page: refcount:5 mapcount:0 mapping:ffff888053c01710 index:0x15 pfn:0x540b3
memcg:ffff88801b70e000
aops:btrfs_aops ino:107 dentry name(?):"bus"
flags: 0x4fff4000000402f(locked|referenced|uptodate|lru|private|writeback|node=1|zone=1|lastcpupid=0x7ff)
raw: 04fff4000000402f ffffea0001502d08 ffffea0001502c88 ffff888053c01710
raw: 0000000000000015 0000000000000001 00000005ffffffff ffff88801b70e000
page dumped because: VM_BUG_ON_FOLIO(folio_test_writeback(folio))
page_owner tracks the page as allocated
page last allocated via order 0, migratetype Movable, gfp_mask 0x140c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_COMP|__GFP_HARDWALL|__GFP_MOVABLE), pid 5327, tgid 5326 (syz.0.0), ts 70881781352, free_ts 70879203912
 set_page_owner include/linux/page_owner.h:32 [inline]
 post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1556
 prep_new_page mm/page_alloc.c:1564 [inline]
 get_page_from_freelist+0x3649/0x3790 mm/page_alloc.c:3474
 __alloc_pages_noprof+0x292/0x710 mm/page_alloc.c:4751
 alloc_pages_mpol_noprof+0x3e8/0x680 mm/mempolicy.c:2265
 alloc_pages_noprof mm/mempolicy.c:2345 [inline]
 folio_alloc_noprof+0x128/0x180 mm/mempolicy.c:2352
 filemap_alloc_folio_noprof+0xdf/0x500 mm/filemap.c:1010
 add_ra_bio_pages+0x2a2/0xdd0 fs/btrfs/compression.c:477
 btrfs_submit_compressed_read+0x694/0xa90 fs/btrfs/compression.c:621
 submit_one_bio+0xfc/0x1c0 fs/btrfs/extent_io.c:125
 btrfs_read_folio+0xef/0x140 fs/btrfs/extent_io.c:1101
 prepare_uptodate_folio fs/btrfs/file.c:854 [inline]
 prepare_one_folio+0x29d/0xa20 fs/btrfs/file.c:922
 btrfs_buffered_write+0x6bd/0x1150 fs/btrfs/file.c:1233
 btrfs_do_write_iter+0x279/0x760 fs/btrfs/file.c:1399
 iter_file_splice_write+0xbfa/0x1510 fs/splice.c:743
 do_splice_from fs/splice.c:941 [inline]
 direct_splice_actor+0x11b/0x220 fs/splice.c:1164
 splice_direct_to_actor+0x586/0xc80 fs/splice.c:1108
page last free pid 5328 tgid 5326 stack trace:
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1127 [inline]
 free_unref_folios+0xf37/0x1a20 mm/page_alloc.c:2704
 folios_put_refs+0x76c/0x860 mm/swap.c:993
 folio_batch_release include/linux/pagevec.h:101 [inline]
 mapping_try_invalidate+0x3b1/0x4f0 mm/truncate.c:514
 btrfs_direct_write+0x90f/0xa30 fs/btrfs/direct-io.c:969
 btrfs_do_write_iter+0x2a0/0x760 fs/btrfs/file.c:1396
 do_iter_readv_writev+0x600/0x880
 vfs_writev+0x376/0xba0 fs/read_write.c:1050
 do_pwritev fs/read_write.c:1146 [inline]
 __do_sys_pwritev2 fs/read_write.c:1204 [inline]
 __se_sys_pwritev2+0x196/0x2b0 fs/read_write.c:1195
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
------------[ cut here ]------------
kernel BUG at mm/page-writeback.c:3119!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
CPU: 0 UID: 0 PID: 1028 Comm: kworker/u4:6 Not tainted 6.12.0-syzkaller-01782-gbf9aa14fc523 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Workqueue: btrfs-delalloc btrfs_work_helper
RIP: 0010:__folio_start_writeback+0xc06/0x1050 mm/page-writeback.c:3119
Code: 25 ff 0f 00 00 0f 84 d3 00 00 00 e8 b4 54 c4 ff e9 ba f5 ff ff e8 aa 54 c4 ff 4c 89 f7 48 c7 c6 20 17 14 8c e8 3b 00 10 00 90 <0f> 0b e8 93 54 c4 ff 4c 89 f7 48 c7 c6 80 1d 14 8c e8 24 00 10 00
RSP: 0018:ffffc900022df500 EFLAGS: 00010246
RAX: a8a9d207939a4100 RBX: 0000000000000002 RCX: 0000000000000001
RDX: dffffc0000000000 RSI: ffffffff8c0acfa0 RDI: 0000000000000001
RBP: ffffc900022df670 R08: ffffffff942ea98f R09: 1ffffffff285d531
R10: dffffc0000000000 R11: fffffbfff285d532 R12: 0000000000000000
R13: 1ffff9200045beac R14: ffffea0001502cc0 R15: ffff888053c01710
FS:  0000000000000000(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055d989663740 CR3: 000000001dfec000 CR4: 0000000000352ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 process_one_folio fs/btrfs/extent_io.c:187 [inline]
 __process_folios_contig+0x31c/0x540 fs/btrfs/extent_io.c:216
 submit_one_async_extent fs/btrfs/inode.c:1229 [inline]
 submit_compressed_extents+0xdb3/0x16e0 fs/btrfs/inode.c:1632
 run_ordered_work fs/btrfs/async-thread.c:245 [inline]
 btrfs_work_helper+0x56b/0xc50 fs/btrfs/async-thread.c:324
 process_one_work kernel/workqueue.c:3229 [inline]
 process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310
 worker_thread+0x870/0xd30 kernel/workqueue.c:3391
 kthread+0x2f0/0x390 kernel/kthread.c:389
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__folio_start_writeback+0xc06/0x1050 mm/page-writeback.c:3119
Code: 25 ff 0f 00 00 0f 84 d3 00 00 00 e8 b4 54 c4 ff e9 ba f5 ff ff e8 aa 54 c4 ff 4c 89 f7 48 c7 c6 20 17 14 8c e8 3b 00 10 00 90 <0f> 0b e8 93 54 c4 ff 4c 89 f7 48 c7 c6 80 1d 14 8c e8 24 00 10 00
RSP: 0018:ffffc900022df500 EFLAGS: 00010246
RAX: a8a9d207939a4100 RBX: 0000000000000002 RCX: 0000000000000001
RDX: dffffc0000000000 RSI: ffffffff8c0acfa0 RDI: 0000000000000001
RBP: ffffc900022df670 R08: ffffffff942ea98f R09: 1ffffffff285d531
R10: dffffc0000000000 R11: fffffbfff285d532 R12: 0000000000000000
R13: 1ffff9200045beac R14: ffffea0001502cc0 R15: ffff888053c01710
FS:  0000000000000000(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055d989663740 CR3: 000000001dfec000 CR4: 0000000000352ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400