Warning: Permanently added '[localhost]:8472' (ED25519) to the list of known hosts.
1970/01/01 00:03:45 parsed 1 programs
syzkaller login: [  236.252990][ T3323] cgroup: Unknown subsys name 'net'
[  236.524159][ T3323] cgroup: Unknown subsys name 'cpuset'
[  236.561969][ T3323] cgroup: Unknown subsys name 'rlimit'
[  237.192785][ T3323] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  245.309882][ T3328] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  254.176685][ T3349] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  254.190614][ T3349] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  255.603603][ T3349] hsr_slave_0: entered promiscuous mode
[  255.609188][ T3349] hsr_slave_1: entered promiscuous mode
[  256.719879][ T3349] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  256.759044][ T3349] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  256.785413][ T3349] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  256.810731][ T3349] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  258.047782][ T3349] 8021q: adding VLAN 0 to HW filter on device bond0
[  262.065742][ T3349] veth0_vlan: entered promiscuous mode
[  262.104815][ T3349] veth1_vlan: entered promiscuous mode
[  262.243483][ T3349] veth0_macvtap: entered promiscuous mode
[  262.268040][ T3349] veth1_macvtap: entered promiscuous mode
[  262.431509][   T40] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  262.432707][   T40] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  262.447755][   T40] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  262.448304][   T40] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  263.343741][  T112] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.480539][  T112] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.674050][  T112] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.795384][  T112] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.176021][  T112] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  265.235979][  T112] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  265.278894][  T112] bond0 (unregistering): Released all slaves
[  265.558993][  T112] hsr_slave_0: left promiscuous mode
[  265.567451][  T112] hsr_slave_1: left promiscuous mode
[  265.610028][  T112] veth1_macvtap: left promiscuous mode
[  265.610799][  T112] veth0_macvtap: left promiscuous mode
[  265.611606][  T112] veth1_vlan: left promiscuous mode
[  265.612290][  T112] veth0_vlan: left promiscuous mode
1970/01/01 00:04:34 executed programs: 0
[  278.422538][ T3488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  278.451997][ T3488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  280.125896][ T3488] hsr_slave_0: entered promiscuous mode
[  280.139297][ T3488] hsr_slave_1: entered promiscuous mode
[  281.268079][ T3488] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  281.301108][ T3488] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  281.338119][ T3488] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  281.359224][ T3488] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  282.701147][ T3488] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.633162][ T3488] veth0_vlan: entered promiscuous mode
[  287.697950][ T3488] veth1_vlan: entered promiscuous mode
[  287.897999][ T3488] veth0_macvtap: entered promiscuous mode
[  287.933287][ T3488] veth1_macvtap: entered promiscuous mode
[  288.131567][   T55] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  288.132616][   T55] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  288.139382][   T55] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  288.140088][   T55] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
1970/01/01 00:04:48 executed programs: 2
[  288.803538][ T3591] ==================================================================
[  288.807188][ T3591] BUG: KASAN: invalid-access in __kvm_pgtable_walk+0x110/0x2d0
[  288.809553][ T3591] Read at addr f2f000001357d000 by task syz.2.17/3591
[  288.810125][ T3591] Pointer tag: [f2], memory tag: [fe]
[  288.810270][ T3591] 
[  288.811226][ T3591] CPU: 0 UID: 0 PID: 3591 Comm: syz.2.17 Not tainted syzkaller #0 PREEMPT 
[  288.811765][ T3591] Hardware name: linux,dummy-virt (DT)
[  288.812130][ T3591] Call trace:
[  288.812495][ T3591]  show_stack+0x18/0x24 (C)
[  288.812915][ T3591]  dump_stack_lvl+0x78/0x90
[  288.813154][ T3591]  print_report+0x108/0x61c
[  288.813376][ T3591]  kasan_report+0x88/0xac
[  288.813604][ T3591]  __do_kernel_fault+0x170/0x1c8
[  288.813809][ T3591]  do_bad_area+0x68/0x78
[  288.814031][ T3591]  do_tag_check_fault+0x34/0x44
[  288.814308][ T3591]  do_mem_abort+0x44/0x94
[  288.814551][ T3591]  el1_abort+0x40/0x60
[  288.814810][ T3591]  el1h_64_sync_handler+0x50/0xac
[  288.815014][ T3591]  el1h_64_sync+0x6c/0x70
[  288.815351][ T3591]  __kvm_pgtable_walk+0x110/0x2d0 (P)
[  288.815575][ T3591]  kvm_pgtable_walk+0xd0/0x164
[  288.815801][ T3591]  kvm_pgtable_stage2_destroy_range+0x3c/0x70
[  288.816021][ T3591]  kvm_stage2_destroy+0x74/0xd0
[  288.816230][ T3591]  kvm_free_stage2_pgd+0x4c/0x84
[  288.816454][ T3591]  kvm_uninit_stage2_mmu+0x1c/0x34
[  288.816672][ T3591]  kvm_arch_flush_shadow_all+0x6c/0x84
[  288.816869][ T3591]  kvm_mmu_notifier_release+0x30/0x84
[  288.817048][ T3591]  mmu_notifier_unregister+0x5c/0x11c
[  288.817235][ T3591]  kvm_destroy_vm+0x148/0x2b0
[  288.817469][ T3591]  kvm_vm_release+0x80/0xb0
[  288.817665][ T3591]  __fput+0xcc/0x2dc
[  288.817874][ T3591]  ____fput+0x14/0x20
[  288.818063][ T3591]  task_work_run+0x78/0xd4
[  288.818265][ T3591]  do_notify_resume+0x13c/0x16c
[  288.818470][ T3591]  el0_svc+0x108/0x10c
[  288.818682][ T3591]  el0t_64_sync_handler+0xa0/0xe4
[  288.818926][ T3591]  el0t_64_sync+0x1a4/0x1a8
[  288.819357][ T3591] 
[  288.819609][ T3591] The buggy address belongs to the physical page:
[  288.820136][ T3591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5357d
[  288.820632][ T3591] flags: 0x1fff40000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xd)
[  288.821756][ T3591] raw: 01fff40000000000 ffffc1ffc04d6508 ffffc1ffc0243d88 0000000000000000
[  288.821942][ T3591] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  288.822144][ T3591] page dumped because: kasan: bad access detected
[  288.822251][ T3591] 
[  288.822336][ T3591] Memory state around the buggy address:
[  288.822702][ T3591]  fff000001357ce00: fb fb fb fb fb fb fb fb f9 f9 f9 f9 f9 f9 f9 f9
[  288.822937][ T3591]  fff000001357cf00: fc fc fc fc fc fc fc fc f6 f6 f6 f6 f6 f6 f6 f6
[  288.823102][ T3591] >fff000001357d000: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  288.823243][ T3591]                    ^
[  288.823574][ T3591]  fff000001357d100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  288.823703][ T3591]  fff000001357d200: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  288.823856][ T3591] ==================================================================
[  288.825284][ T3591] Disabling lock debugging due to kernel taint
[  290.131948][ T3594] BUG: Bad page state in process syz.2.18  pfn:490f6
[  290.132933][ T3594] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0xf1f00000090f6870 pfn:0x490f6
[  290.133473][ T3594] flags: 0x1ffd40000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x5)
[  290.133796][ T3594] raw: 01ffd40000000000 dead000000000100 dead000000000122 0000000000000000
[  290.134044][ T3594] raw: f1f00000090f6870 0000000000000000 fffffe01ffffffff 0000000000000000
[  290.134284][ T3594] page dumped because: nonzero _refcount
[  290.135164][ T3594] Modules linked in:
[  290.136566][ T3594] CPU: 0 UID: 0 PID: 3594 Comm: syz.2.18 Tainted: G    B               syzkaller #0 PREEMPT 
[  290.136934][ T3594] Tainted: [B]=BAD_PAGE
[  290.137089][ T3594] Hardware name: linux,dummy-virt (DT)
[  290.137195][ T3594] Call trace:
[  290.137277][ T3594]  show_stack+0x18/0x24 (C)
[  290.137529][ T3594]  dump_stack_lvl+0x78/0x90
[  290.137733][ T3594]  dump_stack+0x18/0x24
[  290.137932][ T3594]  bad_page+0x84/0x128
[  290.138126][ T3594]  check_new_page+0x104/0x130
[  290.138344][ T3594]  __rmqueue_pcplist+0x14c/0x1080
[  290.138527][ T3594]  get_page_from_freelist+0xa9c/0x19e0
[  290.138724][ T3594]  __alloc_frozen_pages_noprof+0x184/0xd34
[  290.138971][ T3594]  alloc_pages_mpol+0xb8/0x1b8
[  290.139154][ T3594]  alloc_frozen_pages_noprof+0x48/0xc0
[  290.139344][ T3594]  alloc_pages_noprof+0x10/0x28
[  290.139553][ T3594]  get_free_pages_noprof+0x14/0x70
[  290.139759][ T3594]  __kvm_mmu_topup_memory_cache+0xac/0x198
[  290.139971][ T3594]  kvm_mmu_topup_memory_cache+0x18/0x24
[  290.140183][ T3594]  kvm_handle_guest_abort+0x7ec/0x115c
[  290.140394][ T3594]  handle_exit+0x60/0x184
[  290.140606][ T3594]  kvm_arch_vcpu_ioctl_run+0x308/0x8d4
[  290.140795][ T3594]  kvm_vcpu_ioctl+0x14c/0x878
[  290.141047][ T3594]  __arm64_sys_ioctl+0xac/0x104
[  290.141275][ T3594]  invoke_syscall+0x48/0x110
[  290.141510][ T3594]  el0_svc_common.constprop.0+0x40/0xe0
[  290.141722][ T3594]  do_el0_svc+0x1c/0x28
[  290.141939][ T3594]  el0_svc+0x34/0x10c
[  290.142145][ T3594]  el0t_64_sync_handler+0xa0/0xe4
[  290.142347][ T3594]  el0t_64_sync+0x1a4/0x1a8
[  290.142729][ T3594] BUG: Bad page state in process syz.2.18  pfn:5357d
[  290.142889][ T3594] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5357d
[  290.143050][ T3594] flags: 0x1fff40000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xd)
[  290.143330][ T3594] raw: 01fff40000000000 dead000000000100 dead000000000122 0000000000000000
[  290.143502][ T3594] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  290.143627][ T3594] page dumped because: nonzero _refcount
[  290.143716][ T3594] Modules linked in:
[  290.143886][ T3594] CPU: 0 UID: 0 PID: 3594 Comm: syz.2.18 Tainted: G    B               syzkaller #0 PREEMPT 
[  290.144162][ T3594] Tainted: [B]=BAD_PAGE
[  290.144253][ T3594] Hardware name: linux,dummy-virt (DT)
[  290.144448][ T3594] Call trace:
[  290.144563][ T3594]  show_stack+0x18/0x24 (C)
[  290.144807][ T3594]  dump_stack_lvl+0x78/0x90
[  290.145026][ T3594]  dump_stack+0x18/0x24
[  290.145237][ T3594]  bad_page+0x84/0x128
[  290.145443][ T3594]  check_new_page+0x104/0x130
[  290.145663][ T3594]  __rmqueue_pcplist+0x14c/0x1080
[  290.145887][ T3594]  get_page_from_freelist+0xa9c/0x19e0
[  290.146143][ T3594]  __alloc_frozen_pages_noprof+0x184/0xd34
[  290.146423][ T3594]  alloc_pages_mpol+0xb8/0x1b8
[  290.146636][ T3594]  alloc_frozen_pages_noprof+0x48/0xc0
[  290.146924][ T3594]  alloc_pages_noprof+0x10/0x28
[  290.147159][ T3594]  get_free_pages_noprof+0x14/0x70
[  290.147413][ T3594]  __kvm_mmu_topup_memory_cache+0xac/0x198
[  290.147611][ T3594]  kvm_mmu_topup_memory_cache+0x18/0x24
[  290.147872][ T3594]  kvm_handle_guest_abort+0x7ec/0x115c
[  290.148107][ T3594]  handle_exit+0x60/0x184
[  290.148306][ T3594]  kvm_arch_vcpu_ioctl_run+0x308/0x8d4
[  290.148504][ T3594]  kvm_vcpu_ioctl+0x14c/0x878
[  290.148725][ T3594]  __arm64_sys_ioctl+0xac/0x104
[  290.148927][ T3594]  invoke_syscall+0x48/0x110
[  290.149122][ T3594]  el0_svc_common.constprop.0+0x40/0xe0
[  290.149336][ T3594]  do_el0_svc+0x1c/0x28
[  290.149540][ T3594]  el0_svc+0x34/0x10c
[  290.149778][ T3594]  el0t_64_sync_handler+0xa0/0xe4
[  290.149996][ T3594]  el0t_64_sync+0x1a4/0x1a8
[  292.510364][ T3488] BUG: Bad page state in process syz-executor  pfn:492f7
[  292.510940][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x492f7
[  292.511374][ T3488] flags: 0x1fff80000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xe)
[  292.511600][ T3488] raw: 01fff80000000000 dead000000000100 dead000000000122 0000000000000000
[  292.511739][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  292.511829][ T3488] page dumped because: nonzero _refcount
[  292.511916][ T3488] Modules linked in:
[  292.512124][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  292.512423][ T3488] Tainted: [B]=BAD_PAGE
[  292.512532][ T3488] Hardware name: linux,dummy-virt (DT)
[  292.512641][ T3488] Call trace:
[  292.512721][ T3488]  show_stack+0x18/0x24 (C)
[  292.512953][ T3488]  dump_stack_lvl+0x78/0x90
[  292.513166][ T3488]  dump_stack+0x18/0x24
[  292.513388][ T3488]  bad_page+0x84/0x128
[  292.513604][ T3488]  check_new_page+0x104/0x130
[  292.513812][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  292.514019][ T3488]  alloc_pages_bulk_noprof+0x2a0/0x558
[  292.514247][ T3488]  alloc_pages_bulk_mempolicy_noprof+0xb8/0x55c
[  292.514564][ T3488]  __vmalloc_node_range_noprof+0x45c/0x804
[  292.514841][ T3488]  __vmalloc_node_noprof+0x90/0xa0
[  292.515063][ T3488]  copy_process+0x928/0x1500
[  292.515308][ T3488]  kernel_clone+0x64/0x368
[  292.515533][ T3488]  __do_sys_clone+0x70/0xa8
[  292.515746][ T3488]  __arm64_sys_clone+0x20/0x2c
[  292.515960][ T3488]  invoke_syscall+0x48/0x110
[  292.516171][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  292.516381][ T3488]  do_el0_svc+0x1c/0x28
[  292.516627][ T3488]  el0_svc+0x34/0x10c
[  292.516882][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  292.517128][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  292.517988][ T3488] BUG: Bad page state in process syz-executor  pfn:491b1
[  292.518121][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0xf5f00000091b1300 pfn:0x491b1
[  292.518276][ T3488] flags: 0x1ffcc0000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x3)
[  292.518511][ T3488] raw: 01ffcc0000000000 dead000000000100 dead000000000122 0000000000000000
[  292.518680][ T3488] raw: f5f00000091b1300 0000000000000000 fffffe01ffffffff 0000000000000000
[  292.518807][ T3488] page dumped because: nonzero _refcount
[  292.518890][ T3488] Modules linked in:
[  292.519042][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  292.519314][ T3488] Tainted: [B]=BAD_PAGE
[  292.519403][ T3488] Hardware name: linux,dummy-virt (DT)
[  292.519502][ T3488] Call trace:
[  292.519580][ T3488]  show_stack+0x18/0x24 (C)
[  292.519807][ T3488]  dump_stack_lvl+0x78/0x90
[  292.520016][ T3488]  dump_stack+0x18/0x24
[  292.520223][ T3488]  bad_page+0x84/0x128
[  292.520430][ T3488]  check_new_page+0x104/0x130
[  292.520640][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  292.520865][ T3488]  alloc_pages_bulk_noprof+0x2a0/0x558
[  292.521073][ T3488]  alloc_pages_bulk_mempolicy_noprof+0xb8/0x55c
[  292.521253][ T3488]  __vmalloc_node_range_noprof+0x45c/0x804
[  292.521425][ T3488]  __vmalloc_node_noprof+0x90/0xa0
[  292.521610][ T3488]  copy_process+0x928/0x1500
[  292.521809][ T3488]  kernel_clone+0x64/0x368
[  292.522019][ T3488]  __do_sys_clone+0x70/0xa8
[  292.522241][ T3488]  __arm64_sys_clone+0x20/0x2c
[  292.522451][ T3488]  invoke_syscall+0x48/0x110
[  292.522681][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  292.522916][ T3488]  do_el0_svc+0x1c/0x28
[  292.523125][ T3488]  el0_svc+0x34/0x10c
[  292.523352][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  292.523562][ T3488]  el0t_64_sync+0x1a4/0x1a8
1970/01/01 00:04:53 executed programs: 6
[  295.081734][ T3488] BUG: Bad page state in process syz-executor  pfn:49383
[  295.082106][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x49383
[  295.082425][ T3488] flags: 0x1ffcc0000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x3)
[  295.082655][ T3488] raw: 01ffcc0000000000 dead000000000100 dead000000000122 0000000000000000
[  295.082825][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  295.082941][ T3488] page dumped because: nonzero _refcount
[  295.083037][ T3488] Modules linked in:
[  295.083232][ T3488] CPU: 1 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  295.083395][ T3488] Tainted: [B]=BAD_PAGE
[  295.083446][ T3488] Hardware name: linux,dummy-virt (DT)
[  295.083505][ T3488] Call trace:
[  295.083551][ T3488]  show_stack+0x18/0x24 (C)
[  295.083684][ T3488]  dump_stack_lvl+0x78/0x90
[  295.083804][ T3488]  dump_stack+0x18/0x24
[  295.083926][ T3488]  bad_page+0x84/0x128
[  295.084044][ T3488]  check_new_page+0x104/0x130
[  295.084159][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  295.084331][ T3488]  get_page_from_freelist+0xa9c/0x19e0
[  295.084449][ T3488]  __alloc_frozen_pages_noprof+0x184/0xd34
[  295.084564][ T3488]  alloc_pages_mpol+0xb8/0x1b8
[  295.084735][ T3488]  alloc_frozen_pages_noprof+0x48/0xc0
[  295.084851][ T3488]  alloc_pages_noprof+0x10/0x28
[  295.084979][ T3488]  __pmd_alloc+0x40/0x298
[  295.085161][ T3488]  copy_page_range+0x15f4/0x2030
[  295.085344][ T3488]  dup_mmap+0x248/0x738
[  295.085525][ T3488]  copy_process+0xb10/0x1500
[  295.085718][ T3488]  kernel_clone+0x64/0x368
[  295.085905][ T3488]  __do_sys_clone+0x70/0xa8
[  295.086089][ T3488]  __arm64_sys_clone+0x20/0x2c
[  295.086227][ T3488]  invoke_syscall+0x48/0x110
[  295.086347][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  295.086463][ T3488]  do_el0_svc+0x1c/0x28
[  295.086577][ T3488]  el0_svc+0x34/0x10c
[  295.086697][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  295.086856][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  295.087423][ T3488] BUG: Bad page state in process syz-executor  pfn:492b2
[  295.087546][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0xf1f00000092b2200 pfn:0x492b2
[  295.087680][ T3488] flags: 0x1ffc80000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x2)
[  295.087859][ T3488] raw: 01ffc80000000000 dead000000000100 dead000000000122 0000000000000000
[  295.088004][ T3488] raw: f1f00000092b2200 0000000000000000 fffffe01ffffffff 0000000000000000
[  295.088109][ T3488] page dumped because: nonzero _refcount
[  295.088202][ T3488] Modules linked in:
[  295.088384][ T3488] CPU: 1 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  295.088542][ T3488] Tainted: [B]=BAD_PAGE
[  295.088592][ T3488] Hardware name: linux,dummy-virt (DT)
[  295.088647][ T3488] Call trace:
[  295.088692][ T3488]  show_stack+0x18/0x24 (C)
[  295.088812][ T3488]  dump_stack_lvl+0x78/0x90
[  295.088938][ T3488]  dump_stack+0x18/0x24
[  295.089053][ T3488]  bad_page+0x84/0x128
[  295.089169][ T3488]  check_new_page+0x104/0x130
[  295.089285][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  295.089401][ T3488]  get_page_from_freelist+0xa9c/0x19e0
[  295.089518][ T3488]  __alloc_frozen_pages_noprof+0x184/0xd34
[  295.089635][ T3488]  alloc_pages_mpol+0xb8/0x1b8
[  295.089758][ T3488]  alloc_frozen_pages_noprof+0x48/0xc0
[  295.089873][ T3488]  alloc_pages_noprof+0x10/0x28
[  295.089995][ T3488]  __pmd_alloc+0x40/0x298
[  295.090112][ T3488]  copy_page_range+0x15f4/0x2030
[  295.090226][ T3488]  dup_mmap+0x248/0x738
[  295.090341][ T3488]  copy_process+0xb10/0x1500
[  295.090457][ T3488]  kernel_clone+0x64/0x368
[  295.090574][ T3488]  __do_sys_clone+0x70/0xa8
[  295.090690][ T3488]  __arm64_sys_clone+0x20/0x2c
[  295.090838][ T3488]  invoke_syscall+0x48/0x110
[  295.090960][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  295.091079][ T3488]  do_el0_svc+0x1c/0x28
[  295.091195][ T3488]  el0_svc+0x34/0x10c
[  295.091313][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  295.091430][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  296.245906][ T3599] BUG: Bad page state in process syz.2.23  pfn:49359
[  296.246203][ T3599] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0xfbf0000009359870 pfn:0x49359
[  296.246470][ T3599] flags: 0x1ffe80000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xa)
[  296.246670][ T3599] raw: 01ffe80000000000 dead000000000100 dead000000000122 0000000000000000
[  296.246764][ T3599] raw: fbf0000009359870 0000000000000000 fffffe01ffffffff 0000000000000000
[  296.246866][ T3599] page dumped because: nonzero _refcount
[  296.246914][ T3599] Modules linked in:
[  296.247034][ T3599] CPU: 0 UID: 0 PID: 3599 Comm: syz.2.23 Tainted: G    B               syzkaller #0 PREEMPT 
[  296.247190][ T3599] Tainted: [B]=BAD_PAGE
[  296.247240][ T3599] Hardware name: linux,dummy-virt (DT)
[  296.247318][ T3599] Call trace:
[  296.247363][ T3599]  show_stack+0x18/0x24 (C)
[  296.247495][ T3599]  dump_stack_lvl+0x78/0x90
[  296.247625][ T3599]  dump_stack+0x18/0x24
[  296.247757][ T3599]  bad_page+0x84/0x128
[  296.247895][ T3599]  check_new_page+0x104/0x130
[  296.248011][ T3599]  __rmqueue_pcplist+0x14c/0x1080
[  296.248126][ T3599]  get_page_from_freelist+0xa9c/0x19e0
[  296.248241][ T3599]  __alloc_frozen_pages_noprof+0x184/0xd34
[  296.248356][ T3599]  alloc_pages_mpol+0xb8/0x1b8
[  296.248487][ T3599]  alloc_frozen_pages_noprof+0x48/0xc0
[  296.248607][ T3599]  alloc_pages_noprof+0x10/0x28
[  296.248720][ T3599]  get_free_pages_noprof+0x14/0x70
[  296.248846][ T3599]  __kvm_mmu_topup_memory_cache+0xac/0x198
[  296.248978][ T3599]  kvm_mmu_topup_memory_cache+0x18/0x24
[  296.249107][ T3599]  kvm_handle_guest_abort+0x7ec/0x115c
[  296.249224][ T3599]  handle_exit+0x60/0x184
[  296.249337][ T3599]  kvm_arch_vcpu_ioctl_run+0x308/0x8d4
[  296.249452][ T3599]  kvm_vcpu_ioctl+0x14c/0x878
[  296.249568][ T3599]  __arm64_sys_ioctl+0xac/0x104
[  296.249699][ T3599]  invoke_syscall+0x48/0x110
[  296.249816][ T3599]  el0_svc_common.constprop.0+0x40/0xe0
[  296.249931][ T3599]  do_el0_svc+0x1c/0x28
[  296.250053][ T3599]  el0_svc+0x34/0x10c
[  296.250170][ T3599]  el0t_64_sync_handler+0xa0/0xe4
[  296.250299][ T3599]  el0t_64_sync+0x1a4/0x1a8
[  296.250444][ T3599] BUG: Bad page state in process syz.2.23  pfn:49102
[  296.250506][ T3599] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0xf9f0000000000000 pfn:0x49102
[  296.250589][ T3599] flags: 0x1ffe40000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x9)
[  296.250734][ T3599] raw: 01ffe40000000000 dead000000000100 dead000000000122 0000000000000000
[  296.250866][ T3599] raw: f9f0000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  296.250944][ T3599] page dumped because: nonzero _refcount
[  296.251005][ T3599] Modules linked in:
[  296.251114][ T3599] CPU: 0 UID: 0 PID: 3599 Comm: syz.2.23 Tainted: G    B               syzkaller #0 PREEMPT 
[  296.251266][ T3599] Tainted: [B]=BAD_PAGE
[  296.251314][ T3599] Hardware name: linux,dummy-virt (DT)
[  296.251369][ T3599] Call trace:
[  296.251413][ T3599]  show_stack+0x18/0x24 (C)
[  296.251534][ T3599]  dump_stack_lvl+0x78/0x90
[  296.251708][ T3599]  dump_stack+0x18/0x24
[  296.251839][ T3599]  bad_page+0x84/0x128
[  296.251958][ T3599]  check_new_page+0x104/0x130
[  296.252072][ T3599]  __rmqueue_pcplist+0x14c/0x1080
[  296.252203][ T3599]  get_page_from_freelist+0xa9c/0x19e0
[  296.252356][ T3599]  __alloc_frozen_pages_noprof+0x184/0xd34
[  296.252502][ T3599]  alloc_pages_mpol+0xb8/0x1b8
[  296.252624][ T3599]  alloc_frozen_pages_noprof+0x48/0xc0
[  296.252737][ T3599]  alloc_pages_noprof+0x10/0x28
[  296.252864][ T3599]  get_free_pages_noprof+0x14/0x70
[  296.252998][ T3599]  __kvm_mmu_topup_memory_cache+0xac/0x198
[  296.253114][ T3599]  kvm_mmu_topup_memory_cache+0x18/0x24
[  296.253239][ T3599]  kvm_handle_guest_abort+0x7ec/0x115c
[  296.253359][ T3599]  handle_exit+0x60/0x184
[  296.253472][ T3599]  kvm_arch_vcpu_ioctl_run+0x308/0x8d4
[  296.253605][ T3599]  kvm_vcpu_ioctl+0x14c/0x878
[  296.253724][ T3599]  __arm64_sys_ioctl+0xac/0x104
[  296.253841][ T3599]  invoke_syscall+0x48/0x110
[  296.253958][ T3599]  el0_svc_common.constprop.0+0x40/0xe0
[  296.254090][ T3599]  do_el0_svc+0x1c/0x28
[  296.254209][ T3599]  el0_svc+0x34/0x10c
[  296.254457][ T3599]  el0t_64_sync_handler+0xa0/0xe4
[  296.254595][ T3599]  el0t_64_sync+0x1a4/0x1a8
[  297.422237][ T3488] BUG: Bad page state in process syz-executor  pfn:48863
[  297.422811][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0xfbf00000088631b0 pfn:0x48863
[  297.423054][ T3488] flags: 0x1fff40000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xd)
[  297.423339][ T3488] raw: 01fff40000000000 dead000000000100 dead000000000122 0000000000000000
[  297.423518][ T3488] raw: fbf00000088631b0 0000000000000000 fffffe01ffffffff 0000000000000000
[  297.423634][ T3488] page dumped because: nonzero _refcount
[  297.423725][ T3488] Modules linked in:
[  297.423905][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  297.424183][ T3488] Tainted: [B]=BAD_PAGE
[  297.424349][ T3488] Hardware name: linux,dummy-virt (DT)
[  297.424483][ T3488] Call trace:
[  297.424644][ T3488]  show_stack+0x18/0x24 (C)
[  297.424876][ T3488]  dump_stack_lvl+0x78/0x90
[  297.425101][ T3488]  dump_stack+0x18/0x24
[  297.425355][ T3488]  bad_page+0x84/0x128
[  297.425598][ T3488]  check_new_page+0x104/0x130
[  297.425782][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  297.426063][ T3488]  get_page_from_freelist+0xa9c/0x19e0
[  297.426284][ T3488]  __alloc_frozen_pages_noprof+0x184/0xd34
[  297.426524][ T3488]  alloc_pages_mpol+0xb8/0x1b8
[  297.426862][ T3488]  alloc_frozen_pages_noprof+0x48/0xc0
[  297.427072][ T3488]  alloc_pages_noprof+0x10/0x28
[  297.427306][ T3488]  __pmd_alloc+0x40/0x298
[  297.427577][ T3488]  copy_page_range+0x15f4/0x2030
[  297.427783][ T3488]  dup_mmap+0x248/0x738
[  297.428007][ T3488]  copy_process+0xb10/0x1500
[  297.428212][ T3488]  kernel_clone+0x64/0x368
[  297.428430][ T3488]  __do_sys_clone+0x70/0xa8
[  297.428645][ T3488]  __arm64_sys_clone+0x20/0x2c
[  297.428862][ T3488]  invoke_syscall+0x48/0x110
[  297.429169][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  297.429420][ T3488]  do_el0_svc+0x1c/0x28
[  297.429650][ T3488]  el0_svc+0x34/0x10c
[  297.429874][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  297.430074][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  297.431262][ T3488] BUG: Bad page state in process syz-executor  pfn:491f9
[  297.431387][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0xfdf0000000000000 pfn:0x491f9
[  297.431547][ T3488] flags: 0x1ffec0000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xb)
[  297.431794][ T3488] raw: 01ffec0000000000 dead000000000100 dead000000000122 0000000000000000
[  297.431975][ T3488] raw: fdf0000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  297.432088][ T3488] page dumped because: nonzero _refcount
[  297.432175][ T3488] Modules linked in:
[  297.432368][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  297.432697][ T3488] Tainted: [B]=BAD_PAGE
[  297.432792][ T3488] Hardware name: linux,dummy-virt (DT)
[  297.432902][ T3488] Call trace:
[  297.432985][ T3488]  show_stack+0x18/0x24 (C)
[  297.433252][ T3488]  dump_stack_lvl+0x78/0x90
[  297.433450][ T3488]  dump_stack+0x18/0x24
[  297.433664][ T3488]  bad_page+0x84/0x128
[  297.433867][ T3488]  check_new_page+0x104/0x130
[  297.434055][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  297.434290][ T3488]  get_page_from_freelist+0xa9c/0x19e0
[  297.434489][ T3488]  __alloc_frozen_pages_noprof+0x184/0xd34
[  297.434689][ T3488]  alloc_pages_mpol+0xb8/0x1b8
[  297.434930][ T3488]  alloc_frozen_pages_noprof+0x48/0xc0
[  297.435120][ T3488]  alloc_pages_noprof+0x10/0x28
[  297.435304][ T3488]  __pmd_alloc+0x40/0x298
[  297.435547][ T3488]  copy_page_range+0x15f4/0x2030
[  297.435773][ T3488]  dup_mmap+0x248/0x738
[  297.436054][ T3488]  copy_process+0xb10/0x1500
[  297.436361][ T3488]  kernel_clone+0x64/0x368
[  297.436646][ T3488]  __do_sys_clone+0x70/0xa8
[  297.436869][ T3488]  __arm64_sys_clone+0x20/0x2c
[  297.437130][ T3488]  invoke_syscall+0x48/0x110
[  297.437437][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  297.437646][ T3488]  do_el0_svc+0x1c/0x28
[  297.437865][ T3488]  el0_svc+0x34/0x10c
[  297.438179][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  297.438383][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  298.530431][ T3488] BUG: Bad page state in process syz-executor  pfn:5360d
[  298.530916][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5360d
[  298.531365][ T3488] flags: 0x1ffe00000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x8)
[  298.531624][ T3488] raw: 01ffe00000000000 dead000000000100 dead000000000122 0000000000000000
[  298.531834][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  298.531938][ T3488] page dumped because: nonzero _refcount
[  298.532021][ T3488] Modules linked in:
[  298.532201][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  298.532477][ T3488] Tainted: [B]=BAD_PAGE
[  298.532570][ T3488] Hardware name: linux,dummy-virt (DT)
[  298.532672][ T3488] Call trace:
[  298.532752][ T3488]  show_stack+0x18/0x24 (C)
[  298.532993][ T3488]  dump_stack_lvl+0x78/0x90
[  298.533207][ T3488]  dump_stack+0x18/0x24
[  298.533416][ T3488]  bad_page+0x84/0x128
[  298.533634][ T3488]  check_new_page+0x104/0x130
[  298.533853][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  298.534061][ T3488]  get_page_from_freelist+0xa9c/0x19e0
[  298.534290][ T3488]  __alloc_frozen_pages_noprof+0x184/0xd34
[  298.534628][ T3488]  alloc_pages_mpol+0xb8/0x1b8
[  298.534919][ T3488]  alloc_frozen_pages_noprof+0x48/0xc0
[  298.535149][ T3488]  alloc_pages_noprof+0x10/0x28
[  298.535360][ T3488]  __pmd_alloc+0x40/0x298
[  298.535606][ T3488]  copy_page_range+0x15f4/0x2030
[  298.535846][ T3488]  dup_mmap+0x248/0x738
[  298.536055][ T3488]  copy_process+0xb10/0x1500
[  298.536277][ T3488]  kernel_clone+0x64/0x368
[  298.536517][ T3488]  __do_sys_clone+0x70/0xa8
[  298.536728][ T3488]  __arm64_sys_clone+0x20/0x2c
[  298.536982][ T3488]  invoke_syscall+0x48/0x110
[  298.537247][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  298.537519][ T3488]  do_el0_svc+0x1c/0x28
[  298.537725][ T3488]  el0_svc+0x34/0x10c
[  298.537974][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  298.538182][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  298.538950][ T3488] BUG: Bad page state in process syz-executor  pfn:5352c
[  298.539083][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5352c
[  298.539235][ T3488] flags: 0x1fff40000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xd)
[  298.539496][ T3488] raw: 01fff40000000000 dead000000000100 dead000000000122 0000000000000000
[  298.539681][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  298.539819][ T3488] page dumped because: nonzero _refcount
[  298.539907][ T3488] Modules linked in:
[  298.540053][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  298.540336][ T3488] Tainted: [B]=BAD_PAGE
[  298.540451][ T3488] Hardware name: linux,dummy-virt (DT)
[  298.540549][ T3488] Call trace:
[  298.540628][ T3488]  show_stack+0x18/0x24 (C)
[  298.540853][ T3488]  dump_stack_lvl+0x78/0x90
[  298.541082][ T3488]  dump_stack+0x18/0x24
[  298.541296][ T3488]  bad_page+0x84/0x128
[  298.541531][ T3488]  check_new_page+0x104/0x130
[  298.541745][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  298.541968][ T3488]  get_page_from_freelist+0xa9c/0x19e0
[  298.542198][ T3488]  __alloc_frozen_pages_noprof+0x184/0xd34
[  298.542417][ T3488]  alloc_pages_mpol+0xb8/0x1b8
[  298.542626][ T3488]  alloc_frozen_pages_noprof+0x48/0xc0
[  298.542865][ T3488]  alloc_pages_noprof+0x10/0x28
[  298.543066][ T3488]  __pmd_alloc+0x40/0x298
[  298.543274][ T3488]  copy_page_range+0x15f4/0x2030
[  298.543483][ T3488]  dup_mmap+0x248/0x738
[  298.543691][ T3488]  copy_process+0xb10/0x1500
[  298.543937][ T3488]  kernel_clone+0x64/0x368
[  298.544153][ T3488]  __do_sys_clone+0x70/0xa8
[  298.544482][ T3488]  __arm64_sys_clone+0x20/0x2c
[  298.544699][ T3488]  invoke_syscall+0x48/0x110
[  298.544948][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  298.545166][ T3488]  do_el0_svc+0x1c/0x28
[  298.545384][ T3488]  el0_svc+0x34/0x10c
[  298.545654][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  298.545914][ T3488]  el0t_64_sync+0x1a4/0x1a8
1970/01/01 00:04:59 executed programs: 11
[  300.076502][ T3602] BUG: Bad page state in process syz.2.26  pfn:53640
[  300.077018][ T3602] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53640
[  300.077499][ T3602] flags: 0x1ffe00000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x8)
[  300.077920][ T3602] raw: 01ffe00000000000 dead000000000100 dead000000000122 0000000000000000
[  300.078193][ T3602] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  300.078441][ T3602] page dumped because: nonzero _refcount
[  300.078630][ T3602] Modules linked in:
[  300.079197][ T3602] CPU: 0 UID: 0 PID: 3602 Comm: syz.2.26 Tainted: G    B               syzkaller #0 PREEMPT 
[  300.079449][ T3602] Tainted: [B]=BAD_PAGE
[  300.079593][ T3602] Hardware name: linux,dummy-virt (DT)
[  300.079689][ T3602] Call trace:
[  300.079773][ T3602]  show_stack+0x18/0x24 (C)
[  300.080033][ T3602]  dump_stack_lvl+0x78/0x90
[  300.080248][ T3602]  dump_stack+0x18/0x24
[  300.080475][ T3602]  bad_page+0x84/0x128
[  300.080696][ T3602]  check_new_page+0x104/0x130
[  300.080918][ T3602]  __rmqueue_pcplist+0x14c/0x1080
[  300.081125][ T3602]  get_page_from_freelist+0xa9c/0x19e0
[  300.081373][ T3602]  __alloc_frozen_pages_noprof+0x184/0xd34
[  300.081616][ T3602]  alloc_pages_mpol+0xb8/0x1b8
[  300.081882][ T3602]  alloc_frozen_pages_noprof+0x48/0xc0
[  300.082095][ T3602]  alloc_pages_noprof+0x10/0x28
[  300.082348][ T3602]  kvm_vm_ioctl+0x460/0x14b8
[  300.082560][ T3602]  __arm64_sys_ioctl+0xac/0x104
[  300.082862][ T3602]  invoke_syscall+0x48/0x110
[  300.083079][ T3602]  el0_svc_common.constprop.0+0x40/0xe0
[  300.083299][ T3602]  do_el0_svc+0x1c/0x28
[  300.083505][ T3602]  el0_svc+0x34/0x10c
[  300.083727][ T3602]  el0t_64_sync_handler+0xa0/0xe4
[  300.084008][ T3602]  el0t_64_sync+0x1a4/0x1a8
[  300.085068][ T3602] BUG: Bad page state in process syz.2.26  pfn:53614
[  300.085295][ T3602] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53614
[  300.085552][ T3602] flags: 0x1ffdc0000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x7)
[  300.085923][ T3602] raw: 01ffdc0000000000 dead000000000100 dead000000000122 0000000000000000
[  300.086257][ T3602] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  300.086476][ T3602] page dumped because: nonzero _refcount
[  300.086661][ T3602] Modules linked in:
[  300.087094][ T3602] CPU: 0 UID: 0 PID: 3602 Comm: syz.2.26 Tainted: G    B               syzkaller #0 PREEMPT 
[  300.087400][ T3602] Tainted: [B]=BAD_PAGE
[  300.087498][ T3602] Hardware name: linux,dummy-virt (DT)
[  300.087606][ T3602] Call trace:
[  300.087693][ T3602]  show_stack+0x18/0x24 (C)
[  300.087935][ T3602]  dump_stack_lvl+0x78/0x90
[  300.088158][ T3602]  dump_stack+0x18/0x24
[  300.088376][ T3602]  bad_page+0x84/0x128
[  300.088594][ T3602]  check_new_page+0x104/0x130
[  300.088813][ T3602]  __rmqueue_pcplist+0x14c/0x1080
[  300.089053][ T3602]  get_page_from_freelist+0xa9c/0x19e0
[  300.089272][ T3602]  __alloc_frozen_pages_noprof+0x184/0xd34
[  300.089485][ T3602]  alloc_pages_mpol+0xb8/0x1b8
[  300.089707][ T3602]  alloc_frozen_pages_noprof+0x48/0xc0
[  300.089945][ T3602]  alloc_pages_noprof+0x10/0x28
[  300.090162][ T3602]  kvm_vm_ioctl+0x460/0x14b8
[  300.090382][ T3602]  __arm64_sys_ioctl+0xac/0x104
[  300.090622][ T3602]  invoke_syscall+0x48/0x110
[  300.090950][ T3602]  el0_svc_common.constprop.0+0x40/0xe0
[  300.091200][ T3602]  do_el0_svc+0x1c/0x28
[  300.091423][ T3602]  el0_svc+0x34/0x10c
[  300.091694][ T3602]  el0t_64_sync_handler+0xa0/0xe4
[  300.091966][ T3602]  el0t_64_sync+0x1a4/0x1a8
[  301.589623][ T3603] BUG: Bad page state in process syz.2.27  pfn:53668
[  301.590163][ T3603] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53668
[  301.590583][ T3603] flags: 0x1ffd00000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x4)
[  301.590889][ T3603] raw: 01ffd00000000000 dead000000000100 dead000000000122 0000000000000000
[  301.591050][ T3603] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  301.591146][ T3603] page dumped because: nonzero _refcount
[  301.591269][ T3603] Modules linked in:
[  301.591502][ T3603] CPU: 0 UID: 0 PID: 3603 Comm: syz.2.27 Tainted: G    B               syzkaller #0 PREEMPT 
[  301.591763][ T3603] Tainted: [B]=BAD_PAGE
[  301.591846][ T3603] Hardware name: linux,dummy-virt (DT)
[  301.591945][ T3603] Call trace:
[  301.592028][ T3603]  show_stack+0x18/0x24 (C)
[  301.592257][ T3603]  dump_stack_lvl+0x78/0x90
[  301.592486][ T3603]  dump_stack+0x18/0x24
[  301.592709][ T3603]  bad_page+0x84/0x128
[  301.592913][ T3603]  check_new_page+0x104/0x130
[  301.593111][ T3603]  __rmqueue_pcplist+0x14c/0x1080
[  301.593339][ T3603]  get_page_from_freelist+0xa9c/0x19e0
[  301.593554][ T3603]  __alloc_frozen_pages_noprof+0x184/0xd34
[  301.593763][ T3603]  alloc_pages_mpol+0xb8/0x1b8
[  301.593966][ T3603]  alloc_frozen_pages_noprof+0x48/0xc0
[  301.594164][ T3603]  alloc_pages_noprof+0x10/0x28
[  301.594432][ T3603]  get_free_pages_noprof+0x14/0x70
[  301.594649][ T3603]  __kvm_mmu_topup_memory_cache+0xac/0x198
[  301.594891][ T3603]  kvm_mmu_topup_memory_cache+0x18/0x24
[  301.595132][ T3603]  kvm_handle_guest_abort+0x7ec/0x115c
[  301.595378][ T3603]  handle_exit+0x60/0x184
[  301.595639][ T3603]  kvm_arch_vcpu_ioctl_run+0x308/0x8d4
[  301.595879][ T3603]  kvm_vcpu_ioctl+0x14c/0x878
[  301.596106][ T3603]  __arm64_sys_ioctl+0xac/0x104
[  301.596354][ T3603]  invoke_syscall+0x48/0x110
[  301.596611][ T3603]  el0_svc_common.constprop.0+0x40/0xe0
[  301.596858][ T3603]  do_el0_svc+0x1c/0x28
[  301.597102][ T3603]  el0_svc+0x34/0x10c
[  301.597308][ T3603]  el0t_64_sync_handler+0xa0/0xe4
[  301.597570][ T3603]  el0t_64_sync+0x1a4/0x1a8
[  301.598926][ T3603] BUG: Bad page state in process syz.2.27  pfn:5363c
[  301.599043][ T3603] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5363c
[  301.599212][ T3603] flags: 0x1ffd80000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x6)
[  301.599443][ T3603] raw: 01ffd80000000000 dead000000000100 dead000000000122 0000000000000000
[  301.599648][ T3603] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  301.599760][ T3603] page dumped because: nonzero _refcount
[  301.599842][ T3603] Modules linked in:
[  301.599994][ T3603] CPU: 0 UID: 0 PID: 3603 Comm: syz.2.27 Tainted: G    B               syzkaller #0 PREEMPT 
[  301.600249][ T3603] Tainted: [B]=BAD_PAGE
[  301.600338][ T3603] Hardware name: linux,dummy-virt (DT)
[  301.600456][ T3603] Call trace:
[  301.600535][ T3603]  show_stack+0x18/0x24 (C)
[  301.600771][ T3603]  dump_stack_lvl+0x78/0x90
[  301.600973][ T3603]  dump_stack+0x18/0x24
[  301.601160][ T3603]  bad_page+0x84/0x128
[  301.601360][ T3603]  check_new_page+0x104/0x130
[  301.601564][ T3603]  __rmqueue_pcplist+0x14c/0x1080
[  301.601768][ T3603]  get_page_from_freelist+0xa9c/0x19e0
[  301.601963][ T3603]  __alloc_frozen_pages_noprof+0x184/0xd34
[  301.602154][ T3603]  alloc_pages_mpol+0xb8/0x1b8
[  301.602373][ T3603]  alloc_frozen_pages_noprof+0x48/0xc0
[  301.602565][ T3603]  alloc_pages_noprof+0x10/0x28
[  301.602758][ T3603]  get_free_pages_noprof+0x14/0x70
[  301.603159][ T3603]  __kvm_mmu_topup_memory_cache+0xac/0x198
[  301.603363][ T3603]  kvm_mmu_topup_memory_cache+0x18/0x24
[  301.603531][ T3603]  kvm_handle_guest_abort+0x7ec/0x115c
[  301.603766][ T3603]  handle_exit+0x60/0x184
[  301.603944][ T3603]  kvm_arch_vcpu_ioctl_run+0x308/0x8d4
[  301.604138][ T3603]  kvm_vcpu_ioctl+0x14c/0x878
[  301.604406][ T3603]  __arm64_sys_ioctl+0xac/0x104
[  301.604668][ T3603]  invoke_syscall+0x48/0x110
[  301.604857][ T3603]  el0_svc_common.constprop.0+0x40/0xe0
[  301.605059][ T3603]  do_el0_svc+0x1c/0x28
[  301.605307][ T3603]  el0_svc+0x34/0x10c
[  301.605538][ T3603]  el0t_64_sync_handler+0xa0/0xe4
[  301.605768][ T3603]  el0t_64_sync+0x1a4/0x1a8
[  305.230045][ T3488] BUG: Bad page state in process syz-executor  pfn:5362b
[  305.230373][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5362b
[  305.230668][ T3488] flags: 0x1ffdc0000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x7)
[  305.230856][ T3488] raw: 01ffdc0000000000 dead000000000100 dead000000000122 0000000000000000
[  305.231094][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  305.231226][ T3488] page dumped because: nonzero _refcount
[  305.231309][ T3488] Modules linked in:
[  305.231479][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  305.231727][ T3488] Tainted: [B]=BAD_PAGE
[  305.231806][ T3488] Hardware name: linux,dummy-virt (DT)
[  305.231903][ T3488] Call trace:
[  305.231994][ T3488]  show_stack+0x18/0x24 (C)
[  305.232217][ T3488]  dump_stack_lvl+0x78/0x90
[  305.232416][ T3488]  dump_stack+0x18/0x24
[  305.232613][ T3488]  bad_page+0x84/0x128
[  305.232768][ T3488]  check_new_page+0x104/0x130
[  305.232963][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  305.233157][ T3488]  get_page_from_freelist+0xa9c/0x19e0
[  305.233373][ T3488]  __alloc_frozen_pages_noprof+0x184/0xd34
[  305.233569][ T3488]  alloc_pages_mpol+0xb8/0x1b8
[  305.233767][ T3488]  alloc_frozen_pages_noprof+0x48/0xc0
[  305.233961][ T3488]  alloc_pages_noprof+0x10/0x28
[  305.234151][ T3488]  __pmd_alloc+0x40/0x298
[  305.234437][ T3488]  copy_page_range+0x15f4/0x2030
[  305.234652][ T3488]  dup_mmap+0x248/0x738
[  305.234867][ T3488]  copy_process+0xb10/0x1500
[  305.235041][ T3488]  kernel_clone+0x64/0x368
[  305.235155][ T3488]  __do_sys_clone+0x70/0xa8
[  305.235269][ T3488]  __arm64_sys_clone+0x20/0x2c
[  305.235425][ T3488]  invoke_syscall+0x48/0x110
[  305.235542][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  305.235661][ T3488]  do_el0_svc+0x1c/0x28
[  305.235775][ T3488]  el0_svc+0x34/0x10c
[  305.235893][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  305.236007][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  305.236859][ T3488] BUG: Bad page state in process syz-executor  pfn:5354e
[  305.236968][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5354e
[  305.237113][ T3488] flags: 0x1ffc80000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x2)
[  305.237352][ T3488] raw: 01ffc80000000000 dead000000000100 dead000000000122 0000000000000000
[  305.237522][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  305.237627][ T3488] page dumped because: nonzero _refcount
[  305.237703][ T3488] Modules linked in:
[  305.237850][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  305.238107][ T3488] Tainted: [B]=BAD_PAGE
[  305.238170][ T3488] Hardware name: linux,dummy-virt (DT)
1970/01/01 00:05:05 executed programs: 15
[  305.238226][ T3488] Call trace:
[  305.238281][ T3488]  show_stack+0x18/0x24 (C)
[  305.238500][ T3488]  dump_stack_lvl+0x78/0x90
[  305.238720][ T3488]  dump_stack+0x18/0x24
[  305.238948][ T3488]  bad_page+0x84/0x128
[  305.239168][ T3488]  check_new_page+0x104/0x130
[  305.239367][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  305.239558][ T3488]  get_page_from_freelist+0xa9c/0x19e0
[  305.239756][ T3488]  __alloc_frozen_pages_noprof+0x184/0xd34
[  305.239950][ T3488]  alloc_pages_mpol+0xb8/0x1b8
[  305.240141][ T3488]  alloc_frozen_pages_noprof+0x48/0xc0
[  305.240315][ T3488]  alloc_pages_noprof+0x10/0x28
[  305.240488][ T3488]  __pmd_alloc+0x40/0x298
[  305.240712][ T3488]  copy_page_range+0x15f4/0x2030
[  305.240924][ T3488]  dup_mmap+0x248/0x738
[  305.241144][ T3488]  copy_process+0xb10/0x1500
[  305.241346][ T3488]  kernel_clone+0x64/0x368
[  305.241549][ T3488]  __do_sys_clone+0x70/0xa8
[  305.241768][ T3488]  __arm64_sys_clone+0x20/0x2c
[  305.241961][ T3488]  invoke_syscall+0x48/0x110
[  305.242201][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  305.242383][ T3488]  do_el0_svc+0x1c/0x28
[  305.242568][ T3488]  el0_svc+0x34/0x10c
[  305.242783][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  305.242984][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  305.385696][ T3606] BUG: Bad page state in process syz.2.30  pfn:5366a
[  305.385968][ T3606] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5366a
[  305.386200][ T3606] flags: 0x1ffdc0000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x7)
[  305.386340][ T3606] raw: 01ffdc0000000000 dead000000000100 dead000000000122 0000000000000000
[  305.386430][ T3606] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  305.386529][ T3606] page dumped because: nonzero _refcount
[  305.386598][ T3606] Modules linked in:
[  305.386704][ T3606] CPU: 0 UID: 0 PID: 3606 Comm: syz.2.30 Tainted: G    B               syzkaller #0 PREEMPT 
[  305.386923][ T3606] Tainted: [B]=BAD_PAGE
[  305.386975][ T3606] Hardware name: linux,dummy-virt (DT)
[  305.387031][ T3606] Call trace:
[  305.387091][ T3606]  show_stack+0x18/0x24 (C)
[  305.387224][ T3606]  dump_stack_lvl+0x78/0x90
[  305.387341][ T3606]  dump_stack+0x18/0x24
[  305.387467][ T3606]  bad_page+0x84/0x128
[  305.387598][ T3606]  check_new_page+0x104/0x130
[  305.387740][ T3606]  __rmqueue_pcplist+0x14c/0x1080
[  305.387875][ T3606]  get_page_from_freelist+0xa9c/0x19e0
[  305.387990][ T3606]  __alloc_frozen_pages_noprof+0x184/0xd34
[  305.388104][ T3606]  alloc_pages_mpol+0xb8/0x1b8
[  305.388218][ T3606]  alloc_frozen_pages_noprof+0x48/0xc0
[  305.388348][ T3606]  alloc_pages_noprof+0x10/0x28
[  305.388462][ T3606]  get_free_pages_noprof+0x14/0x70
[  305.388575][ T3606]  __kvm_mmu_topup_memory_cache+0xac/0x198
[  305.388694][ T3606]  kvm_mmu_topup_memory_cache+0x18/0x24
[  305.388805][ T3606]  kvm_handle_guest_abort+0x7ec/0x115c
[  305.388920][ T3606]  handle_exit+0x60/0x184
[  305.389031][ T3606]  kvm_arch_vcpu_ioctl_run+0x308/0x8d4
[  305.389146][ T3606]  kvm_vcpu_ioctl+0x14c/0x878
[  305.389280][ T3606]  __arm64_sys_ioctl+0xac/0x104
[  305.389414][ T3606]  invoke_syscall+0x48/0x110
[  305.389549][ T3606]  el0_svc_common.constprop.0+0x40/0xe0
[  305.389670][ T3606]  do_el0_svc+0x1c/0x28
[  305.389797][ T3606]  el0_svc+0x34/0x10c
[  305.389931][ T3606]  el0t_64_sync_handler+0xa0/0xe4
[  305.390061][ T3606]  el0t_64_sync+0x1a4/0x1a8
[  305.390191][ T3606] BUG: Bad page state in process syz.2.30  pfn:5363a
[  305.390263][ T3606] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5363a
[  305.390345][ T3606] flags: 0x1ffcc0000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x3)
[  305.390473][ T3606] raw: 01ffcc0000000000 dead000000000100 dead000000000122 0000000000000000
[  305.390581][ T3606] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  305.390642][ T3606] page dumped because: nonzero _refcount
[  305.390688][ T3606] Modules linked in:
[  305.390831][ T3606] CPU: 0 UID: 0 PID: 3606 Comm: syz.2.30 Tainted: G    B               syzkaller #0 PREEMPT 
[  305.391004][ T3606] Tainted: [B]=BAD_PAGE
[  305.391068][ T3606] Hardware name: linux,dummy-virt (DT)
[  305.391124][ T3606] Call trace:
[  305.391167][ T3606]  show_stack+0x18/0x24 (C)
[  305.391294][ T3606]  dump_stack_lvl+0x78/0x90
[  305.391428][ T3606]  dump_stack+0x18/0x24
[  305.391562][ T3606]  bad_page+0x84/0x128
[  305.391698][ T3606]  check_new_page+0x104/0x130
[  305.391841][ T3606]  __rmqueue_pcplist+0x14c/0x1080
[  305.391957][ T3606]  get_page_from_freelist+0xa9c/0x19e0
[  305.392085][ T3606]  __alloc_frozen_pages_noprof+0x184/0xd34
[  305.392211][ T3606]  alloc_pages_mpol+0xb8/0x1b8
[  305.392339][ T3606]  alloc_frozen_pages_noprof+0x48/0xc0
[  305.392480][ T3606]  alloc_pages_noprof+0x10/0x28
[  305.392592][ T3606]  get_free_pages_noprof+0x14/0x70
[  305.392709][ T3606]  __kvm_mmu_topup_memory_cache+0xac/0x198
[  305.392835][ T3606]  kvm_mmu_topup_memory_cache+0x18/0x24
[  305.392951][ T3606]  kvm_handle_guest_abort+0x7ec/0x115c
[  305.393065][ T3606]  handle_exit+0x60/0x184
[  305.393214][ T3606]  kvm_arch_vcpu_ioctl_run+0x308/0x8d4
[  305.393401][ T3606]  kvm_vcpu_ioctl+0x14c/0x878
[  305.393516][ T3606]  __arm64_sys_ioctl+0xac/0x104
[  305.393657][ T3606]  invoke_syscall+0x48/0x110
[  305.393814][ T3606]  el0_svc_common.constprop.0+0x40/0xe0
[  305.393951][ T3606]  do_el0_svc+0x1c/0x28
[  305.394083][ T3606]  el0_svc+0x34/0x10c
[  305.394274][ T3606]  el0t_64_sync_handler+0xa0/0xe4
[  305.394397][ T3606]  el0t_64_sync+0x1a4/0x1a8
[  307.682526][ T3608] BUG: Bad page state in process syz.2.32  pfn:5365d
[  307.683082][ T3608] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5365d
[  307.683505][ T3608] flags: 0x1fff80000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xe)
[  307.683773][ T3608] raw: 01fff80000000000 dead000000000100 dead000000000122 0000000000000000
[  307.683955][ T3608] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  307.684059][ T3608] page dumped because: nonzero _refcount
[  307.684150][ T3608] Modules linked in:
[  307.685284][ T3608] CPU: 0 UID: 0 PID: 3608 Comm: syz.2.32 Tainted: G    B               syzkaller #0 PREEMPT 
[  307.685578][ T3608] Tainted: [B]=BAD_PAGE
[  307.685672][ T3608] Hardware name: linux,dummy-virt (DT)
[  307.685780][ T3608] Call trace:
[  307.685871][ T3608]  show_stack+0x18/0x24 (C)
[  307.686111][ T3608]  dump_stack_lvl+0x78/0x90
[  307.686329][ T3608]  dump_stack+0x18/0x24
[  307.686566][ T3608]  bad_page+0x84/0x128
[  307.686828][ T3608]  check_new_page+0x104/0x130
[  307.687072][ T3608]  __rmqueue_pcplist+0x14c/0x1080
[  307.687293][ T3608]  get_page_from_freelist+0xa9c/0x19e0
[  307.687523][ T3608]  __alloc_frozen_pages_noprof+0x184/0xd34
[  307.687731][ T3608]  alloc_pages_mpol+0xb8/0x1b8
[  307.687984][ T3608]  alloc_frozen_pages_noprof+0x48/0xc0
[  307.688199][ T3608]  alloc_pages_noprof+0x10/0x28
[  307.688413][ T3608]  get_free_pages_noprof+0x14/0x70
[  307.688649][ T3608]  __kvm_mmu_topup_memory_cache+0xac/0x198
[  307.688883][ T3608]  kvm_mmu_topup_memory_cache+0x18/0x24
[  307.689098][ T3608]  kvm_handle_guest_abort+0x7ec/0x115c
[  307.689318][ T3608]  handle_exit+0x60/0x184
[  307.689535][ T3608]  kvm_arch_vcpu_ioctl_run+0x308/0x8d4
[  307.689757][ T3608]  kvm_vcpu_ioctl+0x14c/0x878
[  307.689985][ T3608]  __arm64_sys_ioctl+0xac/0x104
[  307.690208][ T3608]  invoke_syscall+0x48/0x110
[  307.690428][ T3608]  el0_svc_common.constprop.0+0x40/0xe0
[  307.690649][ T3608]  do_el0_svc+0x1c/0x28
[  307.690895][ T3608]  el0_svc+0x34/0x10c
[  307.691113][ T3608]  el0t_64_sync_handler+0xa0/0xe4
[  307.691317][ T3608]  el0t_64_sync+0x1a4/0x1a8
[  307.692059][ T3608] BUG: Bad page state in process syz.2.32  pfn:53613
[  307.692164][ T3608] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53613
[  307.692308][ T3608] flags: 0x1ffe40000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x9)
[  307.692544][ T3608] raw: 01ffe40000000000 dead000000000100 dead000000000122 0000000000000000
[  307.692705][ T3608] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  307.692822][ T3608] page dumped because: nonzero _refcount
[  307.692910][ T3608] Modules linked in:
[  307.693065][ T3608] CPU: 0 UID: 0 PID: 3608 Comm: syz.2.32 Tainted: G    B               syzkaller #0 PREEMPT 
[  307.693366][ T3608] Tainted: [B]=BAD_PAGE
[  307.693461][ T3608] Hardware name: linux,dummy-virt (DT)
[  307.693562][ T3608] Call trace:
[  307.693643][ T3608]  show_stack+0x18/0x24 (C)
[  307.693886][ T3608]  dump_stack_lvl+0x78/0x90
[  307.694107][ T3608]  dump_stack+0x18/0x24
[  307.694345][ T3608]  bad_page+0x84/0x128
[  307.694558][ T3608]  check_new_page+0x104/0x130
[  307.694761][ T3608]  __rmqueue_pcplist+0x14c/0x1080
[  307.695056][ T3608]  get_page_from_freelist+0xa9c/0x19e0
[  307.695250][ T3608]  __alloc_frozen_pages_noprof+0x184/0xd34
[  307.695470][ T3608]  alloc_pages_mpol+0xb8/0x1b8
[  307.695716][ T3608]  alloc_frozen_pages_noprof+0x48/0xc0
[  307.695965][ T3608]  alloc_pages_noprof+0x10/0x28
[  307.696228][ T3608]  get_free_pages_noprof+0x14/0x70
[  307.696451][ T3608]  __kvm_mmu_topup_memory_cache+0xac/0x198
[  307.696663][ T3608]  kvm_mmu_topup_memory_cache+0x18/0x24
[  307.696905][ T3608]  kvm_handle_guest_abort+0x7ec/0x115c
[  307.697159][ T3608]  handle_exit+0x60/0x184
[  307.697473][ T3608]  kvm_arch_vcpu_ioctl_run+0x308/0x8d4
[  307.697680][ T3608]  kvm_vcpu_ioctl+0x14c/0x878
[  307.697921][ T3608]  __arm64_sys_ioctl+0xac/0x104
[  307.698160][ T3608]  invoke_syscall+0x48/0x110
[  307.698409][ T3608]  el0_svc_common.constprop.0+0x40/0xe0
[  307.698618][ T3608]  do_el0_svc+0x1c/0x28
[  307.698905][ T3608]  el0_svc+0x34/0x10c
[  307.699137][ T3608]  el0t_64_sync_handler+0xa0/0xe4
[  307.699386][ T3608]  el0t_64_sync+0x1a4/0x1a8
[  309.092738][ T3488] BUG: Bad page state in process syz-executor  pfn:5365f
[  309.093266][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5365f
[  309.093705][ T3488] flags: 0x1fff40000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xd)
[  309.093980][ T3488] raw: 01fff40000000000 dead000000000100 dead000000000122 0000000000000000
[  309.094164][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  309.094372][ T3488] page dumped because: nonzero _refcount
[  309.095067][ T3488] Modules linked in:
[  309.095284][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  309.095574][ T3488] Tainted: [B]=BAD_PAGE
[  309.095667][ T3488] Hardware name: linux,dummy-virt (DT)
[  309.095763][ T3488] Call trace:
[  309.095846][ T3488]  show_stack+0x18/0x24 (C)
[  309.096055][ T3488]  dump_stack_lvl+0x78/0x90
[  309.096246][ T3488]  dump_stack+0x18/0x24
[  309.096430][ T3488]  bad_page+0x84/0x128
[  309.096614][ T3488]  check_new_page+0x104/0x130
[  309.096808][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  309.097016][ T3488]  get_page_from_freelist+0xa9c/0x19e0
[  309.097224][ T3488]  __alloc_frozen_pages_noprof+0x184/0xd34
[  309.097484][ T3488]  alloc_pages_mpol+0xb8/0x1b8
[  309.097712][ T3488]  alloc_frozen_pages_noprof+0x48/0xc0
[  309.097923][ T3488]  alloc_pages_noprof+0x10/0x28
[  309.098144][ T3488]  __pmd_alloc+0x40/0x298
[  309.098356][ T3488]  copy_page_range+0x15f4/0x2030
[  309.098555][ T3488]  dup_mmap+0x248/0x738
[  309.098764][ T3488]  copy_process+0xb10/0x1500
[  309.099027][ T3488]  kernel_clone+0x64/0x368
[  309.099245][ T3488]  __do_sys_clone+0x70/0xa8
[  309.099469][ T3488]  __arm64_sys_clone+0x20/0x2c
[  309.099653][ T3488]  invoke_syscall+0x48/0x110
[  309.099865][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  309.100068][ T3488]  do_el0_svc+0x1c/0x28
[  309.100297][ T3488]  el0_svc+0x34/0x10c
[  309.100519][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  309.100731][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  309.100952][ T3488] BUG: Bad page state in process syz-executor  pfn:46558
[  309.101071][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0xfaf0000006558120 pfn:0x46558
[  309.101340][ T3488] flags: 0x1ffe00000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x8)
[  309.101587][ T3488] raw: 01ffe00000000000 dead000000000100 dead000000000122 0000000000000000
[  309.101795][ T3488] raw: faf0000006558120 0000000000000000 fffffe01ffffffff 0000000000000000
[  309.101911][ T3488] page dumped because: nonzero _refcount
[  309.101998][ T3488] Modules linked in:
[  309.102165][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  309.102426][ T3488] Tainted: [B]=BAD_PAGE
[  309.102515][ T3488] Hardware name: linux,dummy-virt (DT)
[  309.102638][ T3488] Call trace:
[  309.102741][ T3488]  show_stack+0x18/0x24 (C)
[  309.102993][ T3488]  dump_stack_lvl+0x78/0x90
[  309.103215][ T3488]  dump_stack+0x18/0x24
[  309.103431][ T3488]  bad_page+0x84/0x128
[  309.103661][ T3488]  check_new_page+0x104/0x130
[  309.103900][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  309.104111][ T3488]  get_page_from_freelist+0xa9c/0x19e0
[  309.104420][ T3488]  __alloc_frozen_pages_noprof+0x184/0xd34
[  309.104666][ T3488]  alloc_pages_mpol+0xb8/0x1b8
[  309.104870][ T3488]  alloc_frozen_pages_noprof+0x48/0xc0
[  309.105063][ T3488]  alloc_pages_noprof+0x10/0x28
[  309.105329][ T3488]  __pmd_alloc+0x40/0x298
[  309.105529][ T3488]  copy_page_range+0x15f4/0x2030
[  309.105713][ T3488]  dup_mmap+0x248/0x738
[  309.105905][ T3488]  copy_process+0xb10/0x1500
[  309.106110][ T3488]  kernel_clone+0x64/0x368
[  309.106332][ T3488]  __do_sys_clone+0x70/0xa8
[  309.106553][ T3488]  __arm64_sys_clone+0x20/0x2c
[  309.106800][ T3488]  invoke_syscall+0x48/0x110
[  309.107025][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  309.107224][ T3488]  do_el0_svc+0x1c/0x28
[  309.107449][ T3488]  el0_svc+0x34/0x10c
[  309.107671][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  309.107930][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  309.829504][    T2] BUG: Bad page state in process kthreadd  pfn:5366e
[  309.829939][    T2] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5366e
[  309.830345][    T2] flags: 0x1ffcc0000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x3)
[  309.830591][    T2] raw: 01ffcc0000000000 dead000000000100 dead000000000122 0000000000000000
[  309.830805][    T2] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  309.830915][    T2] page dumped because: nonzero _refcount
[  309.831015][    T2] Modules linked in:
[  309.831208][    T2] CPU: 0 UID: 0 PID: 2 Comm: kthreadd Tainted: G    B               syzkaller #0 PREEMPT 
[  309.831505][    T2] Tainted: [B]=BAD_PAGE
[  309.831585][    T2] Hardware name: linux,dummy-virt (DT)
[  309.831683][    T2] Call trace:
[  309.831758][    T2]  show_stack+0x18/0x24 (C)
[  309.832008][    T2]  dump_stack_lvl+0x78/0x90
[  309.832223][    T2]  dump_stack+0x18/0x24
[  309.832569][    T2]  bad_page+0x84/0x128
[  309.832832][    T2]  check_new_page+0x104/0x130
[  309.833082][    T2]  __rmqueue_pcplist+0x14c/0x1080
[  309.833324][    T2]  alloc_pages_bulk_noprof+0x2a0/0x558
[  309.833560][    T2]  __vmalloc_node_range_noprof+0x420/0x804
[  309.833813][    T2]  __vmalloc_node_noprof+0x90/0xa0
[  309.834034][    T2]  copy_process+0x928/0x1500
[  309.834288][    T2]  kernel_clone+0x64/0x368
[  309.834506][    T2]  kernel_thread+0x7c/0xac
[  309.834745][    T2]  kthreadd+0x160/0x1e4
[  309.834985][    T2]  ret_from_fork+0x10/0x20
[  309.836067][    T2] BUG: Bad page state in process kthreadd  pfn:53642
[  309.836191][    T2] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53642
[  309.836346][    T2] flags: 0x1ffd80000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x6)
[  309.836589][    T2] raw: 01ffd80000000000 dead000000000100 dead000000000122 0000000000000000
[  309.836750][    T2] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  309.836866][    T2] page dumped because: nonzero _refcount
[  309.836951][    T2] Modules linked in:
[  309.837138][    T2] CPU: 0 UID: 0 PID: 2 Comm: kthreadd Tainted: G    B               syzkaller #0 PREEMPT 
[  309.837431][    T2] Tainted: [B]=BAD_PAGE
[  309.837522][    T2] Hardware name: linux,dummy-virt (DT)
[  309.837641][    T2] Call trace:
[  309.837721][    T2]  show_stack+0x18/0x24 (C)
[  309.837980][    T2]  dump_stack_lvl+0x78/0x90
[  309.838220][    T2]  dump_stack+0x18/0x24
[  309.838459][    T2]  bad_page+0x84/0x128
[  309.838668][    T2]  check_new_page+0x104/0x130
[  309.838903][    T2]  __rmqueue_pcplist+0x14c/0x1080
[  309.839096][    T2]  alloc_pages_bulk_noprof+0x2a0/0x558
[  309.839275][    T2]  __vmalloc_node_range_noprof+0x420/0x804
[  309.839442][    T2]  __vmalloc_node_noprof+0x90/0xa0
[  309.839614][    T2]  copy_process+0x928/0x1500
[  309.839807][    T2]  kernel_clone+0x64/0x368
[  309.839996][    T2]  kernel_thread+0x7c/0xac
[  309.840192][    T2]  kthreadd+0x160/0x1e4
[  309.840403][    T2]  ret_from_fork+0x10/0x20
1970/01/01 00:05:10 executed programs: 19
[  313.283882][ T3488] BUG: Bad page state in process syz-executor  pfn:536ba
[  313.284725][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x536ba
[  313.285102][ T3488] flags: 0x1ffd80000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x6)
[  313.285337][ T3488] raw: 01ffd80000000000 dead000000000100 dead000000000122 0000000000000000
[  313.285479][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  313.285612][ T3488] page dumped because: nonzero _refcount
[  313.285700][ T3488] Modules linked in:
[  313.285872][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  313.286147][ T3488] Tainted: [B]=BAD_PAGE
[  313.286249][ T3488] Hardware name: linux,dummy-virt (DT)
[  313.286353][ T3488] Call trace:
[  313.286431][ T3488]  show_stack+0x18/0x24 (C)
[  313.286677][ T3488]  dump_stack_lvl+0x78/0x90
[  313.286911][ T3488]  dump_stack+0x18/0x24
[  313.287113][ T3488]  bad_page+0x84/0x128
[  313.287323][ T3488]  check_new_page+0x104/0x130
[  313.287544][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  313.287759][ T3488]  alloc_pages_bulk_noprof+0x2a0/0x558
[  313.287963][ T3488]  alloc_pages_bulk_mempolicy_noprof+0xb8/0x55c
[  313.288170][ T3488]  __vmalloc_node_range_noprof+0x45c/0x804
[  313.288374][ T3488]  __vmalloc_node_noprof+0x90/0xa0
[  313.288577][ T3488]  copy_process+0x928/0x1500
[  313.288792][ T3488]  kernel_clone+0x64/0x368
[  313.288995][ T3488]  __do_sys_clone+0x70/0xa8
[  313.289202][ T3488]  __arm64_sys_clone+0x20/0x2c
[  313.289426][ T3488]  invoke_syscall+0x48/0x110
[  313.289642][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  313.289848][ T3488]  do_el0_svc+0x1c/0x28
[  313.290068][ T3488]  el0_svc+0x34/0x10c
[  313.290296][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  313.290518][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  313.290759][ T3488] BUG: Bad page state in process syz-executor  pfn:5368e
[  313.290888][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5368e
[  313.291037][ T3488] flags: 0x1ffd40000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x5)
[  313.291269][ T3488] raw: 01ffd40000000000 dead000000000100 dead000000000122 0000000000000000
[  313.291448][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  313.291550][ T3488] page dumped because: nonzero _refcount
[  313.291642][ T3488] Modules linked in:
[  313.291796][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  313.292063][ T3488] Tainted: [B]=BAD_PAGE
[  313.292170][ T3488] Hardware name: linux,dummy-virt (DT)
[  313.292270][ T3488] Call trace:
[  313.292348][ T3488]  show_stack+0x18/0x24 (C)
[  313.292559][ T3488]  dump_stack_lvl+0x78/0x90
[  313.292792][ T3488]  dump_stack+0x18/0x24
[  313.292998][ T3488]  bad_page+0x84/0x128
[  313.293206][ T3488]  check_new_page+0x104/0x130
[  313.293410][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  313.293622][ T3488]  alloc_pages_bulk_noprof+0x2a0/0x558
[  313.293826][ T3488]  alloc_pages_bulk_mempolicy_noprof+0xb8/0x55c
[  313.294048][ T3488]  __vmalloc_node_range_noprof+0x45c/0x804
[  313.294256][ T3488]  __vmalloc_node_noprof+0x90/0xa0
[  313.294557][ T3488]  copy_process+0x928/0x1500
[  313.294812][ T3488]  kernel_clone+0x64/0x368
[  313.295041][ T3488]  __do_sys_clone+0x70/0xa8
[  313.295222][ T3488]  __arm64_sys_clone+0x20/0x2c
[  313.295403][ T3488]  invoke_syscall+0x48/0x110
[  313.295609][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  313.295821][ T3488]  do_el0_svc+0x1c/0x28
[  313.296053][ T3488]  el0_svc+0x34/0x10c
[  313.296264][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  313.296501][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  314.416203][ T3488] BUG: Bad page state in process syz-executor  pfn:536fa
[  314.416444][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x536fa
[  314.416671][ T3488] flags: 0x1ffe00000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x8)
[  314.416818][ T3488] raw: 01ffe00000000000 dead000000000100 dead000000000122 0000000000000000
[  314.416936][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  314.417026][ T3488] page dumped because: nonzero _refcount
[  314.417074][ T3488] Modules linked in:
[  314.417172][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  314.417336][ T3488] Tainted: [B]=BAD_PAGE
[  314.417409][ T3488] Hardware name: linux,dummy-virt (DT)
[  314.417466][ T3488] Call trace:
[  314.417510][ T3488]  show_stack+0x18/0x24 (C)
[  314.417694][ T3488]  dump_stack_lvl+0x78/0x90
[  314.417834][ T3488]  dump_stack+0x18/0x24
[  314.417962][ T3488]  bad_page+0x84/0x128
[  314.418079][ T3488]  check_new_page+0x104/0x130
[  314.418192][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  314.418306][ T3488]  alloc_pages_bulk_noprof+0x2a0/0x558
[  314.418421][ T3488]  alloc_pages_bulk_mempolicy_noprof+0xb8/0x55c
[  314.418549][ T3488]  __vmalloc_node_range_noprof+0x45c/0x804
[  314.418667][ T3488]  __vmalloc_node_noprof+0x90/0xa0
[  314.418810][ T3488]  copy_process+0x928/0x1500
[  314.418949][ T3488]  kernel_clone+0x64/0x368
[  314.419065][ T3488]  __do_sys_clone+0x70/0xa8
[  314.419180][ T3488]  __arm64_sys_clone+0x20/0x2c
[  314.419312][ T3488]  invoke_syscall+0x48/0x110
[  314.419430][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  314.419558][ T3488]  do_el0_svc+0x1c/0x28
[  314.419674][ T3488]  el0_svc+0x34/0x10c
[  314.419789][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  314.419907][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  314.420048][ T3488] BUG: Bad page state in process syz-executor  pfn:536ce
[  314.420106][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x536ce
[  314.420186][ T3488] flags: 0x1ffe80000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xa)
[  314.420313][ T3488] raw: 01ffe80000000000 dead000000000100 dead000000000122 0000000000000000
[  314.420410][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  314.420490][ T3488] page dumped because: nonzero _refcount
[  314.420536][ T3488] Modules linked in:
[  314.420644][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  314.420794][ T3488] Tainted: [B]=BAD_PAGE
[  314.420857][ T3488] Hardware name: linux,dummy-virt (DT)
[  314.420911][ T3488] Call trace:
[  314.420953][ T3488]  show_stack+0x18/0x24 (C)
[  314.421110][ T3488]  dump_stack_lvl+0x78/0x90
[  314.421259][ T3488]  dump_stack+0x18/0x24
[  314.421373][ T3488]  bad_page+0x84/0x128
[  314.421485][ T3488]  check_new_page+0x104/0x130
[  314.421620][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  314.421776][ T3488]  alloc_pages_bulk_noprof+0x2a0/0x558
[  314.421898][ T3488]  alloc_pages_bulk_mempolicy_noprof+0xb8/0x55c
[  314.422014][ T3488]  __vmalloc_node_range_noprof+0x45c/0x804
[  314.422126][ T3488]  __vmalloc_node_noprof+0x90/0xa0
[  314.422238][ T3488]  copy_process+0x928/0x1500
[  314.422367][ T3488]  kernel_clone+0x64/0x368
[  314.422493][ T3488]  __do_sys_clone+0x70/0xa8
[  314.422610][ T3488]  __arm64_sys_clone+0x20/0x2c
[  314.422724][ T3488]  invoke_syscall+0x48/0x110
[  314.422875][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  314.422990][ T3488]  do_el0_svc+0x1c/0x28
[  314.423104][ T3488]  el0_svc+0x34/0x10c
[  314.423217][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  314.423349][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  315.309451][ T3488] BUG: Bad page state in process syz-executor  pfn:5373a
[  315.309969][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5373a
[  315.310375][ T3488] flags: 0x1ffe40000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x9)
[  315.310920][ T3488] raw: 01ffe40000000000 dead000000000100 dead000000000122 0000000000000000
[  315.311103][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  315.311258][ T3488] page dumped because: nonzero _refcount
[  315.311334][ T3488] Modules linked in:
[  315.311492][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  315.311720][ T3488] Tainted: [B]=BAD_PAGE
[  315.311796][ T3488] Hardware name: linux,dummy-virt (DT)
[  315.311890][ T3488] Call trace:
[  315.311956][ T3488]  show_stack+0x18/0x24 (C)
[  315.312165][ T3488]  dump_stack_lvl+0x78/0x90
[  315.312382][ T3488]  dump_stack+0x18/0x24
[  315.312587][ T3488]  bad_page+0x84/0x128
[  315.312799][ T3488]  check_new_page+0x104/0x130
[  315.313010][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  315.313234][ T3488]  alloc_pages_bulk_noprof+0x2a0/0x558
[  315.313445][ T3488]  alloc_pages_bulk_mempolicy_noprof+0xb8/0x55c
[  315.313652][ T3488]  __vmalloc_node_range_noprof+0x45c/0x804
[  315.313864][ T3488]  __vmalloc_node_noprof+0x90/0xa0
[  315.314091][ T3488]  copy_process+0x928/0x1500
[  315.314445][ T3488]  kernel_clone+0x64/0x368
[  315.314717][ T3488]  __do_sys_clone+0x70/0xa8
[  315.314965][ T3488]  __arm64_sys_clone+0x20/0x2c
[  315.315194][ T3488]  invoke_syscall+0x48/0x110
[  315.315443][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  315.315667][ T3488]  do_el0_svc+0x1c/0x28
[  315.315894][ T3488]  el0_svc+0x34/0x10c
[  315.316087][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  315.316349][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  315.317744][ T3488] BUG: Bad page state in process syz-executor  pfn:5370e
[  315.317871][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5370e
[  315.318045][ T3488] flags: 0x1ffec0000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0xb)
[  315.318318][ T3488] raw: 01ffec0000000000 dead000000000100 dead000000000122 0000000000000000
[  315.318480][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  315.318591][ T3488] page dumped because: nonzero _refcount
[  315.318675][ T3488] Modules linked in:
[  315.318950][ T3488] CPU: 0 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  315.319228][ T3488] Tainted: [B]=BAD_PAGE
[  315.319340][ T3488] Hardware name: linux,dummy-virt (DT)
[  315.319465][ T3488] Call trace:
[  315.319546][ T3488]  show_stack+0x18/0x24 (C)
[  315.319765][ T3488]  dump_stack_lvl+0x78/0x90
[  315.319979][ T3488]  dump_stack+0x18/0x24
[  315.320185][ T3488]  bad_page+0x84/0x128
[  315.320393][ T3488]  check_new_page+0x104/0x130
[  315.320599][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  315.320834][ T3488]  alloc_pages_bulk_noprof+0x2a0/0x558
[  315.321047][ T3488]  alloc_pages_bulk_mempolicy_noprof+0xb8/0x55c
[  315.321258][ T3488]  __vmalloc_node_range_noprof+0x45c/0x804
[  315.321435][ T3488]  __vmalloc_node_noprof+0x90/0xa0
[  315.321608][ T3488]  copy_process+0x928/0x1500
[  315.321811][ T3488]  kernel_clone+0x64/0x368
[  315.321996][ T3488]  __do_sys_clone+0x70/0xa8
[  315.322206][ T3488]  __arm64_sys_clone+0x20/0x2c
[  315.322440][ T3488]  invoke_syscall+0x48/0x110
[  315.322650][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  315.322904][ T3488]  do_el0_svc+0x1c/0x28
[  315.323114][ T3488]  el0_svc+0x34/0x10c
[  315.323326][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  315.323534][ T3488]  el0t_64_sync+0x1a4/0x1a8
1970/01/01 00:05:16 executed programs: 24
[  317.466032][ T3488] BUG: Bad page state in process syz-executor  pfn:5372e
[  317.466286][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5372e
[  317.466566][ T3488] flags: 0x1ffd80000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x6)
[  317.466802][ T3488] raw: 01ffd80000000000 dead000000000100 dead000000000122 0000000000000000
[  317.467002][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  317.467117][ T3488] page dumped because: nonzero _refcount
[  317.467214][ T3488] Modules linked in:
[  317.467410][ T3488] CPU: 1 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  317.467575][ T3488] Tainted: [B]=BAD_PAGE
[  317.467629][ T3488] Hardware name: linux,dummy-virt (DT)
[  317.467689][ T3488] Call trace:
[  317.467735][ T3488]  show_stack+0x18/0x24 (C)
[  317.467874][ T3488]  dump_stack_lvl+0x78/0x90
[  317.467998][ T3488]  dump_stack+0x18/0x24
[  317.468115][ T3488]  bad_page+0x84/0x128
[  317.468234][ T3488]  check_new_page+0x104/0x130
[  317.468350][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  317.468466][ T3488]  get_page_from_freelist+0xa9c/0x19e0
[  317.468582][ T3488]  __alloc_frozen_pages_noprof+0x184/0xd34
[  317.468742][ T3488]  alloc_pages_mpol+0xb8/0x1b8
[  317.468863][ T3488]  alloc_frozen_pages_noprof+0x48/0xc0
[  317.468979][ T3488]  alloc_pages_noprof+0x10/0x28
[  317.469093][ T3488]  __pmd_alloc+0x40/0x298
[  317.469210][ T3488]  copy_page_range+0x15f4/0x2030
[  317.469323][ T3488]  dup_mmap+0x248/0x738
[  317.469437][ T3488]  copy_process+0xb10/0x1500
[  317.469555][ T3488]  kernel_clone+0x64/0x368
[  317.469706][ T3488]  __do_sys_clone+0x70/0xa8
[  317.469824][ T3488]  __arm64_sys_clone+0x20/0x2c
[  317.469946][ T3488]  invoke_syscall+0x48/0x110
[  317.470065][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  317.470181][ T3488]  do_el0_svc+0x1c/0x28
[  317.470297][ T3488]  el0_svc+0x34/0x10c
[  317.470415][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  317.470564][ T3488]  el0t_64_sync+0x1a4/0x1a8
[  317.470755][ T3488] BUG: Bad page state in process syz-executor  pfn:53705
[  317.470925][ T3488] page: refcount:-511 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53705
[  317.471111][ T3488] flags: 0x1ffd40000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x5)
[  317.471357][ T3488] raw: 01ffd40000000000 dead000000000100 dead000000000122 0000000000000000
[  317.471524][ T3488] raw: 0000000000000000 0000000000000000 fffffe01ffffffff 0000000000000000
[  317.471655][ T3488] page dumped because: nonzero _refcount
[  317.471775][ T3488] Modules linked in:
[  317.471967][ T3488] CPU: 1 UID: 0 PID: 3488 Comm: syz-executor Tainted: G    B               syzkaller #0 PREEMPT 
[  317.472127][ T3488] Tainted: [B]=BAD_PAGE
[  317.472177][ T3488] Hardware name: linux,dummy-virt (DT)
[  317.472233][ T3488] Call trace:
[  317.472277][ T3488]  show_stack+0x18/0x24 (C)
[  317.472397][ T3488]  dump_stack_lvl+0x78/0x90
[  317.472513][ T3488]  dump_stack+0x18/0x24
[  317.472631][ T3488]  bad_page+0x84/0x128
[  317.472747][ T3488]  check_new_page+0x104/0x130
[  317.472867][ T3488]  __rmqueue_pcplist+0x14c/0x1080
[  317.472983][ T3488]  get_page_from_freelist+0xa9c/0x19e0
[  317.473099][ T3488]  __alloc_frozen_pages_noprof+0x184/0xd34
[  317.473216][ T3488]  alloc_pages_mpol+0xb8/0x1b8
[  317.473330][ T3488]  alloc_frozen_pages_noprof+0x48/0xc0
[  317.473479][ T3488]  alloc_pages_noprof+0x10/0x28
[  317.473594][ T3488]  __pmd_alloc+0x40/0x298
[  317.473714][ T3488]  copy_page_range+0x15f4/0x2030
[  317.473827][ T3488]  dup_mmap+0x248/0x738
[  317.473971][ T3488]  copy_process+0xb10/0x1500
[  317.474117][ T3488]  kernel_clone+0x64/0x368
[  317.474258][ T3488]  __do_sys_clone+0x70/0xa8
[  317.474426][ T3488]  __arm64_sys_clone+0x20/0x2c
[  317.474543][ T3488]  invoke_syscall+0x48/0x110
[  317.474663][ T3488]  el0_svc_common.constprop.0+0x40/0xe0
[  317.474840][ T3488]  do_el0_svc+0x1c/0x28
[  317.474963][ T3488]  el0_svc+0x34/0x10c
[  317.475084][ T3488]  el0t_64_sync_handler+0xa0/0xe4
[  317.475200][ T3488]  el0t_64_sync+0x1a4/0x1a8

VM DIAGNOSIS:
16:22:45  Registers:
info registers vcpu 0

CPU#0
 PC=ffff800081b0f154 X00=ffff800081b0f150 X01=fbf0000006173780
X02=fff07ffffcfe1000 X03=0000000000000000 X04=ffff80008293dbb0
X05=0000000000000001 X06=000000267edadfc2 X07=fff000007f8d4a00
X08=fff000007f8d4a80 X09=0000000000000b4d X10=0000000000000145
X11=0000000000000001 X12=0000000000000001 X13=0000000000000000
X14=0000000000000145 X15=0000000000000000 X16=0000000000000000
X17=0000000000000000 X18=0000000000000000 X19=0000000000000000
X20=ffff800082a21508 X21=ffff800082a21500 X22=fbf0000006173780
X23=0000000000000004 X24=ffff800082a21508 X25=0000000000000028
X26=fbf0000006173780 X27=0000000000000000 X28=fbf0000006173780
X29=ffff800088f73970 X30=ffff80008017d96c  SP=ffff800088f73970
PSTATE=814020c9 N--- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000000000000000 P01=0000000000000000 P02=0000000000000000
P03=0000000000000000 P04=0000000000000000 P05=0000000000000000
P06=0000000000000000 P07=0000000000000000 P08=0000000000000000
P09=0000000000000000 P10=0000000000000000 P11=0000000000000000
P12=0000000000000000 P13=0000000000000000 P14=0000000000000000
P15=0000000000000000 FFR=0000000000000000
Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:2525252525252525:2525252525252525
Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:65642f000a732520:7325207334362e25
Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:5f656c6261746770:5f6d766b5f5f206e
Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:000000ff0000ff00:00ff0000000000ff
Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:000f00f00f00000f
Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:6b5f5f206e692073:73656363612d6469
Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:3d3d3d3d3d3d3d3d:3d3d3d3d3d3d3d3d
Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:3d3d3d3d3d3d3d3d:3d3d3d3d3d3d3d3d
Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffe58bc790:0000ffffe58bc790
Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000ffffe58bc760
Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
info registers vcpu 1

CPU#1
 PC=ffff8000808edd08 X00=0000000000000002 X01=0000000000000018
X02=ffff800082ce5018 X03=ffff800082aaf170 X04=fcf00000030dd880
X05=0000000000000066 X06=000000000000005d X07=0000000000000000
X08=7f7f7f7f7f7f7f7f X09=ffff800082aaf1a0 X10=0000000000000001
X11=ffff8000830bbe10 X12=ffff8000829ef238 X13=ffff8000830bbb7d
X14=ffff8000830bbb88 X15=ffff8000830bb9f0 X16=0000000000000000
X17=0000000000000000 X18=00000000ffffffff X19=f1f0000003043038
X20=ffff8000808eddb8 X21=fcf00000030dd880 X22=f1f0000003043038
X23=ffff8000808eddb8 X24=000000000000003b X25=0000000000000001
X26=f6f00000032b3780 X27=0000000000000000 X28=0000000000000000
X29=ffff8000830bbc90 X30=ffff8000808edde0  SP=ffff8000830bbc90
PSTATE=814020c9 N--- EL2h  SVCR=00000000 --  BTYPE=0     FPCR=00000000 FPSR=00000000
P00=0000000000000000 P01=0000000000000000 P02=0000000000000000
P03=0000000000000000 P04=0000000000000000 P05=0000000000000000
P06=0000000000000000 P07=0000000000000000 P08=0000000000000000
P09=0000000000000000 P10=0000000000000000 P11=0000000000000000
P12=0000000000000000 P13=0000000000000000 P14=0000000000000000
P15=0000000000000000 FFR=0000000000000000
Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:2525252525252525:2525252525252525
Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:000000756c6c2570:6f6f6c2f7665642f
Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffffff00000000
Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff000000ff00:0000000000000000
Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:fff000f000000000
Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:bb448243222c92da:e3914ed4e87380b0
Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:6edc4d3a2914b135:d8e9c869e2695c88
Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:b20fae707afde253:388e9c6c4fa85ca0
Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffe7098320:0000ffffe7098320
Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000ffffe70982f0
Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000
Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000