0xffff88812fffcad0 name:"//" flags: 0xffffea0001cae008(dirty|private|private_2|writeback|mappedtodisk|swapbacked|uncached|young|idle) raw: ffffea0001cae008 dead000000000100 dead000000000200 ffff88812fffc9d0 raw: ffff88812fffc9d0 ffffea00015da008 ffffea00015da008 ffff88812fffc9f0 page dumped because: VM_BUG_ON_PAGE(!PageBuddy(page)) page->mem_cgroup:ffff88812fffc9f0 ------------[ cut here ]------------ kernel BUG at include/linux/page-flags.h:735! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 8017 Comm: syz-executor4 Not tainted 5.0.0-rc4-next-20190201 #25 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:__ClearPageBuddy include/linux/page-flags.h:735 [inline] RIP: 0010:rmv_page_order mm/page_alloc.c:744 [inline] RIP: 0010:rmv_page_order mm/page_alloc.c:742 [inline] RIP: 0010:__rmqueue_smallest mm/page_alloc.c:2178 [inline] RIP: 0010:__rmqueue mm/page_alloc.c:2702 [inline] RIP: 0010:rmqueue_bulk mm/page_alloc.c:2729 [inline] RIP: 0010:__rmqueue_pcplist mm/page_alloc.c:3200 [inline] RIP: 0010:rmqueue_pcplist mm/page_alloc.c:3229 [inline] RIP: 0010:rmqueue mm/page_alloc.c:3251 [inline] RIP: 0010:get_page_from_freelist+0x1aff/0x4170 mm/page_alloc.c:3666 Code: 65 ff 0d a4 d1 74 7e 0f 85 ee fd ff ff e8 ca 4a 73 ff e9 e4 fd ff ff 48 8b bd 40 ff ff ff 48 c7 c6 e0 71 72 87 e8 c1 e5 0b 00 <0f> 0b 83 bd 58 ff ff ff 0b 0f 84 a1 1d 00 00 44 8b a5 58 ff ff ff RSP: 0018:ffff888092deee18 EFLAGS: 00010046 RAX: 0000000000040000 RBX: dffffc0000000000 RCX: ffffc9000e667000 RDX: 0000000000040000 RSI: ffffffff81991137 RDI: ffffed10125bdda7 RBP: ffff888092deefc8 R08: 0000000000000021 R09: ffffed1015d23ef1 R10: ffffed1015d23ef0 R11: ffff8880ae91f787 R12: ffff88812fffc9c0 R13: 0000000000000138 R14: ffff88812fffc9c8 R15: 0000000000000003 FS: 00007f5ceb3f7700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020c29000 CR3: 000000008fbcf000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __alloc_pages_nodemask+0x248/0x7e0 mm/page_alloc.c:4712 alloc_pages_vma+0xdd/0x540 mm/mempolicy.c:2070 alloc_zeroed_user_highpage_movable include/linux/highmem.h:208 [inline] wp_page_copy+0xc8c/0x1740 mm/memory.c:2262 do_wp_page+0x48e/0x1500 mm/memory.c:2568 handle_pte_fault mm/memory.c:3817 [inline] __handle_mm_fault+0x22e8/0x3ec0 mm/memory.c:3925 handle_mm_fault+0x43f/0xb30 mm/memory.c:3962 do_user_addr_fault arch/x86/mm/fault.c:1475 [inline] __do_page_fault+0x5ef/0xda0 arch/x86/mm/fault.c:1541 do_page_fault+0x71/0x581 arch/x86/mm/fault.c:1572 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1143 RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 arch/x86/lib/copy_user_64.S:181 Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 RSP: 0018:ffff888092def650 EFLAGS: 00010206 RAX: 0000000000000000 RBX: 0000000000008000 RCX: 0000000000001ca5 RDX: 0000000000008000 RSI: ffff888098a4635b RDI: 0000000020c29000 RBP: ffff888092def688 R08: ffffed1013149000 R09: 0000000000000000 R10: ffffed1013148fff R11: ffff888098a47fff R12: 0000000020c22ca5 R13: ffff888098a40000 R14: 0000000020c2aca5 R15: 00007ffffffff000 _copy_to_iter+0x27e/0x1080 lib/iov_iter.c:609 copy_to_iter include/linux/uio.h:144 [inline] simple_copy_to_iter+0x36/0x40 net/core/datagram.c:516 __skb_datagram_iter+0x480/0x750 net/core/datagram.c:446 skb_copy_datagram_iter+0x92/0x310 net/core/datagram.c:530 skb_copy_datagram_msg include/linux/skbuff.h:3344 [inline] tcp_recvmsg+0x105c/0x2920 net/ipv4/tcp.c:2113 inet_recvmsg+0x13b/0x5f0 net/ipv4/af_inet.c:830 sock_recvmsg_nosec net/socket.c:794 [inline] sock_recvmsg net/socket.c:801 [inline] sock_recvmsg+0xd0/0x110 net/socket.c:797 ___sys_recvmsg+0x273/0x5d0 net/socket.c:2276 __sys_recvmsg+0x102/0x1d0 net/socket.c:2325 __do_sys_recvmsg net/socket.c:2335 [inline] __se_sys_recvmsg net/socket.c:2332 [inline] __x64_sys_recvmsg+0x78/0xb0 net/socket.c:2332 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x457e39 Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f5ceb3f6c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457e39 RDX: 0000000000000100 RSI: 0000000020000240 RDI: 0000000000000004 RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5ceb3f76d4 R13: 00000000004c4af5 R14: 00000000004d84b0 R15: 00000000ffffffff Modules linked in: ======================================================