syzbot

------------[ cut here ]------------
kernel BUG at ./include/linux/pagemap.h:1418!
Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
CPU: 1 UID: 0 PID: 20070 Comm: syz.7.2652 Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
RIP: 0010:__readahead_folio include/linux/pagemap.h:1418 [inline]
RIP: 0010:readahead_folio include/linux/pagemap.h:1444 [inline]
RIP: 0010:mpage_readahead+0x765/0x790 fs/mpage.c:367
Code: c6 80 7b 7a 8b e8 5b 45 db fe 90 0f 0b e8 63 8e 74 ff 4c 89 ff 48 c7 c6 60 7a 7a 8b e8 44 45 db fe 90 0f 0b e8 4c 8e 74 ff 90 <0f> 0b e8 44 8e 74 ff 4c 89 ff 48 c7 c6 80 7b 7a 8b e8 25 45 db fe
RSP: 0018:ffffc9000412f000 EFLAGS: 00010283
RAX: ffffffff824cc154 RBX: 0000000000000004 RCX: 0000000000080000
RDX: ffffc9001a6ea000 RSI: 0000000000030a63 RDI: 0000000000030a64
RBP: ffffc9000412f1f0 R08: ffffea00010ed307 R09: 1ffffd400021da60
R10: dffffc0000000000 R11: fffff9400021da61 R12: ffffc9000412f468
R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc9000412f480
FS:  00007f88aa3466c0(0000) GS:ffff888126187000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fe203d50000 CR3: 0000000031f25000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 read_pages+0x17a/0x580 mm/readahead.c:163
 page_cache_ra_unbounded+0x3da/0x990 mm/readahead.c:269
 do_sync_mmap_readahead+0x66a/0x870 mm/filemap.c:3394
 filemap_fault+0x6be/0x1290 mm/filemap.c:3543
 __do_fault+0x138/0x390 mm/memory.c:5320
 do_shared_fault mm/memory.c:5819 [inline]
 do_fault mm/memory.c:5893 [inline]
 do_pte_missing+0x6ad/0x3330 mm/memory.c:4401
 handle_pte_fault mm/memory.c:6273 [inline]
 __handle_mm_fault mm/memory.c:6411 [inline]
 handle_mm_fault+0x1b26/0x32b0 mm/memory.c:6580
 faultin_page mm/gup.c:1126 [inline]
 __get_user_pages+0x1650/0x29f0 mm/gup.c:1428
 __get_user_pages_locked mm/gup.c:1692 [inline]
 faultin_page_range+0x240/0x8d0 mm/gup.c:1912
 madvise_populate mm/madvise.c:976 [inline]
 madvise_do_behavior+0x2e7/0x550 mm/madvise.c:1935
 do_madvise+0x1bc/0x270 mm/madvise.c:2030
 __do_sys_madvise mm/madvise.c:2039 [inline]
 __se_sys_madvise mm/madvise.c:2037 [inline]
 __x64_sys_madvise+0xa7/0xc0 mm/madvise.c:2037
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f88a958f749
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f88aa346038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
RAX: ffffffffffffffda RBX: 00007f88a97e5fa0 RCX: 00007f88a958f749
RDX: 0000000000000017 RSI: 0000000000c00000 RDI: 0000200000000000
RBP: 00007f88a9613f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f88a97e6038 R14: 00007f88a97e5fa0 R15: 00007ffd2eb8cba8
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__readahead_folio include/linux/pagemap.h:1418 [inline]
RIP: 0010:readahead_folio include/linux/pagemap.h:1444 [inline]
RIP: 0010:mpage_readahead+0x765/0x790 fs/mpage.c:367
Code: c6 80 7b 7a 8b e8 5b 45 db fe 90 0f 0b e8 63 8e 74 ff 4c 89 ff 48 c7 c6 60 7a 7a 8b e8 44 45 db fe 90 0f 0b e8 4c 8e 74 ff 90 <0f> 0b e8 44 8e 74 ff 4c 89 ff 48 c7 c6 80 7b 7a 8b e8 25 45 db fe
RSP: 0018:ffffc9000412f000 EFLAGS: 00010283
RAX: ffffffff824cc154 RBX: 0000000000000004 RCX: 0000000000080000
RDX: ffffc9001a6ea000 RSI: 0000000000030a63 RDI: 0000000000030a64
RBP: ffffc9000412f1f0 R08: ffffea00010ed307 R09: 1ffffd400021da60
R10: dffffc0000000000 R11: fffff9400021da61 R12: ffffc9000412f468
R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc9000412f480
FS:  00007f88aa3466c0(0000) GS:ffff888126087000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffc9da0d668 CR3: 0000000031f25000 CR4: 0000000000350ef0