program:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x49, 0x1, 0x0, 0x0, 0x0, 0x1, 0x116038, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x80000000, 0x5}, 0x1, 0x4c841, 0x410, 0x2, 0x400, 0x400002, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xeffffffdffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000008, 0x13, r0, 0x0) (fail_nth: 14)
[ 84.987227][ T5320] FAULT_INJECTION: forcing a failure.
[ 84.987227][ T5320] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 85.002495][ T5320] CPU: 0 UID: 0 PID: 5320 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.002520][ T5320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 85.002527][ T5320] Call Trace:
[ 85.002532][ T5320]
[ 85.002538][ T5320] dump_stack_lvl+0xe8/0x150
[ 85.002644][ T5320] should_fail_ex+0x412/0x560
[ 85.002691][ T5320] prepare_alloc_pages+0x22a/0x650
[ 85.002711][ T5320] __alloc_frozen_pages_noprof+0x12f/0x380
[ 85.002729][ T5320] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 85.002746][ T5320] ? __pfx_policy_nodemask+0x10/0x10
[ 85.002762][ T5320] ? walk_system_ram_range+0x2e4/0x300
[ 85.002777][ T5320] ? __pfx_pagerange_is_ram_callback+0x10/0x10
[ 85.002795][ T5320] alloc_pages_mpol+0x235/0x490
[ 85.002813][ T5320] alloc_pages_noprof+0xac/0x2a0
[ 85.002829][ T5320] pte_alloc_one+0x22/0x370
[ 85.002845][ T5320] __pte_alloc+0x25/0x1a0
[ 85.002859][ T5320] ? pfnmap_setup_cachemode+0xb1/0xf0
[ 85.002874][ T5320] do_remap_pfn_range+0xbe6/0x1250
[ 85.002904][ T5320] ? __lock_acquire+0x6b5/0x2cf0
[ 85.002917][ T5320] ? __pfx_do_remap_pfn_range+0x10/0x10
[ 85.002933][ T5320] ? __vma_start_exclude_readers+0x62f/0x940
[ 85.002949][ T5320] ? perf_event_update_userpage+0x33/0x6a0
[ 85.002969][ T5320] ? __pfx___vma_start_exclude_readers+0x10/0x10
[ 85.002982][ T5320] ? perf_mmap_rb+0xaf4/0xd30
[ 85.002996][ T5320] ? remap_pfn_range+0x148/0x1b0
[ 85.003010][ T5320] ? perf_mmap+0x2aa/0x490
[ 85.003023][ T5320] ? perf_mmap_to_page+0x181/0x1e0
[ 85.003035][ T5320] map_range+0x199/0x230
[ 85.003055][ T5320] perf_mmap+0x3ff/0x490
[ 85.003069][ T5320] mmap_region+0x19a3/0x22a0
[ 85.003097][ T5320] ? __pfx_mmap_region+0x10/0x10
[ 85.003117][ T5320] ? __lock_acquire+0x6b5/0x2cf0
[ 85.003129][ T5320] ? unwind_next_frame+0xa6/0x2550
[ 85.003147][ T5320] ? unwind_next_frame+0xa6/0x2550
[ 85.003159][ T5320] ? rcu_is_watching+0x15/0xb0
[ 85.003171][ T5320] ? __kasan_check_byte+0x12/0x40
[ 85.003190][ T5320] ? __bfs+0x153/0x290
[ 85.003200][ T5320] ? __pfx_hlock_conflict+0x10/0x10
[ 85.003261][ T5320] ? cap_mmap_addr+0xaf/0x100
[ 85.003278][ T5320] ? bpf_lsm_mmap_addr+0x9/0x50
[ 85.003322][ T5320] ? shmem_mapping+0xd/0x50
[ 85.003336][ T5320] ? memfd_check_seals_mmap+0xc5/0x200
[ 85.003350][ T5320] do_mmap+0xc39/0x10c0
[ 85.003369][ T5320] ? __pfx_do_mmap+0x10/0x10
[ 85.003378][ T5320] ? down_write_killable+0x180/0x240
[ 85.003429][ T5320] ? __pfx_down_write_killable+0x10/0x10
[ 85.003443][ T5320] ? apparmor_mmap_file+0x2da/0x3e0
[ 85.003463][ T5320] vm_mmap_pgoff+0x2c9/0x4f0
[ 85.003485][ T5320] ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 85.003501][ T5320] ? __fget_files+0x2a/0x420
[ 85.003523][ T5320] ? __fget_files+0x3a0/0x420
[ 85.003533][ T5320] ? __fget_files+0x2a/0x420
[ 85.003548][ T5320] ksys_mmap_pgoff+0x51e/0x760
[ 85.003562][ T5320] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.003574][ T5320] do_syscall_64+0x15f/0xf80
[ 85.003588][ T5320] ? trace_irq_disable+0x3b/0x140
[ 85.003604][ T5320] ? clear_bhb_loop+0x40/0x90
[ 85.003618][ T5320] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.003629][ T5320] RIP: 0033:0x7f0001b9cdd9
[ 85.003641][ T5320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 85.003650][ T5320] RSP: 002b:00007f000296efe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 85.003663][ T5320] RAX: ffffffffffffffda RBX: 00007f0001e16090 RCX: 00007f0001b9cdd9
[ 85.003671][ T5320] RDX: 0000000001000008 RSI: 0000000000002000 RDI: 0000200000ffe000
[ 85.003678][ T5320] RBP: 00007f000296f050 R08: 0000000000000003 R09: 0000000000000000
[ 85.003684][ T5320] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000002
[ 85.003691][ T5320] R13: 00007f0001e16128 R14: 00007f0001e16090 R15: 00007ffe67baaeb8
[ 85.003709][ T5320]
[ 85.004536][ T5320]
[ 85.163615][ T5320] ============================================
[ 85.166159][ T5320] WARNING: possible recursive locking detected
[ 85.168973][ T5320] syzkaller #0 Not tainted
[ 85.170760][ T5320] --------------------------------------------
[ 85.173302][ T5320] syz.0.0/5320 is trying to acquire lock:
[ 85.175778][ T5320] ffff88801fce09c0 (&event->mmap_mutex){+.+.}-{4:4}, at: refcount_dec_and_mutex_lock+0x30/0xa0
[ 85.180135][ T5320]
[ 85.180135][ T5320] but task is already holding lock:
[ 85.183340][ T5320] ffff88801fce09c0 (&event->mmap_mutex){+.+.}-{4:4}, at: perf_mmap+0x1bb/0x490
[ 85.186909][ T5320]
[ 85.186909][ T5320] other info that might help us debug this:
[ 85.190105][ T5320] Possible unsafe locking scenario:
[ 85.190105][ T5320]
[ 85.193003][ T5320] CPU0
[ 85.194289][ T5320] ----
[ 85.195701][ T5320] lock(&event->mmap_mutex);
[ 85.197687][ T5320] lock(&event->mmap_mutex);
[ 85.199620][ T5320]
[ 85.199620][ T5320] *** DEADLOCK ***
[ 85.199620][ T5320]
[ 85.202921][ T5320] May be due to missing lock nesting notation
[ 85.202921][ T5320]
[ 85.205937][ T5320] 2 locks held by syz.0.0/5320:
[ 85.207684][ T5320] #0: ffff8880129958f8 (&mm->mmap_lock){++++}-{4:4}, at: vm_mmap_pgoff+0x234/0x4f0
[ 85.211272][ T5320] #1: ffff88801fce09c0 (&event->mmap_mutex){+.+.}-{4:4}, at: perf_mmap+0x1bb/0x490
[ 85.214931][ T5320]
[ 85.214931][ T5320] stack backtrace:
[ 85.217401][ T5320] CPU: 0 UID: 0 PID: 5320 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full)
[ 85.217415][ T5320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 85.217422][ T5320] Call Trace:
[ 85.217429][ T5320]
[ 85.217435][ T5320] dump_stack_lvl+0xe8/0x150
[ 85.217450][ T5320] print_deadlock_bug+0x279/0x290
[ 85.217465][ T5320] __lock_acquire+0x253f/0x2cf0
[ 85.217481][ T5320] ? refcount_dec_and_mutex_lock+0x30/0xa0
[ 85.217494][ T5320] lock_acquire+0x106/0x350
[ 85.217505][ T5320] ? refcount_dec_and_mutex_lock+0x30/0xa0
[ 85.217527][ T5320] __mutex_lock+0x1a3/0x1550
[ 85.217541][ T5320] ? refcount_dec_and_mutex_lock+0x30/0xa0
[ 85.217554][ T5320] ? ring_buffer_get+0xa1/0x420
[ 85.217569][ T5320] ? ring_buffer_get+0xa1/0x420
[ 85.217584][ T5320] ? refcount_dec_and_mutex_lock+0x30/0xa0
[ 85.217596][ T5320] ? __pfx___mutex_lock+0x10/0x10
[ 85.217609][ T5320] ? refcount_dec_not_one+0x11a/0x1a0
[ 85.217622][ T5320] ? __pfx_refcount_dec_not_one+0x10/0x10
[ 85.217634][ T5320] ? ring_buffer_get+0xa1/0x420
[ 85.217648][ T5320] ? __pfx_ring_buffer_get+0x10/0x10
[ 85.217663][ T5320] ? perf_mmap_close+0xc9/0xf90
[ 85.217677][ T5320] refcount_dec_and_mutex_lock+0x30/0xa0
[ 85.217690][ T5320] perf_mmap_close+0x953/0xf90
[ 85.217703][ T5320] ? perf_mmap_close+0xc9/0xf90
[ 85.217716][ T5320] ? remap_pfn_range+0x148/0x1b0
[ 85.217732][ T5320] ? __pfx_perf_mmap_close+0x10/0x10
[ 85.217745][ T5320] ? map_range+0x20a/0x230
[ 85.217759][ T5320] perf_mmap+0x41b/0x490
[ 85.217771][ T5320] mmap_region+0x19a3/0x22a0
[ 85.217791][ T5320] ? __pfx_mmap_region+0x10/0x10
[ 85.217807][ T5320] ? __lock_acquire+0x6b5/0x2cf0
[ 85.217817][ T5320] ? unwind_next_frame+0xa6/0x2550
[ 85.217831][ T5320] ? unwind_next_frame+0xa6/0x2550
[ 85.217843][ T5320] ? rcu_is_watching+0x15/0xb0
[ 85.217854][ T5320] ? __kasan_check_byte+0x12/0x40
[ 85.217870][ T5320] ? __bfs+0x153/0x290
[ 85.217880][ T5320] ? __pfx_hlock_conflict+0x10/0x10
[ 85.217907][ T5320] ? cap_mmap_addr+0xaf/0x100
[ 85.217923][ T5320] ? bpf_lsm_mmap_addr+0x9/0x50
[ 85.217937][ T5320] ? shmem_mapping+0xd/0x50
[ 85.217951][ T5320] ? memfd_check_seals_mmap+0xc5/0x200
[ 85.217963][ T5320] do_mmap+0xc39/0x10c0
[ 85.217975][ T5320] ? __pfx_do_mmap+0x10/0x10
[ 85.217984][ T5320] ? down_write_killable+0x180/0x240
[ 85.217999][ T5320] ? __pfx_down_write_killable+0x10/0x10
[ 85.218012][ T5320] ? apparmor_mmap_file+0x2da/0x3e0
[ 85.218028][ T5320] vm_mmap_pgoff+0x2c9/0x4f0
[ 85.218045][ T5320] ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 85.218060][ T5320] ? __fget_files+0x2a/0x420
[ 85.218072][ T5320] ? __fget_files+0x3a0/0x420
[ 85.218082][ T5320] ? __fget_files+0x2a/0x420
[ 85.218092][ T5320] ksys_mmap_pgoff+0x51e/0x760
[ 85.218103][ T5320] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.218115][ T5320] do_syscall_64+0x15f/0xf80
[ 85.218127][ T5320] ? trace_irq_disable+0x3b/0x140
[ 85.218143][ T5320] ? clear_bhb_loop+0x40/0x90
[ 85.218154][ T5320] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.218165][ T5320] RIP: 0033:0x7f0001b9cdd9
[ 85.218177][ T5320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 85.218186][ T5320] RSP: 002b:00007f000296efe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 85.218198][ T5320] RAX: ffffffffffffffda RBX: 00007f0001e16090 RCX: 00007f0001b9cdd9
[ 85.218206][ T5320] RDX: 0000000001000008 RSI: 0000000000002000 RDI: 0000200000ffe000
[ 85.218213][ T5320] RBP: 00007f000296f050 R08: 0000000000000003 R09: 0000000000000000
[ 85.218219][ T5320] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000002
[ 85.218226][ T5320] R13: 00007f0001e16128 R14: 00007f0001e16090 R15: 00007ffe67baaeb8
[ 85.218242][ T5320]
[ 85.381557][ T4649] Bluetooth: hci0: command tx timeout
[ 87.422218][ T4649] Bluetooth: hci0: command tx timeout
[ 89.502005][ T4649] Bluetooth: hci0: command tx timeout
[ 91.582501][ T9] cfg80211: failed to load regulatory.db