Warning: Permanently added '10.128.1.121' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program [ 98.518168][ T5106] mmap: syz-executor288 (5106) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 139.448493][ T5787] BUG: Bad rss-counter state mm:ffff888024388980 type:MM_SHMEMPAGES val:236 [ 139.483477][ T5787] page: refcount:749 mapcount:0 mapping:ffff88802258f930 index:0x0 pfn:0x71600 [ 139.493005][ T5787] head: order:9 mapcount:236 entire_mapcount:0 nr_pages_mapped:236 pincount:0 [ 139.501893][ T5787] memcg:ffff8880162e4000 [ 139.506169][ T5787] aops:shmem_aops ino:46c [ 139.510667][ T5787] flags: 0xfff7800004026d(locked|referenced|uptodate|lru|workingset|head|swapbacked|node=0|zone=1|lastcpupid=0x7ff) [ 139.522892][ T5787] raw: 00fff7800004026d ffffea0001d77288 ffff8880150a3290 ffff88802258f930 [ 139.531521][ T5787] raw: 0000000000000000 0000000000000000 000002edffffffff ffff8880162e4000 [ 139.540236][ T5787] head: 00fff7800004026d ffffea0001d77288 ffff8880150a3290 ffff88802258f930 [ 139.548962][ T5787] head: 0000000000000000 0000000000000000 000002edffffffff ffff8880162e4000 [ 139.557697][ T5787] head: 00fff00000000209 ffffea0001c58001 ffffffff000000eb 00000000000000ec [ 139.566408][ T5787] head: 0000000000000200 0000000000000000 00000000ffffffff 0000000000000000 [ 139.575109][ T5787] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio)) [ 139.582451][ T5787] page_owner tracks the page as allocated [ 139.588619][ T5787] page last allocated via order 9, migratetype Movable, gfp_mask 0x1c24ca(GFP_TRANSHUGE), pid 5798, tgid 5786 (syz-executor288), ts 139336894158, free_ts 137227623198 [ 139.605258][ T5787] post_alloc_hook+0x1f3/0x230 [ 139.610057][ T5787] get_page_from_freelist+0x2cbd/0x2d70 [ 139.615623][ T5787] __alloc_pages_noprof+0x256/0x6c0 [ 139.620832][ T5787] __folio_alloc_noprof+0x18/0x210 [ 139.625954][ T5787] alloc_charge_folio+0x4a2/0xa10 [ 139.630984][ T5787] hpage_collapse_scan_file+0x12a4/0x61f0 [ 139.636715][ T5787] madvise_collapse+0x5e0/0xcf0 [ 139.641600][ T5787] do_madvise+0xc5f/0x4590 [ 139.646115][ T5787] __x64_sys_madvise+0xa6/0xc0 [ 139.650888][ T5787] do_syscall_64+0xf3/0x230 [ 139.655398][ T5787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.661298][ T5787] page last free pid 5751 tgid 5750 stack trace: [ 139.667628][ T5787] free_unref_folios+0x103a/0x1b00 [ 139.672750][ T5787] folios_put_refs+0x76e/0x860 [ 139.677527][ T5787] shmem_undo_range+0x6de/0x1df0 [ 139.682562][ T5787] shmem_evict_inode+0x29b/0xa80 [ 139.687507][ T5787] evict+0x2a8/0x630 [ 139.691686][ T5787] __dentry_kill+0x20d/0x630 [ 139.697335][ T5787] dput+0x19f/0x2b0 [ 139.701180][ T5787] __fput+0x68c/0x8b0 [ 139.705187][ T5787] task_work_run+0x24f/0x310 [ 139.709832][ T5787] do_exit+0xa27/0x28e0 [ 139.714013][ T5787] do_group_exit+0x207/0x2c0 [ 139.718643][ T5787] get_signal+0x16a1/0x1740 [ 139.723177][ T5787] arch_do_signal_or_restart+0x96/0x830 [ 139.728739][ T5787] syscall_exit_to_user_mode+0xc9/0x370 [ 139.734478][ T5787] do_syscall_64+0x100/0x230 [ 139.739076][ T5787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.745118][ T5787] ------------[ cut here ]------------ [ 139.750577][ T5787] kernel BUG at mm/filemap.c:162! [ 139.755638][ T5787] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI [ 139.755665][ T5787] CPU: 0 PID: 5787 Comm: syz-executor288 Not tainted 6.10.0-rc2-next-20240607-syzkaller #0 [ 139.755683][ T5787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 139.755700][ T5787] RIP: 0010:filemap_unaccount_folio+0x80d/0xe40 [ 139.755722][ T5787] Code: 25 ff 0f 00 00 0f 84 f0 00 00 00 e8 4d 6c ca ff e9 6c f8 ff ff e8 43 6c ca ff 4c 89 ef 48 c7 c6 20 a3 d3 8b e8 44 53 14 00 90 <0f> 0b e8 2c 6c ca ff 4c 89 ef 48 c7 c6 60 a4 d3 8b e8 2d 53 14 00 [ 139.755739][ T5787] RSP: 0018:ffffc90004787138 EFLAGS: 00010046 [ 139.755760][ T5787] RAX: fc373135a290ce00 RBX: 0000000000000040 RCX: ffffc90004786d03 [ 139.755773][ T5787] RDX: 0000000000000002 RSI: ffffffff8bcad360 RDI: ffffffff8c200e00 [ 139.755790][ T5787] RBP: 00000000000000ec R08: ffffffff8fae026f R09: 1ffffffff1f5c04d [ 139.755802][ T5787] R10: dffffc0000000000 R11: fffffbfff1f5c04e R12: 1ffffd400038b000 [ 139.755814][ T5787] R13: ffffea0001c58000 R14: 1ffffd400038b001 R15: ffffea0001c58008 [ 139.755828][ T5787] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 139.755842][ T5787] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.755854][ T5787] CR2: 0000000000000000 CR3: 0000000011b56000 CR4: 00000000003506f0 [ 139.755868][ T5787] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 139.755878][ T5787] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 139.755889][ T5787] Call Trace: [ 139.755897][ T5787] [ 139.755904][ T5787] ? __die_body+0x88/0xe0 [ 139.755931][ T5787] ? die+0xcf/0x110 [ 139.755956][ T5787] ? do_trap+0x15a/0x3a0 [ 139.755978][ T5787] ? filemap_unaccount_folio+0x80d/0xe40 [ 139.755995][ T5787] ? do_error_trap+0x1dc/0x2c0 [ 139.756016][ T5787] ? filemap_unaccount_folio+0x80d/0xe40 [ 139.756036][ T5787] ? __pfx_do_error_trap+0x10/0x10 [ 139.756059][ T5787] ? report_bug+0x3cd/0x500 [ 139.756085][ T5787] ? handle_invalid_op+0x34/0x40 [ 139.756105][ T5787] ? filemap_unaccount_folio+0x80d/0xe40 [ 139.756121][ T5787] ? exc_invalid_op+0x38/0x50 [ 139.756139][ T5787] ? asm_exc_invalid_op+0x1a/0x20 [ 139.756161][ T5787] ? filemap_unaccount_folio+0x80d/0xe40 [ 139.756178][ T5787] ? filemap_unaccount_folio+0x80c/0xe40 [ 139.756193][ T5787] ? rcu_is_watching+0x15/0xb0 [ 139.756217][ T5787] __filemap_remove_folio+0xc4/0x9e0 [ 139.756239][ T5787] ? __pfx___filemap_remove_folio+0x10/0x10 [ 139.756256][ T5787] ? _raw_spin_lock_irq+0xdf/0x120 [ 139.756275][ T5787] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 139.756299][ T5787] filemap_remove_folio+0x108/0x2e0 [ 139.756318][ T5787] truncate_inode_folio+0x5d/0x70 [ 139.756344][ T5787] shmem_undo_range+0x45d/0x1df0 [ 139.756375][ T5787] ? __pfx_shmem_undo_range+0x10/0x10 [ 139.756423][ T5787] ? inode_wait_for_writeback+0x224/0x290 [ 139.756443][ T5787] ? __pfx_lock_release+0x10/0x10 [ 139.756462][ T5787] ? do_raw_spin_lock+0x14f/0x370 [ 139.756488][ T5787] ? percpu_counter_add_batch+0xff/0x1f0 [ 139.756523][ T5787] shmem_evict_inode+0x29b/0xa80 [ 139.756544][ T5787] ? inode_wait_for_writeback+0x224/0x290 [ 139.756562][ T5787] ? __pfx_shmem_evict_inode+0x10/0x10 [ 139.756579][ T5787] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 139.756599][ T5787] ? __pfx_wake_bit_function+0x10/0x10 [ 139.756617][ T5787] ? do_raw_spin_unlock+0x13c/0x8b0 [ 139.756645][ T5787] ? __pfx_shmem_evict_inode+0x10/0x10 [ 139.756663][ T5787] evict+0x2a8/0x630 [ 139.756689][ T5787] __dentry_kill+0x20d/0x630 [ 139.756711][ T5787] ? dput+0x37/0x2b0 [ 139.756730][ T5787] dput+0x19f/0x2b0 [ 139.756749][ T5787] __fput+0x68c/0x8b0 [ 139.756782][ T5787] task_work_run+0x24f/0x310 [ 139.756809][ T5787] ? __pfx_task_work_run+0x10/0x10 [ 139.756835][ T5787] ? switch_task_namespaces+0xe1/0x110 [ 139.756853][ T5787] do_exit+0xa27/0x28e0 [ 139.756880][ T5787] ? __pfx_do_exit+0x10/0x10 [ 139.756902][ T5787] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 139.756929][ T5787] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 139.756949][ T5787] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 139.756968][ T5787] ? _raw_spin_lock_irq+0xdf/0x120 [ 139.756989][ T5787] do_group_exit+0x207/0x2c0 [ 139.757011][ T5787] ? _raw_spin_unlock_irq+0x23/0x50 [ 139.757031][ T5787] ? lockdep_hardirqs_on+0x99/0x150 [ 139.757056][ T5787] get_signal+0x16a1/0x1740 [ 139.757089][ T5787] ? __pfx_get_signal+0x10/0x10 [ 139.757119][ T5787] arch_do_signal_or_restart+0x96/0x830 [ 139.757143][ T5787] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 139.757164][ T5787] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 139.757189][ T5787] ? syscall_exit_to_user_mode+0xa3/0x370 [ 139.757215][ T5787] syscall_exit_to_user_mode+0xc9/0x370 [ 139.757242][ T5787] do_syscall_64+0x100/0x230 [ 139.757258][ T5787] ? clear_bhb_loop+0x35/0x90 [ 139.757278][ T5787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.757296][ T5787] RIP: 0033:0x7fbaf7aed399 [ 139.757313][ T5787] Code: Unable to access opcode bytes at 0x7fbaf7aed36f. [ 139.757321][ T5787] RSP: 002b:00007fbaf7aa8238 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 139.757338][ T5787] RAX: fffffffffffffe00 RBX: 00007fbaf7b77308 RCX: 00007fbaf7aed399 [ 139.757350][ T5787] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbaf7b77308 [ 139.757361][ T5787] RBP: 00007fbaf7b77300 R08: 00007fbaf7aa86c0 R09: 00007fbaf7aa86c0 [ 139.757373][ T5787] R10: 0000000000000000 R11: 0000000000000246 R12: b635773f06ebbeee [ 139.757384][ T5787] R13: 0000000000000000 R14: 00007ffd7009ea30 R15: 00007ffd7009eb18 [ 139.757403][ T5787] [ 139.757409][ T5787] Modules linked in: [ 139.757422][ T5787] ---[ end trace 0000000000000000 ]--- [ 140.288085][ T5787] RIP: 0010:filemap_unaccount_folio+0x80d/0xe40 [ 140.294341][ T5787] Code: 25 ff 0f 00 00 0f 84 f0 00 00 00 e8 4d 6c ca ff e9 6c f8 ff ff e8 43 6c ca ff 4c 89 ef 48 c7 c6 20 a3 d3 8b e8 44 53 14 00 90 <0f> 0b e8 2c 6c ca ff 4c 89 ef 48 c7 c6 60 a4 d3 8b e8 2d 53 14 00 [ 140.314234][ T5787] RSP: 0018:ffffc90004787138 EFLAGS: 00010046 [ 140.320340][ T5787] RAX: fc373135a290ce00 RBX: 0000000000000040 RCX: ffffc90004786d03 [ 140.328412][ T5787] RDX: 0000000000000002 RSI: ffffffff8bcad360 RDI: ffffffff8c200e00 [ 140.336392][ T5787] RBP: 00000000000000ec R08: ffffffff8fae026f R09: 1ffffffff1f5c04d [ 140.344372][ T5787] R10: dffffc0000000000 R11: fffffbfff1f5c04e R12: 1ffffd400038b000 [ 140.352434][ T5787] R13: ffffea0001c58000 R14: 1ffffd400038b001 R15: ffffea0001c58008 [ 140.360596][ T5787] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 140.369560][ T5787] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.376150][ T5787] CR2: 0000000000000000 CR3: 0000000011b56000 CR4: 00000000003506f0 [ 140.384125][ T5787] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 140.392114][ T5787] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 140.400136][ T5787] Kernel panic - not syncing: Fatal exception [ 140.406371][ T5787] Kernel Offset: disabled [ 140.410714][ T5787] Rebooting in 86400 seconds..