program:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4000, 0x0, 0x0, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps_rollup\x00')
r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000032c0)={<r2=>0x0})
futex_waitv(&(0x7f0000002940)=[{0x0, &(0x7f0000001000), 0x82}, {0x0, &(0x7f0000001040), 0x82}, {0x0, &(0x7f0000001080), 0x82}, {0x0, &(0x7f00000010c0), 0x82}, {0x0, &(0x7f0000001100), 0x82}, {0x0, &(0x7f0000001140), 0x82}, {0x0, &(0x7f0000001180)}, {0x0, &(0x7f00000011c0)}, {0x0, &(0x7f0000001200)}, {0x0, &(0x7f0000001240)=0xffffffffffffffff}, {0x0, &(0x7f0000001280)}, {0x0, &(0x7f00000012c0)}, {0x0, &(0x7f0000001300)}, {0x0, &(0x7f0000001340)}, {0x0, &(0x7f0000001380)}, {0x0, &(0x7f00000013c0)}, {0x0, &(0x7f0000001400), 0x82}, {0x0, &(0x7f0000001440)=0x80000000000}, {0x0, &(0x7f0000001480)}, {0x0, &(0x7f00000014c0)}, {0x0, &(0x7f0000001500)}, {0x0, &(0x7f0000001540)}, {0x0, &(0x7f0000001580)}, {0x0, &(0x7f00000015c0)}, {0x0, &(0x7f0000001600)}, {0x0, &(0x7f0000001640)}, {0x0, &(0x7f0000001680)}, {0x0, &(0x7f00000016c0)}, {0x0, &(0x7f0000001700)}, {0x0, &(0x7f0000001740)}, {0x0, &(0x7f0000001780)}, {0x0, &(0x7f00000017c0)}, {0x0, &(0x7f0000001800)}, {0x0, &(0x7f0000001840)}, {0x0, &(0x7f0000001880)}, {0x0, &(0x7f00000018c0)}, {0x0, &(0x7f0000001900)}, {0x0, &(0x7f0000001940)}, {0x0, &(0x7f0000001980)}, {0x0, &(0x7f0000000640)}, {0x0, &(0x7f0000001a00)}, {0x0, &(0x7f0000001a40)}, {0x0, &(0x7f0000001a80)}, {0x0, &(0x7f0000001ac0)}, {0x0, &(0x7f0000001b00)}, {0x0, &(0x7f0000001b40)}, {0x0, &(0x7f0000001b80)}, {0x0, &(0x7f0000001bc0)}, {0x0, &(0x7f0000001c00)}, {0x0, &(0x7f0000001c40)}, {0x0, &(0x7f0000001c80)}, {0x0, &(0x7f0000001cc0)}, {0x0, &(0x7f0000001d00)}, {0x0, &(0x7f0000001d40)}, {0x0, &(0x7f0000001d80)}, {0x0, &(0x7f0000001dc0)}, {0x0, &(0x7f0000001e00)}, {0x0, &(0x7f0000001e40)}, {0x0, &(0x7f0000001e80)}, {0x0, &(0x7f0000001ec0)}, {0x0, &(0x7f0000001f00)}, {0x0, &(0x7f0000001f40)}, {0x0, &(0x7f0000001f80)}, {0x0, &(0x7f0000001fc0)}, {0x0, &(0x7f0000002000)}, {0x0, &(0x7f0000002040)}, {0x0, &(0x7f0000002080)}, {0x0, &(0x7f00000020c0)}, {0x0, &(0x7f0000002100)}, {0x0, &(0x7f0000002140)}, {0x0, &(0x7f0000002180)}, {0x0, &(0x7f00000021c0)}, {0x0, &(0x7f0000002200)}, {0x0, &(0x7f0000002240)}, {0x0, &(0x7f0000002280)}, {0x0, &(0x7f00000022c0)}, {0x0, &(0x7f0000002300)}, {0x0, &(0x7f0000002340)}, {0x0, &(0x7f0000002380)}, {0x0, &(0x7f00000023c0)}, {0x0, &(0x7f0000002400)}, {0x0, &(0x7f0000002440)}, {0x0, &(0x7f0000002480)}, {0x0, &(0x7f00000024c0)}, {0x0, &(0x7f0000002500)}, {0x0, &(0x7f0000002540)}, {0x0, &(0x7f0000002580)}, {0x0, &(0x7f00000025c0)}, {0x0, &(0x7f0000002600)}, {0x0, &(0x7f0000002640)}, {0x0, &(0x7f0000002680)}, {0x0, &(0x7f00000026c0)}, {0x0, &(0x7f0000002700)}, {0x0, &(0x7f0000002740)}, {0x0, &(0x7f0000002780)}, {0x0, &(0x7f00000027c0)}, {0x0, &(0x7f0000002800)}, {0x0, &(0x7f0000002840)}, {0x0, &(0x7f0000002880)}, {0x0, &(0x7f0000003380)}, {0x0, &(0x7f0000002900)}], 0x65, 0x0, &(0x7f0000003300)={r2}, 0x1)
prctl$PR_SET_IO_FLUSHER(0x41, 0x1)
prctl$PR_SET_IO_FLUSHER(0x41, 0x0)
timer_create(0x0, &(0x7f0000066000)={0x0, 0x12}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f00000008c0)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r3, 0x3b88, &(0x7f00000002c0)={0xc, r4})
ioctl$IOMMU_VFIO_IOAS$GET(r3, 0x3b88, &(0x7f0000000300)={0xc, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000140)={0x28, 0x7, r5, 0x0, &(0x7f0000fee000/0xf000)=nil, 0xf000, 0xffff})
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r3, 0x3b72, &(0x7f0000000340)={0x18, 0x0, 0x5, 0xfffffffffffffebc})
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r6=>0x0)
timer_settime(r6, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x300000f, 0x12, r1, 0x0)
syz_clone(0x102000, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000731000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@cgroup=<r7=>0xffffffffffffffff, 0x2, 0x1, 0x10000, &(0x7f0000000040)=[0x0], 0x1, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0], <r8=>0x0}, 0x40)
r9 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x10)
ioctl$LOOP_SET_STATUS64(r9, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc093fce47d85272036dc78388e3dc177e9b496", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001"})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r9}, './bus\x00'})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000680)={@map=r9, r0, 0x1c, 0x200c, 0x0, @value=r0, @void, @void, @void, r8}, 0x20)
lseek(r0, 0x8, 0x1)
writev(r7, &(0x7f0000000500)=[{&(0x7f0000000280)="cce898b6c11390374d44a8653aa57bbfb8bbee1e731aff4a72ddfc49954445ee3ecfae8d252f78351f78744ffec728c3ba51d131b50b077c817aaae1f2b92cb2fc3c5d5f05ef66193a6840ebdb8dfca582d3240a6233bdca951a3a1764ee0f88f58611865810a0c23691fac5ac65f45a02246014f0e4a54e156cd5433f09189ab76758d4779d4c6351b20bae7361270f60833ffaf7797ab6e969e4a88cbe4082d0a5a83c8187512b6f461ad8350a37ed4e2803345e5c117f0d0b9e93b8a6d7f7754c3b74d519b4cc9119feeed900c185fd827dc79a179833a5e156aa0bc5f442e35b9144bb87289b1d2d0158ca6fe08f854ca7a0490d0046", 0xf8}, {&(0x7f0000000380)="138bd429ebefb480bd1f559b61c446467f651f3f5b5825a7cd1852a24c585d4439fc6e5d26ab25cb8b80cf685c930c35ed8f069d2375d5e88cfcd15a1787b186008df2b9413d709b786dcc101959a22150f5242e7979f793d1c5", 0x5a}, {&(0x7f0000000200)}, {&(0x7f0000000400)="05f336b56c1c9b1cf03aa7a2987ecb8062efd4d7ad6d357c66440b6fcea8f030e6951f3c51d4ac8cd9965228e1925c86752df9f25841369bc69bde7dd069ca8611343089335dd9e67b708867c59814933d0d430175bf333abec04637e06e90a1af625fdd01daa12305f20d0e2cb94bf78eb7019701fcb2f3c247c0aecf7631edbfed73646e7351308a2381c71b87fcb4ab4075f1cebe68d60d9c9ab53ec520ec1945b5f755a62e75ea5a965e36fa615e1fce42581c92fc4baca9a66ca946fa8880ec50f45591e824f6fc0e69d182ba6587de75614133307c842672df3bce8379c689c4f05222138ea0da4289606f005dd5e7e605cf", 0xf5}], 0x4)

[   81.371456][ T5308] Bluetooth: hci0: command tx timeout
[   81.375474][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[   81.377998][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[   81.749720][ T5323] BUG: Bad page map in process syz.0.0  pte:fffff012ff330 pmd:43a3e067
[   81.753535][ T5323] addr:0000000020731000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:731
[   81.757774][ T5323] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0
[   81.760533][ T5323] CPU: 0 UID: 0 PID: 5323 Comm: syz.0.0 Not tainted 6.12.0-rc4-syzkaller-00256-gc71f8fb4dc91 #0
[   81.764346][ T5323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.768332][ T5323] Call Trace:
[   81.769590][ T5323]  <TASK>
[   81.770749][ T5323]  dump_stack_lvl+0x241/0x360
[   81.772651][ T5323]  ? __pfx_dump_stack_lvl+0x10/0x10
[   81.774714][ T5323]  ? __pfx__printk+0x10/0x10
[   81.776439][ T5323]  ? __pfx_shmem_fault+0x10/0x10
[   81.778373][ T5323]  print_bad_pte+0x511/0x530
[   81.780186][ T5323]  vm_normal_page+0x155/0x200
[   81.782007][ T5323]  unmap_page_range+0xac6/0x40e0
[   81.783993][ T5323]  ? __pfx_unmap_page_range+0x10/0x10
[   81.785955][ T5323]  ? __pfx_lock_acquire+0x10/0x10
[   81.787825][ T5323]  ? unmap_vmas+0x1f1/0x5f0
[   81.789515][ T5323]  ? __pfx_lock_release+0x10/0x10
[   81.791434][ T5323]  ? unmap_single_vma+0x1bd/0x2b0
[   81.793447][ T5323]  unmap_vmas+0x3cc/0x5f0
[   81.795172][ T5323]  ? __pfx_unmap_vmas+0x10/0x10
[   81.797377][ T5323]  ? tlb_gather_mmu+0x24e/0x310
[   81.799461][ T5323]  unmap_region+0x214/0x380
[   81.801262][ T5323]  ? __pfx_unmap_region+0x10/0x10
[   81.803219][ T5323]  ? __mas_set_range+0x133/0x3c0
[   81.805134][ T5323]  ? fput+0x1af/0x230
[   81.806688][ T5323]  mmap_region+0x23fa/0x2a30
[   81.808513][ T5323]  ? __pfx_mmap_region+0x10/0x10
[   81.810351][ T5323]  ? futex_wait_queue+0x27/0x1d0
[   81.812147][ T5323]  ? futex_unqueue+0xcb/0xf0
[   81.813720][ T5323]  ? mm_get_unmapped_area+0xa8/0xd0
[   81.815594][ T5323]  ? bpf_lsm_mmap_addr+0x9/0x10
[   81.817559][ T5323]  ? security_mmap_addr+0x6f/0x250
[   81.819569][ T5323]  ? __get_unmapped_area+0x2ed/0x350
[   81.821660][ T5323]  do_mmap+0x8f0/0x1000
[   81.823296][ T5323]  ? __pfx_do_mmap+0x10/0x10
[   81.825249][ T5323]  ? __pfx_down_write_killable+0x10/0x10
[   81.827347][ T5323]  ? rcu_is_watching+0x15/0xb0
[   81.829191][ T5323]  ? apparmor_mmap_file+0xc3/0xe0
[   81.831215][ T5323]  vm_mmap_pgoff+0x1dd/0x3d0
[   81.833017][ T5323]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[   81.834887][ T5323]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   81.837333][ T5323]  ? do_syscall_64+0x100/0x230
[   81.839235][ T5323]  ? ksys_mmap_pgoff+0xdf/0x720
[   81.841260][ T5323]  ? __x64_sys_mmap+0x7f/0x140
[   81.843143][ T5323]  do_syscall_64+0xf3/0x230
[   81.844937][ T5323]  ? clear_bhb_loop+0x35/0x90
[   81.846847][ T5323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.849101][ T5323] RIP: 0033:0x7fcfd557e719
[   81.850784][ T5323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.857811][ T5323] RSP: 002b:00007fcfd63bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   81.860874][ T5323] RAX: ffffffffffffffda RBX: 00007fcfd5735f80 RCX: 00007fcfd557e719
[   81.863605][ T5323] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000
[   81.866612][ T5323] RBP: 00007fcfd55f132e R08: ffffffffffffffff R09: 0000000000000000
[   81.869638][ T5323] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[   81.872626][ T5323] R13: 0000000000000000 R14: 00007fcfd5735f80 R15: 00007fffc6b45968
[   81.875658][ T5323]  </TASK>
[   81.877504][ T5323] Disabling lock debugging due to kernel taint
[   81.933318][ T5322] ------------[ cut here ]------------
[   81.935447][ T5322] WARNING: CPU: 0 PID: 5322 at arch/x86/mm/pat/memtype.c:983 get_pat_info+0x1eb/0x3f0
[   81.939062][ T5322] Modules linked in:
[   81.940599][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Tainted: G    B              6.12.0-rc4-syzkaller-00256-gc71f8fb4dc91 #0
[   81.945596][ T5322] Tainted: [B]=BAD_PAGE
[   81.947296][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   81.952113][ T5322] RIP: 0010:get_pat_info+0x1eb/0x3f0
[   81.954096][ T5322] Code: 00 00 00 48 89 de e8 d4 e0 50 00 48 83 fb 20 75 13 48 83 7c 24 10 00 0f 84 5e 01 00 00 e8 dd db 50 00 eb 09 e8 d6 db 50 00 90 <0f> 0b 90 b8 ea ff ff ff 48 c7 44 24 20 0e 36 e0 45 48 b9 00 00 00
[   81.961584][ T5322] RSP: 0018:ffffc9000cf7f640 EFLAGS: 00010293
[   81.964121][ T5322] RAX: ffffffff81440e9a RBX: 0000000000000000 RCX: ffff888000ce0000
[   81.967361][ T5322] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000020
[   81.970534][ T5322] RBP: ffffc9000cf7f730 R08: ffffffff81440e7c R09: 1ffffffff203a055
[   81.973804][ T5322] R10: dffffc0000000000 R11: fffffbfff203a056 R12: 1ffff920019efecc
[   81.976927][ T5322] R13: 1ffff1100840a11b R14: ffffc9000cf7f680 R15: ffff8880420508b8
[   81.979796][ T5322] FS:  0000000000000000(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   81.983064][ T5322] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   81.985398][ T5322] CR2: 00007fcfd6378f98 CR3: 000000000e734000 CR4: 0000000000352ef0
[   81.988208][ T5322] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   81.991073][ T5322] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   81.994118][ T5322] Call Trace:
[   81.995501][ T5322]  <TASK>
[   81.996648][ T5322]  ? __warn+0x168/0x4e0
[   81.998292][ T5322]  ? get_pat_info+0x1eb/0x3f0
[   82.000186][ T5322]  ? report_bug+0x2b3/0x500
[   82.002177][ T5322]  ? get_pat_info+0x1eb/0x3f0
[   82.004057][ T5322]  ? handle_bug+0x60/0x90
[   82.005837][ T5322]  ? exc_invalid_op+0x1a/0x50
[   82.007785][ T5322]  ? asm_exc_invalid_op+0x1a/0x20
[   82.009791][ T5322]  ? get_pat_info+0x1cc/0x3f0
[   82.011744][ T5322]  ? get_pat_info+0x1ea/0x3f0
[   82.013580][ T5322]  ? get_pat_info+0x1eb/0x3f0
[   82.015412][ T5322]  ? __pfx_get_pat_info+0x10/0x10
[   82.017377][ T5322]  ? __pfx_unmap_page_range+0x10/0x10
[   82.019462][ T5322]  untrack_pfn+0x327/0x640
[   82.021311][ T5322]  ? mas_next_slot+0xdc6/0xea0
[   82.023221][ T5322]  ? __pfx_untrack_pfn+0x10/0x10
[   82.025097][ T5322]  ? uprobe_munmap+0x183/0x460
[   82.026951][ T5322]  unmap_single_vma+0x1f6/0x2b0
[   82.028886][ T5322]  unmap_vmas+0x3cc/0x5f0
[   82.030665][ T5322]  ? __pfx_unmap_vmas+0x10/0x10
[   82.032720][ T5322]  ? __pfx_lru_add_drain_cpu+0x10/0x10
[   82.034962][ T5322]  ? tlb_gather_mmu_fullmm+0x160/0x210
[   82.037162][ T5322]  exit_mmap+0x275/0xc40
[   82.038836][ T5322]  ? __mutex_lock+0x2ef/0xd70
[   82.040693][ T5322]  ? __pfx_exit_mmap+0x10/0x10
[   82.042657][ T5322]  ? __pfx_exit_aio+0x10/0x10
[   82.044703][ T5322]  ? uprobe_clear_state+0x271/0x290
[   82.046917][ T5322]  ? mm_update_next_owner+0xa4/0x810
[   82.048892][ T5322]  ? do_raw_spin_unlock+0x58/0x8b0
[   82.050871][ T5322]  __mmput+0x115/0x390
[   82.052700][ T5322]  exit_mm+0x220/0x310
[   82.054156][ T5322]  ? __pfx_exit_mm+0x10/0x10
[   82.055991][ T5322]  ? taskstats_exit+0x326/0xa60
[   82.057935][ T5322]  do_exit+0x9b2/0x28e0
[   82.059520][ T5322]  ? preempt_schedule_common+0x84/0xd0
[   82.061577][ T5322]  ? __pfx_do_exit+0x10/0x10
[   82.063539][ T5322]  ? __pfx_lock_release+0x10/0x10
[   82.065612][ T5322]  ? zap_other_threads+0x37e/0x3e0
[   82.067695][ T5322]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   82.070332][ T5322]  ? preempt_schedule_thunk+0x1a/0x30
[   82.072551][ T5322]  do_group_exit+0x207/0x2c0
[   82.074363][ T5322]  __x64_sys_exit_group+0x3f/0x40
[   82.076423][ T5322]  x64_sys_call+0x2634/0x2640
[   82.078307][ T5322]  do_syscall_64+0xf3/0x230
[   82.079917][ T5322]  ? clear_bhb_loop+0x35/0x90
[   82.081812][ T5322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.084122][ T5322] RIP: 0033:0x7fcfd557e719
[   82.085941][ T5322] Code: Unable to access opcode bytes at 0x7fcfd557e6ef.
[   82.088745][ T5322] RSP: 002b:00007fffc6b45cd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   82.092231][ T5322] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcfd557e719
[   82.095410][ T5322] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[   82.098578][ T5322] RBP: 0000000000000003 R08: 00007fffc6b45dbf R09: 00007fcfd5706260
[   82.101875][ T5322] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fcfd5706f68
[   82.104706][ T5322] R13: 00007fcfd5706260 R14: 0000000000000003 R15: 00007fffc6b45d80
[   82.108047][ T5322]  </TASK>
[   82.109334][ T5322] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   82.112363][ T5322] CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Tainted: G    B              6.12.0-rc4-syzkaller-00256-gc71f8fb4dc91 #0
[   82.117090][ T5322] Tainted: [B]=BAD_PAGE
[   82.118732][ T5322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   82.122526][ T5322] Call Trace:
[   82.123743][ T5322]  <TASK>
[   82.124997][ T5322]  dump_stack_lvl+0x241/0x360
[   82.126952][ T5322]  ? __pfx_dump_stack_lvl+0x10/0x10
[   82.129022][ T5322]  ? __pfx__printk+0x10/0x10
[   82.130873][ T5322]  ? vscnprintf+0x5d/0x90
[   82.132605][ T5322]  panic+0x349/0x880
[   82.134198][ T5322]  ? __warn+0x177/0x4e0
[   82.135849][ T5322]  ? __pfx_panic+0x10/0x10
[   82.137639][ T5322]  __warn+0x34b/0x4e0
[   82.139282][ T5322]  ? get_pat_info+0x1eb/0x3f0
[   82.141319][ T5322]  report_bug+0x2b3/0x500
[   82.143061][ T5322]  ? get_pat_info+0x1eb/0x3f0
[   82.144952][ T5322]  handle_bug+0x60/0x90
[   82.146683][ T5322]  exc_invalid_op+0x1a/0x50
[   82.148473][ T5322]  asm_exc_invalid_op+0x1a/0x20
[   82.150522][ T5322] RIP: 0010:get_pat_info+0x1eb/0x3f0
[   82.152600][ T5322] Code: 00 00 00 48 89 de e8 d4 e0 50 00 48 83 fb 20 75 13 48 83 7c 24 10 00 0f 84 5e 01 00 00 e8 dd db 50 00 eb 09 e8 d6 db 50 00 90 <0f> 0b 90 b8 ea ff ff ff 48 c7 44 24 20 0e 36 e0 45 48 b9 00 00 00
[   82.160222][ T5322] RSP: 0018:ffffc9000cf7f640 EFLAGS: 00010293
[   82.162666][ T5322] RAX: ffffffff81440e9a RBX: 0000000000000000 RCX: ffff888000ce0000
[   82.165457][ T5322] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000020
[   82.168525][ T5322] RBP: ffffc9000cf7f730 R08: ffffffff81440e7c R09: 1ffffffff203a055
[   82.171336][ T5322] R10: dffffc0000000000 R11: fffffbfff203a056 R12: 1ffff920019efecc
[   82.174270][ T5322] R13: 1ffff1100840a11b R14: ffffc9000cf7f680 R15: ffff8880420508b8
[   82.177331][ T5322]  ? get_pat_info+0x1cc/0x3f0
[   82.179169][ T5322]  ? get_pat_info+0x1ea/0x3f0
[   82.181251][ T5322]  ? __pfx_get_pat_info+0x10/0x10
[   82.183400][ T5322]  ? __pfx_unmap_page_range+0x10/0x10
[   82.185577][ T5322]  untrack_pfn+0x327/0x640
[   82.187308][ T5322]  ? mas_next_slot+0xdc6/0xea0
[   82.189203][ T5322]  ? __pfx_untrack_pfn+0x10/0x10
[   82.191258][ T5322]  ? uprobe_munmap+0x183/0x460
[   82.193231][ T5322]  unmap_single_vma+0x1f6/0x2b0
[   82.195040][ T5322]  unmap_vmas+0x3cc/0x5f0
[   82.196611][ T5322]  ? __pfx_unmap_vmas+0x10/0x10
[   82.198476][ T5322]  ? __pfx_lru_add_drain_cpu+0x10/0x10
[   82.200479][ T5322]  ? tlb_gather_mmu_fullmm+0x160/0x210
[   82.202411][ T5322]  exit_mmap+0x275/0xc40
[   82.203932][ T5322]  ? __mutex_lock+0x2ef/0xd70
[   82.205865][ T5322]  ? __pfx_exit_mmap+0x10/0x10
[   82.207840][ T5322]  ? __pfx_exit_aio+0x10/0x10
[   82.209788][ T5322]  ? uprobe_clear_state+0x271/0x290
[   82.211941][ T5322]  ? mm_update_next_owner+0xa4/0x810
[   82.214137][ T5322]  ? do_raw_spin_unlock+0x58/0x8b0
[   82.216269][ T5322]  __mmput+0x115/0x390
[   82.217845][ T5322]  exit_mm+0x220/0x310
[   82.219444][ T5322]  ? __pfx_exit_mm+0x10/0x10
[   82.221337][ T5322]  ? taskstats_exit+0x326/0xa60
[   82.223267][ T5322]  do_exit+0x9b2/0x28e0
[   82.225006][ T5322]  ? preempt_schedule_common+0x84/0xd0
[   82.227161][ T5322]  ? __pfx_do_exit+0x10/0x10
[   82.229055][ T5322]  ? __pfx_lock_release+0x10/0x10
[   82.231057][ T5322]  ? zap_other_threads+0x37e/0x3e0
[   82.233070][ T5322]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   82.235489][ T5322]  ? preempt_schedule_thunk+0x1a/0x30
[   82.237653][ T5322]  do_group_exit+0x207/0x2c0
[   82.239568][ T5322]  __x64_sys_exit_group+0x3f/0x40
[   82.241632][ T5322]  x64_sys_call+0x2634/0x2640
[   82.243524][ T5322]  do_syscall_64+0xf3/0x230
[   82.245325][ T5322]  ? clear_bhb_loop+0x35/0x90
[   82.247211][ T5322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.249575][ T5322] RIP: 0033:0x7fcfd557e719
[   82.251285][ T5322] Code: Unable to access opcode bytes at 0x7fcfd557e6ef.
[   82.254140][ T5322] RSP: 002b:00007fffc6b45cd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   82.257499][ T5322] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcfd557e719
[   82.260539][ T5322] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[   82.263510][ T5322] RBP: 0000000000000003 R08: 00007fffc6b45dbf R09: 00007fcfd5706260
[   82.266637][ T5322] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fcfd5706f68
[   82.269908][ T5322] R13: 00007fcfd5706260 R14: 0000000000000003 R15: 00007fffc6b45d80
[   82.273023][ T5322]  </TASK>
[   82.274353][ T5322] Kernel Offset: disabled
[   82.275985][ T5322] Rebooting in 86400 seconds..