DUID 00:04:ef:eb:16:6a:bb:4b:eb:e8:98:52:3b:5c:58:f5:72:fb forked to background, child pid 3216 [ 40.932275][ T3217] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.941987][ T3217] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.37' (ED25519) to the list of known hosts. executing program syzkaller login: [ 66.937754][ T3548] page:ffffea0001c08d40 refcount:4 mapcount:1 mapping:ffff88801e413c38 index:0x0 pfn:0x70235 [ 66.948173][ T3548] memcg:ffff88813fe10000 [ 66.952431][ T3548] aops:shmem_aops ino:3 [ 66.956609][ T3548] flags: 0xfffb0000080017(locked|referenced|uptodate|lru|swapbacked|node=0|zone=1|lastcpupid=0xfff) [ 66.967402][ T3548] raw: 00fffb0000080017 ffffea0001c04788 ffff88813fe12248 ffff88801e413c38 [ 66.976253][ T3548] raw: 0000000000000000 0000000000000000 0000000400000000 ffff88813fe10000 [ 66.985035][ T3548] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio)) [ 66.992350][ T3548] page_owner tracks the page as allocated [ 66.998496][ T3548] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 3548, tgid 3548 (syz-executor232), ts 66936685151, free_ts 61197392823 [ 67.016577][ T3548] post_alloc_hook+0x18d/0x1b0 [ 67.021365][ T3548] get_page_from_freelist+0x31a1/0x3320 [ 67.026939][ T3548] __alloc_pages+0x28d/0x770 [ 67.031537][ T3548] __folio_alloc+0xf/0x30 [ 67.035886][ T3548] vma_alloc_folio+0x486/0x990 [ 67.040668][ T3548] shmem_alloc_and_acct_folio+0x5a8/0xd50 [ 67.046395][ T3548] shmem_get_folio_gfp+0x13f0/0x3470 [ 67.051783][ T3548] shmem_read_mapping_page_gfp+0x113/0x3a0 [ 67.057602][ T3548] udmabuf_create+0x85e/0x1060 [ 67.062379][ T3548] udmabuf_ioctl+0x300/0x4e0 [ 67.067066][ T3548] __se_sys_ioctl+0xf1/0x160 [ 67.071682][ T3548] do_syscall_64+0x3b/0xb0 [ 67.076117][ T3548] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 67.082113][ T3548] page last free stack trace: [ 67.086809][ T3548] free_unref_page_prepare+0xf63/0x1120 [ 67.092365][ T3548] free_unref_page_list+0x663/0x900 [ 67.097567][ T3548] release_pages+0x2836/0x2b40 [ 67.102336][ T3548] tlb_flush_mmu+0xfc/0x210 [ 67.106846][ T3548] tlb_finish_mmu+0xce/0x1f0 [ 67.111460][ T3548] unmap_region+0x29f/0x2f0 [ 67.116066][ T3548] do_mas_align_munmap+0xec8/0x15f0 [ 67.121282][ T3548] do_mas_munmap+0x246/0x2b0 [ 67.125883][ T3548] __vm_munmap+0x268/0x370 [ 67.130300][ T3548] __x64_sys_munmap+0x5c/0x70 [ 67.134981][ T3548] do_syscall_64+0x3b/0xb0 [ 67.139422][ T3548] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 67.145524][ T3548] ------------[ cut here ]------------ [ 67.151087][ T3548] kernel BUG at mm/filemap.c:153! [ 67.156386][ T3548] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 67.162460][ T3548] CPU: 0 PID: 3548 Comm: syz-executor232 Not tainted 6.1.89-syzkaller #0 [ 67.170876][ T3548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 67.180935][ T3548] RIP: 0010:filemap_unaccount_folio+0x5c2/0xa60 [ 67.187195][ T3548] Code: 07 38 c1 0f 8c 21 fe ff ff 48 89 ef e8 e7 21 2b 00 e9 14 fe ff ff e8 cd aa d3 ff 4c 89 ef 48 c7 c6 a0 fd f4 8a e8 5e 5a 13 00 <0f> 0b e8 b7 aa d3 ff 4c 89 ef 48 c7 c6 20 03 f5 8a e8 48 5a 13 00 [ 67.206806][ T3548] RSP: 0018:ffffc90003b9f638 EFLAGS: 00010046 [ 67.212875][ T3548] RAX: 7a96001ae7d0f100 RBX: ffff88801e413c38 RCX: ffffc90003b9f403 [ 67.220870][ T3548] RDX: 0000000000000002 RSI: ffffffff8aec1340 RDI: ffffffff8b3d42e0 [ 67.228854][ T3548] RBP: ffffc90003b9f7d8 R08: dffffc0000000000 R09: fffffbfff1ce6fde [ 67.237008][ T3548] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88801e413c38 [ 67.244992][ T3548] R13: ffffea0001c08d40 R14: ffffea0001c08d40 R15: ffffea0001c08d40 [ 67.253144][ T3548] FS: 00005555567d7380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 67.262078][ T3548] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 67.268675][ T3548] CR2: 00007fcc4816e0e0 CR3: 000000001eab1000 CR4: 00000000003506f0 [ 67.276743][ T3548] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 67.284731][ T3548] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 67.292705][ T3548] Call Trace: [ 67.295983][ T3548] [ 67.299002][ T3548] ? __die_body+0x5e/0xa0 [ 67.303367][ T3548] ? die+0x83/0xb0 [ 67.307103][ T3548] ? do_trap+0x11e/0x350 [ 67.311611][ T3548] ? filemap_unaccount_folio+0x5c2/0xa60 [ 67.317344][ T3548] ? filemap_unaccount_folio+0x5c2/0xa60 [ 67.322987][ T3548] ? do_error_trap+0x13d/0x1e0 [ 67.327773][ T3548] ? filemap_unaccount_folio+0x5c2/0xa60 [ 67.333424][ T3548] ? do_int3+0x30/0x30 [ 67.337502][ T3548] ? report_bug+0x3c9/0x500 [ 67.342041][ T3548] ? handle_invalid_op+0x2c/0x40 [ 67.347177][ T3548] ? filemap_unaccount_folio+0x5c2/0xa60 [ 67.352994][ T3548] ? exc_invalid_op+0x2f/0x40 [ 67.358291][ T3548] ? asm_exc_invalid_op+0x16/0x20 [ 67.363346][ T3548] ? filemap_unaccount_folio+0x5c2/0xa60 [ 67.369165][ T3548] ? filemap_unaccount_folio+0x5c2/0xa60 [ 67.374814][ T3548] __filemap_remove_folio+0xc7/0xaa0 [ 67.380118][ T3548] ? __rwlock_init+0x140/0x140 [ 67.384986][ T3548] ? __bpf_trace_file_check_and_advance_wb_err+0x30/0x30 [ 67.392030][ T3548] ? _raw_spin_lock_irq+0xdb/0x110 [ 67.397149][ T3548] ? _raw_spin_lock_irqsave+0x120/0x120 [ 67.402702][ T3548] ? find_get_entries+0x710/0x710 [ 67.407822][ T3548] filemap_remove_folio+0x105/0x2e0 [ 67.413034][ T3548] truncate_inode_folio+0x59/0x70 [ 67.418080][ T3548] shmem_undo_range+0x570/0x2390 [ 67.423037][ T3548] ? shmem_truncate_range+0xb0/0xb0 [ 67.428298][ T3548] shmem_evict_inode+0x265/0xa60 [ 67.433327][ T3548] ? inode_wait_for_writeback+0x21f/0x280 [ 67.439065][ T3548] ? shmem_free_in_core_inode+0xb0/0xb0 [ 67.444934][ T3548] ? bit_waitqueue+0x30/0x30 [ 67.449537][ T3548] ? do_raw_spin_unlock+0x137/0x8a0 [ 67.454743][ T3548] ? shmem_free_in_core_inode+0xb0/0xb0 [ 67.460327][ T3548] evict+0x2a4/0x620 [ 67.464253][ T3548] __dentry_kill+0x436/0x650 [ 67.468859][ T3548] dentry_kill+0xbb/0x290 [ 67.473286][ T3548] ? dput+0x37/0x1d0 [ 67.477185][ T3548] dput+0xfb/0x1d0 [ 67.480914][ T3548] __fput+0x5e4/0x890 [ 67.484924][ T3548] task_work_run+0x246/0x300 [ 67.489544][ T3548] ? task_work_cancel+0x2b0/0x2b0 [ 67.494579][ T3548] ? exit_to_user_mode_loop+0x39/0x100 [ 67.500065][ T3548] exit_to_user_mode_loop+0xde/0x100 [ 67.505351][ T3548] exit_to_user_mode_prepare+0xb1/0x140 [ 67.510901][ T3548] syscall_exit_to_user_mode+0x60/0x270 [ 67.516455][ T3548] do_syscall_64+0x47/0xb0 [ 67.520883][ T3548] ? clear_bhb_loop+0x45/0xa0 [ 67.525575][ T3548] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 67.531480][ T3548] RIP: 0033:0x7fcc480f6ad0 [ 67.535897][ T3548] Code: ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 80 3d d1 85 07 00 00 74 17 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c [ 67.555504][ T3548] RSP: 002b:00007ffe736a8dd8 EFLAGS: 00000202 ORIG_RAX: 0000000000000003 [ 67.563924][ T3548] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00007fcc480f6ad0 [ 67.571915][ T3548] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000000000000004 [ 67.579904][ T3548] RBP: 00007ffe736a8df0 R08: 0000000000000006 R09: 0000000000000000 [ 67.587907][ T3548] R10: 0000000000008013 R11: 0000000000000202 R12: 00007fcc4816a5f0 [ 67.595880][ T3548] R13: 00007ffe736a8fd8 R14: 0000000000000001 R15: 0000000000000001 [ 67.603868][ T3548] [ 67.606888][ T3548] Modules linked in: [ 67.610851][ T3548] ---[ end trace 0000000000000000 ]--- [ 67.616306][ T3548] RIP: 0010:filemap_unaccount_folio+0x5c2/0xa60 [ 67.622563][ T3548] Code: 07 38 c1 0f 8c 21 fe ff ff 48 89 ef e8 e7 21 2b 00 e9 14 fe ff ff e8 cd aa d3 ff 4c 89 ef 48 c7 c6 a0 fd f4 8a e8 5e 5a 13 00 <0f> 0b e8 b7 aa d3 ff 4c 89 ef 48 c7 c6 20 03 f5 8a e8 48 5a 13 00 [ 67.642172][ T3548] RSP: 0018:ffffc90003b9f638 EFLAGS: 00010046 [ 67.648249][ T3548] RAX: 7a96001ae7d0f100 RBX: ffff88801e413c38 RCX: ffffc90003b9f403 [ 67.656264][ T3548] RDX: 0000000000000002 RSI: ffffffff8aec1340 RDI: ffffffff8b3d42e0 [ 67.664324][ T3548] RBP: ffffc90003b9f7d8 R08: dffffc0000000000 R09: fffffbfff1ce6fde [ 67.672306][ T3548] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88801e413c38 [ 67.680290][ T3548] R13: ffffea0001c08d40 R14: ffffea0001c08d40 R15: ffffea0001c08d40 [ 67.688265][ T3548] FS: 00005555567d7380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 67.697373][ T3548] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 67.703978][ T3548] CR2: 00007fcc4816e0e0 CR3: 000000001eab1000 CR4: 00000000003506f0 [ 67.711953][ T3548] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 67.719951][ T3548] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 67.727938][ T3548] Kernel panic - not syncing: Fatal exception [ 67.734247][ T3548] Kernel Offset: disabled [ 67.738582][ T3548] Rebooting in 86400 seconds..