+0x115/0x550
[ 528.414893][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 528.420729][ C0] ? bit_waitqueue+0x30/0x30
[ 528.425462][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 528.431137][ C0] evict+0x1aa/0x410
[ 528.435169][ C0] iput+0x3fd/0x520
[ 528.438997][ C0] dentry_unlink_inode+0x210/0x220
[ 528.444096][ C0] __dentry_kill+0x293/0x450
[ 528.448763][ C0] dput+0x218/0x430
[ 528.452565][ C0] __fput+0x3b3/0x4f0
[ 528.457189][ C0] ____fput+0x11/0x20
[ 528.461194][ C0] task_work_run+0x8e/0x110
[ 528.465694][ C0] do_exit+0x474/0x1670
[ 528.469933][ C0] ? do_futex+0x1080/0x1cd0
[ 528.474438][ C0] do_group_exit+0xce/0x180
[ 528.478980][ C0] get_signal+0xdce/0x14e0
[ 528.483387][ C0] ? __mm_populate+0x32c/0x380
[ 528.488376][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 528.493951][ C0] ? __se_sys_futex+0x2a8/0x390
[ 528.498808][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 528.504361][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 528.510010][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 528.515482][ C0] do_syscall_64+0x45/0x80
[ 528.519880][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 528.525766][ C0] RIP: 0033:0x466459
[ 528.529766][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 528.536629][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 528.545064][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 528.553039][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 528.561106][ C0] RBP: 000000000056bf60 R08: 0000000000000009 R09: 0000000000000000
[ 528.569082][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 528.577052][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 528.585018][ C0] ---[ end trace 6a9a87c08c22e055 ]---
[ 528.590889][ C0] ------------[ cut here ]------------
[ 528.596380][ C0] WARNING: CPU: 0 PID: 27744 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 528.607250][ C0] Modules linked in:
[ 528.611154][ C0] CPU: 0 PID: 27744 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
19:30:05 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x6364, &(0x7f0000000040)={0x4})
19:30:05 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x5452, &(0x7f0000000040)={0x4})
[ 528.621391][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 528.631458][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 528.637473][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 528.657184][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 528.663255][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff88810e7ce000
[ 528.671262][ C0] RDX: 0000000000010000 RSI: 000000000000001c RDI: 0000000000000001
[ 528.679287][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 528.687354][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 528.695331][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 528.703313][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 528.712255][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 528.718837][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 528.726819][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 528.734831][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 528.742793][ C0] Call Trace:
[ 528.746081][ C0]
[ 528.748907][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 528.754713][ C0] __run_hrtimer+0x163/0x460
[ 528.759287][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 528.765095][ C0] hrtimer_interrupt+0x380/0xaf0
[ 528.770056][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 528.775940][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 528.781597][ C0]
[ 528.784512][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 528.790486][ C0] RIP: 0010:__tsan_read8+0x2f/0x180
[ 528.795693][ C0] Code: ff ff ff 01 00 89 f8 c1 e8 0c 83 e0 3f 48 89 fa 48 21 ca 4c 8d 4a 07 4c 8b 04 c5 30 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 5b <4c> 8b 04 c5 38 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 74 4c 8b 04
[ 528.815393][ C0] RSP: 0018:ffffc9000504b6e8 EFLAGS: 00000293
[ 528.821451][ C0] RAX: 000000000000000b RBX: ffffc9000504b770 RCX: 0001ffffffffffff
[ 528.829435][ C0] RDX: 0001c9000504b788 RSI: fffffffffffffffe RDI: ffffc9000504b788
[ 528.837394][ C0] RBP: 0000000000010000 R08: 0000000000000000 R09: 0001c9000504b78f
[ 528.845368][ C0] R10: 0001ffffffffffff R11: ffff88810e7ce000 R12: fffffffffffffffe
[ 528.853354][ C0] R13: ffffc9000504b770 R14: 000000000000035f R15: ffffc9000504b8d0
[ 528.861340][ C0] xas_find+0x26/0x3d0
[ 528.865404][ C0] find_lock_entries+0x90/0x7a0
[ 528.870335][ C0] shmem_undo_range+0x105/0x1220
[ 528.875284][ C0] ? __list_add_valid+0x28/0x90
[ 528.880129][ C0] shmem_evict_inode+0x115/0x550
[ 528.885088][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 528.890919][ C0] ? bit_waitqueue+0x30/0x30
[ 528.895512][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 528.901172][ C0] evict+0x1aa/0x410
[ 528.905055][ C0] iput+0x3fd/0x520
[ 528.908872][ C0] dentry_unlink_inode+0x210/0x220
[ 528.913976][ C0] __dentry_kill+0x293/0x450
[ 528.918868][ C0] dput+0x218/0x430
[ 528.922677][ C0] __fput+0x3b3/0x4f0
[ 528.926657][ C0] ____fput+0x11/0x20
[ 528.930620][ C0] task_work_run+0x8e/0x110
[ 528.935112][ C0] do_exit+0x474/0x1670
[ 528.939360][ C0] ? do_futex+0x1080/0x1cd0
[ 528.943848][ C0] do_group_exit+0xce/0x180
[ 528.948346][ C0] get_signal+0xdce/0x14e0
[ 528.952762][ C0] ? __mm_populate+0x32c/0x380
[ 528.957544][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 528.963095][ C0] ? __se_sys_futex+0x2a8/0x390
[ 528.967947][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 528.973498][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 528.979933][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 528.985408][ C0] do_syscall_64+0x45/0x80
[ 528.989817][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 528.995711][ C0] RIP: 0033:0x466459
[ 528.999609][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 529.006445][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 529.014858][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 529.022833][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 529.030794][ C0] RBP: 000000000056bf60 R08: 0000000000000009 R09: 0000000000000000
[ 529.038753][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 529.046827][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 529.054904][ C0] ---[ end trace 6a9a87c08c22e056 ]---
[ 529.060814][ C0] ------------[ cut here ]------------
[ 529.066287][ C0] WARNING: CPU: 0 PID: 27744 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 529.077238][ C0] Modules linked in:
[ 529.081129][ C0] CPU: 0 PID: 27744 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 529.091291][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 529.101358][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 529.107334][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 529.126945][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 529.133013][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff88810e7ce000
[ 529.140970][ C0] RDX: 0000000000010000 RSI: 000000000000001c RDI: 0000000000000001
[ 529.148928][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 529.156885][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 529.164843][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 529.172914][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 529.181842][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 529.188414][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 529.196731][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 529.205230][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 529.213189][ C0] Call Trace:
[ 529.216575][ C0]
[ 529.219427][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 529.225224][ C0] __run_hrtimer+0x163/0x460
[ 529.229809][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 529.235613][ C0] hrtimer_interrupt+0x380/0xaf0
[ 529.243844][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 529.249731][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 529.255384][ C0]
[ 529.258323][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 529.264286][ C0] RIP: 0010:__tsan_read8+0x2f/0x180
[ 529.269591][ C0] Code: ff ff ff 01 00 89 f8 c1 e8 0c 83 e0 3f 48 89 fa 48 21 ca 4c 8d 4a 07 4c 8b 04 c5 30 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 5b <4c> 8b 04 c5 38 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 74 4c 8b 04
[ 529.289209][ C0] RSP: 0018:ffffc9000504b6e8 EFLAGS: 00000293
[ 529.295293][ C0] RAX: 000000000000000b RBX: ffffc9000504b770 RCX: 0001ffffffffffff
[ 529.303293][ C0] RDX: 0001c9000504b788 RSI: fffffffffffffffe RDI: ffffc9000504b788
[ 529.311283][ C0] RBP: 0000000000010000 R08: 0000000000000000 R09: 0001c9000504b78f
[ 529.319300][ C0] R10: 0001ffffffffffff R11: ffff88810e7ce000 R12: fffffffffffffffe
[ 529.328029][ C0] R13: ffffc9000504b770 R14: 000000000000035f R15: ffffc9000504b8d0
[ 529.336021][ C0] xas_find+0x26/0x3d0
[ 529.340100][ C0] find_lock_entries+0x90/0x7a0
[ 529.344975][ C0] shmem_undo_range+0x105/0x1220
[ 529.349945][ C0] ? __list_add_valid+0x28/0x90
[ 529.354794][ C0] shmem_evict_inode+0x115/0x550
[ 529.359741][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 529.365469][ C0] ? bit_waitqueue+0x30/0x30
[ 529.370056][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 529.375593][ C0] evict+0x1aa/0x410
[ 529.379489][ C0] iput+0x3fd/0x520
[ 529.383300][ C0] dentry_unlink_inode+0x210/0x220
[ 529.388421][ C0] __dentry_kill+0x293/0x450
[ 529.393027][ C0] dput+0x218/0x430
[ 529.397157][ C0] __fput+0x3b3/0x4f0
[ 529.401481][ C0] ____fput+0x11/0x20
[ 529.405467][ C0] task_work_run+0x8e/0x110
[ 529.409958][ C0] do_exit+0x474/0x1670
[ 529.414132][ C0] ? do_futex+0x1080/0x1cd0
[ 529.418674][ C0] do_group_exit+0xce/0x180
[ 529.423446][ C0] get_signal+0xdce/0x14e0
[ 529.427900][ C0] ? __mm_populate+0x32c/0x380
[ 529.432690][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 529.438284][ C0] ? __se_sys_futex+0x2a8/0x390
[ 529.443136][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 529.448916][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 529.454654][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 529.460133][ C0] do_syscall_64+0x45/0x80
[ 529.464564][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 529.470550][ C0] RIP: 0033:0x466459
[ 529.474452][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 529.481282][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 529.489701][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 529.497757][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 529.505740][ C0] RBP: 000000000056bf60 R08: 0000000000000009 R09: 0000000000000000
[ 529.513719][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
19:30:06 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0x0, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:30:06 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xffffa888, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 529.521922][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 529.529962][ C0] ---[ end trace 6a9a87c08c22e057 ]---
[ 529.635904][ C0] ------------[ cut here ]------------
[ 529.641440][ C0] WARNING: CPU: 0 PID: 27776 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 529.652770][ C0] Modules linked in:
[ 529.656683][ C0] CPU: 0 PID: 27776 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 529.666868][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 529.676936][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 529.682929][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 529.702563][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 529.708776][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000022 RCX: ffff888109155000
[ 529.717105][ C0] RDX: 0000000080010000 RSI: 0000000000000022 RDI: 0000000000000001
[ 529.725103][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 529.733145][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 529.741122][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 529.749092][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 529.758057][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 529.764644][ C0] CR2: 00000000005400f8 CR3: 000000003e19e000 CR4: 00000000001506f0
[ 529.772626][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 529.780583][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 529.788645][ C0] Call Trace:
[ 529.791959][ C0]
[ 529.795056][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 529.800876][ C0] __run_hrtimer+0x163/0x460
[ 529.805477][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 529.811738][ C0] hrtimer_interrupt+0x380/0xaf0
[ 529.816754][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 529.822909][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 529.828550][ C0]
[ 529.831470][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 529.837443][ C0] RIP: 0010:__tsan_read1+0x136/0x180
[ 529.842864][ C0] Code: 00 48 05 c0 0a 00 00 8b 48 04 85 c9 7e 16 65 8b 15 57 b2 aa 7e f7 c2 00 00 0e 00 75 28 ff c9 89 48 04 eb 21 83 78 08 00 7f 1b <80> 78 0c 00 75 15 48 c7 c1 ff ff ff ff 65 48 0f c1 0d 44 b6 ab 7e
[ 529.862785][ C0] RSP: 0018:ffffc900051fba20 EFLAGS: 00000246
[ 529.868852][ C0] RAX: ffff888109155ac0 RBX: ffffc900051fbb38 RCX: 0000000000000000
[ 529.877779][ C0] RDX: 0001888017b35480 RSI: 0000000000000002 RDI: ffff888017b35480
[ 529.886068][ C0] RBP: 0000000000000002 R08: 0000000000000000 R09: 0001c900051fbb47
[ 529.894561][ C0] R10: 0000000000000002 R11: ffff888109155000 R12: 0000000000000520
[ 529.902543][ C0] R13: ffff888017b35482 R14: ffffc900051fbb38 R15: 0000000000000003
[ 529.910703][ C0] xas_load+0x175/0x360
[ 529.915113][ C0] ? __mod_memcg_lruvec_state+0xfa/0x260
[ 529.920864][ C0] xas_find+0xf4/0x3d0
[ 529.924930][ C0] ? unlock_page_memcg+0xac/0xc0
[ 529.929868][ C0] filemap_map_pages+0xca/0x770
[ 529.934731][ C0] ? do_set_pte+0x2a4/0x480
[ 529.939245][ C0] do_read_fault+0x217/0x530
[ 529.943845][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 529.949643][ C0] handle_mm_fault+0x1019/0x1840
[ 529.954591][ C0] __get_user_pages+0xa47/0x1000
[ 529.959532][ C0] __mm_populate+0x24d/0x380
[ 529.964119][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 529.968771][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 529.973620][ C0] ? switch_fpu_return+0xa/0x10
[ 529.978509][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 529.984226][ C0] do_syscall_64+0x39/0x80
[ 529.988690][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 529.994634][ C0] RIP: 0033:0x466459
[ 529.998527][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 530.018269][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 530.026705][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 530.034669][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 530.042636][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 530.050613][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 530.058780][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 530.066787][ C0] ---[ end trace 6a9a87c08c22e058 ]---
[ 530.072559][ C0] ------------[ cut here ]------------
19:30:06 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x10, 0x6})
19:30:06 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r1, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:06 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xffffff7f, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 530.078029][ C0] WARNING: CPU: 0 PID: 27776 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 530.088926][ C0] Modules linked in:
[ 530.092830][ C0] CPU: 0 PID: 27776 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 530.103033][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 530.113096][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:06 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r1, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:06 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x5452, &(0x7f0000000040)={0x4})
[ 530.119098][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 530.138820][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 530.144899][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff888109155000
[ 530.153158][ C0] RDX: 0000000080010000 RSI: 000000000000001b RDI: 0000000000000001
[ 530.161144][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 530.169139][ C0] R10: 0001ffffffffffff R11: ffff888109155000 R12: ffff88813bc1da58
[ 530.177144][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
19:30:06 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xffffff81, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 530.185137][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 530.194086][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 530.200683][ C0] CR2: 00000000005400f8 CR3: 000000003e19e000 CR4: 00000000001506f0
[ 530.208876][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 530.217270][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 530.225335][ C0] Call Trace:
[ 530.228623][ C0]
[ 530.231456][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 530.237294][ C0] __run_hrtimer+0x163/0x460
[ 530.241874][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 530.247767][ C0] hrtimer_interrupt+0x380/0xaf0
[ 530.252899][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 530.258824][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 530.264493][ C0]
[ 530.267430][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 530.273425][ C0] RIP: 0010:__tsan_read1+0x136/0x180
[ 530.278720][ C0] Code: 00 48 05 c0 0a 00 00 8b 48 04 85 c9 7e 16 65 8b 15 57 b2 aa 7e f7 c2 00 00 0e 00 75 28 ff c9 89 48 04 eb 21 83 78 08 00 7f 1b <80> 78 0c 00 75 15 48 c7 c1 ff ff ff ff 65 48 0f c1 0d 44 b6 ab 7e
[ 530.298360][ C0] RSP: 0018:ffffc900051fba20 EFLAGS: 00000246
[ 530.304432][ C0] RAX: ffff888109155ac0 RBX: ffffc900051fbb38 RCX: 0000000000000000
[ 530.313235][ C0] RDX: 0001888017b35480 RSI: 0000000000000002 RDI: ffff888017b35480
[ 530.321313][ C0] RBP: 0000000000000002 R08: 0000000000000000 R09: 0001c900051fbb47
[ 530.329392][ C0] R10: 0000000000000002 R11: ffff888109155000 R12: 0000000000000520
[ 530.337370][ C0] R13: ffff888017b35482 R14: ffffc900051fbb38 R15: 0000000000000003
[ 530.346220][ C0] xas_load+0x175/0x360
[ 530.350399][ C0] ? __mod_memcg_lruvec_state+0xfa/0x260
[ 530.356029][ C0] xas_find+0xf4/0x3d0
[ 530.360126][ C0] ? unlock_page_memcg+0xac/0xc0
[ 530.365050][ C0] filemap_map_pages+0xca/0x770
[ 530.369891][ C0] ? do_set_pte+0x2a4/0x480
[ 530.374387][ C0] do_read_fault+0x217/0x530
[ 530.378966][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 530.384760][ C0] handle_mm_fault+0x1019/0x1840
[ 530.389729][ C0] __get_user_pages+0xa47/0x1000
[ 530.394669][ C0] __mm_populate+0x24d/0x380
[ 530.399605][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 530.404244][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 530.408925][ C0] ? switch_fpu_return+0xa/0x10
[ 530.413765][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 530.419480][ C0] do_syscall_64+0x39/0x80
[ 530.423903][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 530.429787][ C0] RIP: 0033:0x466459
[ 530.433685][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 530.453415][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 530.461847][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 530.469963][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 530.478290][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 530.486274][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 530.494230][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 530.502205][ C0] ---[ end trace 6a9a87c08c22e059 ]---
[ 530.508048][ C0] ------------[ cut here ]------------
[ 530.513521][ C0] WARNING: CPU: 0 PID: 27776 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 530.524389][ C0] Modules linked in:
[ 530.528282][ C0] CPU: 0 PID: 27776 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 530.538453][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 530.548687][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 530.554660][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 530.574254][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 530.580322][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff888109155000
[ 530.588328][ C0] RDX: 0000000080010000 RSI: 000000000000001a RDI: 0000000000000001
[ 530.596308][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 530.604271][ C0] R10: 0001ffffffffffff R11: ffff888109155000 R12: ffff88813bc1da58
[ 530.612336][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 530.620489][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 530.629583][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 530.636166][ C0] CR2: 00000000005400f8 CR3: 000000003e19e000 CR4: 00000000001506f0
[ 530.644148][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 530.652111][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 530.660071][ C0] Call Trace:
[ 530.663334][ C0]
[ 530.666181][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 530.671975][ C0] __run_hrtimer+0x163/0x460
[ 530.676552][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 530.682380][ C0] hrtimer_interrupt+0x380/0xaf0
[ 530.687305][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 530.693304][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 530.698922][ C0]
[ 530.701833][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 530.707813][ C0] RIP: 0010:__tsan_read1+0x136/0x180
[ 530.713105][ C0] Code: 00 48 05 c0 0a 00 00 8b 48 04 85 c9 7e 16 65 8b 15 57 b2 aa 7e f7 c2 00 00 0e 00 75 28 ff c9 89 48 04 eb 21 83 78 08 00 7f 1b <80> 78 0c 00 75 15 48 c7 c1 ff ff ff ff 65 48 0f c1 0d 44 b6 ab 7e
[ 530.732717][ C0] RSP: 0018:ffffc900051fba20 EFLAGS: 00000246
[ 530.738778][ C0] RAX: ffff888109155ac0 RBX: ffffc900051fbb38 RCX: 0000000000000000
[ 530.746866][ C0] RDX: 0001888017b35480 RSI: 0000000000000002 RDI: ffff888017b35480
[ 530.754826][ C0] RBP: 0000000000000002 R08: 0000000000000000 R09: 0001c900051fbb47
[ 530.762786][ C0] R10: 0000000000000002 R11: ffff888109155000 R12: 0000000000000520
[ 530.770761][ C0] R13: ffff888017b35482 R14: ffffc900051fbb38 R15: 0000000000000003
[ 530.778841][ C0] xas_load+0x175/0x360
[ 530.782989][ C0] ? __mod_memcg_lruvec_state+0xfa/0x260
[ 530.788647][ C0] xas_find+0xf4/0x3d0
[ 530.792737][ C0] ? unlock_page_memcg+0xac/0xc0
[ 530.797659][ C0] filemap_map_pages+0xca/0x770
[ 530.802524][ C0] ? do_set_pte+0x2a4/0x480
[ 530.807018][ C0] do_read_fault+0x217/0x530
[ 530.811641][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 530.817456][ C0] handle_mm_fault+0x1019/0x1840
[ 530.822412][ C0] __get_user_pages+0xa47/0x1000
[ 530.827623][ C0] __mm_populate+0x24d/0x380
[ 530.832222][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 530.836797][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 530.841474][ C0] ? switch_fpu_return+0xa/0x10
[ 530.846360][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 530.852065][ C0] do_syscall_64+0x39/0x80
[ 530.856517][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 530.862426][ C0] RIP: 0033:0x466459
[ 530.866302][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 530.886068][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 530.894470][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 530.902616][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 530.910581][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 530.918676][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 530.926636][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 530.934616][ C0] ---[ end trace 6a9a87c08c22e05a ]---
19:30:07 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xffffff9e, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:07 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0x0, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 531.040470][ C0] ------------[ cut here ]------------
[ 531.045958][ C0] WARNING: CPU: 0 PID: 27795 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 531.056829][ C0] Modules linked in:
[ 531.060772][ C0] CPU: 0 PID: 27795 Comm: syz-executor.1 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 531.070936][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 531.080998][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 531.086993][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 531.106622][ C0] RSP: 0000:ffffc90000003e18 EFLAGS: 00010046
[ 531.112698][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000020 RCX: ffff88810d996000
[ 531.120689][ C0] RDX: 0000000080010000 RSI: 0000000000000020 RDI: 0000000000000001
[ 531.128808][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 531.136804][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 531.144796][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 531.152837][ C0] FS: 0000000001f25400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 531.161868][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 531.168458][ C0] CR2: 0000000020000040 CR3: 000000003e17e000 CR4: 00000000001506f0
[ 531.176446][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 531.184420][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 531.192614][ C0] Call Trace:
[ 531.195880][ C0]
[ 531.198711][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 531.204637][ C0] __run_hrtimer+0x163/0x460
[ 531.209349][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 531.215560][ C0] hrtimer_interrupt+0x380/0xaf0
[ 531.220501][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 531.226428][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 531.232071][ C0]
[ 531.234992][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 531.241058][ C0] RIP: 0010:clear_huge_page+0x176/0x680
[ 531.246601][ C0] Code: 1d 01 00 00 e8 6b df e1 ff 48 b8 00 00 00 00 01 00 00 00 49 01 c4 49 ff c7 e9 36 ff ff ff e8 51 df e1 ff e8 23 dd 9b ff eb cc <48> 89 5c 24 08 44 89 e7 44 89 ee e8 da e0 e1 ff 45 39 ec 0f 8d ea
[ 531.266595][ C0] RSP: 0000:ffffc9000518bc38 EFLAGS: 00000287
[ 531.272815][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88810d996000
[ 531.281058][ C0] RDX: ffff88810d996000 RSI: 0000000000000200 RDI: 0000000000000000
[ 531.289121][ C0] RBP: 0000000020000000 R08: ffffffff8164509c R09: 0001c9000518be0f
[ 531.297084][ C0] R10: 0000000000000000 R11: ffffffff85e62410 R12: 0000000000000000
[ 531.305067][ C0] R13: 0000000000000200 R14: ffffc9000518bdf0 R15: ffffc9000518bdf0
[ 531.313044][ C0] ? clear_huge_page+0x5c/0x680
[ 531.317899][ C0] ? clear_huge_page+0x5c/0x680
[ 531.322761][ C0] __do_huge_pmd_anonymous_page+0x12e/0x980
[ 531.328666][ C0] ? alloc_pages_vma+0x725/0x890
[ 531.333641][ C0] do_huge_pmd_anonymous_page+0x6bc/0xa90
[ 531.339760][ C0] ? __rcu_read_unlock+0x5c/0x250
[ 531.344802][ C0] handle_mm_fault+0x1267/0x1840
[ 531.349785][ C0] do_user_addr_fault+0x60c/0xc00
[ 531.354825][ C0] exc_page_fault+0x94/0x2a0
[ 531.359432][ C0] ? asm_exc_page_fault+0x8/0x30
[ 531.364382][ C0] asm_exc_page_fault+0x1e/0x30
[ 531.369243][ C0] RIP: 0033:0x407979
[ 531.373207][ C0] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 531.392798][ C0] RSP: 002b:00007ffc7bb46560 EFLAGS: 00010246
[ 531.398879][ C0] RAX: 0000000020000040 RBX: 0000000000970000 RCX: 0000000000000000
[ 531.406865][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001f252f0
[ 531.414823][ C0] RBP: 00007ffc7bb46658 R08: 0000000000000000 R09: 0000000000000000
[ 531.422793][ C0] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000081a4e
[ 531.430962][ C0] R13: 00000000000003e8 R14: 000000000056bf60 R15: 0000000000081a4e
19:30:08 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x8904, &(0x7f0000000040)={0x4})
19:30:08 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r1, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 531.438924][ C0] ---[ end trace 6a9a87c08c22e05b ]---
[ 531.445580][ C0] ------------[ cut here ]------------
[ 531.451089][ C0] WARNING: CPU: 0 PID: 27795 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 531.462048][ C0] Modules linked in:
[ 531.465941][ C0] CPU: 0 PID: 27795 Comm: syz-executor.1 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 531.476126][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 531.486185][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:08 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x11, 0x6})
[ 531.492183][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 531.511974][ C0] RSP: 0000:ffffc90000003e18 EFLAGS: 00010046
[ 531.518074][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff88810d996000
[ 531.526053][ C0] RDX: 0000000080010000 RSI: 0000000000000018 RDI: 0000000000000001
[ 531.534035][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 531.542021][ C0] R10: 0001ffffffffffff R11: 00000000000002db R12: ffff88813bc1da58
[ 531.550002][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 531.557997][ C0] FS: 0000000001f25400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 531.566933][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 531.573526][ C0] CR2: 0000000020000040 CR3: 000000003e17e000 CR4: 00000000001506f0
[ 531.581496][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 531.589589][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 531.597686][ C0] Call Trace:
[ 531.601678][ C0]
[ 531.604513][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 531.610331][ C0] __run_hrtimer+0x163/0x460
[ 531.614916][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 531.620740][ C0] hrtimer_interrupt+0x380/0xaf0
[ 531.625672][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 531.631570][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 531.637237][ C0]
[ 531.640177][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 531.646191][ C0] RIP: 0010:clear_huge_page+0x176/0x680
[ 531.651743][ C0] Code: 1d 01 00 00 e8 6b df e1 ff 48 b8 00 00 00 00 01 00 00 00 49 01 c4 49 ff c7 e9 36 ff ff ff e8 51 df e1 ff e8 23 dd 9b ff eb cc <48> 89 5c 24 08 44 89 e7 44 89 ee e8 da e0 e1 ff 45 39 ec 0f 8d ea
[ 531.671514][ C0] RSP: 0000:ffffc9000518bc38 EFLAGS: 00000287
[ 531.677599][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88810d996000
[ 531.686705][ C0] RDX: ffff88810d996000 RSI: 0000000000000200 RDI: 0000000000000000
[ 531.694756][ C0] RBP: 0000000020000000 R08: ffffffff8164509c R09: 0001c9000518be0f
[ 531.703434][ C0] R10: 0000000000000000 R11: ffffffff85e62410 R12: 0000000000000000
[ 531.711528][ C0] R13: 0000000000000200 R14: ffffc9000518bdf0 R15: ffffc9000518bdf0
[ 531.720512][ C0] ? clear_huge_page+0x5c/0x680
[ 531.725510][ C0] ? clear_huge_page+0x5c/0x680
[ 531.730463][ C0] __do_huge_pmd_anonymous_page+0x12e/0x980
[ 531.736519][ C0] ? alloc_pages_vma+0x725/0x890
[ 531.742093][ C0] do_huge_pmd_anonymous_page+0x6bc/0xa90
[ 531.747895][ C0] ? __rcu_read_unlock+0x5c/0x250
[ 531.752913][ C0] handle_mm_fault+0x1267/0x1840
[ 531.757972][ C0] do_user_addr_fault+0x60c/0xc00
[ 531.763008][ C0] exc_page_fault+0x94/0x2a0
[ 531.767593][ C0] ? asm_exc_page_fault+0x8/0x30
[ 531.772538][ C0] asm_exc_page_fault+0x1e/0x30
[ 531.777385][ C0] RIP: 0033:0x407979
[ 531.781279][ C0] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 531.800876][ C0] RSP: 002b:00007ffc7bb46560 EFLAGS: 00010246
[ 531.806947][ C0] RAX: 0000000020000040 RBX: 0000000000970000 RCX: 0000000000000000
[ 531.815015][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001f252f0
[ 531.823231][ C0] RBP: 00007ffc7bb46658 R08: 0000000000000000 R09: 0000000000000000
[ 531.831198][ C0] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000081a4e
[ 531.839266][ C0] R13: 00000000000003e8 R14: 000000000056bf60 R15: 0000000000081a4e
[ 531.847259][ C0] ---[ end trace 6a9a87c08c22e05c ]---
[ 531.853027][ C0] ------------[ cut here ]------------
[ 531.858516][ C0] WARNING: CPU: 0 PID: 27795 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 531.869386][ C0] Modules linked in:
[ 531.873310][ C0] CPU: 0 PID: 27795 Comm: syz-executor.1 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 531.883451][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 531.893512][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 531.899487][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 531.919190][ C0] RSP: 0000:ffffc90000003e18 EFLAGS: 00010046
[ 531.925490][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff88810d996000
[ 531.933482][ C0] RDX: 0000000000010000 RSI: 0000000000000018 RDI: 0000000000000001
[ 531.941455][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 531.949449][ C0] R10: 0001ffffffffffff R11: 000000000000012a R12: ffff88813bc1da58
[ 531.957445][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 531.965420][ C0] FS: 0000000001f25400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 531.974612][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 531.981280][ C0] CR2: 0000000020000040 CR3: 000000003e17e000 CR4: 00000000001506f0
[ 531.989266][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 531.997257][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 532.005228][ C0] Call Trace:
[ 532.008722][ C0]
[ 532.011563][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 532.017539][ C0] __run_hrtimer+0x163/0x460
[ 532.022141][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 532.027967][ C0] hrtimer_interrupt+0x380/0xaf0
[ 532.033009][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 532.038906][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 532.044599][ C0]
[ 532.047533][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 532.053527][ C0] RIP: 0010:clear_huge_page+0x176/0x680
[ 532.059179][ C0] Code: 1d 01 00 00 e8 6b df e1 ff 48 b8 00 00 00 00 01 00 00 00 49 01 c4 49 ff c7 e9 36 ff ff ff e8 51 df e1 ff e8 23 dd 9b ff eb cc <48> 89 5c 24 08 44 89 e7 44 89 ee e8 da e0 e1 ff 45 39 ec 0f 8d ea
[ 532.078793][ C0] RSP: 0000:ffffc9000518bc38 EFLAGS: 00000287
[ 532.084854][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88810d996000
[ 532.093070][ C0] RDX: ffff88810d996000 RSI: 0000000000000200 RDI: 0000000000000000
[ 532.101065][ C0] RBP: 0000000020000000 R08: ffffffff8164509c R09: 0001c9000518be0f
[ 532.109137][ C0] R10: 0000000000000000 R11: ffffffff85e62410 R12: 0000000000000000
[ 532.117111][ C0] R13: 0000000000000200 R14: ffffc9000518bdf0 R15: ffffc9000518bdf0
[ 532.125070][ C0] ? clear_huge_page+0x5c/0x680
[ 532.129961][ C0] ? clear_huge_page+0x5c/0x680
[ 532.134815][ C0] __do_huge_pmd_anonymous_page+0x12e/0x980
[ 532.140715][ C0] ? alloc_pages_vma+0x725/0x890
[ 532.145643][ C0] do_huge_pmd_anonymous_page+0x6bc/0xa90
[ 532.151475][ C0] ? __rcu_read_unlock+0x5c/0x250
[ 532.156493][ C0] handle_mm_fault+0x1267/0x1840
[ 532.161447][ C0] do_user_addr_fault+0x60c/0xc00
[ 532.166475][ C0] exc_page_fault+0x94/0x2a0
[ 532.171186][ C0] ? asm_exc_page_fault+0x8/0x30
[ 532.176259][ C0] asm_exc_page_fault+0x1e/0x30
[ 532.181120][ C0] RIP: 0033:0x407979
[ 532.185098][ C0] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 532.205078][ C0] RSP: 002b:00007ffc7bb46560 EFLAGS: 00010246
[ 532.211149][ C0] RAX: 0000000020000040 RBX: 0000000000970000 RCX: 0000000000000000
[ 532.219120][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001f252f0
[ 532.227098][ C0] RBP: 00007ffc7bb46658 R08: 0000000000000000 R09: 0000000000000000
[ 532.235162][ C0] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000081a4e
[ 532.243322][ C0] R13: 00000000000003e8 R14: 000000000056bf60 R15: 0000000000081a4e
[ 532.251405][ C0] ---[ end trace 6a9a87c08c22e05d ]---
[ 532.357228][ C0] ------------[ cut here ]------------
[ 532.362832][ C0] WARNING: CPU: 0 PID: 27807 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 532.373707][ C0] Modules linked in:
[ 532.377657][ C0] CPU: 0 PID: 27807 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 532.388067][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 532.398125][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 532.404135][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 532.423745][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 532.429799][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff88810e7ce000
[ 532.437835][ C0] RDX: 0000000080010000 RSI: 000000000000001f RDI: 0000000000000001
[ 532.445885][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 532.453863][ C0] R10: 0001ffffffffffff R11: 0000000000000087 R12: ffff88813bc1da58
[ 532.461922][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 532.469905][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 532.478820][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 532.485389][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 532.493353][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 532.501314][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 532.509633][ C0] Call Trace:
[ 532.512992][ C0]
[ 532.515830][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 532.521641][ C0] __run_hrtimer+0x163/0x460
[ 532.526217][ C0] hrtimer_interrupt+0x380/0xaf0
[ 532.531178][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 532.537060][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 532.542674][ C0]
[ 532.545588][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 532.551565][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[ 532.557648][ C0] Code: 8b 3d 2c 41 75 06 48 89 de e8 9c dd 26 00 5b c3 66 2e 0f 1f 84 00 00 00 00 00 e9 9b ae 10 00 cc cc cc cc cc cc cc cc cc cc cc <48> 8b 04 24 65 48 8b 0c 25 00 6d 01 00 65 8b 15 f4 3b bb 7e f7 c2
[ 532.577497][ C0] RSP: 0018:ffffc900054437b8 EFLAGS: 00000202
[ 532.583573][ C0] RAX: ffffffff8168ecbe RBX: 0000000000000143 RCX: ffff88810e7ce000
[ 532.591530][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 532.599493][ C0] RBP: 0000000000000000 R08: ffffffff8168ecaf R09: 000188803e1615e7
[ 532.607477][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: ffffea0004236248
[ 532.615453][ C0] R13: ffff88803e1615e0 R14: ffffea0004346880 R15: 0000000000000000
[ 532.623414][ C0] ? free_pages_and_swap_cache+0xbf/0x1f0
[ 532.629495][ C0] ? free_pages_and_swap_cache+0xce/0x1f0
[ 532.635214][ C0] free_pages_and_swap_cache+0x18e/0x1f0
[ 532.640885][ C0] tlb_flush_mmu+0x597/0x5f0
[ 532.645460][ C0] ? cpumask_any_but+0x6f/0x80
[ 532.650314][ C0] zap_pte_range+0x1168/0x13f0
[ 532.655098][ C0] ? xas_store+0x88f/0xcf0
[ 532.659518][ C0] unmap_page_range+0x540/0x650
[ 532.664421][ C0] unmap_single_vma+0x157/0x210
[ 532.669279][ C0] unmap_vmas+0xc0/0x170
[ 532.673527][ C0] exit_mmap+0x1be/0x400
[ 532.677844][ C0] __mmput+0xa2/0x220
[ 532.681841][ C0] mmput+0x3d/0x50
[ 532.685545][ C0] exit_mm+0x344/0x430
[ 532.689631][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 532.695423][ C0] ? taskstats_exit+0x334/0x730
[ 532.700259][ C0] ? acct_collect+0x3a4/0x400
[ 532.704927][ C0] do_exit+0x3ff/0x1670
[ 532.709092][ C0] ? do_futex+0x1080/0x1cd0
[ 532.713634][ C0] do_group_exit+0xce/0x180
[ 532.718124][ C0] get_signal+0xdce/0x14e0
[ 532.722533][ C0] ? __mm_populate+0x32c/0x380
[ 532.727286][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 532.732956][ C0] ? __se_sys_futex+0x2a8/0x390
[ 532.737808][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 532.743353][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 532.748986][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 532.754439][ C0] do_syscall_64+0x45/0x80
[ 532.758880][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 532.764768][ C0] RIP: 0033:0x466459
[ 532.768673][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 532.775517][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 532.783919][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 532.791888][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 532.800022][ C0] RBP: 000000000056bf60 R08: 0000000000000009 R09: 0000000000000000
[ 532.807997][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 532.817020][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 532.825013][ C0] ---[ end trace 6a9a87c08c22e05e ]---
[ 532.830988][ C0] ------------[ cut here ]------------
[ 532.836905][ C0] WARNING: CPU: 0 PID: 27807 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 532.847769][ C0] Modules linked in:
19:30:09 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
19:30:09 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x12, 0x6})
19:30:09 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xffffffef, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:09 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r1, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 532.851681][ C0] CPU: 0 PID: 27807 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 532.862134][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 532.872460][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 532.878456][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 532.898392][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 532.904446][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff88810e7ce000
[ 532.912405][ C0] RDX: 0000000000010000 RSI: 000000000000001c RDI: 0000000000000001
[ 532.920386][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 532.928365][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 532.937472][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 532.945456][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 532.954376][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 532.960951][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 532.968923][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 532.976909][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 532.984888][ C0] Call Trace:
[ 532.988162][ C0]
[ 532.990994][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 532.996794][ C0] __run_hrtimer+0x163/0x460
[ 533.001404][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 533.007215][ C0] hrtimer_interrupt+0x380/0xaf0
[ 533.012202][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 533.018243][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 533.024006][ C0]
[ 533.026941][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 533.032930][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[ 533.039093][ C0] Code: 8b 3d 2c 41 75 06 48 89 de e8 9c dd 26 00 5b c3 66 2e 0f 1f 84 00 00 00 00 00 e9 9b ae 10 00 cc cc cc cc cc cc cc cc cc cc cc <48> 8b 04 24 65 48 8b 0c 25 00 6d 01 00 65 8b 15 f4 3b bb 7e f7 c2
[ 533.058704][ C0] RSP: 0018:ffffc900054437b8 EFLAGS: 00000202
[ 533.064771][ C0] RAX: ffffffff8168ecbe RBX: 0000000000000143 RCX: ffff88810e7ce000
[ 533.072747][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 533.080731][ C0] RBP: 0000000000000000 R08: ffffffff8168ecaf R09: 000188803e1615e7
[ 533.088703][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: ffffea0004236248
[ 533.096660][ C0] R13: ffff88803e1615e0 R14: ffffea0004346880 R15: 0000000000000000
[ 533.104624][ C0] ? free_pages_and_swap_cache+0xbf/0x1f0
[ 533.110777][ C0] ? free_pages_and_swap_cache+0xce/0x1f0
[ 533.116668][ C0] free_pages_and_swap_cache+0x18e/0x1f0
[ 533.122300][ C0] tlb_flush_mmu+0x597/0x5f0
[ 533.126886][ C0] ? cpumask_any_but+0x6f/0x80
[ 533.131664][ C0] zap_pte_range+0x1168/0x13f0
[ 533.136541][ C0] ? xas_store+0x88f/0xcf0
[ 533.140986][ C0] unmap_page_range+0x540/0x650
[ 533.145855][ C0] unmap_single_vma+0x157/0x210
[ 533.150696][ C0] unmap_vmas+0xc0/0x170
[ 533.154949][ C0] exit_mmap+0x1be/0x400
[ 533.159182][ C0] __mmput+0xa2/0x220
[ 533.163155][ C0] mmput+0x3d/0x50
[ 533.166882][ C0] exit_mm+0x344/0x430
[ 533.170972][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 533.176773][ C0] ? taskstats_exit+0x334/0x730
[ 533.181644][ C0] ? acct_collect+0x3a4/0x400
[ 533.186312][ C0] do_exit+0x3ff/0x1670
[ 533.190496][ C0] ? do_futex+0x1080/0x1cd0
[ 533.195168][ C0] do_group_exit+0xce/0x180
[ 533.199678][ C0] get_signal+0xdce/0x14e0
[ 533.204093][ C0] ? __mm_populate+0x32c/0x380
[ 533.208940][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 533.214471][ C0] ? __se_sys_futex+0x2a8/0x390
[ 533.219307][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 533.224850][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 533.230486][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 533.235941][ C0] do_syscall_64+0x45/0x80
[ 533.240349][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 533.246236][ C0] RIP: 0033:0x466459
[ 533.250551][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 533.257375][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 533.265775][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 533.273766][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 533.282719][ C0] RBP: 000000000056bf60 R08: 0000000000000009 R09: 0000000000000000
[ 533.290696][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 533.298686][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 533.306845][ C0] ---[ end trace 6a9a87c08c22e05f ]---
[ 533.312706][ C0] ------------[ cut here ]------------
[ 533.319215][ C0] WARNING: CPU: 0 PID: 27807 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 533.330522][ C0] Modules linked in:
[ 533.334785][ C0] CPU: 0 PID: 27807 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 533.345837][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 533.356267][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 533.362333][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 533.382014][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 533.388073][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001d RCX: ffff88810e7ce000
[ 533.396033][ C0] RDX: 0000000000010000 RSI: 000000000000001d RDI: 0000000000000001
[ 533.404017][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 533.411993][ C0] R10: 0001ffffffffffff R11: 000000000000012f R12: ffff88813bc1da58
[ 533.419963][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 533.427958][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 533.436890][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 533.443468][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 533.451430][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 533.459389][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 533.467349][ C0] Call Trace:
[ 533.470637][ C0]
[ 533.473466][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 533.479281][ C0] __run_hrtimer+0x163/0x460
[ 533.483861][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 533.489674][ C0] hrtimer_interrupt+0x380/0xaf0
[ 533.494743][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 533.500661][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 533.506290][ C0]
[ 533.509236][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 533.515219][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[ 533.521376][ C0] Code: 8b 3d 2c 41 75 06 48 89 de e8 9c dd 26 00 5b c3 66 2e 0f 1f 84 00 00 00 00 00 e9 9b ae 10 00 cc cc cc cc cc cc cc cc cc cc cc <48> 8b 04 24 65 48 8b 0c 25 00 6d 01 00 65 8b 15 f4 3b bb 7e f7 c2
[ 533.541362][ C0] RSP: 0018:ffffc900054437b8 EFLAGS: 00000202
[ 533.547427][ C0] RAX: ffffffff8168ecbe RBX: 0000000000000143 RCX: ffff88810e7ce000
[ 533.555427][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 533.563411][ C0] RBP: 0000000000000000 R08: ffffffff8168ecaf R09: 000188803e1615e7
[ 533.571372][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: ffffea0004236248
[ 533.579326][ C0] R13: ffff88803e1615e0 R14: ffffea0004346880 R15: 0000000000000000
[ 533.587287][ C0] ? free_pages_and_swap_cache+0xbf/0x1f0
[ 533.593111][ C0] ? free_pages_and_swap_cache+0xce/0x1f0
[ 533.598850][ C0] free_pages_and_swap_cache+0x18e/0x1f0
[ 533.604514][ C0] tlb_flush_mmu+0x597/0x5f0
[ 533.609095][ C0] ? cpumask_any_but+0x6f/0x80
[ 533.613854][ C0] zap_pte_range+0x1168/0x13f0
[ 533.618616][ C0] ? xas_store+0x88f/0xcf0
[ 533.623018][ C0] unmap_page_range+0x540/0x650
[ 533.627860][ C0] unmap_single_vma+0x157/0x210
[ 533.632730][ C0] unmap_vmas+0xc0/0x170
[ 533.636966][ C0] exit_mmap+0x1be/0x400
[ 533.641204][ C0] __mmput+0xa2/0x220
[ 533.645178][ C0] mmput+0x3d/0x50
[ 533.648889][ C0] exit_mm+0x344/0x430
[ 533.652957][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 533.658779][ C0] ? taskstats_exit+0x334/0x730
[ 533.663634][ C0] ? acct_collect+0x3a4/0x400
[ 533.668316][ C0] do_exit+0x3ff/0x1670
[ 533.672481][ C0] ? do_futex+0x1080/0x1cd0
[ 533.676975][ C0] do_group_exit+0xce/0x180
[ 533.681498][ C0] get_signal+0xdce/0x14e0
[ 533.685917][ C0] ? __mm_populate+0x32c/0x380
[ 533.690671][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 533.696211][ C0] ? __se_sys_futex+0x2a8/0x390
[ 533.701060][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 533.706585][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 533.712222][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 533.717689][ C0] do_syscall_64+0x45/0x80
[ 533.722102][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 533.727998][ C0] RIP: 0033:0x466459
[ 533.731897][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 533.738727][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 533.747121][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 533.755086][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
19:30:10 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xfffffff0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 533.763056][ C0] RBP: 000000000056bf60 R08: 0000000000000009 R09: 0000000000000000
[ 533.771030][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 533.778995][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 533.786955][ C0] ---[ end trace 6a9a87c08c22e060 ]---
19:30:10 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0x0, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:30:10 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x3, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 533.892825][ C0] ------------[ cut here ]------------
[ 533.898374][ C0] WARNING: CPU: 0 PID: 27823 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 533.909230][ C0] Modules linked in:
[ 533.913151][ C0] CPU: 0 PID: 27823 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 533.923351][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 533.933413][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 533.939424][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 533.959120][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 533.965217][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000023 RCX: ffff8880444a4000
[ 533.973217][ C0] RDX: 0000000000010000 RSI: 0000000000000023 RDI: 0000000000000001
[ 533.981192][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 533.989189][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 533.997168][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 534.005618][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 534.014564][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 534.021189][ C0] CR2: 00007f6cba8d1de0 CR3: 0000000026c1c000 CR4: 00000000001506f0
[ 534.029379][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 534.037462][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 534.045444][ C0] Call Trace:
[ 534.048902][ C0]
[ 534.051751][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 534.057576][ C0] __run_hrtimer+0x163/0x460
[ 534.062182][ C0] hrtimer_interrupt+0x380/0xaf0
[ 534.067158][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 534.073077][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 534.078741][ C0]
[ 534.081672][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 534.087707][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 534.093901][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 534.113541][ C0] RSP: 0018:ffffc90005443990 EFLAGS: 00000246
[ 534.119641][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0003ffff868e29f0
[ 534.127674][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 534.136004][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
19:30:10 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x10, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:10 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0xc0, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 534.144065][ C0] R10: ffffffff88f37048 R11: 0000000000000200 R12: 0000000000000023
[ 534.152155][ C0] R13: ffff888101bc1780 R14: ffffffff868e29f0 R15: 0000000000000001
[ 534.160216][ C0] vsnprintf+0x7e/0xed0
[ 534.164384][ C0] tomoyo_supervisor+0xa4/0xb40
[ 534.169306][ C0] ? ___cache_free+0x3c/0x2f0
[ 534.173985][ C0] ? strcmp+0x23/0x50
[ 534.178224][ C0] tomoyo_path_perm+0x261/0x330
[ 534.183225][ C0] tomoyo_inode_getattr+0x18/0x20
[ 534.188269][ C0] security_inode_getattr+0x7f/0xd0
[ 534.193454][ C0] vfs_statx+0xf8/0x290
[ 534.197610][ C0] __se_sys_newlstat+0x46/0x250
[ 534.202626][ C0] ? __secure_computing+0x12e/0x1c0
[ 534.207816][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 534.213104][ C0] __x64_sys_newlstat+0x2d/0x40
[ 534.217968][ C0] do_syscall_64+0x39/0x80
[ 534.222376][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 534.228272][ C0] RIP: 0033:0x7f6cba8ec335
[ 534.232693][ C0] Code: 69 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 48 89 f0 77 30 48 89 c7 48 89 d6 b8 06 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 03 f3 c3 90 48 8b 15 31 db 2b 00 f7 d8 64 89
[ 534.252369][ C0] RSP: 002b:00007fff78b36108 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[ 534.260911][ C0] RAX: ffffffffffffffda RBX: 0000559944fbda20 RCX: 00007f6cba8ec335
[ 534.269015][ C0] RDX: 00007fff78b36140 RSI: 00007fff78b36140 RDI: 0000559944fbca20
[ 534.276979][ C0] RBP: 00007fff78b36200 R08: 00007f6cbabab1e8 R09: 0000000000001010
[ 534.284965][ C0] R10: 00007f6cbabaab58 R11: 0000000000000246 R12: 0000559944fbca20
[ 534.293148][ C0] R13: 0000559944fbca34 R14: 0000559944fc101d R15: 0000559944fc1024
[ 534.301228][ C0] ---[ end trace 6a9a87c08c22e061 ]---
[ 534.307169][ C0] ------------[ cut here ]------------
[ 534.312998][ C0] WARNING: CPU: 0 PID: 27823 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 534.324491][ C0] Modules linked in:
[ 534.328386][ C0] CPU: 0 PID: 27823 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
19:30:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x8913, &(0x7f0000000040)={0x4})
19:30:11 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0xec0, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:11 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x0, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:30:11 executing program 3:
syz_open_dev$dri(0x0, 0xb, 0x0)
[ 534.338471][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 534.348543][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 534.354542][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 534.374243][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 534.380330][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff8880444a4000
[ 534.388337][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 534.396315][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 534.404853][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 534.412831][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 534.420817][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 534.429859][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 534.437665][ C0] CR2: 00007f6cba8d1de0 CR3: 0000000026c1c000 CR4: 00000000001506f0
[ 534.445646][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 534.453618][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 534.461617][ C0] Call Trace:
[ 534.464902][ C0]
[ 534.467747][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 534.473564][ C0] __run_hrtimer+0x163/0x460
[ 534.478174][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 534.484013][ C0] hrtimer_interrupt+0x380/0xaf0
[ 534.488975][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 534.494918][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 534.501807][ C0]
[ 534.504754][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 534.510774][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 534.516957][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 534.536596][ C0] RSP: 0018:ffffc90005443990 EFLAGS: 00000246
[ 534.542688][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0003ffff868e29f0
[ 534.550668][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 534.558683][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 534.566669][ C0] R10: ffffffff88f37048 R11: 0000000000000200 R12: 0000000000000023
[ 534.574647][ C0] R13: ffff888101bc1780 R14: ffffffff868e29f0 R15: 0000000000000001
[ 534.583252][ C0] vsnprintf+0x7e/0xed0
[ 534.587399][ C0] tomoyo_supervisor+0xa4/0xb40
[ 534.592252][ C0] ? ___cache_free+0x3c/0x2f0
[ 534.596945][ C0] ? strcmp+0x23/0x50
[ 534.600927][ C0] tomoyo_path_perm+0x261/0x330
[ 534.605774][ C0] tomoyo_inode_getattr+0x18/0x20
[ 534.610789][ C0] security_inode_getattr+0x7f/0xd0
[ 534.615987][ C0] vfs_statx+0xf8/0x290
[ 534.620146][ C0] __se_sys_newlstat+0x46/0x250
[ 534.625012][ C0] ? __secure_computing+0x12e/0x1c0
[ 534.630229][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 534.635506][ C0] __x64_sys_newlstat+0x2d/0x40
[ 534.640836][ C0] do_syscall_64+0x39/0x80
[ 534.645253][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 534.651136][ C0] RIP: 0033:0x7f6cba8ec335
[ 534.655551][ C0] Code: 69 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 48 89 f0 77 30 48 89 c7 48 89 d6 b8 06 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 03 f3 c3 90 48 8b 15 31 db 2b 00 f7 d8 64 89
[ 534.675249][ C0] RSP: 002b:00007fff78b36108 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[ 534.683707][ C0] RAX: ffffffffffffffda RBX: 0000559944fbda20 RCX: 00007f6cba8ec335
[ 534.691682][ C0] RDX: 00007fff78b36140 RSI: 00007fff78b36140 RDI: 0000559944fbca20
[ 534.700255][ C0] RBP: 00007fff78b36200 R08: 00007f6cbabab1e8 R09: 0000000000001010
[ 534.708216][ C0] R10: 00007f6cbabaab58 R11: 0000000000000246 R12: 0000559944fbca20
[ 534.716184][ C0] R13: 0000559944fbca34 R14: 0000559944fc101d R15: 0000559944fc1024
[ 534.724165][ C0] ---[ end trace 6a9a87c08c22e062 ]---
[ 534.730019][ C0] ------------[ cut here ]------------
[ 534.735479][ C0] WARNING: CPU: 0 PID: 27823 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 534.746437][ C0] Modules linked in:
[ 534.750326][ C0] CPU: 0 PID: 27823 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 534.760555][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 534.770631][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 534.776705][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 534.796474][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 534.802634][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff8880444a4000
[ 534.810593][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 534.818560][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 534.826541][ C0] R10: 0001ffffffffffff R11: 00000000000003b4 R12: ffff88813bc1da58
[ 534.834563][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 534.842665][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 534.851593][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 534.858183][ C0] CR2: 00007f6cba8d1de0 CR3: 0000000026c1c000 CR4: 00000000001506f0
[ 534.866144][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 534.874125][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 534.882188][ C0] Call Trace:
[ 534.885463][ C0]
[ 534.888327][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 534.894135][ C0] __run_hrtimer+0x163/0x460
[ 534.898740][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 534.904557][ C0] hrtimer_interrupt+0x380/0xaf0
[ 534.909500][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 534.915417][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 534.921054][ C0]
[ 534.924002][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 534.930003][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 534.936147][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 534.955844][ C0] RSP: 0018:ffffc90005443990 EFLAGS: 00000246
[ 534.961994][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0003ffff868e29f0
[ 534.969986][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 534.977950][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 534.985909][ C0] R10: ffffffff88f37048 R11: 0000000000000200 R12: 0000000000000023
[ 534.993906][ C0] R13: ffff888101bc1780 R14: ffffffff868e29f0 R15: 0000000000000001
[ 535.001878][ C0] vsnprintf+0x7e/0xed0
[ 535.006024][ C0] tomoyo_supervisor+0xa4/0xb40
[ 535.011207][ C0] ? ___cache_free+0x3c/0x2f0
[ 535.015890][ C0] ? strcmp+0x23/0x50
[ 535.019959][ C0] tomoyo_path_perm+0x261/0x330
[ 535.024828][ C0] tomoyo_inode_getattr+0x18/0x20
[ 535.029859][ C0] security_inode_getattr+0x7f/0xd0
[ 535.035053][ C0] vfs_statx+0xf8/0x290
[ 535.039212][ C0] __se_sys_newlstat+0x46/0x250
[ 535.044106][ C0] ? __secure_computing+0x12e/0x1c0
[ 535.049296][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 535.054590][ C0] __x64_sys_newlstat+0x2d/0x40
[ 535.059434][ C0] do_syscall_64+0x39/0x80
[ 535.063855][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 535.069779][ C0] RIP: 0033:0x7f6cba8ec335
[ 535.074181][ C0] Code: 69 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 48 89 f0 77 30 48 89 c7 48 89 d6 b8 06 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 03 f3 c3 90 48 8b 15 31 db 2b 00 f7 d8 64 89
[ 535.093802][ C0] RSP: 002b:00007fff78b36108 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[ 535.102204][ C0] RAX: ffffffffffffffda RBX: 0000559944fbda20 RCX: 00007f6cba8ec335
[ 535.110175][ C0] RDX: 00007fff78b36140 RSI: 00007fff78b36140 RDI: 0000559944fbca20
[ 535.118144][ C0] RBP: 00007fff78b36200 R08: 00007f6cbabab1e8 R09: 0000000000001010
[ 535.126211][ C0] R10: 00007f6cbabaab58 R11: 0000000000000246 R12: 0000559944fbca20
[ 535.134179][ C0] R13: 0000559944fbca34 R14: 0000559944fc101d R15: 0000559944fc1024
[ 535.142169][ C0] ---[ end trace 6a9a87c08c22e063 ]---
[ 535.248082][ C0] ------------[ cut here ]------------
[ 535.253622][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 535.264159][ C0] Modules linked in:
[ 535.268071][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 535.277460][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 535.287617][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 535.293674][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 535.314153][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 535.320208][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffffffff87630780
[ 535.328175][ C0] RDX: 0000000000010001 RSI: 000000000000001f RDI: 0000000000000001
[ 535.336152][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 535.344586][ C0] R10: 0001ffffffffffff R11: 0000000000000046 R12: ffff88813bc1da58
[ 535.352595][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 535.361320][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 535.370265][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 535.376992][ C0] CR2: 00007f858a903d58 CR3: 000000010ae0b000 CR4: 00000000001506f0
[ 535.385068][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 535.393028][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 535.401003][ C0] Call Trace:
[ 535.404283][ C0]
[ 535.407130][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 535.412945][ C0] __run_hrtimer+0x163/0x460
[ 535.417586][ C0] hrtimer_interrupt+0x380/0xaf0
[ 535.422535][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 535.428428][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 535.434079][ C0]
[ 535.437002][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 535.442972][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 535.448657][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 535.468279][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 535.474354][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 535.482350][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 535.490435][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 535.498405][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 535.506484][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 535.514476][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 535.519420][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 535.524351][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 535.529471][ C0] cpuidle_enter+0x3c/0x60
[ 535.533903][ C0] do_idle+0x193/0x230
[ 535.537960][ C0] cpu_startup_entry+0x15/0x20
[ 535.542824][ C0] rest_init+0xd7/0xe0
[ 535.546878][ C0] ? time_init+0xc/0xc
[ 535.550938][ C0] arch_call_rest_init+0xa/0xb
[ 535.555729][ C0] start_kernel+0x5a1/0x626
[ 535.560221][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 535.566107][ C0] ---[ end trace 6a9a87c08c22e064 ]---
[ 535.571917][ C0] ------------[ cut here ]------------
[ 535.577377][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 535.587891][ C0] Modules linked in:
[ 535.591788][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 535.601149][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 535.611188][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 535.617154][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 535.636858][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 535.643211][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000013 RCX: ffffffff87630780
[ 535.651182][ C0] RDX: 0000000000010001 RSI: 0000000000000013 RDI: 0000000000000001
[ 535.659266][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 535.667259][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 535.675503][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 535.683514][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 535.692547][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 535.699410][ C0] CR2: 00007f858a903d58 CR3: 000000010ae0b000 CR4: 00000000001506f0
[ 535.707371][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 535.715352][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 535.723331][ C0] Call Trace:
[ 535.726619][ C0]
[ 535.729475][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 535.735269][ C0] __run_hrtimer+0x163/0x460
[ 535.740351][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 535.746167][ C0] hrtimer_interrupt+0x380/0xaf0
[ 535.751097][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 535.757006][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 535.762656][ C0]
[ 535.765573][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 535.771646][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 535.777188][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 535.797184][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 535.803285][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 535.811258][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 535.819232][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 535.827192][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 535.835530][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 535.843508][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 535.848463][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 535.853395][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 535.858519][ C0] cpuidle_enter+0x3c/0x60
[ 535.862938][ C0] do_idle+0x193/0x230
[ 535.867031][ C0] cpu_startup_entry+0x15/0x20
[ 535.871810][ C0] rest_init+0xd7/0xe0
[ 535.875863][ C0] ? time_init+0xc/0xc
[ 535.879917][ C0] arch_call_rest_init+0xa/0xb
[ 535.884707][ C0] start_kernel+0x5a1/0x626
[ 535.889227][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 535.895120][ C0] ---[ end trace 6a9a87c08c22e065 ]---
19:30:12 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x8})
19:30:12 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r1, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:12 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x33fe0, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:12 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x0, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:30:12 executing program 3:
syz_open_dev$dri(0x0, 0xb, 0x0)
[ 535.900969][ C0] ------------[ cut here ]------------
[ 535.906623][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 535.917141][ C0] Modules linked in:
[ 535.921051][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 535.930425][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 535.940503][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:12 executing program 3:
syz_open_dev$dri(0x0, 0xb, 0x0)
[ 535.946505][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 535.966126][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 535.972207][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 535.980269][ C0] RDX: 0000000000010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 535.988267][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 535.996255][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 536.004236][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 536.012237][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 536.021190][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 536.027932][ C0] CR2: 00007f858a903d58 CR3: 000000010ae0b000 CR4: 00000000001506f0
[ 536.036202][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 536.044298][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 536.052379][ C0] Call Trace:
[ 536.055663][ C0]
[ 536.058532][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 536.064387][ C0] __run_hrtimer+0x163/0x460
[ 536.068994][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 536.074813][ C0] hrtimer_interrupt+0x380/0xaf0
[ 536.079777][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 536.085683][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 536.091326][ C0]
[ 536.094257][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
19:30:12 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x0, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 536.100270][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 536.105835][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 536.126496][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 536.132584][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 536.140665][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
19:30:12 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r1, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 536.148647][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 536.156632][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 536.164621][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 536.172613][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 536.177613][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 536.182571][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 536.187698][ C0] cpuidle_enter+0x3c/0x60
[ 536.192125][ C0] do_idle+0x193/0x230
[ 536.196240][ C0] cpu_startup_entry+0x15/0x20
[ 536.201163][ C0] rest_init+0xd7/0xe0
[ 536.205252][ C0] ? time_init+0xc/0xc
[ 536.209326][ C0] arch_call_rest_init+0xa/0xb
[ 536.214246][ C0] start_kernel+0x5a1/0x626
[ 536.218757][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 536.224682][ C0] ---[ end trace 6a9a87c08c22e066 ]---
[ 536.330447][ C0] ------------[ cut here ]------------
[ 536.335929][ C0] WARNING: CPU: 0 PID: 27859 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 536.346767][ C0] Modules linked in:
[ 536.350647][ C0] CPU: 0 PID: 27859 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 536.360922][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 536.370969][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 536.376958][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 536.396597][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 536.402668][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88810d87b000
[ 536.410690][ C0] RDX: 0000000080010001 RSI: 000000000000001a RDI: 0000000000000001
[ 536.418652][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 536.426617][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 536.434583][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 536.442560][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 536.451491][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 536.458069][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 536.466052][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 536.474012][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 536.482082][ C0] Call Trace:
[ 536.485354][ C0]
[ 536.488184][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 536.494027][ C0] __run_hrtimer+0x163/0x460
[ 536.498641][ C0] hrtimer_interrupt+0x380/0xaf0
[ 536.503683][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 536.509595][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 536.515225][ C0]
[ 536.518167][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 536.524189][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 536.530349][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 536.549971][ C0] RSP: 0018:ffffc9000588f9c8 EFLAGS: 00000246
[ 536.556035][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0009888026a4e00c
[ 536.563997][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 536.571989][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 536.579957][ C0] R10: ffffffff88f36fa8 R11: 0000000000000200 R12: 000000000000000f
[ 536.587936][ C0] R13: f97293b03b812900 R14: ffff888026a4e00c R15: 0000000000000004
[ 536.595913][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 536.601459][ C0] __tlb_remove_page_size+0x65/0x180
[ 536.606756][ C0] zap_pte_range+0x669/0x13f0
[ 536.611434][ C0] ? futex_wake+0x349/0x3d0
[ 536.615956][ C0] unmap_page_range+0x540/0x650
[ 536.620967][ C0] unmap_single_vma+0x157/0x210
[ 536.625831][ C0] unmap_vmas+0xc0/0x170
[ 536.630064][ C0] exit_mmap+0x1be/0x400
[ 536.634289][ C0] __mmput+0xa2/0x220
[ 536.638269][ C0] mmput+0x3d/0x50
[ 536.641983][ C0] exit_mm+0x344/0x430
[ 536.646030][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 536.651840][ C0] ? taskstats_exit+0x334/0x730
[ 536.656724][ C0] ? acct_collect+0x3a4/0x400
[ 536.661383][ C0] do_exit+0x3ff/0x1670
[ 536.665996][ C0] ? zap_other_threads+0x1c2/0x1e0
[ 536.671221][ C0] do_group_exit+0x17d/0x180
[ 536.675813][ C0] __do_sys_exit_group+0xb/0x10
[ 536.680649][ C0] __se_sys_exit_group+0x5/0x10
[ 536.685642][ C0] __x64_sys_exit_group+0x16/0x20
[ 536.690653][ C0] do_syscall_64+0x39/0x80
[ 536.695068][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 536.701055][ C0] RIP: 0033:0x466459
[ 536.705901][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 536.714779][ C0] RSP: 002b:00007fff879691b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 536.723333][ C0] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000466459
[ 536.731314][ C0] RDX: 000000000041926b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 536.739292][ C0] RBP: 0000000000000000 R08: 0000000000000b43 R09: 0000000000000000
[ 536.747371][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 536.755343][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff879692b0
[ 536.763354][ C0] ---[ end trace 6a9a87c08c22e067 ]---
[ 536.769225][ C0] ------------[ cut here ]------------
19:30:13 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x8914, &(0x7f0000000040)={0x4})
19:30:13 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x20000078, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:13 executing program 0:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:13 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
[ 536.774727][ C0] WARNING: CPU: 0 PID: 27859 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 536.785723][ C0] Modules linked in:
[ 536.789621][ C0] CPU: 0 PID: 27859 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 536.799811][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 536.809876][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 536.815888][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 536.835588][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 536.841677][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88810d87b000
[ 536.849667][ C0] RDX: 0000000000010001 RSI: 000000000000001a RDI: 0000000000000001
[ 536.857659][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 536.865638][ C0] R10: 0001ffffffffffff R11: ffff88810d87b000 R12: ffff88813bc1da58
[ 536.873640][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 536.881631][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 536.890572][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 536.897173][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 536.905257][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 536.913261][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 536.921239][ C0] Call Trace:
[ 536.924547][ C0]
[ 536.927404][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 536.933327][ C0] __run_hrtimer+0x163/0x460
[ 536.937922][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 536.943738][ C0] hrtimer_interrupt+0x380/0xaf0
[ 536.948687][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 536.954600][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 536.960245][ C0]
[ 536.963182][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 536.969185][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 536.975355][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 536.995015][ C0] RSP: 0018:ffffc9000588f9c8 EFLAGS: 00000246
[ 537.001082][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0009888026a4e00c
[ 537.009054][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 537.017038][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 537.024996][ C0] R10: ffffffff88f36fa8 R11: 0000000000000200 R12: 000000000000000f
[ 537.033043][ C0] R13: f97293b03b812900 R14: ffff888026a4e00c R15: 0000000000000004
[ 537.041037][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 537.046712][ C0] __tlb_remove_page_size+0x65/0x180
[ 537.051985][ C0] zap_pte_range+0x669/0x13f0
[ 537.056669][ C0] ? futex_wake+0x349/0x3d0
[ 537.061205][ C0] unmap_page_range+0x540/0x650
[ 537.066050][ C0] unmap_single_vma+0x157/0x210
[ 537.070907][ C0] unmap_vmas+0xc0/0x170
[ 537.075279][ C0] exit_mmap+0x1be/0x400
[ 537.079521][ C0] __mmput+0xa2/0x220
[ 537.083490][ C0] mmput+0x3d/0x50
[ 537.087196][ C0] exit_mm+0x344/0x430
[ 537.091410][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 537.097226][ C0] ? taskstats_exit+0x334/0x730
[ 537.102161][ C0] ? acct_collect+0x3a4/0x400
[ 537.106858][ C0] do_exit+0x3ff/0x1670
[ 537.111016][ C0] ? zap_other_threads+0x1c2/0x1e0
[ 537.116144][ C0] do_group_exit+0x17d/0x180
[ 537.120720][ C0] __do_sys_exit_group+0xb/0x10
[ 537.125803][ C0] __se_sys_exit_group+0x5/0x10
[ 537.130730][ C0] __x64_sys_exit_group+0x16/0x20
[ 537.135757][ C0] do_syscall_64+0x39/0x80
[ 537.140275][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 537.146196][ C0] RIP: 0033:0x466459
[ 537.150084][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 537.157276][ C0] RSP: 002b:00007fff879691b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 537.165671][ C0] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000466459
[ 537.173630][ C0] RDX: 000000000041926b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 537.181731][ C0] RBP: 0000000000000000 R08: 0000000000000b43 R09: 0000000000000000
[ 537.189854][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 537.197923][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff879692b0
[ 537.205904][ C0] ---[ end trace 6a9a87c08c22e068 ]---
[ 537.211715][ C0] ------------[ cut here ]------------
[ 537.217190][ C0] WARNING: CPU: 0 PID: 27859 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 537.228054][ C0] Modules linked in:
[ 537.231950][ C0] CPU: 0 PID: 27859 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 537.242079][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 537.252137][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 537.258297][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 537.277911][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 537.283965][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff88810d87b000
[ 537.291936][ C0] RDX: 0000000000010001 RSI: 000000000000001b RDI: 0000000000000001
[ 537.299895][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 537.307875][ C0] R10: 0001ffffffffffff R11: ffff88810d87b000 R12: ffff88813bc1da58
[ 537.315853][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 537.323816][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 537.333557][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 537.340150][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 537.348122][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 537.356104][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 537.364331][ C0] Call Trace:
[ 537.367595][ C0]
[ 537.370424][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 537.376367][ C0] __run_hrtimer+0x163/0x460
[ 537.381090][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 537.386904][ C0] hrtimer_interrupt+0x380/0xaf0
[ 537.391841][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 537.397789][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 537.403405][ C0]
[ 537.406335][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 537.412543][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 537.418719][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 537.438335][ C0] RSP: 0018:ffffc9000588f9c8 EFLAGS: 00000246
[ 537.444404][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0009888026a4e00c
[ 537.452416][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 537.460482][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 537.468458][ C0] R10: ffffffff88f36fa8 R11: 0000000000000200 R12: 000000000000000f
[ 537.476421][ C0] R13: f97293b03b812900 R14: ffff888026a4e00c R15: 0000000000000004
[ 537.484385][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 537.489928][ C0] __tlb_remove_page_size+0x65/0x180
[ 537.495294][ C0] zap_pte_range+0x669/0x13f0
[ 537.499963][ C0] ? futex_wake+0x349/0x3d0
[ 537.505682][ C0] unmap_page_range+0x540/0x650
[ 537.510538][ C0] unmap_single_vma+0x157/0x210
[ 537.515384][ C0] unmap_vmas+0xc0/0x170
[ 537.519612][ C0] exit_mmap+0x1be/0x400
[ 537.523925][ C0] __mmput+0xa2/0x220
[ 537.527905][ C0] mmput+0x3d/0x50
[ 537.531608][ C0] exit_mm+0x344/0x430
[ 537.535757][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 537.541578][ C0] ? taskstats_exit+0x334/0x730
[ 537.546417][ C0] ? acct_collect+0x3a4/0x400
[ 537.551090][ C0] do_exit+0x3ff/0x1670
[ 537.555246][ C0] ? zap_other_threads+0x1c2/0x1e0
[ 537.560354][ C0] do_group_exit+0x17d/0x180
[ 537.564965][ C0] __do_sys_exit_group+0xb/0x10
[ 537.569809][ C0] __se_sys_exit_group+0x5/0x10
[ 537.574686][ C0] __x64_sys_exit_group+0x16/0x20
[ 537.579698][ C0] do_syscall_64+0x39/0x80
[ 537.584113][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 537.590009][ C0] RIP: 0033:0x466459
[ 537.593889][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 537.600738][ C0] RSP: 002b:00007fff879691b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 537.609225][ C0] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000466459
[ 537.617193][ C0] RDX: 000000000041926b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 537.625186][ C0] RBP: 0000000000000000 R08: 0000000000000b43 R09: 0000000000000000
[ 537.633167][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 537.641143][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff879692b0
[ 537.649106][ C0] ---[ end trace 6a9a87c08c22e069 ]---
[ 537.754972][ C0] ------------[ cut here ]------------
[ 537.760446][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 537.770946][ C0] Modules linked in:
[ 537.774842][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 537.784218][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 537.794284][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 537.800285][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 537.819901][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 537.825957][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000020 RCX: ffffffff87630780
[ 537.833920][ C0] RDX: 0000000080010001 RSI: 0000000000000020 RDI: 0000000000000001
[ 537.841994][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 537.850069][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 537.858045][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 537.866024][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 537.874941][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 537.881524][ C0] CR2: 0000559944fc72c8 CR3: 0000000007629000 CR4: 00000000001506f0
[ 537.889824][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 537.897810][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 537.905789][ C0] Call Trace:
[ 537.909055][ C0]
[ 537.911900][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 537.917698][ C0] __run_hrtimer+0x163/0x460
[ 537.922277][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 537.928519][ C0] hrtimer_interrupt+0x380/0xaf0
[ 537.933459][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 537.939382][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 537.945047][ C0]
[ 537.947967][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 537.953972][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 537.959533][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 537.979137][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 537.985258][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 537.993227][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 538.001212][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 538.009190][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 538.017149][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 538.025113][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 538.030044][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 538.035110][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 538.040354][ C0] cpuidle_enter+0x3c/0x60
[ 538.044774][ C0] do_idle+0x193/0x230
[ 538.048836][ C0] cpu_startup_entry+0x15/0x20
[ 538.053627][ C0] rest_init+0xd7/0xe0
[ 538.057701][ C0] ? time_init+0xc/0xc
[ 538.061752][ C0] arch_call_rest_init+0xa/0xb
[ 538.066502][ C0] start_kernel+0x5a1/0x626
[ 538.071009][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 538.076935][ C0] ---[ end trace 6a9a87c08c22e06a ]---
[ 538.082760][ C0] ------------[ cut here ]------------
[ 538.088298][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 538.098928][ C0] Modules linked in:
19:30:14 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6})
19:30:14 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x200002b8, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:14 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
19:30:14 executing program 0:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:14 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
[ 538.102825][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 538.112225][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 538.122297][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 538.128329][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 538.147994][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
19:30:14 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x7ffff000, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:14 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0)
19:30:14 executing program 0:
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 538.154086][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 538.162175][ C0] RDX: 0000000080010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 538.170173][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 538.178162][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 538.186139][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 538.194136][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 538.203075][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 538.209692][ C0] CR2: 0000559944fc72c8 CR3: 0000000007629000 CR4: 00000000001506f0
[ 538.217652][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 538.225786][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 538.233806][ C0] Call Trace:
[ 538.240696][ C0]
[ 538.243579][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 538.249393][ C0] __run_hrtimer+0x163/0x460
[ 538.253986][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 538.259943][ C0] hrtimer_interrupt+0x380/0xaf0
[ 538.264884][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 538.270778][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 538.276407][ C0]
[ 538.279331][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 538.285404][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 538.290944][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 538.310903][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 538.316968][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 538.324930][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 538.332912][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 538.342060][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 538.350045][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 538.358009][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 538.362966][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 538.368034][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 538.373158][ C0] cpuidle_enter+0x3c/0x60
[ 538.377578][ C0] do_idle+0x193/0x230
[ 538.381657][ C0] cpu_startup_entry+0x15/0x20
[ 538.386422][ C0] rest_init+0xd7/0xe0
[ 538.390488][ C0] ? time_init+0xc/0xc
[ 538.394548][ C0] arch_call_rest_init+0xa/0xb
[ 538.399321][ C0] start_kernel+0x5a1/0x626
[ 538.403819][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 538.409755][ C0] ---[ end trace 6a9a87c08c22e06b ]---
[ 538.416232][ C0] ------------[ cut here ]------------
[ 538.421726][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 538.432246][ C0] Modules linked in:
[ 538.436199][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 538.445670][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 538.455713][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 538.461752][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 538.481363][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 538.487431][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 538.495389][ C0] RDX: 0000000080010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 538.503351][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 538.511329][ C0] R10: 0001ffffffffffff R11: 00000000000001d0 R12: ffff88813bc1da58
[ 538.519289][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 538.527252][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 538.536305][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 538.543450][ C0] CR2: 0000559944fc72c8 CR3: 0000000007629000 CR4: 00000000001506f0
[ 538.551433][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 538.559517][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 538.567498][ C0] Call Trace:
[ 538.570786][ C0]
[ 538.573631][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 538.579433][ C0] __run_hrtimer+0x163/0x460
[ 538.584207][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 538.590012][ C0] hrtimer_interrupt+0x380/0xaf0
[ 538.594958][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 538.600854][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 538.606479][ C0]
[ 538.609417][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 538.615418][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 538.620979][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 538.640595][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 538.646652][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 538.654614][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 538.662575][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 538.670547][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 538.678747][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 538.686714][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 538.691654][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 538.696599][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 538.701730][ C0] cpuidle_enter+0x3c/0x60
[ 538.706148][ C0] do_idle+0x193/0x230
[ 538.710223][ C0] cpu_startup_entry+0x15/0x20
[ 538.714979][ C0] rest_init+0xd7/0xe0
[ 538.719038][ C0] ? time_init+0xc/0xc
[ 538.723090][ C0] arch_call_rest_init+0xa/0xb
[ 538.727857][ C0] start_kernel+0x5a1/0x626
[ 538.732354][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 538.738389][ C0] ---[ end trace 6a9a87c08c22e06c ]---
[ 538.844198][ C0] ------------[ cut here ]------------
[ 538.849783][ C0] WARNING: CPU: 0 PID: 27886 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 538.860754][ C0] Modules linked in:
[ 538.864646][ C0] CPU: 0 PID: 27886 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 538.874947][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 538.885130][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 538.891116][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 538.911080][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 538.917135][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff888034446000
[ 538.925107][ C0] RDX: 0000000080010001 RSI: 000000000000001a RDI: 0000000000000001
[ 538.933084][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 538.941237][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 538.949215][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 538.957199][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 538.966116][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 538.972711][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 538.980784][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 538.988867][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 538.996855][ C0] Call Trace:
[ 539.000260][ C0]
[ 539.003096][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 539.009253][ C0] __run_hrtimer+0x163/0x460
[ 539.015342][ C0] ? virtnet_poll_tx+0x179/0x1b0
[ 539.020274][ C0] hrtimer_interrupt+0x380/0xaf0
[ 539.025214][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 539.031105][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 539.036790][ C0]
[ 539.039938][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 539.045917][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0xd/0x60
[ 539.052011][ C0] Code: 00 5b c3 66 2e 0f 1f 84 00 00 00 00 00 e9 9b ae 10 00 cc cc cc cc cc cc cc cc cc cc cc 48 8b 04 24 65 48 8b 0c 25 00 6d 01 00 <65> 8b 15 f4 3b bb 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74
[ 539.072577][ C0] RSP: 0018:ffffc9000593f868 EFLAGS: 00000246
[ 539.078628][ C0] RAX: ffffffff8164869a RBX: 800000002a3fb007 RCX: ffff888034446000
[ 539.086585][ C0] RDX: ffff888034446000 RSI: 0000000000000000 RDI: 0000000000000000
[ 539.094767][ C0] RBP: ffffc9000593f960 R08: ffffffff8164868e R09: 0001ea0000a8fedf
[ 539.102946][ C0] R10: 0001ffffffffffff R11: 0000000000000200 R12: ffffea0000a8fec0
[ 539.111046][ C0] R13: ffffea0000a8fec0 R14: ffffea0000a8fec8 R15: dead000000000100
[ 539.119498][ C0] ? zap_pte_range+0x43e/0x13f0
[ 539.124360][ C0] ? zap_pte_range+0x44a/0x13f0
[ 539.129209][ C0] zap_pte_range+0x44a/0x13f0
[ 539.133894][ C0] unmap_page_range+0x540/0x650
[ 539.139183][ C0] unmap_single_vma+0x157/0x210
[ 539.144032][ C0] unmap_vmas+0xc0/0x170
[ 539.148268][ C0] exit_mmap+0x1be/0x400
[ 539.152499][ C0] __mmput+0xa2/0x220
[ 539.156471][ C0] mmput+0x3d/0x50
[ 539.160204][ C0] exit_mm+0x344/0x430
[ 539.164347][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 539.170154][ C0] ? taskstats_exit+0x334/0x730
[ 539.175022][ C0] ? acct_collect+0x3a4/0x400
[ 539.179705][ C0] do_exit+0x3ff/0x1670
[ 539.183879][ C0] ? do_futex+0x1062/0x1cd0
[ 539.188577][ C0] do_group_exit+0xce/0x180
[ 539.193201][ C0] get_signal+0xdce/0x14e0
[ 539.197610][ C0] ? __mm_populate+0x32c/0x380
[ 539.202398][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 539.207960][ C0] ? __se_sys_futex+0x2a8/0x390
[ 539.212805][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 539.218346][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 539.223968][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 539.229452][ C0] do_syscall_64+0x45/0x80
[ 539.233879][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 539.240373][ C0] RIP: 0033:0x466459
[ 539.244271][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 539.251109][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 539.259522][ C0] RAX: fffffffffffffe00 RBX: 000000000056bf68 RCX: 0000000000466459
[ 539.267492][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000056bf68
[ 539.275493][ C0] RBP: 000000000056bf60 R08: 0000000000000000 R09: 0000000000000000
[ 539.283455][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf6c
[ 539.291442][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 539.299446][ C0] ---[ end trace 6a9a87c08c22e06d ]---
[ 539.305318][ C0] ------------[ cut here ]------------
[ 539.310807][ C0] WARNING: CPU: 0 PID: 27886 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 539.321686][ C0] Modules linked in:
[ 539.325577][ C0] CPU: 0 PID: 27886 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 539.335735][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
19:30:16 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x8933, &(0x7f0000000040)={0x4})
19:30:16 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0xfffffdef, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:16 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x8})
19:30:16 executing program 0:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 539.345801][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 539.351811][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 539.371439][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 539.377519][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff888034446000
[ 539.385529][ C0] RDX: 0000000080010001 RSI: 000000000000001b RDI: 0000000000000001
[ 539.393525][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 539.401504][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 539.409482][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 539.417459][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 539.426404][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 539.432996][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 539.440993][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 539.448978][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 539.456961][ C0] Call Trace:
[ 539.460244][ C0]
[ 539.463092][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 539.468922][ C0] __run_hrtimer+0x163/0x460
[ 539.473535][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 539.479464][ C0] hrtimer_interrupt+0x380/0xaf0
[ 539.484411][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 539.490306][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 539.496007][ C0]
[ 539.499007][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 539.504991][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0xd/0x60
[ 539.511127][ C0] Code: 00 5b c3 66 2e 0f 1f 84 00 00 00 00 00 e9 9b ae 10 00 cc cc cc cc cc cc cc cc cc cc cc 48 8b 04 24 65 48 8b 0c 25 00 6d 01 00 <65> 8b 15 f4 3b bb 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74
[ 539.530744][ C0] RSP: 0018:ffffc9000593f868 EFLAGS: 00000246
[ 539.536816][ C0] RAX: ffffffff8164869a RBX: 800000002a3fb007 RCX: ffff888034446000
[ 539.544796][ C0] RDX: ffff888034446000 RSI: 0000000000000000 RDI: 0000000000000000
[ 539.552763][ C0] RBP: ffffc9000593f960 R08: ffffffff8164868e R09: 0001ea0000a8fedf
[ 539.560848][ C0] R10: 0001ffffffffffff R11: 0000000000000200 R12: ffffea0000a8fec0
[ 539.568956][ C0] R13: ffffea0000a8fec0 R14: ffffea0000a8fec8 R15: dead000000000100
[ 539.576940][ C0] ? zap_pte_range+0x43e/0x13f0
[ 539.581778][ C0] ? zap_pte_range+0x44a/0x13f0
[ 539.586635][ C0] zap_pte_range+0x44a/0x13f0
[ 539.591329][ C0] unmap_page_range+0x540/0x650
[ 539.596189][ C0] unmap_single_vma+0x157/0x210
[ 539.601048][ C0] unmap_vmas+0xc0/0x170
[ 539.605298][ C0] exit_mmap+0x1be/0x400
[ 539.609527][ C0] __mmput+0xa2/0x220
[ 539.613560][ C0] mmput+0x3d/0x50
[ 539.617265][ C0] exit_mm+0x344/0x430
[ 539.621367][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 539.627158][ C0] ? taskstats_exit+0x334/0x730
[ 539.632014][ C0] ? acct_collect+0x3a4/0x400
[ 539.636707][ C0] do_exit+0x3ff/0x1670
[ 539.640898][ C0] ? do_futex+0x1062/0x1cd0
[ 539.645412][ C0] do_group_exit+0xce/0x180
[ 539.649903][ C0] get_signal+0xdce/0x14e0
[ 539.654317][ C0] ? __mm_populate+0x32c/0x380
[ 539.659092][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 539.664668][ C0] ? __se_sys_futex+0x2a8/0x390
[ 539.669529][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 539.675098][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 539.680742][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 539.686193][ C0] do_syscall_64+0x45/0x80
[ 539.690600][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 539.696486][ C0] RIP: 0033:0x466459
[ 539.700378][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 539.707202][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 539.715600][ C0] RAX: fffffffffffffe00 RBX: 000000000056bf68 RCX: 0000000000466459
[ 539.723577][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000056bf68
[ 539.731536][ C0] RBP: 000000000056bf60 R08: 0000000000000000 R09: 0000000000000000
[ 539.739501][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf6c
[ 539.747487][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 539.755505][ C0] ---[ end trace 6a9a87c08c22e06e ]---
[ 539.761220][ C0] ------------[ cut here ]------------
[ 539.766663][ C0] WARNING: CPU: 0 PID: 27886 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 539.777512][ C0] Modules linked in:
[ 539.781398][ C0] CPU: 0 PID: 27886 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 539.791542][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 539.801615][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 539.807642][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 539.827268][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 539.833364][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff888034446000
[ 539.841967][ C0] RDX: 0000000080010001 RSI: 000000000000001c RDI: 0000000000000001
[ 539.849959][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 539.857973][ C0] R10: 0001ffffffffffff R11: ffff888034446000 R12: ffff88813bc1da58
[ 539.866088][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 539.874062][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 539.883113][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 539.889742][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 539.897713][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 539.905717][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 539.913708][ C0] Call Trace:
[ 539.916996][ C0]
[ 539.919822][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 539.925652][ C0] __run_hrtimer+0x163/0x460
[ 539.930345][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 539.936253][ C0] hrtimer_interrupt+0x380/0xaf0
[ 539.941215][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 539.947094][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 539.952715][ C0]
[ 539.955663][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 539.961679][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0xd/0x60
[ 539.967732][ C0] Code: 00 5b c3 66 2e 0f 1f 84 00 00 00 00 00 e9 9b ae 10 00 cc cc cc cc cc cc cc cc cc cc cc 48 8b 04 24 65 48 8b 0c 25 00 6d 01 00 <65> 8b 15 f4 3b bb 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74
[ 539.987350][ C0] RSP: 0018:ffffc9000593f868 EFLAGS: 00000246
[ 539.993423][ C0] RAX: ffffffff8164869a RBX: 800000002a3fb007 RCX: ffff888034446000
[ 540.001396][ C0] RDX: ffff888034446000 RSI: 0000000000000000 RDI: 0000000000000000
[ 540.009361][ C0] RBP: ffffc9000593f960 R08: ffffffff8164868e R09: 0001ea0000a8fedf
[ 540.017314][ C0] R10: 0001ffffffffffff R11: 0000000000000200 R12: ffffea0000a8fec0
[ 540.025267][ C0] R13: ffffea0000a8fec0 R14: ffffea0000a8fec8 R15: dead000000000100
[ 540.033586][ C0] ? zap_pte_range+0x43e/0x13f0
[ 540.038569][ C0] ? zap_pte_range+0x44a/0x13f0
[ 540.043505][ C0] zap_pte_range+0x44a/0x13f0
[ 540.048189][ C0] unmap_page_range+0x540/0x650
[ 540.053037][ C0] unmap_single_vma+0x157/0x210
[ 540.057935][ C0] unmap_vmas+0xc0/0x170
[ 540.062247][ C0] exit_mmap+0x1be/0x400
[ 540.066502][ C0] __mmput+0xa2/0x220
[ 540.070481][ C0] mmput+0x3d/0x50
[ 540.074203][ C0] exit_mm+0x344/0x430
[ 540.078282][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 540.084086][ C0] ? taskstats_exit+0x334/0x730
[ 540.088930][ C0] ? acct_collect+0x3a4/0x400
[ 540.093587][ C0] do_exit+0x3ff/0x1670
[ 540.097775][ C0] ? do_futex+0x1062/0x1cd0
[ 540.102390][ C0] do_group_exit+0xce/0x180
[ 540.106900][ C0] get_signal+0xdce/0x14e0
[ 540.111400][ C0] ? __mm_populate+0x32c/0x380
[ 540.116169][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 540.121713][ C0] ? __se_sys_futex+0x2a8/0x390
[ 540.126563][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 540.132091][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 540.137721][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 540.143182][ C0] do_syscall_64+0x45/0x80
[ 540.147579][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 540.153484][ C0] RIP: 0033:0x466459
[ 540.157357][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 540.164227][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 540.172626][ C0] RAX: fffffffffffffe00 RBX: 000000000056bf68 RCX: 0000000000466459
[ 540.180591][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000056bf68
[ 540.188740][ C0] RBP: 000000000056bf60 R08: 0000000000000000 R09: 0000000000000000
[ 540.196702][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf6c
[ 540.204677][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 540.212765][ C0] ---[ end trace 6a9a87c08c22e06f ]---
[ 540.318545][ C0] ------------[ cut here ]------------
[ 540.324023][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 540.334535][ C0] Modules linked in:
[ 540.338410][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 540.347776][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 540.357844][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 540.363817][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 540.383433][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 540.389518][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000021 RCX: ffffffff87630780
[ 540.397543][ C0] RDX: 0000000080010001 RSI: 0000000000000021 RDI: 0000000000000001
[ 540.405504][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 540.413466][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 540.421431][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 540.429393][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 540.438324][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 540.444909][ C0] CR2: 0000559944fc72c8 CR3: 0000000007629000 CR4: 00000000001506f0
[ 540.453042][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 540.461106][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 540.469074][ C0] Call Trace:
[ 540.472336][ C0]
[ 540.475175][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 540.480973][ C0] __run_hrtimer+0x163/0x460
[ 540.485545][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 540.491797][ C0] hrtimer_interrupt+0x380/0xaf0
[ 540.496721][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 540.503079][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 540.508722][ C0]
[ 540.511650][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 540.517712][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 540.523534][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 540.543155][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 540.549229][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 540.557285][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 540.565263][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 540.573294][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 540.581374][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 540.589349][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 540.594317][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 540.599262][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 540.604370][ C0] cpuidle_enter+0x3c/0x60
[ 540.608775][ C0] do_idle+0x193/0x230
[ 540.612833][ C0] cpu_startup_entry+0x15/0x20
[ 540.617619][ C0] rest_init+0xd7/0xe0
[ 540.621680][ C0] ? time_init+0xc/0xc
[ 540.625726][ C0] arch_call_rest_init+0xa/0xb
[ 540.630512][ C0] start_kernel+0x5a1/0x626
[ 540.635026][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 540.640914][ C0] ---[ end trace 6a9a87c08c22e070 ]---
[ 540.646690][ C0] ------------[ cut here ]------------
[ 540.652193][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 540.662703][ C0] Modules linked in:
19:30:17 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x2})
19:30:17 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x2, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:17 executing program 0:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:17 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
19:30:17 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x8})
19:30:17 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x4, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 540.666601][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 540.675989][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 540.686066][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 540.692100][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 540.711710][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
19:30:17 executing program 0:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 540.717806][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 540.725803][ C0] RDX: 0000000080010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 540.733801][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 540.741778][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 540.749764][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 540.757722][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 540.766771][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 540.773358][ C0] CR2: 0000559944fc72c8 CR3: 0000000007629000 CR4: 00000000001506f0
[ 540.781345][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 540.789336][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 540.797318][ C0] Call Trace:
[ 540.800598][ C0]
[ 540.806148][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 540.811984][ C0] __run_hrtimer+0x163/0x460
[ 540.816591][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 540.822438][ C0] hrtimer_interrupt+0x380/0xaf0
[ 540.827423][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 540.833525][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 540.839170][ C0]
[ 540.842098][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 540.848222][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 540.853752][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 540.873361][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 540.879417][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 540.887509][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 540.895469][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 540.903442][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 540.911506][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 540.919575][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 540.924611][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 540.929545][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 540.934815][ C0] cpuidle_enter+0x3c/0x60
[ 540.939214][ C0] do_idle+0x193/0x230
[ 540.943288][ C0] cpu_startup_entry+0x15/0x20
[ 540.948039][ C0] rest_init+0xd7/0xe0
[ 540.952090][ C0] ? time_init+0xc/0xc
[ 540.956143][ C0] arch_call_rest_init+0xa/0xb
[ 540.960910][ C0] start_kernel+0x5a1/0x626
[ 540.965413][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 540.971292][ C0] ---[ end trace 6a9a87c08c22e071 ]---
[ 540.977062][ C0] ------------[ cut here ]------------
[ 540.982517][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 540.993141][ C0] Modules linked in:
[ 540.997031][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 541.006408][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 541.016629][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 541.022730][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 541.042344][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 541.048402][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 541.056366][ C0] RDX: 0000000080010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 541.064341][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 541.072318][ C0] R10: 0001ffffffffffff R11: 000000000000029c R12: ffff88813bc1da58
[ 541.080280][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 541.088242][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 541.097202][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 541.103847][ C0] CR2: 0000559944fc72c8 CR3: 0000000007629000 CR4: 00000000001506f0
[ 541.112089][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 541.120050][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 541.128154][ C0] Call Trace:
[ 541.131420][ C0]
[ 541.134247][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 541.140041][ C0] __run_hrtimer+0x163/0x460
[ 541.144621][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 541.150595][ C0] hrtimer_interrupt+0x380/0xaf0
[ 541.155528][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 541.161432][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 541.167079][ C0]
[ 541.170125][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 541.176223][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 541.181873][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 541.201487][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 541.207556][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 541.215517][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 541.223482][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 541.231613][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 541.239599][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 541.247800][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 541.252732][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 541.257657][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 541.262756][ C0] cpuidle_enter+0x3c/0x60
[ 541.267156][ C0] do_idle+0x193/0x230
[ 541.271241][ C0] cpu_startup_entry+0x15/0x20
[ 541.276019][ C0] rest_init+0xd7/0xe0
[ 541.280072][ C0] ? time_init+0xc/0xc
[ 541.284142][ C0] arch_call_rest_init+0xa/0xb
[ 541.288910][ C0] start_kernel+0x5a1/0x626
[ 541.293395][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 541.299383][ C0] ---[ end trace 6a9a87c08c22e072 ]---
19:30:18 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 541.405255][ C0] ------------[ cut here ]------------
[ 541.410762][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 541.421547][ C0] Modules linked in:
[ 541.425426][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 541.434811][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 541.444877][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 541.451054][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 541.470866][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 541.476995][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffffffff87630780
[ 541.485064][ C0] RDX: 0000000000010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 541.493163][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 541.501325][ C0] R10: 0001ffffffffffff R11: 00000000000003fb R12: ffff88813bc1da58
[ 541.509308][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 541.517299][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 541.526316][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 541.532983][ C0] CR2: 00007f11102abd58 CR3: 000000002664f000 CR4: 00000000001506f0
[ 541.541062][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 541.549057][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 541.557017][ C0] Call Trace:
[ 541.560300][ C0]
[ 541.563146][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 541.568957][ C0] __run_hrtimer+0x163/0x460
[ 541.573554][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 541.579700][ C0] hrtimer_interrupt+0x380/0xaf0
[ 541.584633][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 541.590556][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 541.596184][ C0]
[ 541.599114][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 541.605091][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 541.610632][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 541.630266][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 541.636328][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 541.644302][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 541.652266][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 541.660227][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 541.668292][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 541.676347][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 541.681289][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 541.686238][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 541.691348][ C0] cpuidle_enter+0x3c/0x60
[ 541.695756][ C0] do_idle+0x193/0x230
[ 541.699869][ C0] cpu_startup_entry+0x15/0x20
[ 541.704651][ C0] rest_init+0xd7/0xe0
[ 541.708722][ C0] ? time_init+0xc/0xc
[ 541.712770][ C0] arch_call_rest_init+0xa/0xb
[ 541.718269][ C0] start_kernel+0x5a1/0x626
[ 541.722775][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 541.728664][ C0] ---[ end trace 6a9a87c08c22e073 ]---
[ 541.734584][ C0] ------------[ cut here ]------------
[ 541.740250][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 541.750771][ C0] Modules linked in:
[ 541.754668][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 541.764072][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 541.774133][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 541.780138][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 541.799772][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 541.805840][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 541.813814][ C0] RDX: 0000000000010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 541.821795][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 541.829772][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 541.837856][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 541.846552][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 541.855493][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 541.862080][ C0] CR2: 00007f11102abd58 CR3: 000000002664f000 CR4: 00000000001506f0
[ 541.870058][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 541.878053][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 541.886029][ C0] Call Trace:
[ 541.889307][ C0]
[ 541.892144][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 541.897970][ C0] __run_hrtimer+0x163/0x460
[ 541.902587][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 541.909279][ C0] hrtimer_interrupt+0x380/0xaf0
[ 541.914327][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 541.920257][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 541.925912][ C0]
[ 541.928853][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 541.934847][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 541.940410][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 541.960025][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 541.966128][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 541.974122][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 541.982098][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 541.990100][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 541.998186][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 542.006194][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 542.011162][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 542.016131][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 542.021436][ C0] cpuidle_enter+0x3c/0x60
[ 542.025890][ C0] do_idle+0x193/0x230
[ 542.029985][ C0] cpu_startup_entry+0x15/0x20
[ 542.034876][ C0] rest_init+0xd7/0xe0
[ 542.039302][ C0] ? time_init+0xc/0xc
[ 542.043381][ C0] arch_call_rest_init+0xa/0xb
[ 542.048159][ C0] start_kernel+0x5a1/0x626
[ 542.052676][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 542.058602][ C0] ---[ end trace 6a9a87c08c22e074 ]---
[ 542.064450][ C0] ------------[ cut here ]------------
[ 542.069900][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 542.080418][ C0] Modules linked in:
[ 542.084331][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 542.093706][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 542.103960][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 542.109957][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 542.129758][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 542.135833][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 542.143827][ C0] RDX: 0000000000010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 542.151832][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 542.159814][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 542.167796][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 542.175793][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 542.184764][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 542.191361][ C0] CR2: 00007f11102abd58 CR3: 000000002664f000 CR4: 00000000001506f0
[ 542.199347][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 542.207353][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 542.215335][ C0] Call Trace:
[ 542.218617][ C0]
[ 542.221484][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 542.227294][ C0] __run_hrtimer+0x163/0x460
[ 542.231902][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 542.237751][ C0] hrtimer_interrupt+0x380/0xaf0
[ 542.242695][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 542.248645][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 542.254309][ C0]
[ 542.257240][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 542.263237][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 542.268808][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 542.288423][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 542.294496][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 542.302471][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 542.310474][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 542.318459][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 542.326460][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 542.334530][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 542.339493][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 542.344442][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 542.349564][ C0] cpuidle_enter+0x3c/0x60
[ 542.353987][ C0] do_idle+0x193/0x230
19:30:19 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x400448c9, &(0x7f0000000040)={0x4})
19:30:19 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:19 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
19:30:19 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x7, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 542.358069][ C0] cpu_startup_entry+0x15/0x20
[ 542.362846][ C0] rest_init+0xd7/0xe0
[ 542.366940][ C0] ? time_init+0xc/0xc
[ 542.371010][ C0] arch_call_rest_init+0xa/0xb
[ 542.375785][ C0] start_kernel+0x5a1/0x626
[ 542.380293][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 542.386200][ C0] ---[ end trace 6a9a87c08c22e075 ]---
19:30:19 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x3})
19:30:19 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x8, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 542.492098][ C0] ------------[ cut here ]------------
[ 542.497599][ C0] WARNING: CPU: 0 PID: 27935 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 542.509796][ C0] Modules linked in:
[ 542.513699][ C0] CPU: 0 PID: 27935 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 542.523850][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 542.533922][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:19 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0xa, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 542.539987][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 542.559615][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 542.565705][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88810e042000
[ 542.573864][ C0] RDX: 0000000000010000 RSI: 000000000000001a RDI: 0000000000000001
[ 542.581873][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:30:19 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x18, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 542.590056][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 542.598310][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 542.606316][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 542.615403][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 542.621998][ C0] CR2: 00007fff78b8e690 CR3: 0000000027a11000 CR4: 00000000001506f0
[ 542.629996][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 542.637984][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 542.646085][ C0] Call Trace:
[ 542.649394][ C0]
[ 542.652265][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 542.658113][ C0] __run_hrtimer+0x163/0x460
[ 542.662714][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 542.668984][ C0] hrtimer_interrupt+0x380/0xaf0
[ 542.673949][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 542.679880][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 542.685534][ C0]
[ 542.688474][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 542.694485][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 542.700658][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 542.720287][ C0] RSP: 0018:ffffc9000593fb98 EFLAGS: 00000246
[ 542.726366][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000388810af63098
[ 542.734532][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 542.743044][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 542.751041][ C0] R10: ffffffff88f37050 R11: 0000000000000200 R12: 0000000000000024
[ 542.759037][ C0] R13: 00000000000001a4 R14: ffff88810af63098 R15: 0000000000000001
[ 542.767063][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 542.772646][ C0] tomoyo_check_acl+0x6a/0x220
[ 542.777424][ C0] ? tomoyo_path_number_perm+0x2d0/0x2d0
[ 542.783114][ C0] tomoyo_path_number_perm+0x1af/0x2d0
[ 542.788603][ C0] ? __down_write_common+0x45/0x870
[ 542.794009][ C0] ? ___cache_free+0x3c/0x2f0
[ 542.798720][ C0] tomoyo_path_chmod+0x23/0x30
[ 542.803498][ C0] security_path_chmod+0x92/0xe0
[ 542.808467][ C0] chmod_common+0xc4/0x280
[ 542.813165][ C0] ? __fget_light+0xd0/0x260
[ 542.817773][ C0] __x64_sys_fchmod+0xac/0xf0
[ 542.822471][ C0] do_syscall_64+0x39/0x80
[ 542.827026][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 542.832924][ C0] RIP: 0033:0x7f6cba8ec5c7
[ 542.837442][ C0] Code: 73 01 c3 48 8b 0d d1 d8 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 5b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d8 2b 00 f7 d8 64 89 01 48
[ 542.857179][ C0] RSP: 002b:00007fff78b3a6c8 EFLAGS: 00000206 ORIG_RAX: 000000000000005b
[ 542.865664][ C0] RAX: ffffffffffffffda RBX: 0000559944fb01d0 RCX: 00007f6cba8ec5c7
[ 542.873669][ C0] RDX: 0000000000000000 RSI: 00000000000001a4 RDI: 000000000000000f
[ 542.881757][ C0] RBP: 00007fff78b3a790 R08: 0000559944fc0e30 R09: 0000000000000230
[ 542.889952][ C0] R10: 002abe677ed7a011 R11: 0000000000000206 R12: 00007fff78b3a6d0
[ 542.898031][ C0] R13: 0000000000000001 R14: 0000000000000000 R15: 000000000000000e
[ 542.906088][ C0] ---[ end trace 6a9a87c08c22e076 ]---
[ 542.912564][ C0] ------------[ cut here ]------------
[ 542.918049][ C0] WARNING: CPU: 0 PID: 27935 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 542.928947][ C0] Modules linked in:
[ 542.932837][ C0] CPU: 0 PID: 27935 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
19:30:19 executing program 3:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x10, 0x6})
19:30:19 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x37, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:19 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000000040), 0x2, r2}, 0x38)
19:30:19 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 542.942900][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 542.952969][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 542.958992][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 542.978593][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 542.984663][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810e042000
[ 542.992654][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 543.000612][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 543.008575][ C0] R10: 0001ffffffffffff R11: 00000000000001b6 R12: ffff88813bc1da58
[ 543.016541][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 543.024544][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 543.033766][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 543.040368][ C0] CR2: 00007fff78b8e690 CR3: 0000000027a11000 CR4: 00000000001506f0
[ 543.048660][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 543.056630][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 543.064609][ C0] Call Trace:
[ 543.067886][ C0]
[ 543.070721][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 543.076618][ C0] __run_hrtimer+0x163/0x460
[ 543.081431][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 543.087223][ C0] hrtimer_interrupt+0x380/0xaf0
[ 543.092164][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 543.098046][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 543.103761][ C0]
[ 543.106725][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 543.112696][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 543.118839][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 543.138643][ C0] RSP: 0018:ffffc9000593fb98 EFLAGS: 00000246
[ 543.144696][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000388810af63098
[ 543.152652][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 543.160619][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 543.168662][ C0] R10: ffffffff88f37050 R11: 0000000000000200 R12: 0000000000000024
[ 543.176920][ C0] R13: 00000000000001a4 R14: ffff88810af63098 R15: 0000000000000001
[ 543.184941][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 543.190487][ C0] tomoyo_check_acl+0x6a/0x220
[ 543.195264][ C0] ? tomoyo_path_number_perm+0x2d0/0x2d0
[ 543.200927][ C0] tomoyo_path_number_perm+0x1af/0x2d0
[ 543.206385][ C0] ? __down_write_common+0x45/0x870
[ 543.211597][ C0] ? ___cache_free+0x3c/0x2f0
[ 543.216265][ C0] tomoyo_path_chmod+0x23/0x30
[ 543.221026][ C0] security_path_chmod+0x92/0xe0
[ 543.225961][ C0] chmod_common+0xc4/0x280
[ 543.230363][ C0] ? __fget_light+0xd0/0x260
[ 543.234946][ C0] __x64_sys_fchmod+0xac/0xf0
[ 543.239964][ C0] do_syscall_64+0x39/0x80
[ 543.244362][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 543.250292][ C0] RIP: 0033:0x7f6cba8ec5c7
[ 543.254711][ C0] Code: 73 01 c3 48 8b 0d d1 d8 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 5b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d8 2b 00 f7 d8 64 89 01 48
[ 543.274346][ C0] RSP: 002b:00007fff78b3a6c8 EFLAGS: 00000206 ORIG_RAX: 000000000000005b
[ 543.282760][ C0] RAX: ffffffffffffffda RBX: 0000559944fb01d0 RCX: 00007f6cba8ec5c7
[ 543.290716][ C0] RDX: 0000000000000000 RSI: 00000000000001a4 RDI: 000000000000000f
[ 543.298672][ C0] RBP: 00007fff78b3a790 R08: 0000559944fc0e30 R09: 0000000000000230
[ 543.306631][ C0] R10: 002abe677ed7a011 R11: 0000000000000206 R12: 00007fff78b3a6d0
[ 543.314597][ C0] R13: 0000000000000001 R14: 0000000000000000 R15: 000000000000000e
[ 543.322667][ C0] ---[ end trace 6a9a87c08c22e077 ]---
[ 543.328480][ C0] ------------[ cut here ]------------
[ 543.333943][ C0] WARNING: CPU: 0 PID: 27935 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 543.344828][ C0] Modules linked in:
[ 543.348722][ C0] CPU: 0 PID: 27935 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 543.358774][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 543.368924][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 543.374916][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 543.394533][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 543.400604][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810e042000
[ 543.408581][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 543.416542][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 543.424515][ C0] R10: 0001ffffffffffff R11: 000000000000005d R12: ffff88813bc1da58
[ 543.432666][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 543.440637][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 543.449575][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 543.456148][ C0] CR2: 00007fff78b8e690 CR3: 0000000027a11000 CR4: 00000000001506f0
[ 543.464216][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 543.472262][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 543.480244][ C0] Call Trace:
[ 543.483560][ C0]
[ 543.486396][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 543.492221][ C0] __run_hrtimer+0x163/0x460
[ 543.496817][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 543.502625][ C0] hrtimer_interrupt+0x380/0xaf0
[ 543.507571][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 543.513471][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 543.519095][ C0]
[ 543.522025][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 543.528034][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 543.534187][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 543.553982][ C0] RSP: 0018:ffffc9000593fb98 EFLAGS: 00000246
[ 543.560058][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000388810af63098
[ 543.568168][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 543.576241][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 543.584225][ C0] R10: ffffffff88f37050 R11: 0000000000000200 R12: 0000000000000024
[ 543.592320][ C0] R13: 00000000000001a4 R14: ffff88810af63098 R15: 0000000000000001
[ 543.600291][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 543.605848][ C0] tomoyo_check_acl+0x6a/0x220
[ 543.610616][ C0] ? tomoyo_path_number_perm+0x2d0/0x2d0
[ 543.616255][ C0] tomoyo_path_number_perm+0x1af/0x2d0
[ 543.621718][ C0] ? __down_write_common+0x45/0x870
[ 543.626922][ C0] ? ___cache_free+0x3c/0x2f0
[ 543.631611][ C0] tomoyo_path_chmod+0x23/0x30
[ 543.636412][ C0] security_path_chmod+0x92/0xe0
[ 543.641352][ C0] chmod_common+0xc4/0x280
[ 543.645778][ C0] ? __fget_light+0xd0/0x260
[ 543.650367][ C0] __x64_sys_fchmod+0xac/0xf0
[ 543.655055][ C0] do_syscall_64+0x39/0x80
[ 543.659647][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 543.665623][ C0] RIP: 0033:0x7f6cba8ec5c7
[ 543.670046][ C0] Code: 73 01 c3 48 8b 0d d1 d8 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 5b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d8 2b 00 f7 d8 64 89 01 48
[ 543.691123][ C0] RSP: 002b:00007fff78b3a6c8 EFLAGS: 00000206 ORIG_RAX: 000000000000005b
[ 543.699597][ C0] RAX: ffffffffffffffda RBX: 0000559944fb01d0 RCX: 00007f6cba8ec5c7
[ 543.707575][ C0] RDX: 0000000000000000 RSI: 00000000000001a4 RDI: 000000000000000f
[ 543.715551][ C0] RBP: 00007fff78b3a790 R08: 0000559944fc0e30 R09: 0000000000000230
[ 543.723518][ C0] R10: 002abe677ed7a011 R11: 0000000000000206 R12: 00007fff78b3a6d0
[ 543.731583][ C0] R13: 0000000000000001 R14: 0000000000000000 R15: 000000000000000e
[ 543.739570][ C0] ---[ end trace 6a9a87c08c22e078 ]---
[ 543.845388][ C0] ------------[ cut here ]------------
[ 543.850872][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 543.861387][ C0] Modules linked in:
[ 543.865415][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 543.874805][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 543.884874][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 543.890885][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 543.910592][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 543.916661][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffffffff87630780
[ 543.924628][ C0] RDX: 0000000080010001 RSI: 000000000000001f RDI: 0000000000000001
[ 543.932621][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 543.940591][ C0] R10: 0001ffffffffffff R11: 0000000000000064 R12: ffff88813bc1da58
[ 543.948560][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 543.956533][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 543.965477][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 543.972058][ C0] CR2: 0000000000000000 CR3: 000000010d851000 CR4: 00000000001506f0
[ 543.980048][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 543.988022][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 543.996001][ C0] Call Trace:
[ 543.999278][ C0]
[ 544.002112][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 544.007962][ C0] __run_hrtimer+0x163/0x460
[ 544.012847][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 544.019010][ C0] hrtimer_interrupt+0x380/0xaf0
[ 544.024415][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 544.030494][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 544.036140][ C0]
[ 544.039063][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 544.045059][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 544.050628][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 544.070515][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 544.076584][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 544.084548][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 544.092513][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 544.100519][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 544.109033][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 544.117010][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 544.121961][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 544.126929][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 544.132053][ C0] cpuidle_enter+0x3c/0x60
[ 544.136484][ C0] do_idle+0x193/0x230
[ 544.140568][ C0] cpu_startup_entry+0x15/0x20
[ 544.145346][ C0] rest_init+0xd7/0xe0
[ 544.149434][ C0] ? time_init+0xc/0xc
[ 544.153525][ C0] arch_call_rest_init+0xa/0xb
[ 544.158295][ C0] start_kernel+0x5a1/0x626
[ 544.162926][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 544.168842][ C0] ---[ end trace 6a9a87c08c22e079 ]---
[ 544.174713][ C0] ------------[ cut here ]------------
[ 544.180170][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 544.190698][ C0] Modules linked in:
[ 544.194687][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 544.204138][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 544.214626][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 544.220652][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 544.240726][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 544.246794][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 544.254765][ C0] RDX: 0000000080010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 544.262737][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 544.270713][ C0] R10: 0001ffffffffffff R11: 0000000000000075 R12: ffff88813bc1da58
[ 544.278682][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 544.287000][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 544.295972][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 544.302648][ C0] CR2: 0000000000000000 CR3: 000000010d851000 CR4: 00000000001506f0
[ 544.310623][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 544.318606][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 544.326604][ C0] Call Trace:
[ 544.329894][ C0]
[ 544.332738][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 544.339873][ C0] __run_hrtimer+0x163/0x460
[ 544.344582][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 544.350595][ C0] hrtimer_interrupt+0x380/0xaf0
[ 544.355817][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 544.361746][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 544.367505][ C0]
[ 544.370442][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 544.376440][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 544.381997][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 544.401611][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 544.407676][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 544.415641][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 544.423624][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 544.431597][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 544.439567][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 544.447535][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 544.452483][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 544.457420][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 544.462539][ C0] cpuidle_enter+0x3c/0x60
[ 544.466951][ C0] do_idle+0x193/0x230
[ 544.471026][ C0] cpu_startup_entry+0x15/0x20
[ 544.475790][ C0] rest_init+0xd7/0xe0
[ 544.479968][ C0] ? time_init+0xc/0xc
[ 544.484147][ C0] arch_call_rest_init+0xa/0xb
[ 544.488912][ C0] start_kernel+0x5a1/0x626
[ 544.493411][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 544.499312][ C0] ---[ end trace 6a9a87c08c22e07a ]---
[ 544.505158][ C0] ------------[ cut here ]------------
[ 544.510604][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 544.521110][ C0] Modules linked in:
[ 544.524996][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 544.534357][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 544.544520][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 544.551989][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 544.571685][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 544.577770][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000013 RCX: ffffffff87630780
[ 544.585749][ C0] RDX: 0000000080010001 RSI: 0000000000000013 RDI: 0000000000000001
[ 544.593724][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 544.601698][ C0] R10: 0001ffffffffffff R11: 000000000000010f R12: ffff88813bc1da58
[ 544.609694][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 544.617667][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 544.626603][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 544.633266][ C0] CR2: 0000000000000000 CR3: 000000010d851000 CR4: 00000000001506f0
[ 544.641248][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 544.649209][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 544.657173][ C0] Call Trace:
[ 544.660442][ C0]
[ 544.663291][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 544.669097][ C0] __run_hrtimer+0x163/0x460
[ 544.673697][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 544.679525][ C0] hrtimer_interrupt+0x380/0xaf0
[ 544.684468][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 544.690365][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 544.695999][ C0]
[ 544.698936][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 544.704919][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 544.710477][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 544.730117][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 544.736185][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 544.744238][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 544.752228][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 544.760211][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 544.768176][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 544.776252][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 544.781221][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 544.786158][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 544.791268][ C0] cpuidle_enter+0x3c/0x60
[ 544.795704][ C0] do_idle+0x193/0x230
[ 544.799771][ C0] cpu_startup_entry+0x15/0x20
[ 544.804541][ C0] rest_init+0xd7/0xe0
[ 544.808625][ C0] ? time_init+0xc/0xc
[ 544.812702][ C0] arch_call_rest_init+0xa/0xb
[ 544.817487][ C0] start_kernel+0x5a1/0x626
[ 544.821992][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 544.827886][ C0] ---[ end trace 6a9a87c08c22e07b ]---
19:30:21 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x400448dd, &(0x7f0000000040)={0x4})
19:30:21 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x4})
19:30:21 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x73, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:21 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:21 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000000040), 0x2, r2}, 0x38)
19:30:21 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x702, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 544.933652][ C0] ------------[ cut here ]------------
[ 544.939142][ C0] WARNING: CPU: 0 PID: 4838 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 544.949926][ C0] Modules linked in:
[ 544.953819][ C0] CPU: 0 PID: 4838 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 544.963794][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 544.973873][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 544.979867][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 544.999510][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 545.005585][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff888105e21000
[ 545.013561][ C0] RDX: 0000000080010000 RSI: 000000000000001a RDI: 0000000000000001
[ 545.021541][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 545.029596][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 545.037582][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 545.045587][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 545.054563][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 545.061178][ C0] CR2: 0000559944ff15a8 CR3: 0000000107aec000 CR4: 00000000001506f0
[ 545.069157][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
19:30:21 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000000040), 0x2, r2}, 0x38)
[ 545.077139][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 545.085113][ C0] Call Trace:
[ 545.088414][ C0]
[ 545.091292][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 545.097367][ C0] __run_hrtimer+0x163/0x460
[ 545.101987][ C0] hrtimer_interrupt+0x380/0xaf0
[ 545.106936][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 545.112884][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 545.118537][ C0]
[ 545.121464][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 545.127473][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
19:30:21 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 545.133636][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 545.153459][ C0] RSP: 0018:ffffc90000dc3b20 EFLAGS: 00000246
[ 545.160137][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 001188810af9ad20
[ 545.168125][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 545.176122][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 545.184231][ C0] R10: ffffffff88f37008 R11: 0000000000000200 R12: 000000000000001b
[ 545.192880][ C0] R13: 0000000000000246 R14: ffff88810af9ad20 R15: 0000000000000008
[ 545.200882][ C0] tomoyo_check_path_acl+0x8f/0xe0
[ 545.206097][ C0] tomoyo_check_acl+0xcc/0x220
[ 545.210852][ C0] ? tomoyo_execute_permission+0x190/0x190
[ 545.216763][ C0] tomoyo_path_perm+0x22f/0x330
[ 545.221637][ C0] tomoyo_inode_getattr+0x18/0x20
[ 545.226675][ C0] security_inode_getattr+0x7f/0xd0
[ 545.232154][ C0] __se_sys_newfstat+0x58/0x2c0
[ 545.237110][ C0] ? putname+0xa5/0xc0
[ 545.241201][ C0] ? kmem_cache_free+0x59/0x100
[ 545.246077][ C0] ? __secure_computing+0x12e/0x1c0
[ 545.251267][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 545.256674][ C0] __x64_sys_newfstat+0x2d/0x40
[ 545.261512][ C0] do_syscall_64+0x39/0x80
[ 545.266120][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 545.272005][ C0] RIP: 0033:0x7f6cba8ec2e2
[ 545.276850][ C0] Code: 48 8b 05 b9 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 77 33 48 63 fe b8 05 00 00 00 48 89 d6 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 8b 15 81 db 2b 00 f7
[ 545.296455][ C0] RSP: 002b:00007fff78b3ad18 EFLAGS: 00000246 ORIG_RAX: 0000000000000005
[ 545.304863][ C0] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00007f6cba8ec2e2
[ 545.312873][ C0] RDX: 00007fff78b3ad20 RSI: 00007fff78b3ad20 RDI: 000000000000000f
[ 545.320851][ C0] RBP: 00007f6cbba7a710 R08: 0000559944fb0470 R09: 0000000000001010
[ 545.328806][ C0] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000000
[ 545.336779][ C0] R13: 0000559944fc1770 R14: 00000000000000ff R15: 0000559944fc1770
[ 545.344761][ C0] ---[ end trace 6a9a87c08c22e07c ]---
[ 545.350541][ C0] ------------[ cut here ]------------
[ 545.356001][ C0] WARNING: CPU: 0 PID: 4838 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 545.366797][ C0] Modules linked in:
[ 545.370693][ C0] CPU: 0 PID: 4838 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
19:30:22 executing program 3 (fault-call:0 fault-nth:0):
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
19:30:22 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x400454ca, &(0x7f0000000040)={0x4})
[ 545.380667][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 545.390722][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 545.396756][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 545.416370][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 545.423665][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff888105e21000
[ 545.431625][ C0] RDX: 0000000080010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 545.439603][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 545.447576][ C0] R10: 0001ffffffffffff R11: ffff888105e21000 R12: ffff88813bc1da58
[ 545.455691][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 545.463649][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 545.472665][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 545.479250][ C0] CR2: 0000559944ff15a8 CR3: 0000000107aec000 CR4: 00000000001506f0
[ 545.487237][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 545.495197][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 545.503273][ C0] Call Trace:
[ 545.506544][ C0]
[ 545.509374][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 545.515167][ C0] __run_hrtimer+0x163/0x460
[ 545.519769][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 545.525579][ C0] hrtimer_interrupt+0x380/0xaf0
[ 545.530516][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 545.536393][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 545.542625][ C0]
[ 545.545540][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 545.551523][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 545.557712][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 545.578603][ C0] RSP: 0018:ffffc90000dc3b20 EFLAGS: 00000246
[ 545.584651][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 001188810af9ad20
[ 545.592818][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 545.600792][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 545.609238][ C0] R10: ffffffff88f37008 R11: 0000000000000200 R12: 000000000000001b
[ 545.617210][ C0] R13: 0000000000000246 R14: ffff88810af9ad20 R15: 0000000000000008
[ 545.625220][ C0] tomoyo_check_path_acl+0x8f/0xe0
[ 545.630323][ C0] tomoyo_check_acl+0xcc/0x220
[ 545.635091][ C0] ? tomoyo_execute_permission+0x190/0x190
[ 545.640884][ C0] tomoyo_path_perm+0x22f/0x330
[ 545.645752][ C0] tomoyo_inode_getattr+0x18/0x20
[ 545.650828][ C0] security_inode_getattr+0x7f/0xd0
[ 545.656983][ C0] __se_sys_newfstat+0x58/0x2c0
[ 545.661819][ C0] ? putname+0xa5/0xc0
[ 545.665872][ C0] ? kmem_cache_free+0x59/0x100
[ 545.670730][ C0] ? __secure_computing+0x12e/0x1c0
[ 545.675940][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 545.681242][ C0] __x64_sys_newfstat+0x2d/0x40
[ 545.686096][ C0] do_syscall_64+0x39/0x80
[ 545.690512][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 545.696396][ C0] RIP: 0033:0x7f6cba8ec2e2
[ 545.700815][ C0] Code: 48 8b 05 b9 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 77 33 48 63 fe b8 05 00 00 00 48 89 d6 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 8b 15 81 db 2b 00 f7
[ 545.720765][ C0] RSP: 002b:00007fff78b3ad18 EFLAGS: 00000246 ORIG_RAX: 0000000000000005
[ 545.729303][ C0] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00007f6cba8ec2e2
[ 545.737573][ C0] RDX: 00007fff78b3ad20 RSI: 00007fff78b3ad20 RDI: 000000000000000f
[ 545.745545][ C0] RBP: 00007f6cbba7a710 R08: 0000559944fb0470 R09: 0000000000001010
[ 545.753548][ C0] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000000
[ 545.761518][ C0] R13: 0000559944fc1770 R14: 00000000000000ff R15: 0000559944fc1770
[ 545.769490][ C0] ---[ end trace 6a9a87c08c22e07d ]---
[ 545.775127][ C0] ------------[ cut here ]------------
[ 545.780578][ C0] WARNING: CPU: 0 PID: 4838 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 545.791332][ C0] Modules linked in:
[ 545.795252][ C0] CPU: 0 PID: 4838 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 545.805213][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 545.815261][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 545.821235][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 545.840830][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 545.846896][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff888105e21000
[ 545.854851][ C0] RDX: 0000000080010000 RSI: 000000000000001a RDI: 0000000000000001
[ 545.862809][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 545.870785][ C0] R10: 0001ffffffffffff R11: ffff888105e21000 R12: ffff88813bc1da58
[ 545.878751][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 545.886867][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 545.895791][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 545.902384][ C0] CR2: 0000559944ff15a8 CR3: 0000000107aec000 CR4: 00000000001506f0
[ 545.910358][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 545.918326][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 545.926461][ C0] Call Trace:
[ 545.929766][ C0]
[ 545.932592][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 545.938405][ C0] __run_hrtimer+0x163/0x460
[ 545.942992][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 545.948820][ C0] hrtimer_interrupt+0x380/0xaf0
[ 545.953778][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 545.959925][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 545.965559][ C0]
[ 545.968471][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 545.974435][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 545.980590][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 546.000185][ C0] RSP: 0018:ffffc90000dc3b20 EFLAGS: 00000246
[ 546.006259][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 001188810af9ad20
[ 546.014217][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 546.022218][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 546.030561][ C0] R10: ffffffff88f37008 R11: 0000000000000200 R12: 000000000000001b
[ 546.038557][ C0] R13: 0000000000000246 R14: ffff88810af9ad20 R15: 0000000000000008
[ 546.046657][ C0] tomoyo_check_path_acl+0x8f/0xe0
[ 546.051764][ C0] tomoyo_check_acl+0xcc/0x220
[ 546.056563][ C0] ? tomoyo_execute_permission+0x190/0x190
[ 546.062369][ C0] tomoyo_path_perm+0x22f/0x330
[ 546.067426][ C0] tomoyo_inode_getattr+0x18/0x20
[ 546.072440][ C0] security_inode_getattr+0x7f/0xd0
[ 546.077665][ C0] __se_sys_newfstat+0x58/0x2c0
[ 546.082510][ C0] ? putname+0xa5/0xc0
[ 546.086572][ C0] ? kmem_cache_free+0x59/0x100
[ 546.091403][ C0] ? __secure_computing+0x12e/0x1c0
[ 546.096587][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 546.101955][ C0] __x64_sys_newfstat+0x2d/0x40
[ 546.106816][ C0] do_syscall_64+0x39/0x80
[ 546.111218][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 546.117118][ C0] RIP: 0033:0x7f6cba8ec2e2
[ 546.122009][ C0] Code: 48 8b 05 b9 db 2b 00 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 83 ff 01 77 33 48 63 fe b8 05 00 00 00 48 89 d6 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 8b 15 81 db 2b 00 f7
[ 546.141602][ C0] RSP: 002b:00007fff78b3ad18 EFLAGS: 00000246 ORIG_RAX: 0000000000000005
[ 546.150017][ C0] RAX: ffffffffffffffda RBX: 000000000000000f RCX: 00007f6cba8ec2e2
[ 546.157979][ C0] RDX: 00007fff78b3ad20 RSI: 00007fff78b3ad20 RDI: 000000000000000f
[ 546.165987][ C0] RBP: 00007f6cbba7a710 R08: 0000559944fb0470 R09: 0000000000001010
[ 546.174460][ C0] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000000
[ 546.182432][ C0] R13: 0000559944fc1770 R14: 00000000000000ff R15: 0000559944fc1770
[ 546.190877][ C0] ---[ end trace 6a9a87c08c22e07e ]---
[ 546.294538][T27987] FAULT_INJECTION: forcing a failure.
[ 546.294538][T27987] name failslab, interval 1, probability 0, space 0, times 0
[ 546.297261][ C0] ------------[ cut here ]------------
[ 546.312652][ C0] WARNING: CPU: 0 PID: 27976 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 546.323998][ C0] Modules linked in:
[ 546.325731][T27987] CPU: 1 PID: 27987 Comm: syz-executor.3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 546.327940][ C0] CPU: 0 PID: 27976 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 546.338081][T27987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 546.348128][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 546.358192][T27987] Call Trace:
[ 546.358211][T27987] dump_stack+0x137/0x19d
[ 546.368245][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 546.368284][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 546.368300][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 546.371642][T27987] should_fail+0x23c/0x250
[ 546.375972][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff88810d993000
[ 546.382112][T27987] ? getname_flags+0x84/0x3d0
[ 546.401814][ C0] RDX: 0000000080010000 RSI: 000000000000001f RDI: 0000000000000001
[ 546.407874][T27987] __should_failslab+0x81/0x90
[ 546.412277][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 546.420289][T27987] should_failslab+0x5/0x20
[ 546.424952][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 546.433008][T27987] kmem_cache_alloc+0x46/0x320
[ 546.437755][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 546.445719][T27987] getname_flags+0x84/0x3d0
[ 546.450202][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 546.458178][T27987] getname+0x15/0x20
[ 546.463813][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 546.471793][T27987] do_sys_openat2+0x5b/0x250
[ 546.476305][ C0] CR2: 00007fff78b8e690 CR3: 000000010a768000 CR4: 00000000001506f0
[ 546.485238][T27987] __x64_sys_openat+0xef/0x110
[ 546.489124][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 546.495751][T27987] do_syscall_64+0x39/0x80
[ 546.500337][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 546.508304][T27987] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 546.513059][ C0] Call Trace:
[ 546.513069][ C0]
[ 546.521021][T27987] RIP: 0033:0x419544
[ 546.525449][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 546.533419][T27987] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 546.539301][ C0] __run_hrtimer+0x163/0x460
[ 546.542605][T27987] RSP: 002b:00007f1ce1f34cc0 EFLAGS: 00000293
[ 546.545451][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 546.549346][T27987] ORIG_RAX: 0000000000000101
[ 546.555135][ C0] hrtimer_interrupt+0x380/0xaf0
[ 546.574728][T27987] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000419544
[ 546.579331][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 546.579365][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 546.579386][ C0]
[ 546.579391][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 546.579433][ C0] RIP: 0010:__sanitizer_cov_trace_switch+0x2c/0x100
[ 546.585473][T27987] RDX: 0000000000000000 RSI: 00007f1ce1f34d60 RDI: 00000000ffffff9c
19:30:23 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x704, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 546.591620][ C0] Code: 41 56 41 54 53 48 8b 4e 08 48 83 c1 f8 48 89 c8 48 c1 c0 3d 48 83 f8 07 0f 87 d3 00 00 00 48 c1 e9 03 ba 8b 00 00 00 0f a3 ca <0f> 83 c1 00 00 00 4c 8b 16 4d 85 d2 0f 84 b5 00 00 00 4c 8b 04 c5
[ 546.596284][T27987] RBP: 00007f1ce1f34d60 R08: 0000000000000000 R09: 0023647261632f69
[ 546.601208][ C0] RSP: 0018:ffffc900011ebaa0 EFLAGS: 00000247
[ 546.609169][T27987] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 546.615048][ C0]
[ 546.615059][ C0] RAX: 0000000000000000 RBX: ffff88810af9a240 RCX: 0000000000000000
[ 546.620663][T27987] R13: 00007ffce2f6f37f R14: 00007f1ce1f35300 R15: 0000000000022000
[ 546.623583][ C0] RDX: 000000000000008b RSI: ffffffff878b7140 RDI: 0000000000000001
[ 546.711920][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff8277437c
[ 546.719905][ C0] R10: 0000000000000007 R11: ffff88810d993000 R12: 00000000000002e2
[ 546.727968][ C0] R13: ffff888107a43800 R14: ffffc900011ebc20 R15: ffff888107a43810
[ 546.735957][ C0] ? tomoyo_domain_quota_is_ok+0xbc/0x2f0
19:30:23 executing program 3 (fault-call:0 fault-nth:1):
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
19:30:23 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 546.741738][ C0] tomoyo_domain_quota_is_ok+0xbc/0x2f0
[ 546.747290][ C0] tomoyo_supervisor+0x1f4/0xb40
[ 546.752249][ C0] ? tomoyo_path2_perm+0x380/0x380
[ 546.757375][ C0] tomoyo_path2_perm+0x2db/0x380
[ 546.762479][ C0] tomoyo_path_rename+0x66/0x90
[ 546.767699][ C0] security_path_rename+0x188/0x1f0
[ 546.772931][ C0] do_renameat2+0x562/0x990
[ 546.777466][ C0] ? getname_flags+0x173/0x3d0
[ 546.782235][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 546.788060][ C0] __x64_sys_rename+0x58/0x60
[ 546.793453][ C0] do_syscall_64+0x39/0x80
[ 546.798831][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 546.804738][ C0] RIP: 0033:0x7f6cba875d47
[ 546.809424][ C0] Code: 75 12 48 89 df e8 19 84 07 00 85 c0 0f 95 c0 0f b6 c0 f7 d8 5b c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 52 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 21 41 33 00 f7 d8 64 89 01 48
[ 546.829042][ C0] RSP: 002b:00007fff78b3a6c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[ 546.837519][ C0] RAX: ffffffffffffffda RBX: 0000559944fb01d0 RCX: 00007f6cba875d47
[ 546.845504][ C0] RDX: 0000000000000000 RSI: 00007fff78b3a6d0 RDI: 0000559944fb0160
[ 546.853484][ C0] RBP: 00007fff78b3a790 R08: 0000559944fc2de0 R09: 0000559944fc2d00
[ 546.861463][ C0] R10: 00007f6cbba7a8c0 R11: 0000000000000246 R12: 00007fff78b3a6d0
[ 546.869440][ C0] R13: 0000000000000001 R14: 0000559944ae76cb R15: 0000000000000000
[ 546.877786][ C0] ---[ end trace 6a9a87c08c22e07f ]---
[ 546.883645][ C0] ------------[ cut here ]------------
19:30:23 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x5})
19:30:23 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x2, r2}, 0x38)
[ 546.889103][ C0] WARNING: CPU: 0 PID: 27976 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 546.899968][ C0] Modules linked in:
[ 546.903863][ C0] CPU: 0 PID: 27976 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 546.914388][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 546.924619][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 546.930598][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 546.950211][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 546.956288][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000023 RCX: ffff88810d993000
[ 546.964367][ C0] RDX: 0000000080010000 RSI: 0000000000000023 RDI: 0000000000000001
[ 546.972345][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 546.980928][ C0] R10: 0001ffffffffffff R11: ffff88810d993000 R12: ffff88813bc1da58
[ 546.988893][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 546.996884][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 547.005927][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 547.012529][ C0] CR2: 00007fff78b8e690 CR3: 000000010a768000 CR4: 00000000001506f0
[ 547.020494][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 547.028454][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 547.036431][ C0] Call Trace:
[ 547.039760][ C0]
[ 547.042606][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 547.048406][ C0] __run_hrtimer+0x163/0x460
[ 547.054288][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 547.060123][ C0] hrtimer_interrupt+0x380/0xaf0
[ 547.065057][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 547.071134][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 547.076756][ C0]
[ 547.079671][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 547.085652][ C0] RIP: 0010:__sanitizer_cov_trace_switch+0x2c/0x100
[ 547.092381][ C0] Code: 41 56 41 54 53 48 8b 4e 08 48 83 c1 f8 48 89 c8 48 c1 c0 3d 48 83 f8 07 0f 87 d3 00 00 00 48 c1 e9 03 ba 8b 00 00 00 0f a3 ca <0f> 83 c1 00 00 00 4c 8b 16 4d 85 d2 0f 84 b5 00 00 00 4c 8b 04 c5
[ 547.112337][ C0] RSP: 0018:ffffc900011ebaa0 EFLAGS: 00000247
[ 547.118399][ C0] RAX: 0000000000000000 RBX: ffff88810af9a240 RCX: 0000000000000000
[ 547.126358][ C0] RDX: 000000000000008b RSI: ffffffff878b7140 RDI: 0000000000000001
[ 547.134321][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff8277437c
[ 547.142288][ C0] R10: 0000000000000007 R11: ffff88810d993000 R12: 00000000000002e2
[ 547.150335][ C0] R13: ffff888107a43800 R14: ffffc900011ebc20 R15: ffff888107a43810
[ 547.158391][ C0] ? tomoyo_domain_quota_is_ok+0xbc/0x2f0
[ 547.164217][ C0] tomoyo_domain_quota_is_ok+0xbc/0x2f0
[ 547.169760][ C0] tomoyo_supervisor+0x1f4/0xb40
[ 547.174728][ C0] ? tomoyo_path2_perm+0x380/0x380
[ 547.179843][ C0] tomoyo_path2_perm+0x2db/0x380
[ 547.184787][ C0] tomoyo_path_rename+0x66/0x90
[ 547.189666][ C0] security_path_rename+0x188/0x1f0
[ 547.195033][ C0] do_renameat2+0x562/0x990
[ 547.199526][ C0] ? getname_flags+0x173/0x3d0
[ 547.204300][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 547.209576][ C0] __x64_sys_rename+0x58/0x60
[ 547.214247][ C0] do_syscall_64+0x39/0x80
[ 547.218667][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 547.224579][ C0] RIP: 0033:0x7f6cba875d47
[ 547.229000][ C0] Code: 75 12 48 89 df e8 19 84 07 00 85 c0 0f 95 c0 0f b6 c0 f7 d8 5b c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 52 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 21 41 33 00 f7 d8 64 89 01 48
[ 547.249071][ C0] RSP: 002b:00007fff78b3a6c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[ 547.257486][ C0] RAX: ffffffffffffffda RBX: 0000559944fb01d0 RCX: 00007f6cba875d47
[ 547.265446][ C0] RDX: 0000000000000000 RSI: 00007fff78b3a6d0 RDI: 0000559944fb0160
[ 547.273444][ C0] RBP: 00007fff78b3a790 R08: 0000559944fc2de0 R09: 0000559944fc2d00
[ 547.281519][ C0] R10: 00007f6cbba7a8c0 R11: 0000000000000246 R12: 00007fff78b3a6d0
[ 547.289500][ C0] R13: 0000000000000001 R14: 0000559944ae76cb R15: 0000000000000000
[ 547.297464][ C0] ---[ end trace 6a9a87c08c22e080 ]---
[ 547.303284][ C0] ------------[ cut here ]------------
[ 547.309035][ C0] WARNING: CPU: 0 PID: 27976 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 547.319954][ C0] Modules linked in:
[ 547.323887][ C0] CPU: 0 PID: 27976 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 547.334219][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 547.344404][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 547.350485][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 547.370177][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 547.376240][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810d993000
[ 547.384219][ C0] RDX: 0000000080010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 547.392211][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 547.400325][ C0] R10: 0001ffffffffffff R11: 000000000000030d R12: ffff88813bc1da58
[ 547.408304][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 547.416282][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 547.425201][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 547.431785][ C0] CR2: 00007fff78b8e690 CR3: 000000010a768000 CR4: 00000000001506f0
[ 547.439750][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 547.447725][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 547.455996][ C0] Call Trace:
[ 547.459261][ C0]
[ 547.462131][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 547.467942][ C0] __run_hrtimer+0x163/0x460
[ 547.472560][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 547.478379][ C0] hrtimer_interrupt+0x380/0xaf0
[ 547.483349][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 547.489270][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 547.494891][ C0]
[ 547.497822][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 547.503833][ C0] RIP: 0010:__sanitizer_cov_trace_switch+0x2c/0x100
[ 547.510425][ C0] Code: 41 56 41 54 53 48 8b 4e 08 48 83 c1 f8 48 89 c8 48 c1 c0 3d 48 83 f8 07 0f 87 d3 00 00 00 48 c1 e9 03 ba 8b 00 00 00 0f a3 ca <0f> 83 c1 00 00 00 4c 8b 16 4d 85 d2 0f 84 b5 00 00 00 4c 8b 04 c5
[ 547.530039][ C0] RSP: 0018:ffffc900011ebaa0 EFLAGS: 00000247
[ 547.536109][ C0] RAX: 0000000000000000 RBX: ffff88810af9a240 RCX: 0000000000000000
[ 547.544084][ C0] RDX: 000000000000008b RSI: ffffffff878b7140 RDI: 0000000000000001
[ 547.552057][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff8277437c
[ 547.560177][ C0] R10: 0000000000000007 R11: ffff88810d993000 R12: 00000000000002e2
[ 547.568273][ C0] R13: ffff888107a43800 R14: ffffc900011ebc20 R15: ffff888107a43810
[ 547.576272][ C0] ? tomoyo_domain_quota_is_ok+0xbc/0x2f0
[ 547.581983][ C0] tomoyo_domain_quota_is_ok+0xbc/0x2f0
[ 547.587520][ C0] tomoyo_supervisor+0x1f4/0xb40
[ 547.592487][ C0] ? tomoyo_path2_perm+0x380/0x380
[ 547.597818][ C0] tomoyo_path2_perm+0x2db/0x380
[ 547.602794][ C0] tomoyo_path_rename+0x66/0x90
[ 547.607772][ C0] security_path_rename+0x188/0x1f0
[ 547.612958][ C0] do_renameat2+0x562/0x990
[ 547.617487][ C0] ? getname_flags+0x173/0x3d0
[ 547.622244][ C0] ? syscall_trace_enter+0x153/0x2b0
[ 547.627519][ C0] __x64_sys_rename+0x58/0x60
[ 547.632200][ C0] do_syscall_64+0x39/0x80
[ 547.636612][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 547.642511][ C0] RIP: 0033:0x7f6cba875d47
[ 547.646913][ C0] Code: 75 12 48 89 df e8 19 84 07 00 85 c0 0f 95 c0 0f b6 c0 f7 d8 5b c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 52 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 21 41 33 00 f7 d8 64 89 01 48
[ 547.666633][ C0] RSP: 002b:00007fff78b3a6c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[ 547.675050][ C0] RAX: ffffffffffffffda RBX: 0000559944fb01d0 RCX: 00007f6cba875d47
[ 547.683017][ C0] RDX: 0000000000000000 RSI: 00007fff78b3a6d0 RDI: 0000559944fb0160
[ 547.690990][ C0] RBP: 00007fff78b3a790 R08: 0000559944fc2de0 R09: 0000559944fc2d00
19:30:24 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x706, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 547.698961][ C0] R10: 00007f6cbba7a8c0 R11: 0000000000000246 R12: 00007fff78b3a6d0
[ 547.706933][ C0] R13: 0000000000000001 R14: 0000559944ae76cb R15: 0000000000000000
[ 547.715023][ C0] ---[ end trace 6a9a87c08c22e081 ]---
19:30:24 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 547.789048][T28002] FAULT_INJECTION: forcing a failure.
[ 547.789048][T28002] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 547.802133][T28002] CPU: 0 PID: 28002 Comm: syz-executor.3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 547.812464][T28002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 547.822667][T28002] Call Trace:
[ 547.826141][T28002] dump_stack+0x137/0x19d
[ 547.830536][T28002] should_fail+0x23c/0x250
[ 547.834966][T28002] should_fail_usercopy+0x16/0x20
[ 547.840146][T28002] strncpy_from_user+0x21/0x250
[ 547.845135][T28002] getname_flags+0xb8/0x3d0
[ 547.849708][T28002] getname+0x15/0x20
[ 547.853618][T28002] do_sys_openat2+0x5b/0x250
[ 547.858253][T28002] __x64_sys_openat+0xef/0x110
[ 547.863040][T28002] do_syscall_64+0x39/0x80
[ 547.867492][T28002] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 547.873708][T28002] RIP: 0033:0x419544
19:30:24 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x2, r2}, 0x38)
[ 547.882211][T28002] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 547.901836][T28002] RSP: 002b:00007f1ce1f34cc0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 547.910367][T28002] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000419544
[ 547.918366][T28002] RDX: 0000000000000000 RSI: 00007f1ce1f34d60 RDI: 00000000ffffff9c
[ 547.926348][T28002] RBP: 00007f1ce1f34d60 R08: 0000000000000000 R09: 0023647261632f69
19:30:24 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x708, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 547.934416][T28002] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 547.942483][T28002] R13: 00007ffce2f6f37f R14: 00007f1ce1f35300 R15: 0000000000022000
[ 547.950818][ C0] ------------[ cut here ]------------
[ 547.956294][ C0] WARNING: CPU: 0 PID: 28002 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 547.967925][ C0] Modules linked in:
[ 547.972001][ C0] CPU: 0 PID: 28002 Comm: syz-executor.3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 547.982160][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 547.992250][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 547.998279][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 548.018134][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 548.024190][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000027 RCX: ffff88810e62f000
[ 548.032153][ C0] RDX: 0000000000010001 RSI: 0000000000000027 RDI: 0000000000000001
[ 548.040128][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 548.048099][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 548.056203][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 548.064188][ C0] FS: 00007f1ce1f35700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 548.073116][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 548.079892][ C0] CR2: 00007f1ce1f34f78 CR3: 0000000009760000 CR4: 00000000001506f0
[ 548.088103][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 548.096587][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 548.104728][ C0] Call Trace:
[ 548.108022][ C0]
[ 548.110848][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 548.116659][ C0] __run_hrtimer+0x163/0x460
[ 548.121460][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 548.127921][ C0] hrtimer_interrupt+0x380/0xaf0
[ 548.132851][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 548.138776][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 548.144420][ C0]
[ 548.147355][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 548.153341][ C0] RIP: 0010:preempt_schedule_irq+0x3e/0x80
[ 548.159148][ C0] Code: 05 9f 10 77 7a a9 ff ff ff 7f 75 53 9c 8f 04 24 f7 04 24 00 02 00 00 75 46 0f 1f 00 65 83 05 80 10 77 7a 01 fb bf 01 00 00 00 2d f8 ff ff fa 65 83 05 6c 10 77 7a ff 65 48 8b 04 25 00 6d 01
[ 548.180074][ C0] RSP: 0018:ffffc90003523c98 EFLAGS: 00000202
[ 548.187179][ C0] RAX: 0000000000000000 RBX: ffff88810e62f000 RCX: ffffffff85a00e37
[ 548.196095][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 548.204168][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 548.214693][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 548.222682][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 548.230818][ C0] ? native_iret+0x7/0x7
[ 548.235227][ C0] irqentry_exit_cond_resched+0x30/0x40
[ 548.240999][ C0] irqentry_exit+0x2a/0x40
[ 548.245798][ C0] asm_sysvec_reschedule_ipi+0x12/0x20
[ 548.251251][ C0] RIP: 0010:dump_stack+0x17d/0x19d
[ 548.256469][ C0] Code: 00 02 00 00 31 ff e8 cf 29 a0 fe 49 81 e7 00 02 00 00 75 07 e8 11 25 a0 fe eb 06 e8 0a 25 a0 fe fb 65 48 8b 04 25 28 00 00 00 <48> 3b 44 24 08 75 0b 48 83 c4 10 5b 41 5e 41 5f 5d c3 e8 09 61 e3
[ 548.276387][ C0] RSP: 0018:ffffc90003523d70 EFLAGS: 00000283
[ 548.283797][ C0] RAX: 44f5a06cf9bac700 RBX: 00000000ffffffff RCX: 0000000000040000
[ 548.291915][ C0] RDX: ffffc9000eca9000 RSI: 000000000001347b RDI: 000000000001347c
[ 548.299908][ C0] RBP: 0000000000000000 R08: ffffffff82a60be1 R09: 000188810e62f3cf
[ 548.307890][ C0] R10: 0001ffffffffffff R11: ffff88810e62f000 R12: ffffffff878d26e8
[ 548.316523][ C0] R13: 0000000000000001 R14: ffffffff878d2700 R15: 0000000000000200
[ 548.324861][ C0] ? dump_stack+0x15e/0x19d
[ 548.329457][ C0] should_fail+0x23c/0x250
[ 548.333896][ C0] should_fail_usercopy+0x16/0x20
[ 548.338915][ C0] strncpy_from_user+0x21/0x250
[ 548.343765][ C0] getname_flags+0xb8/0x3d0
[ 548.348258][ C0] getname+0x15/0x20
[ 548.352246][ C0] do_sys_openat2+0x5b/0x250
[ 548.356847][ C0] __x64_sys_openat+0xef/0x110
[ 548.362056][ C0] do_syscall_64+0x39/0x80
[ 548.367640][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 548.373716][ C0] RIP: 0033:0x419544
[ 548.378555][ C0] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 548.398609][ C0] RSP: 002b:00007f1ce1f34cc0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 548.407308][ C0] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000419544
[ 548.415283][ C0] RDX: 0000000000000000 RSI: 00007f1ce1f34d60 RDI: 00000000ffffff9c
[ 548.423245][ C0] RBP: 00007f1ce1f34d60 R08: 0000000000000000 R09: 0023647261632f69
[ 548.432647][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 548.440616][ C0] R13: 00007ffce2f6f37f R14: 00007f1ce1f35300 R15: 0000000000022000
[ 548.448581][ C0] ---[ end trace 6a9a87c08c22e082 ]---
[ 548.454523][ C0] ------------[ cut here ]------------
[ 548.459982][ C0] WARNING: CPU: 0 PID: 28002 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 548.471017][ C0] Modules linked in:
[ 548.474931][ C0] CPU: 0 PID: 28002 Comm: syz-executor.3 Tainted: G W 5.12.0-rc3-syzkaller #0
19:30:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x40049409, &(0x7f0000000040)={0x4})
[ 548.485211][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 548.495360][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 548.501387][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 548.521031][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 548.527117][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001e RCX: ffff88810e62f000
[ 548.535095][ C0] RDX: 0000000000010001 RSI: 000000000000001e RDI: 0000000000000001
[ 548.543078][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 548.551080][ C0] R10: 0001ffffffffffff R11: ffff88810e62f000 R12: ffff88813bc1da58
[ 548.559063][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 548.567048][ C0] FS: 00007f1ce1f35700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 548.576381][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 548.582958][ C0] CR2: 00007f1ce1f34f78 CR3: 0000000009760000 CR4: 00000000001506f0
[ 548.590937][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 548.599060][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 548.607156][ C0] Call Trace:
[ 548.610469][ C0]
[ 548.613327][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 548.619140][ C0] __run_hrtimer+0x163/0x460
[ 548.623748][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 548.629594][ C0] hrtimer_interrupt+0x380/0xaf0
[ 548.634554][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 548.640456][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 548.646545][ C0]
[ 548.649491][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 548.655481][ C0] RIP: 0010:preempt_schedule_irq+0x3e/0x80
[ 548.661299][ C0] Code: 05 9f 10 77 7a a9 ff ff ff 7f 75 53 9c 8f 04 24 f7 04 24 00 02 00 00 75 46 0f 1f 00 65 83 05 80 10 77 7a 01 fb bf 01 00 00 00 2d f8 ff ff fa 65 83 05 6c 10 77 7a ff 65 48 8b 04 25 00 6d 01
[ 548.680918][ C0] RSP: 0018:ffffc90003523c98 EFLAGS: 00000202
[ 548.686991][ C0] RAX: 0000000000000000 RBX: ffff88810e62f000 RCX: ffffffff85a00e37
[ 548.694970][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 548.702955][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 548.710935][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 548.718923][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 548.726907][ C0] ? native_iret+0x7/0x7
[ 548.731180][ C0] irqentry_exit_cond_resched+0x30/0x40
[ 548.736772][ C0] irqentry_exit+0x2a/0x40
[ 548.741222][ C0] asm_sysvec_reschedule_ipi+0x12/0x20
[ 548.746693][ C0] RIP: 0010:dump_stack+0x17d/0x19d
[ 548.751856][ C0] Code: 00 02 00 00 31 ff e8 cf 29 a0 fe 49 81 e7 00 02 00 00 75 07 e8 11 25 a0 fe eb 06 e8 0a 25 a0 fe fb 65 48 8b 04 25 28 00 00 00 <48> 3b 44 24 08 75 0b 48 83 c4 10 5b 41 5e 41 5f 5d c3 e8 09 61 e3
[ 548.771482][ C0] RSP: 0018:ffffc90003523d70 EFLAGS: 00000283
[ 548.777554][ C0] RAX: 44f5a06cf9bac700 RBX: 00000000ffffffff RCX: 0000000000040000
[ 548.785530][ C0] RDX: ffffc9000eca9000 RSI: 000000000001347b RDI: 000000000001347c
[ 548.793526][ C0] RBP: 0000000000000000 R08: ffffffff82a60be1 R09: 000188810e62f3cf
[ 548.801602][ C0] R10: 0001ffffffffffff R11: ffff88810e62f000 R12: ffffffff878d26e8
[ 548.809586][ C0] R13: 0000000000000001 R14: ffffffff878d2700 R15: 0000000000000200
[ 548.817866][ C0] ? dump_stack+0x15e/0x19d
[ 548.822397][ C0] should_fail+0x23c/0x250
[ 548.826832][ C0] should_fail_usercopy+0x16/0x20
[ 548.831880][ C0] strncpy_from_user+0x21/0x250
[ 548.836757][ C0] getname_flags+0xb8/0x3d0
[ 548.841269][ C0] getname+0x15/0x20
[ 548.845177][ C0] do_sys_openat2+0x5b/0x250
[ 548.849795][ C0] __x64_sys_openat+0xef/0x110
[ 548.854571][ C0] do_syscall_64+0x39/0x80
[ 548.858999][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 548.864910][ C0] RIP: 0033:0x419544
[ 548.868812][ C0] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 548.888722][ C0] RSP: 002b:00007f1ce1f34cc0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 548.897674][ C0] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000419544
[ 548.905682][ C0] RDX: 0000000000000000 RSI: 00007f1ce1f34d60 RDI: 00000000ffffff9c
[ 548.913716][ C0] RBP: 00007f1ce1f34d60 R08: 0000000000000000 R09: 0023647261632f69
[ 548.921757][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 548.929771][ C0] R13: 00007ffce2f6f37f R14: 00007f1ce1f35300 R15: 0000000000022000
[ 548.938133][ C0] ---[ end trace 6a9a87c08c22e083 ]---
[ 548.943969][ C0] ------------[ cut here ]------------
[ 548.949457][ C0] WARNING: CPU: 0 PID: 28002 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 548.960329][ C0] Modules linked in:
[ 548.964249][ C0] CPU: 0 PID: 28002 Comm: syz-executor.3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 548.974418][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 548.984561][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 548.990555][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 549.010170][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 549.016271][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001e RCX: ffff88810e62f000
[ 549.024253][ C0] RDX: 0000000000010001 RSI: 000000000000001e RDI: 0000000000000001
[ 549.032232][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 549.041645][ C0] R10: 0001ffffffffffff R11: ffff88810e62f000 R12: ffff88813bc1da58
[ 549.049628][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 549.057607][ C0] FS: 00007f1ce1f35700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 549.066549][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 549.073169][ C0] CR2: 00007f1ce1f34f78 CR3: 0000000009760000 CR4: 00000000001506f0
[ 549.081158][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 549.089140][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 549.097125][ C0] Call Trace:
[ 549.100427][ C0]
[ 549.103276][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 549.109100][ C0] __run_hrtimer+0x163/0x460
[ 549.113726][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 549.119573][ C0] hrtimer_interrupt+0x380/0xaf0
[ 549.124532][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 549.130463][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 549.136155][ C0]
[ 549.139105][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 549.145134][ C0] RIP: 0010:preempt_schedule_irq+0x3e/0x80
[ 549.150993][ C0] Code: 05 9f 10 77 7a a9 ff ff ff 7f 75 53 9c 8f 04 24 f7 04 24 00 02 00 00 75 46 0f 1f 00 65 83 05 80 10 77 7a 01 fb bf 01 00 00 00 2d f8 ff ff fa 65 83 05 6c 10 77 7a ff 65 48 8b 04 25 00 6d 01
[ 549.171577][ C0] RSP: 0018:ffffc90003523c98 EFLAGS: 00000202
[ 549.177650][ C0] RAX: 0000000000000000 RBX: ffff88810e62f000 RCX: ffffffff85a00e37
[ 549.185627][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 549.193635][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 549.201619][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 549.210044][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 549.218026][ C0] ? native_iret+0x7/0x7
[ 549.222301][ C0] irqentry_exit_cond_resched+0x30/0x40
[ 549.227870][ C0] irqentry_exit+0x2a/0x40
[ 549.232294][ C0] asm_sysvec_reschedule_ipi+0x12/0x20
[ 549.237757][ C0] RIP: 0010:dump_stack+0x17d/0x19d
[ 549.242894][ C0] Code: 00 02 00 00 31 ff e8 cf 29 a0 fe 49 81 e7 00 02 00 00 75 07 e8 11 25 a0 fe eb 06 e8 0a 25 a0 fe fb 65 48 8b 04 25 28 00 00 00 <48> 3b 44 24 08 75 0b 48 83 c4 10 5b 41 5e 41 5f 5d c3 e8 09 61 e3
[ 549.262508][ C0] RSP: 0018:ffffc90003523d70 EFLAGS: 00000283
[ 549.268583][ C0] RAX: 44f5a06cf9bac700 RBX: 00000000ffffffff RCX: 0000000000040000
[ 549.276563][ C0] RDX: ffffc9000eca9000 RSI: 000000000001347b RDI: 000000000001347c
[ 549.284540][ C0] RBP: 0000000000000000 R08: ffffffff82a60be1 R09: 000188810e62f3cf
[ 549.292515][ C0] R10: 0001ffffffffffff R11: ffff88810e62f000 R12: ffffffff878d26e8
[ 549.300506][ C0] R13: 0000000000000001 R14: ffffffff878d2700 R15: 0000000000000200
[ 549.308508][ C0] ? dump_stack+0x15e/0x19d
[ 549.313022][ C0] should_fail+0x23c/0x250
[ 549.317438][ C0] should_fail_usercopy+0x16/0x20
[ 549.322561][ C0] strncpy_from_user+0x21/0x250
[ 549.327428][ C0] getname_flags+0xb8/0x3d0
[ 549.331938][ C0] getname+0x15/0x20
[ 549.335849][ C0] do_sys_openat2+0x5b/0x250
[ 549.340455][ C0] __x64_sys_openat+0xef/0x110
[ 549.345308][ C0] do_syscall_64+0x39/0x80
[ 549.349763][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 549.355663][ C0] RIP: 0033:0x419544
[ 549.359567][ C0] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 549.379180][ C0] RSP: 002b:00007f1ce1f34cc0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 549.387685][ C0] RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000419544
19:30:26 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
[ 549.395662][ C0] RDX: 0000000000000000 RSI: 00007f1ce1f34d60 RDI: 00000000ffffff9c
[ 549.403651][ C0] RBP: 00007f1ce1f34d60 R08: 0000000000000000 R09: 0023647261632f69
[ 549.411659][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 549.419676][ C0] R13: 00007ffce2f6f37f R14: 00007f1ce1f35300 R15: 0000000000022000
[ 549.427664][ C0] ---[ end trace 6a9a87c08c22e084 ]---
19:30:26 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x709, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:26 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x70a, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:26 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x70b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 549.533495][ C0] ------------[ cut here ]------------
[ 549.539030][ C0] WARNING: CPU: 0 PID: 28019 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 549.549927][ C0] Modules linked in:
[ 549.553823][ C0] CPU: 0 PID: 28019 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 549.564340][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 549.574500][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:26 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x70f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 549.580524][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 549.600144][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 549.606835][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000023 RCX: ffff88802ba5c000
[ 549.614813][ C0] RDX: 0000000080010000 RSI: 0000000000000023 RDI: 0000000000000001
[ 549.622811][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 549.633256][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 549.641321][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 549.649428][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 549.658374][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 549.664961][ C0] CR2: 00000000005400f8 CR3: 000000010d9af000 CR4: 00000000001506f0
[ 549.672965][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 549.681091][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 549.689072][ C0] Call Trace:
[ 549.692358][ C0]
[ 549.695185][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 549.701009][ C0] __run_hrtimer+0x163/0x460
[ 549.705595][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 549.711877][ C0] hrtimer_interrupt+0x380/0xaf0
[ 549.716834][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 549.722777][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 549.728418][ C0]
[ 549.731355][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 549.737368][ C0] RIP: 0010:alloc_pages_vma+0x1/0x890
[ 549.742737][ C0] Code: da ff b3 01 4c 89 f7 e8 ad 21 1f 04 89 d8 5b 41 5c 41 5e 41 5f c3 e8 de 9f da ff 0f 0b 66 66 2e 0f 1f 84 00 00 00 00 00 90 55 <41> 57 41 56 41 55 41 54 53 48 83 ec 20 45 89 cf 44 89 c3 48 89 cd
[ 549.762362][ C0] RSP: 0018:ffffc900011eb888 EFLAGS: 00000246
[ 549.768455][ C0] RAX: 0000000000000000 RBX: ffffc900011eb938 RCX: 0000000000000000
[ 549.776688][ C0] RDX: ffffc900011eb8c0 RSI: 0000000000000000 RDI: 0000000000100cca
[ 549.785198][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 549.793190][ C0] R10: 0000000000000003 R11: ffff88802ba5c000 R12: 0000000000000000
[ 549.801155][ C0] R13: ffff8881093f3100 R14: 0000000000000001 R15: ffffc900011eb8c0
[ 549.809145][ C0] shmem_alloc_and_acct_page+0x2ba/0x640
[ 549.814776][ C0] shmem_getpage_gfp+0x6c6/0x1980
[ 549.819832][ C0] shmem_fault+0x16c/0x450
[ 549.824259][ C0] do_read_fault+0x2e1/0x530
[ 549.828876][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 549.834673][ C0] handle_mm_fault+0x1019/0x1840
[ 549.839640][ C0] __get_user_pages+0xa47/0x1000
[ 549.844579][ C0] __mm_populate+0x24d/0x380
[ 549.849178][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 549.853787][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 549.858623][ C0] ? switch_fpu_return+0xa/0x10
[ 549.863488][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 549.869232][ C0] do_syscall_64+0x39/0x80
[ 549.873674][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 549.879707][ C0] RIP: 0033:0x466459
[ 549.883593][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 549.903225][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 549.911666][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 549.919727][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 549.927981][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 549.935972][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 549.943948][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 549.951917][ C0] ---[ end trace 6a9a87c08c22e085 ]---
[ 549.957709][ C0] ------------[ cut here ]------------
[ 549.963163][ C0] WARNING: CPU: 0 PID: 28019 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 549.974030][ C0] Modules linked in:
19:30:26 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x6})
19:30:26 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x710, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:26 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:26 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x711, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 549.977926][ C0] CPU: 0 PID: 28019 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 549.988085][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 549.998146][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 550.004152][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 550.023779][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 550.029877][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88802ba5c000
[ 550.037897][ C0] RDX: 0000000000010000 RSI: 000000000000001a RDI: 0000000000000001
[ 550.045885][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 550.053904][ C0] R10: 0001ffffffffffff R11: ffff88802ba5c000 R12: ffff88813bc1da58
[ 550.061982][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 550.070051][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 550.079001][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 550.085715][ C0] CR2: 00000000005400f8 CR3: 000000010d9af000 CR4: 00000000001506f0
[ 550.094025][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 550.101982][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 550.109950][ C0] Call Trace:
[ 550.113323][ C0]
[ 550.116189][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 550.122003][ C0] __run_hrtimer+0x163/0x460
[ 550.126599][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 550.132392][ C0] hrtimer_interrupt+0x380/0xaf0
[ 550.137333][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 550.143236][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 550.148883][ C0]
[ 550.151839][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 550.157812][ C0] RIP: 0010:alloc_pages_vma+0x1/0x890
[ 550.163182][ C0] Code: da ff b3 01 4c 89 f7 e8 ad 21 1f 04 89 d8 5b 41 5c 41 5e 41 5f c3 e8 de 9f da ff 0f 0b 66 66 2e 0f 1f 84 00 00 00 00 00 90 55 <41> 57 41 56 41 55 41 54 53 48 83 ec 20 45 89 cf 44 89 c3 48 89 cd
[ 550.183065][ C0] RSP: 0018:ffffc900011eb888 EFLAGS: 00000246
[ 550.189248][ C0] RAX: 0000000000000000 RBX: ffffc900011eb938 RCX: 0000000000000000
[ 550.197211][ C0] RDX: ffffc900011eb8c0 RSI: 0000000000000000 RDI: 0000000000100cca
[ 550.205174][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 550.213147][ C0] R10: 0000000000000003 R11: ffff88802ba5c000 R12: 0000000000000000
[ 550.221123][ C0] R13: ffff8881093f3100 R14: 0000000000000001 R15: ffffc900011eb8c0
[ 550.229093][ C0] shmem_alloc_and_acct_page+0x2ba/0x640
[ 550.234771][ C0] shmem_getpage_gfp+0x6c6/0x1980
[ 550.239823][ C0] shmem_fault+0x16c/0x450
[ 550.244256][ C0] do_read_fault+0x2e1/0x530
[ 550.248834][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 550.254637][ C0] handle_mm_fault+0x1019/0x1840
[ 550.259581][ C0] __get_user_pages+0xa47/0x1000
[ 550.264504][ C0] __mm_populate+0x24d/0x380
[ 550.269089][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 550.273682][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 550.278343][ C0] ? switch_fpu_return+0xa/0x10
[ 550.283193][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 550.288904][ C0] do_syscall_64+0x39/0x80
[ 550.293318][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 550.299235][ C0] RIP: 0033:0x466459
[ 550.303204][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 550.322883][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 550.331327][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 550.339290][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 550.347386][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 550.355455][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 550.363432][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 550.371601][ C0] ---[ end trace 6a9a87c08c22e086 ]---
[ 550.377584][ C0] ------------[ cut here ]------------
[ 550.383160][ C0] WARNING: CPU: 0 PID: 28019 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 550.394185][ C0] Modules linked in:
[ 550.398123][ C0] CPU: 0 PID: 28019 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 550.408269][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 550.419289][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 550.425267][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 550.444872][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 550.450938][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88802ba5c000
[ 550.458913][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 550.466872][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 550.474833][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 550.482808][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 550.490794][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 550.499714][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 550.506291][ C0] CR2: 00000000005400f8 CR3: 000000010d9af000 CR4: 00000000001506f0
[ 550.514360][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 550.522410][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 550.530482][ C0] Call Trace:
[ 550.533834][ C0]
[ 550.536685][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 550.542598][ C0] __run_hrtimer+0x163/0x460
[ 550.547185][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 550.553052][ C0] hrtimer_interrupt+0x380/0xaf0
[ 550.558009][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 550.563908][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 550.569557][ C0]
[ 550.572504][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 550.578471][ C0] RIP: 0010:alloc_pages_vma+0x1/0x890
[ 550.583852][ C0] Code: da ff b3 01 4c 89 f7 e8 ad 21 1f 04 89 d8 5b 41 5c 41 5e 41 5f c3 e8 de 9f da ff 0f 0b 66 66 2e 0f 1f 84 00 00 00 00 00 90 55 <41> 57 41 56 41 55 41 54 53 48 83 ec 20 45 89 cf 44 89 c3 48 89 cd
[ 550.603672][ C0] RSP: 0018:ffffc900011eb888 EFLAGS: 00000246
[ 550.609763][ C0] RAX: 0000000000000000 RBX: ffffc900011eb938 RCX: 0000000000000000
[ 550.617736][ C0] RDX: ffffc900011eb8c0 RSI: 0000000000000000 RDI: 0000000000100cca
[ 550.625705][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 550.634250][ C0] R10: 0000000000000003 R11: ffff88802ba5c000 R12: 0000000000000000
[ 550.642217][ C0] R13: ffff8881093f3100 R14: 0000000000000001 R15: ffffc900011eb8c0
[ 550.650203][ C0] shmem_alloc_and_acct_page+0x2ba/0x640
[ 550.655886][ C0] shmem_getpage_gfp+0x6c6/0x1980
[ 550.660899][ C0] shmem_fault+0x16c/0x450
[ 550.665305][ C0] do_read_fault+0x2e1/0x530
[ 550.669898][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 550.675725][ C0] handle_mm_fault+0x1019/0x1840
[ 550.680677][ C0] __get_user_pages+0xa47/0x1000
[ 550.685609][ C0] __mm_populate+0x24d/0x380
[ 550.690273][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 550.694875][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 550.699551][ C0] ? switch_fpu_return+0xa/0x10
[ 550.704558][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 550.710285][ C0] do_syscall_64+0x39/0x80
[ 550.714780][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 550.720730][ C0] RIP: 0033:0x466459
[ 550.724609][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 550.744237][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 550.752654][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 550.760630][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 550.768606][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 550.776576][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 550.784568][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 550.792543][ C0] ---[ end trace 6a9a87c08c22e087 ]---
[ 550.898631][ C0] ------------[ cut here ]------------
[ 550.904336][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 550.914866][ C0] Modules linked in:
[ 550.918789][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 550.928174][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 550.938225][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 550.944206][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 550.963912][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 550.969961][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffffffff87630780
[ 550.977930][ C0] RDX: 0000000000010001 RSI: 000000000000001f RDI: 0000000000000001
[ 550.985884][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 550.994209][ C0] R10: 0001ffffffffffff R11: 00000000000001f1 R12: ffff88813bc1da58
[ 551.002663][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 551.010783][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 551.019920][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 551.026490][ C0] CR2: 00007f11102abd58 CR3: 0000000107ad0000 CR4: 00000000001506f0
[ 551.034447][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 551.042414][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 551.050416][ C0] Call Trace:
[ 551.053690][ C0]
[ 551.056527][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 551.062320][ C0] __run_hrtimer+0x163/0x460
[ 551.067004][ C0] hrtimer_interrupt+0x380/0xaf0
[ 551.071942][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 551.077822][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 551.083453][ C0]
[ 551.086363][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 551.092347][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 551.097995][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 551.117620][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 551.123691][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 551.131661][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 551.139645][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 551.147605][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 551.155609][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 551.163577][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 551.169021][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 551.173985][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 551.179123][ C0] cpuidle_enter+0x3c/0x60
[ 551.183526][ C0] do_idle+0x193/0x230
[ 551.187607][ C0] cpu_startup_entry+0x15/0x20
[ 551.192393][ C0] rest_init+0xd7/0xe0
[ 551.196444][ C0] ? time_init+0xc/0xc
[ 551.200496][ C0] arch_call_rest_init+0xa/0xb
[ 551.205257][ C0] start_kernel+0x5a1/0x626
[ 551.209783][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 551.215667][ C0] ---[ end trace 6a9a87c08c22e088 ]---
[ 551.221541][ C0] ------------[ cut here ]------------
[ 551.226999][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 551.237520][ C0] Modules linked in:
[ 551.241416][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 551.250794][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 551.260855][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 551.266878][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 551.286498][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
19:30:27 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x2, r2}, 0x38)
19:30:27 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x2)
19:30:27 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x4008744b, &(0x7f0000000040)={0x4})
19:30:27 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:27 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 551.293748][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000013 RCX: ffffffff87630780
[ 551.301732][ C0] RDX: 0000000000010001 RSI: 0000000000000013 RDI: 0000000000000001
[ 551.309719][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 551.317748][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 551.325757][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 551.333911][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 551.342854][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 551.349458][ C0] CR2: 00007f11102abd58 CR3: 0000000107ad0000 CR4: 00000000001506f0
[ 551.357547][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 551.365532][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 551.373560][ C0] Call Trace:
[ 551.376851][ C0]
[ 551.379710][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 551.385532][ C0] __run_hrtimer+0x163/0x460
[ 551.390135][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 551.395971][ C0] hrtimer_interrupt+0x380/0xaf0
19:30:28 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x3)
19:30:28 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x40186366, &(0x7f0000000040)={0x4})
19:30:28 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x2, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 551.400948][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 551.406869][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 551.412524][ C0]
[ 551.415491][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 551.421515][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 551.427172][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 551.446877][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 551.452967][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 551.461077][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 551.469063][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 551.477577][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 551.485559][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 551.493549][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 551.498528][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 551.503535][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 551.508687][ C0] cpuidle_enter+0x3c/0x60
[ 551.513126][ C0] do_idle+0x193/0x230
[ 551.517205][ C0] cpu_startup_entry+0x15/0x20
[ 551.521995][ C0] rest_init+0xd7/0xe0
[ 551.526073][ C0] ? time_init+0xc/0xc
[ 551.530153][ C0] arch_call_rest_init+0xa/0xb
[ 551.535141][ C0] start_kernel+0x5a1/0x626
[ 551.539665][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 551.545603][ C0] ---[ end trace 6a9a87c08c22e089 ]---
[ 551.551455][ C0] ------------[ cut here ]------------
[ 551.556925][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 551.567448][ C0] Modules linked in:
[ 551.571345][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 551.580736][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 551.590822][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 551.596825][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 551.616693][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 551.622774][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 551.630868][ C0] RDX: 0000000000010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 551.638834][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 551.646804][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 551.654908][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 551.662997][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 551.672273][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 551.678852][ C0] CR2: 00007f11102abd58 CR3: 0000000107ad0000 CR4: 00000000001506f0
[ 551.687015][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 551.694988][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 551.702950][ C0] Call Trace:
[ 551.706225][ C0]
[ 551.709062][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 551.716808][ C0] __run_hrtimer+0x163/0x460
[ 551.721410][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 551.727234][ C0] hrtimer_interrupt+0x380/0xaf0
[ 551.732185][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 551.738097][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 551.743904][ C0]
[ 551.746820][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 551.752790][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 551.758378][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 551.778105][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 551.784170][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 551.792144][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 551.800120][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 551.808083][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 551.816055][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 551.824080][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 551.830320][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 551.835918][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 551.841497][ C0] cpuidle_enter+0x3c/0x60
[ 551.845913][ C0] do_idle+0x193/0x230
[ 551.850081][ C0] cpu_startup_entry+0x15/0x20
[ 551.854928][ C0] rest_init+0xd7/0xe0
[ 551.859118][ C0] ? time_init+0xc/0xc
[ 551.863208][ C0] arch_call_rest_init+0xa/0xb
[ 551.868131][ C0] start_kernel+0x5a1/0x626
[ 551.873123][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 551.879641][ C0] ---[ end trace 6a9a87c08c22e08a ]---
[ 551.985351][ C0] ------------[ cut here ]------------
[ 551.990983][ C0] WARNING: CPU: 0 PID: 28054 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 552.001898][ C0] Modules linked in:
[ 552.005791][ C0] CPU: 0 PID: 28054 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 552.015980][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 552.026049][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 552.032141][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 552.051918][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 552.057994][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88802c057000
[ 552.066212][ C0] RDX: 0000000080010001 RSI: 000000000000001a RDI: 0000000000000001
[ 552.074278][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 552.082239][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 552.090195][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 552.098163][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 552.107080][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 552.113773][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 552.121750][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 552.130993][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 552.139192][ C0] Call Trace:
[ 552.142558][ C0]
[ 552.146105][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 552.151947][ C0] __run_hrtimer+0x163/0x460
[ 552.156537][ C0] hrtimer_interrupt+0x380/0xaf0
[ 552.161488][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 552.167403][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 552.173179][ C0]
[ 552.176099][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 552.182251][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 552.188407][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 552.208140][ C0] RSP: 0018:ffffc90003e2b998 EFLAGS: 00000246
[ 552.214191][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011888100bd6c88
[ 552.222348][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 552.230314][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 552.238526][ C0] R10: ffffffff88f36fe8 R11: 0000000000000200 R12: 0000000000000017
[ 552.246611][ C0] R13: 000000000000000f R14: ffff888100bd6c88 R15: 0000000000000008
[ 552.254594][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 552.260139][ C0] workingset_activation+0xda/0x260
[ 552.265372][ C0] mark_page_accessed+0x505/0x5f0
[ 552.270416][ C0] zap_pte_range+0x4f8/0x13f0
[ 552.275095][ C0] ? futex_wake+0x349/0x3d0
[ 552.279624][ C0] unmap_page_range+0x540/0x650
[ 552.284465][ C0] unmap_single_vma+0x157/0x210
[ 552.289304][ C0] unmap_vmas+0xc0/0x170
[ 552.293593][ C0] exit_mmap+0x1be/0x400
[ 552.297826][ C0] __mmput+0xa2/0x220
[ 552.301808][ C0] mmput+0x3d/0x50
[ 552.305516][ C0] exit_mm+0x344/0x430
[ 552.309585][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 552.315403][ C0] ? taskstats_exit+0x334/0x730
[ 552.320247][ C0] ? acct_collect+0x3a4/0x400
[ 552.324922][ C0] do_exit+0x3ff/0x1670
[ 552.329072][ C0] ? zap_other_threads+0x1c2/0x1e0
[ 552.334309][ C0] do_group_exit+0x17d/0x180
[ 552.338895][ C0] __do_sys_exit_group+0xb/0x10
[ 552.344001][ C0] __se_sys_exit_group+0x5/0x10
[ 552.348841][ C0] __x64_sys_exit_group+0x16/0x20
[ 552.353879][ C0] do_syscall_64+0x39/0x80
[ 552.358400][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 552.364288][ C0] RIP: 0033:0x466459
[ 552.368187][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 552.375026][ C0] RSP: 002b:00007fff879691b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 552.383457][ C0] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000466459
[ 552.391419][ C0] RDX: 000000000041926b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 552.399391][ C0] RBP: 0000000000000000 R08: 000000000000099e R09: 0000000000000000
[ 552.407348][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 552.415506][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff879692b0
[ 552.423490][ C0] ---[ end trace 6a9a87c08c22e08b ]---
[ 552.429396][ C0] ------------[ cut here ]------------
[ 552.434886][ C0] WARNING: CPU: 0 PID: 28054 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 552.445764][ C0] Modules linked in:
[ 552.449664][ C0] CPU: 0 PID: 28054 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 552.459817][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 552.469877][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:29 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x7})
19:30:29 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:29 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x4)
19:30:29 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x3, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 552.475906][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 552.495539][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 552.501640][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff88802c057000
[ 552.509632][ C0] RDX: 0000000000010001 RSI: 000000000000001b RDI: 0000000000000001
[ 552.517641][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 552.525623][ C0] R10: 0001ffffffffffff R11: ffff88802c057000 R12: ffff88813bc1da58
[ 552.533636][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 552.541617][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 552.550556][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 552.557166][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 552.565128][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 552.573104][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 552.581068][ C0] Call Trace:
[ 552.584336][ C0]
[ 552.587186][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 552.593009][ C0] __run_hrtimer+0x163/0x460
[ 552.597607][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 552.603444][ C0] hrtimer_interrupt+0x380/0xaf0
[ 552.608382][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 552.614291][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 552.619944][ C0]
[ 552.622893][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 552.628862][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 552.635009][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 552.654751][ C0] RSP: 0018:ffffc90003e2b998 EFLAGS: 00000246
[ 552.660840][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011888100bd6c88
[ 552.668823][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 552.676826][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 552.685055][ C0] R10: ffffffff88f36fe8 R11: 0000000000000200 R12: 0000000000000017
[ 552.693046][ C0] R13: 000000000000000f R14: ffff888100bd6c88 R15: 0000000000000008
[ 552.701118][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 552.707437][ C0] workingset_activation+0xda/0x260
[ 552.712672][ C0] mark_page_accessed+0x505/0x5f0
[ 552.717712][ C0] zap_pte_range+0x4f8/0x13f0
[ 552.722415][ C0] ? futex_wake+0x349/0x3d0
[ 552.726927][ C0] unmap_page_range+0x540/0x650
[ 552.731809][ C0] unmap_single_vma+0x157/0x210
[ 552.736661][ C0] unmap_vmas+0xc0/0x170
[ 552.740914][ C0] exit_mmap+0x1be/0x400
[ 552.745160][ C0] __mmput+0xa2/0x220
[ 552.749160][ C0] mmput+0x3d/0x50
[ 552.752879][ C0] exit_mm+0x344/0x430
[ 552.756945][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 552.762759][ C0] ? taskstats_exit+0x334/0x730
[ 552.767641][ C0] ? acct_collect+0x3a4/0x400
[ 552.772422][ C0] do_exit+0x3ff/0x1670
[ 552.776724][ C0] ? zap_other_threads+0x1c2/0x1e0
[ 552.781881][ C0] do_group_exit+0x17d/0x180
[ 552.786597][ C0] __do_sys_exit_group+0xb/0x10
[ 552.791462][ C0] __se_sys_exit_group+0x5/0x10
[ 552.796312][ C0] __x64_sys_exit_group+0x16/0x20
[ 552.801387][ C0] do_syscall_64+0x39/0x80
[ 552.805807][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 552.811804][ C0] RIP: 0033:0x466459
[ 552.815687][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 552.822545][ C0] RSP: 002b:00007fff879691b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 552.830979][ C0] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000466459
[ 552.839282][ C0] RDX: 000000000041926b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 552.847242][ C0] RBP: 0000000000000000 R08: 000000000000099e R09: 0000000000000000
[ 552.855814][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 552.863805][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff879692b0
[ 552.871773][ C0] ---[ end trace 6a9a87c08c22e08c ]---
[ 552.878032][ C0] ------------[ cut here ]------------
[ 552.883492][ C0] WARNING: CPU: 0 PID: 28054 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 552.894379][ C0] Modules linked in:
[ 552.898313][ C0] CPU: 0 PID: 28054 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 552.908502][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 552.918562][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 552.924555][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 552.944329][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 552.950492][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff88802c057000
[ 552.958478][ C0] RDX: 0000000000010001 RSI: 000000000000001b RDI: 0000000000000001
[ 552.966473][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 552.974439][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 552.982416][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 552.990390][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 552.999325][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 553.005926][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 553.013908][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 553.023000][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 553.030959][ C0] Call Trace:
[ 553.034229][ C0]
[ 553.037247][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 553.043051][ C0] __run_hrtimer+0x163/0x460
[ 553.047629][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 553.053454][ C0] hrtimer_interrupt+0x380/0xaf0
[ 553.058449][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 553.064340][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 553.070032][ C0]
[ 553.072953][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 553.078943][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 553.085133][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 553.104768][ C0] RSP: 0018:ffffc90003e2b998 EFLAGS: 00000246
[ 553.110872][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011888100bd6c88
[ 553.118835][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 553.126886][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 553.134847][ C0] R10: ffffffff88f36fe8 R11: 0000000000000200 R12: 0000000000000017
[ 553.142807][ C0] R13: 000000000000000f R14: ffff888100bd6c88 R15: 0000000000000008
[ 553.150957][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 553.156504][ C0] workingset_activation+0xda/0x260
[ 553.161788][ C0] mark_page_accessed+0x505/0x5f0
[ 553.166947][ C0] zap_pte_range+0x4f8/0x13f0
[ 553.171781][ C0] ? futex_wake+0x349/0x3d0
[ 553.176285][ C0] unmap_page_range+0x540/0x650
[ 553.181147][ C0] unmap_single_vma+0x157/0x210
[ 553.186124][ C0] unmap_vmas+0xc0/0x170
[ 553.190387][ C0] exit_mmap+0x1be/0x400
[ 553.194645][ C0] __mmput+0xa2/0x220
[ 553.198614][ C0] mmput+0x3d/0x50
[ 553.202320][ C0] exit_mm+0x344/0x430
[ 553.206377][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 553.212190][ C0] ? taskstats_exit+0x334/0x730
[ 553.217150][ C0] ? acct_collect+0x3a4/0x400
[ 553.221828][ C0] do_exit+0x3ff/0x1670
[ 553.225975][ C0] ? zap_other_threads+0x1c2/0x1e0
[ 553.231083][ C0] do_group_exit+0x17d/0x180
[ 553.235692][ C0] __do_sys_exit_group+0xb/0x10
[ 553.240539][ C0] __se_sys_exit_group+0x5/0x10
[ 553.245387][ C0] __x64_sys_exit_group+0x16/0x20
[ 553.250465][ C0] do_syscall_64+0x39/0x80
[ 553.254999][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 553.260910][ C0] RIP: 0033:0x466459
[ 553.264806][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 553.271670][ C0] RSP: 002b:00007fff879691b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 553.280066][ C0] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000466459
19:30:30 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x0, r2}, 0x38)
19:30:30 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 553.288976][ C0] RDX: 000000000041926b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 553.297108][ C0] RBP: 0000000000000000 R08: 000000000000099e R09: 0000000000000000
[ 553.306146][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 553.314137][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff879692b0
[ 553.322107][ C0] ---[ end trace 6a9a87c08c22e08d ]---
19:30:30 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x4, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:30 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 553.427905][ C0] ------------[ cut here ]------------
[ 553.433397][ C0] WARNING: CPU: 0 PID: 28077 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 553.444276][ C0] Modules linked in:
[ 553.448200][ C0] CPU: 0 PID: 28077 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 553.458352][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 553.468440][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:30 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 553.474488][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 553.494212][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 553.500444][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000021 RCX: ffff88810b8e4000
[ 553.509142][ C0] RDX: 0000000000010000 RSI: 0000000000000021 RDI: 0000000000000001
[ 553.517581][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 553.525566][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 553.533815][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 553.541796][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 553.550737][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 553.558415][ C0] CR2: 00000000005400f8 CR3: 0000000042831000 CR4: 00000000001506f0
[ 553.566400][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
19:30:30 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 553.574392][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 553.582418][ C0] Call Trace:
[ 553.585704][ C0]
[ 553.588547][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 553.594482][ C0] __run_hrtimer+0x163/0x460
[ 553.599098][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 553.605493][ C0] hrtimer_interrupt+0x380/0xaf0
[ 553.610470][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 553.616390][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 553.622046][ C0]
[ 553.624980][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 553.632015][ C0] RIP: 0010:_raw_spin_unlock_irq+0x2c/0x40
[ 553.638156][ C0] Code: 89 fb 48 c7 c7 78 67 66 87 e8 70 13 cc fb 48 83 3d 10 b4 db 01 00 74 1d 48 89 df e8 ce 4e ab fb 66 90 fb 65 ff 0d 8c b9 76 7a <74> 02 5b c3 e8 52 7b 75 fb 5b c3 0f 0b 0f 1f 80 00 00 00 00 53 48
[ 553.660061][ C0] RSP: 0018:ffffc9000405b910 EFLAGS: 00000286
[ 553.666272][ C0] RAX: 0000000000000001 RBX: ffff88810a8fee30 RCX: 0000000000000df9
[ 553.674316][ C0] RDX: 0001ffff87666778 RSI: 0000000000000017 RDI: ffff88810a8fee30
[ 553.682284][ C0] RBP: ffff88810a8fee88 R08: 0000000000000000 R09: 0001ffff8766677f
[ 553.690245][ C0] R10: 0001ffffffffffff R11: ffff88810b8e4000 R12: 00000003fffffffc
[ 553.698206][ C0] R13: ffffc9000405b958 R14: 0000000000000cc0 R15: ffffea0004705300
[ 553.706265][ C0] shmem_add_to_page_cache+0x605/0x6e0
[ 553.712006][ C0] shmem_getpage_gfp+0x86a/0x1980
[ 553.717055][ C0] shmem_fault+0x16c/0x450
[ 553.721559][ C0] do_read_fault+0x2e1/0x530
[ 553.726411][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 553.732227][ C0] handle_mm_fault+0x1019/0x1840
[ 553.737172][ C0] __get_user_pages+0xa47/0x1000
[ 553.742142][ C0] __mm_populate+0x24d/0x380
[ 553.746742][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 553.751329][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 553.756126][ C0] ? switch_fpu_return+0xa/0x10
[ 553.760996][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 553.766715][ C0] do_syscall_64+0x39/0x80
[ 553.771114][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 553.777549][ C0] RIP: 0033:0x466459
[ 553.781425][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 553.801229][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 553.809649][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 553.817746][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 553.825883][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 553.833863][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 553.841970][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 553.849945][ C0] ---[ end trace 6a9a87c08c22e08e ]---
[ 553.855793][ C0] ------------[ cut here ]------------
[ 553.861256][ C0] WARNING: CPU: 0 PID: 28077 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 553.872157][ C0] Modules linked in:
19:30:30 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x4020940d, &(0x7f0000000040)={0x4})
19:30:30 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:30 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x8})
[ 553.876050][ C0] CPU: 0 PID: 28077 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 553.886315][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 553.896398][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 553.902834][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 553.922447][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 553.928529][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810b8e4000
[ 553.936498][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 553.944473][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 553.952456][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 553.960449][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 553.968425][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 553.977382][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 553.984002][ C0] CR2: 00000000005400f8 CR3: 0000000042831000 CR4: 00000000001506f0
[ 553.991985][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 553.999999][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 554.007998][ C0] Call Trace:
[ 554.011280][ C0]
[ 554.014129][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 554.019945][ C0] __run_hrtimer+0x163/0x460
[ 554.024547][ C0] ? clockevents_program_event+0x19c/0x1e0
19:30:30 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 554.030360][ C0] hrtimer_interrupt+0x380/0xaf0
[ 554.035310][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 554.041366][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 554.047018][ C0]
[ 554.049956][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 554.055961][ C0] RIP: 0010:_raw_spin_unlock_irq+0x2c/0x40
[ 554.061756][ C0] Code: 89 fb 48 c7 c7 78 67 66 87 e8 70 13 cc fb 48 83 3d 10 b4 db 01 00 74 1d 48 89 df e8 ce 4e ab fb 66 90 fb 65 ff 0d 8c b9 76 7a <74> 02 5b c3 e8 52 7b 75 fb 5b c3 0f 0b 0f 1f 80 00 00 00 00 53 48
[ 554.081549][ C0] RSP: 0018:ffffc9000405b910 EFLAGS: 00000286
[ 554.087617][ C0] RAX: 0000000000000001 RBX: ffff88810a8fee30 RCX: 0000000000000df9
[ 554.095814][ C0] RDX: 0001ffff87666778 RSI: 0000000000000017 RDI: ffff88810a8fee30
[ 554.103788][ C0] RBP: ffff88810a8fee88 R08: 0000000000000000 R09: 0001ffff8766677f
[ 554.112598][ C0] R10: 0001ffffffffffff R11: ffff88810b8e4000 R12: 00000003fffffffc
[ 554.120607][ C0] R13: ffffc9000405b958 R14: 0000000000000cc0 R15: ffffea0004705300
[ 554.128580][ C0] shmem_add_to_page_cache+0x605/0x6e0
[ 554.134049][ C0] shmem_getpage_gfp+0x86a/0x1980
[ 554.139088][ C0] shmem_fault+0x16c/0x450
[ 554.143534][ C0] do_read_fault+0x2e1/0x530
[ 554.148634][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 554.154454][ C0] handle_mm_fault+0x1019/0x1840
[ 554.159388][ C0] __get_user_pages+0xa47/0x1000
[ 554.164405][ C0] __mm_populate+0x24d/0x380
[ 554.168998][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 554.173764][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 554.178433][ C0] ? switch_fpu_return+0xa/0x10
[ 554.183414][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 554.189173][ C0] do_syscall_64+0x39/0x80
[ 554.193596][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 554.199485][ C0] RIP: 0033:0x466459
[ 554.203373][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 554.223018][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 554.231433][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 554.239405][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 554.247365][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 554.255328][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 554.263290][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 554.271279][ C0] ---[ end trace 6a9a87c08c22e08f ]---
[ 554.277034][ C0] ------------[ cut here ]------------
[ 554.282479][ C0] WARNING: CPU: 0 PID: 28077 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 554.293338][ C0] Modules linked in:
[ 554.297234][ C0] CPU: 0 PID: 28077 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 554.307428][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 554.317617][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 554.323608][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 554.343813][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 554.349924][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88810b8e4000
[ 554.358206][ C0] RDX: 0000000000010000 RSI: 000000000000001a RDI: 0000000000000001
[ 554.366327][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 554.374323][ C0] R10: 0001ffffffffffff R11: ffff88810b8e4000 R12: ffff88813bc1da58
[ 554.382297][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 554.390277][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 554.399431][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 554.406114][ C0] CR2: 00000000005400f8 CR3: 0000000042831000 CR4: 00000000001506f0
[ 554.414091][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 554.422149][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 554.430474][ C0] Call Trace:
[ 554.434712][ C0]
[ 554.437555][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 554.443351][ C0] __run_hrtimer+0x163/0x460
[ 554.447944][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 554.453744][ C0] hrtimer_interrupt+0x380/0xaf0
[ 554.458770][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 554.465172][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 554.470882][ C0]
[ 554.473820][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 554.479789][ C0] RIP: 0010:_raw_spin_unlock_irq+0x2c/0x40
[ 554.485585][ C0] Code: 89 fb 48 c7 c7 78 67 66 87 e8 70 13 cc fb 48 83 3d 10 b4 db 01 00 74 1d 48 89 df e8 ce 4e ab fb 66 90 fb 65 ff 0d 8c b9 76 7a <74> 02 5b c3 e8 52 7b 75 fb 5b c3 0f 0b 0f 1f 80 00 00 00 00 53 48
[ 554.505520][ C0] RSP: 0018:ffffc9000405b910 EFLAGS: 00000286
[ 554.511584][ C0] RAX: 0000000000000001 RBX: ffff88810a8fee30 RCX: 0000000000000df9
[ 554.519573][ C0] RDX: 0001ffff87666778 RSI: 0000000000000017 RDI: ffff88810a8fee30
[ 554.527618][ C0] RBP: ffff88810a8fee88 R08: 0000000000000000 R09: 0001ffff8766677f
[ 554.535577][ C0] R10: 0001ffffffffffff R11: ffff88810b8e4000 R12: 00000003fffffffc
[ 554.543540][ C0] R13: ffffc9000405b958 R14: 0000000000000cc0 R15: ffffea0004705300
[ 554.551522][ C0] shmem_add_to_page_cache+0x605/0x6e0
[ 554.556997][ C0] shmem_getpage_gfp+0x86a/0x1980
[ 554.562020][ C0] shmem_fault+0x16c/0x450
[ 554.566466][ C0] do_read_fault+0x2e1/0x530
[ 554.571076][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 554.576893][ C0] handle_mm_fault+0x1019/0x1840
[ 554.581835][ C0] __get_user_pages+0xa47/0x1000
[ 554.586787][ C0] __mm_populate+0x24d/0x380
[ 554.591483][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 554.596097][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 554.600822][ C0] ? switch_fpu_return+0xa/0x10
[ 554.605663][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 554.611375][ C0] do_syscall_64+0x39/0x80
[ 554.615802][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 554.621693][ C0] RIP: 0033:0x466459
[ 554.625588][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 554.645192][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 554.653600][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 554.661563][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 554.669751][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 554.677715][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 554.685689][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 554.693666][ C0] ---[ end trace 6a9a87c08c22e090 ]---
19:30:31 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x5)
19:30:31 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x5, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 554.799456][ C0] ------------[ cut here ]------------
[ 554.804943][ C0] WARNING: CPU: 0 PID: 28100 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 554.815808][ C0] Modules linked in:
[ 554.819704][ C0] CPU: 0 PID: 28100 Comm: syz-executor.3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 554.829862][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 554.840049][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 554.846042][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 554.865837][ C0] RSP: 0000:ffffc90000003e18 EFLAGS: 00010046
[ 554.872087][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff88810cfd5000
[ 554.880062][ C0] RDX: 0000000080010001 RSI: 000000000000001f RDI: 0000000000000001
[ 554.888050][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:30:31 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x0, r2}, 0x38)
19:30:31 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x6, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 554.896034][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 554.904033][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 554.912019][ C0] FS: 0000000003188400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 554.921219][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 554.927827][ C0] CR2: 0000000020000007 CR3: 0000000027ed1000 CR4: 00000000001506f0
[ 554.936161][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 554.944194][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 554.952166][ C0] Call Trace:
[ 554.955488][ C0]
[ 554.958340][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 554.964158][ C0] __run_hrtimer+0x163/0x460
[ 554.968856][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 554.975039][ C0] hrtimer_interrupt+0x380/0xaf0
[ 554.980021][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 554.985958][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 554.991602][ C0]
[ 554.994537][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 555.000543][ C0] RIP: 0010:clear_page_erms+0x7/0x10
[ 555.005846][ C0] Code: 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 47 38 48 8d 7f 40 75 d9 90 c3 0f 1f 80 00 00 00 00 b9 00 10 00 00 31 c0 aa c3 cc cc cc cc cc cc 55 41 57 41 56 41 55 41 54 53 48 83 ec
[ 555.025634][ C0] RSP: 0000:ffffc900041c7bd0 EFLAGS: 00010246
[ 555.031711][ C0] RAX: 0000000000000000 RBX: ffff88813fffb680 RCX: 0000000000000f40
[ 555.039882][ C0] RDX: ffffea00017f7600 RSI: 0000000000000028 RDI: ffff88805fdd80c0
[ 555.047864][ C0] RBP: ffff88810cfd5000 R08: 0000000000000200 R09: 0005088000000000
[ 555.055857][ C0] R10: 0000000000000009 R11: 0000000000000001 R12: ffffea00017f0000
[ 555.063838][ C0] R13: ffff88813fffe4a0 R14: 0000000000000003 R15: 0000000000000181
[ 555.071820][ C0] get_page_from_freelist+0x366/0x630
[ 555.078725][ C0] __alloc_pages_nodemask+0x1a8/0x350
[ 555.084109][ C0] alloc_pages_vma+0x718/0x890
[ 555.088888][ C0] do_huge_pmd_anonymous_page+0x663/0xa90
[ 555.094635][ C0] ? __rcu_read_unlock+0x5c/0x250
[ 555.099666][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 555.105500][ C0] handle_mm_fault+0x1267/0x1840
[ 555.110460][ C0] do_user_addr_fault+0x60c/0xc00
[ 555.115497][ C0] exc_page_fault+0x94/0x2a0
[ 555.120103][ C0] ? asm_exc_page_fault+0x8/0x30
[ 555.125053][ C0] asm_exc_page_fault+0x1e/0x30
[ 555.129916][ C0] RIP: 0033:0x461bdb
19:30:31 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:31 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x7, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 555.133815][ C0] Code: 80 fa 01 77 3b 72 05 0f b6 0e 88 0f c3 c5 fa 6f 06 c5 fa 6f 4c 16 f0 c5 fa 7f 07 c5 fa 7f 4c 17 f0 c3 48 8b 4c 16 f8 48 8b 36 <48> 89 4c 17 f8 48 89 37 c3 8b 4c 16 fc 8b 36 89 4c 17 fc 89 37 c3
[ 555.153444][ C0] RSP: 002b:00007ffce2f6f3f8 EFLAGS: 00010202
[ 555.159610][ C0] RAX: 0000000020000000 RBX: 0000000000000003 RCX: 0023647261632f69
[ 555.167598][ C0] RDX: 000000000000000f RSI: 6972642f7665642f RDI: 0000000020000000
[ 555.175707][ C0] RBP: 00007ffce2f6f4b8 R08: 0000000000970000 R09: 0000000000000010
[ 555.183724][ C0] R10: 00007ffce2fb60b8 R11: 000000000001493a R12: 0000000000000001
[ 555.191705][ C0] R13: 0000000000000000 R14: 000000000056bf60 R15: 000000000008771b
19:30:31 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x9})
[ 555.199708][ C0] ---[ end trace 6a9a87c08c22e091 ]---
[ 555.205530][ C0] ------------[ cut here ]------------
[ 555.210992][ C0] WARNING: CPU: 0 PID: 28100 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 555.221884][ C0] Modules linked in:
[ 555.225792][ C0] CPU: 0 PID: 28100 Comm: syz-executor.3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 555.235965][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 555.246027][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 555.251999][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 555.271811][ C0] RSP: 0000:ffffc90000003e18 EFLAGS: 00010046
[ 555.277883][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff88810cfd5000
[ 555.285838][ C0] RDX: 0000000080010001 RSI: 0000000000000018 RDI: 0000000000000001
[ 555.293813][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 555.301773][ C0] R10: 0001ffffffffffff R11: ffff88810cfd5000 R12: ffff88813bc1da58
[ 555.309751][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 555.317745][ C0] FS: 0000000003188400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 555.326663][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 555.333355][ C0] CR2: 0000000020000007 CR3: 0000000027ed1000 CR4: 00000000001506f0
[ 555.341317][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 555.349303][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 555.357303][ C0] Call Trace:
[ 555.360582][ C0]
[ 555.363424][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 555.369476][ C0] __run_hrtimer+0x163/0x460
[ 555.374050][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 555.379860][ C0] hrtimer_interrupt+0x380/0xaf0
[ 555.384803][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 555.390684][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 555.396305][ C0]
[ 555.399219][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 555.405209][ C0] RIP: 0010:clear_page_erms+0x7/0x10
[ 555.410509][ C0] Code: 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 47 38 48 8d 7f 40 75 d9 90 c3 0f 1f 80 00 00 00 00 b9 00 10 00 00 31 c0 aa c3 cc cc cc cc cc cc 55 41 57 41 56 41 55 41 54 53 48 83 ec
[ 555.430122][ C0] RSP: 0000:ffffc900041c7bd0 EFLAGS: 00010246
[ 555.436188][ C0] RAX: 0000000000000000 RBX: ffff88813fffb680 RCX: 0000000000000f40
[ 555.444145][ C0] RDX: ffffea00017f7600 RSI: 0000000000000028 RDI: ffff88805fdd80c0
[ 555.452112][ C0] RBP: ffff88810cfd5000 R08: 0000000000000200 R09: 0005088000000000
[ 555.460072][ C0] R10: 0000000000000009 R11: 0000000000000001 R12: ffffea00017f0000
[ 555.468048][ C0] R13: ffff88813fffe4a0 R14: 0000000000000003 R15: 0000000000000181
[ 555.476021][ C0] get_page_from_freelist+0x366/0x630
[ 555.481416][ C0] __alloc_pages_nodemask+0x1a8/0x350
[ 555.486777][ C0] alloc_pages_vma+0x718/0x890
[ 555.491560][ C0] do_huge_pmd_anonymous_page+0x663/0xa90
[ 555.497275][ C0] ? __rcu_read_unlock+0x5c/0x250
[ 555.502316][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 555.508113][ C0] handle_mm_fault+0x1267/0x1840
[ 555.513050][ C0] do_user_addr_fault+0x60c/0xc00
[ 555.518071][ C0] exc_page_fault+0x94/0x2a0
[ 555.522651][ C0] ? asm_exc_page_fault+0x8/0x30
[ 555.527592][ C0] asm_exc_page_fault+0x1e/0x30
[ 555.532452][ C0] RIP: 0033:0x461bdb
[ 555.536342][ C0] Code: 80 fa 01 77 3b 72 05 0f b6 0e 88 0f c3 c5 fa 6f 06 c5 fa 6f 4c 16 f0 c5 fa 7f 07 c5 fa 7f 4c 17 f0 c3 48 8b 4c 16 f8 48 8b 36 <48> 89 4c 17 f8 48 89 37 c3 8b 4c 16 fc 8b 36 89 4c 17 fc 89 37 c3
[ 555.555954][ C0] RSP: 002b:00007ffce2f6f3f8 EFLAGS: 00010202
[ 555.562014][ C0] RAX: 0000000020000000 RBX: 0000000000000003 RCX: 0023647261632f69
[ 555.569993][ C0] RDX: 000000000000000f RSI: 6972642f7665642f RDI: 0000000020000000
[ 555.578108][ C0] RBP: 00007ffce2f6f4b8 R08: 0000000000970000 R09: 0000000000000010
[ 555.586105][ C0] R10: 00007ffce2fb60b8 R11: 000000000001493a R12: 0000000000000001
[ 555.594082][ C0] R13: 0000000000000000 R14: 000000000056bf60 R15: 000000000008771b
[ 555.602156][ C0] ---[ end trace 6a9a87c08c22e092 ]---
[ 555.607878][ C0] ------------[ cut here ]------------
[ 555.613348][ C0] WARNING: CPU: 0 PID: 28100 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 555.624823][ C0] Modules linked in:
[ 555.628704][ C0] CPU: 0 PID: 28100 Comm: syz-executor.3 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 555.638985][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 555.649028][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 555.655008][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 555.674611][ C0] RSP: 0000:ffffc90000003e18 EFLAGS: 00010046
[ 555.680685][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810cfd5000
[ 555.688646][ C0] RDX: 0000000080010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 555.696611][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 555.704578][ C0] R10: 0001ffffffffffff R11: ffff88810cfd5000 R12: ffff88813bc1da58
[ 555.712542][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 555.720647][ C0] FS: 0000000003188400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 555.729565][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 555.736147][ C0] CR2: 0000000020000007 CR3: 0000000027ed1000 CR4: 00000000001506f0
[ 555.744108][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 555.752201][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 555.760157][ C0] Call Trace:
[ 555.763434][ C0]
[ 555.766260][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 555.772147][ C0] __run_hrtimer+0x163/0x460
[ 555.776747][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 555.782570][ C0] hrtimer_interrupt+0x380/0xaf0
[ 555.787590][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 555.793469][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 555.799110][ C0]
[ 555.802041][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 555.808014][ C0] RIP: 0010:clear_page_erms+0x7/0x10
[ 555.813300][ C0] Code: 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 47 38 48 8d 7f 40 75 d9 90 c3 0f 1f 80 00 00 00 00 b9 00 10 00 00 31 c0 aa c3 cc cc cc cc cc cc 55 41 57 41 56 41 55 41 54 53 48 83 ec
[ 555.832976][ C0] RSP: 0000:ffffc900041c7bd0 EFLAGS: 00010246
[ 555.839130][ C0] RAX: 0000000000000000 RBX: ffff88813fffb680 RCX: 0000000000000f40
[ 555.847106][ C0] RDX: ffffea00017f7600 RSI: 0000000000000028 RDI: ffff88805fdd80c0
[ 555.855078][ C0] RBP: ffff88810cfd5000 R08: 0000000000000200 R09: 0005088000000000
[ 555.863084][ C0] R10: 0000000000000009 R11: 0000000000000001 R12: ffffea00017f0000
[ 555.871065][ C0] R13: ffff88813fffe4a0 R14: 0000000000000003 R15: 0000000000000181
[ 555.879046][ C0] get_page_from_freelist+0x366/0x630
[ 555.884456][ C0] __alloc_pages_nodemask+0x1a8/0x350
[ 555.889830][ C0] alloc_pages_vma+0x718/0x890
[ 555.894597][ C0] do_huge_pmd_anonymous_page+0x663/0xa90
[ 555.900300][ C0] ? __rcu_read_unlock+0x5c/0x250
[ 555.905325][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 555.911130][ C0] handle_mm_fault+0x1267/0x1840
[ 555.916077][ C0] do_user_addr_fault+0x60c/0xc00
[ 555.921103][ C0] exc_page_fault+0x94/0x2a0
[ 555.925698][ C0] ? asm_exc_page_fault+0x8/0x30
[ 555.930728][ C0] asm_exc_page_fault+0x1e/0x30
[ 555.935586][ C0] RIP: 0033:0x461bdb
[ 555.939462][ C0] Code: 80 fa 01 77 3b 72 05 0f b6 0e 88 0f c3 c5 fa 6f 06 c5 fa 6f 4c 16 f0 c5 fa 7f 07 c5 fa 7f 4c 17 f0 c3 48 8b 4c 16 f8 48 8b 36 <48> 89 4c 17 f8 48 89 37 c3 8b 4c 16 fc 8b 36 89 4c 17 fc 89 37 c3
[ 555.959066][ C0] RSP: 002b:00007ffce2f6f3f8 EFLAGS: 00010202
[ 555.965118][ C0] RAX: 0000000020000000 RBX: 0000000000000003 RCX: 0023647261632f69
[ 555.973226][ C0] RDX: 000000000000000f RSI: 6972642f7665642f RDI: 0000000020000000
[ 555.981207][ C0] RBP: 00007ffce2f6f4b8 R08: 0000000000970000 R09: 0000000000000010
[ 555.989310][ C0] R10: 00007ffce2fb60b8 R11: 000000000001493a R12: 0000000000000001
[ 555.997303][ C0] R13: 0000000000000000 R14: 000000000056bf60 R15: 000000000008771b
[ 556.005272][ C0] ---[ end trace 6a9a87c08c22e093 ]---
19:30:32 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 556.111262][ C0] ------------[ cut here ]------------
[ 556.116752][ C0] WARNING: CPU: 0 PID: 28111 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 556.127615][ C0] Modules linked in:
[ 556.131511][ C0] CPU: 0 PID: 28111 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 556.141714][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 556.151791][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 556.157810][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 556.177699][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 556.183763][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001e RCX: ffff888102824000
[ 556.191823][ C0] RDX: 0000000080010000 RSI: 000000000000001e RDI: 0000000000000001
[ 556.200132][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 556.208108][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 556.216082][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 556.224067][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 556.233117][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 556.239707][ C0] CR2: 00000000005400f8 CR3: 000000010929a000 CR4: 00000000001506f0
[ 556.247665][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 556.255625][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 556.263597][ C0] Call Trace:
[ 556.266889][ C0]
[ 556.269717][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 556.275527][ C0] __run_hrtimer+0x163/0x460
[ 556.280116][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 556.286284][ C0] hrtimer_interrupt+0x380/0xaf0
[ 556.291237][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 556.297138][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 556.302797][ C0]
[ 556.305740][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 556.311767][ C0] RIP: 0010:_raw_spin_unlock_irq+0x2c/0x40
[ 556.317568][ C0] Code: 89 fb 48 c7 c7 78 67 66 87 e8 70 13 cc fb 48 83 3d 10 b4 db 01 00 74 1d 48 89 df e8 ce 4e ab fb 66 90 fb 65 ff 0d 8c b9 76 7a <74> 02 5b c3 e8 52 7b 75 fb 5b c3 0f 0b 0f 1f 80 00 00 00 00 53 48
[ 556.337169][ C0] RSP: 0018:ffffc900044b3910 EFLAGS: 00000286
[ 556.343258][ C0] RAX: 0000000000000001 RBX: ffff8881093f3df0 RCX: 0000000000000ed7
[ 556.351468][ C0] RDX: 0001ffff87666778 RSI: 0000000000000017 RDI: ffff8881093f3df0
[ 556.359449][ C0] RBP: ffff8881093f3e48 R08: 0000000000000000 R09: 0001ffff8766677f
[ 556.367505][ C0] R10: ffffffff88f36fe8 R11: 0000000000000000 R12: 00000003fffffffc
[ 556.375467][ C0] R13: ffffc900044b3958 R14: 0000000000000cc0 R15: ffffea0000248700
[ 556.383537][ C0] shmem_add_to_page_cache+0x605/0x6e0
[ 556.389018][ C0] shmem_getpage_gfp+0x86a/0x1980
[ 556.394099][ C0] shmem_fault+0x16c/0x450
[ 556.398525][ C0] do_read_fault+0x2e1/0x530
[ 556.403107][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 556.408898][ C0] handle_mm_fault+0x1019/0x1840
[ 556.413825][ C0] __get_user_pages+0xa47/0x1000
[ 556.418780][ C0] __mm_populate+0x24d/0x380
[ 556.423395][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 556.427972][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 556.432724][ C0] ? switch_fpu_return+0xa/0x10
[ 556.437560][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 556.443271][ C0] do_syscall_64+0x39/0x80
[ 556.447697][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 556.453605][ C0] RIP: 0033:0x466459
[ 556.457585][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 556.477428][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 556.485835][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 556.493912][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 556.501906][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 556.509890][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 556.517857][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 556.525827][ C0] ---[ end trace 6a9a87c08c22e094 ]---
[ 556.531650][ C0] ------------[ cut here ]------------
[ 556.537108][ C0] WARNING: CPU: 0 PID: 28111 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 556.538224][ T3244] ieee802154 phy0 wpan0: encryption failed: -22
[ 556.547993][ C0] Modules linked in:
19:30:33 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x80086301, &(0x7f0000000040)={0x4})
19:30:33 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x8, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 556.548007][ C0] CPU: 0 PID: 28111 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 556.557971][ T3244] ieee802154 phy1 wpan1: encryption failed: -22
[ 556.558145][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 556.584937][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 556.590948][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 556.610604][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 556.616674][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff888102824000
[ 556.624828][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 556.632821][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 556.640803][ C0] R10: 0001ffffffffffff R11: ffff888102824000 R12: ffff88813bc1da58
[ 556.648798][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
19:30:33 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x6)
[ 556.656778][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 556.665715][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 556.672301][ C0] CR2: 00000000005400f8 CR3: 000000010929a000 CR4: 00000000001506f0
[ 556.680281][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 556.688264][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 556.696228][ C0] Call Trace:
[ 556.699506][ C0]
[ 556.702345][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 556.708160][ C0] __run_hrtimer+0x163/0x460
[ 556.712760][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 556.719356][ C0] hrtimer_interrupt+0x380/0xaf0
[ 556.724286][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 556.730224][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 556.735854][ C0]
[ 556.738792][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 556.744795][ C0] RIP: 0010:_raw_spin_unlock_irq+0x2c/0x40
[ 556.750622][ C0] Code: 89 fb 48 c7 c7 78 67 66 87 e8 70 13 cc fb 48 83 3d 10 b4 db 01 00 74 1d 48 89 df e8 ce 4e ab fb 66 90 fb 65 ff 0d 8c b9 76 7a <74> 02 5b c3 e8 52 7b 75 fb 5b c3 0f 0b 0f 1f 80 00 00 00 00 53 48
[ 556.770213][ C0] RSP: 0018:ffffc900044b3910 EFLAGS: 00000286
[ 556.776276][ C0] RAX: 0000000000000001 RBX: ffff8881093f3df0 RCX: 0000000000000ed7
[ 556.784243][ C0] RDX: 0001ffff87666778 RSI: 0000000000000017 RDI: ffff8881093f3df0
[ 556.792243][ C0] RBP: ffff8881093f3e48 R08: 0000000000000000 R09: 0001ffff8766677f
[ 556.800226][ C0] R10: ffffffff88f36fe8 R11: 0000000000000000 R12: 00000003fffffffc
[ 556.808200][ C0] R13: ffffc900044b3958 R14: 0000000000000cc0 R15: ffffea0000248700
[ 556.816178][ C0] shmem_add_to_page_cache+0x605/0x6e0
[ 556.821643][ C0] shmem_getpage_gfp+0x86a/0x1980
[ 556.826673][ C0] shmem_fault+0x16c/0x450
[ 556.831094][ C0] do_read_fault+0x2e1/0x530
[ 556.835712][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 556.841639][ C0] handle_mm_fault+0x1019/0x1840
[ 556.846691][ C0] __get_user_pages+0xa47/0x1000
[ 556.851642][ C0] __mm_populate+0x24d/0x380
[ 556.856238][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 556.860841][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 556.865520][ C0] ? switch_fpu_return+0xa/0x10
[ 556.870360][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 556.876594][ C0] do_syscall_64+0x39/0x80
[ 556.881016][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 556.886935][ C0] RIP: 0033:0x466459
[ 556.890830][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 556.910565][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 556.918983][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 556.926974][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 556.935492][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 556.943468][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 556.952310][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 556.960275][ C0] ---[ end trace 6a9a87c08c22e095 ]---
[ 556.966100][ C0] ------------[ cut here ]------------
[ 556.971608][ C0] WARNING: CPU: 0 PID: 28111 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 556.982473][ C0] Modules linked in:
[ 556.986362][ C0] CPU: 0 PID: 28111 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 556.996500][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 557.006589][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 557.012667][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 557.032656][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 557.038780][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff888102824000
[ 557.046748][ C0] RDX: 0000000000010000 RSI: 000000000000001a RDI: 0000000000000001
[ 557.054729][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 557.062702][ C0] R10: 0001ffffffffffff R11: 00000000000003b7 R12: ffff88813bc1da58
[ 557.070657][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 557.078655][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 557.087568][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 557.094156][ C0] CR2: 00000000005400f8 CR3: 000000010929a000 CR4: 00000000001506f0
[ 557.102279][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 557.110373][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 557.118337][ C0] Call Trace:
[ 557.121605][ C0]
[ 557.124457][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 557.130264][ C0] __run_hrtimer+0x163/0x460
[ 557.134872][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 557.140690][ C0] hrtimer_interrupt+0x380/0xaf0
[ 557.145634][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 557.151531][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 557.157188][ C0]
[ 557.161068][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 557.167301][ C0] RIP: 0010:_raw_spin_unlock_irq+0x2c/0x40
[ 557.173107][ C0] Code: 89 fb 48 c7 c7 78 67 66 87 e8 70 13 cc fb 48 83 3d 10 b4 db 01 00 74 1d 48 89 df e8 ce 4e ab fb 66 90 fb 65 ff 0d 8c b9 76 7a <74> 02 5b c3 e8 52 7b 75 fb 5b c3 0f 0b 0f 1f 80 00 00 00 00 53 48
[ 557.192728][ C0] RSP: 0018:ffffc900044b3910 EFLAGS: 00000286
[ 557.198828][ C0] RAX: 0000000000000001 RBX: ffff8881093f3df0 RCX: 0000000000000ed7
[ 557.206787][ C0] RDX: 0001ffff87666778 RSI: 0000000000000017 RDI: ffff8881093f3df0
[ 557.214771][ C0] RBP: ffff8881093f3e48 R08: 0000000000000000 R09: 0001ffff8766677f
[ 557.222775][ C0] R10: ffffffff88f36fe8 R11: 0000000000000000 R12: 00000003fffffffc
[ 557.230736][ C0] R13: ffffc900044b3958 R14: 0000000000000cc0 R15: ffffea0000248700
[ 557.238890][ C0] shmem_add_to_page_cache+0x605/0x6e0
[ 557.244373][ C0] shmem_getpage_gfp+0x86a/0x1980
[ 557.249405][ C0] shmem_fault+0x16c/0x450
[ 557.253846][ C0] do_read_fault+0x2e1/0x530
[ 557.258423][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 557.264224][ C0] handle_mm_fault+0x1019/0x1840
[ 557.269172][ C0] __get_user_pages+0xa47/0x1000
[ 557.274099][ C0] __mm_populate+0x24d/0x380
[ 557.278696][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 557.283283][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 557.287961][ C0] ? switch_fpu_return+0xa/0x10
[ 557.292808][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 557.298526][ C0] do_syscall_64+0x39/0x80
[ 557.302954][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 557.308849][ C0] RIP: 0033:0x466459
[ 557.312807][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 557.333020][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 557.341422][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 557.349483][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 557.357528][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 557.365502][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 557.373475][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 557.381441][ C0] ---[ end trace 6a9a87c08c22e096 ]---
19:30:34 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:34 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x9, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:34 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x0, r2}, 0x38)
[ 557.487249][ C0] ------------[ cut here ]------------
[ 557.492735][ C0] WARNING: CPU: 0 PID: 28129 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 557.503603][ C0] Modules linked in:
[ 557.507509][ C0] CPU: 0 PID: 28129 Comm: syz-executor.1 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 557.517705][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 557.527779][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:34 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 557.533785][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 557.553415][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 557.559587][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff888021e40000
[ 557.567566][ C0] RDX: 0000000080010001 RSI: 000000000000001f RDI: 0000000000000001
[ 557.575567][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 557.583649][ C0] R10: 0001ffffffffffff R11: 0000000000000045 R12: ffff88813bc1da58
[ 557.591611][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 557.599575][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 557.608496][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 557.615091][ C0] CR2: 000000000052f650 CR3: 0000000007629000 CR4: 00000000001506f0
[ 557.623087][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 557.631070][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 557.639383][ C0] Call Trace:
[ 557.642652][ C0]
[ 557.645843][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 557.651664][ C0] __run_hrtimer+0x163/0x460
[ 557.656262][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 557.662425][ C0] hrtimer_interrupt+0x380/0xaf0
[ 557.667369][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 557.673251][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 557.678873][ C0]
[ 557.681804][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 557.687777][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 557.693939][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 557.713590][ C0] RSP: 0018:ffffc900041cf7b8 EFLAGS: 00000246
[ 557.719701][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000988800976500c
[ 557.727660][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 557.735637][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 557.743613][ C0] R10: ffffffff88f37060 R11: 0000000000000200 R12: 0000000000000026
[ 557.751580][ C0] R13: 57ae92fd3fa6b300 R14: ffff88800976500c R15: 0000000000000004
[ 557.759552][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 557.765130][ C0] __tlb_remove_page_size+0x65/0x180
[ 557.770424][ C0] zap_pte_range+0x669/0x13f0
[ 557.775107][ C0] unmap_page_range+0x540/0x650
[ 557.779978][ C0] unmap_single_vma+0x157/0x210
[ 557.784836][ C0] unmap_vmas+0xc0/0x170
[ 557.789075][ C0] exit_mmap+0x1be/0x400
[ 557.793310][ C0] __mmput+0xa2/0x220
[ 557.797407][ C0] mmput+0x3d/0x50
[ 557.801152][ C0] exit_mm+0x344/0x430
[ 557.805225][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 557.811059][ C0] ? taskstats_exit+0x334/0x730
[ 557.815906][ C0] ? acct_collect+0x3a4/0x400
[ 557.820586][ C0] do_exit+0x3ff/0x1670
[ 557.824939][ C0] ? do_futex+0x1080/0x1cd0
[ 557.829452][ C0] do_group_exit+0xce/0x180
[ 557.833952][ C0] get_signal+0xdce/0x14e0
[ 557.838364][ C0] ? errseq_sample+0x2b/0x40
[ 557.843070][ C0] ? alloc_file+0x253/0x280
[ 557.847570][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 557.853105][ C0] ? __se_sys_futex+0x2a8/0x390
[ 557.857951][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 557.863586][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 557.869041][ C0] do_syscall_64+0x45/0x80
[ 557.873757][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 557.879724][ C0] RIP: 0033:0x466459
[ 557.883759][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 557.890582][ C0] RSP: 002b:00007f12a42a5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 557.898996][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 557.906988][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 557.914972][ C0] RBP: 000000000056bf60 R08: 000000000000000e R09: 0000000000000000
[ 557.922966][ C0] R10: 0000000000000003 R11: 0000000000000246 R12: 000000000056bf6c
[ 557.930953][ C0] R13: 00007ffc7bb4651f R14: 00007f12a42a5300 R15: 0000000000022000
19:30:34 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0xa})
[ 557.938916][ C0] ---[ end trace 6a9a87c08c22e097 ]---
[ 557.944711][ C0] ------------[ cut here ]------------
[ 557.950171][ C0] WARNING: CPU: 0 PID: 28129 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 557.961173][ C0] Modules linked in:
[ 557.965063][ C0] CPU: 0 PID: 28129 Comm: syz-executor.1 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 557.975215][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
19:30:34 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc0045878, &(0x7f0000000040)={0x4})
[ 557.985281][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 557.991337][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 558.010959][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 558.017035][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff888021e40000
[ 558.025041][ C0] RDX: 0000000080010001 RSI: 000000000000001c RDI: 0000000000000001
[ 558.033017][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 558.041056][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 558.049035][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 558.057015][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 558.066074][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 558.072644][ C0] CR2: 000000000052f650 CR3: 0000000007629000 CR4: 00000000001506f0
[ 558.080643][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 558.088602][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 558.096683][ C0] Call Trace:
[ 558.100333][ C0]
[ 558.103213][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 558.109011][ C0] __run_hrtimer+0x163/0x460
[ 558.113598][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 558.119402][ C0] hrtimer_interrupt+0x380/0xaf0
[ 558.124354][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 558.130360][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 558.136113][ C0]
[ 558.139046][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 558.145015][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 558.151192][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 558.170822][ C0] RSP: 0018:ffffc900041cf7b8 EFLAGS: 00000246
[ 558.176899][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000988800976500c
[ 558.184886][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 558.192881][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 558.201036][ C0] R10: ffffffff88f37060 R11: 0000000000000200 R12: 0000000000000026
[ 558.209007][ C0] R13: 57ae92fd3fa6b300 R14: ffff88800976500c R15: 0000000000000004
[ 558.217072][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 558.222645][ C0] __tlb_remove_page_size+0x65/0x180
[ 558.227931][ C0] zap_pte_range+0x669/0x13f0
[ 558.232611][ C0] unmap_page_range+0x540/0x650
[ 558.237979][ C0] unmap_single_vma+0x157/0x210
[ 558.242943][ C0] unmap_vmas+0xc0/0x170
[ 558.247199][ C0] exit_mmap+0x1be/0x400
[ 558.251434][ C0] __mmput+0xa2/0x220
[ 558.255417][ C0] mmput+0x3d/0x50
[ 558.259141][ C0] exit_mm+0x344/0x430
[ 558.263198][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 558.268994][ C0] ? taskstats_exit+0x334/0x730
[ 558.273844][ C0] ? acct_collect+0x3a4/0x400
[ 558.278518][ C0] do_exit+0x3ff/0x1670
[ 558.282671][ C0] ? do_futex+0x1080/0x1cd0
[ 558.287317][ C0] do_group_exit+0xce/0x180
[ 558.291819][ C0] get_signal+0xdce/0x14e0
[ 558.296257][ C0] ? errseq_sample+0x2b/0x40
[ 558.300843][ C0] ? alloc_file+0x253/0x280
[ 558.305335][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 558.311058][ C0] ? __se_sys_futex+0x2a8/0x390
[ 558.315917][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 558.321540][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 558.327118][ C0] do_syscall_64+0x45/0x80
[ 558.331525][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 558.337430][ C0] RIP: 0033:0x466459
[ 558.341312][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 558.348150][ C0] RSP: 002b:00007f12a42a5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 558.356825][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 558.364815][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 558.372999][ C0] RBP: 000000000056bf60 R08: 000000000000000e R09: 0000000000000000
[ 558.381205][ C0] R10: 0000000000000003 R11: 0000000000000246 R12: 000000000056bf6c
[ 558.389291][ C0] R13: 00007ffc7bb4651f R14: 00007f12a42a5300 R15: 0000000000022000
[ 558.397273][ C0] ---[ end trace 6a9a87c08c22e098 ]---
[ 558.403076][ C0] ------------[ cut here ]------------
[ 558.408539][ C0] WARNING: CPU: 0 PID: 28129 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 558.419497][ C0] Modules linked in:
[ 558.423391][ C0] CPU: 0 PID: 28129 Comm: syz-executor.1 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 558.433522][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 558.443582][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 558.449572][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 558.469193][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 558.475262][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff888021e40000
[ 558.483230][ C0] RDX: 0000000080010001 RSI: 000000000000001b RDI: 0000000000000001
[ 558.491211][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 558.499189][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 558.507191][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 558.515172][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 558.524091][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 558.530683][ C0] CR2: 000000000052f650 CR3: 0000000007629000 CR4: 00000000001506f0
[ 558.538641][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 558.546603][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 558.554585][ C0] Call Trace:
[ 558.557863][ C0]
[ 558.560711][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 558.566522][ C0] __run_hrtimer+0x163/0x460
[ 558.571101][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 558.576957][ C0] hrtimer_interrupt+0x380/0xaf0
[ 558.582159][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 558.588072][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 558.593800][ C0]
[ 558.596751][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 558.602733][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 558.608892][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 558.628575][ C0] RSP: 0018:ffffc900041cf7b8 EFLAGS: 00000246
[ 558.634770][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000988800976500c
[ 558.642740][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 558.650708][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 558.658680][ C0] R10: ffffffff88f37060 R11: 0000000000000200 R12: 0000000000000026
[ 558.666654][ C0] R13: 57ae92fd3fa6b300 R14: ffff88800976500c R15: 0000000000000004
[ 558.674615][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 558.680150][ C0] __tlb_remove_page_size+0x65/0x180
[ 558.685432][ C0] zap_pte_range+0x669/0x13f0
[ 558.690129][ C0] unmap_page_range+0x540/0x650
[ 558.695005][ C0] unmap_single_vma+0x157/0x210
[ 558.699855][ C0] unmap_vmas+0xc0/0x170
[ 558.704082][ C0] exit_mmap+0x1be/0x400
[ 558.708310][ C0] __mmput+0xa2/0x220
[ 558.712307][ C0] mmput+0x3d/0x50
[ 558.716031][ C0] exit_mm+0x344/0x430
[ 558.720139][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 558.725933][ C0] ? taskstats_exit+0x334/0x730
[ 558.730851][ C0] ? acct_collect+0x3a4/0x400
[ 558.735655][ C0] do_exit+0x3ff/0x1670
[ 558.739824][ C0] ? do_futex+0x1080/0x1cd0
[ 558.744334][ C0] do_group_exit+0xce/0x180
[ 558.748821][ C0] get_signal+0xdce/0x14e0
[ 558.753251][ C0] ? errseq_sample+0x2b/0x40
[ 558.757833][ C0] ? alloc_file+0x253/0x280
[ 558.762338][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 558.767917][ C0] ? __se_sys_futex+0x2a8/0x390
[ 558.772759][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 558.778399][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 558.783855][ C0] do_syscall_64+0x45/0x80
[ 558.788290][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 558.794243][ C0] RIP: 0033:0x466459
[ 558.798139][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 558.805113][ C0] RSP: 002b:00007f12a42a5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 558.813517][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 558.821510][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 558.829483][ C0] RBP: 000000000056bf60 R08: 000000000000000e R09: 0000000000000000
19:30:35 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xa, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:35 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x7)
[ 558.837450][ C0] R10: 0000000000000003 R11: 0000000000000246 R12: 000000000056bf6c
[ 558.845416][ C0] R13: 00007ffc7bb4651f R14: 00007f12a42a5300 R15: 0000000000022000
[ 558.853405][ C0] ---[ end trace 6a9a87c08c22e099 ]---
[ 558.959124][ C0] ------------[ cut here ]------------
[ 558.964615][ C0] WARNING: CPU: 0 PID: 28143 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 558.975474][ C0] Modules linked in:
[ 558.979375][ C0] CPU: 0 PID: 28143 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 558.989514][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 558.999838][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 559.005859][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 559.025464][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 559.031540][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000022 RCX: ffff8880444a5000
[ 559.039730][ C0] RDX: 0000000080010000 RSI: 0000000000000022 RDI: 0000000000000001
[ 559.047701][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 559.055671][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 559.063855][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 559.071867][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 559.080939][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 559.087514][ C0] CR2: 0000001b30321000 CR3: 0000000027c2e000 CR4: 00000000001506f0
[ 559.095511][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 559.103589][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 559.111578][ C0] Call Trace:
[ 559.114862][ C0]
[ 559.117706][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 559.123725][ C0] __run_hrtimer+0x163/0x460
[ 559.128378][ C0] hrtimer_interrupt+0x380/0xaf0
[ 559.133582][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 559.139603][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 559.145272][ C0]
[ 559.148207][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 559.154183][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 559.160844][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 559.180556][ C0] RSP: 0018:ffffc9000517bb78 EFLAGS: 00000246
[ 559.186726][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00098880444a54d8
[ 559.194801][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 559.202883][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 559.210963][ C0] R10: ffffffff88f37060 R11: 0000000000000200 R12: 0000000000000026
[ 559.218935][ C0] R13: ffffffff81635cdf R14: ffff8880444a54d8 R15: 0000000000000004
[ 559.227033][ C0] ? follow_page_pte+0x77f/0xb90
[ 559.232082][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 559.237621][ C0] ? follow_page_pte+0x77f/0xb90
[ 559.242570][ C0] handle_mm_fault+0x103/0x1840
[ 559.247442][ C0] ? follow_pmd_mask+0x4b0/0xee0
[ 559.252386][ C0] ? follow_page_mask+0x382/0x540
[ 559.257407][ C0] __get_user_pages+0xa47/0x1000
[ 559.262387][ C0] __mm_populate+0x24d/0x380
[ 559.267012][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 559.271608][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 559.276301][ C0] ? switch_fpu_return+0xa/0x10
[ 559.281231][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 559.286969][ C0] do_syscall_64+0x39/0x80
[ 559.291404][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 559.297335][ C0] RIP: 0033:0x466459
[ 559.301219][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 559.321095][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 559.329513][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 559.337509][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 559.345467][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 559.353443][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 559.361438][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 559.369411][ C0] ---[ end trace 6a9a87c08c22e09a ]---
[ 559.375229][ C0] ------------[ cut here ]------------
[ 559.380701][ C0] WARNING: CPU: 0 PID: 28143 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 559.391586][ C0] Modules linked in:
[ 559.395488][ C0] CPU: 0 PID: 28143 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
19:30:36 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc0045878, &(0x7f0000000040)={0x4})
[ 559.405645][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 559.415894][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 559.421904][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 559.441565][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 559.447636][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff8880444a5000
19:30:36 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc004743e, &(0x7f0000000040)={0x4})
[ 559.455606][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 559.463579][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 559.471551][ C0] R10: 0001ffffffffffff R11: ffff8880444a5000 R12: ffff88813bc1da58
[ 559.479522][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 559.487496][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 559.496451][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 559.503072][ C0] CR2: 0000001b30321000 CR3: 0000000027c2e000 CR4: 00000000001506f0
19:30:36 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc0189436, &(0x7f0000000040)={0x4})
[ 559.511055][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 559.519031][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 559.527028][ C0] Call Trace:
[ 559.530336][ C0]
[ 559.533177][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 559.539032][ C0] __run_hrtimer+0x163/0x460
[ 559.543623][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 559.549431][ C0] hrtimer_interrupt+0x380/0xaf0
[ 559.554382][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 559.560308][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 559.565968][ C0]
[ 559.568920][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 559.574917][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 559.581086][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 559.601153][ C0] RSP: 0018:ffffc9000517bb78 EFLAGS: 00000246
19:30:36 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xb, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:36 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc020660b, &(0x7f0000000040)={0x4})
[ 559.607245][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00098880444a54d8
[ 559.615218][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 559.623204][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 559.631208][ C0] R10: ffffffff88f37060 R11: 0000000000000200 R12: 0000000000000026
[ 559.639527][ C0] R13: ffffffff81635cdf R14: ffff8880444a54d8 R15: 0000000000000004
[ 559.648638][ C0] ? follow_page_pte+0x77f/0xb90
[ 559.653586][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
19:30:36 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0xb})
[ 559.659152][ C0] ? follow_page_pte+0x77f/0xb90
[ 559.664108][ C0] handle_mm_fault+0x103/0x1840
[ 559.669015][ C0] ? follow_pmd_mask+0x4b0/0xee0
[ 559.673961][ C0] ? follow_page_mask+0x382/0x540
[ 559.678994][ C0] __get_user_pages+0xa47/0x1000
[ 559.684056][ C0] __mm_populate+0x24d/0x380
[ 559.688658][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 559.693258][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 559.697968][ C0] ? switch_fpu_return+0xa/0x10
[ 559.702833][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 559.708705][ C0] do_syscall_64+0x39/0x80
[ 559.713126][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 559.719012][ C0] RIP: 0033:0x466459
[ 559.722905][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 559.742605][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 559.751135][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 559.759100][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 559.767058][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 559.775028][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 559.783157][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 559.791154][ C0] ---[ end trace 6a9a87c08c22e09b ]---
[ 559.796933][ C0] ------------[ cut here ]------------
[ 559.802422][ C0] WARNING: CPU: 0 PID: 28143 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 559.813397][ C0] Modules linked in:
[ 559.817288][ C0] CPU: 0 PID: 28143 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 559.827640][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 559.837962][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 559.843959][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 559.864003][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 559.870074][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff8880444a5000
[ 559.878239][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 559.886326][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 559.894334][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 559.902392][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 559.910363][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 559.919305][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 559.925897][ C0] CR2: 0000001b30321000 CR3: 0000000027c2e000 CR4: 00000000001506f0
[ 559.934045][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 559.942026][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 559.949987][ C0] Call Trace:
[ 559.953252][ C0]
[ 559.956096][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 559.961890][ C0] __run_hrtimer+0x163/0x460
[ 559.966486][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 559.972391][ C0] hrtimer_interrupt+0x380/0xaf0
[ 559.977354][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 559.983239][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 559.988897][ C0]
[ 559.991817][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 559.997798][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 560.003960][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 560.023594][ C0] RSP: 0018:ffffc9000517bb78 EFLAGS: 00000246
[ 560.029774][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00098880444a54d8
[ 560.037738][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 560.045854][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 560.054107][ C0] R10: ffffffff88f37060 R11: 0000000000000200 R12: 0000000000000026
[ 560.062066][ C0] R13: ffffffff81635cdf R14: ffff8880444a54d8 R15: 0000000000000004
[ 560.070030][ C0] ? follow_page_pte+0x77f/0xb90
[ 560.075523][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 560.081106][ C0] ? follow_page_pte+0x77f/0xb90
[ 560.086079][ C0] handle_mm_fault+0x103/0x1840
[ 560.090936][ C0] ? follow_pmd_mask+0x4b0/0xee0
[ 560.096345][ C0] ? follow_page_mask+0x382/0x540
[ 560.101369][ C0] __get_user_pages+0xa47/0x1000
[ 560.106300][ C0] __mm_populate+0x24d/0x380
[ 560.110978][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 560.115570][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 560.120269][ C0] ? switch_fpu_return+0xa/0x10
[ 560.125124][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 560.130849][ C0] do_syscall_64+0x39/0x80
[ 560.135269][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 560.141179][ C0] RIP: 0033:0x466459
[ 560.145084][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 560.164679][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 560.173109][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 560.181067][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 560.189198][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 560.197441][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 560.205537][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 560.213548][ C0] ---[ end trace 6a9a87c08c22e09c ]---
19:30:36 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2}, 0x38)
19:30:36 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:36 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xc, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 560.319367][ C0] ------------[ cut here ]------------
[ 560.324908][ C0] WARNING: CPU: 0 PID: 28169 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 560.335884][ C0] Modules linked in:
[ 560.339837][ C0] CPU: 0 PID: 28169 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 560.349986][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 560.360056][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 560.366086][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 560.385728][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 560.394504][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff88810e62f000
[ 560.402483][ C0] RDX: 0000000080010000 RSI: 000000000000001f RDI: 0000000000000001
[ 560.410439][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 560.418434][ C0] R10: 0001ffffffffffff R11: 000000000000038b R12: ffff88813bc1da58
[ 560.426389][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 560.434352][ C0] FS: 0000000002aa0400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 560.443277][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 560.450048][ C0] CR2: 00000000004e4a65 CR3: 00000001092a7000 CR4: 00000000001506f0
[ 560.458024][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 560.465977][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 560.473956][ C0] Call Trace:
[ 560.477240][ C0]
[ 560.480086][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 560.485905][ C0] __run_hrtimer+0x163/0x460
[ 560.490517][ C0] ? virtnet_poll_tx+0x179/0x1b0
[ 560.495494][ C0] hrtimer_interrupt+0x380/0xaf0
[ 560.500421][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 560.506306][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 560.511942][ C0]
[ 560.516533][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 560.522524][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 560.528704][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 560.548297][ C0] RSP: 0018:ffffc9000512fbb8 EFLAGS: 00000246
[ 560.554349][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 001188810386f000
[ 560.562300][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 560.570269][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 560.578229][ C0] R10: ffffffff88f370b8 R11: 0000000000000200 R12: 0000000000000031
[ 560.586193][ C0] R13: 0000000000000000 R14: ffff88810386f000 R15: 0000000000000008
[ 560.594158][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 560.599702][ C0] ext4_get_group_desc+0xe3/0x1b0
[ 560.604714][ C0] find_inode_bit+0x16a/0x3a0
[ 560.609403][ C0] __ext4_new_inode+0xb6c/0x2fe0
[ 560.614341][ C0] ext4_symlink+0x2d1/0x780
[ 560.619854][ C0] ? bpf_lsm_inode_symlink+0x5/0x10
[ 560.625041][ C0] vfs_symlink+0xbe/0x170
[ 560.629378][ C0] do_symlinkat+0x11e/0x2b0
[ 560.633890][ C0] __x64_sys_symlink+0x32/0x40
[ 560.639034][ C0] do_syscall_64+0x39/0x80
[ 560.643452][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 560.649337][ C0] RIP: 0033:0x465d67
[ 560.653219][ C0] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 58 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 560.672955][ C0] RSP: 002b:00007fff879691d8 EFLAGS: 00000206 ORIG_RAX: 0000000000000058
[ 560.681354][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000465d67
[ 560.689356][ C0] RDX: 00007fff879692c3 RSI: 00000000004bfab2 RDI: 00007fff879692b0
[ 560.697317][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007fff87969070
[ 560.705277][ C0] R10: 00007fff87968f27 R11: 0000000000000206 R12: 0000000000000001
[ 560.713281][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff879692b0
19:30:37 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xd, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:37 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x8)
19:30:37 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
sched_setscheduler(0x0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r1, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 560.721240][ C0] ---[ end trace 6a9a87c08c22e09d ]---
[ 560.727137][ C0] ------------[ cut here ]------------
[ 560.732625][ C0] WARNING: CPU: 0 PID: 28169 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 560.743502][ C0] Modules linked in:
[ 560.747415][ C0] CPU: 0 PID: 28169 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 560.757566][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
19:30:37 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x2})
[ 560.767631][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 560.773639][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 560.793686][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 560.799777][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810e62f000
[ 560.807759][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 560.815753][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 560.823734][ C0] R10: 0001ffffffffffff R11: ffff88810e62f000 R12: ffff88813bc1da58
[ 560.831842][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 560.839842][ C0] FS: 0000000002aa0400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 560.848796][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 560.855417][ C0] CR2: 00000000004e4a65 CR3: 00000001092a7000 CR4: 00000000001506f0
[ 560.863377][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 560.871473][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 560.879439][ C0] Call Trace:
[ 560.882734][ C0]
[ 560.885580][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 560.891387][ C0] __run_hrtimer+0x163/0x460
[ 560.895987][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 560.901800][ C0] hrtimer_interrupt+0x380/0xaf0
[ 560.906758][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 560.912665][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 560.918307][ C0]
[ 560.921584][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 560.927688][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 560.934665][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 560.954574][ C0] RSP: 0018:ffffc9000512fbb8 EFLAGS: 00000246
[ 560.960627][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 001188810386f000
[ 560.968592][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 560.976574][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 560.984586][ C0] R10: ffffffff88f370b8 R11: 0000000000000200 R12: 0000000000000031
[ 560.992545][ C0] R13: 0000000000000000 R14: ffff88810386f000 R15: 0000000000000008
[ 561.000518][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 561.006073][ C0] ext4_get_group_desc+0xe3/0x1b0
[ 561.011102][ C0] find_inode_bit+0x16a/0x3a0
[ 561.015774][ C0] __ext4_new_inode+0xb6c/0x2fe0
[ 561.020724][ C0] ext4_symlink+0x2d1/0x780
[ 561.025229][ C0] ? bpf_lsm_inode_symlink+0x5/0x10
[ 561.030486][ C0] vfs_symlink+0xbe/0x170
[ 561.034821][ C0] do_symlinkat+0x11e/0x2b0
[ 561.039317][ C0] __x64_sys_symlink+0x32/0x40
[ 561.044374][ C0] do_syscall_64+0x39/0x80
[ 561.048805][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 561.054706][ C0] RIP: 0033:0x465d67
[ 561.058593][ C0] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 58 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 561.078229][ C0] RSP: 002b:00007fff879691d8 EFLAGS: 00000206 ORIG_RAX: 0000000000000058
[ 561.086626][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000465d67
[ 561.094716][ C0] RDX: 00007fff879692c3 RSI: 00000000004bfab2 RDI: 00007fff879692b0
[ 561.102692][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007fff87969070
[ 561.110657][ C0] R10: 00007fff87968f27 R11: 0000000000000206 R12: 0000000000000001
[ 561.118800][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff879692b0
[ 561.126765][ C0] ---[ end trace 6a9a87c08c22e09e ]---
[ 561.132525][ C0] ------------[ cut here ]------------
[ 561.138050][ C0] WARNING: CPU: 0 PID: 28169 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 561.148916][ C0] Modules linked in:
[ 561.152886][ C0] CPU: 0 PID: 28169 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 561.163040][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 561.173177][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 561.179188][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 561.198952][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 561.205010][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff88810e62f000
[ 561.212994][ C0] RDX: 0000000000010000 RSI: 0000000000000018 RDI: 0000000000000001
[ 561.220953][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 561.228928][ C0] R10: 0001ffffffffffff R11: ffff88810e62f000 R12: ffff88813bc1da58
[ 561.236918][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 561.244988][ C0] FS: 0000000002aa0400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 561.253946][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 561.260523][ C0] CR2: 00000000004e4a65 CR3: 00000001092a7000 CR4: 00000000001506f0
[ 561.268504][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 561.276462][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 561.284441][ C0] Call Trace:
[ 561.287723][ C0]
[ 561.290556][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 561.296350][ C0] __run_hrtimer+0x163/0x460
[ 561.300937][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 561.306754][ C0] hrtimer_interrupt+0x380/0xaf0
[ 561.311704][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 561.317621][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 561.323270][ C0]
[ 561.326189][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 561.332171][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 561.338314][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 561.357928][ C0] RSP: 0018:ffffc9000512fbb8 EFLAGS: 00000246
[ 561.364004][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 001188810386f000
[ 561.371961][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 561.379955][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 561.388277][ C0] R10: ffffffff88f370b8 R11: 0000000000000200 R12: 0000000000000031
[ 561.396253][ C0] R13: 0000000000000000 R14: ffff88810386f000 R15: 0000000000000008
[ 561.404361][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 561.409926][ C0] ext4_get_group_desc+0xe3/0x1b0
[ 561.414967][ C0] find_inode_bit+0x16a/0x3a0
[ 561.419648][ C0] __ext4_new_inode+0xb6c/0x2fe0
[ 561.424609][ C0] ext4_symlink+0x2d1/0x780
[ 561.429096][ C0] ? bpf_lsm_inode_symlink+0x5/0x10
[ 561.434300][ C0] vfs_symlink+0xbe/0x170
[ 561.438632][ C0] do_symlinkat+0x11e/0x2b0
[ 561.443322][ C0] __x64_sys_symlink+0x32/0x40
[ 561.448083][ C0] do_syscall_64+0x39/0x80
[ 561.452483][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 561.458383][ C0] RIP: 0033:0x465d67
[ 561.462278][ C0] Code: 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 58 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 561.481869][ C0] RSP: 002b:00007fff879691d8 EFLAGS: 00000206 ORIG_RAX: 0000000000000058
[ 561.490275][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000465d67
[ 561.498348][ C0] RDX: 00007fff879692c3 RSI: 00000000004bfab2 RDI: 00007fff879692b0
[ 561.506309][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007fff87969070
[ 561.514278][ C0] R10: 00007fff87968f27 R11: 0000000000000206 R12: 0000000000000001
19:30:38 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0xc})
[ 561.522361][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff879692b0
[ 561.530323][ C0] ---[ end trace 6a9a87c08c22e09f ]---
19:30:38 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xe, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 561.636109][ C0] ------------[ cut here ]------------
[ 561.641650][ C0] WARNING: CPU: 0 PID: 28177 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 561.652534][ C0] Modules linked in:
[ 561.656447][ C0] CPU: 0 PID: 28177 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 561.666634][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 561.676696][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:38 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
sched_setscheduler(0x0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r1, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 561.682696][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 561.702320][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 561.708393][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001e RCX: ffff88810e453000
[ 561.716385][ C0] RDX: 0000000080010001 RSI: 000000000000001e RDI: 0000000000000001
[ 561.724376][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:30:38 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xf, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 561.732356][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 561.740356][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 561.748337][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 561.757276][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 561.763895][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 561.771893][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
19:30:38 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
sched_setscheduler(0x0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r1, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 561.779891][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 561.787876][ C0] Call Trace:
[ 561.791161][ C0]
[ 561.794012][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 561.800876][ C0] __run_hrtimer+0x163/0x460
[ 561.805482][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 561.811765][ C0] hrtimer_interrupt+0x380/0xaf0
[ 561.816726][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 561.822768][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 561.828424][ C0]
[ 561.831360][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 561.837463][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x0/0x90
[ 561.844364][ C0] Code: 54 f9 08 48 c1 e0 03 48 83 c8 18 48 89 34 01 4c 89 44 f9 18 49 ff c2 4c 89 11 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <4c> 8b 04 24 65 48 8b 14 25 00 6d 01 00 65 8b 05 44 37 bb 7e a9 00
[ 561.863984][ C0] RSP: 0018:ffffc90004fe3830 EFLAGS: 00000246
[ 561.870099][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88810e453000
[ 561.878077][ C0] RDX: ffff88810e453000 RSI: 0000000000000001 RDI: 0000000000000000
[ 561.886081][ C0] RBP: ffffc90004fe3901 R08: ffffffff8163a872 R09: 000188802cfc36cf
[ 561.894065][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: 00000000550c7027
[ 561.902044][ C0] R13: ffff8880218e80c0 R14: 0000000020ad9000 R15: ffff888039c26320
[ 561.910031][ C0] ? vm_normal_page+0x22/0x1b0
[ 561.914935][ C0] vm_normal_page+0x3a/0x1b0
[ 561.919521][ C0] zap_pte_range+0x204/0x13f0
[ 561.924220][ C0] ? try_to_wake_up+0x254/0x440
[ 561.929076][ C0] unmap_page_range+0x540/0x650
[ 561.933950][ C0] unmap_single_vma+0x157/0x210
[ 561.938799][ C0] unmap_vmas+0xc0/0x170
[ 561.943028][ C0] exit_mmap+0x1be/0x400
[ 561.947282][ C0] __mmput+0xa2/0x220
[ 561.951265][ C0] mmput+0x3d/0x50
[ 561.955000][ C0] exit_mm+0x344/0x430
[ 561.959049][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 561.964881][ C0] ? taskstats_exit+0x334/0x730
[ 561.969736][ C0] ? acct_collect+0x3a4/0x400
[ 561.974397][ C0] do_exit+0x3ff/0x1670
[ 561.978552][ C0] ? do_futex+0x1062/0x1cd0
[ 561.983051][ C0] do_group_exit+0xce/0x180
[ 561.987556][ C0] get_signal+0xdce/0x14e0
[ 561.992012][ C0] ? __mm_populate+0x32c/0x380
[ 561.996790][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 562.002334][ C0] ? __se_sys_futex+0x2a8/0x390
[ 562.009865][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 562.015913][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 562.022298][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 562.028207][ C0] do_syscall_64+0x45/0x80
[ 562.032818][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 562.040300][ C0] RIP: 0033:0x466459
[ 562.044297][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 562.051127][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 562.059615][ C0] RAX: fffffffffffffe00 RBX: 000000000056bf68 RCX: 0000000000466459
[ 562.067592][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000056bf68
[ 562.075557][ C0] RBP: 000000000056bf60 R08: 0000000000000000 R09: 0000000000000000
[ 562.083686][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf6c
[ 562.091679][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 562.099900][ C0] ---[ end trace 6a9a87c08c22e0a0 ]---
[ 562.105704][ C0] ------------[ cut here ]------------
[ 562.111267][ C0] WARNING: CPU: 0 PID: 28177 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 562.122132][ C0] Modules linked in:
[ 562.126036][ C0] CPU: 0 PID: 28177 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 562.136201][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 562.146303][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 562.152436][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 562.172085][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 562.178203][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff88810e453000
[ 562.186473][ C0] RDX: 0000000080010001 RSI: 000000000000001c RDI: 0000000000000001
[ 562.194497][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 562.202492][ C0] R10: 0001ffffffffffff R11: 0000000000000204 R12: ffff88813bc1da58
[ 562.210470][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 562.218452][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 562.227423][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 562.234144][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 562.242188][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 562.250172][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 562.258135][ C0] Call Trace:
[ 562.261426][ C0]
[ 562.264255][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 562.270139][ C0] __run_hrtimer+0x163/0x460
[ 562.274744][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 562.280583][ C0] hrtimer_interrupt+0x380/0xaf0
[ 562.285542][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 562.291446][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 562.297076][ C0]
[ 562.300027][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 562.306045][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x0/0x90
[ 562.312838][ C0] Code: 54 f9 08 48 c1 e0 03 48 83 c8 18 48 89 34 01 4c 89 44 f9 18 49 ff c2 4c 89 11 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <4c> 8b 04 24 65 48 8b 14 25 00 6d 01 00 65 8b 05 44 37 bb 7e a9 00
[ 562.332542][ C0] RSP: 0018:ffffc90004fe3830 EFLAGS: 00000246
[ 562.338597][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88810e453000
[ 562.346580][ C0] RDX: ffff88810e453000 RSI: 0000000000000001 RDI: 0000000000000000
[ 562.354564][ C0] RBP: ffffc90004fe3901 R08: ffffffff8163a872 R09: 000188802cfc36cf
[ 562.362539][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: 00000000550c7027
[ 562.370624][ C0] R13: ffff8880218e80c0 R14: 0000000020ad9000 R15: ffff888039c26320
[ 562.378607][ C0] ? vm_normal_page+0x22/0x1b0
[ 562.383409][ C0] vm_normal_page+0x3a/0x1b0
[ 562.388021][ C0] zap_pte_range+0x204/0x13f0
[ 562.392687][ C0] ? try_to_wake_up+0x254/0x440
[ 562.397517][ C0] unmap_page_range+0x540/0x650
[ 562.402386][ C0] unmap_single_vma+0x157/0x210
[ 562.407232][ C0] unmap_vmas+0xc0/0x170
[ 562.411507][ C0] exit_mmap+0x1be/0x400
[ 562.415741][ C0] __mmput+0xa2/0x220
[ 562.419729][ C0] mmput+0x3d/0x50
[ 562.423449][ C0] exit_mm+0x344/0x430
[ 562.427527][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 562.433347][ C0] ? taskstats_exit+0x334/0x730
[ 562.438196][ C0] ? acct_collect+0x3a4/0x400
[ 562.442928][ C0] do_exit+0x3ff/0x1670
[ 562.447134][ C0] ? do_futex+0x1062/0x1cd0
[ 562.451622][ C0] do_group_exit+0xce/0x180
[ 562.456138][ C0] get_signal+0xdce/0x14e0
[ 562.460673][ C0] ? __mm_populate+0x32c/0x380
[ 562.465433][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 562.470994][ C0] ? __se_sys_futex+0x2a8/0x390
[ 562.475869][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 562.481417][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 562.487044][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 562.492560][ C0] do_syscall_64+0x45/0x80
[ 562.496972][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 562.502861][ C0] RIP: 0033:0x466459
[ 562.506795][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 562.513631][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 562.522050][ C0] RAX: fffffffffffffe00 RBX: 000000000056bf68 RCX: 0000000000466459
[ 562.530031][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000056bf68
[ 562.538012][ C0] RBP: 000000000056bf60 R08: 0000000000000000 R09: 0000000000000000
[ 562.545973][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf6c
[ 562.553933][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 562.561916][ C0] ---[ end trace 6a9a87c08c22e0a1 ]---
[ 562.567616][ C0] ------------[ cut here ]------------
[ 562.573144][ C0] WARNING: CPU: 0 PID: 28177 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 562.584138][ C0] Modules linked in:
[ 562.588198][ C0] CPU: 0 PID: 28177 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 562.598345][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 562.608389][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 562.614363][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 562.633959][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 562.640015][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff88810e453000
[ 562.647978][ C0] RDX: 0000000080010001 RSI: 000000000000001c RDI: 0000000000000001
[ 562.655952][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 562.663926][ C0] R10: 0001ffffffffffff R11: ffff88810e453000 R12: ffff88813bc1da58
[ 562.671914][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 562.679915][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 562.688860][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 562.695435][ C0] CR2: 0000001b30d23000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 562.703413][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 562.711614][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 562.719586][ C0] Call Trace:
[ 562.722854][ C0]
[ 562.725714][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 562.731523][ C0] __run_hrtimer+0x163/0x460
[ 562.736113][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 562.741906][ C0] hrtimer_interrupt+0x380/0xaf0
[ 562.746988][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 562.752876][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 562.758514][ C0]
[ 562.761446][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 562.767559][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x0/0x90
[ 562.774343][ C0] Code: 54 f9 08 48 c1 e0 03 48 83 c8 18 48 89 34 01 4c 89 44 f9 18 49 ff c2 4c 89 11 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 <4c> 8b 04 24 65 48 8b 14 25 00 6d 01 00 65 8b 05 44 37 bb 7e a9 00
[ 562.793955][ C0] RSP: 0018:ffffc90004fe3830 EFLAGS: 00000246
[ 562.800008][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88810e453000
[ 562.807966][ C0] RDX: ffff88810e453000 RSI: 0000000000000001 RDI: 0000000000000000
[ 562.815926][ C0] RBP: ffffc90004fe3901 R08: ffffffff8163a872 R09: 000188802cfc36cf
[ 562.823901][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: 00000000550c7027
[ 562.831864][ C0] R13: ffff8880218e80c0 R14: 0000000020ad9000 R15: ffff888039c26320
[ 562.839830][ C0] ? vm_normal_page+0x22/0x1b0
[ 562.844866][ C0] vm_normal_page+0x3a/0x1b0
[ 562.849484][ C0] zap_pte_range+0x204/0x13f0
[ 562.854252][ C0] ? try_to_wake_up+0x254/0x440
[ 562.859111][ C0] unmap_page_range+0x540/0x650
[ 562.864068][ C0] unmap_single_vma+0x157/0x210
[ 562.868929][ C0] unmap_vmas+0xc0/0x170
[ 562.873329][ C0] exit_mmap+0x1be/0x400
[ 562.877578][ C0] __mmput+0xa2/0x220
[ 562.881657][ C0] mmput+0x3d/0x50
[ 562.885366][ C0] exit_mm+0x344/0x430
[ 562.889431][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 562.895225][ C0] ? taskstats_exit+0x334/0x730
[ 562.900118][ C0] ? acct_collect+0x3a4/0x400
[ 562.904804][ C0] do_exit+0x3ff/0x1670
[ 562.908992][ C0] ? do_futex+0x1062/0x1cd0
[ 562.913480][ C0] do_group_exit+0xce/0x180
[ 562.917992][ C0] get_signal+0xdce/0x14e0
[ 562.922417][ C0] ? __mm_populate+0x32c/0x380
[ 562.927163][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 562.932694][ C0] ? __se_sys_futex+0x2a8/0x390
[ 562.937545][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 562.943105][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 562.948746][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 562.954202][ C0] do_syscall_64+0x45/0x80
[ 562.958619][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 562.964551][ C0] RIP: 0033:0x466459
[ 562.968426][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 562.975253][ C0] RSP: 002b:00007f09d1107218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 562.983726][ C0] RAX: fffffffffffffe00 RBX: 000000000056bf68 RCX: 0000000000466459
[ 562.991710][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000056bf68
[ 562.999773][ C0] RBP: 000000000056bf60 R08: 0000000000000000 R09: 0000000000000000
[ 563.007738][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf6c
[ 563.015713][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 563.023813][ C0] ---[ end trace 6a9a87c08c22e0a2 ]---
[ 563.130743][ C0] ------------[ cut here ]------------
[ 563.136248][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 563.146955][ C0] Modules linked in:
[ 563.150851][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 563.160219][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 563.170292][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 563.176284][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 563.195977][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 563.202055][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000022 RCX: ffffffff87630780
[ 563.210125][ C0] RDX: 0000000080010001 RSI: 0000000000000022 RDI: 0000000000000001
[ 563.218110][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 563.226083][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 563.234068][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 563.242064][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 563.251006][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 563.257571][ C0] CR2: 00007fb454f5e000 CR3: 0000000107ad0000 CR4: 00000000001506f0
[ 563.265529][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 563.273499][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 563.281890][ C0] Call Trace:
[ 563.285518][ C0]
[ 563.288360][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 563.294171][ C0] __run_hrtimer+0x163/0x460
[ 563.298763][ C0] hrtimer_interrupt+0x380/0xaf0
[ 563.303707][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 563.309609][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 563.315248][ C0]
[ 563.318180][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 563.324279][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 563.329823][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 563.349568][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 563.356664][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 563.364639][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 563.372868][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 563.381056][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 563.390578][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 563.399381][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 563.404559][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 563.409736][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 563.414883][ C0] cpuidle_enter+0x3c/0x60
[ 563.419281][ C0] do_idle+0x193/0x230
[ 563.423345][ C0] cpu_startup_entry+0x15/0x20
[ 563.428130][ C0] rest_init+0xd7/0xe0
[ 563.432209][ C0] ? time_init+0xc/0xc
[ 563.436691][ C0] arch_call_rest_init+0xa/0xb
[ 563.441440][ C0] start_kernel+0x5a1/0x626
[ 563.445944][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 563.451827][ C0] ---[ end trace 6a9a87c08c22e0a3 ]---
[ 563.457617][ C0] ------------[ cut here ]------------
[ 563.463074][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 563.473588][ C0] Modules linked in:
[ 563.477483][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 563.486887][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 563.496952][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 563.502967][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 563.522581][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 563.528649][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 563.536650][ C0] RDX: 0000000080010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 563.544628][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 563.552719][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 563.560715][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 563.568697][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 563.577622][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 563.584194][ C0] CR2: 00007fb454f5e000 CR3: 0000000107ad0000 CR4: 00000000001506f0
[ 563.592176][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 563.600154][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 563.608135][ C0] Call Trace:
[ 563.611418][ C0]
[ 563.614257][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 563.620136][ C0] __run_hrtimer+0x163/0x460
[ 563.624733][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 563.630531][ C0] hrtimer_interrupt+0x380/0xaf0
[ 563.635524][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 563.641571][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 563.647225][ C0]
[ 563.650153][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 563.656145][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 563.661690][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 563.681534][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 563.687587][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 563.695542][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 563.703513][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 563.711488][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 563.719447][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 563.727431][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 563.732364][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 563.737322][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 563.742437][ C0] cpuidle_enter+0x3c/0x60
[ 563.746865][ C0] do_idle+0x193/0x230
[ 563.750946][ C0] cpu_startup_entry+0x15/0x20
[ 563.755712][ C0] rest_init+0xd7/0xe0
[ 563.759765][ C0] ? time_init+0xc/0xc
[ 563.763827][ C0] arch_call_rest_init+0xa/0xb
[ 563.768587][ C0] start_kernel+0x5a1/0x626
[ 563.773108][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 563.779003][ C0] ---[ end trace 6a9a87c08c22e0a4 ]---
[ 563.784785][ C0] ------------[ cut here ]------------
[ 563.790300][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 563.800859][ C0] Modules linked in:
[ 563.804736][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 563.814113][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 563.824176][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 563.830146][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 563.849739][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 563.855808][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000013 RCX: ffffffff87630780
[ 563.863804][ C0] RDX: 0000000080010001 RSI: 0000000000000013 RDI: 0000000000000001
[ 563.871783][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 563.879783][ C0] R10: 0001ffffffffffff R11: 0000000000000333 R12: ffff88813bc1da58
[ 563.887816][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 563.895792][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 563.904741][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 563.911344][ C0] CR2: 00007fb454f5e000 CR3: 0000000107ad0000 CR4: 00000000001506f0
[ 563.919314][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 563.927284][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 563.935246][ C0] Call Trace:
[ 563.938532][ C0]
[ 563.941358][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 563.947149][ C0] __run_hrtimer+0x163/0x460
[ 563.951751][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 563.957675][ C0] hrtimer_interrupt+0x380/0xaf0
[ 563.962619][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 563.968514][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 563.974160][ C0]
[ 563.977073][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 563.983046][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 563.988789][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 564.008418][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 564.014490][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 564.022457][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 564.030429][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 564.038474][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 564.046464][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 564.054423][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 564.059354][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 564.064392][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 564.069639][ C0] cpuidle_enter+0x3c/0x60
[ 564.074046][ C0] do_idle+0x193/0x230
[ 564.078103][ C0] cpu_startup_entry+0x15/0x20
19:30:40 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2}, 0x38)
19:30:40 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x10, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:40 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:40 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0xd})
19:30:40 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x9)
19:30:40 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x3})
19:30:40 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x11, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:40 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, 0x0)
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 564.082879][ C0] rest_init+0xd7/0xe0
[ 564.087085][ C0] ? time_init+0xc/0xc
[ 564.091159][ C0] arch_call_rest_init+0xa/0xb
[ 564.095927][ C0] start_kernel+0x5a1/0x626
[ 564.100428][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 564.106322][ C0] ---[ end trace 6a9a87c08c22e0a5 ]---
[ 564.212113][ C0] ------------[ cut here ]------------
[ 564.217647][ C0] WARNING: CPU: 0 PID: 8364 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 564.228432][ C0] Modules linked in:
[ 564.232339][ C0] CPU: 0 PID: 8364 Comm: syz-fuzzer Tainted: G W 5.12.0-rc3-syzkaller #0
[ 564.242079][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 564.252160][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:40 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x12, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 564.258190][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 564.277808][ C0] RSP: 0000:ffffc90000df7d60 EFLAGS: 00010046
[ 564.283887][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff888105e07000
[ 564.291867][ C0] RDX: 0000000080010000 RSI: 000000000000001a RDI: 0000000000000001
[ 564.300053][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 564.308038][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 564.316032][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 564.324010][ C0] FS: 000000c000094090(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 564.333051][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 564.339739][ C0] CR2: 00007ff0e6deb6c8 CR3: 000000010ae0b000 CR4: 00000000001506f0
[ 564.347759][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
19:30:41 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, 0x0)
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 564.355746][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 564.363750][ C0] Call Trace:
[ 564.367031][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 564.372853][ C0] __run_hrtimer+0x163/0x460
[ 564.377545][ C0] ? fpu__restore_sig+0x51/0x80
[ 564.382488][ C0] hrtimer_interrupt+0x380/0xaf0
[ 564.387432][ C0] ? asm_sysvec_apic_timer_interrupt+0xa/0x20
[ 564.393536][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 564.399445][ C0] sysvec_apic_timer_interrupt+0x32/0x80
[ 564.405104][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 564.411099][ C0] RIP: 0033:0x420d75
[ 564.415358][ C0] Code: 0f b6 3b 49 89 cb 89 f1 41 89 fc d3 ef 49 83 fb 08 74 0a 0f ba e7 04 0f 83 c2 00 00 00 41 0f a3 cc 73 b5 4b 8d 3c 0b 48 8b 3f <48> 85 ff 74 a9 49 89 fc 4c 29 cf 48 39 d7 72 9e 48 89 5c 24 78 4c
[ 564.435057][ C0] RSP: 002b:000000c0000a5ea8 EFLAGS: 00000203
[ 564.441133][ C0] RAX: 0000000000203001 RBX: 00007ff0e6e4e83e RCX: 0000000000000003
[ 564.449116][ C0] RDX: 0000000000000030 RSI: 0000000000000003 RDI: 0000000000000000
[ 564.457096][ C0] RBP: 000000c0000a5f28 R08: 00007ff0e6f79fff R09: 000000c005a907b0
[ 564.465085][ C0] R10: 000000c00001fe98 R11: 0000000000000028 R12: 00000000000000f8
[ 564.473332][ C0] R13: 000000c000096180 R14: 0000000000b740a0 R15: 0000000002030038
[ 564.481322][ C0] ---[ end trace 6a9a87c08c22e0a6 ]---
[ 564.487222][ C0] ------------[ cut here ]------------
[ 564.492736][ C0] WARNING: CPU: 0 PID: 8364 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 564.503536][ C0] Modules linked in:
19:30:41 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0xe})
[ 564.507451][ C0] CPU: 0 PID: 8364 Comm: syz-fuzzer Tainted: G W 5.12.0-rc3-syzkaller #0
[ 564.517191][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 564.527251][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 564.533255][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 564.552893][ C0] RSP: 0000:ffffc90000df7d60 EFLAGS: 00010046
19:30:41 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2}, 0x38)
[ 564.558984][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000010 RCX: ffff888105e07000
[ 564.566982][ C0] RDX: 0000000080010000 RSI: 0000000000000010 RDI: 0000000000000001
[ 564.574970][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 564.582983][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 564.591016][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 564.599009][ C0] FS: 000000c000094090(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 564.607973][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 564.614574][ C0] CR2: 00007ff0e6deb6c8 CR3: 000000010ae0b000 CR4: 00000000001506f0
[ 564.622558][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 564.630537][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 564.639365][ C0] Call Trace:
[ 564.642663][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 564.648502][ C0] __run_hrtimer+0x163/0x460
[ 564.653125][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 564.658958][ C0] hrtimer_interrupt+0x380/0xaf0
[ 564.663914][ C0] ? asm_sysvec_apic_timer_interrupt+0xa/0x20
[ 564.670216][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 564.676161][ C0] sysvec_apic_timer_interrupt+0x32/0x80
[ 564.681811][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 564.687812][ C0] RIP: 0033:0x420d75
[ 564.691720][ C0] Code: 0f b6 3b 49 89 cb 89 f1 41 89 fc d3 ef 49 83 fb 08 74 0a 0f ba e7 04 0f 83 c2 00 00 00 41 0f a3 cc 73 b5 4b 8d 3c 0b 48 8b 3f <48> 85 ff 74 a9 49 89 fc 4c 29 cf 48 39 d7 72 9e 48 89 5c 24 78 4c
[ 564.711334][ C0] RSP: 002b:000000c0000a5ea8 EFLAGS: 00000203
[ 564.717414][ C0] RAX: 0000000000203001 RBX: 00007ff0e6e4e83e RCX: 0000000000000003
[ 564.725399][ C0] RDX: 0000000000000030 RSI: 0000000000000003 RDI: 0000000000000000
[ 564.733378][ C0] RBP: 000000c0000a5f28 R08: 00007ff0e6f79fff R09: 000000c005a907b0
[ 564.741377][ C0] R10: 000000c00001fe98 R11: 0000000000000028 R12: 00000000000000f8
[ 564.749367][ C0] R13: 000000c000096180 R14: 0000000000b740a0 R15: 0000000002030038
[ 564.757358][ C0] ---[ end trace 6a9a87c08c22e0a7 ]---
[ 564.763196][ C0] ------------[ cut here ]------------
[ 564.768652][ C0] WARNING: CPU: 0 PID: 8364 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 564.779450][ C0] Modules linked in:
[ 564.783352][ C0] CPU: 0 PID: 8364 Comm: syz-fuzzer Tainted: G W 5.12.0-rc3-syzkaller #0
[ 564.793090][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 564.803238][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:41 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x5})
[ 564.809371][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 564.828999][ C0] RSP: 0000:ffffc90000df7d60 EFLAGS: 00010046
[ 564.835073][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000011 RCX: ffff888105e07000
[ 564.843088][ C0] RDX: 0000000080010000 RSI: 0000000000000011 RDI: 0000000000000001
[ 564.851068][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 564.859047][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 564.867029][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 564.875139][ C0] FS: 000000c000094090(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 564.884080][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 564.890692][ C0] CR2: 00007ff0e6deb6c8 CR3: 000000010ae0b000 CR4: 00000000001506f0
[ 564.898694][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 564.906775][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 564.915359][ C0] Call Trace:
[ 564.918725][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 564.924540][ C0] __run_hrtimer+0x163/0x460
[ 564.929156][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 564.934967][ C0] hrtimer_interrupt+0x380/0xaf0
[ 564.939917][ C0] ? asm_sysvec_apic_timer_interrupt+0xa/0x20
[ 564.946114][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 564.952023][ C0] sysvec_apic_timer_interrupt+0x32/0x80
[ 564.957677][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 564.963672][ C0] RIP: 0033:0x420d75
[ 564.967566][ C0] Code: 0f b6 3b 49 89 cb 89 f1 41 89 fc d3 ef 49 83 fb 08 74 0a 0f ba e7 04 0f 83 c2 00 00 00 41 0f a3 cc 73 b5 4b 8d 3c 0b 48 8b 3f <48> 85 ff 74 a9 49 89 fc 4c 29 cf 48 39 d7 72 9e 48 89 5c 24 78 4c
[ 564.987199][ C0] RSP: 002b:000000c0000a5ea8 EFLAGS: 00000203
[ 564.993281][ C0] RAX: 0000000000203001 RBX: 00007ff0e6e4e83e RCX: 0000000000000003
[ 565.001473][ C0] RDX: 0000000000000030 RSI: 0000000000000003 RDI: 0000000000000000
[ 565.009452][ C0] RBP: 000000c0000a5f28 R08: 00007ff0e6f79fff R09: 000000c005a907b0
[ 565.017432][ C0] R10: 000000c00001fe98 R11: 0000000000000028 R12: 00000000000000f8
[ 565.025420][ C0] R13: 000000c000096180 R14: 0000000000b740a0 R15: 0000000002030038
[ 565.033501][ C0] ---[ end trace 6a9a87c08c22e0a8 ]---
[ 565.139484][ C0] ------------[ cut here ]------------
[ 565.144978][ C0] WARNING: CPU: 0 PID: 8364 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 565.155780][ C0] Modules linked in:
[ 565.159684][ C0] CPU: 0 PID: 8364 Comm: syz-fuzzer Tainted: G W 5.12.0-rc3-syzkaller #0
[ 565.169416][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 565.179476][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:41 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x25, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 565.185845][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 565.205493][ C0] RSP: 0000:ffffc90000df7d60 EFLAGS: 00010046
[ 565.211661][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000017 RCX: ffff888105e07000
[ 565.219992][ C0] RDX: 0000000080010000 RSI: 0000000000000017 RDI: 0000000000000001
[ 565.228021][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:30:41 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, 0x0)
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 565.236006][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 565.244181][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 565.252255][ C0] FS: 000000c000094090(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 565.261279][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 565.267873][ C0] CR2: 00007ff0e6deb6c8 CR3: 000000010ae0b000 CR4: 00000000001506f0
[ 565.275867][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
19:30:41 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x60, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 565.283862][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 565.291870][ C0] Call Trace:
[ 565.295190][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 565.301040][ C0] __run_hrtimer+0x163/0x460
[ 565.305638][ C0] ? fpu__restore_sig+0x51/0x80
[ 565.310525][ C0] hrtimer_interrupt+0x380/0xaf0
[ 565.315486][ C0] ? asm_sysvec_apic_timer_interrupt+0xa/0x20
[ 565.321593][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 565.327544][ C0] sysvec_apic_timer_interrupt+0x32/0x80
[ 565.333201][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 565.339196][ C0] RIP: 0033:0x420c0c
[ 565.343192][ C0] Code: ee 03 48 83 e6 03 4c 8d 82 ff ff 1f 00 49 89 f9 48 c1 ef 0d 48 81 e7 ff 1f 00 00 48 8b bc fa 00 00 20 00 84 02 90 48 8b 57 68 <48> 85 d2 0f 84 dd 02 00 00 66 0f 1f 84 00 00 00 00 00 66 90 48 81
[ 565.363756][ C0] RSP: 002b:000000c0000a5ea8 EFLAGS: 00000202
[ 565.369827][ C0] RAX: 0000000000203006 RBX: 00007ff0e5cf46cc RCX: 000000c000096180
[ 565.377804][ C0] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 00007ff0e572c1d8
19:30:42 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0xa)
[ 565.385780][ C0] RBP: 000000c0000a5f28 R08: 00007ff0e5d41fff R09: 000000c01b64d980
[ 565.393758][ C0] R10: 00000000000000cc R11: 00000000000000cb R12: 0000000000000051
[ 565.401774][ C0] R13: 000000c000096180 R14: 0000000000b740a0 R15: 0000000002030038
[ 565.409777][ C0] ---[ end trace 6a9a87c08c22e0a9 ]---
[ 565.415588][ C0] ------------[ cut here ]------------
[ 565.421220][ C0] WARNING: CPU: 0 PID: 8364 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 565.432007][ C0] Modules linked in:
19:30:42 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x300, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 565.435902][ C0] CPU: 0 PID: 8364 Comm: syz-fuzzer Tainted: G W 5.12.0-rc3-syzkaller #0
[ 565.445648][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 565.455714][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 565.461710][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 565.481329][ C0] RSP: 0000:ffffc90000df7d60 EFLAGS: 00010046
19:30:42 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 565.487417][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000010 RCX: ffff888105e07000
[ 565.495418][ C0] RDX: 0000000000010000 RSI: 0000000000000010 RDI: 0000000000000001
[ 565.503415][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 565.511401][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 565.519382][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 565.530399][ C0] FS: 000000c000094090(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 565.539335][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 565.546363][ C0] CR2: 00007ff0e6deb6c8 CR3: 000000010ae0b000 CR4: 00000000001506f0
[ 565.554345][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 565.562339][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 565.570324][ C0] Call Trace:
[ 565.573643][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 565.579467][ C0] __run_hrtimer+0x163/0x460
[ 565.584101][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 565.589927][ C0] hrtimer_interrupt+0x380/0xaf0
[ 565.594883][ C0] ? asm_sysvec_apic_timer_interrupt+0xa/0x20
[ 565.600973][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 565.606896][ C0] sysvec_apic_timer_interrupt+0x32/0x80
[ 565.612567][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 565.618569][ C0] RIP: 0033:0x420c0c
[ 565.622531][ C0] Code: ee 03 48 83 e6 03 4c 8d 82 ff ff 1f 00 49 89 f9 48 c1 ef 0d 48 81 e7 ff 1f 00 00 48 8b bc fa 00 00 20 00 84 02 90 48 8b 57 68 <48> 85 d2 0f 84 dd 02 00 00 66 0f 1f 84 00 00 00 00 00 66 90 48 81
[ 565.642149][ C0] RSP: 002b:000000c0000a5ea8 EFLAGS: 00000202
[ 565.648226][ C0] RAX: 0000000000203006 RBX: 00007ff0e5cf46cc RCX: 000000c000096180
[ 565.656219][ C0] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 00007ff0e572c1d8
[ 565.664281][ C0] RBP: 000000c0000a5f28 R08: 00007ff0e5d41fff R09: 000000c01b64d980
[ 565.672256][ C0] R10: 00000000000000cc R11: 00000000000000cb R12: 0000000000000051
[ 565.680245][ C0] R13: 000000c000096180 R14: 0000000000b740a0 R15: 0000000002030038
[ 565.688236][ C0] ---[ end trace 6a9a87c08c22e0aa ]---
[ 565.694294][ C0] ------------[ cut here ]------------
[ 565.699774][ C0] WARNING: CPU: 0 PID: 8364 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 565.710552][ C0] Modules linked in:
[ 565.714447][ C0] CPU: 0 PID: 8364 Comm: syz-fuzzer Tainted: G W 5.12.0-rc3-syzkaller #0
[ 565.724174][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 565.734855][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 565.740855][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 565.760645][ C0] RSP: 0000:ffffc90000df7d60 EFLAGS: 00010046
[ 565.766812][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000011 RCX: ffff888105e07000
[ 565.774799][ C0] RDX: 0000000000010000 RSI: 0000000000000011 RDI: 0000000000000001
[ 565.782812][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 565.790791][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 565.798797][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 565.806805][ C0] FS: 000000c000094090(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 565.816180][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 565.822774][ C0] CR2: 00007ff0e6deb6c8 CR3: 000000010ae0b000 CR4: 00000000001506f0
[ 565.830778][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 565.838758][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 565.846741][ C0] Call Trace:
[ 565.850054][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 565.855880][ C0] __run_hrtimer+0x163/0x460
[ 565.860487][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 565.866303][ C0] hrtimer_interrupt+0x380/0xaf0
[ 565.871255][ C0] ? asm_sysvec_apic_timer_interrupt+0xa/0x20
[ 565.877340][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 565.883273][ C0] sysvec_apic_timer_interrupt+0x32/0x80
[ 565.888948][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 565.894973][ C0] RIP: 0033:0x420c0c
[ 565.898981][ C0] Code: ee 03 48 83 e6 03 4c 8d 82 ff ff 1f 00 49 89 f9 48 c1 ef 0d 48 81 e7 ff 1f 00 00 48 8b bc fa 00 00 20 00 84 02 90 48 8b 57 68 <48> 85 d2 0f 84 dd 02 00 00 66 0f 1f 84 00 00 00 00 00 66 90 48 81
[ 565.918597][ C0] RSP: 002b:000000c0000a5ea8 EFLAGS: 00000202
[ 565.924701][ C0] RAX: 0000000000203006 RBX: 00007ff0e5cf46cc RCX: 000000c000096180
[ 565.932707][ C0] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 00007ff0e572c1d8
19:30:42 executing program 5:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getpid()
sched_setscheduler(0x0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r1, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 565.940688][ C0] RBP: 000000c0000a5f28 R08: 00007ff0e5d41fff R09: 000000c01b64d980
[ 565.948693][ C0] R10: 00000000000000cc R11: 00000000000000cb R12: 0000000000000051
[ 565.956670][ C0] R13: 000000c000096180 R14: 0000000000b740a0 R15: 0000000002030038
[ 565.964658][ C0] ---[ end trace 6a9a87c08c22e0ab ]---
19:30:42 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x6})
[ 566.070508][ C0] ------------[ cut here ]------------
[ 566.076004][ C0] WARNING: CPU: 0 PID: 8364 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 566.086792][ C0] Modules linked in:
[ 566.090701][ C0] CPU: 0 PID: 8364 Comm: syz-fuzzer Tainted: G W 5.12.0-rc3-syzkaller #0
[ 566.100448][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 566.110513][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 566.116532][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 566.136247][ C0] RSP: 0000:ffffc90000df7d60 EFLAGS: 00010046
[ 566.142436][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000016 RCX: ffff888105e07000
[ 566.150443][ C0] RDX: 0000000080010000 RSI: 0000000000000016 RDI: 0000000000000001
[ 566.158431][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 566.166516][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 566.174512][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 566.182495][ C0] FS: 000000c000094090(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 566.191455][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 566.198046][ C0] CR2: 0000000000970004 CR3: 000000010ae0b000 CR4: 00000000001506f0
[ 566.206050][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 566.214064][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 566.222447][ C0] Call Trace:
[ 566.225735][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 566.231681][ C0] __run_hrtimer+0x163/0x460
[ 566.236284][ C0] ? fpu__restore_sig+0x51/0x80
[ 566.241248][ C0] hrtimer_interrupt+0x380/0xaf0
[ 566.246202][ C0] ? asm_sysvec_apic_timer_interrupt+0xa/0x20
[ 566.252328][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 566.258370][ C0] sysvec_apic_timer_interrupt+0x32/0x80
[ 566.264052][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 566.270052][ C0] RIP: 0033:0x4205f8
[ 566.273951][ C0] Code: 54 24 30 48 29 d1 48 89 0c 24 e8 03 f0 ff ff 48 8b 44 24 58 48 8b 5c 24 60 31 c9 e9 5f ff ff ff 48 8b 54 24 40 48 8b 5c 24 60 <48> 8b 74 24 18 48 8b 4c 24 30 e9 6e fe ff ff 48 89 d8 48 89 fb 48
[ 566.294463][ C0] RSP: 002b:000000c0000a5f38 EFLAGS: 00000287
[ 566.300557][ C0] RAX: 000000c00001fe98 RBX: 0000000000000007 RCX: 00000000000007b8
[ 566.308540][ C0] RDX: 00000000008e0910 RSI: 0000000000000001 RDI: 0000000000000028
[ 566.316517][ C0] RBP: 000000c0000a5f80 R08: 00007ff0e688bfff R09: 000000c00f625680
[ 566.324524][ C0] R10: 000000c00001fe98 R11: 0000000000000028 R12: 0000000000000051
[ 566.332539][ C0] R13: 000000c000096180 R14: 000000c025609e00 R15: 0000000000000000
[ 566.340522][ C0] ---[ end trace 6a9a87c08c22e0ac ]---
[ 566.346286][ C0] ------------[ cut here ]------------
[ 566.351770][ C0] WARNING: CPU: 0 PID: 8364 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 566.362591][ C0] Modules linked in:
[ 566.366479][ C0] CPU: 0 PID: 8364 Comm: syz-fuzzer Tainted: G W 5.12.0-rc3-syzkaller #0
[ 566.376195][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 566.386274][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 566.392287][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 566.411896][ C0] RSP: 0000:ffffc90000df7d60 EFLAGS: 00010046
[ 566.417976][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000011 RCX: ffff888105e07000
[ 566.425976][ C0] RDX: 0000000080010000 RSI: 0000000000000011 RDI: 0000000000000001
[ 566.434009][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 566.443097][ C0] R10: 0001ffffffffffff R11: ffff888105e07000 R12: ffff88813bc1da58
[ 566.451098][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 566.459098][ C0] FS: 000000c000094090(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 566.468033][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 566.474644][ C0] CR2: 0000000000970004 CR3: 000000010ae0b000 CR4: 00000000001506f0
[ 566.482630][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 566.490609][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 566.498852][ C0] Call Trace:
[ 566.502137][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 566.507974][ C0] __run_hrtimer+0x163/0x460
[ 566.512576][ C0] ? clockevents_program_event+0x19c/0x1e0
19:30:42 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:43 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x10})
19:30:43 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:43 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 566.518406][ C0] hrtimer_interrupt+0x380/0xaf0
[ 566.523355][ C0] ? asm_sysvec_apic_timer_interrupt+0xa/0x20
[ 566.529440][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 566.535354][ C0] sysvec_apic_timer_interrupt+0x32/0x80
[ 566.541012][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 566.547016][ C0] RIP: 0033:0x4205f8
[ 566.550927][ C0] Code: 54 24 30 48 29 d1 48 89 0c 24 e8 03 f0 ff ff 48 8b 44 24 58 48 8b 5c 24 60 31 c9 e9 5f ff ff ff 48 8b 54 24 40 48 8b 5c 24 60 <48> 8b 74 24 18 48 8b 4c 24 30 e9 6e fe ff ff 48 89 d8 48 89 fb 48
19:30:43 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x500, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:43 executing program 5:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 566.570895][ C0] RSP: 002b:000000c0000a5f38 EFLAGS: 00000287
[ 566.576999][ C0] RAX: 000000c00001fe98 RBX: 0000000000000007 RCX: 00000000000007b8
[ 566.584975][ C0] RDX: 00000000008e0910 RSI: 0000000000000001 RDI: 0000000000000028
[ 566.593062][ C0] RBP: 000000c0000a5f80 R08: 00007ff0e688bfff R09: 000000c00f625680
[ 566.601045][ C0] R10: 000000c00001fe98 R11: 0000000000000028 R12: 0000000000000051
[ 566.609114][ C0] R13: 000000c000096180 R14: 000000c025609e00 R15: 0000000000000000
[ 566.617098][ C0] ---[ end trace 6a9a87c08c22e0ad ]---
[ 566.622975][ C0] ------------[ cut here ]------------
[ 566.628486][ C0] WARNING: CPU: 0 PID: 8364 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 566.639260][ C0] Modules linked in:
[ 566.643170][ C0] CPU: 0 PID: 8364 Comm: syz-fuzzer Tainted: G W 5.12.0-rc3-syzkaller #0
[ 566.653022][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 566.663079][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 566.669599][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 566.689530][ C0] RSP: 0000:ffffc90000df7d60 EFLAGS: 00010046
[ 566.695747][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000011 RCX: ffff888105e07000
[ 566.703709][ C0] RDX: 0000000080010000 RSI: 0000000000000011 RDI: 0000000000000001
[ 566.711669][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 566.719737][ C0] R10: 0001ffffffffffff R11: ffff888105e07000 R12: ffff88813bc1da58
[ 566.727707][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 566.735673][ C0] FS: 000000c000094090(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 566.745240][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 566.751814][ C0] CR2: 0000000000970004 CR3: 000000010ae0b000 CR4: 00000000001506f0
[ 566.759790][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 566.767779][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 566.775759][ C0] Call Trace:
[ 566.780196][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 566.786611][ C0] __run_hrtimer+0x163/0x460
[ 566.791211][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 566.797009][ C0] hrtimer_interrupt+0x380/0xaf0
[ 566.802040][ C0] ? asm_sysvec_apic_timer_interrupt+0xa/0x20
[ 566.808154][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 566.814049][ C0] sysvec_apic_timer_interrupt+0x32/0x80
[ 566.819692][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 566.825673][ C0] RIP: 0033:0x4205f8
[ 566.829575][ C0] Code: 54 24 30 48 29 d1 48 89 0c 24 e8 03 f0 ff ff 48 8b 44 24 58 48 8b 5c 24 60 31 c9 e9 5f ff ff ff 48 8b 54 24 40 48 8b 5c 24 60 <48> 8b 74 24 18 48 8b 4c 24 30 e9 6e fe ff ff 48 89 d8 48 89 fb 48
[ 566.850137][ C0] RSP: 002b:000000c0000a5f38 EFLAGS: 00000287
[ 566.856205][ C0] RAX: 000000c00001fe98 RBX: 0000000000000007 RCX: 00000000000007b8
[ 566.864281][ C0] RDX: 00000000008e0910 RSI: 0000000000000001 RDI: 0000000000000028
[ 566.872354][ C0] RBP: 000000c0000a5f80 R08: 00007ff0e688bfff R09: 000000c00f625680
[ 566.880400][ C0] R10: 000000c00001fe98 R11: 0000000000000028 R12: 0000000000000051
[ 566.888392][ C0] R13: 000000c000096180 R14: 000000c025609e00 R15: 0000000000000000
[ 566.896364][ C0] ---[ end trace 6a9a87c08c22e0ae ]---
[ 567.002177][ C0] ------------[ cut here ]------------
[ 567.007644][ C0] WARNING: CPU: 0 PID: 28269 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 567.018594][ C0] Modules linked in:
[ 567.022528][ C0] CPU: 0 PID: 28269 Comm: syz-executor.0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 567.032684][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 567.042756][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 567.049826][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 567.069725][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 567.075787][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000016 RCX: ffff88801fe39000
[ 567.083752][ C0] RDX: 0000000080010000 RSI: 0000000000000016 RDI: 0000000000000001
[ 567.091708][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 567.099679][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 567.107633][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 567.115602][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 567.124703][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 567.131273][ C0] CR2: 0000001b30321000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 567.139346][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 567.148037][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 567.155998][ C0] Call Trace:
[ 567.159276][ C0]
[ 567.162114][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 567.167965][ C0] __run_hrtimer+0x163/0x460
[ 567.172543][ C0] hrtimer_interrupt+0x380/0xaf0
[ 567.177531][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 567.183432][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 567.189069][ C0]
[ 567.192000][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 567.197967][ C0] RIP: 0010:free_pages_and_swap_cache+0x5e/0x1f0
[ 567.204286][ C0] Code: 48 ff c8 48 89 04 24 4c 89 6c 24 10 4c 89 ef e8 98 da ed ff 4d 8b 75 00 49 8d 7e 08 48 89 7c 24 18 e8 06 ed ed ff 4d 8b 7e 08 <44> 89 fd 83 e5 01 31 ff 48 89 ee e8 52 49 dd ff 4c 89 f3 48 85 ed
[ 567.225073][ C0] RSP: 0018:ffffc90003b2f9d0 EFLAGS: 00000246
[ 567.231139][ C0] RAX: ffff88801fe39ac0 RBX: 0000000000000010 RCX: 00000000000001c6
[ 567.239195][ C0] RDX: 000188810d8c7f78 RSI: 0000000000000000 RDI: ffffea00006b5288
[ 567.247154][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 000188810d8c7f7f
[ 567.255127][ C0] R10: 0001ffffffffffff R11: 0000000000000200 R12: dead000000000100
[ 567.263189][ C0] R13: ffff88810d8c7f78 R14: ffffea00006b5280 R15: dead000000000100
[ 567.271163][ C0] tlb_flush_mmu+0x597/0x5f0
[ 567.276085][ C0] zap_pte_range+0x1168/0x13f0
[ 567.280830][ C0] ? __list_add_valid+0x28/0x90
[ 567.285674][ C0] unmap_page_range+0x540/0x650
[ 567.290528][ C0] unmap_single_vma+0x157/0x210
[ 567.295374][ C0] unmap_vmas+0xc0/0x170
[ 567.299597][ C0] exit_mmap+0x1be/0x400
[ 567.303819][ C0] __mmput+0xa2/0x220
[ 567.307806][ C0] mmput+0x3d/0x50
[ 567.311526][ C0] exit_mm+0x344/0x430
[ 567.315601][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 567.321423][ C0] ? taskstats_exit+0x334/0x730
[ 567.326297][ C0] ? acct_collect+0x3a4/0x400
[ 567.330998][ C0] do_exit+0x3ff/0x1670
[ 567.335144][ C0] ? zap_other_threads+0x1c2/0x1e0
[ 567.340257][ C0] do_group_exit+0x17d/0x180
[ 567.344840][ C0] __do_sys_exit_group+0xb/0x10
[ 567.349690][ C0] __se_sys_exit_group+0x5/0x10
[ 567.354629][ C0] __x64_sys_exit_group+0x16/0x20
[ 567.360177][ C0] do_syscall_64+0x39/0x80
[ 567.364602][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 567.370574][ C0] RIP: 0033:0x466459
[ 567.374447][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 567.381351][ C0] RSP: 002b:00007ffdd9640d78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 567.389750][ C0] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000466459
19:30:44 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x7})
[ 567.397701][ C0] RDX: 000000000041926b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 567.405658][ C0] RBP: 0000000000000000 R08: 0000001b30321340 R09: 0000000000000000
[ 567.413617][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 567.421565][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffdd9640e70
[ 567.429531][ C0] ---[ end trace 6a9a87c08c22e0af ]---
[ 567.435317][ C0] ------------[ cut here ]------------
[ 567.440770][ C0] WARNING: CPU: 0 PID: 28269 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
19:30:44 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0xb)
[ 567.451653][ C0] Modules linked in:
[ 567.455624][ C0] CPU: 0 PID: 28269 Comm: syz-executor.0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 567.465771][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 567.475848][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 567.481845][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
19:30:44 executing program 5:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 567.502669][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 567.508788][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88801fe39000
[ 567.516848][ C0] RDX: 0000000080010000 RSI: 000000000000001a RDI: 0000000000000001
[ 567.524832][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 567.532801][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: ffff88813bc1da58
[ 567.540800][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
19:30:44 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x600, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 567.548780][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 567.557717][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 567.564573][ C0] CR2: 0000001b30321000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 567.572569][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 567.580543][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 567.588733][ C0] Call Trace:
[ 567.591998][ C0]
[ 567.594833][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 567.600637][ C0] __run_hrtimer+0x163/0x460
[ 567.605244][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 567.611071][ C0] hrtimer_interrupt+0x380/0xaf0
[ 567.615998][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 567.621912][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 567.627553][ C0]
[ 567.630490][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 567.636453][ C0] RIP: 0010:free_pages_and_swap_cache+0x5e/0x1f0
[ 567.642860][ C0] Code: 48 ff c8 48 89 04 24 4c 89 6c 24 10 4c 89 ef e8 98 da ed ff 4d 8b 75 00 49 8d 7e 08 48 89 7c 24 18 e8 06 ed ed ff 4d 8b 7e 08 <44> 89 fd 83 e5 01 31 ff 48 89 ee e8 52 49 dd ff 4c 89 f3 48 85 ed
[ 567.662565][ C0] RSP: 0018:ffffc90003b2f9d0 EFLAGS: 00000246
[ 567.668747][ C0] RAX: ffff88801fe39ac0 RBX: 0000000000000010 RCX: 00000000000001c6
[ 567.676985][ C0] RDX: 000188810d8c7f78 RSI: 0000000000000000 RDI: ffffea00006b5288
[ 567.684978][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 000188810d8c7f7f
[ 567.692936][ C0] R10: 0001ffffffffffff R11: 0000000000000200 R12: dead000000000100
[ 567.700900][ C0] R13: ffff88810d8c7f78 R14: ffffea00006b5280 R15: dead000000000100
[ 567.708888][ C0] tlb_flush_mmu+0x597/0x5f0
[ 567.713508][ C0] zap_pte_range+0x1168/0x13f0
[ 567.718256][ C0] ? __list_add_valid+0x28/0x90
[ 567.723091][ C0] unmap_page_range+0x540/0x650
[ 567.727957][ C0] unmap_single_vma+0x157/0x210
[ 567.732832][ C0] unmap_vmas+0xc0/0x170
[ 567.737085][ C0] exit_mmap+0x1be/0x400
[ 567.741336][ C0] __mmput+0xa2/0x220
[ 567.745325][ C0] mmput+0x3d/0x50
[ 567.749032][ C0] exit_mm+0x344/0x430
[ 567.753096][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 567.758899][ C0] ? taskstats_exit+0x334/0x730
[ 567.763735][ C0] ? acct_collect+0x3a4/0x400
[ 567.768446][ C0] do_exit+0x3ff/0x1670
[ 567.772586][ C0] ? zap_other_threads+0x1c2/0x1e0
[ 567.777691][ C0] do_group_exit+0x17d/0x180
[ 567.782326][ C0] __do_sys_exit_group+0xb/0x10
[ 567.787180][ C0] __se_sys_exit_group+0x5/0x10
[ 567.792033][ C0] __x64_sys_exit_group+0x16/0x20
[ 567.797067][ C0] do_syscall_64+0x39/0x80
[ 567.801508][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 567.807413][ C0] RIP: 0033:0x466459
[ 567.811566][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 567.818408][ C0] RSP: 002b:00007ffdd9640d78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 567.826804][ C0] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000466459
[ 567.834770][ C0] RDX: 000000000041926b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 567.842894][ C0] RBP: 0000000000000000 R08: 0000001b30321340 R09: 0000000000000000
[ 567.850939][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 567.859105][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffdd9640e70
[ 567.867210][ C0] ---[ end trace 6a9a87c08c22e0b0 ]---
[ 567.873033][ C0] ------------[ cut here ]------------
[ 567.878518][ C0] WARNING: CPU: 0 PID: 28269 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 567.889478][ C0] Modules linked in:
[ 567.893412][ C0] CPU: 0 PID: 28269 Comm: syz-executor.0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 567.903579][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 567.913633][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 567.919623][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 567.939250][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 567.945319][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff88801fe39000
[ 567.953287][ C0] RDX: 0000000080010000 RSI: 000000000000001b RDI: 0000000000000001
[ 567.961248][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 567.969214][ C0] R10: 0001ffffffffffff R11: ffff88801fe39000 R12: ffff88813bc1da58
[ 567.977183][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 567.985161][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 567.994079][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 568.000690][ C0] CR2: 0000001b30321000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 568.008752][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 568.016727][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 568.024685][ C0] Call Trace:
[ 568.027981][ C0]
[ 568.030807][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 568.036624][ C0] __run_hrtimer+0x163/0x460
[ 568.041203][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 568.046998][ C0] hrtimer_interrupt+0x380/0xaf0
[ 568.051926][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 568.057830][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 568.063464][ C0]
[ 568.066385][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 568.072358][ C0] RIP: 0010:free_pages_and_swap_cache+0x5e/0x1f0
[ 568.078691][ C0] Code: 48 ff c8 48 89 04 24 4c 89 6c 24 10 4c 89 ef e8 98 da ed ff 4d 8b 75 00 49 8d 7e 08 48 89 7c 24 18 e8 06 ed ed ff 4d 8b 7e 08 <44> 89 fd 83 e5 01 31 ff 48 89 ee e8 52 49 dd ff 4c 89 f3 48 85 ed
[ 568.098297][ C0] RSP: 0018:ffffc90003b2f9d0 EFLAGS: 00000246
[ 568.104352][ C0] RAX: ffff88801fe39ac0 RBX: 0000000000000010 RCX: 00000000000001c6
[ 568.112350][ C0] RDX: 000188810d8c7f78 RSI: 0000000000000000 RDI: ffffea00006b5288
[ 568.120472][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 000188810d8c7f7f
[ 568.128606][ C0] R10: 0001ffffffffffff R11: 0000000000000200 R12: dead000000000100
[ 568.136573][ C0] R13: ffff88810d8c7f78 R14: ffffea00006b5280 R15: dead000000000100
[ 568.144673][ C0] tlb_flush_mmu+0x597/0x5f0
[ 568.149257][ C0] zap_pte_range+0x1168/0x13f0
[ 568.154118][ C0] ? __list_add_valid+0x28/0x90
[ 568.158966][ C0] unmap_page_range+0x540/0x650
[ 568.163839][ C0] unmap_single_vma+0x157/0x210
[ 568.168738][ C0] unmap_vmas+0xc0/0x170
[ 568.173326][ C0] exit_mmap+0x1be/0x400
[ 568.177608][ C0] __mmput+0xa2/0x220
[ 568.181577][ C0] mmput+0x3d/0x50
[ 568.185325][ C0] exit_mm+0x344/0x430
[ 568.189402][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 568.195314][ C0] ? taskstats_exit+0x334/0x730
[ 568.200157][ C0] ? acct_collect+0x3a4/0x400
[ 568.204936][ C0] do_exit+0x3ff/0x1670
[ 568.209093][ C0] ? zap_other_threads+0x1c2/0x1e0
[ 568.214201][ C0] do_group_exit+0x17d/0x180
[ 568.218794][ C0] __do_sys_exit_group+0xb/0x10
[ 568.223632][ C0] __se_sys_exit_group+0x5/0x10
[ 568.228491][ C0] __x64_sys_exit_group+0x16/0x20
[ 568.233537][ C0] do_syscall_64+0x39/0x80
[ 568.237938][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 568.243935][ C0] RIP: 0033:0x466459
[ 568.248054][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 568.254880][ C0] RSP: 002b:00007ffdd9640d78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 568.263275][ C0] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000466459
[ 568.271261][ C0] RDX: 000000000041926b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 568.279239][ C0] RBP: 0000000000000000 R08: 0000001b30321340 R09: 0000000000000000
[ 568.287209][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 568.295196][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffdd9640e70
19:30:44 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 568.303175][ C0] ---[ end trace 6a9a87c08c22e0b1 ]---
[ 568.409080][ C0] ------------[ cut here ]------------
[ 568.414611][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 568.425119][ C0] Modules linked in:
[ 568.429014][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 568.438372][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 568.448511][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 568.454639][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 568.474241][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 568.480312][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000020 RCX: ffffffff87630780
[ 568.488272][ C0] RDX: 0000000000010001 RSI: 0000000000000020 RDI: 0000000000000001
[ 568.496323][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 568.504372][ C0] R10: 0001ffffffffffff R11: 000000000000032b R12: ffff88813bc1da58
[ 568.512362][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 568.520323][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 568.529261][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 568.535836][ C0] CR2: 0000001b30d22000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 568.543809][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 568.551783][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 568.559982][ C0] Call Trace:
[ 568.563709][ C0]
[ 568.566555][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 568.572364][ C0] __run_hrtimer+0x163/0x460
[ 568.576963][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 568.583215][ C0] hrtimer_interrupt+0x380/0xaf0
[ 568.588288][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 568.594309][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 568.599928][ C0]
[ 568.602872][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 568.608941][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 568.614475][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 568.634070][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 568.640164][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 568.648275][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 568.656271][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 568.664344][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 568.672320][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 568.680319][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 568.685252][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 568.690178][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 568.695281][ C0] cpuidle_enter+0x3c/0x60
[ 568.699696][ C0] do_idle+0x193/0x230
[ 568.703772][ C0] cpu_startup_entry+0x15/0x20
[ 568.708528][ C0] rest_init+0xd7/0xe0
[ 568.712699][ C0] ? time_init+0xc/0xc
[ 568.716755][ C0] arch_call_rest_init+0xa/0xb
[ 568.721555][ C0] start_kernel+0x5a1/0x626
[ 568.726252][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 568.732169][ C0] ---[ end trace 6a9a87c08c22e0b2 ]---
[ 568.738037][ C0] ------------[ cut here ]------------
[ 568.743541][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 568.754105][ C0] Modules linked in:
[ 568.758642][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 568.768018][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 568.778082][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 568.784096][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 568.803925][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 568.809999][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000013 RCX: ffffffff87630780
[ 568.818021][ C0] RDX: 0000000000010001 RSI: 0000000000000013 RDI: 0000000000000001
[ 568.826013][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 568.834212][ C0] R10: 0001ffffffffffff R11: 0000000000000230 R12: ffff88813bc1da58
[ 568.842713][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 568.850882][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 568.859851][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 568.866464][ C0] CR2: 0000001b30d22000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 568.874475][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 568.882433][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 568.890418][ C0] Call Trace:
[ 568.893692][ C0]
[ 568.896541][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 568.902349][ C0] __run_hrtimer+0x163/0x460
[ 568.906968][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 568.912773][ C0] hrtimer_interrupt+0x380/0xaf0
[ 568.917804][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 568.923733][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 568.929374][ C0]
[ 568.932303][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 568.938273][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
19:30:45 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0xc)
19:30:45 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:45 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x11})
19:30:45 executing program 5:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:45 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x700, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 568.943830][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 568.963448][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 568.969520][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 568.977496][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 568.985465][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 568.993428][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 569.001427][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 569.009406][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 569.014335][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 569.019264][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 569.024366][ C0] cpuidle_enter+0x3c/0x60
[ 569.028878][ C0] do_idle+0x193/0x230
[ 569.032936][ C0] cpu_startup_entry+0x15/0x20
[ 569.037712][ C0] rest_init+0xd7/0xe0
[ 569.041796][ C0] ? time_init+0xc/0xc
[ 569.047064][ C0] arch_call_rest_init+0xa/0xb
[ 569.051837][ C0] start_kernel+0x5a1/0x626
[ 569.056448][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 569.062327][ C0] ---[ end trace 6a9a87c08c22e0b3 ]---
[ 569.068025][ C0] ------------[ cut here ]------------
[ 569.073480][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 569.083976][ C0] Modules linked in:
[ 569.087856][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 569.097202][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 569.107344][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 569.113338][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 569.132960][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 569.139034][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 569.146991][ C0] RDX: 0000000000010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 569.154956][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 569.163059][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 569.171021][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 569.178997][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 569.188010][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 569.196490][ C0] CR2: 0000001b30d22000 CR3: 0000000007629000 CR4: 00000000001506f0
[ 569.204543][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 569.212520][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 569.220477][ C0] Call Trace:
[ 569.223741][ C0]
[ 569.226568][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 569.232905][ C0] __run_hrtimer+0x163/0x460
[ 569.237496][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 569.243303][ C0] hrtimer_interrupt+0x380/0xaf0
[ 569.248271][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 569.254384][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 569.260071][ C0]
[ 569.262995][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 569.268988][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 569.274587][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 569.294454][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 569.300630][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 569.308731][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 569.316691][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 569.324671][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 569.332642][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 569.340607][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 569.345584][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 569.350664][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 569.355881][ C0] cpuidle_enter+0x3c/0x60
[ 569.361385][ C0] do_idle+0x193/0x230
[ 569.365474][ C0] cpu_startup_entry+0x15/0x20
[ 569.370228][ C0] rest_init+0xd7/0xe0
[ 569.374395][ C0] ? time_init+0xc/0xc
[ 569.378451][ C0] arch_call_rest_init+0xa/0xb
[ 569.383247][ C0] start_kernel+0x5a1/0x626
[ 569.387855][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 569.393758][ C0] ---[ end trace 6a9a87c08c22e0b4 ]---
[ 569.401033][ T8037] Bluetooth: hci4: command 0x0406 tx timeout
19:30:46 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:46 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x78f, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 569.499565][ C0] ------------[ cut here ]------------
[ 569.505082][ C0] WARNING: CPU: 0 PID: 28303 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 569.516230][ C0] Modules linked in:
[ 569.520159][ C0] CPU: 0 PID: 28303 Comm: syz-executor.1 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 569.530504][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 569.540677][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 569.546668][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 569.566365][ C0] RSP: 0000:ffffc90000003e18 EFLAGS: 00010046
[ 569.572442][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88810fa11000
[ 569.580489][ C0] RDX: 0000000080010001 RSI: 000000000000001a RDI: 0000000000000001
[ 569.589424][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 569.597394][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 569.605357][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 569.613312][ C0] FS: 0000000001f25400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 569.622267][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 569.628875][ C0] CR2: 0000000020000040 CR3: 0000000026876000 CR4: 00000000001506f0
[ 569.636841][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 569.644815][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 569.652770][ C0] Call Trace:
[ 569.656044][ C0]
[ 569.658886][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 569.664677][ C0] __run_hrtimer+0x163/0x460
[ 569.669445][ C0] hrtimer_interrupt+0x380/0xaf0
[ 569.674492][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 569.680419][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 569.686081][ C0]
[ 569.689013][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 569.694982][ C0] RIP: 0010:clear_page_erms+0x7/0x10
[ 569.700258][ C0] Code: 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 47 38 48 8d 7f 40 75 d9 90 c3 0f 1f 80 00 00 00 00 b9 00 10 00 00 31 c0 aa c3 cc cc cc cc cc cc 55 41 57 41 56 41 55 41 54 53 48 83 ec
[ 569.720416][ C0] RSP: 0000:ffffc90003e3fbd0 EFLAGS: 00010246
[ 569.726491][ C0] RAX: 0000000000000000 RBX: ffff88813fffb680 RCX: 0000000000000ec0
[ 569.734993][ C0] RDX: ffffea00017f33c0 RSI: 0000000000000131 RDI: ffff88805fccf140
[ 569.743191][ C0] RBP: ffff88810fa11000 R08: 0000000000000200 R09: 0005088000000000
[ 569.751247][ C0] R10: 0000000000000009 R11: 0000000000000001 R12: ffffea00017f0000
[ 569.759305][ C0] R13: ffff88813fffe4a0 R14: 0000000000000003 R15: 0000000000000181
[ 569.767475][ C0] get_page_from_freelist+0x366/0x630
[ 569.772854][ C0] __alloc_pages_nodemask+0x1a8/0x350
[ 569.778211][ C0] alloc_pages_vma+0x718/0x890
[ 569.783009][ C0] do_huge_pmd_anonymous_page+0x663/0xa90
[ 569.788749][ C0] ? __rcu_read_unlock+0x5c/0x250
[ 569.793765][ C0] handle_mm_fault+0x1267/0x1840
[ 569.798698][ C0] do_user_addr_fault+0x60c/0xc00
[ 569.803802][ C0] exc_page_fault+0x94/0x2a0
[ 569.808380][ C0] ? asm_exc_page_fault+0x8/0x30
[ 569.813309][ C0] asm_exc_page_fault+0x1e/0x30
[ 569.818432][ C0] RIP: 0033:0x407979
[ 569.822309][ C0] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 569.841912][ C0] RSP: 002b:00007ffc7bb46560 EFLAGS: 00010246
[ 569.847959][ C0] RAX: 0000000020000040 RBX: 0000000000970000 RCX: 0000000000000000
[ 569.855922][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001f252f0
[ 569.863890][ C0] RBP: 00007ffc7bb46658 R08: 0000000000000000 R09: 0000000000000000
[ 569.871946][ C0] R10: 0000000000000008 R11: 0000000000000246 R12: 000000000008b087
[ 569.879918][ C0] R13: 00000000000003e8 R14: 000000000056bf60 R15: 000000000008b086
[ 569.887899][ C0] ---[ end trace 6a9a87c08c22e0b5 ]---
[ 569.893680][ C0] ------------[ cut here ]------------
[ 569.899130][ C0] WARNING: CPU: 0 PID: 28303 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 569.910015][ C0] Modules linked in:
[ 569.913910][ C0] CPU: 0 PID: 28303 Comm: syz-executor.1 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 569.924319][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 569.934447][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 569.940472][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 569.960107][ C0] RSP: 0000:ffffc90000003e18 EFLAGS: 00010046
[ 569.966175][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff88810fa11000
[ 569.974142][ C0] RDX: 0000000000010001 RSI: 0000000000000018 RDI: 0000000000000001
[ 569.982118][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 569.990093][ C0] R10: 0001ffffffffffff R11: ffff88810fa11000 R12: ffff88813bc1da58
[ 569.998074][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 570.006455][ C0] FS: 0000000001f25400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 570.015491][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 570.022348][ C0] CR2: 0000000020000040 CR3: 0000000026876000 CR4: 00000000001506f0
[ 570.030438][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 570.038436][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 570.046427][ C0] Call Trace:
19:30:46 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x8})
19:30:46 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0xd)
19:30:46 executing program 5:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0x40049409, &(0x7f0000000040)={0x4})
19:30:46 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 570.049710][ C0]
[ 570.052585][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 570.058405][ C0] __run_hrtimer+0x163/0x460
[ 570.063031][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 570.068848][ C0] hrtimer_interrupt+0x380/0xaf0
[ 570.073809][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 570.079727][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 570.085398][ C0]
[ 570.088335][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 570.094437][ C0] RIP: 0010:clear_page_erms+0x7/0x10
19:30:46 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 570.099742][ C0] Code: 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 47 38 48 8d 7f 40 75 d9 90 c3 0f 1f 80 00 00 00 00 b9 00 10 00 00 31 c0 aa c3 cc cc cc cc cc cc 55 41 57 41 56 41 55 41 54 53 48 83 ec
[ 570.119370][ C0] RSP: 0000:ffffc90003e3fbd0 EFLAGS: 00010246
[ 570.125459][ C0] RAX: 0000000000000000 RBX: ffff88813fffb680 RCX: 0000000000000ec0
[ 570.133820][ C0] RDX: ffffea00017f33c0 RSI: 0000000000000131 RDI: ffff88805fccf140
[ 570.141824][ C0] RBP: ffff88810fa11000 R08: 0000000000000200 R09: 0005088000000000
[ 570.150410][ C0] R10: 0000000000000009 R11: 0000000000000001 R12: ffffea00017f0000
[ 570.158407][ C0] R13: ffff88813fffe4a0 R14: 0000000000000003 R15: 0000000000000181
[ 570.166990][ C0] get_page_from_freelist+0x366/0x630
[ 570.173420][ C0] __alloc_pages_nodemask+0x1a8/0x350
[ 570.178962][ C0] alloc_pages_vma+0x718/0x890
[ 570.183741][ C0] do_huge_pmd_anonymous_page+0x663/0xa90
[ 570.189619][ C0] ? __rcu_read_unlock+0x5c/0x250
[ 570.194669][ C0] handle_mm_fault+0x1267/0x1840
[ 570.199857][ C0] do_user_addr_fault+0x60c/0xc00
[ 570.204917][ C0] exc_page_fault+0x94/0x2a0
[ 570.209499][ C0] ? asm_exc_page_fault+0x8/0x30
[ 570.214435][ C0] asm_exc_page_fault+0x1e/0x30
[ 570.219394][ C0] RIP: 0033:0x407979
[ 570.225228][ C0] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 570.245996][ C0] RSP: 002b:00007ffc7bb46560 EFLAGS: 00010246
[ 570.252053][ C0] RAX: 0000000020000040 RBX: 0000000000970000 RCX: 0000000000000000
[ 570.260016][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001f252f0
[ 570.268180][ C0] RBP: 00007ffc7bb46658 R08: 0000000000000000 R09: 0000000000000000
[ 570.276262][ C0] R10: 0000000000000008 R11: 0000000000000246 R12: 000000000008b087
[ 570.284223][ C0] R13: 00000000000003e8 R14: 000000000056bf60 R15: 000000000008b086
[ 570.293643][ C0] ---[ end trace 6a9a87c08c22e0b6 ]---
[ 570.299594][ C0] ------------[ cut here ]------------
[ 570.305151][ C0] WARNING: CPU: 0 PID: 28303 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 570.316023][ C0] Modules linked in:
[ 570.320469][ C0] CPU: 0 PID: 28303 Comm: syz-executor.1 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 570.331058][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 570.341206][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 570.347215][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 570.368383][ C0] RSP: 0000:ffffc90000003e18 EFLAGS: 00010046
[ 570.374541][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff88810fa11000
[ 570.382750][ C0] RDX: 0000000000010001 RSI: 0000000000000018 RDI: 0000000000000001
[ 570.390739][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 570.398713][ C0] R10: 0001ffffffffffff R11: 00000000000002f0 R12: ffff88813bc1da58
[ 570.406676][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 570.414650][ C0] FS: 0000000001f25400(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 570.423595][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 570.430329][ C0] CR2: 0000000020000040 CR3: 0000000026876000 CR4: 00000000001506f0
[ 570.438301][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 570.446289][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 570.454250][ C0] Call Trace:
[ 570.457601][ C0]
[ 570.460430][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 570.466581][ C0] __run_hrtimer+0x163/0x460
[ 570.471171][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 570.476973][ C0] hrtimer_interrupt+0x380/0xaf0
[ 570.481907][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 570.487922][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 570.493576][ C0]
[ 570.496507][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 570.502495][ C0] RIP: 0010:clear_page_erms+0x7/0x10
[ 570.507805][ C0] Code: 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 47 38 48 8d 7f 40 75 d9 90 c3 0f 1f 80 00 00 00 00 b9 00 10 00 00 31 c0 aa c3 cc cc cc cc cc cc 55 41 57 41 56 41 55 41 54 53 48 83 ec
[ 570.527414][ C0] RSP: 0000:ffffc90003e3fbd0 EFLAGS: 00010246
[ 570.533555][ C0] RAX: 0000000000000000 RBX: ffff88813fffb680 RCX: 0000000000000ec0
[ 570.541619][ C0] RDX: ffffea00017f33c0 RSI: 0000000000000131 RDI: ffff88805fccf140
[ 570.549578][ C0] RBP: ffff88810fa11000 R08: 0000000000000200 R09: 0005088000000000
[ 570.557687][ C0] R10: 0000000000000009 R11: 0000000000000001 R12: ffffea00017f0000
[ 570.565644][ C0] R13: ffff88813fffe4a0 R14: 0000000000000003 R15: 0000000000000181
[ 570.573620][ C0] get_page_from_freelist+0x366/0x630
[ 570.579031][ C0] __alloc_pages_nodemask+0x1a8/0x350
[ 570.584582][ C0] alloc_pages_vma+0x718/0x890
[ 570.589361][ C0] do_huge_pmd_anonymous_page+0x663/0xa90
[ 570.595074][ C0] ? __rcu_read_unlock+0x5c/0x250
[ 570.600134][ C0] handle_mm_fault+0x1267/0x1840
[ 570.605070][ C0] do_user_addr_fault+0x60c/0xc00
[ 570.610123][ C0] exc_page_fault+0x94/0x2a0
[ 570.615432][ C0] ? asm_exc_page_fault+0x8/0x30
[ 570.620375][ C0] asm_exc_page_fault+0x1e/0x30
[ 570.625341][ C0] RIP: 0033:0x407979
[ 570.630012][ C0] Code: 48 8b 04 24 48 85 c0 74 17 48 8b 54 24 18 48 0f ca 48 89 54 24 18 48 83 f8 01 0f 85 9b 02 00 00 48 8b 44 24 10 48 8b 54 24 18 <48> 89 10 e9 c2 fd ff ff 48 8b 44 24 10 0f b7 10 48 8b 04 24 48 85
[ 570.650718][ C0] RSP: 002b:00007ffc7bb46560 EFLAGS: 00010246
[ 570.656774][ C0] RAX: 0000000020000040 RBX: 0000000000970000 RCX: 0000000000000000
[ 570.664965][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001f252f0
[ 570.673151][ C0] RBP: 00007ffc7bb46658 R08: 0000000000000000 R09: 0000000000000000
[ 570.681126][ C0] R10: 0000000000000008 R11: 0000000000000246 R12: 000000000008b087
[ 570.689258][ C0] R13: 00000000000003e8 R14: 000000000056bf60 R15: 000000000008b086
[ 570.697241][ C0] ---[ end trace 6a9a87c08c22e0b7 ]---
[ 570.802999][ C0] ------------[ cut here ]------------
[ 570.808505][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 570.819100][ C0] Modules linked in:
[ 570.822989][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 570.832351][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 570.842414][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 570.848415][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 570.868316][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 570.874406][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001e RCX: ffffffff87630780
[ 570.882523][ C0] RDX: 0000000080010001 RSI: 000000000000001e RDI: 0000000000000001
[ 570.890510][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 570.898495][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 570.906832][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 570.914792][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 570.923815][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 570.930406][ C0] CR2: 0000000000510e90 CR3: 0000000007629000 CR4: 00000000001506f0
[ 570.938555][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 570.946522][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 570.954505][ C0] Call Trace:
[ 570.957790][ C0]
[ 570.960632][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 570.966436][ C0] __run_hrtimer+0x163/0x460
[ 570.971014][ C0] hrtimer_interrupt+0x380/0xaf0
[ 570.975968][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 570.981874][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 570.987503][ C0]
[ 570.990425][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 570.996419][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 571.002025][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 571.021771][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 571.027984][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 571.036239][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 571.044782][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 571.053459][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 571.061527][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 571.069513][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 571.074512][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 571.079464][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 571.084784][ C0] cpuidle_enter+0x3c/0x60
[ 571.089291][ C0] do_idle+0x193/0x230
[ 571.093363][ C0] cpu_startup_entry+0x15/0x20
[ 571.099100][ C0] rest_init+0xd7/0xe0
[ 571.103260][ C0] ? time_init+0xc/0xc
[ 571.107520][ C0] arch_call_rest_init+0xa/0xb
[ 571.112389][ C0] start_kernel+0x5a1/0x626
[ 571.116886][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 571.122794][ C0] ---[ end trace 6a9a87c08c22e0b8 ]---
[ 571.128603][ C0] ------------[ cut here ]------------
[ 571.134089][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 571.144616][ C0] Modules linked in:
19:30:47 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x900, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:47 executing program 5 (fault-call:6 fault-nth:0):
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 571.148520][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 571.157894][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 571.167977][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 571.173996][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 571.193621][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
19:30:47 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x12})
19:30:47 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 571.199715][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 571.208497][ C0] RDX: 0000000080010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 571.216504][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 571.224513][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 571.232494][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 571.240914][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 571.249852][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 571.257132][ C0] CR2: 0000000000510e90 CR3: 0000000007629000 CR4: 00000000001506f0
[ 571.265098][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 571.273060][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 571.281039][ C0] Call Trace:
[ 571.284339][ C0]
[ 571.287182][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 571.292978][ C0] __run_hrtimer+0x163/0x460
[ 571.297590][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 571.303406][ C0] hrtimer_interrupt+0x380/0xaf0
[ 571.308340][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 571.314392][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 571.320212][ C0]
[ 571.323135][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 571.329141][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 571.334692][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 571.354832][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 571.360890][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 571.368856][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 571.377117][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 571.385090][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 571.393055][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 571.401035][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 571.405967][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 571.410915][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 571.416041][ C0] cpuidle_enter+0x3c/0x60
[ 571.420562][ C0] do_idle+0x193/0x230
[ 571.424630][ C0] cpu_startup_entry+0x15/0x20
[ 571.429425][ C0] rest_init+0xd7/0xe0
[ 571.433503][ C0] ? time_init+0xc/0xc
[ 571.437561][ C0] arch_call_rest_init+0xa/0xb
[ 571.442324][ C0] start_kernel+0x5a1/0x626
[ 571.446826][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 571.452735][ C0] ---[ end trace 6a9a87c08c22e0b9 ]---
[ 571.458626][ C0] ------------[ cut here ]------------
[ 571.464086][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 571.474725][ C0] Modules linked in:
[ 571.478609][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 571.488009][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 571.499658][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 571.506073][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 571.525770][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 571.531822][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 571.539794][ C0] RDX: 0000000080010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 571.547754][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 571.555734][ C0] R10: 0001ffffffffffff R11: 0000000000000069 R12: ffff88813bc1da58
[ 571.565948][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 571.573909][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 571.582823][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 571.589423][ C0] CR2: 0000000000510e90 CR3: 0000000007629000 CR4: 00000000001506f0
[ 571.597415][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 571.605389][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 571.613352][ C0] Call Trace:
[ 571.616621][ C0]
[ 571.619448][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 571.625308][ C0] __run_hrtimer+0x163/0x460
[ 571.629899][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 571.635713][ C0] hrtimer_interrupt+0x380/0xaf0
[ 571.640641][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 571.646730][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 571.652406][ C0]
[ 571.655318][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 571.661286][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 571.666826][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 571.686454][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 571.692559][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 571.700511][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 571.708469][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 571.716435][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 571.724392][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 571.732365][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 571.737290][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 571.742228][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 571.747373][ C0] cpuidle_enter+0x3c/0x60
[ 571.751779][ C0] do_idle+0x193/0x230
[ 571.755880][ C0] cpu_startup_entry+0x15/0x20
[ 571.760643][ C0] rest_init+0xd7/0xe0
[ 571.764823][ C0] ? time_init+0xc/0xc
[ 571.768893][ C0] arch_call_rest_init+0xa/0xb
[ 571.773679][ C0] start_kernel+0x5a1/0x626
[ 571.778202][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 571.784120][ C0] ---[ end trace 6a9a87c08c22e0ba ]---
19:30:48 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:48 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xa00, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:48 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x9})
[ 571.889988][ C0] ------------[ cut here ]------------
[ 571.895476][ C0] WARNING: CPU: 0 PID: 28332 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 571.906350][ C0] Modules linked in:
[ 571.910277][ C0] CPU: 0 PID: 28332 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 571.920428][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 571.930489][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:48 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xb00, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 571.936486][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 571.956099][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 571.962198][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88810ad00000
[ 571.970265][ C0] RDX: 0000000080010001 RSI: 000000000000001a RDI: 0000000000000001
[ 571.978236][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 571.986239][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 571.994216][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 572.002197][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 572.011129][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 572.017857][ C0] CR2: 00000000005400f8 CR3: 0000000035a4b000 CR4: 00000000001506f0
[ 572.025826][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 572.033797][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 572.041761][ C0] Call Trace:
[ 572.045023][ C0]
[ 572.047859][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 572.053689][ C0] __run_hrtimer+0x163/0x460
[ 572.058282][ C0] hrtimer_interrupt+0x380/0xaf0
[ 572.063693][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 572.069605][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 572.075225][ C0]
[ 572.078151][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 572.084128][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 572.090268][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 572.110177][ C0] RSP: 0018:ffffc90003ef7a58 EFLAGS: 00000246
[ 572.116449][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000388803405cb40
[ 572.124607][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 572.132681][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 572.140637][ C0] R10: ffffffff88f37018 R11: 0000000000000200 R12: 000000000000001d
[ 572.148608][ C0] R13: ffff88810a5997c8 R14: ffff88803405cb40 R15: 0000000000000001
[ 572.156569][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 572.162134][ C0] filemap_map_pages+0x4c9/0x770
[ 572.167085][ C0] do_read_fault+0x217/0x530
[ 572.171699][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 572.177521][ C0] handle_mm_fault+0x1019/0x1840
[ 572.182477][ C0] __get_user_pages+0xa47/0x1000
[ 572.187513][ C0] __mm_populate+0x24d/0x380
[ 572.192093][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 572.196786][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 572.201454][ C0] ? switch_fpu_return+0xa/0x10
[ 572.206290][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 572.212008][ C0] do_syscall_64+0x39/0x80
[ 572.216422][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 572.222319][ C0] RIP: 0033:0x466459
[ 572.226227][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 572.245836][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 572.254248][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 572.262254][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 572.270419][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
19:30:48 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0xe)
19:30:48 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 572.283695][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 572.292001][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 572.300873][ C0] ---[ end trace 6a9a87c08c22e0bb ]---
[ 572.307872][ C0] ------------[ cut here ]------------
[ 572.313386][ C0] WARNING: CPU: 0 PID: 28332 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 572.324435][ C0] Modules linked in:
[ 572.328326][ C0] CPU: 0 PID: 28332 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
19:30:49 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0xa})
[ 572.338476][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 572.348559][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 572.354551][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 572.374617][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 572.380699][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810ad00000
[ 572.388711][ C0] RDX: 0000000000010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 572.396682][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 572.404679][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 572.412648][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 572.420602][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 572.429724][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 572.436345][ C0] CR2: 00000000005400f8 CR3: 0000000035a4b000 CR4: 00000000001506f0
[ 572.446127][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 572.454084][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 572.462044][ C0] Call Trace:
[ 572.465336][ C0]
[ 572.468258][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 572.474057][ C0] __run_hrtimer+0x163/0x460
[ 572.478662][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 572.484458][ C0] hrtimer_interrupt+0x380/0xaf0
[ 572.489385][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 572.495308][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 572.500927][ C0]
[ 572.503839][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 572.509901][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 572.516040][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 572.535643][ C0] RSP: 0018:ffffc90003ef7a58 EFLAGS: 00000246
[ 572.541696][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000388803405cb40
[ 572.549721][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 572.557761][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 572.566417][ C0] R10: ffffffff88f37018 R11: 0000000000000200 R12: 000000000000001d
[ 572.574465][ C0] R13: ffff88810a5997c8 R14: ffff88803405cb40 R15: 0000000000000001
[ 572.582424][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 572.587969][ C0] filemap_map_pages+0x4c9/0x770
[ 572.592919][ C0] do_read_fault+0x217/0x530
[ 572.597525][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 572.603317][ C0] handle_mm_fault+0x1019/0x1840
[ 572.608342][ C0] __get_user_pages+0xa47/0x1000
[ 572.613267][ C0] __mm_populate+0x24d/0x380
[ 572.617860][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 572.622435][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 572.627441][ C0] ? switch_fpu_return+0xa/0x10
[ 572.632289][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 572.638023][ C0] do_syscall_64+0x39/0x80
[ 572.642445][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 572.648337][ C0] RIP: 0033:0x466459
[ 572.652230][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 572.671918][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 572.680324][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 572.688281][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 572.696759][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 572.704749][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 572.712728][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 572.720692][ C0] ---[ end trace 6a9a87c08c22e0bc ]---
[ 572.727319][ C0] ------------[ cut here ]------------
[ 572.732797][ C0] WARNING: CPU: 0 PID: 28332 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 572.743831][ C0] Modules linked in:
[ 572.747721][ C0] CPU: 0 PID: 28332 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 572.757870][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 572.767914][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 572.773891][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 572.793508][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 572.799573][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810ad00000
[ 572.807559][ C0] RDX: 0000000000010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 572.815534][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 572.823541][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 572.831528][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 572.839501][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 572.848517][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 572.855144][ C0] CR2: 00000000005400f8 CR3: 0000000035a4b000 CR4: 00000000001506f0
[ 572.863195][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 572.871294][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 572.879385][ C0] Call Trace:
[ 572.882839][ C0]
[ 572.885786][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 572.891616][ C0] __run_hrtimer+0x163/0x460
[ 572.896207][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 572.902146][ C0] hrtimer_interrupt+0x380/0xaf0
[ 572.907174][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 572.913111][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 572.918760][ C0]
[ 572.921688][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 572.927660][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 572.933805][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 572.953405][ C0] RSP: 0018:ffffc90003ef7a58 EFLAGS: 00000246
[ 572.959456][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000388803405cb40
[ 572.967413][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 572.975394][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 572.983368][ C0] R10: ffffffff88f37018 R11: 0000000000000200 R12: 000000000000001d
[ 572.991351][ C0] R13: ffff88810a5997c8 R14: ffff88803405cb40 R15: 0000000000000001
[ 572.999329][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 573.004891][ C0] filemap_map_pages+0x4c9/0x770
[ 573.009962][ C0] do_read_fault+0x217/0x530
[ 573.014631][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 573.020429][ C0] handle_mm_fault+0x1019/0x1840
[ 573.025388][ C0] __get_user_pages+0xa47/0x1000
[ 573.030367][ C0] __mm_populate+0x24d/0x380
[ 573.035138][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 573.039719][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 573.044394][ C0] ? switch_fpu_return+0xa/0x10
[ 573.049318][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 573.055172][ C0] do_syscall_64+0x39/0x80
[ 573.059635][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 573.065523][ C0] RIP: 0033:0x466459
[ 573.069408][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 573.089113][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 573.097938][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 573.106024][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 573.113985][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 573.121946][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 573.129931][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 573.137914][ C0] ---[ end trace 6a9a87c08c22e0bd ]---
19:30:49 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xc00, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 573.185389][T28332] FAULT_INJECTION: forcing a failure.
[ 573.185389][T28332] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 573.198466][T28332] CPU: 0 PID: 28332 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 573.208667][T28332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 573.219071][T28332] Call Trace:
[ 573.222353][T28332] dump_stack+0x137/0x19d
[ 573.226701][T28332] should_fail+0x23c/0x250
19:30:49 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 573.231126][T28332] should_fail_usercopy+0x16/0x20
[ 573.236243][T28332] _copy_from_user+0x1c/0xd0
[ 573.240932][T28332] __do_sys_bpf+0x143/0x9990
[ 573.245591][T28332] ? kstrtoull+0x30e/0x350
[ 573.250047][T28332] ? kstrtouint_from_user+0x104/0x130
[ 573.255427][T28332] ? __rcu_read_unlock+0x5c/0x250
[ 573.260479][T28332] ? fsnotify_perm+0x59/0x2e0
[ 573.265167][T28332] ? __fsnotify_parent+0x32f/0x430
[ 573.270428][T28332] ? vfs_write+0x572/0x7e0
[ 573.274884][T28332] ? __fget_light+0x219/0x260
[ 573.279768][T28332] ? fput+0x2d/0x130
[ 573.283678][T28332] ? ksys_write+0x157/0x180
[ 573.288494][T28332] __x64_sys_bpf+0x3d/0x50
[ 573.292911][T28332] do_syscall_64+0x39/0x80
[ 573.297417][T28332] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 573.303326][T28332] RIP: 0033:0x466459
[ 573.307263][T28332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 573.328448][T28332] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 573.336846][T28332] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 573.345247][T28332] RDX: 0000000000000038 RSI: 0000000020000000 RDI: 000000000000001a
[ 573.353211][T28332] RBP: 00007f09d11071d0 R08: 0000000000000000 R09: 0000000000000000
[ 573.361167][T28332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 573.369134][T28332] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 573.377526][ C0] ------------[ cut here ]------------
[ 573.383269][ C0] WARNING: CPU: 0 PID: 28332 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 573.394679][ C0] Modules linked in:
[ 573.398562][ C0] CPU: 0 PID: 28332 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 573.408714][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 573.418780][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 573.424767][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 573.444979][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 573.451258][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000027 RCX: ffff88810ad00000
[ 573.459237][ C0] RDX: 0000000000010001 RSI: 0000000000000027 RDI: 0000000000000001
[ 573.467472][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 573.475432][ C0] R10: 0001ffffffffffff R11: 0000000000000084 R12: ffff88813bc1da58
[ 573.484192][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 573.492163][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 573.501415][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 573.508047][ C0] CR2: 00007f09d1106f78 CR3: 0000000035a4b000 CR4: 00000000001506f0
[ 573.516135][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 573.524091][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 573.532051][ C0] Call Trace:
[ 573.535315][ C0]
[ 573.538149][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 573.543958][ C0] __run_hrtimer+0x163/0x460
[ 573.548550][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 573.554783][ C0] hrtimer_interrupt+0x380/0xaf0
[ 573.559798][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 573.565691][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 573.571312][ C0]
[ 573.574230][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 573.580220][ C0] RIP: 0010:preempt_schedule_irq+0x3e/0x80
[ 573.586260][ C0] Code: 05 9f 10 77 7a a9 ff ff ff 7f 75 53 9c 8f 04 24 f7 04 24 00 02 00 00 75 46 0f 1f 00 65 83 05 80 10 77 7a 01 fb bf 01 00 00 00 2d f8 ff ff fa 65 83 05 6c 10 77 7a ff 65 48 8b 04 25 00 6d 01
[ 573.605857][ C0] RSP: 0018:ffffc90003ef7b38 EFLAGS: 00000202
[ 573.611912][ C0] RAX: 0000000000000000 RBX: ffff88810ad00000 RCX: ffffffff85a00e37
[ 573.619911][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 573.627878][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 573.635839][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 573.643797][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 573.651802][ C0] ? native_iret+0x7/0x7
[ 573.656076][ C0] irqentry_exit_cond_resched+0x30/0x40
[ 573.661636][ C0] irqentry_exit+0x2a/0x40
[ 573.666075][ C0] asm_sysvec_reschedule_ipi+0x12/0x20
[ 573.671526][ C0] RIP: 0010:dump_stack+0x17d/0x19d
[ 573.676655][ C0] Code: 00 02 00 00 31 ff e8 cf 29 a0 fe 49 81 e7 00 02 00 00 75 07 e8 11 25 a0 fe eb 06 e8 0a 25 a0 fe fb 65 48 8b 04 25 28 00 00 00 <48> 3b 44 24 08 75 0b 48 83 c4 10 5b 41 5e 41 5f 5d c3 e8 09 61 e3
[ 573.698019][ C0] RSP: 0018:ffffc90003ef7c18 EFLAGS: 00000287
[ 573.706913][ C0] RAX: aeb0c58e2f326100 RBX: 00000000ffffffff RCX: 0000000000040000
[ 573.715264][ C0] RDX: ffffc900130cb000 RSI: 0000000000019b9b RDI: 0000000000019b9c
[ 573.723242][ C0] RBP: 0000000000000000 R08: ffffffff82a60be1 R09: 000188810ad003cf
[ 573.736107][ C0] R10: 0001ffffffffffff R11: ffff88810ad00000 R12: ffffffff878d26e8
[ 573.744156][ C0] R13: 0000000000000001 R14: ffffffff878d2700 R15: 0000000000000200
[ 573.752442][ C0] ? dump_stack+0x15e/0x19d
[ 573.757097][ C0] ? dump_stack+0x173/0x19d
[ 573.761966][ C0] should_fail+0x23c/0x250
[ 573.766475][ C0] should_fail_usercopy+0x16/0x20
[ 573.771542][ C0] _copy_from_user+0x1c/0xd0
[ 573.776138][ C0] __do_sys_bpf+0x143/0x9990
[ 573.780738][ C0] ? kstrtoull+0x30e/0x350
[ 573.785314][ C0] ? kstrtouint_from_user+0x104/0x130
[ 573.791046][ C0] ? __rcu_read_unlock+0x5c/0x250
[ 573.796526][ C0] ? fsnotify_perm+0x59/0x2e0
[ 573.801195][ C0] ? __fsnotify_parent+0x32f/0x430
[ 573.806308][ C0] ? vfs_write+0x572/0x7e0
[ 573.810747][ C0] ? __fget_light+0x219/0x260
[ 573.815448][ C0] ? fput+0x2d/0x130
[ 573.819964][ C0] ? ksys_write+0x157/0x180
[ 573.824480][ C0] __x64_sys_bpf+0x3d/0x50
[ 573.828947][ C0] do_syscall_64+0x39/0x80
[ 573.834227][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 573.840248][ C0] RIP: 0033:0x466459
[ 573.844316][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 573.864141][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 573.873417][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 573.881491][ C0] RDX: 0000000000000038 RSI: 0000000020000000 RDI: 000000000000001a
[ 573.889539][ C0] RBP: 00007f09d11071d0 R08: 0000000000000000 R09: 0000000000000000
[ 573.897524][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 573.905525][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 573.913600][ C0] ---[ end trace 6a9a87c08c22e0be ]---
[ 573.919441][ C0] ------------[ cut here ]------------
[ 573.924903][ C0] WARNING: CPU: 0 PID: 28332 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 573.935967][ C0] Modules linked in:
[ 573.939886][ C0] CPU: 0 PID: 28332 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 573.950057][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 573.960120][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 573.966115][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 573.986109][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 573.992252][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000020 RCX: ffff88810ad00000
[ 574.000251][ C0] RDX: 0000000000010001 RSI: 0000000000000020 RDI: 0000000000000001
[ 574.008212][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 574.016193][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 574.024185][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 574.032144][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 574.041170][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 574.047857][ C0] CR2: 00007f09d1106f78 CR3: 0000000035a4b000 CR4: 00000000001506f0
[ 574.055822][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 574.064314][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 574.072347][ C0] Call Trace:
[ 574.075728][ C0]
[ 574.078582][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 574.084383][ C0] __run_hrtimer+0x163/0x460
[ 574.088958][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 574.094788][ C0] hrtimer_interrupt+0x380/0xaf0
[ 574.099858][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 574.105745][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 574.111391][ C0]
[ 574.114331][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 574.120304][ C0] RIP: 0010:preempt_schedule_irq+0x3e/0x80
[ 574.126140][ C0] Code: 05 9f 10 77 7a a9 ff ff ff 7f 75 53 9c 8f 04 24 f7 04 24 00 02 00 00 75 46 0f 1f 00 65 83 05 80 10 77 7a 01 fb bf 01 00 00 00 2d f8 ff ff fa 65 83 05 6c 10 77 7a ff 65 48 8b 04 25 00 6d 01
[ 574.145737][ C0] RSP: 0018:ffffc90003ef7b38 EFLAGS: 00000202
[ 574.151796][ C0] RAX: 0000000000000000 RBX: ffff88810ad00000 RCX: ffffffff85a00e37
[ 574.159773][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 574.167801][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 574.175793][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 574.183808][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 574.192189][ C0] ? native_iret+0x7/0x7
[ 574.196433][ C0] irqentry_exit_cond_resched+0x30/0x40
[ 574.201978][ C0] irqentry_exit+0x2a/0x40
[ 574.206406][ C0] asm_sysvec_reschedule_ipi+0x12/0x20
[ 574.211854][ C0] RIP: 0010:dump_stack+0x17d/0x19d
[ 574.217091][ C0] Code: 00 02 00 00 31 ff e8 cf 29 a0 fe 49 81 e7 00 02 00 00 75 07 e8 11 25 a0 fe eb 06 e8 0a 25 a0 fe fb 65 48 8b 04 25 28 00 00 00 <48> 3b 44 24 08 75 0b 48 83 c4 10 5b 41 5e 41 5f 5d c3 e8 09 61 e3
[ 574.237540][ C0] RSP: 0018:ffffc90003ef7c18 EFLAGS: 00000287
[ 574.243598][ C0] RAX: aeb0c58e2f326100 RBX: 00000000ffffffff RCX: 0000000000040000
[ 574.251573][ C0] RDX: ffffc900130cb000 RSI: 0000000000019b9b RDI: 0000000000019b9c
[ 574.259620][ C0] RBP: 0000000000000000 R08: ffffffff82a60be1 R09: 000188810ad003cf
[ 574.267664][ C0] R10: 0001ffffffffffff R11: ffff88810ad00000 R12: ffffffff878d26e8
[ 574.275993][ C0] R13: 0000000000000001 R14: ffffffff878d2700 R15: 0000000000000200
[ 574.284022][ C0] ? dump_stack+0x15e/0x19d
[ 574.288523][ C0] ? dump_stack+0x173/0x19d
[ 574.293033][ C0] should_fail+0x23c/0x250
[ 574.297451][ C0] should_fail_usercopy+0x16/0x20
[ 574.302480][ C0] _copy_from_user+0x1c/0xd0
[ 574.307085][ C0] __do_sys_bpf+0x143/0x9990
[ 574.312174][ C0] ? kstrtoull+0x30e/0x350
[ 574.316580][ C0] ? kstrtouint_from_user+0x104/0x130
[ 574.321960][ C0] ? __rcu_read_unlock+0x5c/0x250
[ 574.327003][ C0] ? fsnotify_perm+0x59/0x2e0
[ 574.331694][ C0] ? __fsnotify_parent+0x32f/0x430
[ 574.336902][ C0] ? vfs_write+0x572/0x7e0
[ 574.341334][ C0] ? __fget_light+0x219/0x260
[ 574.346028][ C0] ? fput+0x2d/0x130
[ 574.350066][ C0] ? ksys_write+0x157/0x180
[ 574.354768][ C0] __x64_sys_bpf+0x3d/0x50
[ 574.359184][ C0] do_syscall_64+0x39/0x80
[ 574.363600][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 574.369599][ C0] RIP: 0033:0x466459
[ 574.373573][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 574.393340][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 574.401774][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 574.409752][ C0] RDX: 0000000000000038 RSI: 0000000020000000 RDI: 000000000000001a
[ 574.419583][ C0] RBP: 00007f09d11071d0 R08: 0000000000000000 R09: 0000000000000000
[ 574.427750][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 574.437608][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 574.446865][ C0] ---[ end trace 6a9a87c08c22e0bf ]---
[ 574.452538][ C0] ------------[ cut here ]------------
[ 574.457980][ C0] WARNING: CPU: 0 PID: 28332 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 574.468830][ C0] Modules linked in:
[ 574.472796][ C0] CPU: 0 PID: 28332 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 574.483641][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 574.494135][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 574.500120][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 574.519825][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 574.525917][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000020 RCX: ffff88810ad00000
[ 574.533901][ C0] RDX: 0000000000010001 RSI: 0000000000000020 RDI: 0000000000000001
[ 574.541877][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 574.549859][ C0] R10: 0001ffffffffffff R11: ffff88810ad00000 R12: ffff88813bc1da58
[ 574.558112][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 574.566307][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 574.575367][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 574.581964][ C0] CR2: 00007f09d1106f78 CR3: 0000000035a4b000 CR4: 00000000001506f0
[ 574.589932][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 574.597910][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 574.605876][ C0] Call Trace:
[ 574.609149][ C0]
[ 574.612005][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 574.617849][ C0] __run_hrtimer+0x163/0x460
[ 574.622457][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 574.628259][ C0] hrtimer_interrupt+0x380/0xaf0
[ 574.633245][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 574.639229][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 574.644861][ C0]
[ 574.647917][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 574.654012][ C0] RIP: 0010:preempt_schedule_irq+0x3e/0x80
[ 574.660102][ C0] Code: 05 9f 10 77 7a a9 ff ff ff 7f 75 53 9c 8f 04 24 f7 04 24 00 02 00 00 75 46 0f 1f 00 65 83 05 80 10 77 7a 01 fb bf 01 00 00 00 2d f8 ff ff fa 65 83 05 6c 10 77 7a ff 65 48 8b 04 25 00 6d 01
[ 574.679711][ C0] RSP: 0018:ffffc90003ef7b38 EFLAGS: 00000202
[ 574.685798][ C0] RAX: 0000000000000000 RBX: ffff88810ad00000 RCX: ffffffff85a00e37
[ 574.693970][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 574.702532][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 574.710496][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 574.718474][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 574.726451][ C0] ? native_iret+0x7/0x7
[ 574.731007][ C0] irqentry_exit_cond_resched+0x30/0x40
[ 574.737249][ C0] irqentry_exit+0x2a/0x40
[ 574.741680][ C0] asm_sysvec_reschedule_ipi+0x12/0x20
[ 574.747522][ C0] RIP: 0010:dump_stack+0x17d/0x19d
[ 574.752741][ C0] Code: 00 02 00 00 31 ff e8 cf 29 a0 fe 49 81 e7 00 02 00 00 75 07 e8 11 25 a0 fe eb 06 e8 0a 25 a0 fe fb 65 48 8b 04 25 28 00 00 00 <48> 3b 44 24 08 75 0b 48 83 c4 10 5b 41 5e 41 5f 5d c3 e8 09 61 e3
[ 574.773128][ C0] RSP: 0018:ffffc90003ef7c18 EFLAGS: 00000287
[ 574.779357][ C0] RAX: aeb0c58e2f326100 RBX: 00000000ffffffff RCX: 0000000000040000
[ 574.787316][ C0] RDX: ffffc900130cb000 RSI: 0000000000019b9b RDI: 0000000000019b9c
[ 574.795288][ C0] RBP: 0000000000000000 R08: ffffffff82a60be1 R09: 000188810ad003cf
[ 574.803685][ C0] R10: 0001ffffffffffff R11: ffff88810ad00000 R12: ffffffff878d26e8
[ 574.811641][ C0] R13: 0000000000000001 R14: ffffffff878d2700 R15: 0000000000000200
[ 574.819617][ C0] ? dump_stack+0x15e/0x19d
[ 574.824137][ C0] ? dump_stack+0x173/0x19d
[ 574.828686][ C0] should_fail+0x23c/0x250
[ 574.833126][ C0] should_fail_usercopy+0x16/0x20
[ 574.838142][ C0] _copy_from_user+0x1c/0xd0
[ 574.842809][ C0] __do_sys_bpf+0x143/0x9990
[ 574.847425][ C0] ? kstrtoull+0x30e/0x350
[ 574.851846][ C0] ? kstrtouint_from_user+0x104/0x130
[ 574.857675][ C0] ? __rcu_read_unlock+0x5c/0x250
[ 574.862706][ C0] ? fsnotify_perm+0x59/0x2e0
[ 574.867371][ C0] ? __fsnotify_parent+0x32f/0x430
[ 574.872559][ C0] ? vfs_write+0x572/0x7e0
[ 574.876987][ C0] ? __fget_light+0x219/0x260
[ 574.881647][ C0] ? fput+0x2d/0x130
[ 574.885545][ C0] ? ksys_write+0x157/0x180
[ 574.890069][ C0] __x64_sys_bpf+0x3d/0x50
[ 574.894633][ C0] do_syscall_64+0x39/0x80
[ 574.899135][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 574.905024][ C0] RIP: 0033:0x466459
[ 574.908905][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 574.928532][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 574.936946][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 574.944911][ C0] RDX: 0000000000000038 RSI: 0000000020000000 RDI: 000000000000001a
[ 574.952958][ C0] RBP: 00007f09d11071d0 R08: 0000000000000000 R09: 0000000000000000
[ 574.961196][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 574.969253][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 574.977369][ C0] ---[ end trace 6a9a87c08c22e0c0 ]---
19:30:51 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:30:51 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x25})
19:30:51 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x10)
19:30:51 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xd00, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 575.083284][ C0] ------------[ cut here ]------------
[ 575.088780][ C0] WARNING: CPU: 0 PID: 28356 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 575.099670][ C0] Modules linked in:
[ 575.103743][ C0] CPU: 0 PID: 28356 Comm: syz-executor.0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 575.113940][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 575.124008][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 575.130017][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 575.149638][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 575.155718][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000026 RCX: ffff88810daf1000
[ 575.163717][ C0] RDX: 0000000080010000 RSI: 0000000000000026 RDI: 0000000000000001
[ 575.171873][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 575.182234][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 575.190215][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 575.198211][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 575.207155][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 575.213747][ C0] CR2: 0000001b30321000 CR3: 0000000035a53000 CR4: 00000000001506f0
[ 575.221987][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 575.230075][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 575.238065][ C0] Call Trace:
[ 575.241355][ C0]
[ 575.244207][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 575.250028][ C0] __run_hrtimer+0x163/0x460
[ 575.254649][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 575.260821][ C0] hrtimer_interrupt+0x380/0xaf0
[ 575.265833][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 575.271781][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 575.277444][ C0]
19:30:51 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 575.280385][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 575.286378][ C0] RIP: 0010:mm_release+0x71/0x1d0
[ 575.291452][ C0] Code: 02 00 00 be 00 02 00 00 48 21 de 31 ff e8 77 52 19 00 48 21 dd 75 07 e8 bd 4d 19 00 eb 06 e8 b6 4d 19 00 fb 8e 25 b7 80 b6 04 <4d> 8d be 30 06 00 00 4c 89 ff e8 70 e3 29 00 49 8b 9e 30 06 00 00
[ 575.311159][ C0] RSP: 0018:ffffc90003ef7b70 EFLAGS: 00000293
[ 575.317345][ C0] RAX: ffffffff812ce34a RBX: 0000000000000282 RCX: ffff88810daf1000
[ 575.325344][ C0] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000
[ 575.333335][ C0] RBP: 0000000000000200 R08: ffffffff812ce339 R09: 0001c90003ef7b77
[ 575.341316][ C0] R10: 0001ffffffffffff R11: 000000000000010c R12: ffff888035b3ae80
[ 575.349321][ C0] R13: ffff88810daf1000 R14: ffff88810daf1000 R15: ffff88810daf14a0
[ 575.357351][ C0] ? mm_release+0x59/0x1d0
[ 575.361792][ C0] ? mm_release+0x6a/0x1d0
[ 575.366255][ C0] exit_mm_release+0x21/0x30
[ 575.370887][ C0] exit_mm+0x4b/0x430
[ 575.374929][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 575.380761][ C0] ? taskstats_exit+0x334/0x730
[ 575.385628][ C0] ? acct_collect+0x3a4/0x400
[ 575.390433][ C0] do_exit+0x3ff/0x1670
[ 575.394614][ C0] ? do_futex+0x1080/0x1cd0
[ 575.399168][ C0] do_group_exit+0xce/0x180
[ 575.403692][ C0] get_signal+0xdce/0x14e0
[ 575.408133][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 575.413734][ C0] ? __se_sys_futex+0x2a8/0x390
[ 575.418616][ C0] ? do_user_addr_fault+0x751/0xc00
[ 575.423827][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 575.429383][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 575.435051][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 575.440546][ C0] do_syscall_64+0x45/0x80
[ 575.444981][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 575.450914][ C0] RIP: 0033:0x466459
[ 575.454836][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 575.474709][ C0] RSP: 002b:00007fed45add218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 575.483132][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 575.492415][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 575.500476][ C0] RBP: 000000000056bf60 R08: 0000000000000002 R09: 0000000000000000
[ 575.508463][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 575.516555][ C0] R13: 00007ffdd9640b4f R14: 00007fed45add300 R15: 0000000000022000
[ 575.524809][ C0] ---[ end trace 6a9a87c08c22e0c1 ]---
19:30:52 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0xb})
[ 575.530827][ C0] ------------[ cut here ]------------
[ 575.536287][ C0] WARNING: CPU: 0 PID: 28356 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 575.547204][ C0] Modules linked in:
[ 575.551130][ C0] CPU: 0 PID: 28356 Comm: syz-executor.0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 575.561280][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 575.571375][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 575.577373][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 575.598475][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 575.605090][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff88810daf1000
[ 575.613711][ C0] RDX: 0000000080010000 RSI: 000000000000001b RDI: 0000000000000001
[ 575.621712][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:30:52 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xe00, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 575.629739][ C0] R10: 0001ffffffffffff R11: ffff88810daf1000 R12: ffff88813bc1da58
[ 575.637908][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 575.645893][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 575.654945][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 575.661537][ C0] CR2: 0000001b30321000 CR3: 0000000035a53000 CR4: 00000000001506f0
[ 575.669552][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 575.677617][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 575.685651][ C0] Call Trace:
[ 575.688929][ C0]
[ 575.691780][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 575.697606][ C0] __run_hrtimer+0x163/0x460
[ 575.702227][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 575.708050][ C0] hrtimer_interrupt+0x380/0xaf0
[ 575.713029][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 575.719042][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 575.724698][ C0]
[ 575.727673][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
19:30:52 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 575.733669][ C0] RIP: 0010:mm_release+0x71/0x1d0
[ 575.738728][ C0] Code: 02 00 00 be 00 02 00 00 48 21 de 31 ff e8 77 52 19 00 48 21 dd 75 07 e8 bd 4d 19 00 eb 06 e8 b6 4d 19 00 fb 8e 25 b7 80 b6 04 <4d> 8d be 30 06 00 00 4c 89 ff e8 70 e3 29 00 49 8b 9e 30 06 00 00
[ 575.758359][ C0] RSP: 0018:ffffc90003ef7b70 EFLAGS: 00000293
[ 575.764537][ C0] RAX: ffffffff812ce34a RBX: 0000000000000282 RCX: ffff88810daf1000
[ 575.772518][ C0] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000
19:30:52 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x11)
[ 575.780696][ C0] RBP: 0000000000000200 R08: ffffffff812ce339 R09: 0001c90003ef7b77
[ 575.788689][ C0] R10: 0001ffffffffffff R11: 000000000000010c R12: ffff888035b3ae80
[ 575.796699][ C0] R13: ffff88810daf1000 R14: ffff88810daf1000 R15: ffff88810daf14a0
[ 575.804700][ C0] ? mm_release+0x59/0x1d0
[ 575.809233][ C0] ? mm_release+0x6a/0x1d0
[ 575.813686][ C0] exit_mm_release+0x21/0x30
[ 575.818348][ C0] exit_mm+0x4b/0x430
[ 575.822361][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 575.828203][ C0] ? taskstats_exit+0x334/0x730
[ 575.833166][ C0] ? acct_collect+0x3a4/0x400
[ 575.837860][ C0] do_exit+0x3ff/0x1670
[ 575.842024][ C0] ? do_futex+0x1080/0x1cd0
[ 575.846541][ C0] do_group_exit+0xce/0x180
[ 575.851060][ C0] get_signal+0xdce/0x14e0
[ 575.855517][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 575.861232][ C0] ? __se_sys_futex+0x2a8/0x390
[ 575.866139][ C0] ? do_user_addr_fault+0x751/0xc00
[ 575.871519][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 575.877078][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 575.883059][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 575.888511][ C0] do_syscall_64+0x45/0x80
[ 575.892914][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 575.898803][ C0] RIP: 0033:0x466459
[ 575.902712][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 575.922786][ C0] RSP: 002b:00007fed45add218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 575.931354][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 575.939422][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 575.947760][ C0] RBP: 000000000056bf60 R08: 0000000000000002 R09: 0000000000000000
[ 575.955918][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 575.963898][ C0] R13: 00007ffdd9640b4f R14: 00007fed45add300 R15: 0000000000022000
[ 575.971970][ C0] ---[ end trace 6a9a87c08c22e0c2 ]---
[ 575.977893][ C0] ------------[ cut here ]------------
[ 575.983355][ C0] WARNING: CPU: 0 PID: 28356 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 575.994233][ C0] Modules linked in:
[ 575.998115][ C0] CPU: 0 PID: 28356 Comm: syz-executor.0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 576.008262][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 576.018329][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 576.024330][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 576.044029][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 576.050101][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff88810daf1000
[ 576.058304][ C0] RDX: 0000000080010000 RSI: 000000000000001b RDI: 0000000000000001
[ 576.066268][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 576.074248][ C0] R10: 0001ffffffffffff R11: 0000000000000028 R12: ffff88813bc1da58
[ 576.082231][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 576.090192][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 576.099115][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 576.106207][ C0] CR2: 0000001b30321000 CR3: 0000000035a53000 CR4: 00000000001506f0
[ 576.115055][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 576.123426][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 576.131507][ C0] Call Trace:
[ 576.134774][ C0]
[ 576.137617][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 576.143772][ C0] __run_hrtimer+0x163/0x460
[ 576.148380][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 576.154356][ C0] hrtimer_interrupt+0x380/0xaf0
[ 576.159364][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 576.165266][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 576.171036][ C0]
[ 576.173953][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 576.179924][ C0] RIP: 0010:mm_release+0x71/0x1d0
[ 576.184961][ C0] Code: 02 00 00 be 00 02 00 00 48 21 de 31 ff e8 77 52 19 00 48 21 dd 75 07 e8 bd 4d 19 00 eb 06 e8 b6 4d 19 00 fb 8e 25 b7 80 b6 04 <4d> 8d be 30 06 00 00 4c 89 ff e8 70 e3 29 00 49 8b 9e 30 06 00 00
[ 576.205743][ C0] RSP: 0018:ffffc90003ef7b70 EFLAGS: 00000293
[ 576.211811][ C0] RAX: ffffffff812ce34a RBX: 0000000000000282 RCX: ffff88810daf1000
[ 576.219774][ C0] RDX: 0000000000000000 RSI: 0000000000000200 RDI: 0000000000000000
[ 576.227773][ C0] RBP: 0000000000000200 R08: ffffffff812ce339 R09: 0001c90003ef7b77
[ 576.236355][ C0] R10: 0001ffffffffffff R11: 000000000000010c R12: ffff888035b3ae80
[ 576.244322][ C0] R13: ffff88810daf1000 R14: ffff88810daf1000 R15: ffff88810daf14a0
[ 576.252409][ C0] ? mm_release+0x59/0x1d0
[ 576.256903][ C0] ? mm_release+0x6a/0x1d0
[ 576.261337][ C0] exit_mm_release+0x21/0x30
[ 576.265919][ C0] exit_mm+0x4b/0x430
[ 576.269911][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 576.275718][ C0] ? taskstats_exit+0x334/0x730
[ 576.280586][ C0] ? acct_collect+0x3a4/0x400
[ 576.285463][ C0] do_exit+0x3ff/0x1670
[ 576.289624][ C0] ? do_futex+0x1080/0x1cd0
[ 576.294129][ C0] do_group_exit+0xce/0x180
[ 576.298642][ C0] get_signal+0xdce/0x14e0
[ 576.303059][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 576.308635][ C0] ? __se_sys_futex+0x2a8/0x390
[ 576.313483][ C0] ? do_user_addr_fault+0x751/0xc00
[ 576.319064][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 576.324629][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 576.330267][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 576.335785][ C0] do_syscall_64+0x45/0x80
[ 576.340199][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 576.346108][ C0] RIP: 0033:0x466459
[ 576.350006][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 576.370041][ C0] RSP: 002b:00007fed45add218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 576.378457][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
19:30:53 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 576.386811][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 576.394798][ C0] RBP: 000000000056bf60 R08: 0000000000000002 R09: 0000000000000000
[ 576.402793][ C0] R10: ffffffffffffffff R11: 0000000000000246 R12: 000000000056bf6c
[ 576.410848][ C0] R13: 00007ffdd9640b4f R14: 00007fed45add300 R15: 0000000000022000
[ 576.418813][ C0] ---[ end trace 6a9a87c08c22e0c3 ]---
19:30:53 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:53 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xf00, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:53 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x1100, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 576.524714][ C0] ------------[ cut here ]------------
[ 576.530206][ C0] WARNING: CPU: 0 PID: 28382 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 576.541170][ C0] Modules linked in:
[ 576.545070][ C0] CPU: 0 PID: 28382 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 576.555355][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 576.565422][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 576.571426][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 576.591186][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 576.597873][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000021 RCX: ffff88801fe7a000
[ 576.605852][ C0] RDX: 0000000080010001 RSI: 0000000000000021 RDI: 0000000000000001
[ 576.613838][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 576.621820][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 576.629847][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 576.637834][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 576.646787][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 576.653391][ C0] CR2: 0000001b30321000 CR3: 000000010ab7b000 CR4: 00000000001506f0
[ 576.661369][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 576.669483][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 576.677692][ C0] Call Trace:
[ 576.680972][ C0]
[ 576.684116][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 576.689928][ C0] __run_hrtimer+0x163/0x460
[ 576.694528][ C0] hrtimer_interrupt+0x380/0xaf0
[ 576.699482][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 576.705489][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 576.711366][ C0]
[ 576.714283][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 576.720325][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x14/0x90
[ 576.727182][ C0] Code: 49 ff c2 4c 89 11 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 4c 8b 04 24 65 48 8b 14 25 00 6d 01 00 65 8b 05 44 37 bb 7e 00 01 ff 00 74 10 a9 00 01 00 00 74 6a 83 ba 1c 0b 00 00 00 74
[ 576.746783][ C0] RSP: 0018:ffffc90004157ac8 EFLAGS: 00000246
[ 576.752970][ C0] RAX: 0000000080000001 RBX: 00000000544f0027 RCX: 0000000000000c69
[ 576.764670][ C0] RDX: ffff88801fe7a000 RSI: 00000000544f0007 RDI: 0000000000000000
[ 576.772654][ C0] RBP: ffff888026e6b628 R08: ffffffff815c07f2 R09: 0001888026e6b62f
[ 576.780655][ C0] R10: 0001ffffffffffff R11: ffff88801fe7a000 R12: ffff888026e6b620
[ 576.788620][ C0] R13: 00000000208c5000 R14: ffffea0001513c00 R15: ffffc90004157ca0
[ 576.796653][ C0] ? filemap_map_pages+0x312/0x770
[ 576.801789][ C0] filemap_map_pages+0x312/0x770
[ 576.806845][ C0] do_read_fault+0x217/0x530
[ 576.811615][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 576.818123][ C0] handle_mm_fault+0x1019/0x1840
[ 576.823068][ C0] __get_user_pages+0xa47/0x1000
[ 576.828010][ C0] __mm_populate+0x24d/0x380
[ 576.832628][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 576.837333][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 576.842026][ C0] ? switch_fpu_return+0xa/0x10
[ 576.846891][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 576.852603][ C0] do_syscall_64+0x39/0x80
[ 576.857005][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 576.863405][ C0] RIP: 0033:0x466459
[ 576.867348][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 576.886952][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 576.895366][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 576.903361][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 576.911326][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
19:30:53 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x5c})
19:30:53 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x1200, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:53 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 576.919304][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 576.927268][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 576.935846][ C0] ---[ end trace 6a9a87c08c22e0c4 ]---
[ 576.941688][ C0] ------------[ cut here ]------------
[ 576.947204][ C0] WARNING: CPU: 0 PID: 28382 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 576.958073][ C0] Modules linked in:
[ 576.961981][ C0] CPU: 0 PID: 28382 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 576.972139][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 576.982201][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 576.988202][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 577.007827][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 577.014061][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88801fe7a000
19:30:53 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x2000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 577.022047][ C0] RDX: 0000000080010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 577.030039][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 577.038028][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 577.046013][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 577.054034][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 577.062980][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 577.069576][ C0] CR2: 0000001b30321000 CR3: 000000010ab7b000 CR4: 00000000001506f0
[ 577.077557][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 577.085572][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 577.093558][ C0] Call Trace:
[ 577.096839][ C0]
[ 577.099688][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 577.105512][ C0] __run_hrtimer+0x163/0x460
[ 577.110125][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 577.116056][ C0] hrtimer_interrupt+0x380/0xaf0
[ 577.121130][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
19:30:53 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0xc})
19:30:53 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x300})
[ 577.127166][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 577.133522][ C0]
[ 577.136457][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 577.142460][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x14/0x90
[ 577.149348][ C0] Code: 49 ff c2 4c 89 11 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 4c 8b 04 24 65 48 8b 14 25 00 6d 01 00 65 8b 05 44 37 bb 7e 00 01 ff 00 74 10 a9 00 01 00 00 74 6a 83 ba 1c 0b 00 00 00 74
[ 577.169024][ C0] RSP: 0018:ffffc90004157ac8 EFLAGS: 00000246
[ 577.175105][ C0] RAX: 0000000080000001 RBX: 00000000544f0027 RCX: 0000000000000c69
[ 577.184415][ C0] RDX: ffff88801fe7a000 RSI: 00000000544f0007 RDI: 0000000000000000
[ 577.193448][ C0] RBP: ffff888026e6b628 R08: ffffffff815c07f2 R09: 0001888026e6b62f
[ 577.201964][ C0] R10: 0001ffffffffffff R11: ffff88801fe7a000 R12: ffff888026e6b620
[ 577.210284][ C0] R13: 00000000208c5000 R14: ffffea0001513c00 R15: ffffc90004157ca0
[ 577.218588][ C0] ? filemap_map_pages+0x312/0x770
[ 577.223726][ C0] filemap_map_pages+0x312/0x770
[ 577.228695][ C0] do_read_fault+0x217/0x530
[ 577.234124][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 577.240092][ C0] handle_mm_fault+0x1019/0x1840
[ 577.245199][ C0] __get_user_pages+0xa47/0x1000
[ 577.250134][ C0] __mm_populate+0x24d/0x380
[ 577.254757][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 577.259667][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 577.264813][ C0] ? switch_fpu_return+0xa/0x10
[ 577.269658][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 577.275384][ C0] do_syscall_64+0x39/0x80
[ 577.279811][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 577.285782][ C0] RIP: 0033:0x466459
[ 577.289689][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 577.310546][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 577.319011][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 577.327102][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 577.335086][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 577.343047][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 577.351222][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 577.359217][ C0] ---[ end trace 6a9a87c08c22e0c5 ]---
[ 577.365020][ C0] ------------[ cut here ]------------
[ 577.370609][ C0] WARNING: CPU: 0 PID: 28382 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 577.382035][ C0] Modules linked in:
[ 577.385932][ C0] CPU: 0 PID: 28382 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 577.396123][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 577.406518][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 577.412533][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 577.432154][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 577.438226][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88801fe7a000
[ 577.446190][ C0] RDX: 0000000000010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 577.454225][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 577.462226][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 577.470196][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 577.478182][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 577.487099][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 577.493709][ C0] CR2: 0000001b30321000 CR3: 000000010ab7b000 CR4: 00000000001506f0
[ 577.501792][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 577.509774][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 577.517759][ C0] Call Trace:
[ 577.521040][ C0]
[ 577.523871][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 577.529676][ C0] __run_hrtimer+0x163/0x460
[ 577.534275][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 577.540071][ C0] hrtimer_interrupt+0x380/0xaf0
[ 577.545026][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 577.551066][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 577.556734][ C0]
[ 577.559676][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 577.565687][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x14/0x90
[ 577.572537][ C0] Code: 49 ff c2 4c 89 11 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 4c 8b 04 24 65 48 8b 14 25 00 6d 01 00 65 8b 05 44 37 bb 7e 00 01 ff 00 74 10 a9 00 01 00 00 74 6a 83 ba 1c 0b 00 00 00 74
[ 577.592234][ C0] RSP: 0018:ffffc90004157ac8 EFLAGS: 00000246
[ 577.598410][ C0] RAX: 0000000080000001 RBX: 00000000544f0027 RCX: 0000000000000c69
[ 577.611243][ C0] RDX: ffff88801fe7a000 RSI: 00000000544f0007 RDI: 0000000000000000
[ 577.619222][ C0] RBP: ffff888026e6b628 R08: ffffffff815c07f2 R09: 0001888026e6b62f
[ 577.628154][ C0] R10: 0001ffffffffffff R11: ffff88801fe7a000 R12: ffff888026e6b620
[ 577.636257][ C0] R13: 00000000208c5000 R14: ffffea0001513c00 R15: ffffc90004157ca0
[ 577.644260][ C0] ? filemap_map_pages+0x312/0x770
[ 577.649363][ C0] filemap_map_pages+0x312/0x770
[ 577.654317][ C0] do_read_fault+0x217/0x530
[ 577.658965][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 577.664809][ C0] handle_mm_fault+0x1019/0x1840
[ 577.669849][ C0] __get_user_pages+0xa47/0x1000
[ 577.674803][ C0] __mm_populate+0x24d/0x380
[ 577.679410][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 577.683991][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 577.688784][ C0] ? switch_fpu_return+0xa/0x10
[ 577.693619][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 577.699343][ C0] do_syscall_64+0x39/0x80
[ 577.703751][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 577.709648][ C0] RIP: 0033:0x466459
[ 577.713547][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 577.733158][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 577.741560][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 577.749542][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 577.757523][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 577.765648][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 577.773659][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 577.781747][ C0] ---[ end trace 6a9a87c08c22e0c6 ]---
[ 577.887788][ C0] ------------[ cut here ]------------
[ 577.893640][ C0] WARNING: CPU: 0 PID: 28410 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 577.904635][ C0] Modules linked in:
[ 577.908537][ C0] CPU: 0 PID: 28410 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 577.918782][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 577.928986][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 577.934982][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 577.954953][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 577.961174][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff88810fa71000
[ 577.969243][ C0] RDX: 0000000080010000 RSI: 000000000000001f RDI: 0000000000000001
[ 577.977325][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 577.985312][ C0] R10: 0001ffffffffffff R11: 00000000000001ae R12: ffff88813bc1da58
[ 577.993288][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 578.001381][ C0] FS: 00007f09d10e6700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 578.010315][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 578.016889][ C0] CR2: 0000000020000280 CR3: 000000010ab7b000 CR4: 00000000001506f0
[ 578.024872][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 578.032841][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 578.040810][ C0] Call Trace:
[ 578.044123][ C0]
[ 578.046952][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 578.052786][ C0] __run_hrtimer+0x163/0x460
[ 578.057385][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 578.063628][ C0] hrtimer_interrupt+0x380/0xaf0
[ 578.068560][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 578.074470][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 578.080109][ C0]
[ 578.083051][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 578.089130][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x33/0x60
[ 578.095279][ C0] Code: 00 6d 01 00 65 8b 15 f4 3b bb 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74 35 83 b9 1c 0b 00 00 00 74 2c 8b 91 f8 0a 00 00 <83> fa 02 75 21 48 8b 91 00 0b 00 00 48 8b 32 48 8d 7e 01 8b 89 fc
[ 578.114886][ C0] RSP: 0018:ffffc90005207a70 EFLAGS: 00000246
[ 578.120962][ C0] RAX: ffffffff815df61e RBX: ffffea0001805f40 RCX: ffff88810fa71000
[ 578.129027][ C0] RDX: 0000000000000002 RSI: 000000000003ffff RDI: ffffea0001805f58
[ 578.136992][ C0] RBP: ffffc90005207c40 R08: 0000000000000000 R09: 0001ea0001805f5f
[ 578.145108][ C0] R10: 0001ffffffffffff R11: ffff88810fa71000 R12: ffffea0001805f40
[ 578.154075][ C0] R13: 0000000000000000 R14: ffff888107b902a8 R15: 0000000000000000
[ 578.162177][ C0] ? truncate_inode_page+0x2e/0x50
[ 578.167435][ C0] truncate_inode_page+0x2e/0x50
[ 578.172803][ C0] shmem_undo_range+0x222/0x1220
[ 578.177778][ C0] ? _raw_spin_unlock+0x22/0x40
[ 578.182626][ C0] shmem_evict_inode+0x115/0x550
[ 578.187563][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 578.193289][ C0] ? bit_waitqueue+0x30/0x30
[ 578.197923][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 578.203483][ C0] evict+0x1aa/0x410
[ 578.207374][ C0] iput+0x3fd/0x520
[ 578.211182][ C0] dentry_unlink_inode+0x210/0x220
[ 578.216300][ C0] __dentry_kill+0x293/0x450
[ 578.220910][ C0] dput+0x218/0x430
[ 578.224732][ C0] __fput+0x3b3/0x4f0
[ 578.228700][ C0] ____fput+0x11/0x20
[ 578.232699][ C0] task_work_run+0x8e/0x110
[ 578.237204][ C0] exit_to_user_mode_prepare+0x17c/0x1b0
[ 578.242845][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 578.248300][ C0] do_syscall_64+0x45/0x80
[ 578.252709][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 578.258698][ C0] RIP: 0033:0x466459
[ 578.262594][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 578.282284][ C0] RSP: 002b:00007f09d10e6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 578.290688][ C0] RAX: 0000000020000000 RBX: 000000000056c008 RCX: 0000000000466459
[ 578.298834][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 578.306827][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 578.314913][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056c008
[ 578.322890][ C0] R13: 00007fff87968f8f R14: 00007f09d10e6300 R15: 0000000000022000
[ 578.330865][ C0] ---[ end trace 6a9a87c08c22e0c7 ]---
[ 578.336657][ C0] ------------[ cut here ]------------
[ 578.342125][ C0] WARNING: CPU: 0 PID: 28410 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 578.353003][ C0] Modules linked in:
[ 578.357014][ C0] CPU: 0 PID: 28410 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 578.367159][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 578.377234][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 578.383221][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 578.402934][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 578.408996][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff88810fa71000
[ 578.416991][ C0] RDX: 0000000080010000 RSI: 000000000000001b RDI: 0000000000000001
[ 578.424949][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 578.432906][ C0] R10: 0001ffffffffffff R11: ffff88810fa71000 R12: ffff88813bc1da58
[ 578.440878][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 578.448839][ C0] FS: 00007f09d10e6700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 578.457820][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 578.464395][ C0] CR2: 0000000020000280 CR3: 000000010ab7b000 CR4: 00000000001506f0
[ 578.472479][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 578.480465][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 578.488433][ C0] Call Trace:
[ 578.491763][ C0]
[ 578.494603][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 578.500416][ C0] __run_hrtimer+0x163/0x460
[ 578.505002][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 578.510833][ C0] hrtimer_interrupt+0x380/0xaf0
[ 578.515768][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 578.521658][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 578.527385][ C0]
[ 578.530301][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 578.536289][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x33/0x60
[ 578.542447][ C0] Code: 00 6d 01 00 65 8b 15 f4 3b bb 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74 35 83 b9 1c 0b 00 00 00 74 2c 8b 91 f8 0a 00 00 <83> fa 02 75 21 48 8b 91 00 0b 00 00 48 8b 32 48 8d 7e 01 8b 89 fc
[ 578.562138][ C0] RSP: 0018:ffffc90005207a70 EFLAGS: 00000246
[ 578.568204][ C0] RAX: ffffffff815df61e RBX: ffffea0001805f40 RCX: ffff88810fa71000
[ 578.576178][ C0] RDX: 0000000000000002 RSI: 000000000003ffff RDI: ffffea0001805f58
[ 578.584183][ C0] RBP: ffffc90005207c40 R08: 0000000000000000 R09: 0001ea0001805f5f
[ 578.592174][ C0] R10: 0001ffffffffffff R11: ffff88810fa71000 R12: ffffea0001805f40
[ 578.600134][ C0] R13: 0000000000000000 R14: ffff888107b902a8 R15: 0000000000000000
[ 578.608113][ C0] ? truncate_inode_page+0x2e/0x50
[ 578.613222][ C0] truncate_inode_page+0x2e/0x50
[ 578.618149][ C0] shmem_undo_range+0x222/0x1220
[ 578.623111][ C0] ? _raw_spin_unlock+0x22/0x40
[ 578.627968][ C0] shmem_evict_inode+0x115/0x550
[ 578.633190][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 578.639189][ C0] ? bit_waitqueue+0x30/0x30
[ 578.643778][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 578.649310][ C0] evict+0x1aa/0x410
[ 578.653190][ C0] iput+0x3fd/0x520
[ 578.656994][ C0] dentry_unlink_inode+0x210/0x220
[ 578.662108][ C0] __dentry_kill+0x293/0x450
[ 578.666722][ C0] dput+0x218/0x430
[ 578.670530][ C0] __fput+0x3b3/0x4f0
[ 578.674492][ C0] ____fput+0x11/0x20
[ 578.678482][ C0] task_work_run+0x8e/0x110
[ 578.683002][ C0] exit_to_user_mode_prepare+0x17c/0x1b0
[ 578.688743][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 578.694191][ C0] do_syscall_64+0x45/0x80
[ 578.698609][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 578.704493][ C0] RIP: 0033:0x466459
[ 578.709585][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 578.729299][ C0] RSP: 002b:00007f09d10e6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 578.737714][ C0] RAX: 0000000020000000 RBX: 000000000056c008 RCX: 0000000000466459
[ 578.745894][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 578.754890][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 578.762967][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056c008
[ 578.770975][ C0] R13: 00007fff87968f8f R14: 00007f09d10e6300 R15: 0000000000022000
[ 578.778948][ C0] ---[ end trace 6a9a87c08c22e0c8 ]---
[ 578.784744][ C0] ------------[ cut here ]------------
[ 578.790198][ C0] WARNING: CPU: 0 PID: 28410 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 578.801077][ C0] Modules linked in:
[ 578.804971][ C0] CPU: 0 PID: 28410 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 578.815204][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 578.825266][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 578.831261][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 578.851221][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 578.857271][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff88810fa71000
[ 578.865243][ C0] RDX: 0000000080010000 RSI: 000000000000001b RDI: 0000000000000001
[ 578.873343][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 578.881310][ C0] R10: 0001ffffffffffff R11: ffff88810fa71000 R12: ffff88813bc1da58
[ 578.889283][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 578.897242][ C0] FS: 00007f09d10e6700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 578.906337][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 578.912902][ C0] CR2: 0000000020000280 CR3: 000000010ab7b000 CR4: 00000000001506f0
[ 578.920860][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 578.929044][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 578.937128][ C0] Call Trace:
[ 578.940388][ C0]
[ 578.943212][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 578.949002][ C0] __run_hrtimer+0x163/0x460
[ 578.953582][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 578.959392][ C0] hrtimer_interrupt+0x380/0xaf0
[ 578.964327][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 578.970208][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 578.975850][ C0]
[ 578.978854][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 578.984874][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x33/0x60
[ 578.991015][ C0] Code: 00 6d 01 00 65 8b 15 f4 3b bb 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74 35 83 b9 1c 0b 00 00 00 74 2c 8b 91 f8 0a 00 00 <83> fa 02 75 21 48 8b 91 00 0b 00 00 48 8b 32 48 8d 7e 01 8b 89 fc
[ 579.011369][ C0] RSP: 0018:ffffc90005207a70 EFLAGS: 00000246
[ 579.017641][ C0] RAX: ffffffff815df61e RBX: ffffea0001805f40 RCX: ffff88810fa71000
[ 579.025707][ C0] RDX: 0000000000000002 RSI: 000000000003ffff RDI: ffffea0001805f58
[ 579.033671][ C0] RBP: ffffc90005207c40 R08: 0000000000000000 R09: 0001ea0001805f5f
[ 579.041667][ C0] R10: 0001ffffffffffff R11: ffff88810fa71000 R12: ffffea0001805f40
[ 579.049646][ C0] R13: 0000000000000000 R14: ffff888107b902a8 R15: 0000000000000000
[ 579.057737][ C0] ? truncate_inode_page+0x2e/0x50
[ 579.062861][ C0] truncate_inode_page+0x2e/0x50
[ 579.067800][ C0] shmem_undo_range+0x222/0x1220
[ 579.072756][ C0] ? _raw_spin_unlock+0x22/0x40
[ 579.077608][ C0] shmem_evict_inode+0x115/0x550
[ 579.082593][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 579.088325][ C0] ? bit_waitqueue+0x30/0x30
[ 579.092917][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 579.098457][ C0] evict+0x1aa/0x410
[ 579.102343][ C0] iput+0x3fd/0x520
[ 579.106132][ C0] dentry_unlink_inode+0x210/0x220
[ 579.111233][ C0] __dentry_kill+0x293/0x450
[ 579.115922][ C0] dput+0x218/0x430
[ 579.119853][ C0] __fput+0x3b3/0x4f0
[ 579.123921][ C0] ____fput+0x11/0x20
[ 579.127894][ C0] task_work_run+0x8e/0x110
[ 579.132405][ C0] exit_to_user_mode_prepare+0x17c/0x1b0
[ 579.138046][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 579.143541][ C0] do_syscall_64+0x45/0x80
[ 579.147991][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 579.154135][ C0] RIP: 0033:0x466459
[ 579.158049][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 579.178537][ C0] RSP: 002b:00007f09d10e6188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 579.187050][ C0] RAX: 0000000020000000 RBX: 000000000056c008 RCX: 0000000000466459
[ 579.195171][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 579.203154][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 579.211122][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056c008
[ 579.219202][ C0] R13: 00007fff87968f8f R14: 00007f09d10e6300 R15: 0000000000022000
[ 579.227217][ C0] ---[ end trace 6a9a87c08c22e0c9 ]---
[ 579.333063][ C0] ------------[ cut here ]------------
[ 579.338697][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 579.349237][ C0] Modules linked in:
[ 579.353158][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 579.362538][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 579.372695][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 579.378826][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 579.398545][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 579.404607][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000021 RCX: ffffffff87630780
[ 579.412685][ C0] RDX: 0000000000010001 RSI: 0000000000000021 RDI: 0000000000000001
[ 579.420655][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 579.428613][ C0] R10: 0001ffffffffffff R11: 0000000000000321 R12: ffff88813bc1da58
[ 579.436572][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 579.444549][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 579.453589][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 579.460173][ C0] CR2: 0000000020000280 CR3: 000000002b818000 CR4: 00000000001506f0
[ 579.468152][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 579.476127][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 579.484089][ C0] Call Trace:
[ 579.487379][ C0]
[ 579.490210][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 579.496026][ C0] __run_hrtimer+0x163/0x460
[ 579.500624][ C0] hrtimer_interrupt+0x380/0xaf0
[ 579.505561][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 579.511449][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 579.517075][ C0]
[ 579.520017][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 579.526026][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 579.531565][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 579.551186][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 579.557295][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 579.565515][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 579.573497][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 579.581469][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 579.589441][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 579.597515][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 579.602455][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 579.607400][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 579.612503][ C0] cpuidle_enter+0x3c/0x60
[ 579.616908][ C0] do_idle+0x193/0x230
[ 579.620984][ C0] cpu_startup_entry+0x15/0x20
[ 579.625776][ C0] rest_init+0xd7/0xe0
[ 579.629859][ C0] ? time_init+0xc/0xc
[ 579.633947][ C0] arch_call_rest_init+0xa/0xb
[ 579.638725][ C0] start_kernel+0x5a1/0x626
[ 579.643235][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 579.649294][ C0] ---[ end trace 6a9a87c08c22e0ca ]---
[ 579.655124][ C0] ------------[ cut here ]------------
[ 579.660585][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 579.671099][ C0] Modules linked in:
[ 579.674993][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 579.684488][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 579.694575][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 579.700658][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 579.720282][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 579.726358][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
19:30:56 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:30:56 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:56 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x2500, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:56 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x12)
19:30:56 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x500})
19:30:56 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0xd})
[ 579.734336][ C0] RDX: 0000000000010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 579.742319][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 579.750298][ C0] R10: 0001ffffffffffff R11: 0000000000000397 R12: ffff88813bc1da58
[ 579.758365][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 579.766342][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 579.775305][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
19:30:56 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x4788, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 579.781891][ C0] CR2: 0000000020000280 CR3: 000000002b818000 CR4: 00000000001506f0
[ 579.789905][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 579.797889][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 579.805889][ C0] Call Trace:
[ 579.809186][ C0]
[ 579.812057][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 579.817896][ C0] __run_hrtimer+0x163/0x460
[ 579.822508][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 579.828346][ C0] hrtimer_interrupt+0x380/0xaf0
[ 579.833319][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 579.839242][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 579.844942][ C0]
[ 579.847876][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 579.853871][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 579.859476][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 579.879100][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
19:30:56 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 579.885215][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 579.893201][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 579.901209][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 579.909193][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 579.917187][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 579.925179][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 579.930139][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 579.935091][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 579.941088][ C0] cpuidle_enter+0x3c/0x60
[ 579.945521][ C0] do_idle+0x193/0x230
[ 579.949629][ C0] cpu_startup_entry+0x15/0x20
[ 579.954669][ C0] rest_init+0xd7/0xe0
[ 579.958739][ C0] ? time_init+0xc/0xc
[ 579.962966][ C0] arch_call_rest_init+0xa/0xb
[ 579.967746][ C0] start_kernel+0x5a1/0x626
[ 579.972287][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 579.978199][ C0] ---[ end trace 6a9a87c08c22e0cb ]---
[ 579.984044][ C0] ------------[ cut here ]------------
[ 579.989564][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 580.000092][ C0] Modules linked in:
[ 580.004072][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 580.013649][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 580.023705][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 580.029684][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 580.049285][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 580.055359][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000013 RCX: ffffffff87630780
[ 580.063338][ C0] RDX: 0000000000010001 RSI: 0000000000000013 RDI: 0000000000000001
[ 580.071301][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 580.079356][ C0] R10: 0001ffffffffffff R11: 0000000000000237 R12: ffff88813bc1da58
[ 580.087338][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 580.095299][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 580.104224][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 580.110811][ C0] CR2: 0000000020000280 CR3: 000000002b818000 CR4: 00000000001506f0
[ 580.118794][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 580.126763][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 580.134801][ C0] Call Trace:
[ 580.138074][ C0]
[ 580.141017][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 580.146821][ C0] __run_hrtimer+0x163/0x460
[ 580.152088][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 580.157921][ C0] hrtimer_interrupt+0x380/0xaf0
[ 580.162861][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 580.168864][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 580.174492][ C0]
[ 580.177412][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 580.183415][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 580.188958][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 580.211734][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 580.217806][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 580.225799][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 580.233962][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 580.241938][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 580.250192][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 580.258154][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 580.263085][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 580.268069][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 580.273184][ C0] cpuidle_enter+0x3c/0x60
[ 580.277811][ C0] do_idle+0x193/0x230
[ 580.282010][ C0] cpu_startup_entry+0x15/0x20
[ 580.286882][ C0] rest_init+0xd7/0xe0
[ 580.290991][ C0] ? time_init+0xc/0xc
[ 580.295048][ C0] arch_call_rest_init+0xa/0xb
[ 580.299807][ C0] start_kernel+0x5a1/0x626
[ 580.304514][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 580.310630][ C0] ---[ end trace 6a9a87c08c22e0cc ]---
19:30:57 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x4888, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:57 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x5865, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 580.416470][ C0] ------------[ cut here ]------------
[ 580.421967][ C0] WARNING: CPU: 0 PID: 28432 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 580.433531][ C0] Modules linked in:
[ 580.437462][ C0] CPU: 0 PID: 28432 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 580.447616][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 580.457676][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:30:57 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x6000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 580.463711][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 580.483339][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 580.489414][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88810ad00000
[ 580.497393][ C0] RDX: 0000000080010001 RSI: 000000000000001a RDI: 0000000000000001
[ 580.505581][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:30:57 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x6558, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 580.513561][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 580.521545][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 580.529620][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 580.538565][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 580.545287][ C0] CR2: 00000000005400f8 CR3: 000000010e5df000 CR4: 00000000001506f0
[ 580.553403][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 580.561373][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 580.569336][ C0] Call Trace:
[ 580.572649][ C0]
[ 580.575480][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 580.581275][ C0] __run_hrtimer+0x163/0x460
[ 580.585879][ C0] hrtimer_interrupt+0x380/0xaf0
[ 580.590810][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 580.596808][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 580.602455][ C0]
[ 580.605383][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 580.611357][ C0] RIP: 0010:__tsan_read8+0x2f/0x180
[ 580.616545][ C0] Code: ff ff ff 01 00 89 f8 c1 e8 0c 83 e0 3f 48 89 fa 48 21 ca 4c 8d 4a 07 4c 8b 04 c5 30 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 5b <4c> 8b 04 c5 38 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 74 4c 8b 04
[ 580.636138][ C0] RSP: 0018:ffffc900011afb50 EFLAGS: 00000293
[ 580.642187][ C0] RAX: 000000000000002f RBX: 0000000000000000 RCX: 0001ffffffffffff
[ 580.650167][ C0] RDX: 0001c900011afca8 RSI: 0000000000000012 RDI: ffffc900011afca8
[ 580.658138][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0001c900011afcaf
[ 580.666091][ C0] R10: 0001ffffffffffff R11: ffff88810ad00000 R12: ffffc900011afc50
[ 580.674050][ C0] R13: ffff88802d2574b0 R14: ffffea0000b495e8 R15: ffffc900011afca8
[ 580.682021][ C0] finish_fault+0x3e6/0x490
[ 580.686534][ C0] do_read_fault+0x324/0x530
[ 580.691124][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 580.696975][ C0] handle_mm_fault+0x1019/0x1840
[ 580.701931][ C0] __get_user_pages+0xa47/0x1000
[ 580.706855][ C0] __mm_populate+0x24d/0x380
[ 580.711440][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 580.716045][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 580.720709][ C0] ? switch_fpu_return+0xa/0x10
[ 580.725686][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 580.731399][ C0] do_syscall_64+0x39/0x80
[ 580.735803][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 580.741698][ C0] RIP: 0033:0x466459
[ 580.745662][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 580.765475][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 580.773897][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 580.781895][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 580.790061][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 580.798036][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 580.807030][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 580.815003][ C0] ---[ end trace 6a9a87c08c22e0cd ]---
[ 580.820891][ C0] ------------[ cut here ]------------
[ 580.826510][ C0] WARNING: CPU: 0 PID: 28432 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 580.837377][ C0] Modules linked in:
[ 580.841286][ C0] CPU: 0 PID: 28432 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 580.851546][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 580.861795][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 580.867925][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 580.887821][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 580.894003][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff88810ad00000
[ 580.902086][ C0] RDX: 0000000000010001 RSI: 0000000000000018 RDI: 0000000000000001
[ 580.910416][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 580.918495][ C0] R10: 0001ffffffffffff R11: 0000000000000000 R12: ffff88813bc1da58
[ 580.926669][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 580.934743][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 580.943690][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 580.950271][ C0] CR2: 00000000005400f8 CR3: 000000010e5df000 CR4: 00000000001506f0
[ 580.958230][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 580.966187][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 580.974160][ C0] Call Trace:
[ 580.977435][ C0]
[ 580.980284][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 580.986892][ C0] __run_hrtimer+0x163/0x460
[ 580.991474][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 580.997415][ C0] hrtimer_interrupt+0x380/0xaf0
[ 581.002388][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 581.008285][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 581.014266][ C0]
[ 581.017181][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 581.023270][ C0] RIP: 0010:__tsan_read8+0x2f/0x180
[ 581.028482][ C0] Code: ff ff ff 01 00 89 f8 c1 e8 0c 83 e0 3f 48 89 fa 48 21 ca 4c 8d 4a 07 4c 8b 04 c5 30 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 5b <4c> 8b 04 c5 38 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 74 4c 8b 04
[ 581.048087][ C0] RSP: 0018:ffffc900011afb50 EFLAGS: 00000293
[ 581.054141][ C0] RAX: 000000000000002f RBX: 0000000000000000 RCX: 0001ffffffffffff
[ 581.062098][ C0] RDX: 0001c900011afca8 RSI: 0000000000000012 RDI: ffffc900011afca8
[ 581.070436][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0001c900011afcaf
[ 581.078407][ C0] R10: 0001ffffffffffff R11: ffff88810ad00000 R12: ffffc900011afc50
[ 581.086503][ C0] R13: ffff88802d2574b0 R14: ffffea0000b495e8 R15: ffffc900011afca8
[ 581.094472][ C0] finish_fault+0x3e6/0x490
[ 581.098983][ C0] do_read_fault+0x324/0x530
[ 581.103601][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 581.109393][ C0] handle_mm_fault+0x1019/0x1840
[ 581.114342][ C0] __get_user_pages+0xa47/0x1000
[ 581.119285][ C0] __mm_populate+0x24d/0x380
[ 581.123873][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 581.128538][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 581.133210][ C0] ? switch_fpu_return+0xa/0x10
[ 581.138054][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 581.143776][ C0] do_syscall_64+0x39/0x80
[ 581.148224][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 581.154147][ C0] RIP: 0033:0x466459
[ 581.158183][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 581.178260][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 581.186672][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 581.194671][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 581.202651][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 581.210623][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 581.218586][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 581.226551][ C0] ---[ end trace 6a9a87c08c22e0ce ]---
[ 581.232328][ C0] ------------[ cut here ]------------
[ 581.237857][ C0] WARNING: CPU: 0 PID: 28432 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 581.248694][ C0] Modules linked in:
[ 581.252587][ C0] CPU: 0 PID: 28432 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 581.262743][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 581.272795][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 581.278773][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 581.298585][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 581.304639][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810ad00000
[ 581.312601][ C0] RDX: 0000000000010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 581.320564][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 581.328529][ C0] R10: 0001ffffffffffff R11: ffff88810ad00000 R12: ffff88813bc1da58
[ 581.336570][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 581.344913][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 581.353848][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 581.360420][ C0] CR2: 00000000005400f8 CR3: 000000010e5df000 CR4: 00000000001506f0
[ 581.368833][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 581.376808][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 581.384784][ C0] Call Trace:
[ 581.388067][ C0]
[ 581.390895][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 581.396702][ C0] __run_hrtimer+0x163/0x460
[ 581.401292][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 581.407113][ C0] hrtimer_interrupt+0x380/0xaf0
[ 581.412061][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 581.417970][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 581.423611][ C0]
[ 581.426527][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 581.432511][ C0] RIP: 0010:__tsan_read8+0x2f/0x180
[ 581.437848][ C0] Code: ff ff ff 01 00 89 f8 c1 e8 0c 83 e0 3f 48 89 fa 48 21 ca 4c 8d 4a 07 4c 8b 04 c5 30 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 5b <4c> 8b 04 c5 38 6f f3 88 49 83 f8 02 72 05 4d 85 c0 78 74 4c 8b 04
[ 581.457572][ C0] RSP: 0018:ffffc900011afb50 EFLAGS: 00000293
[ 581.463725][ C0] RAX: 000000000000002f RBX: 0000000000000000 RCX: 0001ffffffffffff
[ 581.471896][ C0] RDX: 0001c900011afca8 RSI: 0000000000000012 RDI: ffffc900011afca8
[ 581.479892][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0001c900011afcaf
[ 581.487891][ C0] R10: 0001ffffffffffff R11: ffff88810ad00000 R12: ffffc900011afc50
[ 581.495889][ C0] R13: ffff88802d2574b0 R14: ffffea0000b495e8 R15: ffffc900011afca8
[ 581.503980][ C0] finish_fault+0x3e6/0x490
[ 581.508497][ C0] do_read_fault+0x324/0x530
[ 581.513102][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 581.518898][ C0] handle_mm_fault+0x1019/0x1840
[ 581.523867][ C0] __get_user_pages+0xa47/0x1000
[ 581.528892][ C0] __mm_populate+0x24d/0x380
[ 581.533486][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 581.538107][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 581.542873][ C0] ? switch_fpu_return+0xa/0x10
[ 581.547710][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 581.553456][ C0] do_syscall_64+0x39/0x80
[ 581.557929][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 581.563837][ C0] RIP: 0033:0x466459
[ 581.567726][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 581.587405][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 581.595981][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 581.603953][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 581.611914][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 581.619889][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 581.627855][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 581.635834][ C0] ---[ end trace 6a9a87c08c22e0cf ]---
[ 581.741652][ C0] ------------[ cut here ]------------
[ 581.747141][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 581.757680][ C0] Modules linked in:
[ 581.761571][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 581.770937][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 581.781005][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 581.787004][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 581.806648][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 581.812802][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffffffff87630780
[ 581.820772][ C0] RDX: 0000000080010001 RSI: 000000000000001f RDI: 0000000000000001
[ 581.828754][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 581.836721][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 581.844684][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 581.852651][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 581.861579][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 581.868159][ C0] CR2: 00007fb45503d010 CR3: 000000010e5df000 CR4: 00000000001506f0
[ 581.876162][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 581.884127][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 581.892090][ C0] Call Trace:
[ 581.895357][ C0]
[ 581.898192][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 581.904001][ C0] __run_hrtimer+0x163/0x460
[ 581.908595][ C0] hrtimer_interrupt+0x380/0xaf0
[ 581.913889][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 581.919798][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 581.925436][ C0]
[ 581.928359][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 581.934365][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 581.939937][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 581.959542][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 581.965610][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 581.973667][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 581.981652][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 581.989619][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 581.997608][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 582.005862][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 582.010825][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 582.015792][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 582.020928][ C0] cpuidle_enter+0x3c/0x60
[ 582.025370][ C0] do_idle+0x193/0x230
[ 582.029448][ C0] cpu_startup_entry+0x15/0x20
[ 582.034233][ C0] rest_init+0xd7/0xe0
[ 582.038309][ C0] ? time_init+0xc/0xc
[ 582.042380][ C0] arch_call_rest_init+0xa/0xb
[ 582.047147][ C0] start_kernel+0x5a1/0x626
[ 582.051671][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 582.057570][ C0] ---[ end trace 6a9a87c08c22e0d0 ]---
[ 582.063394][ C0] ------------[ cut here ]------------
[ 582.068848][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 582.079467][ C0] Modules linked in:
[ 582.083388][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 582.092761][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 582.102826][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 582.108820][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 582.128447][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 582.134543][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000013 RCX: ffffffff87630780
[ 582.142538][ C0] RDX: 0000000080010001 RSI: 0000000000000013 RDI: 0000000000000001
[ 582.150537][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 582.158523][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 582.166507][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 582.174486][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 582.183966][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 582.190573][ C0] CR2: 00007fb45503d010 CR3: 000000010e5df000 CR4: 00000000001506f0
[ 582.198733][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 582.206709][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 582.214689][ C0] Call Trace:
[ 582.218070][ C0]
[ 582.220944][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 582.226854][ C0] __run_hrtimer+0x163/0x460
[ 582.231447][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 582.237254][ C0] hrtimer_interrupt+0x380/0xaf0
[ 582.242192][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 582.248087][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 582.253720][ C0]
[ 582.256681][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 582.262687][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 582.268252][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 582.287895][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 582.293965][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 582.301959][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 582.310190][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 582.318260][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 582.326236][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 582.334215][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 582.339178][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 582.344140][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 582.349266][ C0] cpuidle_enter+0x3c/0x60
[ 582.353701][ C0] do_idle+0x193/0x230
[ 582.357795][ C0] cpu_startup_entry+0x15/0x20
[ 582.362561][ C0] rest_init+0xd7/0xe0
[ 582.366643][ C0] ? time_init+0xc/0xc
[ 582.370713][ C0] arch_call_rest_init+0xa/0xb
[ 582.375593][ C0] start_kernel+0x5a1/0x626
[ 582.380107][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 582.386051][ C0] ---[ end trace 6a9a87c08c22e0d1 ]---
[ 582.391890][ C0] ------------[ cut here ]------------
[ 582.397370][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 582.407895][ C0] Modules linked in:
[ 582.411804][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 582.421170][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 582.431488][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 582.437485][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 582.457120][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 582.463193][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 582.471190][ C0] RDX: 0000000080010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 582.479178][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 582.487153][ C0] R10: 0001ffffffffffff R11: 0000000000000377 R12: ffff88813bc1da58
[ 582.495131][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 582.503105][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 582.512134][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 582.518725][ C0] CR2: 00007fb45503d010 CR3: 000000010e5df000 CR4: 00000000001506f0
[ 582.526703][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 582.534699][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 582.542674][ C0] Call Trace:
[ 582.545949][ C0]
[ 582.548797][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 582.554611][ C0] __run_hrtimer+0x163/0x460
[ 582.559211][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 582.565036][ C0] hrtimer_interrupt+0x380/0xaf0
[ 582.570013][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 582.575924][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 582.581572][ C0]
[ 582.584521][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 582.590512][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 582.596071][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 582.616209][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 582.622311][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 582.630289][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 582.638354][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 582.646352][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 582.654332][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 582.662312][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 582.667275][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 582.672231][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 582.677381][ C0] cpuidle_enter+0x3c/0x60
[ 582.681801][ C0] do_idle+0x193/0x230
[ 582.685883][ C0] cpu_startup_entry+0x15/0x20
[ 582.690693][ C0] rest_init+0xd7/0xe0
[ 582.694781][ C0] ? time_init+0xc/0xc
[ 582.698848][ C0] arch_call_rest_init+0xa/0xb
[ 582.703644][ C0] start_kernel+0x5a1/0x626
[ 582.708165][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 582.714095][ C0] ---[ end trace 6a9a87c08c22e0d2 ]---
[ 582.820016][ C0] ------------[ cut here ]------------
[ 582.825513][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 582.836124][ C0] Modules linked in:
[ 582.840015][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 582.849376][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 582.859508][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 582.865498][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 582.885099][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 582.891157][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffffffff87630780
[ 582.899141][ C0] RDX: 0000000000010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 582.907164][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 582.915183][ C0] R10: 0001ffffffffffff R11: 00000000000000a5 R12: ffff88813bc1da58
[ 582.923142][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 582.931102][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 582.940021][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 582.946595][ C0] CR2: 00007fb455048000 CR3: 0000000107ad0000 CR4: 00000000001506f0
[ 582.954566][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 582.962542][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 582.970522][ C0] Call Trace:
[ 582.973808][ C0]
[ 582.976640][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 582.982435][ C0] __run_hrtimer+0x163/0x460
[ 582.987028][ C0] hrtimer_interrupt+0x380/0xaf0
[ 582.991998][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 582.997899][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 583.003539][ C0]
[ 583.006580][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 583.012560][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 583.018108][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 583.037837][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 583.043891][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 583.051850][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 583.059812][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 583.067770][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 583.075752][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 583.083837][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 583.088799][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 583.093747][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 583.098895][ C0] cpuidle_enter+0x3c/0x60
[ 583.103328][ C0] do_idle+0x193/0x230
[ 583.107395][ C0] cpu_startup_entry+0x15/0x20
[ 583.112258][ C0] rest_init+0xd7/0xe0
[ 583.116343][ C0] ? time_init+0xc/0xc
[ 583.120574][ C0] arch_call_rest_init+0xa/0xb
[ 583.125333][ C0] start_kernel+0x5a1/0x626
[ 583.129872][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 583.135850][ C0] ---[ end trace 6a9a87c08c22e0d3 ]---
[ 583.141613][ C0] ------------[ cut here ]------------
[ 583.147115][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 583.157724][ C0] Modules linked in:
[ 583.161645][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
19:30:59 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:30:59 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x8100, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:30:59 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x600})
19:30:59 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x18)
19:30:59 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:30:59 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0xe})
[ 583.171018][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 583.181077][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 583.187083][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 583.206798][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 583.212883][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 583.220864][ C0] RDX: 0000000000010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 583.228869][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 583.236852][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 583.244862][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 583.253017][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 583.261965][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 583.268586][ C0] CR2: 00007fb455048000 CR3: 0000000107ad0000 CR4: 00000000001506f0
[ 583.276572][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 583.284552][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 583.292646][ C0] Call Trace:
[ 583.295933][ C0]
[ 583.298879][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 583.305131][ C0] __run_hrtimer+0x163/0x460
[ 583.309733][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 583.315573][ C0] hrtimer_interrupt+0x380/0xaf0
19:31:00 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 583.320525][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 583.326886][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 583.332532][ C0]
[ 583.335459][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 583.341447][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 583.347005][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
19:31:00 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x8847, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 583.367007][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 583.373077][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 583.381054][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 583.389041][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 583.397354][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 583.405317][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 583.413401][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 583.418345][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 583.423358][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 583.428482][ C0] cpuidle_enter+0x3c/0x60
[ 583.432889][ C0] do_idle+0x193/0x230
[ 583.436959][ C0] cpu_startup_entry+0x15/0x20
[ 583.441745][ C0] rest_init+0xd7/0xe0
[ 583.445802][ C0] ? time_init+0xc/0xc
[ 583.449852][ C0] arch_call_rest_init+0xa/0xb
[ 583.454627][ C0] start_kernel+0x5a1/0x626
[ 583.459182][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 583.465071][ C0] ---[ end trace 6a9a87c08c22e0d4 ]---
[ 583.470962][ C0] ------------[ cut here ]------------
[ 583.476441][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 583.486977][ C0] Modules linked in:
[ 583.490884][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 583.500274][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 583.510445][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 583.516425][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 583.536510][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 583.542563][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 583.550526][ C0] RDX: 0000000000010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 583.559139][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 583.567123][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 583.575102][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 583.583070][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 583.591991][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 583.598561][ C0] CR2: 00007fb455048000 CR3: 0000000107ad0000 CR4: 00000000001506f0
[ 583.606521][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 583.614511][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 583.622551][ C0] Call Trace:
[ 583.625836][ C0]
[ 583.628817][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 583.634650][ C0] __run_hrtimer+0x163/0x460
[ 583.639309][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 583.645135][ C0] hrtimer_interrupt+0x380/0xaf0
[ 583.650100][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 583.656119][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 583.661771][ C0]
[ 583.664696][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 583.670861][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 583.676433][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 583.696184][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 583.702270][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 583.710229][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 583.718257][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 583.726230][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 583.734309][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 583.742525][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 583.747478][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 583.752545][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 583.757786][ C0] cpuidle_enter+0x3c/0x60
[ 583.762194][ C0] do_idle+0x193/0x230
[ 583.766274][ C0] cpu_startup_entry+0x15/0x20
[ 583.771027][ C0] rest_init+0xd7/0xe0
[ 583.775103][ C0] ? time_init+0xc/0xc
[ 583.779297][ C0] arch_call_rest_init+0xa/0xb
[ 583.784080][ C0] start_kernel+0x5a1/0x626
[ 583.788608][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 583.794522][ C0] ---[ end trace 6a9a87c08c22e0d5 ]---
19:31:00 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x8848, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 583.900319][ C0] ------------[ cut here ]------------
[ 583.905846][ C0] WARNING: CPU: 0 PID: 28458 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 583.916802][ C0] Modules linked in:
[ 583.920698][ C0] CPU: 0 PID: 28458 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 583.930865][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 583.940934][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:31:00 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 583.946941][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 583.966566][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 583.972644][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810fa71000
[ 583.980628][ C0] RDX: 0000000080010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 583.988652][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:31:00 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 583.996634][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 584.004651][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 584.012640][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 584.021583][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 584.028193][ C0] CR2: 0000001b30d23000 CR3: 0000000109161000 CR4: 00000000001506f0
[ 584.036181][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
19:31:00 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 584.044167][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 584.052150][ C0] Call Trace:
[ 584.055433][ C0]
[ 584.058274][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 584.064096][ C0] __run_hrtimer+0x163/0x460
[ 584.068702][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 584.074877][ C0] hrtimer_interrupt+0x380/0xaf0
[ 584.079897][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 584.085822][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 584.091472][ C0]
[ 584.094419][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 584.100509][ C0] RIP: 0010:clear_page_erms+0x7/0x10
[ 584.106098][ C0] Code: 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 47 38 48 8d 7f 40 75 d9 90 c3 0f 1f 80 00 00 00 00 b9 00 10 00 00 31 c0 aa c3 cc cc cc cc cc cc 55 41 57 41 56 41 55 41 54 53 48 83 ec
[ 584.125725][ C0] RSP: 0018:ffffc90001193a20 EFLAGS: 00010246
[ 584.131825][ C0] RAX: 0000000000000000 RBX: ffff88813fffb680 RCX: 0000000000000a40
[ 584.139835][ C0] RDX: ffffea0000999100 RSI: 0000000000000001 RDI: ffff8880266445c0
[ 584.147932][ C0] RBP: ffff88810fa71000 R08: 0000000000000001 R09: 0005088000000000
[ 584.155919][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffffea0000999100
[ 584.164135][ C0] R13: ffff88813fffd090 R14: 0000000000000002 R15: 0000000000000901
[ 584.172133][ C0] get_page_from_freelist+0x366/0x630
[ 584.177526][ C0] __alloc_pages_nodemask+0x1a8/0x350
[ 584.182955][ C0] alloc_pages_current+0x21d/0x310
[ 584.188314][ C0] __vmalloc_node_range+0x2cf/0x540
[ 584.193520][ C0] __bpf_map_area_alloc+0xfd/0x120
[ 584.198647][ C0] ? bpf_map_area_alloc+0x18/0x20
[ 584.203695][ C0] bpf_map_area_alloc+0x18/0x20
[ 584.208560][ C0] htab_map_alloc+0x663/0xc80
[ 584.213257][ C0] ? htab_map_alloc_check+0x282/0x2c0
[ 584.218653][ C0] __do_sys_bpf+0x420c/0x9990
[ 584.223343][ C0] ? __get_user_pages+0xe99/0x1000
[ 584.228458][ C0] ? __mm_populate+0x32c/0x380
[ 584.233516][ C0] ? __se_sys_futex+0x2a8/0x390
[ 584.238769][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 584.244450][ C0] __x64_sys_bpf+0x3d/0x50
[ 584.248893][ C0] do_syscall_64+0x39/0x80
[ 584.253321][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 584.259253][ C0] RIP: 0033:0x466459
[ 584.263133][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 584.282740][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 584.291153][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 584.299111][ C0] RDX: 0000000000000040 RSI: 0000000020000180 RDI: 0000000000000000
[ 584.307119][ C0] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[ 584.315106][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
[ 584.323152][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 584.331496][ C0] ---[ end trace 6a9a87c08c22e0d6 ]---
[ 584.337273][ C0] ------------[ cut here ]------------
[ 584.342736][ C0] WARNING: CPU: 0 PID: 28458 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 584.353617][ C0] Modules linked in:
[ 584.357496][ C0] CPU: 0 PID: 28458 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 584.367628][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 584.377678][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 584.383693][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 584.403421][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 584.409485][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff88810fa71000
[ 584.417464][ C0] RDX: 0000000080010001 RSI: 000000000000001b RDI: 0000000000000001
[ 584.425438][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 584.433395][ C0] R10: 0001ffffffffffff R11: ffff88810fa71000 R12: ffff88813bc1da58
[ 584.441357][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 584.449330][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 584.458271][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 584.464933][ C0] CR2: 0000001b30d23000 CR3: 0000000109161000 CR4: 00000000001506f0
[ 584.472907][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 584.480874][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 584.488881][ C0] Call Trace:
[ 584.492168][ C0]
[ 584.495016][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 584.500816][ C0] __run_hrtimer+0x163/0x460
[ 584.505450][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 584.511353][ C0] hrtimer_interrupt+0x380/0xaf0
[ 584.516299][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 584.522197][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 584.527950][ C0]
[ 584.530922][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 584.537146][ C0] RIP: 0010:clear_page_erms+0x7/0x10
[ 584.542631][ C0] Code: 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 47 38 48 8d 7f 40 75 d9 90 c3 0f 1f 80 00 00 00 00 b9 00 10 00 00 31 c0 aa c3 cc cc cc cc cc cc 55 41 57 41 56 41 55 41 54 53 48 83 ec
[ 584.562782][ C0] RSP: 0018:ffffc90001193a20 EFLAGS: 00010246
[ 584.568941][ C0] RAX: 0000000000000000 RBX: ffff88813fffb680 RCX: 0000000000000a40
[ 584.576924][ C0] RDX: ffffea0000999100 RSI: 0000000000000001 RDI: ffff8880266445c0
[ 584.584898][ C0] RBP: ffff88810fa71000 R08: 0000000000000001 R09: 0005088000000000
[ 584.592963][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffffea0000999100
[ 584.600925][ C0] R13: ffff88813fffd090 R14: 0000000000000002 R15: 0000000000000901
[ 584.608893][ C0] get_page_from_freelist+0x366/0x630
[ 584.614327][ C0] __alloc_pages_nodemask+0x1a8/0x350
[ 584.619706][ C0] alloc_pages_current+0x21d/0x310
[ 584.624816][ C0] __vmalloc_node_range+0x2cf/0x540
[ 584.630012][ C0] __bpf_map_area_alloc+0xfd/0x120
[ 584.635147][ C0] ? bpf_map_area_alloc+0x18/0x20
[ 584.640187][ C0] bpf_map_area_alloc+0x18/0x20
[ 584.645039][ C0] htab_map_alloc+0x663/0xc80
[ 584.649727][ C0] ? htab_map_alloc_check+0x282/0x2c0
[ 584.655106][ C0] __do_sys_bpf+0x420c/0x9990
[ 584.659775][ C0] ? __get_user_pages+0xe99/0x1000
[ 584.664878][ C0] ? __mm_populate+0x32c/0x380
[ 584.669655][ C0] ? __se_sys_futex+0x2a8/0x390
[ 584.674496][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 584.680054][ C0] __x64_sys_bpf+0x3d/0x50
[ 584.684476][ C0] do_syscall_64+0x39/0x80
[ 584.688916][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 584.694829][ C0] RIP: 0033:0x466459
[ 584.698712][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 584.718413][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 584.726818][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 584.736863][ C0] RDX: 0000000000000040 RSI: 0000000020000180 RDI: 0000000000000000
[ 584.745082][ C0] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[ 584.753324][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
[ 584.761289][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 584.769409][ C0] ---[ end trace 6a9a87c08c22e0d7 ]---
[ 584.775286][ C0] ------------[ cut here ]------------
[ 584.780752][ C0] WARNING: CPU: 0 PID: 28458 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 584.791621][ C0] Modules linked in:
[ 584.795523][ C0] CPU: 0 PID: 28458 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 584.805705][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 584.815766][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 584.821910][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 584.841912][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 584.848101][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff88810fa71000
[ 584.856082][ C0] RDX: 0000000080010001 RSI: 000000000000001a RDI: 0000000000000001
[ 584.864056][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 584.872034][ C0] R10: 0001ffffffffffff R11: ffff88810fa71000 R12: ffff88813bc1da58
[ 584.880021][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 584.888029][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 584.897077][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 584.903908][ C0] CR2: 0000001b30d23000 CR3: 0000000109161000 CR4: 00000000001506f0
[ 584.911902][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 584.919972][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 584.928130][ C0] Call Trace:
[ 584.931420][ C0]
[ 584.934267][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 584.940169][ C0] __run_hrtimer+0x163/0x460
[ 584.944775][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 584.950583][ C0] hrtimer_interrupt+0x380/0xaf0
[ 584.955542][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 584.961451][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 584.967199][ C0]
[ 584.970132][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 584.976228][ C0] RIP: 0010:clear_page_erms+0x7/0x10
[ 584.981634][ C0] Code: 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 47 38 48 8d 7f 40 75 d9 90 c3 0f 1f 80 00 00 00 00 b9 00 10 00 00 31 c0 aa c3 cc cc cc cc cc cc 55 41 57 41 56 41 55 41 54 53 48 83 ec
[ 585.001248][ C0] RSP: 0018:ffffc90001193a20 EFLAGS: 00010246
[ 585.008105][ C0] RAX: 0000000000000000 RBX: ffff88813fffb680 RCX: 0000000000000a40
[ 585.016202][ C0] RDX: ffffea0000999100 RSI: 0000000000000001 RDI: ffff8880266445c0
[ 585.024188][ C0] RBP: ffff88810fa71000 R08: 0000000000000001 R09: 0005088000000000
[ 585.032607][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffffea0000999100
[ 585.040599][ C0] R13: ffff88813fffd090 R14: 0000000000000002 R15: 0000000000000901
[ 585.048757][ C0] get_page_from_freelist+0x366/0x630
[ 585.054155][ C0] __alloc_pages_nodemask+0x1a8/0x350
[ 585.059538][ C0] alloc_pages_current+0x21d/0x310
[ 585.064661][ C0] __vmalloc_node_range+0x2cf/0x540
[ 585.069872][ C0] __bpf_map_area_alloc+0xfd/0x120
[ 585.074991][ C0] ? bpf_map_area_alloc+0x18/0x20
[ 585.080023][ C0] bpf_map_area_alloc+0x18/0x20
[ 585.084879][ C0] htab_map_alloc+0x663/0xc80
[ 585.089563][ C0] ? htab_map_alloc_check+0x282/0x2c0
[ 585.094933][ C0] __do_sys_bpf+0x420c/0x9990
[ 585.099610][ C0] ? __get_user_pages+0xe99/0x1000
[ 585.104731][ C0] ? __mm_populate+0x32c/0x380
[ 585.109495][ C0] ? __se_sys_futex+0x2a8/0x390
[ 585.114361][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 585.119929][ C0] __x64_sys_bpf+0x3d/0x50
[ 585.124348][ C0] do_syscall_64+0x39/0x80
[ 585.128758][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 585.134665][ C0] RIP: 0033:0x466459
[ 585.138581][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 585.158196][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 585.166683][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 585.174695][ C0] RDX: 0000000000000040 RSI: 0000000020000180 RDI: 0000000000000000
[ 585.183970][ C0] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[ 585.194381][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
[ 585.202380][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 585.210478][ C0] ---[ end trace 6a9a87c08c22e0d8 ]---
[ 585.316426][ C0] ------------[ cut here ]------------
[ 585.321949][ C0] WARNING: CPU: 0 PID: 28458 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 585.332919][ C0] Modules linked in:
[ 585.336952][ C0] CPU: 0 PID: 28458 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 585.347127][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 585.357989][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 585.364260][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 585.383911][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 585.389980][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000020 RCX: ffff88810fa71000
[ 585.397965][ C0] RDX: 0000000080010000 RSI: 0000000000000020 RDI: 0000000000000001
[ 585.405919][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 585.413885][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 585.421973][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 585.429933][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 585.438853][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 585.445446][ C0] CR2: 0000000020000280 CR3: 0000000007629000 CR4: 00000000001506f0
[ 585.453408][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 585.461367][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 585.469342][ C0] Call Trace:
[ 585.472606][ C0]
[ 585.475446][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 585.481258][ C0] __run_hrtimer+0x163/0x460
[ 585.485850][ C0] hrtimer_interrupt+0x380/0xaf0
[ 585.490793][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 585.496693][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 585.502355][ C0]
[ 585.505288][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 585.511483][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 585.517626][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 585.537393][ C0] RSP: 0018:ffffc90001193678 EFLAGS: 00000246
[ 585.543453][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011c90001193778
[ 585.551427][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 585.559647][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 585.567608][ C0] R10: ffffffff88f36fd0 R11: 0000000000000200 R12: 0000000000000014
[ 585.575581][ C0] R13: ffffc900011936e8 R14: ffffc90001193778 R15: 0000000000000008
[ 585.583559][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 585.589117][ C0] xas_find+0x81/0x3d0
[ 585.593180][ C0] find_lock_entries+0x90/0x7a0
[ 585.598063][ C0] shmem_undo_range+0x105/0x1220
[ 585.603090][ C0] ? __list_add_valid+0x28/0x90
[ 585.608056][ C0] shmem_evict_inode+0x115/0x550
[ 585.612991][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 585.618725][ C0] ? bit_waitqueue+0x30/0x30
[ 585.623297][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 585.628859][ C0] evict+0x1aa/0x410
[ 585.632760][ C0] iput+0x3fd/0x520
[ 585.636567][ C0] dentry_unlink_inode+0x210/0x220
[ 585.641689][ C0] __dentry_kill+0x293/0x450
[ 585.646292][ C0] dput+0x218/0x430
[ 585.650115][ C0] __fput+0x3b3/0x4f0
[ 585.654082][ C0] ____fput+0x11/0x20
[ 585.658057][ C0] task_work_run+0x8e/0x110
[ 585.662572][ C0] do_exit+0x474/0x1670
[ 585.666719][ C0] do_group_exit+0xce/0x180
[ 585.671318][ C0] get_signal+0xdce/0x14e0
[ 585.675730][ C0] ? do_preadv+0x1f0/0x230
[ 585.680144][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 585.685683][ C0] ? __se_sys_futex+0x2a8/0x390
[ 585.690642][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 585.696353][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 585.702010][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 585.707543][ C0] do_syscall_64+0x45/0x80
[ 585.711951][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 585.717845][ C0] RIP: 0033:0x466459
[ 585.721739][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 585.728594][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 585.736993][ C0] RAX: 0000000000000003 RBX: 000000000056bf60 RCX: 0000000000466459
[ 585.745060][ C0] RDX: 0000000000000040 RSI: 0000000020000180 RDI: 0000000000000000
[ 585.753167][ C0] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[ 585.761120][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
[ 585.769070][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 585.777034][ C0] ---[ end trace 6a9a87c08c22e0d9 ]---
[ 585.782841][ C0] ------------[ cut here ]------------
[ 585.788299][ C0] WARNING: CPU: 0 PID: 28458 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 585.799180][ C0] Modules linked in:
[ 585.803111][ C0] CPU: 0 PID: 28458 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 585.813270][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 585.823329][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 585.829340][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 585.849042][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 585.855129][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff88810fa71000
[ 585.863108][ C0] RDX: 0000000080010000 RSI: 000000000000001c RDI: 0000000000000001
[ 585.871083][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 585.879096][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 585.887068][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 585.895046][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 585.903984][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 585.910770][ C0] CR2: 0000000020000280 CR3: 0000000007629000 CR4: 00000000001506f0
[ 585.918744][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 585.926725][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 585.934697][ C0] Call Trace:
[ 585.938070][ C0]
[ 585.940915][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 585.946854][ C0] __run_hrtimer+0x163/0x460
[ 585.951537][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 585.957344][ C0] hrtimer_interrupt+0x380/0xaf0
[ 585.962277][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 585.968208][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 585.973967][ C0]
[ 585.976935][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 585.982912][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 585.989059][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 586.008867][ C0] RSP: 0018:ffffc90001193678 EFLAGS: 00000246
[ 586.014934][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011c90001193778
[ 586.022894][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 586.030861][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 586.038821][ C0] R10: ffffffff88f36fd0 R11: 0000000000000200 R12: 0000000000000014
[ 586.046796][ C0] R13: ffffc900011936e8 R14: ffffc90001193778 R15: 0000000000000008
[ 586.055292][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 586.060862][ C0] xas_find+0x81/0x3d0
[ 586.064939][ C0] find_lock_entries+0x90/0x7a0
[ 586.069771][ C0] shmem_undo_range+0x105/0x1220
[ 586.074713][ C0] ? __list_add_valid+0x28/0x90
[ 586.079581][ C0] shmem_evict_inode+0x115/0x550
[ 586.084518][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 586.090232][ C0] ? bit_waitqueue+0x30/0x30
[ 586.095164][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 586.100699][ C0] evict+0x1aa/0x410
[ 586.104658][ C0] iput+0x3fd/0x520
[ 586.108470][ C0] dentry_unlink_inode+0x210/0x220
[ 586.113582][ C0] __dentry_kill+0x293/0x450
[ 586.118187][ C0] dput+0x218/0x430
[ 586.121981][ C0] __fput+0x3b3/0x4f0
[ 586.125957][ C0] ____fput+0x11/0x20
[ 586.129923][ C0] task_work_run+0x8e/0x110
[ 586.134418][ C0] do_exit+0x474/0x1670
[ 586.138570][ C0] do_group_exit+0xce/0x180
[ 586.143067][ C0] get_signal+0xdce/0x14e0
[ 586.147516][ C0] ? do_preadv+0x1f0/0x230
[ 586.151922][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 586.157504][ C0] ? __se_sys_futex+0x2a8/0x390
[ 586.163707][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 586.169255][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 586.174892][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 586.180400][ C0] do_syscall_64+0x45/0x80
[ 586.184810][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 586.190731][ C0] RIP: 0033:0x466459
[ 586.194611][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 586.201452][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 586.209852][ C0] RAX: 0000000000000003 RBX: 000000000056bf60 RCX: 0000000000466459
[ 586.217824][ C0] RDX: 0000000000000040 RSI: 0000000020000180 RDI: 0000000000000000
[ 586.225914][ C0] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[ 586.234520][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
[ 586.242482][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 586.250577][ C0] ---[ end trace 6a9a87c08c22e0da ]---
[ 586.256293][ C0] ------------[ cut here ]------------
[ 586.261732][ C0] WARNING: CPU: 0 PID: 28458 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 586.272568][ C0] Modules linked in:
[ 586.276443][ C0] CPU: 0 PID: 28458 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 586.286575][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 586.296723][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 586.302725][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 586.322443][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 586.328522][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001d RCX: ffff88810fa71000
[ 586.336682][ C0] RDX: 0000000080010000 RSI: 000000000000001d RDI: 0000000000000001
[ 586.344667][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 586.352641][ C0] R10: 0001ffffffffffff R11: ffff88810fa71000 R12: ffff88813bc1da58
[ 586.360608][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 586.368571][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 586.377508][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 586.384137][ C0] CR2: 0000000020000280 CR3: 0000000007629000 CR4: 00000000001506f0
[ 586.392305][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 586.400302][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 586.408267][ C0] Call Trace:
[ 586.411547][ C0]
[ 586.414379][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 586.420193][ C0] __run_hrtimer+0x163/0x460
[ 586.425049][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 586.430983][ C0] hrtimer_interrupt+0x380/0xaf0
[ 586.435918][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 586.441926][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 586.447710][ C0]
[ 586.450628][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 586.456606][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 586.462750][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 586.482616][ C0] RSP: 0018:ffffc90001193678 EFLAGS: 00000246
[ 586.488671][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011c90001193778
[ 586.496648][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 586.504780][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 586.512759][ C0] R10: ffffffff88f36fd0 R11: 0000000000000200 R12: 0000000000000014
[ 586.520830][ C0] R13: ffffc900011936e8 R14: ffffc90001193778 R15: 0000000000000008
[ 586.528838][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 586.534394][ C0] xas_find+0x81/0x3d0
[ 586.538576][ C0] find_lock_entries+0x90/0x7a0
[ 586.543414][ C0] shmem_undo_range+0x105/0x1220
[ 586.548493][ C0] ? __list_add_valid+0x28/0x90
[ 586.553358][ C0] shmem_evict_inode+0x115/0x550
[ 586.558456][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 586.564663][ C0] ? bit_waitqueue+0x30/0x30
[ 586.569274][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 586.574923][ C0] evict+0x1aa/0x410
[ 586.579023][ C0] iput+0x3fd/0x520
[ 586.583068][ C0] dentry_unlink_inode+0x210/0x220
[ 586.588324][ C0] __dentry_kill+0x293/0x450
[ 586.592938][ C0] dput+0x218/0x430
[ 586.596779][ C0] __fput+0x3b3/0x4f0
[ 586.600863][ C0] ____fput+0x11/0x20
[ 586.604958][ C0] task_work_run+0x8e/0x110
[ 586.609451][ C0] do_exit+0x474/0x1670
[ 586.613597][ C0] do_group_exit+0xce/0x180
[ 586.618091][ C0] get_signal+0xdce/0x14e0
[ 586.622513][ C0] ? do_preadv+0x1f0/0x230
[ 586.627018][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 586.632773][ C0] ? __se_sys_futex+0x2a8/0x390
[ 586.637645][ C0] ? __fpregs_load_activate+0x103/0x1f0
[ 586.643372][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 586.649090][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 586.654558][ C0] do_syscall_64+0x45/0x80
[ 586.658972][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 586.665005][ C0] RIP: 0033:0x466459
[ 586.668902][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 586.675763][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 586.684174][ C0] RAX: 0000000000000003 RBX: 000000000056bf60 RCX: 0000000000466459
[ 586.692148][ C0] RDX: 0000000000000040 RSI: 0000000020000180 RDI: 0000000000000000
[ 586.700127][ C0] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[ 586.708233][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
19:31:03 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:31:03 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:31:03 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x8f07, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:31:03 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x700})
19:31:03 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x25)
19:31:03 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x10})
[ 586.716208][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 586.724267][ C0] ---[ end trace 6a9a87c08c22e0db ]---
19:31:03 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:31:03 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xfeff, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 586.830585][ C0] ------------[ cut here ]------------
[ 586.836080][ C0] WARNING: CPU: 0 PID: 28486 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 586.846972][ C0] Modules linked in:
[ 586.850868][ C0] CPU: 0 PID: 28486 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 586.861031][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 586.871093][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:31:03 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xff0f, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 586.877087][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 586.896879][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 586.902982][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000022 RCX: ffff888109155000
[ 586.910961][ C0] RDX: 0000000080010001 RSI: 0000000000000022 RDI: 0000000000000001
[ 586.919027][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:31:03 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xfffe, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 586.927022][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 586.935116][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 586.943117][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 586.952064][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 586.958658][ C0] CR2: 00000000005400f8 CR3: 0000000109161000 CR4: 00000000001506f0
[ 586.966641][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
19:31:03 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x34000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 586.974798][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 586.982787][ C0] Call Trace:
[ 586.986092][ C0]
[ 586.988944][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 586.994806][ C0] __run_hrtimer+0x163/0x460
[ 586.999417][ C0] hrtimer_interrupt+0x380/0xaf0
[ 587.004465][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 587.010500][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 587.016445][ C0]
[ 587.019394][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
19:31:03 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 587.025409][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x38/0x60
[ 587.031676][ C0] Code: 8b 15 f4 3b bb 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74 35 83 b9 1c 0b 00 00 00 74 2c 8b 91 f8 0a 00 00 83 fa 02 75 21 <48> 8b 91 00 0b 00 00 48 8b 32 48 8d 7e 01 8b 89 fc 0a 00 00 48 39
[ 587.051735][ C0] RSP: 0018:ffffc90004ff3ab8 EFLAGS: 00000246
[ 587.057837][ C0] RAX: ffffffff8166d280 RBX: 0000000000000000 RCX: ffff888109155000
[ 587.065819][ C0] RDX: 0000000000000002 RSI: 0000000000000001 RDI: 0000000000000000
[ 587.073841][ C0] RBP: 0000000000000000 R08: ffffffff8166d270 R09: 0001ea000437c8bf
[ 587.082795][ C0] R10: 0001ffffffffffff R11: ffff888109155000 R12: 000000010df22027
[ 587.090815][ C0] R13: ffff888035b3bb40 R14: ffffea000437c880 R15: ffffea000437c880
[ 587.098806][ C0] ? page_add_file_rmap+0x220/0x2e0
[ 587.104036][ C0] ? page_add_file_rmap+0x230/0x2e0
[ 587.109245][ C0] page_add_file_rmap+0x230/0x2e0
[ 587.114579][ C0] do_set_pte+0x26b/0x480
[ 587.119026][ C0] finish_fault+0x3de/0x490
[ 587.123559][ C0] do_read_fault+0x324/0x530
[ 587.128193][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 587.134014][ C0] handle_mm_fault+0x1019/0x1840
[ 587.139180][ C0] __get_user_pages+0xa47/0x1000
[ 587.144163][ C0] __mm_populate+0x24d/0x380
[ 587.148775][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 587.153397][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 587.158300][ C0] ? switch_fpu_return+0xa/0x10
[ 587.163374][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 587.169421][ C0] do_syscall_64+0x39/0x80
[ 587.173859][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 587.179839][ C0] RIP: 0033:0x466459
[ 587.183762][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 587.203465][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 587.211871][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 587.219843][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 587.227811][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 587.235881][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 587.243855][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 587.251815][ C0] ---[ end trace 6a9a87c08c22e0dc ]---
[ 587.257664][ C0] ------------[ cut here ]------------
[ 587.263168][ C0] WARNING: CPU: 0 PID: 28486 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 587.274120][ C0] Modules linked in:
[ 587.278211][ C0] CPU: 0 PID: 28486 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 587.288529][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 587.298591][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 587.304588][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 587.329829][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 587.335909][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff888109155000
[ 587.343872][ C0] RDX: 0000000000010001 RSI: 000000000000001a RDI: 0000000000000001
[ 587.351876][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 587.359910][ C0] R10: 0001ffffffffffff R11: ffff888109155000 R12: ffff88813bc1da58
[ 587.367876][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 587.375979][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 587.384896][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 587.391603][ C0] CR2: 00000000005400f8 CR3: 0000000109161000 CR4: 00000000001506f0
[ 587.399564][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 587.408013][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 587.416007][ C0] Call Trace:
[ 587.419320][ C0]
[ 587.422145][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 587.427950][ C0] __run_hrtimer+0x163/0x460
[ 587.432532][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 587.438425][ C0] hrtimer_interrupt+0x380/0xaf0
[ 587.443366][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 587.449352][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 587.454969][ C0]
[ 587.457898][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 587.463927][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x38/0x60
[ 587.470066][ C0] Code: 8b 15 f4 3b bb 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74 35 83 b9 1c 0b 00 00 00 74 2c 8b 91 f8 0a 00 00 83 fa 02 75 21 <48> 8b 91 00 0b 00 00 48 8b 32 48 8d 7e 01 8b 89 fc 0a 00 00 48 39
[ 587.489748][ C0] RSP: 0018:ffffc90004ff3ab8 EFLAGS: 00000246
[ 587.495813][ C0] RAX: ffffffff8166d280 RBX: 0000000000000000 RCX: ffff888109155000
[ 587.503888][ C0] RDX: 0000000000000002 RSI: 0000000000000001 RDI: 0000000000000000
[ 587.511863][ C0] RBP: 0000000000000000 R08: ffffffff8166d270 R09: 0001ea000437c8bf
[ 587.520544][ C0] R10: 0001ffffffffffff R11: ffff888109155000 R12: 000000010df22027
[ 587.528503][ C0] R13: ffff888035b3bb40 R14: ffffea000437c880 R15: ffffea000437c880
[ 587.536466][ C0] ? page_add_file_rmap+0x220/0x2e0
[ 587.541679][ C0] ? page_add_file_rmap+0x230/0x2e0
[ 587.546908][ C0] page_add_file_rmap+0x230/0x2e0
[ 587.551981][ C0] do_set_pte+0x26b/0x480
[ 587.557264][ C0] finish_fault+0x3de/0x490
[ 587.561832][ C0] do_read_fault+0x324/0x530
[ 587.566437][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 587.572226][ C0] handle_mm_fault+0x1019/0x1840
[ 587.577303][ C0] __get_user_pages+0xa47/0x1000
[ 587.582299][ C0] __mm_populate+0x24d/0x380
[ 587.586892][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 587.591478][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 587.596151][ C0] ? switch_fpu_return+0xa/0x10
[ 587.601011][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 587.607544][ C0] do_syscall_64+0x39/0x80
[ 587.611951][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 587.617838][ C0] RIP: 0033:0x466459
[ 587.621736][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 587.641386][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 587.649789][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 587.657873][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 587.665934][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 587.673984][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 587.681976][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 587.689959][ C0] ---[ end trace 6a9a87c08c22e0dd ]---
[ 587.695780][ C0] ------------[ cut here ]------------
[ 587.701263][ C0] WARNING: CPU: 0 PID: 28486 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 587.712122][ C0] Modules linked in:
[ 587.716019][ C0] CPU: 0 PID: 28486 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 587.726385][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 587.736435][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 587.742440][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 587.762041][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 587.768349][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff888109155000
[ 587.776336][ C0] RDX: 0000000000010001 RSI: 000000000000001a RDI: 0000000000000001
[ 587.785516][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 587.793476][ C0] R10: 0001ffffffffffff R11: 0000000000000033 R12: ffff88813bc1da58
[ 587.801454][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 587.809640][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 587.818690][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 587.825285][ C0] CR2: 00000000005400f8 CR3: 0000000109161000 CR4: 00000000001506f0
[ 587.833267][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 587.841274][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 587.849262][ C0] Call Trace:
[ 587.852530][ C0]
[ 587.855359][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 587.861338][ C0] __run_hrtimer+0x163/0x460
[ 587.866027][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 587.871836][ C0] hrtimer_interrupt+0x380/0xaf0
[ 587.876782][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 587.882728][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 587.888448][ C0]
[ 587.891382][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 587.897460][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x38/0x60
[ 587.903694][ C0] Code: 8b 15 f4 3b bb 7e f7 c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74 35 83 b9 1c 0b 00 00 00 74 2c 8b 91 f8 0a 00 00 83 fa 02 75 21 <48> 8b 91 00 0b 00 00 48 8b 32 48 8d 7e 01 8b 89 fc 0a 00 00 48 39
[ 587.925484][ C0] RSP: 0018:ffffc90004ff3ab8 EFLAGS: 00000246
[ 587.931579][ C0] RAX: ffffffff8166d280 RBX: 0000000000000000 RCX: ffff888109155000
[ 587.939553][ C0] RDX: 0000000000000002 RSI: 0000000000000001 RDI: 0000000000000000
[ 587.947516][ C0] RBP: 0000000000000000 R08: ffffffff8166d270 R09: 0001ea000437c8bf
[ 587.955529][ C0] R10: 0001ffffffffffff R11: ffff888109155000 R12: 000000010df22027
[ 587.963505][ C0] R13: ffff888035b3bb40 R14: ffffea000437c880 R15: ffffea000437c880
[ 587.971499][ C0] ? page_add_file_rmap+0x220/0x2e0
[ 587.976694][ C0] ? page_add_file_rmap+0x230/0x2e0
[ 587.981917][ C0] page_add_file_rmap+0x230/0x2e0
[ 587.986943][ C0] do_set_pte+0x26b/0x480
[ 587.991283][ C0] finish_fault+0x3de/0x490
[ 587.995811][ C0] do_read_fault+0x324/0x530
[ 588.000511][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 588.006369][ C0] handle_mm_fault+0x1019/0x1840
[ 588.011309][ C0] __get_user_pages+0xa47/0x1000
[ 588.020889][ C0] __mm_populate+0x24d/0x380
[ 588.025553][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 588.030170][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 588.034859][ C0] ? switch_fpu_return+0xa/0x10
[ 588.039706][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 588.045421][ C0] do_syscall_64+0x39/0x80
[ 588.049831][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 588.055719][ C0] RIP: 0033:0x466459
[ 588.059620][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 588.079233][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 588.088194][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 588.096171][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 588.104158][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 588.112120][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 588.120099][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 588.128149][ C0] ---[ end trace 6a9a87c08c22e0de ]---
[ 588.234081][ C0] ------------[ cut here ]------------
[ 588.239583][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 588.250115][ C0] Modules linked in:
[ 588.254037][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 588.263411][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 588.273478][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 588.279607][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 588.299423][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 588.305524][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000020 RCX: ffffffff87630780
[ 588.313699][ C0] RDX: 0000000000010001 RSI: 0000000000000020 RDI: 0000000000000001
[ 588.321669][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 588.329643][ C0] R10: 0001ffffffffffff R11: 0000000000000196 R12: ffff88813bc1da58
[ 588.337639][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 588.345640][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 588.354584][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 588.361181][ C0] CR2: 0000000020000280 CR3: 0000000109161000 CR4: 00000000001506f0
[ 588.369163][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 588.377143][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 588.385135][ C0] Call Trace:
[ 588.388414][ C0]
[ 588.391250][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 588.397094][ C0] __run_hrtimer+0x163/0x460
[ 588.401711][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 588.407886][ C0] hrtimer_interrupt+0x380/0xaf0
[ 588.412855][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 588.418784][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 588.424451][ C0]
[ 588.427389][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 588.433400][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 588.438975][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 588.458613][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 588.464691][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 588.472672][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 588.480649][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 588.488623][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 588.496623][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 588.504627][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 588.509629][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 588.514609][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 588.519752][ C0] cpuidle_enter+0x3c/0x60
[ 588.524444][ C0] do_idle+0x193/0x230
[ 588.528542][ C0] cpu_startup_entry+0x15/0x20
[ 588.533315][ C0] rest_init+0xd7/0xe0
[ 588.537399][ C0] ? time_init+0xc/0xc
[ 588.541490][ C0] arch_call_rest_init+0xa/0xb
[ 588.546262][ C0] start_kernel+0x5a1/0x626
[ 588.550786][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 588.556739][ C0] ---[ end trace 6a9a87c08c22e0df ]---
[ 588.562547][ C0] ------------[ cut here ]------------
[ 588.568014][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 588.578553][ C0] Modules linked in:
[ 588.582452][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 588.591826][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 588.601891][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 588.607916][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 588.627647][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 588.633759][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 588.641729][ C0] RDX: 0000000000010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 588.649725][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 588.657714][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 588.665702][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 588.673679][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 588.682629][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 588.689233][ C0] CR2: 0000000020000280 CR3: 0000000109161000 CR4: 00000000001506f0
[ 588.697205][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 588.705179][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 588.713164][ C0] Call Trace:
[ 588.716444][ C0]
[ 588.719319][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 588.725163][ C0] __run_hrtimer+0x163/0x460
[ 588.729753][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 588.735565][ C0] hrtimer_interrupt+0x380/0xaf0
[ 588.740508][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 588.746424][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 588.752064][ C0]
[ 588.755019][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 588.761965][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 588.767518][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 588.787126][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 588.793197][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 588.801180][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 588.809155][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 588.817145][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 588.825126][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 588.833193][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 588.838152][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 588.843096][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 588.848228][ C0] cpuidle_enter+0x3c/0x60
[ 588.852645][ C0] do_idle+0x193/0x230
[ 588.856758][ C0] cpu_startup_entry+0x15/0x20
[ 588.861525][ C0] rest_init+0xd7/0xe0
[ 588.865595][ C0] ? time_init+0xc/0xc
[ 588.869689][ C0] arch_call_rest_init+0xa/0xb
[ 588.874454][ C0] start_kernel+0x5a1/0x626
[ 588.878959][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 588.884858][ C0] ---[ end trace 6a9a87c08c22e0e0 ]---
[ 588.890659][ C0] ------------[ cut here ]------------
[ 588.896136][ C0] WARNING: CPU: 0 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 588.906669][ C0] Modules linked in:
[ 588.910561][ C0] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 588.919929][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 588.929988][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 588.935988][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 588.955861][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 588.961934][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000014 RCX: ffffffff87630780
[ 588.969931][ C0] RDX: 0000000000010001 RSI: 0000000000000014 RDI: 0000000000000001
[ 588.978020][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 588.985999][ C0] R10: 0001ffffffffffff R11: ffffffff87630780 R12: ffff88813bc1da58
[ 588.993998][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 589.001978][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 589.010916][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 589.017508][ C0] CR2: 0000000020000280 CR3: 0000000109161000 CR4: 00000000001506f0
[ 589.025516][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 589.033790][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 589.041887][ C0] Call Trace:
[ 589.045203][ C0]
[ 589.048071][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 589.053924][ C0] __run_hrtimer+0x163/0x460
[ 589.058548][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 589.064889][ C0] hrtimer_interrupt+0x380/0xaf0
[ 589.069858][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 589.075770][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 589.081420][ C0]
[ 589.084365][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 589.090414][ C0] RIP: 0010:acpi_idle_enter+0x25b/0x2e0
[ 589.095976][ C0] Code: 48 8b 1b 48 89 de 48 83 e6 08 31 ff e8 5e c7 85 fe 48 83 e3 08 75 63 e9 0c 00 00 00 e8 9e c2 85 fe 0f 00 2d d1 eb 3e 03 fb f4 eb 59 49 8d 7c 24 04 e8 c8 53 96 fe 41 8b 54 24 04 ec 48 c7 c7
[ 589.115587][ C0] RSP: 0018:ffffffff87603da0 EFLAGS: 00000246
[ 589.121762][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 589.129738][ C0] RDX: ffffffff87630780 RSI: 0000000000000000 RDI: 0000000000000000
[ 589.137725][ C0] RBP: 0000000000000001 R08: ffffffff82c06e52 R09: ffffffff82c06e13
[ 589.145704][ C0] R10: 0000000000000002 R11: ffffffff87630780 R12: ffff8881010f0064
[ 589.153696][ C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffff88813bc00000
[ 589.161716][ C0] ? acpi_idle_enter+0x203/0x2e0
[ 589.166829][ C0] ? acpi_idle_enter+0x242/0x2e0
[ 589.171880][ C0] cpuidle_enter_state+0x2b6/0x7c0
[ 589.177018][ C0] cpuidle_enter+0x3c/0x60
[ 589.181441][ C0] do_idle+0x193/0x230
19:31:05 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:31:05 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x200000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:31:05 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:31:05 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x900})
19:31:05 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x5c)
19:31:05 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x11})
[ 589.185524][ C0] cpu_startup_entry+0x15/0x20
[ 589.190319][ C0] rest_init+0xd7/0xe0
[ 589.194398][ C0] ? time_init+0xc/0xc
[ 589.198494][ C0] arch_call_rest_init+0xa/0xb
[ 589.203286][ C0] start_kernel+0x5a1/0x626
[ 589.207819][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 589.213740][ C0] ---[ end trace 6a9a87c08c22e0e1 ]---
[ 589.319546][ C0] ------------[ cut here ]------------
[ 589.325037][ C0] WARNING: CPU: 0 PID: 28516 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 589.335926][ C0] Modules linked in:
[ 589.339822][ C0] CPU: 0 PID: 28516 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 589.349983][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 589.360079][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:31:06 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x400300, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:31:06 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 589.366091][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 589.385700][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 589.391785][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88802c057000
[ 589.399766][ C0] RDX: 0000000000010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 589.408211][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 589.416191][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 589.424168][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 589.432143][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 589.441211][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 589.447784][ C0] CR2: 00000000005400f8 CR3: 0000000109161000 CR4: 00000000001506f0
[ 589.455773][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 589.463733][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 589.471696][ C0] Call Trace:
[ 589.474962][ C0]
[ 589.477787][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 589.483736][ C0] __run_hrtimer+0x163/0x460
[ 589.488397][ C0] hrtimer_interrupt+0x380/0xaf0
[ 589.493335][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 589.499227][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 589.504860][ C0]
[ 589.507781][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 589.513777][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp1+0x31/0xa0
[ 589.520620][ C0] Code: 14 25 00 6d 01 00 65 8b 05 24 39 bb 7e a9 00 01 ff 00 74 10 a9 00 01 00 00 74 6e 83 ba 1c 0b 00 00 00 74 65 8b 82 f8 0a 00 00 <83> f8 03 75 5a 48 8b 8a 00 0b 00 00 44 8b 8a fc 0a 00 00 49 c1 e1
[ 589.540301][ C0] RSP: 0018:ffffc90003b03ac8 EFLAGS: 00000246
[ 589.546372][ C0] RAX: 0000000000000002 RBX: 0000000000000000 RCX: 0000000000000c5b
[ 589.554330][ C0] RDX: ffff88802c057000 RSI: 0000000000000000 RDI: 0000000000000000
[ 589.562567][ C0] RBP: ffff88803405cb40 R08: ffffffff815c09b5 R09: 0001888035ad9abf
[ 589.570527][ C0] R10: 0001ffffffffffff R11: ffff88802c057000 R12: ffffea00014f8e08
[ 589.578488][ C0] R13: 0000000020557000 R14: dead000000000100 R15: ffffea00014f8e00
[ 589.586569][ C0] ? filemap_map_pages+0x4d5/0x770
[ 589.591749][ C0] filemap_map_pages+0x4d5/0x770
[ 589.596706][ C0] do_read_fault+0x217/0x530
[ 589.601317][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 589.607179][ C0] handle_mm_fault+0x1019/0x1840
[ 589.612144][ C0] __get_user_pages+0xa47/0x1000
[ 589.617095][ C0] __mm_populate+0x24d/0x380
[ 589.621681][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 589.626266][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 589.630962][ C0] ? switch_fpu_return+0xa/0x10
[ 589.635804][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 589.641512][ C0] do_syscall_64+0x39/0x80
[ 589.645922][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 589.651803][ C0] RIP: 0033:0x466459
[ 589.655679][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 589.675302][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 589.683702][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 589.691662][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 589.699833][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 589.707916][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 589.715975][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 589.723968][ C0] ---[ end trace 6a9a87c08c22e0e2 ]---
[ 589.729741][ C0] ------------[ cut here ]------------
[ 589.735180][ C0] WARNING: CPU: 0 PID: 28516 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 589.746025][ C0] Modules linked in:
[ 589.750094][ C0] CPU: 0 PID: 28516 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 589.760245][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
19:31:06 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0xa00})
19:31:06 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x12})
[ 589.770313][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 589.776306][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 589.795917][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 589.801990][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88802c057000
[ 589.810002][ C0] RDX: 0000000000010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 589.818005][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 589.826008][ C0] R10: 0001ffffffffffff R11: ffff88802c057000 R12: ffff88813bc1da58
[ 589.833993][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 589.841981][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 589.850909][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 589.857489][ C0] CR2: 00000000005400f8 CR3: 0000000109161000 CR4: 00000000001506f0
[ 589.865472][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 589.873531][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 589.881499][ C0] Call Trace:
[ 589.884854][ C0]
[ 589.887875][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 589.893681][ C0] __run_hrtimer+0x163/0x460
[ 589.898253][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 589.904066][ C0] hrtimer_interrupt+0x380/0xaf0
[ 589.909507][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 589.915420][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 589.921168][ C0]
[ 589.924080][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 589.930042][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp1+0x31/0xa0
[ 589.936980][ C0] Code: 14 25 00 6d 01 00 65 8b 05 24 39 bb 7e a9 00 01 ff 00 74 10 a9 00 01 00 00 74 6e 83 ba 1c 0b 00 00 00 74 65 8b 82 f8 0a 00 00 <83> f8 03 75 5a 48 8b 8a 00 0b 00 00 44 8b 8a fc 0a 00 00 49 c1 e1
[ 589.956586][ C0] RSP: 0018:ffffc90003b03ac8 EFLAGS: 00000246
[ 589.962654][ C0] RAX: 0000000000000002 RBX: 0000000000000000 RCX: 0000000000000c5b
[ 589.970611][ C0] RDX: ffff88802c057000 RSI: 0000000000000000 RDI: 0000000000000000
[ 589.978598][ C0] RBP: ffff88803405cb40 R08: ffffffff815c09b5 R09: 0001888035ad9abf
[ 589.986561][ C0] R10: 0001ffffffffffff R11: ffff88802c057000 R12: ffffea00014f8e08
[ 589.994800][ C0] R13: 0000000020557000 R14: dead000000000100 R15: ffffea00014f8e00
[ 590.002938][ C0] ? filemap_map_pages+0x4d5/0x770
[ 590.008059][ C0] filemap_map_pages+0x4d5/0x770
[ 590.013012][ C0] do_read_fault+0x217/0x530
[ 590.017602][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 590.023479][ C0] handle_mm_fault+0x1019/0x1840
[ 590.028507][ C0] __get_user_pages+0xa47/0x1000
[ 590.033445][ C0] __mm_populate+0x24d/0x380
[ 590.038126][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 590.042828][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 590.047489][ C0] ? switch_fpu_return+0xa/0x10
[ 590.052334][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 590.058050][ C0] do_syscall_64+0x39/0x80
[ 590.062449][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 590.068427][ C0] RIP: 0033:0x466459
[ 590.072298][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 590.091903][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 590.100346][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 590.108309][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 590.116291][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 590.124265][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 590.132219][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 590.140280][ C0] ---[ end trace 6a9a87c08c22e0e3 ]---
[ 590.146090][ C0] ------------[ cut here ]------------
[ 590.151558][ C0] WARNING: CPU: 0 PID: 28516 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 590.162422][ C0] Modules linked in:
[ 590.166323][ C0] CPU: 0 PID: 28516 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 590.176482][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 590.186526][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 590.192530][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 590.212210][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 590.218272][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88802c057000
[ 590.226232][ C0] RDX: 0000000000010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 590.234203][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 590.242185][ C0] R10: 0001ffffffffffff R11: ffff88802c057000 R12: ffff88813bc1da58
[ 590.250344][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 590.258301][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 590.267213][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 590.273777][ C0] CR2: 00000000005400f8 CR3: 0000000109161000 CR4: 00000000001506f0
[ 590.281731][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 590.289702][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 590.297779][ C0] Call Trace:
[ 590.301063][ C0]
[ 590.303885][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 590.309680][ C0] __run_hrtimer+0x163/0x460
[ 590.314295][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 590.320216][ C0] hrtimer_interrupt+0x380/0xaf0
[ 590.325195][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 590.331534][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 590.337465][ C0]
[ 590.340399][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 590.346394][ C0] RIP: 0010:__sanitizer_cov_trace_const_cmp1+0x31/0xa0
[ 590.353334][ C0] Code: 14 25 00 6d 01 00 65 8b 05 24 39 bb 7e a9 00 01 ff 00 74 10 a9 00 01 00 00 74 6e 83 ba 1c 0b 00 00 00 74 65 8b 82 f8 0a 00 00 <83> f8 03 75 5a 48 8b 8a 00 0b 00 00 44 8b 8a fc 0a 00 00 49 c1 e1
[ 590.372936][ C0] RSP: 0018:ffffc90003b03ac8 EFLAGS: 00000246
[ 590.378986][ C0] RAX: 0000000000000002 RBX: 0000000000000000 RCX: 0000000000000c5b
[ 590.386958][ C0] RDX: ffff88802c057000 RSI: 0000000000000000 RDI: 0000000000000000
[ 590.394928][ C0] RBP: ffff88803405cb40 R08: ffffffff815c09b5 R09: 0001888035ad9abf
[ 590.402904][ C0] R10: 0001ffffffffffff R11: ffff88802c057000 R12: ffffea00014f8e08
[ 590.410863][ C0] R13: 0000000020557000 R14: dead000000000100 R15: ffffea00014f8e00
[ 590.418851][ C0] ? filemap_map_pages+0x4d5/0x770
[ 590.423951][ C0] filemap_map_pages+0x4d5/0x770
[ 590.428899][ C0] do_read_fault+0x217/0x530
[ 590.433487][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 590.439310][ C0] handle_mm_fault+0x1019/0x1840
[ 590.444343][ C0] __get_user_pages+0xa47/0x1000
[ 590.449287][ C0] __mm_populate+0x24d/0x380
[ 590.453861][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 590.458464][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 590.463150][ C0] ? switch_fpu_return+0xa/0x10
[ 590.468016][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 590.473737][ C0] do_syscall_64+0x39/0x80
[ 590.478142][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 590.484047][ C0] RIP: 0033:0x466459
[ 590.487924][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 590.508038][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 590.516457][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 590.524427][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 590.532397][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 590.540375][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 590.548346][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 590.556331][ C0] ---[ end trace 6a9a87c08c22e0e4 ]---
19:31:07 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x1000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:31:07 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 590.662204][ C0] ------------[ cut here ]------------
[ 590.667736][ C0] WARNING: CPU: 0 PID: 28532 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 590.678602][ C0] Modules linked in:
[ 590.682493][ C0] CPU: 0 PID: 28532 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 590.692644][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 590.702706][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 590.708701][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 590.728414][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 590.734498][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff88810e453000
[ 590.742475][ C0] RDX: 0000000080010000 RSI: 000000000000001f RDI: 0000000000000001
[ 590.750445][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 590.758492][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 590.766456][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 590.774417][ C0] FS: 00007f09d10c5700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 590.783348][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 590.790106][ C0] CR2: 00007fed45adb6b8 CR3: 0000000109161000 CR4: 00000000001506f0
[ 590.798098][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 590.806325][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 590.814327][ C0] Call Trace:
[ 590.817597][ C0]
[ 590.820420][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 590.826235][ C0] __run_hrtimer+0x163/0x460
[ 590.830837][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 590.837008][ C0] hrtimer_interrupt+0x380/0xaf0
[ 590.842061][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 590.848052][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 590.853690][ C0]
[ 590.856610][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 590.862602][ C0] RIP: 0010:__tsan_read1+0xec/0x180
[ 590.867825][ C0] Code: ee 31 81 e6 ff 3f 00 00 49 8d 74 31 ff 48 39 d6 0f 82 66 ff ff ff 48 8d 0c c5 38 6f f3 88 48 85 c9 75 79 65 8b 05 8c b2 aa 7e 00 01 ff 00 74 11 48 c7 c0 f8 70 02 00 65 48 03 05 c6 5a aa 7e
[ 590.887614][ C0] RSP: 0018:ffffc90003bbf7b8 EFLAGS: 00000293
[ 590.893768][ C0] RAX: 0000000080000000 RBX: ffffc90003bbf848 RCX: 0001ffffffffffff
[ 590.901873][ C0] RDX: 0001888017bcdd80 RSI: ffffffff878d40b0 RDI: ffff888017bcdd80
[ 590.909844][ C0] RBP: 00000000000000a2 R08: 0000000000000000 R09: ffffffff82a88375
[ 590.917948][ C0] R10: 0000000000000002 R11: ffff88810e453000 R12: fffffffffffffffe
[ 590.925993][ C0] R13: ffffc90003bbf840 R14: 0000000000000000 R15: ffff888017bcdd80
[ 590.933967][ C0] ? xas_find+0xb5/0x3d0
[ 590.938270][ C0] xas_find+0x113/0x3d0
[ 590.942429][ C0] find_lock_entries+0x90/0x7a0
[ 590.947271][ C0] shmem_undo_range+0x105/0x1220
[ 590.952221][ C0] ? __sanitizer_cov_trace_const_cmp8+0x4/0x90
[ 590.958413][ C0] shmem_evict_inode+0x115/0x550
[ 590.963351][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 590.969061][ C0] ? bit_waitqueue+0x30/0x30
[ 590.973657][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 590.979189][ C0] evict+0x1aa/0x410
[ 590.983070][ C0] iput+0x3fd/0x520
[ 590.986857][ C0] dentry_unlink_inode+0x210/0x220
[ 590.991951][ C0] __dentry_kill+0x293/0x450
[ 590.996776][ C0] dput+0x218/0x430
[ 591.000578][ C0] __fput+0x3b3/0x4f0
[ 591.004647][ C0] ____fput+0x11/0x20
[ 591.008611][ C0] task_work_run+0x8e/0x110
[ 591.013144][ C0] get_signal+0x149f/0x14e0
[ 591.017686][ C0] ? __mm_populate+0x32c/0x380
[ 591.022465][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 591.028133][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 591.033852][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 591.039341][ C0] do_syscall_64+0x45/0x80
[ 591.043769][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 591.049656][ C0] RIP: 0033:0x466459
[ 591.053548][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 591.073157][ C0] RSP: 002b:00007f09d10c5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 591.081708][ C0] RAX: 0000000020000000 RBX: 000000000056c0b0 RCX: 0000000000466459
[ 591.089671][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 591.097650][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 591.105614][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056c0b0
[ 591.113588][ C0] R13: 00007fff87968f8f R14: 00007f09d10c5300 R15: 0000000000022000
[ 591.121555][ C0] ---[ end trace 6a9a87c08c22e0e5 ]---
[ 591.127352][ C0] ------------[ cut here ]------------
[ 591.132814][ C0] WARNING: CPU: 0 PID: 28532 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 591.143743][ C0] Modules linked in:
[ 591.147675][ C0] CPU: 0 PID: 28532 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 591.157840][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 591.167901][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 591.173964][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 591.193565][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 591.199637][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff88810e453000
[ 591.207640][ C0] RDX: 0000000000010000 RSI: 000000000000001c RDI: 0000000000000001
[ 591.215639][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 591.223613][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 591.231616][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 591.239593][ C0] FS: 00007f09d10c5700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 591.248638][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 591.255280][ C0] CR2: 00007fed45adb6b8 CR3: 0000000109161000 CR4: 00000000001506f0
[ 591.263247][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 591.271211][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 591.279181][ C0] Call Trace:
[ 591.282441][ C0]
[ 591.285291][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 591.291140][ C0] __run_hrtimer+0x163/0x460
[ 591.295750][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 591.301537][ C0] hrtimer_interrupt+0x380/0xaf0
[ 591.306472][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 591.312390][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 591.318021][ C0]
[ 591.320935][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 591.326916][ C0] RIP: 0010:__tsan_read1+0xec/0x180
[ 591.332202][ C0] Code: ee 31 81 e6 ff 3f 00 00 49 8d 74 31 ff 48 39 d6 0f 82 66 ff ff ff 48 8d 0c c5 38 6f f3 88 48 85 c9 75 79 65 8b 05 8c b2 aa 7e 00 01 ff 00 74 11 48 c7 c0 f8 70 02 00 65 48 03 05 c6 5a aa 7e
[ 591.351914][ C0] RSP: 0018:ffffc90003bbf7b8 EFLAGS: 00000293
[ 591.358112][ C0] RAX: 0000000080000000 RBX: ffffc90003bbf848 RCX: 0001ffffffffffff
[ 591.366212][ C0] RDX: 0001888017bcdd80 RSI: ffffffff878d40b0 RDI: ffff888017bcdd80
[ 591.374279][ C0] RBP: 00000000000000a2 R08: 0000000000000000 R09: ffffffff82a88375
[ 591.382254][ C0] R10: 0000000000000002 R11: ffff88810e453000 R12: fffffffffffffffe
[ 591.390225][ C0] R13: ffffc90003bbf840 R14: 0000000000000000 R15: ffff888017bcdd80
[ 591.398216][ C0] ? xas_find+0xb5/0x3d0
[ 591.402480][ C0] xas_find+0x113/0x3d0
[ 591.406655][ C0] find_lock_entries+0x90/0x7a0
[ 591.411609][ C0] shmem_undo_range+0x105/0x1220
[ 591.416545][ C0] ? __sanitizer_cov_trace_const_cmp8+0x4/0x90
[ 591.422711][ C0] shmem_evict_inode+0x115/0x550
[ 591.427660][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 591.433368][ C0] ? bit_waitqueue+0x30/0x30
[ 591.437950][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 591.443488][ C0] evict+0x1aa/0x410
[ 591.447387][ C0] iput+0x3fd/0x520
[ 591.451176][ C0] dentry_unlink_inode+0x210/0x220
[ 591.456385][ C0] __dentry_kill+0x293/0x450
[ 591.460980][ C0] dput+0x218/0x430
[ 591.464816][ C0] __fput+0x3b3/0x4f0
[ 591.468803][ C0] ____fput+0x11/0x20
[ 591.472788][ C0] task_work_run+0x8e/0x110
[ 591.477329][ C0] get_signal+0x149f/0x14e0
[ 591.481823][ C0] ? __mm_populate+0x32c/0x380
[ 591.486591][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 591.492128][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 591.497758][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 591.503387][ C0] do_syscall_64+0x45/0x80
[ 591.507790][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 591.513712][ C0] RIP: 0033:0x466459
[ 591.517603][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 591.538196][ C0] RSP: 002b:00007f09d10c5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 591.546657][ C0] RAX: 0000000020000000 RBX: 000000000056c0b0 RCX: 0000000000466459
[ 591.554655][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 591.562624][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 591.570588][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056c0b0
[ 591.578705][ C0] R13: 00007fff87968f8f R14: 00007f09d10c5300 R15: 0000000000022000
[ 591.586692][ C0] ---[ end trace 6a9a87c08c22e0e6 ]---
[ 591.592394][ C0] ------------[ cut here ]------------
[ 591.597952][ C0] WARNING: CPU: 0 PID: 28532 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 591.608806][ C0] Modules linked in:
[ 591.612691][ C0] CPU: 0 PID: 28532 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 591.622839][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 591.632908][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 591.638973][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 591.658686][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 591.664753][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff88810e453000
[ 591.672717][ C0] RDX: 0000000000010000 RSI: 000000000000001c RDI: 0000000000000001
[ 591.680676][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 591.688769][ C0] R10: 0001ffffffffffff R11: ffff88810e453000 R12: ffff88813bc1da58
[ 591.696734][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 591.704694][ C0] FS: 00007f09d10c5700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 591.713649][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 591.720310][ C0] CR2: 00007fed45adb6b8 CR3: 0000000109161000 CR4: 00000000001506f0
[ 591.728748][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 591.736757][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 591.744863][ C0] Call Trace:
[ 591.748135][ C0]
[ 591.750967][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 591.756886][ C0] __run_hrtimer+0x163/0x460
[ 591.761471][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 591.767527][ C0] hrtimer_interrupt+0x380/0xaf0
[ 591.772462][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 591.778374][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 591.784007][ C0]
[ 591.786919][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 591.792891][ C0] RIP: 0010:__tsan_read1+0xec/0x180
[ 591.798124][ C0] Code: ee 31 81 e6 ff 3f 00 00 49 8d 74 31 ff 48 39 d6 0f 82 66 ff ff ff 48 8d 0c c5 38 6f f3 88 48 85 c9 75 79 65 8b 05 8c b2 aa 7e 00 01 ff 00 74 11 48 c7 c0 f8 70 02 00 65 48 03 05 c6 5a aa 7e
[ 591.817749][ C0] RSP: 0018:ffffc90003bbf7b8 EFLAGS: 00000293
[ 591.823806][ C0] RAX: 0000000080000000 RBX: ffffc90003bbf848 RCX: 0001ffffffffffff
[ 591.831807][ C0] RDX: 0001888017bcdd80 RSI: ffffffff878d40b0 RDI: ffff888017bcdd80
[ 591.839782][ C0] RBP: 00000000000000a2 R08: 0000000000000000 R09: ffffffff82a88375
[ 591.847770][ C0] R10: 0000000000000002 R11: ffff88810e453000 R12: fffffffffffffffe
[ 591.855741][ C0] R13: ffffc90003bbf840 R14: 0000000000000000 R15: ffff888017bcdd80
[ 591.863707][ C0] ? xas_find+0xb5/0x3d0
[ 591.867959][ C0] xas_find+0x113/0x3d0
[ 591.872796][ C0] find_lock_entries+0x90/0x7a0
[ 591.877718][ C0] shmem_undo_range+0x105/0x1220
[ 591.882725][ C0] ? __sanitizer_cov_trace_const_cmp8+0x4/0x90
[ 591.888863][ C0] shmem_evict_inode+0x115/0x550
[ 591.893805][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 591.899611][ C0] ? bit_waitqueue+0x30/0x30
[ 591.904210][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 591.909755][ C0] evict+0x1aa/0x410
[ 591.913649][ C0] iput+0x3fd/0x520
[ 591.917441][ C0] dentry_unlink_inode+0x210/0x220
[ 591.922551][ C0] __dentry_kill+0x293/0x450
[ 591.927124][ C0] dput+0x218/0x430
[ 591.930918][ C0] __fput+0x3b3/0x4f0
[ 591.934893][ C0] ____fput+0x11/0x20
[ 591.938851][ C0] task_work_run+0x8e/0x110
[ 591.943359][ C0] get_signal+0x149f/0x14e0
[ 591.947860][ C0] ? __mm_populate+0x32c/0x380
[ 591.952621][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 591.958188][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 591.963810][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 591.969283][ C0] do_syscall_64+0x45/0x80
[ 591.973684][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 591.980005][ C0] RIP: 0033:0x466459
[ 591.983919][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 592.003635][ C0] RSP: 002b:00007f09d10c5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 592.012168][ C0] RAX: 0000000020000000 RBX: 000000000056c0b0 RCX: 0000000000466459
[ 592.020949][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 592.029299][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 592.037260][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056c0b0
[ 592.045238][ C0] R13: 00007fff87968f8f R14: 00007f09d10c5300 R15: 0000000000022000
[ 592.053257][ C0] ---[ end trace 6a9a87c08c22e0e7 ]---
19:31:08 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:31:08 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:31:08 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x2000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:31:08 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x300)
19:31:08 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x4})
19:31:08 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x3000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 592.159102][ C0] ------------[ cut here ]------------
[ 592.164595][ C0] WARNING: CPU: 0 PID: 28549 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 592.175460][ C0] Modules linked in:
[ 592.179363][ C0] CPU: 0 PID: 28549 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 592.189519][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 592.199588][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:31:08 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x4000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 592.205632][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 592.225509][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 592.231673][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000022 RCX: ffff88810e5b5000
[ 592.239741][ C0] RDX: 0000000080010001 RSI: 0000000000000022 RDI: 0000000000000001
[ 592.247859][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:31:08 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x5000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 592.255848][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 592.263829][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 592.271813][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 592.281100][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 592.287828][ C0] CR2: 00000000005400f8 CR3: 000000010ab41000 CR4: 00000000001506f0
[ 592.295809][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 592.303790][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 592.311828][ C0] Call Trace:
[ 592.315442][ C0]
[ 592.318300][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 592.324128][ C0] __run_hrtimer+0x163/0x460
[ 592.328723][ C0] hrtimer_interrupt+0x380/0xaf0
[ 592.333670][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 592.339573][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 592.345223][ C0]
[ 592.348146][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 592.354350][ C0] RIP: 0010:filemap_map_pages+0x52a/0x770
[ 592.360204][ C0] Code: 01 00 00 4c 89 ef 48 8b 6c 24 10 48 89 ee e8 4d 29 ea ff 49 39 ed 49 0f 47 ed 4c 89 e8 48 89 6c 24 60 48 29 e8 48 89 44 24 58 <45> 31 f6 0f 1f 00 4b 8d 2c 37 4b 8d 7c 35 00 48 8b 74 24 60 e8 1d
[ 592.380202][ C0] RSP: 0018:ffffc90003bafad0 EFLAGS: 00000293
[ 592.386257][ C0] RAX: fffffffffffffffd RBX: 0000000000000000 RCX: 00000000000006e2
[ 592.394239][ C0] RDX: ffff88810e5b5000 RSI: 000000000000004f RDI: 000000000000004c
[ 592.402233][ C0] RBP: 000000000000004f R08: ffffffff815c09f3 R09: 000188810a82c267
[ 592.410191][ C0] R10: 0001ffffffffffff R11: ffff88810e5b5000 R12: 000000000000000c
[ 592.418153][ C0] R13: 000000000000004c R14: dead000000000100 R15: 000000000000000c
[ 592.426147][ C0] ? filemap_map_pages+0x513/0x770
[ 592.431273][ C0] do_read_fault+0x217/0x530
[ 592.435909][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 592.441717][ C0] handle_mm_fault+0x1019/0x1840
[ 592.446650][ C0] __get_user_pages+0xa47/0x1000
[ 592.451714][ C0] __mm_populate+0x24d/0x380
[ 592.456300][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 592.460879][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 592.465583][ C0] ? switch_fpu_return+0xa/0x10
[ 592.470448][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 592.476166][ C0] do_syscall_64+0x39/0x80
[ 592.480566][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 592.486450][ C0] RIP: 0033:0x466459
[ 592.490488][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 592.510208][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 592.518738][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 592.526972][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 592.535632][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 592.543615][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 592.551681][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 592.559683][ C0] ---[ end trace 6a9a87c08c22e0e8 ]---
[ 592.565554][ C0] ------------[ cut here ]------------
[ 592.571020][ C0] WARNING: CPU: 0 PID: 28549 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 592.581894][ C0] Modules linked in:
[ 592.585781][ C0] CPU: 0 PID: 28549 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 592.595953][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
19:31:09 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0xb00})
19:31:09 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x6000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:31:09 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x500)
19:31:09 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 592.606034][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 592.612063][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 592.631763][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 592.637827][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff88810e5b5000
[ 592.645829][ C0] RDX: 0000000080010001 RSI: 0000000000000018 RDI: 0000000000000001
[ 592.653815][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 592.661795][ C0] R10: 0001ffffffffffff R11: ffff88810e5b5000 R12: ffff88813bc1da58
[ 592.669804][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 592.677761][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 592.686678][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 592.693259][ C0] CR2: 00000000005400f8 CR3: 000000010ab41000 CR4: 00000000001506f0
[ 592.701347][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 592.709323][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 592.717301][ C0] Call Trace:
[ 592.720615][ C0]
[ 592.723445][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 592.729239][ C0] __run_hrtimer+0x163/0x460
[ 592.733995][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 592.739817][ C0] hrtimer_interrupt+0x380/0xaf0
[ 592.744765][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 592.750876][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 592.756602][ C0]
[ 592.759518][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 592.765486][ C0] RIP: 0010:filemap_map_pages+0x52a/0x770
[ 592.771207][ C0] Code: 01 00 00 4c 89 ef 48 8b 6c 24 10 48 89 ee e8 4d 29 ea ff 49 39 ed 49 0f 47 ed 4c 89 e8 48 89 6c 24 60 48 29 e8 48 89 44 24 58 <45> 31 f6 0f 1f 00 4b 8d 2c 37 4b 8d 7c 35 00 48 8b 74 24 60 e8 1d
[ 592.791072][ C0] RSP: 0018:ffffc90003bafad0 EFLAGS: 00000293
[ 592.797235][ C0] RAX: fffffffffffffffd RBX: 0000000000000000 RCX: 00000000000006e2
[ 592.805200][ C0] RDX: ffff88810e5b5000 RSI: 000000000000004f RDI: 000000000000004c
[ 592.813204][ C0] RBP: 000000000000004f R08: ffffffff815c09f3 R09: 000188810a82c267
[ 592.821205][ C0] R10: 0001ffffffffffff R11: ffff88810e5b5000 R12: 000000000000000c
[ 592.829166][ C0] R13: 000000000000004c R14: dead000000000100 R15: 000000000000000c
[ 592.837130][ C0] ? filemap_map_pages+0x513/0x770
[ 592.842248][ C0] do_read_fault+0x217/0x530
[ 592.847787][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 592.853739][ C0] handle_mm_fault+0x1019/0x1840
[ 592.858711][ C0] __get_user_pages+0xa47/0x1000
[ 592.863664][ C0] __mm_populate+0x24d/0x380
[ 592.868260][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 592.872984][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 592.877647][ C0] ? switch_fpu_return+0xa/0x10
[ 592.882491][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 592.888283][ C0] do_syscall_64+0x39/0x80
[ 592.892710][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 592.898619][ C0] RIP: 0033:0x466459
[ 592.902497][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 592.922089][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 592.930489][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 592.938643][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 592.946727][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 592.954695][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 592.962669][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 592.970939][ C0] ---[ end trace 6a9a87c08c22e0e9 ]---
[ 592.976798][ C0] ------------[ cut here ]------------
[ 592.982287][ C0] WARNING: CPU: 0 PID: 28549 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 592.993174][ C0] Modules linked in:
[ 592.997081][ C0] CPU: 0 PID: 28549 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 593.008100][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 593.018153][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 593.024274][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 593.043984][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 593.050041][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810e5b5000
[ 593.057999][ C0] RDX: 0000000080010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 593.066078][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 593.074142][ C0] R10: 0001ffffffffffff R11: 00000000000001b0 R12: ffff88813bc1da58
[ 593.082115][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 593.090163][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 593.099729][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 593.106296][ C0] CR2: 00000000005400f8 CR3: 000000010ab41000 CR4: 00000000001506f0
[ 593.114251][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 593.122234][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 593.130206][ C0] Call Trace:
[ 593.133481][ C0]
[ 593.136310][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 593.142158][ C0] __run_hrtimer+0x163/0x460
[ 593.146769][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 593.152729][ C0] hrtimer_interrupt+0x380/0xaf0
[ 593.157660][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 593.163605][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 593.169367][ C0]
[ 593.172304][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 593.178304][ C0] RIP: 0010:filemap_map_pages+0x52a/0x770
[ 593.184007][ C0] Code: 01 00 00 4c 89 ef 48 8b 6c 24 10 48 89 ee e8 4d 29 ea ff 49 39 ed 49 0f 47 ed 4c 89 e8 48 89 6c 24 60 48 29 e8 48 89 44 24 58 <45> 31 f6 0f 1f 00 4b 8d 2c 37 4b 8d 7c 35 00 48 8b 74 24 60 e8 1d
[ 593.203776][ C0] RSP: 0018:ffffc90003bafad0 EFLAGS: 00000293
[ 593.209832][ C0] RAX: fffffffffffffffd RBX: 0000000000000000 RCX: 00000000000006e2
[ 593.217786][ C0] RDX: ffff88810e5b5000 RSI: 000000000000004f RDI: 000000000000004c
[ 593.225759][ C0] RBP: 000000000000004f R08: ffffffff815c09f3 R09: 000188810a82c267
[ 593.233745][ C0] R10: 0001ffffffffffff R11: ffff88810e5b5000 R12: 000000000000000c
[ 593.241710][ C0] R13: 000000000000004c R14: dead000000000100 R15: 000000000000000c
[ 593.249678][ C0] ? filemap_map_pages+0x513/0x770
[ 593.254791][ C0] do_read_fault+0x217/0x530
[ 593.259373][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 593.265179][ C0] handle_mm_fault+0x1019/0x1840
[ 593.270100][ C0] __get_user_pages+0xa47/0x1000
[ 593.275019][ C0] __mm_populate+0x24d/0x380
[ 593.279615][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 593.284210][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 593.288894][ C0] ? switch_fpu_return+0xa/0x10
[ 593.293785][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 593.299495][ C0] do_syscall_64+0x39/0x80
[ 593.303891][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 593.309784][ C0] RIP: 0033:0x466459
[ 593.313666][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 593.333255][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 593.341665][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 593.349618][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 593.357581][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 593.365533][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 593.373491][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 593.381450][ C0] ---[ end trace 6a9a87c08c22e0ea ]---
[ 593.460386][T28549] ==================================================================
[ 593.468514][T28549] BUG: KCSAN: data-race in copy_process / get_task_exe_file
[ 593.475931][T28549]
[ 593.478257][T28549] write to 0xffff8880394b902c of 4 bytes by task 28548 on cpu 1:
[ 593.485980][T28549] copy_process+0x5fd/0x2e50
[ 593.490577][T28549] kernel_clone+0x14b/0x690
[ 593.495076][T28549] __x64_sys_clone+0xb4/0xe0
[ 593.499657][T28549] do_syscall_64+0x39/0x80
[ 593.504069][T28549] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 593.509985][T28549]
[ 593.512311][T28549] read to 0xffff8880394b902c of 4 bytes by task 28549 on cpu 0:
[ 593.519933][T28549] get_task_exe_file+0x44/0x120
[ 593.524837][T28549] proc_exe_link+0x44/0x100
[ 593.529340][T28549] proc_pid_get_link+0x50/0xb0
[ 593.534117][T28549] step_into+0x974/0xec0
[ 593.538354][T28549] path_openat+0x105e/0x21b0
[ 593.542970][T28549] do_filp_open+0xbd/0x1d0
[ 593.547403][T28549] do_sys_openat2+0xa3/0x250
[ 593.551994][T28549] __x64_sys_openat+0xef/0x110
[ 593.556787][T28549] do_syscall_64+0x39/0x80
[ 593.561196][T28549] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 593.567089][T28549]
[ 593.569403][T28549] Reported by Kernel Concurrency Sanitizer on:
[ 593.575538][T28549] CPU: 0 PID: 28549 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 593.585698][T28549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 593.595756][T28549] ==================================================================
[ 593.604101][ C0] ------------[ cut here ]------------
[ 593.609559][ C0] WARNING: CPU: 0 PID: 28549 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 593.620429][ C0] Modules linked in:
[ 593.624339][ C0] CPU: 0 PID: 28549 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 593.634478][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 593.644535][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 593.650534][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 593.670159][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 593.676265][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000026 RCX: ffff88810e5b5000
[ 593.684257][ C0] RDX: 0000000080010001 RSI: 0000000000000026 RDI: 0000000000000001
[ 593.692225][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 593.700225][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 593.708193][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 593.716168][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 593.725109][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 593.731713][ C0] CR2: 00007f11102abd58 CR3: 000000010ab41000 CR4: 00000000001506f0
[ 593.739688][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 593.747664][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 593.755637][ C0] Call Trace:
[ 593.758916][ C0]
[ 593.761766][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 593.767570][ C0] __run_hrtimer+0x163/0x460
[ 593.772155][ C0] ? __pv_queued_spin_lock_slowpath+0x42e/0x5c0
[ 593.778397][ C0] hrtimer_interrupt+0x380/0xaf0
[ 593.783688][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 593.789593][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 593.795280][ C0]
[ 593.798291][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 593.804276][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 593.810453][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 593.830064][ C0] RSP: 0018:ffffc90003bafa90 EFLAGS: 00000246
[ 593.836153][ C0] RAX: 54f61fcefe3fde00 RBX: ffffffff88f37100 RCX: 00000000000003ad
[ 593.844141][ C0] RDX: 0001ffff87666778 RSI: 0000000000000082 RDI: ffffffff88f40210
[ 593.852117][ C0] RBP: 0000000040000000 R08: 0000000000000000 R09: 0001ffff8766677f
[ 593.860108][ C0] R10: ffffffff88f37100 R11: 0000000000000200 R12: 000000000000003a
[ 593.868089][ C0] R13: ffff88802c24a330 R14: ffff8880394b902c R15: 0000000000000004
[ 593.876082][ C0] get_task_exe_file+0x44/0x120
[ 593.880939][ C0] proc_exe_link+0x44/0x100
[ 593.885449][ C0] proc_pid_get_link+0x50/0xb0
[ 593.890212][ C0] ? mem_lseek+0x70/0x70
[ 593.894449][ C0] step_into+0x974/0xec0
[ 593.898700][ C0] path_openat+0x105e/0x21b0
[ 593.903301][ C0] ? do_futex+0x1062/0x1cd0
[ 593.907832][ C0] ? default_send_IPI_single+0x42/0x50
[ 593.913298][ C0] do_filp_open+0xbd/0x1d0
[ 593.917731][ C0] ? alloc_fd+0x35d/0x3b0
[ 593.922090][ C0] do_sys_openat2+0xa3/0x250
[ 593.926687][ C0] __x64_sys_openat+0xef/0x110
[ 593.931450][ C0] do_syscall_64+0x39/0x80
[ 593.935872][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 593.941799][ C0] RIP: 0033:0x466459
[ 593.945703][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 593.965382][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 593.973802][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 593.981813][ C0] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff
[ 593.989811][ C0] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[ 593.997799][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
[ 594.005776][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 594.013760][ C0] ---[ end trace 6a9a87c08c22e0eb ]---
[ 594.019634][ C0] ------------[ cut here ]------------
[ 594.025088][ C0] WARNING: CPU: 0 PID: 28549 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 594.035983][ C0] Modules linked in:
[ 594.039879][ C0] CPU: 0 PID: 28549 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 594.050035][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 594.060113][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 594.066140][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 594.085768][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 594.091865][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88810e5b5000
[ 594.099842][ C0] RDX: 0000000080010001 RSI: 0000000000000019 RDI: 0000000000000001
[ 594.107833][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 594.115808][ C0] R10: 0001ffffffffffff R11: ffff88810e5b5000 R12: ffff88813bc1da58
[ 594.123781][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 594.131757][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 594.140885][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 594.147511][ C0] CR2: 00007f11102abd58 CR3: 000000010ab41000 CR4: 00000000001506f0
[ 594.155499][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 594.163661][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 594.171668][ C0] Call Trace:
[ 594.174957][ C0]
[ 594.177802][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 594.183625][ C0] __run_hrtimer+0x163/0x460
[ 594.188257][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 594.194077][ C0] hrtimer_interrupt+0x380/0xaf0
[ 594.199028][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 594.204946][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 594.210614][ C0]
[ 594.213632][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 594.219629][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 594.225795][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 594.245515][ C0] RSP: 0018:ffffc90003bafa90 EFLAGS: 00000246
[ 594.251589][ C0] RAX: 54f61fcefe3fde00 RBX: ffffffff88f37100 RCX: 00000000000003ad
[ 594.259564][ C0] RDX: 0001ffff87666778 RSI: 0000000000000082 RDI: ffffffff88f40210
[ 594.267537][ C0] RBP: 0000000040000000 R08: 0000000000000000 R09: 0001ffff8766677f
[ 594.275526][ C0] R10: ffffffff88f37100 R11: 0000000000000200 R12: 000000000000003a
[ 594.283502][ C0] R13: ffff88802c24a330 R14: ffff8880394b902c R15: 0000000000000004
[ 594.291485][ C0] get_task_exe_file+0x44/0x120
[ 594.296354][ C0] proc_exe_link+0x44/0x100
[ 594.300905][ C0] proc_pid_get_link+0x50/0xb0
[ 594.305681][ C0] ? mem_lseek+0x70/0x70
[ 594.309936][ C0] step_into+0x974/0xec0
[ 594.314208][ C0] path_openat+0x105e/0x21b0
[ 594.318799][ C0] ? do_futex+0x1062/0x1cd0
[ 594.323314][ C0] ? default_send_IPI_single+0x42/0x50
[ 594.328781][ C0] do_filp_open+0xbd/0x1d0
[ 594.333236][ C0] ? alloc_fd+0x35d/0x3b0
[ 594.337563][ C0] do_sys_openat2+0xa3/0x250
[ 594.342177][ C0] __x64_sys_openat+0xef/0x110
[ 594.346970][ C0] do_syscall_64+0x39/0x80
[ 594.351383][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 594.357315][ C0] RIP: 0033:0x466459
[ 594.361291][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 594.380903][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 594.389518][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 594.397499][ C0] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff
[ 594.405491][ C0] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[ 594.413473][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
[ 594.421471][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 594.429448][ C0] ---[ end trace 6a9a87c08c22e0ec ]---
[ 594.435282][ C0] ------------[ cut here ]------------
[ 594.440744][ C0] WARNING: CPU: 0 PID: 28549 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 594.452565][ C0] Modules linked in:
[ 594.456463][ C0] CPU: 0 PID: 28549 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 594.466615][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 594.476671][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 594.482671][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 594.502284][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 594.508355][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff88810e5b5000
[ 594.516324][ C0] RDX: 0000000080010001 RSI: 0000000000000018 RDI: 0000000000000001
[ 594.524314][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 594.532313][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 594.540808][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 594.548806][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 594.557747][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 594.564336][ C0] CR2: 00007f11102abd58 CR3: 000000010ab41000 CR4: 00000000001506f0
[ 594.572308][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 594.580281][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 594.588255][ C0] Call Trace:
[ 594.591550][ C0]
[ 594.594394][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 594.600233][ C0] __run_hrtimer+0x163/0x460
[ 594.604839][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 594.610665][ C0] hrtimer_interrupt+0x380/0xaf0
[ 594.615632][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 594.621555][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 594.627224][ C0]
[ 594.630953][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 594.637218][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 594.643379][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 594.663029][ C0] RSP: 0018:ffffc90003bafa90 EFLAGS: 00000246
[ 594.669100][ C0] RAX: 54f61fcefe3fde00 RBX: ffffffff88f37100 RCX: 00000000000003ad
[ 594.677097][ C0] RDX: 0001ffff87666778 RSI: 0000000000000082 RDI: ffffffff88f40210
[ 594.685070][ C0] RBP: 0000000040000000 R08: 0000000000000000 R09: 0001ffff8766677f
[ 594.693388][ C0] R10: ffffffff88f37100 R11: 0000000000000200 R12: 000000000000003a
[ 594.701374][ C0] R13: ffff88802c24a330 R14: ffff8880394b902c R15: 0000000000000004
[ 594.709359][ C0] get_task_exe_file+0x44/0x120
[ 594.714241][ C0] proc_exe_link+0x44/0x100
[ 594.718772][ C0] proc_pid_get_link+0x50/0xb0
[ 594.723559][ C0] ? mem_lseek+0x70/0x70
[ 594.727821][ C0] step_into+0x974/0xec0
[ 594.732064][ C0] path_openat+0x105e/0x21b0
[ 594.736742][ C0] ? do_futex+0x1062/0x1cd0
[ 594.741263][ C0] ? default_send_IPI_single+0x42/0x50
[ 594.746729][ C0] do_filp_open+0xbd/0x1d0
[ 594.751150][ C0] ? alloc_fd+0x35d/0x3b0
[ 594.755491][ C0] do_sys_openat2+0xa3/0x250
[ 594.760087][ C0] __x64_sys_openat+0xef/0x110
[ 594.765377][ C0] do_syscall_64+0x39/0x80
[ 594.769795][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 594.775700][ C0] RIP: 0033:0x466459
[ 594.779678][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 594.799303][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 594.808106][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 594.816094][ C0] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffffff
[ 594.824090][ C0] RBP: 00000000004bf9fb R08: 0000000000000000 R09: 0000000000000000
[ 594.832087][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
[ 594.840161][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 594.848142][ C0] ---[ end trace 6a9a87c08c22e0ed ]---
19:31:11 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0x9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:31:11 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x7000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:31:11 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:31:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x4, 0x2})
19:31:11 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0xc00})
[ 594.953925][ C0] ------------[ cut here ]------------
[ 594.959414][ C0] WARNING: CPU: 0 PID: 4828 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 594.970195][ C0] Modules linked in:
[ 594.974095][ C0] CPU: 0 PID: 4828 Comm: systemd-journal Tainted: G W 5.12.0-rc3-syzkaller #0
[ 594.984267][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 594.994418][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:31:11 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x0, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 595.000445][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 595.020266][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 595.026349][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000020 RCX: ffff888105dc0000
[ 595.034332][ C0] RDX: 0000000080010000 RSI: 0000000000000020 RDI: 0000000000000001
[ 595.042631][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 595.050619][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 595.058603][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 595.066606][ C0] FS: 00007fb45787b8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 595.075544][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 595.082131][ C0] CR2: 00007fb4550c0000 CR3: 0000000107ad0000 CR4: 00000000001506f0
[ 595.090121][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
19:31:11 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x8000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 595.098136][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 595.108114][ C0] Call Trace:
[ 595.111401][ C0]
[ 595.114243][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 595.120057][ C0] __run_hrtimer+0x163/0x460
[ 595.124662][ C0] hrtimer_interrupt+0x380/0xaf0
[ 595.129619][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 595.135578][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 595.141223][ C0]
[ 595.144160][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 595.150153][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 595.156542][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 595.176208][ C0] RSP: 0018:ffffc90000d8bd18 EFLAGS: 00000246
[ 595.182338][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011c90000d8bfc8
[ 595.190338][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 595.198450][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 595.206463][ C0] R10: ffffffff88f36f90 R11: 0000000000000200 R12: 000000000000000c
[ 595.214420][ C0] R13: 0000000000000069 R14: ffffc90000d8bfc8 R15: 0000000000000008
[ 595.222379][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 595.227938][ C0] __seccomp_filter+0x10b/0xe90
[ 595.232797][ C0] ? check_stack_object+0x61/0x70
[ 595.237899][ C0] ? __virt_addr_valid+0x15a/0x1a0
[ 595.243100][ C0] ? __check_object_size+0x253/0x310
[ 595.248368][ C0] ? filename_create+0x68/0x3c0
[ 595.254354][ C0] __secure_computing+0x12e/0x1c0
[ 595.259388][ C0] syscall_trace_enter+0x120/0x2b0
[ 595.264561][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 595.270312][ C0] syscall_enter_from_user_mode+0x1c/0x20
[ 595.276057][ C0] do_syscall_64+0x11/0x80
[ 595.280461][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 595.286373][ C0] RIP: 0033:0x7fb456e0a85d
[ 595.290776][ C0] Code: bb 20 00 00 75 10 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e f6 ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 67 f6 ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 595.310383][ C0] RSP: 002b:00007ffcc0dfa810 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 595.318947][ C0] RAX: ffffffffffffffda RBX: 00007ffcc0dfab20 RCX: 00007fb456e0a85d
[ 595.327000][ C0] RDX: 00000000000001a0 RSI: 0000000000080042 RDI: 00005577dcad9d20
[ 595.334970][ C0] RBP: 000000000000000d R08: 000000000000c0c1 R09: 00000000ffffffff
[ 595.342938][ C0] R10: 0000000000000069 R11: 0000000000000293 R12: 00000000ffffffff
19:31:12 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x600)
19:31:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x4, 0x3})
[ 595.350909][ C0] R13: 00005577dcad6040 R14: 00007ffcc0dfaae0 R15: 00005577dcae3dc0
[ 595.358875][ C0] ---[ end trace 6a9a87c08c22e0ee ]---
[ 595.364662][ C0] ------------[ cut here ]------------
[ 595.370134][ C0] WARNING: CPU: 0 PID: 4828 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 595.380930][ C0] Modules linked in:
[ 595.384818][ C0] CPU: 0 PID: 4828 Comm: systemd-journal Tainted: G W 5.12.0-rc3-syzkaller #0
[ 595.395075][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 595.405165][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 595.411174][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 595.431244][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 595.437338][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff888105dc0000
[ 595.445311][ C0] RDX: 0000000080010000 RSI: 0000000000000018 RDI: 0000000000000001
[ 595.453289][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 595.461277][ C0] R10: 0001ffffffffffff R11: ffff888105dc0000 R12: ffff88813bc1da58
[ 595.469944][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 595.477902][ C0] FS: 00007fb45787b8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 595.486831][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 595.493416][ C0] CR2: 00007fb4550c0000 CR3: 0000000107ad0000 CR4: 00000000001506f0
[ 595.501375][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 595.509328][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 595.520450][ C0] Call Trace:
[ 595.523731][ C0]
[ 595.526559][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 595.532348][ C0] __run_hrtimer+0x163/0x460
[ 595.536922][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 595.542745][ C0] hrtimer_interrupt+0x380/0xaf0
[ 595.547689][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 595.553586][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 595.559224][ C0]
[ 595.562135][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 595.568143][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 595.574294][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 595.593885][ C0] RSP: 0018:ffffc90000d8bd18 EFLAGS: 00000246
[ 595.599940][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011c90000d8bfc8
[ 595.607915][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 595.615888][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 595.623847][ C0] R10: ffffffff88f36f90 R11: 0000000000000200 R12: 000000000000000c
[ 595.631803][ C0] R13: 0000000000000069 R14: ffffc90000d8bfc8 R15: 0000000000000008
[ 595.639799][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 595.645352][ C0] __seccomp_filter+0x10b/0xe90
[ 595.650183][ C0] ? check_stack_object+0x61/0x70
[ 595.655197][ C0] ? __virt_addr_valid+0x15a/0x1a0
[ 595.660291][ C0] ? __check_object_size+0x253/0x310
[ 595.665558][ C0] ? filename_create+0x68/0x3c0
[ 595.670670][ C0] __secure_computing+0x12e/0x1c0
[ 595.675691][ C0] syscall_trace_enter+0x120/0x2b0
[ 595.680923][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 595.686793][ C0] syscall_enter_from_user_mode+0x1c/0x20
[ 595.692536][ C0] do_syscall_64+0x11/0x80
[ 595.696949][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 595.702854][ C0] RIP: 0033:0x7fb456e0a85d
[ 595.707253][ C0] Code: bb 20 00 00 75 10 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e f6 ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 67 f6 ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 595.726853][ C0] RSP: 002b:00007ffcc0dfa810 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 595.735282][ C0] RAX: ffffffffffffffda RBX: 00007ffcc0dfab20 RCX: 00007fb456e0a85d
[ 595.743232][ C0] RDX: 00000000000001a0 RSI: 0000000000080042 RDI: 00005577dcad9d20
[ 595.751184][ C0] RBP: 000000000000000d R08: 000000000000c0c1 R09: 00000000ffffffff
[ 595.759137][ C0] R10: 0000000000000069 R11: 0000000000000293 R12: 00000000ffffffff
[ 595.767090][ C0] R13: 00005577dcad6040 R14: 00007ffcc0dfaae0 R15: 00005577dcae3dc0
[ 595.775065][ C0] ---[ end trace 6a9a87c08c22e0ef ]---
[ 595.780852][ C0] ------------[ cut here ]------------
[ 595.786301][ C0] WARNING: CPU: 0 PID: 4828 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 595.797113][ C0] Modules linked in:
[ 595.800992][ C0] CPU: 0 PID: 4828 Comm: systemd-journal Tainted: G W 5.12.0-rc3-syzkaller #0
[ 595.811268][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 595.824191][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 595.830174][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 595.849980][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 595.856061][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff888105dc0000
[ 595.864155][ C0] RDX: 0000000080010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 595.872123][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 595.880110][ C0] R10: 0001ffffffffffff R11: 0000000000000266 R12: ffff88813bc1da58
[ 595.888068][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 595.896021][ C0] FS: 00007fb45787b8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 595.904933][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 595.911521][ C0] CR2: 00007fb4550c0000 CR3: 0000000107ad0000 CR4: 00000000001506f0
[ 595.919488][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 595.927447][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 595.935411][ C0] Call Trace:
[ 595.938689][ C0]
[ 595.941514][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 595.947313][ C0] __run_hrtimer+0x163/0x460
[ 595.952316][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 595.958135][ C0] hrtimer_interrupt+0x380/0xaf0
[ 595.963056][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 595.968933][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 595.974578][ C0]
[ 595.977687][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 595.983672][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 595.989955][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 596.009846][ C0] RSP: 0018:ffffc90000d8bd18 EFLAGS: 00000246
[ 596.015939][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011c90000d8bfc8
[ 596.023937][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 596.031915][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 596.039913][ C0] R10: ffffffff88f36f90 R11: 0000000000000200 R12: 000000000000000c
[ 596.048024][ C0] R13: 0000000000000069 R14: ffffc90000d8bfc8 R15: 0000000000000008
[ 596.055993][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 596.061553][ C0] __seccomp_filter+0x10b/0xe90
[ 596.066390][ C0] ? check_stack_object+0x61/0x70
[ 596.071395][ C0] ? __virt_addr_valid+0x15a/0x1a0
[ 596.076524][ C0] ? __check_object_size+0x253/0x310
[ 596.081813][ C0] ? filename_create+0x68/0x3c0
[ 596.086752][ C0] __secure_computing+0x12e/0x1c0
[ 596.091757][ C0] syscall_trace_enter+0x120/0x2b0
[ 596.096898][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 596.102629][ C0] syscall_enter_from_user_mode+0x1c/0x20
[ 596.108533][ C0] do_syscall_64+0x11/0x80
[ 596.112952][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 596.118860][ C0] RIP: 0033:0x7fb456e0a85d
[ 596.123397][ C0] Code: bb 20 00 00 75 10 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e f6 ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 67 f6 ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 596.143258][ C0] RSP: 002b:00007ffcc0dfa810 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 596.151707][ C0] RAX: ffffffffffffffda RBX: 00007ffcc0dfab20 RCX: 00007fb456e0a85d
[ 596.159705][ C0] RDX: 00000000000001a0 RSI: 0000000000080042 RDI: 00005577dcad9d20
[ 596.167926][ C0] RBP: 000000000000000d R08: 000000000000c0c1 R09: 00000000ffffffff
[ 596.175888][ C0] R10: 0000000000000069 R11: 0000000000000293 R12: 00000000ffffffff
[ 596.183879][ C0] R13: 00005577dcad6040 R14: 00007ffcc0dfaae0 R15: 00005577dcae3dc0
[ 596.191944][ C0] ---[ end trace 6a9a87c08c22e0f0 ]---
19:31:12 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x0, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:31:12 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0x9000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:31:13 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x0, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 596.297893][ C0] ------------[ cut here ]------------
[ 596.303492][ C0] WARNING: CPU: 0 PID: 28593 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 596.314482][ C0] Modules linked in:
[ 596.318387][ C0] CPU: 0 PID: 28593 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 596.328577][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 596.338641][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 596.344695][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 596.364417][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 596.370498][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff88802ba69000
[ 596.378476][ C0] RDX: 0000000080010000 RSI: 000000000000001f RDI: 0000000000000001
[ 596.386484][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 596.394654][ C0] R10: 0001ffffffffffff R11: ffffc90000003ff8 R12: ffff88813bc1da58
[ 596.402752][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 596.410759][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 596.419675][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 596.426360][ C0] CR2: 00000000005400f8 CR3: 000000010a9a5000 CR4: 00000000001506f0
[ 596.434333][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 596.442314][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 596.450283][ C0] Call Trace:
[ 596.453549][ C0]
[ 596.456383][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 596.462218][ C0] __run_hrtimer+0x163/0x460
[ 596.466825][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 596.473116][ C0] hrtimer_interrupt+0x380/0xaf0
[ 596.478073][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 596.483956][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 596.489735][ C0]
[ 596.492658][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 596.498653][ C0] RIP: 0010:__tsan_read8+0x111/0x180
[ 596.503939][ C0] Code: 75 79 65 8b 05 48 a5 aa 7e a9 00 01 ff 00 74 11 48 c7 c0 f8 70 02 00 65 48 03 05 82 4d aa 7e eb 0f 65 48 8b 04 25 00 6d 01 00 <48> 05 c0 0a 00 00 8b 48 04 85 c9 7e 16 65 8b 15 13 a5 aa 7e f7 c2
[ 596.523569][ C0] RSP: 0018:ffffc9000417bba0 EFLAGS: 00000246
[ 596.529619][ C0] RAX: ffff88802ba69000 RBX: 000000002744b007 RCX: 0001ffffffffffff
[ 596.537606][ C0] RDX: 0001888034accc48 RSI: 000000000003ffff RDI: ffff888034accc48
[ 596.545562][ C0] RBP: 000000002744b007 R08: 0000000000000000 R09: 0001888034accc4f
[ 596.553637][ C0] R10: 0001ffffffffffff R11: ffff88802ba69000 R12: ffff888034accbb8
[ 596.561631][ C0] R13: 0000000020000000 R14: ffffc9000417bc50 R15: 00000000000006b0
[ 596.570130][ C0] do_read_fault+0x2ca/0x530
[ 596.574710][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 596.580533][ C0] handle_mm_fault+0x1019/0x1840
[ 596.585483][ C0] __get_user_pages+0xa47/0x1000
[ 596.590405][ C0] __mm_populate+0x24d/0x380
[ 596.594978][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 596.599584][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 596.604260][ C0] ? switch_fpu_return+0xa/0x10
[ 596.609095][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 596.614799][ C0] do_syscall_64+0x39/0x80
[ 596.619376][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 596.625269][ C0] RIP: 0033:0x466459
[ 596.629170][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 596.648761][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 596.657177][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 596.665133][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 596.673177][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 596.681150][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 596.689132][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 596.697095][ C0] ---[ end trace 6a9a87c08c22e0f1 ]---
[ 596.703020][ C0] ------------[ cut here ]------------
[ 596.708472][ C0] WARNING: CPU: 0 PID: 28593 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 596.719340][ C0] Modules linked in:
[ 596.724017][ C0] CPU: 0 PID: 28593 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 596.734166][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 596.744246][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 596.750252][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 596.769869][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 596.775954][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff88802ba69000
[ 596.784278][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 596.792251][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 596.800325][ C0] R10: 0001ffffffffffff R11: ffff88802ba69000 R12: ffff88813bc1da58
[ 596.808456][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 596.816459][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 596.825397][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 596.831969][ C0] CR2: 00000000005400f8 CR3: 000000010a9a5000 CR4: 00000000001506f0
[ 596.839969][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 596.847936][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 596.855942][ C0] Call Trace:
[ 596.859206][ C0]
[ 596.862053][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 596.867876][ C0] __run_hrtimer+0x163/0x460
[ 596.872453][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 596.878409][ C0] hrtimer_interrupt+0x380/0xaf0
[ 596.883340][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 596.889226][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 596.894849][ C0]
[ 596.897813][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 596.903849][ C0] RIP: 0010:__tsan_read8+0x111/0x180
[ 596.909182][ C0] Code: 75 79 65 8b 05 48 a5 aa 7e a9 00 01 ff 00 74 11 48 c7 c0 f8 70 02 00 65 48 03 05 82 4d aa 7e eb 0f 65 48 8b 04 25 00 6d 01 00 <48> 05 c0 0a 00 00 8b 48 04 85 c9 7e 16 65 8b 15 13 a5 aa 7e f7 c2
[ 596.928872][ C0] RSP: 0018:ffffc9000417bba0 EFLAGS: 00000246
[ 596.935035][ C0] RAX: ffff88802ba69000 RBX: 000000002744b007 RCX: 0001ffffffffffff
[ 596.943123][ C0] RDX: 0001888034accc48 RSI: 000000000003ffff RDI: ffff888034accc48
[ 596.951102][ C0] RBP: 000000002744b007 R08: 0000000000000000 R09: 0001888034accc4f
[ 596.959076][ C0] R10: 0001ffffffffffff R11: ffff88802ba69000 R12: ffff888034accbb8
[ 596.967058][ C0] R13: 0000000020000000 R14: ffffc9000417bc50 R15: 00000000000006b0
[ 596.975120][ C0] do_read_fault+0x2ca/0x530
[ 596.979706][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 596.985505][ C0] handle_mm_fault+0x1019/0x1840
[ 596.990434][ C0] __get_user_pages+0xa47/0x1000
[ 596.995362][ C0] __mm_populate+0x24d/0x380
[ 596.999944][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 597.004539][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 597.009354][ C0] ? switch_fpu_return+0xa/0x10
[ 597.014254][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 597.020068][ C0] do_syscall_64+0x39/0x80
[ 597.024526][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 597.030537][ C0] RIP: 0033:0x466459
[ 597.034426][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 597.054440][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 597.062980][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 597.070939][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 597.078988][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 597.086968][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 597.094986][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 597.102950][ C0] ---[ end trace 6a9a87c08c22e0f2 ]---
[ 597.108729][ C0] ------------[ cut here ]------------
[ 597.114204][ C0] WARNING: CPU: 0 PID: 28593 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 597.125086][ C0] Modules linked in:
[ 597.128978][ C0] CPU: 0 PID: 28593 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 597.139158][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 597.149216][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 597.155192][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 597.175031][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 597.181087][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff88802ba69000
[ 597.189050][ C0] RDX: 0000000000010000 RSI: 0000000000000018 RDI: 0000000000000001
[ 597.197029][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 597.205008][ C0] R10: 0001ffffffffffff R11: 00000000000003eb R12: ffff88813bc1da58
[ 597.212979][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 597.220964][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 597.229910][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 597.236488][ C0] CR2: 00000000005400f8 CR3: 000000010a9a5000 CR4: 00000000001506f0
[ 597.244628][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 597.252592][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 597.260574][ C0] Call Trace:
[ 597.263848][ C0]
[ 597.266705][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 597.272673][ C0] __run_hrtimer+0x163/0x460
[ 597.277268][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 597.283062][ C0] hrtimer_interrupt+0x380/0xaf0
[ 597.287997][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 597.293921][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 597.299566][ C0]
[ 597.302479][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 597.308446][ C0] RIP: 0010:__tsan_read8+0x111/0x180
[ 597.313758][ C0] Code: 75 79 65 8b 05 48 a5 aa 7e a9 00 01 ff 00 74 11 48 c7 c0 f8 70 02 00 65 48 03 05 82 4d aa 7e eb 0f 65 48 8b 04 25 00 6d 01 00 <48> 05 c0 0a 00 00 8b 48 04 85 c9 7e 16 65 8b 15 13 a5 aa 7e f7 c2
[ 597.333387][ C0] RSP: 0018:ffffc9000417bba0 EFLAGS: 00000246
[ 597.339637][ C0] RAX: ffff88802ba69000 RBX: 000000002744b007 RCX: 0001ffffffffffff
[ 597.347596][ C0] RDX: 0001888034accc48 RSI: 000000000003ffff RDI: ffff888034accc48
[ 597.355583][ C0] RBP: 000000002744b007 R08: 0000000000000000 R09: 0001888034accc4f
[ 597.363644][ C0] R10: 0001ffffffffffff R11: ffff88802ba69000 R12: ffff888034accbb8
[ 597.371650][ C0] R13: 0000000020000000 R14: ffffc9000417bc50 R15: 00000000000006b0
[ 597.379830][ C0] do_read_fault+0x2ca/0x530
[ 597.384420][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 597.390221][ C0] handle_mm_fault+0x1019/0x1840
[ 597.395201][ C0] __get_user_pages+0xa47/0x1000
[ 597.400134][ C0] __mm_populate+0x24d/0x380
[ 597.404731][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 597.409335][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 597.413996][ C0] ? switch_fpu_return+0xa/0x10
[ 597.418848][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 597.424563][ C0] do_syscall_64+0x39/0x80
[ 597.428980][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 597.434877][ C0] RIP: 0033:0x466459
[ 597.438771][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 597.458369][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 597.466813][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 597.474780][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 597.482760][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 597.490838][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 597.498798][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 597.506770][ C0] ---[ end trace 6a9a87c08c22e0f3 ]---
[ 597.612650][ C0] ------------[ cut here ]------------
[ 597.618143][ C0] WARNING: CPU: 0 PID: 28608 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 597.629261][ C0] Modules linked in:
[ 597.633147][ C0] CPU: 0 PID: 28608 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 597.643803][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 597.653852][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 597.659844][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 597.679826][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 597.685939][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001e RCX: ffff888034b7c000
[ 597.693900][ C0] RDX: 0000000000010000 RSI: 000000000000001e RDI: 0000000000000001
[ 597.701858][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 597.709934][ C0] R10: 0001ffffffffffff R11: 0000000000000214 R12: ffff88813bc1da58
[ 597.717909][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 597.725866][ C0] FS: 00007f09d10c5700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 597.734801][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 597.741380][ C0] CR2: 00000000005400f8 CR3: 000000010a9a5000 CR4: 00000000001506f0
[ 597.749449][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 597.757428][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 597.765447][ C0] Call Trace:
[ 597.768743][ C0]
[ 597.771587][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 597.777405][ C0] __run_hrtimer+0x163/0x460
[ 597.781993][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 597.788134][ C0] hrtimer_interrupt+0x380/0xaf0
[ 597.793064][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 597.799072][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 597.804860][ C0]
[ 597.807870][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 597.814145][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[ 597.820320][ C0] Code: 8b 3d 2c 41 75 06 48 89 de e8 9c dd 26 00 5b c3 66 2e 0f 1f 84 00 00 00 00 00 e9 9b ae 10 00 cc cc cc cc cc cc cc cc cc cc cc <48> 8b 04 24 65 48 8b 0c 25 00 6d 01 00 65 8b 15 f4 3b bb 7e f7 c2
[ 597.839940][ C0] RSP: 0018:ffffc90004193998 EFLAGS: 00000246
[ 597.845993][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000400
[ 597.853961][ C0] RDX: ffff888034b7c000 RSI: 0000000000000000 RDI: 0000000000000002
[ 597.861946][ C0] RBP: ffffea00015b68c0 R08: ffffffff82a88546 R09: 0001c90004193a2f
[ 597.869928][ C0] R10: 0001ffffffffffff R11: ffff888034b7c000 R12: ffffc90004193a39
[ 597.877889][ C0] R13: ffffc90004193a38 R14: ffffc90004193a32 R15: ffff888017b4f6c0
[ 597.885856][ C0] ? xas_find+0x286/0x3d0
[ 597.890206][ C0] xas_find+0x3c2/0x3d0
[ 597.894385][ C0] find_lock_entries+0x90/0x7a0
[ 597.899257][ C0] shmem_undo_range+0x105/0x1220
[ 597.904235][ C0] ? _raw_spin_unlock+0x22/0x40
[ 597.909102][ C0] shmem_evict_inode+0x115/0x550
[ 597.914053][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 597.919783][ C0] ? bit_waitqueue+0x30/0x30
[ 597.925171][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 597.930724][ C0] evict+0x1aa/0x410
[ 597.934619][ C0] iput+0x3fd/0x520
[ 597.938411][ C0] dentry_unlink_inode+0x210/0x220
[ 597.943534][ C0] __dentry_kill+0x293/0x450
[ 597.948120][ C0] dput+0x218/0x430
[ 597.951914][ C0] __fput+0x3b3/0x4f0
[ 597.955896][ C0] ____fput+0x11/0x20
[ 597.959881][ C0] task_work_run+0x8e/0x110
[ 597.964365][ C0] exit_to_user_mode_prepare+0x17c/0x1b0
[ 597.969987][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 597.975457][ C0] do_syscall_64+0x45/0x80
[ 597.979887][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 597.985809][ C0] RIP: 0033:0x466459
[ 597.989729][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 598.009529][ C0] RSP: 002b:00007f09d10c5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 598.017944][ C0] RAX: 0000000020000000 RBX: 000000000056c0b0 RCX: 0000000000466459
[ 598.026023][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 598.034066][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 598.042133][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056c0b0
[ 598.050119][ C0] R13: 00007fff87968f8f R14: 00007f09d10c5300 R15: 0000000000022000
[ 598.058086][ C0] ---[ end trace 6a9a87c08c22e0f4 ]---
[ 598.063948][ C0] ------------[ cut here ]------------
[ 598.069432][ C0] WARNING: CPU: 0 PID: 28608 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 598.080323][ C0] Modules linked in:
[ 598.084275][ C0] CPU: 0 PID: 28608 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 598.094546][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 598.104588][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 598.110617][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 598.130314][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 598.136401][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff888034b7c000
[ 598.144986][ C0] RDX: 0000000000010000 RSI: 000000000000001b RDI: 0000000000000001
[ 598.152991][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 598.160957][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 598.168919][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 598.177469][ C0] FS: 00007f09d10c5700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 598.186619][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 598.193206][ C0] CR2: 00000000005400f8 CR3: 000000010a9a5000 CR4: 00000000001506f0
[ 598.201175][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 598.209145][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 598.217133][ C0] Call Trace:
[ 598.220407][ C0]
[ 598.223237][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 598.229033][ C0] __run_hrtimer+0x163/0x460
[ 598.233613][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 598.239411][ C0] hrtimer_interrupt+0x380/0xaf0
[ 598.244639][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 598.250572][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 598.256201][ C0]
[ 598.259118][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 598.265090][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[ 598.271161][ C0] Code: 8b 3d 2c 41 75 06 48 89 de e8 9c dd 26 00 5b c3 66 2e 0f 1f 84 00 00 00 00 00 e9 9b ae 10 00 cc cc cc cc cc cc cc cc cc cc cc <48> 8b 04 24 65 48 8b 0c 25 00 6d 01 00 65 8b 15 f4 3b bb 7e f7 c2
[ 598.290766][ C0] RSP: 0018:ffffc90004193998 EFLAGS: 00000246
[ 598.296824][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000400
[ 598.304938][ C0] RDX: ffff888034b7c000 RSI: 0000000000000000 RDI: 0000000000000002
[ 598.312922][ C0] RBP: ffffea00015b68c0 R08: ffffffff82a88546 R09: 0001c90004193a2f
[ 598.320886][ C0] R10: 0001ffffffffffff R11: ffff888034b7c000 R12: ffffc90004193a39
[ 598.328854][ C0] R13: ffffc90004193a38 R14: ffffc90004193a32 R15: ffff888017b4f6c0
[ 598.336818][ C0] ? xas_find+0x286/0x3d0
[ 598.341156][ C0] xas_find+0x3c2/0x3d0
[ 598.345300][ C0] find_lock_entries+0x90/0x7a0
[ 598.350154][ C0] shmem_undo_range+0x105/0x1220
[ 598.355200][ C0] ? _raw_spin_unlock+0x22/0x40
[ 598.360069][ C0] shmem_evict_inode+0x115/0x550
[ 598.364998][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 598.370729][ C0] ? bit_waitqueue+0x30/0x30
[ 598.375333][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 598.380884][ C0] evict+0x1aa/0x410
[ 598.384816][ C0] iput+0x3fd/0x520
[ 598.388633][ C0] dentry_unlink_inode+0x210/0x220
[ 598.393735][ C0] __dentry_kill+0x293/0x450
[ 598.398338][ C0] dput+0x218/0x430
[ 598.402135][ C0] __fput+0x3b3/0x4f0
[ 598.406136][ C0] ____fput+0x11/0x20
[ 598.410235][ C0] task_work_run+0x8e/0x110
[ 598.414745][ C0] exit_to_user_mode_prepare+0x17c/0x1b0
[ 598.420483][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 598.425931][ C0] do_syscall_64+0x45/0x80
[ 598.430370][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 598.436284][ C0] RIP: 0033:0x466459
[ 598.440167][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 598.459877][ C0] RSP: 002b:00007f09d10c5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 598.468295][ C0] RAX: 0000000020000000 RBX: 000000000056c0b0 RCX: 0000000000466459
[ 598.476253][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 598.484221][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 598.492183][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056c0b0
[ 598.500159][ C0] R13: 00007fff87968f8f R14: 00007f09d10c5300 R15: 0000000000022000
[ 598.508126][ C0] ---[ end trace 6a9a87c08c22e0f5 ]---
[ 598.514192][ C0] ------------[ cut here ]------------
[ 598.519726][ C0] WARNING: CPU: 0 PID: 28608 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 598.530607][ C0] Modules linked in:
[ 598.534509][ C0] CPU: 0 PID: 28608 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 598.547361][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 598.557449][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 598.563429][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 598.583019][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 598.589084][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff888034b7c000
[ 598.597043][ C0] RDX: 0000000000010000 RSI: 000000000000001b RDI: 0000000000000001
[ 598.605017][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 598.612994][ C0] R10: 0001ffffffffffff R11: 0000000000000126 R12: ffff88813bc1da58
[ 598.620967][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 598.628925][ C0] FS: 00007f09d10c5700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 598.637864][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 598.644465][ C0] CR2: 00000000005400f8 CR3: 000000010a9a5000 CR4: 00000000001506f0
[ 598.652438][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 598.660400][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 598.668361][ C0] Call Trace:
[ 598.671658][ C0]
[ 598.674513][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 598.680335][ C0] __run_hrtimer+0x163/0x460
[ 598.684923][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 598.690720][ C0] hrtimer_interrupt+0x380/0xaf0
[ 598.695654][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 598.701544][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 598.707188][ C0]
[ 598.710106][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 598.716089][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[ 598.722157][ C0] Code: 8b 3d 2c 41 75 06 48 89 de e8 9c dd 26 00 5b c3 66 2e 0f 1f 84 00 00 00 00 00 e9 9b ae 10 00 cc cc cc cc cc cc cc cc cc cc cc <48> 8b 04 24 65 48 8b 0c 25 00 6d 01 00 65 8b 15 f4 3b bb 7e f7 c2
[ 598.741765][ C0] RSP: 0018:ffffc90004193998 EFLAGS: 00000246
[ 598.747820][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000400
[ 598.755796][ C0] RDX: ffff888034b7c000 RSI: 0000000000000000 RDI: 0000000000000002
[ 598.763757][ C0] RBP: ffffea00015b68c0 R08: ffffffff82a88546 R09: 0001c90004193a2f
[ 598.771728][ C0] R10: 0001ffffffffffff R11: ffff888034b7c000 R12: ffffc90004193a39
[ 598.779707][ C0] R13: ffffc90004193a38 R14: ffffc90004193a32 R15: ffff888017b4f6c0
[ 598.787685][ C0] ? xas_find+0x286/0x3d0
[ 598.792005][ C0] xas_find+0x3c2/0x3d0
[ 598.796150][ C0] find_lock_entries+0x90/0x7a0
[ 598.800987][ C0] shmem_undo_range+0x105/0x1220
[ 598.805966][ C0] ? _raw_spin_unlock+0x22/0x40
[ 598.810828][ C0] shmem_evict_inode+0x115/0x550
[ 598.815776][ C0] ? inode_wait_for_writeback+0x108/0x130
[ 598.821492][ C0] ? bit_waitqueue+0x30/0x30
[ 598.826089][ C0] ? shmem_free_in_core_inode+0x80/0x80
[ 598.831807][ C0] evict+0x1aa/0x410
[ 598.835744][ C0] iput+0x3fd/0x520
[ 598.839558][ C0] dentry_unlink_inode+0x210/0x220
[ 598.844654][ C0] __dentry_kill+0x293/0x450
[ 598.849291][ C0] dput+0x218/0x430
[ 598.853088][ C0] __fput+0x3b3/0x4f0
[ 598.857068][ C0] ____fput+0x11/0x20
[ 598.861058][ C0] task_work_run+0x8e/0x110
[ 598.865568][ C0] exit_to_user_mode_prepare+0x17c/0x1b0
[ 598.871199][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 598.876647][ C0] do_syscall_64+0x45/0x80
[ 598.881134][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 598.887078][ C0] RIP: 0033:0x466459
[ 598.890956][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 598.910669][ C0] RSP: 002b:00007f09d10c5188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 598.919087][ C0] RAX: 0000000020000000 RBX: 000000000056c0b0 RCX: 0000000000466459
[ 598.927049][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 598.935009][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 598.942969][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056c0b0
[ 598.950922][ C0] R13: 00007fff87968f8f R14: 00007f09d10c5300 R15: 0000000000022000
[ 598.958899][ C0] ---[ end trace 6a9a87c08c22e0f6 ]---
19:31:15 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x0, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:31:15 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xa000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:31:15 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0xa, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
19:31:15 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0xd00})
19:31:15 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x700)
19:31:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x4, 0x4})
19:31:15 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xb000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 599.064677][ C0] ------------[ cut here ]------------
[ 599.070179][ C0] WARNING: CPU: 0 PID: 4838 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 599.080979][ C0] Modules linked in:
[ 599.084873][ C0] CPU: 0 PID: 4838 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 599.094890][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 599.104964][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:31:15 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0x0, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:31:15 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xc000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 599.111010][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 599.130636][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 599.136813][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000021 RCX: ffff888105e21000
[ 599.144795][ C0] RDX: 0000000080010000 RSI: 0000000000000021 RDI: 0000000000000001
[ 599.152790][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 599.160784][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 599.168762][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 599.176751][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 599.185690][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 599.192368][ C0] CR2: 0000559944ff15a8 CR3: 0000000107aec000 CR4: 00000000001506f0
[ 599.200363][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 599.208359][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 599.216344][ C0] Call Trace:
[ 599.219628][ C0]
[ 599.222487][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 599.228335][ C0] __run_hrtimer+0x163/0x460
[ 599.232949][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 599.239114][ C0] hrtimer_interrupt+0x380/0xaf0
[ 599.244076][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 599.250012][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 599.255665][ C0]
[ 599.258641][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 599.264631][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 599.270830][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 599.290445][ C0] RSP: 0018:ffffc90000dc3830 EFLAGS: 00000246
[ 599.296522][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000388810aebfc19
[ 599.304496][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 599.312480][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 599.320472][ C0] R10: ffffffff88f37130 R11: 0000000000000200 R12: 0000000000000040
[ 599.328479][ C0] R13: ffffffff868e29fa R14: ffff88810aebfc19 R15: 0000000000000001
[ 599.336482][ C0] tomoyo_domain_quota_is_ok+0xa9/0x2f0
[ 599.342058][ C0] tomoyo_supervisor+0x1f4/0xb40
[ 599.347021][ C0] ? tomoyo_execute_permission+0x190/0x190
[ 599.352850][ C0] tomoyo_check_open_permission+0x1b0/0x370
[ 599.358771][ C0] tomoyo_file_open+0xd3/0xf0
19:31:16 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0xb, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 599.363461][ C0] security_file_open+0x3f/0x90
[ 599.369015][ C0] do_dentry_open+0x22d/0x890
[ 599.373751][ C0] vfs_open+0x43/0x50
[ 599.377748][ C0] path_openat+0x1982/0x21b0
[ 599.382443][ C0] ? filename_lookup+0x2b6/0x380
[ 599.387399][ C0] ? kmem_cache_free+0x59/0x100
[ 599.392250][ C0] do_filp_open+0xbd/0x1d0
[ 599.396708][ C0] ? _raw_spin_unlock+0x22/0x40
[ 599.401595][ C0] ? alloc_fd+0x35d/0x3b0
[ 599.405935][ C0] do_sys_openat2+0xa3/0x250
[ 599.410562][ C0] __x64_sys_open+0xe2/0x110
[ 599.415226][ C0] do_syscall_64+0x39/0x80
[ 599.419626][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 599.425527][ C0] RIP: 0033:0x7f6cba8c49b1
[ 599.430032][ C0] Code: f7 d8 bf ff ff ff ff 64 89 02 eb cb 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 80 3f 00 74 1b be 00 08 09 00 b8 02 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 1f 89 c7 e9 00 ff ff ff 48 8b 05 b1 54 2e 00
[ 599.449912][ C0] RSP: 002b:00007fff78b3adc8 EFLAGS: 00000202 ORIG_RAX: 0000000000000002
[ 599.458361][ C0] RAX: ffffffffffffffda RBX: 0000559944fc8bb0 RCX: 00007f6cba8c49b1
[ 599.466444][ C0] RDX: 00000000000000ff RSI: 0000000000090800 RDI: 0000559944fbc7d0
[ 599.474419][ C0] RBP: 00007f6cbba7a710 R08: 0000559944fc1c40 R09: 0000000000001010
[ 599.482410][ C0] R10: 0000000000000020 R11: 0000000000000202 R12: 0000000000000000
[ 599.490404][ C0] R13: 0000559944fbc7d0 R14: 00000000000000ff R15: 0000559944fbc7d0
[ 599.498404][ C0] ---[ end trace 6a9a87c08c22e0f7 ]---
[ 599.504331][ C0] ------------[ cut here ]------------
19:31:16 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0xe00})
19:31:16 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x4, 0x5})
[ 599.509860][ C0] WARNING: CPU: 0 PID: 4838 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 599.520633][ C0] Modules linked in:
[ 599.524538][ C0] CPU: 0 PID: 4838 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 599.534603][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 599.544702][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 599.550697][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 599.570303][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 599.576417][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff888105e21000
[ 599.584407][ C0] RDX: 0000000000010000 RSI: 000000000000001b RDI: 0000000000000001
[ 599.592369][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 599.600522][ C0] R10: 0001ffffffffffff R11: 000000000000024f R12: ffff88813bc1da58
[ 599.608479][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 599.616549][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 599.625495][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 599.632201][ C0] CR2: 0000559944ff15a8 CR3: 0000000107aec000 CR4: 00000000001506f0
[ 599.640184][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 599.648245][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 599.656207][ C0] Call Trace:
[ 599.659472][ C0]
[ 599.662311][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 599.668107][ C0] __run_hrtimer+0x163/0x460
[ 599.672896][ C0] hrtimer_interrupt+0x380/0xaf0
[ 599.677869][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 599.683760][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 599.689408][ C0]
[ 599.692344][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 599.698337][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 599.704479][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 599.724281][ C0] RSP: 0018:ffffc90000dc3830 EFLAGS: 00000246
[ 599.730436][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000388810aebfc19
[ 599.738396][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 599.746377][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 599.754331][ C0] R10: ffffffff88f37130 R11: 0000000000000200 R12: 0000000000000040
[ 599.762460][ C0] R13: ffffffff868e29fa R14: ffff88810aebfc19 R15: 0000000000000001
[ 599.770427][ C0] tomoyo_domain_quota_is_ok+0xa9/0x2f0
[ 599.775978][ C0] tomoyo_supervisor+0x1f4/0xb40
[ 599.780935][ C0] ? tomoyo_execute_permission+0x190/0x190
[ 599.786743][ C0] tomoyo_check_open_permission+0x1b0/0x370
[ 599.792646][ C0] tomoyo_file_open+0xd3/0xf0
[ 599.797343][ C0] security_file_open+0x3f/0x90
[ 599.802389][ C0] do_dentry_open+0x22d/0x890
[ 599.807075][ C0] vfs_open+0x43/0x50
[ 599.811042][ C0] path_openat+0x1982/0x21b0
[ 599.815610][ C0] ? filename_lookup+0x2b6/0x380
[ 599.820528][ C0] ? kmem_cache_free+0x59/0x100
[ 599.825366][ C0] do_filp_open+0xbd/0x1d0
[ 599.829796][ C0] ? _raw_spin_unlock+0x22/0x40
[ 599.834669][ C0] ? alloc_fd+0x35d/0x3b0
[ 599.838984][ C0] do_sys_openat2+0xa3/0x250
[ 599.843574][ C0] __x64_sys_open+0xe2/0x110
[ 599.848149][ C0] do_syscall_64+0x39/0x80
[ 599.852550][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 599.858428][ C0] RIP: 0033:0x7f6cba8c49b1
[ 599.862940][ C0] Code: f7 d8 bf ff ff ff ff 64 89 02 eb cb 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 80 3f 00 74 1b be 00 08 09 00 b8 02 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 1f 89 c7 e9 00 ff ff ff 48 8b 05 b1 54 2e 00
[ 599.882560][ C0] RSP: 002b:00007fff78b3adc8 EFLAGS: 00000202 ORIG_RAX: 0000000000000002
[ 599.890962][ C0] RAX: ffffffffffffffda RBX: 0000559944fc8bb0 RCX: 00007f6cba8c49b1
[ 599.898971][ C0] RDX: 00000000000000ff RSI: 0000000000090800 RDI: 0000559944fbc7d0
[ 599.906935][ C0] RBP: 00007f6cbba7a710 R08: 0000559944fc1c40 R09: 0000000000001010
[ 599.915129][ C0] R10: 0000000000000020 R11: 0000000000000202 R12: 0000000000000000
[ 599.925711][ C0] R13: 0000559944fbc7d0 R14: 00000000000000ff R15: 0000559944fbc7d0
[ 599.933681][ C0] ---[ end trace 6a9a87c08c22e0f8 ]---
[ 599.939469][ C0] ------------[ cut here ]------------
[ 599.944964][ C0] WARNING: CPU: 0 PID: 4838 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 599.955762][ C0] Modules linked in:
[ 599.959654][ C0] CPU: 0 PID: 4838 Comm: systemd-udevd Tainted: G W 5.12.0-rc3-syzkaller #0
[ 599.969611][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 599.979701][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 599.985703][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 600.005303][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 600.011356][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001a RCX: ffff888105e21000
[ 600.019311][ C0] RDX: 0000000000010000 RSI: 000000000000001a RDI: 0000000000000001
[ 600.027269][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 600.035241][ C0] R10: 0001ffffffffffff R11: 0000000000000261 R12: ffff88813bc1da58
[ 600.043209][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 600.051168][ C0] FS: 00007f6cbba7a8c0(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 600.060095][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 600.066687][ C0] CR2: 0000559944ff15a8 CR3: 0000000107aec000 CR4: 00000000001506f0
[ 600.074671][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 600.082665][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 600.090654][ C0] Call Trace:
[ 600.093918][ C0]
[ 600.096778][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 600.102596][ C0] __run_hrtimer+0x163/0x460
[ 600.107172][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 600.113263][ C0] hrtimer_interrupt+0x380/0xaf0
[ 600.118193][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 600.124114][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 600.129734][ C0]
[ 600.132655][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 600.140475][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 600.146624][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 600.166234][ C0] RSP: 0018:ffffc90000dc3830 EFLAGS: 00000246
[ 600.172313][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000388810aebfc19
[ 600.180288][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 600.188268][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 600.196323][ C0] R10: ffffffff88f37130 R11: 0000000000000200 R12: 0000000000000040
[ 600.204293][ C0] R13: ffffffff868e29fa R14: ffff88810aebfc19 R15: 0000000000000001
[ 600.212270][ C0] tomoyo_domain_quota_is_ok+0xa9/0x2f0
[ 600.217808][ C0] tomoyo_supervisor+0x1f4/0xb40
[ 600.222742][ C0] ? tomoyo_execute_permission+0x190/0x190
[ 600.228542][ C0] tomoyo_check_open_permission+0x1b0/0x370
[ 600.234433][ C0] tomoyo_file_open+0xd3/0xf0
[ 600.239278][ C0] security_file_open+0x3f/0x90
[ 600.244129][ C0] do_dentry_open+0x22d/0x890
[ 600.248808][ C0] vfs_open+0x43/0x50
[ 600.252787][ C0] path_openat+0x1982/0x21b0
[ 600.257358][ C0] ? filename_lookup+0x2b6/0x380
[ 600.262283][ C0] ? kmem_cache_free+0x59/0x100
[ 600.267111][ C0] do_filp_open+0xbd/0x1d0
[ 600.271675][ C0] ? _raw_spin_unlock+0x22/0x40
[ 600.276523][ C0] ? alloc_fd+0x35d/0x3b0
[ 600.280848][ C0] do_sys_openat2+0xa3/0x250
[ 600.285755][ C0] __x64_sys_open+0xe2/0x110
[ 600.290337][ C0] do_syscall_64+0x39/0x80
[ 600.294751][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 600.300630][ C0] RIP: 0033:0x7f6cba8c49b1
[ 600.305035][ C0] Code: f7 d8 bf ff ff ff ff 64 89 02 eb cb 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 80 3f 00 74 1b be 00 08 09 00 b8 02 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 1f 89 c7 e9 00 ff ff ff 48 8b 05 b1 54 2e 00
[ 600.325193][ C0] RSP: 002b:00007fff78b3adc8 EFLAGS: 00000202 ORIG_RAX: 0000000000000002
[ 600.333589][ C0] RAX: ffffffffffffffda RBX: 0000559944fc8bb0 RCX: 00007f6cba8c49b1
[ 600.341553][ C0] RDX: 00000000000000ff RSI: 0000000000090800 RDI: 0000559944fbc7d0
[ 600.349507][ C0] RBP: 00007f6cbba7a710 R08: 0000559944fc1c40 R09: 0000000000001010
[ 600.358598][ C0] R10: 0000000000000020 R11: 0000000000000202 R12: 0000000000000000
[ 600.366553][ C0] R13: 0000559944fbc7d0 R14: 00000000000000ff R15: 0000559944fbc7d0
[ 600.374513][ C0] ---[ end trace 6a9a87c08c22e0f9 ]---
[ 600.480952][ C0] ------------[ cut here ]------------
[ 600.486453][ C0] WARNING: CPU: 0 PID: 28635 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 600.497435][ C0] Modules linked in:
[ 600.501349][ C0] CPU: 0 PID: 28635 Comm: syz-executor.1 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 600.511520][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 600.521604][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 600.527679][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 600.547316][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 600.553402][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000020 RCX: ffff888021f8b000
[ 600.561376][ C0] RDX: 0000000080010001 RSI: 0000000000000020 RDI: 0000000000000001
[ 600.569351][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 600.577345][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 600.585335][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 600.593354][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 600.602314][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 600.608900][ C0] CR2: 000000000052f650 CR3: 0000000007629000 CR4: 00000000001506f0
[ 600.616915][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 600.625163][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 600.633141][ C0] Call Trace:
[ 600.636425][ C0]
[ 600.639267][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 600.645091][ C0] __run_hrtimer+0x163/0x460
[ 600.649699][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 600.655946][ C0] hrtimer_interrupt+0x380/0xaf0
[ 600.661257][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 600.667187][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 600.672855][ C0]
[ 600.675781][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
19:31:17 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0xc, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 600.681767][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 600.688034][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 600.707658][ C0] RSP: 0018:ffffc900051077f8 EFLAGS: 00000246
[ 600.713740][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011ea000077f998
[ 600.721709][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 600.729678][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 600.737703][ C0] R10: ffffffff88f37130 R11: 0000000000000200 R12: 0000000000000040
[ 600.745695][ C0] R13: ffffea000077f901 R14: ffffea000077f998 R15: 0000000000000008
[ 600.753680][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 600.759364][ C0] zap_pte_range+0x415/0x13f0
[ 600.764063][ C0] ? __list_add_valid+0x28/0x90
[ 600.769590][ C0] unmap_page_range+0x540/0x650
[ 600.774455][ C0] unmap_single_vma+0x157/0x210
[ 600.779310][ C0] unmap_vmas+0xc0/0x170
[ 600.783564][ C0] exit_mmap+0x1be/0x400
[ 600.787814][ C0] __mmput+0xa2/0x220
[ 600.791824][ C0] mmput+0x3d/0x50
[ 600.795564][ C0] exit_mm+0x344/0x430
[ 600.799631][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 600.805444][ C0] ? taskstats_exit+0x334/0x730
[ 600.810398][ C0] ? acct_collect+0x3a4/0x400
[ 600.815194][ C0] do_exit+0x3ff/0x1670
[ 600.819360][ C0] ? do_futex+0x1080/0x1cd0
[ 600.823865][ C0] do_group_exit+0xce/0x180
[ 600.828374][ C0] get_signal+0xdce/0x14e0
[ 600.832806][ C0] ? errseq_sample+0x2b/0x40
[ 600.837400][ C0] ? alloc_file+0x253/0x280
[ 600.841900][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 600.847467][ C0] ? __se_sys_futex+0x2a8/0x390
[ 600.852440][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 600.858080][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 600.863564][ C0] do_syscall_64+0x45/0x80
[ 600.867997][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 600.873921][ C0] RIP: 0033:0x466459
[ 600.877813][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 600.884738][ C0] RSP: 002b:00007f12a42a5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 600.893160][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 600.901136][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 600.909107][ C0] RBP: 000000000056bf60 R08: 000000000000000e R09: 0000000000000000
[ 600.917086][ C0] R10: 0000000000000003 R11: 0000000000000246 R12: 000000000056bf6c
[ 600.925233][ C0] R13: 00007ffc7bb4651f R14: 00007f12a42a5300 R15: 0000000000022000
19:31:17 executing program 3:
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x900)
19:31:17 executing program 2:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x4, 0x4, 0x6, 0x1100})
[ 600.933227][ C0] ---[ end trace 6a9a87c08c22e0fa ]---
[ 600.938990][ C0] ------------[ cut here ]------------
[ 600.944543][ C0] WARNING: CPU: 0 PID: 28635 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 600.955413][ C0] Modules linked in:
[ 600.959348][ C0] CPU: 0 PID: 28635 Comm: syz-executor.1 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 600.969497][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 600.979574][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 600.985570][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 601.005218][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 601.011319][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001c RCX: ffff888021f8b000
[ 601.019296][ C0] RDX: 0000000080010001 RSI: 000000000000001c RDI: 0000000000000001
[ 601.027269][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 601.035246][ C0] R10: 0001ffffffffffff R11: ffff888021f8b000 R12: ffff88813bc1da58
[ 601.043461][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 601.051453][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 601.060412][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 601.067022][ C0] CR2: 000000000052f650 CR3: 0000000007629000 CR4: 00000000001506f0
[ 601.075017][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
19:31:17 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x380000d, 0x12, r1, 0x0)
preadv(r0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_UPDATE_BATCH(0xd, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040), 0x2, r2}, 0x38)
[ 601.083184][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 601.091157][ C0] Call Trace:
[ 601.094461][ C0]
[ 601.097305][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 601.103119][ C0] __run_hrtimer+0x163/0x460
[ 601.107708][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 601.113516][ C0] hrtimer_interrupt+0x380/0xaf0
[ 601.118457][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 601.124367][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 601.130013][ C0]
19:31:17 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0x0, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 601.132945][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 601.138964][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 601.145130][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 601.164826][ C0] RSP: 0018:ffffc900051077f8 EFLAGS: 00000246
[ 601.171049][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011ea000077f998
[ 601.179040][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 601.187017][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 601.194992][ C0] R10: ffffffff88f37130 R11: 0000000000000200 R12: 0000000000000040
[ 601.202975][ C0] R13: ffffea000077f901 R14: ffffea000077f998 R15: 0000000000000008
[ 601.210958][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 601.216638][ C0] zap_pte_range+0x415/0x13f0
[ 601.221351][ C0] ? __list_add_valid+0x28/0x90
[ 601.226214][ C0] unmap_page_range+0x540/0x650
[ 601.231051][ C0] unmap_single_vma+0x157/0x210
[ 601.236154][ C0] unmap_vmas+0xc0/0x170
[ 601.240410][ C0] exit_mmap+0x1be/0x400
[ 601.244653][ C0] __mmput+0xa2/0x220
[ 601.248745][ C0] mmput+0x3d/0x50
[ 601.252473][ C0] exit_mm+0x344/0x430
[ 601.256612][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 601.262403][ C0] ? taskstats_exit+0x334/0x730
[ 601.267427][ C0] ? acct_collect+0x3a4/0x400
[ 601.272123][ C0] do_exit+0x3ff/0x1670
[ 601.276289][ C0] ? do_futex+0x1080/0x1cd0
[ 601.280777][ C0] do_group_exit+0xce/0x180
[ 601.285330][ C0] get_signal+0xdce/0x14e0
[ 601.289769][ C0] ? errseq_sample+0x2b/0x40
[ 601.294363][ C0] ? alloc_file+0x253/0x280
[ 601.298846][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 601.304381][ C0] ? __se_sys_futex+0x2a8/0x390
[ 601.309241][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 601.314856][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 601.320322][ C0] do_syscall_64+0x45/0x80
[ 601.324745][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 601.330665][ C0] RIP: 0033:0x466459
[ 601.334835][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 601.341676][ C0] RSP: 002b:00007f12a42a5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 601.350074][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 601.358058][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 601.366015][ C0] RBP: 000000000056bf60 R08: 000000000000000e R09: 0000000000000000
[ 601.373989][ C0] R10: 0000000000000003 R11: 0000000000000246 R12: 000000000056bf6c
[ 601.381981][ C0] R13: 00007ffc7bb4651f R14: 00007f12a42a5300 R15: 0000000000022000
[ 601.389954][ C0] ---[ end trace 6a9a87c08c22e0fb ]---
[ 601.395717][ C0] ------------[ cut here ]------------
[ 601.401216][ C0] WARNING: CPU: 0 PID: 28635 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 601.412109][ C0] Modules linked in:
[ 601.416005][ C0] CPU: 0 PID: 28635 Comm: syz-executor.1 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 601.426171][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 601.436225][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 601.442222][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 601.461814][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 601.467866][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001b RCX: ffff888021f8b000
[ 601.475878][ C0] RDX: 0000000080010001 RSI: 000000000000001b RDI: 0000000000000001
[ 601.483861][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 601.491819][ C0] R10: 0001ffffffffffff R11: ffff888021f8b000 R12: ffff88813bc1da58
[ 601.499814][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 601.507864][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 601.516800][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 601.523375][ C0] CR2: 000000000052f650 CR3: 0000000007629000 CR4: 00000000001506f0
[ 601.531345][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 601.539345][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 601.547325][ C0] Call Trace:
[ 601.550598][ C0]
[ 601.553525][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 601.559315][ C0] __run_hrtimer+0x163/0x460
[ 601.564149][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 601.569975][ C0] hrtimer_interrupt+0x380/0xaf0
[ 601.574932][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 601.580875][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 601.586498][ C0]
[ 601.589422][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 601.595413][ C0] RIP: 0010:kcsan_setup_watchpoint+0x436/0x470
[ 601.601554][ C0] Code: 89 da 4c 8b 5c 24 08 49 c7 02 00 00 00 00 f0 48 ff 0d 3e 7f 9c 07 4d 85 db 74 0a 80 3d 14 7d 9c 07 00 75 01 fb 4c 89 6c 24 38 <0f> 1f 44 00 00 48 83 c4 40 5b 41 5c 41 5d 41 5e 41 5f 5d c3 89 d0
[ 601.621322][ C0] RSP: 0018:ffffc900051077f8 EFLAGS: 00000246
[ 601.627552][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0011ea000077f998
[ 601.635517][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 601.643476][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 601.651478][ C0] R10: ffffffff88f37130 R11: 0000000000000200 R12: 0000000000000040
[ 601.659473][ C0] R13: ffffea000077f901 R14: ffffea000077f998 R15: 0000000000000008
[ 601.667460][ C0] ? kcsan_setup_watchpoint+0x26e/0x470
[ 601.673359][ C0] zap_pte_range+0x415/0x13f0
[ 601.678057][ C0] ? __list_add_valid+0x28/0x90
[ 601.682923][ C0] unmap_page_range+0x540/0x650
[ 601.687772][ C0] unmap_single_vma+0x157/0x210
[ 601.692619][ C0] unmap_vmas+0xc0/0x170
[ 601.696844][ C0] exit_mmap+0x1be/0x400
[ 601.701066][ C0] __mmput+0xa2/0x220
[ 601.705040][ C0] mmput+0x3d/0x50
[ 601.708747][ C0] exit_mm+0x344/0x430
[ 601.712803][ C0] ? _raw_spin_unlock_irqrestore+0x27/0x50
[ 601.718611][ C0] ? taskstats_exit+0x334/0x730
[ 601.723463][ C0] ? acct_collect+0x3a4/0x400
[ 601.728160][ C0] do_exit+0x3ff/0x1670
[ 601.732340][ C0] ? do_futex+0x1080/0x1cd0
[ 601.736827][ C0] do_group_exit+0xce/0x180
[ 601.741355][ C0] get_signal+0xdce/0x14e0
[ 601.745784][ C0] ? errseq_sample+0x2b/0x40
[ 601.750358][ C0] ? alloc_file+0x253/0x280
[ 601.755007][ C0] arch_do_signal_or_restart+0x2a/0x270
[ 601.760566][ C0] ? __se_sys_futex+0x2a8/0x390
[ 601.765415][ C0] exit_to_user_mode_prepare+0x11a/0x1b0
[ 601.771058][ C0] syscall_exit_to_user_mode+0x20/0x40
[ 601.776527][ C0] do_syscall_64+0x45/0x80
[ 601.781202][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 601.787111][ C0] RIP: 0033:0x466459
[ 601.790993][ C0] Code: Unable to access opcode bytes at RIP 0x46642f.
[ 601.797889][ C0] RSP: 002b:00007f12a42a5218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 601.806510][ C0] RAX: 0000000000000001 RBX: 000000000056bf68 RCX: 0000000000466459
[ 601.814574][ C0] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 000000000056bf6c
[ 601.822646][ C0] RBP: 000000000056bf60 R08: 000000000000000e R09: 0000000000000000
19:31:18 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xd000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 601.831410][ C0] R10: 0000000000000003 R11: 0000000000000246 R12: 000000000056bf6c
[ 601.839384][ C0] R13: 00007ffc7bb4651f R14: 00007f12a42a5300 R15: 0000000000022000
[ 601.847360][ C0] ---[ end trace 6a9a87c08c22e0fc ]---
19:31:18 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0x0, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
19:31:18 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xe000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
19:31:18 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x0, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 601.953207][ C0] ------------[ cut here ]------------
[ 601.958809][ C0] WARNING: CPU: 0 PID: 28655 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 601.969797][ C0] Modules linked in:
[ 601.973792][ C0] CPU: 0 PID: 28655 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 601.983958][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 601.994023][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
19:31:18 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x0, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 602.000022][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 602.019728][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 602.025804][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000022 RCX: ffff8880289d2000
[ 602.033796][ C0] RDX: 0000000080010000 RSI: 0000000000000022 RDI: 0000000000000001
[ 602.041775][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
19:31:18 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x0, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000003200)={r2, &(0x7f0000003280), &(0x7f0000002200)=""/214}, 0x20)
[ 602.049840][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 602.057835][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 602.065873][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 602.074837][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 602.081529][ C0] CR2: 00000000005400f8 CR3: 000000010ccd2000 CR4: 00000000001506f0
[ 602.089506][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 602.097487][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 602.105504][ C0] Call Trace:
[ 602.108794][ C0]
[ 602.111643][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 602.117461][ C0] __run_hrtimer+0x163/0x460
[ 602.122060][ C0] hrtimer_interrupt+0x380/0xaf0
[ 602.126998][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 602.133019][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 602.138839][ C0]
[ 602.141767][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 602.147761][ C0] RIP: 0010:__tsan_read8+0x108/0x180
[ 602.153085][ C0] Code: 0c c5 38 6f f3 88 48 85 c9 75 79 65 8b 05 48 a5 aa 7e a9 00 01 ff 00 74 11 48 c7 c0 f8 70 02 00 65 48 03 05 82 4d aa 7e eb 0f <65> 48 8b 04 25 00 6d 01 00 48 05 c0 0a 00 00 8b 48 04 85 c9 7e 16
[ 602.172864][ C0] RSP: 0018:ffffc90005107b18 EFLAGS: 00000246
[ 602.178980][ C0] RAX: 0000000080000000 RBX: ffffc90005107b64 RCX: 0001ffffffffffff
[ 602.186972][ C0] RDX: 000188803470a820 RSI: 000000000003ffff RDI: ffff88803470a820
[ 602.194929][ C0] RBP: ffff88810cd3e598 R08: 0000000000000000 R09: 000188803470a827
[ 602.202915][ C0] R10: 0001ffffffffffff R11: ffff8880289d2000 R12: ffff88810cd3e340
[ 602.210915][ C0] R13: 0000000000100cca R14: ffff88803470a7d0 R15: ffffc90005107c50
[ 602.218950][ C0] shmem_fault+0xad/0x450
[ 602.223330][ C0] do_read_fault+0x2e1/0x530
[ 602.227924][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 602.233715][ C0] handle_mm_fault+0x1019/0x1840
[ 602.238640][ C0] __get_user_pages+0xa47/0x1000
[ 602.243570][ C0] __mm_populate+0x24d/0x380
[ 602.248164][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 602.252768][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 602.257446][ C0] ? switch_fpu_return+0xa/0x10
[ 602.262400][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 602.268118][ C0] do_syscall_64+0x39/0x80
[ 602.272526][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 602.278496][ C0] RIP: 0033:0x466459
[ 602.282418][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 602.303865][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 602.312308][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 602.320289][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 602.328284][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 602.336342][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 602.344304][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 602.352279][ C0] ---[ end trace 6a9a87c08c22e0fd ]---
[ 602.360731][ C0] ------------[ cut here ]------------
[ 602.366211][ C0] WARNING: CPU: 0 PID: 28655 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 602.377167][ C0] Modules linked in:
[ 602.381240][ C0] CPU: 0 PID: 28655 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 602.391399][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
19:31:19 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064ce, &(0x7f0000000040)={0x4, 0x6})
19:31:19 executing program 0:
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f00000001c0), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
open(0x0, 0x141042, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000240)="c403292116deb8010000000f01c1480fc71ec4a1d1ec3500000000470f00d2440f785b5a660fc734c3c74424004e000000c744240257760000ff1c24b97e0300000f3266440f3a42e3c0", 0x4a}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0x8001d, 0xcc, 0x3, 0x0, 0x1}, 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
19:31:19 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newlink={0x38, 0x10, 0x705, 0xf000000, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8, 0x1, 'sit\x00'}, {0x4}}}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x38}}, 0x0)
[ 602.401477][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 602.407491][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 602.427110][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 602.433187][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000018 RCX: ffff8880289d2000
[ 602.441261][ C0] RDX: 0000000000010000 RSI: 0000000000000018 RDI: 0000000000000001
[ 602.449261][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 602.457262][ C0] R10: 0001ffffffffffff R11: 00000000fffffffe R12: ffff88813bc1da58
[ 602.465351][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 602.474852][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 602.483803][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 602.490390][ C0] CR2: 00000000005400f8 CR3: 000000010ccd2000 CR4: 00000000001506f0
[ 602.498376][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 602.506354][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 602.514335][ C0] Call Trace:
[ 602.517633][ C0]
[ 602.520475][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 602.526314][ C0] __run_hrtimer+0x163/0x460
[ 602.530911][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 602.536726][ C0] hrtimer_interrupt+0x380/0xaf0
[ 602.541691][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 602.547616][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 602.553280][ C0]
[ 602.556231][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 602.562202][ C0] RIP: 0010:__tsan_read8+0x108/0x180
[ 602.567477][ C0] Code: 0c c5 38 6f f3 88 48 85 c9 75 79 65 8b 05 48 a5 aa 7e a9 00 01 ff 00 74 11 48 c7 c0 f8 70 02 00 65 48 03 05 82 4d aa 7e eb 0f <65> 48 8b 04 25 00 6d 01 00 48 05 c0 0a 00 00 8b 48 04 85 c9 7e 16
[ 602.587841][ C0] RSP: 0018:ffffc90005107b18 EFLAGS: 00000246
[ 602.593898][ C0] RAX: 0000000080000000 RBX: ffffc90005107b64 RCX: 0001ffffffffffff
[ 602.601857][ C0] RDX: 000188803470a820 RSI: 000000000003ffff RDI: ffff88803470a820
[ 602.609818][ C0] RBP: ffff88810cd3e598 R08: 0000000000000000 R09: 000188803470a827
[ 602.617805][ C0] R10: 0001ffffffffffff R11: ffff8880289d2000 R12: ffff88810cd3e340
[ 602.625807][ C0] R13: 0000000000100cca R14: ffff88803470a7d0 R15: ffffc90005107c50
[ 602.633807][ C0] shmem_fault+0xad/0x450
[ 602.638130][ C0] do_read_fault+0x2e1/0x530
[ 602.642746][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 602.648565][ C0] handle_mm_fault+0x1019/0x1840
[ 602.653600][ C0] __get_user_pages+0xa47/0x1000
[ 602.658543][ C0] __mm_populate+0x24d/0x380
[ 602.663126][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 602.667723][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 602.672433][ C0] ? switch_fpu_return+0xa/0x10
[ 602.677291][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 602.683097][ C0] do_syscall_64+0x39/0x80
[ 602.687505][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 602.693407][ C0] RIP: 0033:0x466459
[ 602.697316][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 602.716912][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 602.725347][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 602.733314][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 602.741447][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 602.749409][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 602.757366][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 602.765416][ C0] ---[ end trace 6a9a87c08c22e0fe ]---
[ 602.771238][ C0] ------------[ cut here ]------------
[ 602.776728][ C0] WARNING: CPU: 0 PID: 28655 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 602.787899][ C0] Modules linked in:
[ 602.791940][ C0] CPU: 0 PID: 28655 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 602.802405][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 602.812601][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 602.818583][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 602.838416][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 602.844483][ C0] RAX: ffffffff82eb37d9 RBX: 0000000000000019 RCX: ffff8880289d2000
[ 602.852467][ C0] RDX: 0000000000010000 RSI: 0000000000000019 RDI: 0000000000000001
[ 602.860684][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 602.868759][ C0] R10: 0001ffffffffffff R11: 000000000000008e R12: ffff88813bc1da58
[ 602.876734][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 602.884703][ C0] FS: 00007f09d1107700(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 602.893632][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 602.900207][ C0] CR2: 00000000005400f8 CR3: 000000010ccd2000 CR4: 00000000001506f0
[ 602.908268][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 602.916332][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 602.924310][ C0] Call Trace:
[ 602.927737][ C0]
[ 602.930617][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 602.936439][ C0] __run_hrtimer+0x163/0x460
[ 602.941036][ C0] ? clockevents_program_event+0x19c/0x1e0
[ 602.946835][ C0] hrtimer_interrupt+0x380/0xaf0
[ 602.951785][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 602.957713][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 602.963342][ C0]
[ 602.966270][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 602.972531][ C0] RIP: 0010:__tsan_read8+0x108/0x180
[ 602.977812][ C0] Code: 0c c5 38 6f f3 88 48 85 c9 75 79 65 8b 05 48 a5 aa 7e a9 00 01 ff 00 74 11 48 c7 c0 f8 70 02 00 65 48 03 05 82 4d aa 7e eb 0f <65> 48 8b 04 25 00 6d 01 00 48 05 c0 0a 00 00 8b 48 04 85 c9 7e 16
[ 602.999241][ C0] RSP: 0018:ffffc90005107b18 EFLAGS: 00000246
[ 603.006625][ C0] RAX: 0000000080000000 RBX: ffffc90005107b64 RCX: 0001ffffffffffff
[ 603.015091][ C0] RDX: 000188803470a820 RSI: 000000000003ffff RDI: ffff88803470a820
[ 603.024052][ C0] RBP: ffff88810cd3e598 R08: 0000000000000000 R09: 000188803470a827
[ 603.032034][ C0] R10: 0001ffffffffffff R11: ffff8880289d2000 R12: ffff88810cd3e340
[ 603.040292][ C0] R13: 0000000000100cca R14: ffff88803470a7d0 R15: ffffc90005107c50
[ 603.048480][ C0] shmem_fault+0xad/0x450
[ 603.052825][ C0] do_read_fault+0x2e1/0x530
[ 603.057459][ C0] ? lock_page_maybe_drop_mmap+0x290/0x290
[ 603.063382][ C0] handle_mm_fault+0x1019/0x1840
[ 603.068326][ C0] __get_user_pages+0xa47/0x1000
[ 603.073417][ C0] __mm_populate+0x24d/0x380
[ 603.078097][ C0] vm_mmap_pgoff+0x14c/0x1d0
[ 603.082689][ C0] ksys_mmap_pgoff+0xe1/0x380
[ 603.087369][ C0] ? switch_fpu_return+0xa/0x10
[ 603.092231][ C0] ? exit_to_user_mode_prepare+0x71/0x1b0
[ 603.097947][ C0] do_syscall_64+0x39/0x80
[ 603.102362][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 603.108267][ C0] RIP: 0033:0x466459
[ 603.112250][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 603.132017][ C0] RSP: 002b:00007f09d1107188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 603.140715][ C0] RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000466459
[ 603.148785][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[ 603.157264][ C0] RBP: 00000000004bf9fb R08: ffffffffffffffff R09: 0000000000000000
[ 603.165252][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 000000000056bf60
[ 603.173236][ C0] R13: 00007fff87968f8f R14: 00007f09d1107300 R15: 0000000000022000
[ 603.181207][ C0] ---[ end trace 6a9a87c08c22e0ff ]---
[ 603.287106][ C0] ------------[ cut here ]------------
[ 603.292671][ C0] WARNING: CPU: 0 PID: 28681 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x209/0x210
[ 603.303709][ C0] Modules linked in:
[ 603.307599][ C0] CPU: 0 PID: 28681 Comm: syz-executor.5 Tainted: G W 5.12.0-rc3-syzkaller #0
[ 603.317741][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 603.327847][ C0] RIP: 0010:vkms_vblank_simulate+0x209/0x210
[ 603.334240][ C0] Code: 00 00 00 48 c7 c6 50 55 92 86 31 c0 e8 20 43 f7 ff b8 01 00 00 00 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 27 f9 5a fe <0f> 0b e9 5d fe ff ff 55 41 57 41 56 41 55 41 54 53 48 83 ec 28 48
[ 603.354278][ C0] RSP: 0018:ffffc90000003e18 EFLAGS: 00010046
[ 603.360346][ C0] RAX: ffffffff82eb37d9 RBX: 000000000000001f RCX: ffff88810fa71000
[ 603.368322][ C0] RDX: 0000000080010001 RSI: 000000000000001f RDI: 0000000000000001
[ 603.376293][ C0] RBP: ffff88813bc1da40 R08: ffffffff82eb362e R09: 0001888141e614bf
[ 603.384255][ C0] R10: 0001ffffffffffff R11: 000000000000005b R12: ffff88813bc1da58
[ 603.392216][ C0] R13: ffff88813bc1da40 R14: ffff888141e60628 R15: 0000000000fe4c00
[ 603.400384][ C0] FS: 0000000000000000(0000) GS:ffff88813bc00000(0000) knlGS:0000000000000000
[ 603.409424][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 603.416370][ C0] CR2: 00007f858a903d58 CR3: 0000000007629000 CR4: 00000000001506f0
[ 603.424510][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 603.432740][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 603.440720][ C0] Call Trace:
[ 603.443998][ C0]
[ 603.446822][ C0] ? vkms_get_vblank_timestamp+0x100/0x100
[ 603.452654][ C0] __run_hrtimer+0x163/0x460
[ 603.457227][ C0] ? __pv_queued_spin_lock_slowpath+0xd8/0x5c0
[ 603.463388][ C0] hrtimer_interrupt+0x380/0xaf0
[ 603.468334][ C0] __sysvec_apic_timer_interrupt+0x6f/0x200
[ 603.474268][ C0] sysvec_apic_timer_interrupt+0x69/0x80
[ 603.479963][ C0]