BUG: Bad page state in process udevd pfn:2bc6e page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x1c pfn:0x2bc6e flags: 0xfff80000008008(uptodate|private|node=0|zone=1|lastcpupid=0xfff) page_type: 0xffffffff() raw: 00fff80000008008 dead000000000100 dead000000000122 0000000000000000 raw: 000000000000001c ffff88802b3b9aa8 00000000ffffffff 0000000000000000 page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set page_owner tracks the page as allocated page last allocated via order 0, migratetype Unmovable, gfp_mask 0x40c40(GFP_NOFS|__GFP_COMP), pid 5281, tgid -613961339 (syz-executor158), ts 5282, free_ts 162277671589 set_page_owner include/linux/page_owner.h:32 [inline] post_alloc_hook+0x1ea/0x210 mm/page_alloc.c:1534 prep_new_page mm/page_alloc.c:1541 [inline] get_page_from_freelist+0x3410/0x35b0 mm/page_alloc.c:3317 __alloc_pages+0x256/0x6c0 mm/page_alloc.c:4575 alloc_pages_mpol+0x3e8/0x680 mm/mempolicy.c:2264 alloc_pages mm/mempolicy.c:2335 [inline] folio_alloc+0x128/0x180 mm/mempolicy.c:2342 filemap_alloc_folio+0xdf/0x500 mm/filemap.c:984 do_read_cache_folio+0xed/0x820 mm/filemap.c:3711 do_read_cache_page+0x30/0x200 mm/filemap.c:3813 read_mapping_page include/linux/pagemap.h:888 [inline] __get_metapage+0x330/0x1050 fs/jfs/jfs_metapage.c:620 diRead+0x5f4/0xae0 fs/jfs/jfs_imap.c:364 jfs_iget+0x8c/0x3b0 fs/jfs/inode.c:35 jfs_fill_super+0x808/0xc50 fs/jfs/super.c:580 mount_bdev+0x20a/0x2d0 fs/super.c:1658 legacy_get_tree+0xee/0x190 fs/fs_context.c:662 vfs_get_tree+0x90/0x2a0 fs/super.c:1779 do_new_mount+0x2be/0xb40 fs/namespace.c:3352 page last free pid 5092 tgid 5092 stack trace: reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1141 [inline] free_unref_page_prepare+0x97b/0xaa0 mm/page_alloc.c:2347 free_unref_folios+0x185/0xb30 mm/page_alloc.c:2536 folios_put_refs+0x8eb/0xa10 mm/swap.c:1034 folio_batch_release include/linux/pagevec.h:101 [inline] truncate_inode_pages_range+0x47b/0xfc0 mm/truncate.c:362 kill_bdev block/bdev.c:85 [inline] blkdev_flush_mapping+0x156/0x2b0 block/bdev.c:644 blkdev_put_whole block/bdev.c:651 [inline] bdev_release+0x489/0x720 block/bdev.c:1075 blkdev_release+0x15/0x20 block/fops.c:628 __fput+0x429/0x8a0 fs/file_table.c:422 task_work_run+0x24f/0x310 kernel/task_work.c:180 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] exit_to_user_mode_loop kernel/entry/common.c:114 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] syscall_exit_to_user_mode+0x168/0x370 kernel/entry/common.c:218 do_syscall_64+0x102/0x240 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f Modules linked in: CPU: 0 PID: 5106 Comm: udevd Not tainted 6.9.0-rc5-syzkaller-00159-gc942a0cd3603 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 bad_page+0x14c/0x170 mm/page_alloc.c:515 free_page_is_bad mm/page_alloc.c:968 [inline] free_pages_prepare mm/page_alloc.c:1133 [inline] free_unref_page_prepare+0xa46/0xaa0 mm/page_alloc.c:2347 free_unref_folios+0x185/0xb30 mm/page_alloc.c:2536 folios_put_refs+0x8eb/0xa10 mm/swap.c:1034 folios_put include/linux/mm.h:1565 [inline] folio_batch_move_lru+0x5d7/0x690 mm/swap.c:240 folio_activate_drain mm/swap.c:364 [inline] lru_add_drain_cpu+0x5bf/0x8c0 mm/swap.c:692 lru_add_drain+0x123/0x3e0 mm/swap.c:767 __folio_batch_release+0x55/0xa0 mm/swap.c:1091 folio_batch_release include/linux/pagevec.h:101 [inline] shmem_undo_range+0x6d9/0x1df0 mm/shmem.c:1005 shmem_truncate_range mm/shmem.c:1114 [inline] shmem_evict_inode+0x29b/0xa60 mm/shmem.c:1242 evict+0x2a8/0x630 fs/inode.c:667 __dentry_kill+0x20d/0x630 fs/dcache.c:603 dput+0x19f/0x2b0 fs/dcache.c:845 do_renameat2+0xda1/0x13f0 fs/namei.c:5039 __do_sys_rename fs/namei.c:5084 [inline] __se_sys_rename fs/namei.c:5082 [inline] __x64_sys_rename+0x86/0xa0 fs/namei.c:5082 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f96d8c9a93b Code: 48 8b 15 f0 64 15 00 83 c8 ff 64 83 3a 15 75 0e 48 8b 7c 24 08 e8 d5 d4 07 00 f7 d8 19 c0 48 83 c4 18 c3 b8 52 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 10 48 8b 15 be 64 15 00 f7 d8 64 89 02 48 83 RSP: 002b:00007ffc7cd8ae58 EFLAGS: 00000206 ORIG_RAX: 0000000000000052 RAX: ffffffffffffffda RBX: 000055cf1ad8e701 RCX: 00007f96d8c9a93b RDX: 000055ca46290d52 RSI: 00007ffc7cd8ae78 RDI: 00007ffc7cd8b278 RBP: 000055cf1ad8e790 R08: 0000000000000006 R09: c5e368db845ee32b R10: 000000000000010f R11: 0000000000000206 R12: 000055cf1ada2980 R13: 00007ffc7cd8ae78 R14: 00007ffc7cd8b278 R15: 000055cee51d8ec8