syzbot

WARNING: CPU: 1 PID: 3982 at arch/arm64/mm/physaddr.c:15 __virt_to_phys+0x114/0x15c arch/arm64/mm/physaddr.c:12
Modules linked in:
CPU: 1 PID: 3982 Comm: syz-executor.2 Not tainted 5.15.157-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
pstate: 60401005 (nZCv daif +PAN -UAO -TCO -DIT +SSBS BTYPE=--)
pc : __virt_to_phys+0x114/0x15c arch/arm64/mm/physaddr.c:12
lr : __virt_to_phys+0x114/0x15c arch/arm64/mm/physaddr.c:12
sp : ffff80001cc27810
x29: ffff80001cc27810 x28: 1ffff00002927a9d x27: dfff800000000000
x26: fffffbffeff5b1c0 x25: 1fffe000195f18cf x24: dfff800000000000
x23: ffff800016f42000 x22: ffff800016f42000 x21: 0000600000000000
x20: ffff800025158000 x19: 0000800025158000 x18: 1fffe0003690198e
x17: 1fffe0003690198e x16: ffff800011997d7c x15: ffff8000149dec20
x14: 1ffff0000292806a x13: dfff800000000000 x12: 0000000000000001
x11: 0000000000000000 x10: 0000000000000000 x9 : 20e93cb131d60b00
x8 : 20e93cb131d60b00 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000000 x3 : ffff80000a978bc0
x2 : ffff0001b480cd10 x1 : 0000000100000000 x0 : 000000000000004f
Call trace:
 __virt_to_phys+0x114/0x15c arch/arm64/mm/physaddr.c:12
 virt_to_head_page include/linux/mm.h:900 [inline]
 kfree+0xd4/0x410 mm/slub.c:4554
 put_ntfs+0x80/0x240 fs/ntfs3/super.c:444
 ntfs_put_super+0xbc/0x10c fs/ntfs3/super.c:486
 generic_shutdown_super+0x130/0x29c fs/super.c:475
 kill_block_super+0x70/0xdc fs/super.c:1414
 deactivate_locked_super+0xb8/0x13c fs/super.c:335
 deactivate_super+0x108/0x128 fs/super.c:366
 cleanup_mnt+0x3c0/0x474 fs/namespace.c:1143
 __cleanup_mnt+0x20/0x30 fs/namespace.c:1150
 task_work_run+0x130/0x1e4 kernel/task_work.c:164
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 do_notify_resume+0x262c/0x32b8 arch/arm64/kernel/signal.c:946
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
 el0_svc+0xfc/0x1f0 arch/arm64/kernel/entry-common.c:609
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
irq event stamp: 1182514
hardirqs last  enabled at (1182513): [<ffff800008269adc>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1338 [inline]
hardirqs last  enabled at (1182513): [<ffff800008269adc>] finish_lock_switch+0xbc/0x1e8 kernel/sched/core.c:4784
hardirqs last disabled at (1182514): [<ffff800011993408>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:396
softirqs last  enabled at (1182338): [<ffff8000080310b0>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:31
softirqs last disabled at (1182336): [<ffff80000803107c>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:18
---[ end trace 61a7ffefde74ecba ]---
page:00000000bb87da0a refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c5558
flags: 0x5ffe00000000000(node=0|zone=2|lastcpupid=0xfff)
raw: 05ffe00000000000 fffffc0006155608 fffffc0006155608 0000000000000000
raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
page dumped because: VM_BUG_ON_PAGE(!PageCompound(page))
------------[ cut here ]------------
kernel BUG at mm/slub.c:3532!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 3982 Comm: syz-executor.2 Tainted: G        W         5.15.157-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
pstate: 60401005 (nZCv daif +PAN -UAO -TCO -DIT +SSBS BTYPE=--)
pc : free_nonslab_page+0x1cc/0x1dc mm/slub.c:3532
lr : free_nonslab_page+0x1cc/0x1dc mm/slub.c:3532
sp : ffff80001cc27800
x29: ffff80001cc27810 x28: 1ffff00002927a9d x27: dfff800000000000
x26: fffffbffeff5b1c0 x25: 1fffe000195f18cf x24: dfff800000000000
x23: ffff800016f42000 x22: ffff0000cac45c00 x21: ffff800009604f2c
x20: 0000000000000000 x19: fffffc0006155600 x18: 1fffe0003690198e
x17: 1fffe0003690198e x16: ffff800011997d7c x15: ffff8000149dec20
x14: 1ffff0000292806a x13: dfff800000000000 x12: 0000000000000001
x11: 0000000000000000 x10: 0000000000000000 x9 : 20e93cb131d60b00
x8 : 20e93cb131d60b00 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000000 x3 : ffff80000a978bc0
x2 : ffff0001b480cd10 x1 : 0000000100000000 x0 : 0000000000000038
Call trace:
 free_nonslab_page+0x1cc/0x1dc mm/slub.c:3532
 kfree+0x2ac/0x410 mm/slub.c:4556
 put_ntfs+0x80/0x240 fs/ntfs3/super.c:444
 ntfs_put_super+0xbc/0x10c fs/ntfs3/super.c:486
 generic_shutdown_super+0x130/0x29c fs/super.c:475
 kill_block_super+0x70/0xdc fs/super.c:1414
 deactivate_locked_super+0xb8/0x13c fs/super.c:335
 deactivate_super+0x108/0x128 fs/super.c:366
 cleanup_mnt+0x3c0/0x474 fs/namespace.c:1143
 __cleanup_mnt+0x20/0x30 fs/namespace.c:1150
 task_work_run+0x130/0x1e4 kernel/task_work.c:164
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 do_notify_resume+0x262c/0x32b8 arch/arm64/kernel/signal.c:946
 prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
 el0_svc+0xfc/0x1f0 arch/arm64/kernel/entry-common.c:609
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
Code: f005bd81 91072c21 aa1303e0 97fba4d4 (d4210000) 
---[ end trace 61a7ffefde74ecbb ]---