Warning: Permanently added '[localhost]:20945' (ED25519) to the list of known hosts.
2025/08/02 21:37:10 ignoring optional flag "sandboxArg"="0"
2025/08/02 21:37:12 parsed 1 programs
[  133.187719][ T5658] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  137.246372][ T3001] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.249944][ T3001] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.279308][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  137.284044][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  137.820537][ T5691] chnl_net:caif_netlink_parms(): no params data found
[  137.880517][ T5691] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.883994][ T5691] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.888062][ T5691] bridge_slave_0: entered allmulticast mode
[  137.892195][ T5691] bridge_slave_0: entered promiscuous mode
[  137.897117][ T5691] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.900513][ T5691] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.903675][ T5691] bridge_slave_1: entered allmulticast mode
[  137.908971][ T5691] bridge_slave_1: entered promiscuous mode
[  137.933400][ T5691] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  137.939376][ T5691] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.948967][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  137.952027][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  137.972381][ T5691] team0: Port device team_slave_0 added
[  137.977694][ T5691] team0: Port device team_slave_1 added
[  137.999657][ T5691] batman_adv: batadv0: Adding interface: batadv_slave_0
[  138.003112][ T5691] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  138.015674][ T5691] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  138.022237][ T5691] batman_adv: batadv0: Adding interface: batadv_slave_1
[  138.025143][ T5691] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  138.037467][ T5691] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  138.072015][ T5691] hsr_slave_0: entered promiscuous mode
[  138.075309][ T5691] hsr_slave_1: entered promiscuous mode
[  138.739930][ T5691] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  138.753393][ T5691] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  138.771099][ T5691] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  138.787826][ T5691] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  138.942257][ T5691] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.965088][ T5691] 8021q: adding VLAN 0 to HW filter on device team0
[  139.000903][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.004191][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.028676][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.032461][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.092667][ T5691] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  139.397517][ T5691] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.468674][ T5691] veth0_vlan: entered promiscuous mode
[  139.490156][ T5691] veth1_vlan: entered promiscuous mode
[  139.540375][ T5691] veth0_macvtap: entered promiscuous mode
[  139.545832][ T5691] veth1_macvtap: entered promiscuous mode
[  139.596903][ T5691] batman_adv: batadv0: Interface activated: batadv_slave_0
[  139.603024][ T5691] batman_adv: batadv0: Interface activated: batadv_slave_1
[  139.643076][ T3075] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.649122][ T3075] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.653024][ T3075] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.698468][ T3075] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  139.904242][ T3075] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.009938][ T3075] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.088033][ T3075] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.199915][ T3075] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.264377][ T3075] bridge_slave_1: left allmulticast mode
[  142.277583][ T3075] bridge_slave_1: left promiscuous mode
[  142.280577][ T3075] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.291470][ T3075] bridge_slave_0: left allmulticast mode
[  142.294085][ T3075] bridge_slave_0: left promiscuous mode
[  142.307252][ T3075] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.651683][ T3075] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.658153][ T3075] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.663246][ T3075] bond0 (unregistering): Released all slaves
[  142.774892][ T3075] hsr_slave_0: left promiscuous mode
[  142.778029][ T3075] hsr_slave_1: left promiscuous mode
[  142.791236][ T3075] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.794624][ T3075] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.817046][ T3075] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.820365][ T3075] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.872151][ T3075] veth1_macvtap: left promiscuous mode
[  142.874744][ T3075] veth0_macvtap: left promiscuous mode
[  142.916293][ T3075] veth1_vlan: left promiscuous mode
[  142.918853][ T3075] veth0_vlan: left promiscuous mode
[  143.729818][ T3075] team0 (unregistering): Port device team_slave_1 removed
[  143.777609][ T3075] team0 (unregistering): Port device team_slave_0 removed
[  144.415554][   T45] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  144.422848][   T45] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  144.426826][   T45] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  144.430684][   T45] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  144.434344][   T45] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
2025/08/02 21:37:30 executed programs: 0
[  147.392144][ T4701] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  147.397734][ T4701] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  147.401737][ T4701] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  147.413575][ T4701] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  147.421083][ T4701] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  147.852893][ T5866] chnl_net:caif_netlink_parms(): no params data found
[  147.999445][ T5866] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.008116][ T5866] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.011353][ T5866] bridge_slave_0: entered allmulticast mode
[  148.027160][ T5866] bridge_slave_0: entered promiscuous mode
[  148.031763][ T5866] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.034772][ T5866] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.046534][ T5866] bridge_slave_1: entered allmulticast mode
[  148.057299][ T5866] bridge_slave_1: entered promiscuous mode
[  148.111036][ T5866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  148.124106][ T5866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  148.194321][ T5866] team0: Port device team_slave_0 added
[  148.209112][ T5866] team0: Port device team_slave_1 added
[  148.261407][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_0
[  148.264520][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  148.296857][ T5866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  148.310393][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_1
[  148.316875][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  148.346010][ T5866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  148.421785][ T5866] hsr_slave_0: entered promiscuous mode
[  148.425039][ T5866] hsr_slave_1: entered promiscuous mode
[  148.939909][ T5866] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  148.959069][ T5866] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  148.976230][ T5866] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  148.982258][ T5866] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  149.142750][ T5866] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.175072][ T5866] 8021q: adding VLAN 0 to HW filter on device team0
[  149.191848][ T3075] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.194859][ T3075] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.221265][ T3075] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.224508][ T3075] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.470458][ T4701] Bluetooth: hci0: command tx timeout
[  149.553462][ T5866] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.600132][ T5866] veth0_vlan: entered promiscuous mode
[  149.610553][ T5866] veth1_vlan: entered promiscuous mode
[  149.640302][ T5866] veth0_macvtap: entered promiscuous mode
[  149.647781][ T5866] veth1_macvtap: entered promiscuous mode
[  149.662849][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_0
[  149.677005][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_1
[  149.688148][ T3001] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  149.694006][ T3001] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  149.708196][ T3001] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  149.712110][ T3001] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  149.775836][ T3001] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.779489][ T3001] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.821834][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.825502][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  150.071856][ T5915] loop0: detected capacity change from 0 to 32768
[  150.084771][ T5915] XFS: ikeep mount option is deprecated.
[  150.109206][ T5915] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  150.194414][ T5915] XFS (loop0): Ending clean mount
[  150.210088][ T5915] XFS (loop0): Quotacheck needed: Please wait.
[  150.242776][ T5915] XFS (loop0): Quotacheck: Done.
[  150.297697][ T5866] BUG: Bad page state in process syz-executor  pfn:4c601
[  150.302131][ T5866] page does not match folio
[  150.309457][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x4c601
[  150.313888][ T5866] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  150.318936][ T5866] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  150.322744][ T5866] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  150.328442][ T5866] page dumped because: nonzero pincount
[  150.331051][ T5866] page_owner tracks the page as allocated
[  150.333770][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5915, tgid 5914 (syz.0.16), ts 150258229024, free_ts 136326703771
[  150.359004][ T5866]  post_alloc_hook+0x240/0x2a0
[  150.363363][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  150.367579][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  150.370440][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  150.372871][ T5866]  alloc_pages_noprof+0xa9/0x190
[  150.375538][ T5866]  folio_alloc_noprof+0x1e/0x30
[  150.378638][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  150.381203][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  150.383540][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  150.387595][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  150.390232][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  150.392767][ T5866]  vfs_write+0x54b/0xa90
[  150.394723][ T5866]  ksys_write+0x145/0x250
[  150.397565][ T5866]  do_syscall_64+0xfa/0x3b0
[  150.399932][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.402476][ T5866] page last free pid 5658 tgid 5658 stack trace:
[  150.405332][ T5866]  free_unref_folios+0xdbd/0x1520
[  150.409726][ T5866]  folios_put_refs+0x559/0x640
[  150.412497][ T5866]  free_pages_and_swap_cache+0x277/0x520
[  150.415782][ T5866]  tlb_flush_mmu+0x3a0/0x680
[  150.418727][ T5866]  tlb_finish_mmu+0xc3/0x1d0
[  150.420916][ T5866]  vms_clear_ptes+0x42c/0x540
[  150.423035][ T5866]  vms_complete_munmap_vmas+0x206/0x8a0
[  150.425553][ T5866]  do_vmi_align_munmap+0x358/0x420
[  150.434570][ T5866]  do_vmi_munmap+0x253/0x2e0
[  150.437632][ T5866]  __vm_munmap+0x23b/0x3d0
[  150.439979][ T5866]  __x64_sys_munmap+0x60/0x70
[  150.442297][ T5866]  do_syscall_64+0xfa/0x3b0
[  150.444372][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.449175][ T5866] Modules linked in:
[  150.451219][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Not tainted 6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  150.451235][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.451242][ T5866] Call Trace:
[  150.451248][ T5866]  <TASK>
[  150.451254][ T5866]  dump_stack_lvl+0x189/0x250
[  150.451275][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  150.451288][ T5866]  ? __pfx_print_modules+0x10/0x10
[  150.451303][ T5866]  ? percpu_ref_put+0x19/0x180
[  150.451317][ T5866]  ? percpu_ref_put+0x19/0x180
[  150.451331][ T5866]  ? percpu_ref_put+0xf9/0x180
[  150.451345][ T5866]  bad_page+0x180/0x1c0
[  150.451356][ T5866]  free_tail_page_prepare+0x2c3/0x4f0
[  150.451372][ T5866]  __free_frozen_pages+0x7b7/0xd30
[  150.451393][ T5866]  __folio_put+0x21b/0x2c0
[  150.451411][ T5866]  ? __pfx___folio_put+0x10/0x10
[  150.451430][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  150.451478][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  150.451496][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  150.451515][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  150.451528][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  150.451547][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  150.451557][ T5866]  ? lockdep_unlock+0x89/0x120
[  150.451592][ T5866]  ? __lock_acquire+0xab9/0xd20
[  150.451621][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  150.451632][ T5866]  ? _raw_spin_unlock_irq+0x23/0x50
[  150.451641][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  150.451648][ T5866]  ? lockdep_hardirqs_on+0x9c/0x150
[  150.451659][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  150.451666][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  150.451677][ T5866]  evict+0x501/0x9c0
[  150.451699][ T5866]  ? __pfx_evict+0x10/0x10
[  150.451715][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  150.451730][ T5866]  evict_inodes+0x64c/0x6d0
[  150.451745][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  150.451757][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  150.451775][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  150.451788][ T5866]  kill_block_super+0x44/0x90
[  150.451799][ T5866]  xfs_kill_sb+0x15/0x50
[  150.451810][ T5866]  deactivate_locked_super+0xbc/0x130
[  150.451827][ T5866]  cleanup_mnt+0x425/0x4c0
[  150.451843][ T5866]  ? lockdep_hardirqs_on+0x9c/0x150
[  150.451914][ T5866]  task_work_run+0x1d1/0x260
[  150.451933][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  150.451944][ T5866]  ? __x64_sys_umount+0x122/0x160
[  150.451958][ T5866]  ? exit_to_user_mode_loop+0x40/0x110
[  150.451976][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  150.451989][ T5866]  do_syscall_64+0x2bd/0x3b0
[  150.451999][ T5866]  ? lockdep_hardirqs_on+0x9c/0x150
[  150.452012][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.452023][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  150.452037][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.452047][ T5866] RIP: 0033:0x7f7ff658e117
[  150.452058][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  150.452067][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  150.452079][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  150.452085][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  150.452091][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  150.452097][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  150.452103][ T5866] R13: 00007f7ff660e08c R14: 0000000000024a5c R15: 00007ffd5b1f3a50
[  150.452119][ T5866]  </TASK>
[  150.452124][ T5866] Disabling lock debugging due to kernel taint
[  150.669205][ T5866] BUG: Bad page state in process syz-executor  pfn:4c600
[  150.672368][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4c600
[  150.678456][ T5866] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  150.682236][ T5866] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  150.687262][ T5866] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  150.692231][ T5866] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  150.697080][ T5866] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  150.700816][ T5866] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  150.704593][ T5866] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  150.708777][ T5866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  150.712957][ T5866] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  150.717300][ T5866] page_owner tracks the page as allocated
[  150.720560][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5915, tgid 5914 (syz.0.16), ts 150258229024, free_ts 136326697992
[  150.732752][ T5866]  post_alloc_hook+0x240/0x2a0
[  150.734953][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  150.738068][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  150.740781][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  150.742958][ T5866]  alloc_pages_noprof+0xa9/0x190
[  150.745396][ T5866]  folio_alloc_noprof+0x1e/0x30
[  150.750954][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  150.753562][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  150.756488][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  150.758829][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  150.761467][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  150.763970][ T5866]  vfs_write+0x54b/0xa90
[  150.766428][ T5866]  ksys_write+0x145/0x250
[  150.768618][ T5866]  do_syscall_64+0xfa/0x3b0
[  150.770867][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.773597][ T5866] page last free pid 5658 tgid 5658 stack trace:
[  150.777132][ T5866]  free_unref_folios+0xdbd/0x1520
[  150.779431][ T5866]  folios_put_refs+0x559/0x640
[  150.781760][ T5866]  free_pages_and_swap_cache+0x277/0x520
[  150.784405][ T5866]  tlb_flush_mmu+0x3a0/0x680
[  150.787379][ T5866]  tlb_finish_mmu+0xc3/0x1d0
[  150.789931][ T5866]  vms_clear_ptes+0x42c/0x540
[  150.792421][ T5866]  vms_complete_munmap_vmas+0x206/0x8a0
[  150.795544][ T5866]  do_vmi_align_munmap+0x358/0x420
[  150.798549][ T5866]  do_vmi_munmap+0x253/0x2e0
[  150.800676][ T5866]  __vm_munmap+0x23b/0x3d0
[  150.802715][ T5866]  __x64_sys_munmap+0x60/0x70
[  150.804861][ T5866]  do_syscall_64+0xfa/0x3b0
[  150.807748][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.810732][ T5866] Modules linked in:
[  150.812616][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  150.812634][ T5866] Tainted: [B]=BAD_PAGE
[  150.812638][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.812645][ T5866] Call Trace:
[  150.812652][ T5866]  <TASK>
[  150.812657][ T5866]  dump_stack_lvl+0x189/0x250
[  150.812675][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  150.812686][ T5866]  ? __pfx_print_modules+0x10/0x10
[  150.812701][ T5866]  bad_page+0x180/0x1c0
[  150.812711][ T5866]  __free_frozen_pages+0xce2/0xd30
[  150.812726][ T5866]  __folio_put+0x21b/0x2c0
[  150.812791][ T5866]  ? __pfx___folio_put+0x10/0x10
[  150.812806][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  150.812822][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  150.812832][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  150.812848][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  150.812859][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  150.812877][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  150.812886][ T5866]  ? lockdep_unlock+0x89/0x120
[  150.812904][ T5866]  ? __lock_acquire+0xab9/0xd20
[  150.812921][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  150.812935][ T5866]  ? _raw_spin_unlock_irq+0x23/0x50
[  150.812948][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  150.812960][ T5866]  ? lockdep_hardirqs_on+0x9c/0x150
[  150.812974][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  150.812985][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  150.812996][ T5866]  evict+0x501/0x9c0
[  150.813007][ T5866]  ? __pfx_evict+0x10/0x10
[  150.813018][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  150.813030][ T5866]  evict_inodes+0x64c/0x6d0
[  150.813044][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  150.813055][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  150.813069][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  150.813080][ T5866]  kill_block_super+0x44/0x90
[  150.813091][ T5866]  xfs_kill_sb+0x15/0x50
[  150.813102][ T5866]  deactivate_locked_super+0xbc/0x130
[  150.813119][ T5866]  cleanup_mnt+0x425/0x4c0
[  150.813135][ T5866]  ? lockdep_hardirqs_on+0x9c/0x150
[  150.813148][ T5866]  task_work_run+0x1d1/0x260
[  150.813162][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  150.813173][ T5866]  ? __x64_sys_umount+0x122/0x160
[  150.813184][ T5866]  ? exit_to_user_mode_loop+0x40/0x110
[  150.813199][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  150.813212][ T5866]  do_syscall_64+0x2bd/0x3b0
[  150.813221][ T5866]  ? lockdep_hardirqs_on+0x9c/0x150
[  150.813235][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.813245][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  150.813256][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.813266][ T5866] RIP: 0033:0x7f7ff658e117
[  150.813278][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  150.813287][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  150.813299][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  150.813306][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  150.813312][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  150.813318][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  150.813325][ T5866] R13: 00007f7ff660e08c R14: 0000000000024a5c R15: 00007ffd5b1f3a50
[  150.813335][ T5866]  </TASK>
[  150.813826][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.212580][ T5925] loop0: detected capacity change from 0 to 32768
[  151.222367][ T5925] XFS: ikeep mount option is deprecated.
[  151.234065][ T5925] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.265986][ T5925] XFS (loop0): Ending clean mount
[  151.269129][ T5925] XFS (loop0): Quotacheck needed: Please wait.
[  151.278037][ T5925] XFS (loop0): Quotacheck: Done.
[  151.300450][ T5866] BUG: Bad page state in process syz-executor  pfn:51601
[  151.303688][ T5866] page does not match folio
[  151.308322][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x51601
[  151.312793][ T5866] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  151.318130][ T5866] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  151.321852][ T5866] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  151.326452][ T5866] page dumped because: nonzero pincount
[  151.329334][ T5866] page_owner tracks the page as allocated
[  151.331962][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5925, tgid 5924 (syz.0.17), ts 151285227730, free_ts 150813426792
[  151.343853][ T5866]  post_alloc_hook+0x240/0x2a0
[  151.347795][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  151.350333][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  151.352999][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  151.355316][ T5866]  alloc_pages_noprof+0xa9/0x190
[  151.358381][ T5866]  folio_alloc_noprof+0x1e/0x30
[  151.360718][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  151.363334][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  151.365667][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  151.368606][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  151.371101][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  151.373391][ T5866]  vfs_write+0x54b/0xa90
[  151.375249][ T5866]  ksys_write+0x145/0x250
[  151.378113][ T5866]  do_syscall_64+0xfa/0x3b0
[  151.380535][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.383538][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  151.387749][ T5866]  free_unref_folios+0xdbd/0x1520
[  151.390253][ T5866]  folios_put_refs+0x559/0x640
[  151.392500][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  151.395365][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  151.398597][ T5866]  evict+0x501/0x9c0
[  151.401134][ T5866]  evict_inodes+0x64c/0x6d0
[  151.403228][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  151.405745][ T5866]  kill_block_super+0x44/0x90
[  151.409340][ T5866]  xfs_kill_sb+0x15/0x50
[  151.411368][ T5866]  deactivate_locked_super+0xbc/0x130
[  151.413927][ T5866]  cleanup_mnt+0x425/0x4c0
[  151.416681][ T5866]  task_work_run+0x1d1/0x260
[  151.419093][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  151.421751][ T5866]  do_syscall_64+0x2bd/0x3b0
[  151.424228][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.428102][ T5866] Modules linked in:
[  151.429935][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  151.429952][ T5866] Tainted: [B]=BAD_PAGE
[  151.429956][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.429963][ T5866] Call Trace:
[  151.429969][ T5866]  <TASK>
[  151.429974][ T5866]  dump_stack_lvl+0x189/0x250
[  151.429991][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.430001][ T5866]  ? __pfx_print_modules+0x10/0x10
[  151.430016][ T5866]  ? percpu_ref_put+0x19/0x180
[  151.430029][ T5866]  ? percpu_ref_put+0xf9/0x180
[  151.430040][ T5866]  bad_page+0x180/0x1c0
[  151.430049][ T5866]  free_tail_page_prepare+0x2c3/0x4f0
[  151.430061][ T5866]  __free_frozen_pages+0x7b7/0xd30
[  151.430075][ T5866]  __folio_put+0x21b/0x2c0
[  151.430089][ T5866]  ? __pfx___folio_put+0x10/0x10
[  151.430103][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  151.430118][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  151.430128][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  151.430138][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  151.430145][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  151.430153][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  151.430165][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  151.430179][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  151.430195][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  151.430208][ T5866]  ? rcu_is_watching+0x15/0xb0
[  151.430218][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  151.430229][ T5866]  ? rcu_is_watching+0x15/0xb0
[  151.430239][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  151.430249][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  151.430261][ T5866]  evict+0x501/0x9c0
[  151.430273][ T5866]  ? __pfx_evict+0x10/0x10
[  151.430281][ T5866]  ? rcu_is_watching+0x15/0xb0
[  151.430290][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  151.430303][ T5866]  evict_inodes+0x64c/0x6d0
[  151.430315][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  151.430327][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  151.430339][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  151.430348][ T5866]  kill_block_super+0x44/0x90
[  151.430358][ T5866]  xfs_kill_sb+0x15/0x50
[  151.430369][ T5866]  deactivate_locked_super+0xbc/0x130
[  151.430383][ T5866]  cleanup_mnt+0x425/0x4c0
[  151.430401][ T5866]  task_work_run+0x1d1/0x260
[  151.430415][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  151.430427][ T5866]  ? __x64_sys_umount+0x122/0x160
[  151.430437][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  151.430448][ T5866]  ? rcu_is_watching+0x15/0xb0
[  151.430457][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  151.430470][ T5866]  do_syscall_64+0x2bd/0x3b0
[  151.430481][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.430491][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  151.430501][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.430510][ T5866] RIP: 0033:0x7f7ff658e117
[  151.430520][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  151.430528][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  151.430539][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  151.430545][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  151.430550][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  151.430556][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  151.430563][ T5866] R13: 00007f7ff660e08c R14: 0000000000024e50 R15: 00007ffd5b1f3a50
[  151.430573][ T5866]  </TASK>
[  151.430602][ T5866] BUG: Bad page state in process syz-executor  pfn:51600
[  151.609007][ T4701] Bluetooth: hci0: command tx timeout
[  151.611749][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x51600
[  151.617810][ T5866] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  151.621517][ T5866] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  151.625831][ T5866] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  151.631255][ T5866] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  151.635376][ T5866] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  151.640134][ T5866] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  151.644035][ T5866] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  151.648537][ T5866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  151.652507][ T5866] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  151.656948][ T5866] page_owner tracks the page as allocated
[  151.659472][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5925, tgid 5924 (syz.0.17), ts 151285227730, free_ts 150813426792
[  151.670457][ T5866]  post_alloc_hook+0x240/0x2a0
[  151.672752][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  151.675574][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  151.678873][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  151.681111][ T5866]  alloc_pages_noprof+0xa9/0x190
[  151.683353][ T5866]  folio_alloc_noprof+0x1e/0x30
[  151.685623][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  151.688923][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  151.691610][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  151.694058][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  151.697189][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  151.699656][ T5866]  vfs_write+0x54b/0xa90
[  151.701611][ T5866]  ksys_write+0x145/0x250
[  151.703778][ T5866]  do_syscall_64+0xfa/0x3b0
[  151.710402][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.713292][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  151.717453][ T5866]  free_unref_folios+0xdbd/0x1520
[  151.720094][ T5866]  folios_put_refs+0x559/0x640
[  151.722508][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  151.725006][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  151.727632][ T5866]  evict+0x501/0x9c0
[  151.729359][ T5866]  evict_inodes+0x64c/0x6d0
[  151.731474][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  151.733903][ T5866]  kill_block_super+0x44/0x90
[  151.737087][ T5866]  xfs_kill_sb+0x15/0x50
[  151.739358][ T5866]  deactivate_locked_super+0xbc/0x130
[  151.741976][ T5866]  cleanup_mnt+0x425/0x4c0
[  151.744037][ T5866]  task_work_run+0x1d1/0x260
[  151.746609][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  151.748970][ T5866]  do_syscall_64+0x2bd/0x3b0
[  151.751009][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.753753][ T5866] Modules linked in:
[  151.755730][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  151.755751][ T5866] Tainted: [B]=BAD_PAGE
[  151.755755][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.755762][ T5866] Call Trace:
[  151.755770][ T5866]  <TASK>
[  151.755777][ T5866]  dump_stack_lvl+0x189/0x250
[  151.755796][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.755808][ T5866]  ? __pfx_print_modules+0x10/0x10
[  151.755826][ T5866]  bad_page+0x180/0x1c0
[  151.755837][ T5866]  __free_frozen_pages+0xce2/0xd30
[  151.755869][ T5866]  __folio_put+0x21b/0x2c0
[  151.755887][ T5866]  ? __pfx___folio_put+0x10/0x10
[  151.755902][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  151.755917][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  151.755929][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  151.755945][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  151.755956][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  151.755968][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  151.755983][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  151.755999][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  151.756017][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  151.756031][ T5866]  ? rcu_is_watching+0x15/0xb0
[  151.756041][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  151.756054][ T5866]  ? rcu_is_watching+0x15/0xb0
[  151.756064][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  151.756076][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  151.756089][ T5866]  evict+0x501/0x9c0
[  151.756102][ T5866]  ? __pfx_evict+0x10/0x10
[  151.756111][ T5866]  ? rcu_is_watching+0x15/0xb0
[  151.756122][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  151.756135][ T5866]  evict_inodes+0x64c/0x6d0
[  151.756148][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  151.756160][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  151.756175][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  151.756186][ T5866]  kill_block_super+0x44/0x90
[  151.756197][ T5866]  xfs_kill_sb+0x15/0x50
[  151.756208][ T5866]  deactivate_locked_super+0xbc/0x130
[  151.756224][ T5866]  cleanup_mnt+0x425/0x4c0
[  151.756242][ T5866]  task_work_run+0x1d1/0x260
[  151.756257][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  151.756269][ T5866]  ? __x64_sys_umount+0x122/0x160
[  151.756279][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  151.756291][ T5866]  ? rcu_is_watching+0x15/0xb0
[  151.756301][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  151.756316][ T5866]  do_syscall_64+0x2bd/0x3b0
[  151.756328][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.756339][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  151.756350][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.756361][ T5866] RIP: 0033:0x7f7ff658e117
[  151.756373][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  151.756383][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  151.756397][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  151.756404][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  151.756411][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  151.756418][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  151.756425][ T5866] R13: 00007f7ff660e08c R14: 0000000000024e50 R15: 00007ffd5b1f3a50
[  151.756444][ T5866]  </TASK>
[  151.916750][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  152.124454][ T5935] loop0: detected capacity change from 0 to 32768
[  152.137021][ T5935] XFS: ikeep mount option is deprecated.
[  152.148924][ T5935] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  152.180046][ T5935] XFS (loop0): Ending clean mount
[  152.183054][ T5935] XFS (loop0): Quotacheck needed: Please wait.
[  152.192734][ T5935] XFS (loop0): Quotacheck: Done.
[  152.219382][ T5866] BUG: Bad page state in process syz-executor  pfn:49801
[  152.223143][ T5866] page does not match folio
[  152.225450][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x49801
[  152.231551][ T5866] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  152.235205][ T5866] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  152.241478][ T5866] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  152.245617][ T5866] page dumped because: nonzero pincount
[  152.248965][ T5866] page_owner tracks the page as allocated
[  152.251628][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5935, tgid 5934 (syz.0.18), ts 152203925682, free_ts 151916360556
[  152.262865][ T5866]  post_alloc_hook+0x240/0x2a0
[  152.265243][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  152.270083][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  152.272860][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  152.275171][ T5866]  alloc_pages_noprof+0xa9/0x190
[  152.278088][ T5866]  folio_alloc_noprof+0x1e/0x30
[  152.280470][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  152.282959][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  152.285232][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  152.288359][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  152.291045][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  152.293622][ T5866]  vfs_write+0x54b/0xa90
[  152.295694][ T5866]  ksys_write+0x145/0x250
[  152.298163][ T5866]  do_syscall_64+0xfa/0x3b0
[  152.300256][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.302793][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  152.306562][ T5866]  free_unref_folios+0xdbd/0x1520
[  152.309199][ T5866]  folios_put_refs+0x559/0x640
[  152.311682][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  152.314229][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  152.316917][ T5866]  evict+0x501/0x9c0
[  152.318686][ T5866]  evict_inodes+0x64c/0x6d0
[  152.320764][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  152.323063][ T5866]  kill_block_super+0x44/0x90
[  152.325128][ T5866]  xfs_kill_sb+0x15/0x50
[  152.329440][ T5866]  deactivate_locked_super+0xbc/0x130
[  152.332979][ T5866]  cleanup_mnt+0x425/0x4c0
[  152.335245][ T5866]  task_work_run+0x1d1/0x260
[  152.337930][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  152.340693][ T5866]  do_syscall_64+0x2bd/0x3b0
[  152.342849][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.348779][ T5866] Modules linked in:
[  152.350963][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  152.350983][ T5866] Tainted: [B]=BAD_PAGE
[  152.350987][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.350994][ T5866] Call Trace:
[  152.351000][ T5866]  <TASK>
[  152.351006][ T5866]  dump_stack_lvl+0x189/0x250
[  152.351025][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.351038][ T5866]  ? __pfx_print_modules+0x10/0x10
[  152.351054][ T5866]  ? percpu_ref_put+0x19/0x180
[  152.351068][ T5866]  ? percpu_ref_put+0xf9/0x180
[  152.351081][ T5866]  bad_page+0x180/0x1c0
[  152.351091][ T5866]  free_tail_page_prepare+0x2c3/0x4f0
[  152.351105][ T5866]  __free_frozen_pages+0x7b7/0xd30
[  152.351120][ T5866]  __folio_put+0x21b/0x2c0
[  152.351136][ T5866]  ? __pfx___folio_put+0x10/0x10
[  152.351151][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  152.351167][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  152.351180][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  152.351197][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  152.351208][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  152.351220][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  152.351236][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  152.351252][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  152.351269][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  152.351283][ T5866]  ? rcu_is_watching+0x15/0xb0
[  152.351293][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  152.351306][ T5866]  ? rcu_is_watching+0x15/0xb0
[  152.351316][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  152.351328][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  152.351341][ T5866]  evict+0x501/0x9c0
[  152.351353][ T5866]  ? __pfx_evict+0x10/0x10
[  152.351363][ T5866]  ? rcu_is_watching+0x15/0xb0
[  152.351373][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  152.351386][ T5866]  evict_inodes+0x64c/0x6d0
[  152.351400][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  152.351412][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  152.351428][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  152.351468][ T5866]  kill_block_super+0x44/0x90
[  152.351479][ T5866]  xfs_kill_sb+0x15/0x50
[  152.351490][ T5866]  deactivate_locked_super+0xbc/0x130
[  152.351506][ T5866]  cleanup_mnt+0x425/0x4c0
[  152.351523][ T5866]  task_work_run+0x1d1/0x260
[  152.351538][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  152.351550][ T5866]  ? __x64_sys_umount+0x122/0x160
[  152.351562][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  152.351573][ T5866]  ? rcu_is_watching+0x15/0xb0
[  152.351583][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  152.351597][ T5866]  do_syscall_64+0x2bd/0x3b0
[  152.351609][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.351620][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  152.351631][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.351642][ T5866] RIP: 0033:0x7f7ff658e117
[  152.351653][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  152.351663][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  152.351677][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  152.351684][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  152.351691][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  152.351697][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  152.351704][ T5866] R13: 00007f7ff660e08c R14: 00000000000251e3 R15: 00007ffd5b1f3a50
[  152.351715][ T5866]  </TASK>
[  152.351748][ T5866] BUG: Bad page state in process syz-executor  pfn:49800
[  152.521470][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x49800
[  152.525231][ T5866] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  152.529196][ T5866] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  152.533762][ T5866] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  152.539959][ T5866] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  152.544006][ T5866] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  152.549938][ T5866] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  152.554396][ T5866] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  152.558850][ T5866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  152.562627][ T5866] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  152.565794][ T5866] page_owner tracks the page as allocated
[  152.568768][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5935, tgid 5934 (syz.0.18), ts 152203925682, free_ts 151916360556
[  152.579995][ T5866]  post_alloc_hook+0x240/0x2a0
[  152.582085][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  152.584488][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  152.587391][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  152.590016][ T5866]  alloc_pages_noprof+0xa9/0x190
[  152.592412][ T5866]  folio_alloc_noprof+0x1e/0x30
[  152.594564][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  152.597799][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  152.600316][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  152.602929][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  152.606488][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  152.609003][ T5866]  vfs_write+0x54b/0xa90
[  152.610964][ T5866]  ksys_write+0x145/0x250
[  152.612862][ T5866]  do_syscall_64+0xfa/0x3b0
[  152.614866][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.618207][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  152.620999][ T5866]  free_unref_folios+0xdbd/0x1520
[  152.623222][ T5866]  folios_put_refs+0x559/0x640
[  152.625788][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  152.630753][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  152.632958][ T5866]  evict+0x501/0x9c0
[  152.634743][ T5866]  evict_inodes+0x64c/0x6d0
[  152.637881][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  152.640256][ T5866]  kill_block_super+0x44/0x90
[  152.642366][ T5866]  xfs_kill_sb+0x15/0x50
[  152.644249][ T5866]  deactivate_locked_super+0xbc/0x130
[  152.647460][ T5866]  cleanup_mnt+0x425/0x4c0
[  152.649860][ T5866]  task_work_run+0x1d1/0x260
[  152.652134][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  152.654697][ T5866]  do_syscall_64+0x2bd/0x3b0
[  152.657518][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.660595][ T5866] Modules linked in:
[  152.662519][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  152.662537][ T5866] Tainted: [B]=BAD_PAGE
[  152.662540][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.662547][ T5866] Call Trace:
[  152.662554][ T5866]  <TASK>
[  152.662560][ T5866]  dump_stack_lvl+0x189/0x250
[  152.662576][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.662586][ T5866]  ? __pfx_print_modules+0x10/0x10
[  152.662603][ T5866]  bad_page+0x180/0x1c0
[  152.662612][ T5866]  __free_frozen_pages+0xce2/0xd30
[  152.662626][ T5866]  __folio_put+0x21b/0x2c0
[  152.662639][ T5866]  ? __pfx___folio_put+0x10/0x10
[  152.662653][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  152.662668][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  152.662680][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  152.662694][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  152.662702][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  152.662713][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  152.662726][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  152.662740][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  152.662755][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  152.662768][ T5866]  ? rcu_is_watching+0x15/0xb0
[  152.662778][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  152.662788][ T5866]  ? rcu_is_watching+0x15/0xb0
[  152.662798][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  152.662809][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  152.662821][ T5866]  evict+0x501/0x9c0
[  152.662833][ T5866]  ? __pfx_evict+0x10/0x10
[  152.662842][ T5866]  ? rcu_is_watching+0x15/0xb0
[  152.662851][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  152.662863][ T5866]  evict_inodes+0x64c/0x6d0
[  152.662875][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  152.662886][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  152.662900][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  152.662910][ T5866]  kill_block_super+0x44/0x90
[  152.662926][ T5866]  xfs_kill_sb+0x15/0x50
[  152.662936][ T5866]  deactivate_locked_super+0xbc/0x130
[  152.662951][ T5866]  cleanup_mnt+0x425/0x4c0
[  152.662966][ T5866]  task_work_run+0x1d1/0x260
[  152.662979][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  152.662989][ T5866]  ? __x64_sys_umount+0x122/0x160
[  152.662999][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  152.663009][ T5866]  ? rcu_is_watching+0x15/0xb0
[  152.663018][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  152.663031][ T5866]  do_syscall_64+0x2bd/0x3b0
[  152.663041][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.663051][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  152.663062][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.663072][ T5866] RIP: 0033:0x7f7ff658e117
[  152.663082][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  152.663090][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  152.663101][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  152.663108][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  152.663114][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  152.663120][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  152.663126][ T5866] R13: 00007f7ff660e08c R14: 00000000000251e3 R15: 00007ffd5b1f3a50
[  152.663137][ T5866]  </TASK>
[  152.663546][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.028665][ T5945] loop0: detected capacity change from 0 to 32768
[  153.038207][ T5945] XFS: ikeep mount option is deprecated.
[  153.051703][ T5945] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.081388][ T5945] XFS (loop0): Ending clean mount
[  153.088696][ T5945] XFS (loop0): Quotacheck needed: Please wait.
[  153.098679][ T5945] XFS (loop0): Quotacheck: Done.
[  153.119089][ T5866] BUG: Bad page state in process syz-executor  pfn:49c01
[  153.123169][ T5866] page does not match folio
[  153.125645][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x49c01
[  153.131196][ T5866] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  153.134503][ T5866] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  153.139149][ T5866] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  153.143195][ T5866] page dumped because: nonzero pincount
[  153.147830][ T5866] page_owner tracks the page as allocated
[  153.151028][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5945, tgid 5944 (syz.0.19), ts 153105074038, free_ts 152663187842
[  153.162803][ T5866]  post_alloc_hook+0x240/0x2a0
[  153.165353][ T5866]  get_page_from_freelist+0x21e4/0x22c0
2025/08/02 21:37:36 executed programs: 6
[  153.171378][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  153.174126][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  153.177398][ T5866]  alloc_pages_noprof+0xa9/0x190
[  153.180129][ T5866]  folio_alloc_noprof+0x1e/0x30
[  153.182295][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  153.184723][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  153.187807][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  153.190175][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  153.192978][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  153.195625][ T5866]  vfs_write+0x54b/0xa90
[  153.198223][ T5866]  ksys_write+0x145/0x250
[  153.200307][ T5866]  do_syscall_64+0xfa/0x3b0
[  153.202441][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.205156][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  153.208699][ T5866]  free_unref_folios+0xdbd/0x1520
[  153.211026][ T5866]  folios_put_refs+0x559/0x640
[  153.213236][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  153.215754][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  153.218386][ T5866]  evict+0x501/0x9c0
[  153.220302][ T5866]  evict_inodes+0x64c/0x6d0
[  153.222484][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  153.225072][ T5866]  kill_block_super+0x44/0x90
[  153.228036][ T5866]  xfs_kill_sb+0x15/0x50
[  153.230093][ T5866]  deactivate_locked_super+0xbc/0x130
[  153.232626][ T5866]  cleanup_mnt+0x425/0x4c0
[  153.235121][ T5866]  task_work_run+0x1d1/0x260
[  153.238247][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  153.241058][ T5866]  do_syscall_64+0x2bd/0x3b0
[  153.243133][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.245844][ T5866] Modules linked in:
[  153.248985][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  153.249003][ T5866] Tainted: [B]=BAD_PAGE
[  153.249006][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.249011][ T5866] Call Trace:
[  153.249014][ T5866]  <TASK>
[  153.249017][ T5866]  dump_stack_lvl+0x189/0x250
[  153.249029][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.249036][ T5866]  ? __pfx_print_modules+0x10/0x10
[  153.249049][ T5866]  ? percpu_ref_put+0x19/0x180
[  153.249061][ T5866]  ? percpu_ref_put+0xf9/0x180
[  153.249072][ T5866]  bad_page+0x180/0x1c0
[  153.249081][ T5866]  free_tail_page_prepare+0x2c3/0x4f0
[  153.249094][ T5866]  __free_frozen_pages+0x7b7/0xd30
[  153.249108][ T5866]  __folio_put+0x21b/0x2c0
[  153.249122][ T5866]  ? __pfx___folio_put+0x10/0x10
[  153.249135][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  153.249149][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  153.249160][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  153.249176][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  153.249186][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  153.249198][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  153.249208][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  153.249217][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  153.249228][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.249241][ T5866]  ? rcu_is_watching+0x15/0xb0
[  153.249250][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.249261][ T5866]  ? rcu_is_watching+0x15/0xb0
[  153.249271][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.249282][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  153.249294][ T5866]  evict+0x501/0x9c0
[  153.249305][ T5866]  ? __pfx_evict+0x10/0x10
[  153.249314][ T5866]  ? rcu_is_watching+0x15/0xb0
[  153.249323][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  153.249336][ T5866]  evict_inodes+0x64c/0x6d0
[  153.249348][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  153.249359][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  153.249372][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  153.249382][ T5866]  kill_block_super+0x44/0x90
[  153.249393][ T5866]  xfs_kill_sb+0x15/0x50
[  153.249404][ T5866]  deactivate_locked_super+0xbc/0x130
[  153.249419][ T5866]  cleanup_mnt+0x425/0x4c0
[  153.249434][ T5866]  task_work_run+0x1d1/0x260
[  153.249447][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  153.249457][ T5866]  ? __x64_sys_umount+0x122/0x160
[  153.249467][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  153.249477][ T5866]  ? rcu_is_watching+0x15/0xb0
[  153.249487][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  153.249500][ T5866]  do_syscall_64+0x2bd/0x3b0
[  153.249510][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.249519][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  153.249529][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.249538][ T5866] RIP: 0033:0x7f7ff658e117
[  153.249548][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  153.249557][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  153.249569][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  153.249576][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  153.249581][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  153.249586][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  153.249592][ T5866] R13: 00007f7ff660e08c R14: 0000000000025564 R15: 00007ffd5b1f3a50
[  153.249601][ T5866]  </TASK>
[  153.249630][ T5866] BUG: Bad page state in process syz-executor  pfn:49c00
[  153.422345][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x49c00
[  153.426983][ T5866] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  153.430874][ T5866] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  153.435117][ T5866] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  153.439326][ T5866] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  153.443055][ T5866] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  153.447783][ T5866] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  153.451758][ T5866] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  153.455454][ T5866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  153.460524][ T5866] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  153.463828][ T5866] page_owner tracks the page as allocated
[  153.467612][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5945, tgid 5944 (syz.0.19), ts 153105074038, free_ts 152663187842
[  153.478881][ T5866]  post_alloc_hook+0x240/0x2a0
[  153.480998][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  153.483454][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  153.486413][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  153.488579][ T5866]  alloc_pages_noprof+0xa9/0x190
[  153.490941][ T5866]  folio_alloc_noprof+0x1e/0x30
[  153.493194][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  153.495743][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  153.498811][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  153.500998][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  153.503451][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  153.506515][ T5866]  vfs_write+0x54b/0xa90
[  153.508841][ T5866]  ksys_write+0x145/0x250
[  153.511026][ T5866]  do_syscall_64+0xfa/0x3b0
[  153.513274][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.516651][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  153.519302][ T5866]  free_unref_folios+0xdbd/0x1520
[  153.521449][ T5866]  folios_put_refs+0x559/0x640
[  153.523463][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  153.527337][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  153.529897][ T5866]  evict+0x501/0x9c0
[  153.531896][ T5866]  evict_inodes+0x64c/0x6d0
[  153.534008][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  153.537024][ T5866]  kill_block_super+0x44/0x90
[  153.539151][ T5866]  xfs_kill_sb+0x15/0x50
[  153.541608][ T5866]  deactivate_locked_super+0xbc/0x130
[  153.544324][ T5866]  cleanup_mnt+0x425/0x4c0
[  153.547687][ T5866]  task_work_run+0x1d1/0x260
[  153.549945][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  153.552161][ T5866]  do_syscall_64+0x2bd/0x3b0
[  153.554060][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.557273][ T5866] Modules linked in:
[  153.559653][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  153.559671][ T5866] Tainted: [B]=BAD_PAGE
[  153.559674][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.559681][ T5866] Call Trace:
[  153.559685][ T5866]  <TASK>
[  153.559689][ T5866]  dump_stack_lvl+0x189/0x250
[  153.559705][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.559712][ T5866]  ? __pfx_print_modules+0x10/0x10
[  153.559729][ T5866]  bad_page+0x180/0x1c0
[  153.559738][ T5866]  __free_frozen_pages+0xce2/0xd30
[  153.559750][ T5866]  __folio_put+0x21b/0x2c0
[  153.559768][ T5866]  ? __pfx___folio_put+0x10/0x10
[  153.559782][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  153.559796][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  153.559808][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  153.559823][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  153.559830][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  153.559840][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  153.559852][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  153.559870][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  153.559888][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.559901][ T5866]  ? rcu_is_watching+0x15/0xb0
[  153.559910][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.559923][ T5866]  ? rcu_is_watching+0x15/0xb0
[  153.559932][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.559943][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  153.559954][ T5866]  evict+0x501/0x9c0
[  153.559966][ T5866]  ? __pfx_evict+0x10/0x10
[  153.559974][ T5866]  ? rcu_is_watching+0x15/0xb0
[  153.559983][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  153.559996][ T5866]  evict_inodes+0x64c/0x6d0
[  153.560007][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  153.560017][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  153.560030][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  153.560040][ T5866]  kill_block_super+0x44/0x90
[  153.560051][ T5866]  xfs_kill_sb+0x15/0x50
[  153.560061][ T5866]  deactivate_locked_super+0xbc/0x130
[  153.560076][ T5866]  cleanup_mnt+0x425/0x4c0
[  153.560091][ T5866]  task_work_run+0x1d1/0x260
[  153.560104][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  153.560115][ T5866]  ? __x64_sys_umount+0x122/0x160
[  153.560125][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  153.560135][ T5866]  ? rcu_is_watching+0x15/0xb0
[  153.560143][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  153.560156][ T5866]  do_syscall_64+0x2bd/0x3b0
[  153.560167][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.560176][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  153.560186][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.560195][ T5866] RIP: 0033:0x7f7ff658e117
[  153.560205][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  153.560214][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  153.560225][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  153.560231][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  153.560237][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  153.560243][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  153.560250][ T5866] R13: 00007f7ff660e08c R14: 0000000000025564 R15: 00007ffd5b1f3a50
[  153.560260][ T5866]  </TASK>
[  153.560674][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.723236][ T4701] Bluetooth: hci0: command tx timeout
[  153.942340][ T5955] loop0: detected capacity change from 0 to 32768
[  153.955507][ T5955] XFS: ikeep mount option is deprecated.
[  153.970150][ T5955] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.008988][ T5955] XFS (loop0): Ending clean mount
[  154.012180][ T5955] XFS (loop0): Quotacheck needed: Please wait.
[  154.021177][ T5955] XFS (loop0): Quotacheck: Done.
[  154.042066][ T5866] BUG: Bad page state in process syz-executor  pfn:48001
[  154.045132][ T5866] page does not match folio
[  154.048347][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x48001
[  154.052631][ T5866] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  154.055708][ T5866] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  154.061008][ T5866] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  154.064980][ T5866] page dumped because: nonzero pincount
[  154.068338][ T5866] page_owner tracks the page as allocated
[  154.071464][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5955, tgid 5954 (syz.0.20), ts 154027869731, free_ts 153560314694
[  154.082748][ T5866]  post_alloc_hook+0x240/0x2a0
[  154.084840][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  154.089532][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  154.092092][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  154.094231][ T5866]  alloc_pages_noprof+0xa9/0x190
[  154.097199][ T5866]  folio_alloc_noprof+0x1e/0x30
[  154.099824][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  154.102525][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  154.104810][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  154.108034][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  154.110640][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  154.113061][ T5866]  vfs_write+0x54b/0xa90
[  154.114871][ T5866]  ksys_write+0x145/0x250
[  154.117301][ T5866]  do_syscall_64+0xfa/0x3b0
[  154.119285][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.122174][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  154.125161][ T5866]  free_unref_folios+0xdbd/0x1520
[  154.127857][ T5866]  folios_put_refs+0x559/0x640
[  154.129979][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  154.132443][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  154.134485][ T5866]  evict+0x501/0x9c0
[  154.137125][ T5866]  evict_inodes+0x64c/0x6d0
[  154.139622][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  154.141891][ T5866]  kill_block_super+0x44/0x90
[  154.143915][ T5866]  xfs_kill_sb+0x15/0x50
[  154.146408][ T5866]  deactivate_locked_super+0xbc/0x130
[  154.148811][ T5866]  cleanup_mnt+0x425/0x4c0
[  154.150774][ T5866]  task_work_run+0x1d1/0x260
[  154.152806][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  154.155074][ T5866]  do_syscall_64+0x2bd/0x3b0
[  154.158212][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.160971][ T5866] Modules linked in:
[  154.162741][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  154.162758][ T5866] Tainted: [B]=BAD_PAGE
[  154.162761][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.162768][ T5866] Call Trace:
[  154.162775][ T5866]  <TASK>
[  154.162781][ T5866]  dump_stack_lvl+0x189/0x250
[  154.162798][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.162810][ T5866]  ? __pfx_print_modules+0x10/0x10
[  154.162824][ T5866]  ? percpu_ref_put+0x19/0x180
[  154.162835][ T5866]  ? percpu_ref_put+0xf9/0x180
[  154.162845][ T5866]  bad_page+0x180/0x1c0
[  154.162854][ T5866]  free_tail_page_prepare+0x2c3/0x4f0
[  154.162867][ T5866]  __free_frozen_pages+0x7b7/0xd30
[  154.162881][ T5866]  __folio_put+0x21b/0x2c0
[  154.162895][ T5866]  ? __pfx___folio_put+0x10/0x10
[  154.162910][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  154.162925][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  154.162936][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  154.162960][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  154.162971][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  154.162982][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  154.162996][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  154.163011][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  154.163027][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  154.163039][ T5866]  ? rcu_is_watching+0x15/0xb0
[  154.163049][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  154.163060][ T5866]  ? rcu_is_watching+0x15/0xb0
[  154.163069][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  154.163081][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  154.163093][ T5866]  evict+0x501/0x9c0
[  154.163105][ T5866]  ? __pfx_evict+0x10/0x10
[  154.163113][ T5866]  ? rcu_is_watching+0x15/0xb0
[  154.163122][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  154.163135][ T5866]  evict_inodes+0x64c/0x6d0
[  154.163147][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  154.163158][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  154.163171][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  154.163181][ T5866]  kill_block_super+0x44/0x90
[  154.163191][ T5866]  xfs_kill_sb+0x15/0x50
[  154.163202][ T5866]  deactivate_locked_super+0xbc/0x130
[  154.163217][ T5866]  cleanup_mnt+0x425/0x4c0
[  154.163232][ T5866]  task_work_run+0x1d1/0x260
[  154.163244][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  154.163255][ T5866]  ? __x64_sys_umount+0x122/0x160
[  154.163264][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  154.163274][ T5866]  ? rcu_is_watching+0x15/0xb0
[  154.163284][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  154.163298][ T5866]  do_syscall_64+0x2bd/0x3b0
[  154.163310][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.163319][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  154.163330][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.163340][ T5866] RIP: 0033:0x7f7ff658e117
[  154.163351][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  154.163359][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  154.163372][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  154.163378][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  154.163384][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  154.163390][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  154.163396][ T5866] R13: 00007f7ff660e08c R14: 00000000000258fe R15: 00007ffd5b1f3a50
[  154.163407][ T5866]  </TASK>
[  154.163468][ T5866] BUG: Bad page state in process syz-executor  pfn:48000
[  154.332526][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x48000
[  154.337290][ T5866] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  154.341041][ T5866] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  154.345407][ T5866] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  154.350359][ T5866] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  154.354647][ T5866] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  154.358773][ T5866] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  154.362989][ T5866] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  154.367671][ T5866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  154.371481][ T5866] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  154.374622][ T5866] page_owner tracks the page as allocated
[  154.378245][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5955, tgid 5954 (syz.0.20), ts 154027869731, free_ts 153560314694
[  154.389124][ T5866]  post_alloc_hook+0x240/0x2a0
[  154.391317][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  154.393827][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  154.397412][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  154.399811][ T5866]  alloc_pages_noprof+0xa9/0x190
[  154.401980][ T5866]  folio_alloc_noprof+0x1e/0x30
[  154.404070][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  154.407121][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  154.409311][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  154.411735][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  154.414359][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  154.417311][ T5866]  vfs_write+0x54b/0xa90
[  154.419144][ T5866]  ksys_write+0x145/0x250
[  154.421085][ T5866]  do_syscall_64+0xfa/0x3b0
[  154.423008][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.425476][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  154.429431][ T5866]  free_unref_folios+0xdbd/0x1520
[  154.431723][ T5866]  folios_put_refs+0x559/0x640
[  154.433892][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  154.437449][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  154.439571][ T5866]  evict+0x501/0x9c0
[  154.441249][ T5866]  evict_inodes+0x64c/0x6d0
[  154.443154][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  154.445604][ T5866]  kill_block_super+0x44/0x90
[  154.448518][ T5866]  xfs_kill_sb+0x15/0x50
[  154.450402][ T5866]  deactivate_locked_super+0xbc/0x130
[  154.452713][ T5866]  cleanup_mnt+0x425/0x4c0
[  154.454690][ T5866]  task_work_run+0x1d1/0x260
[  154.457280][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  154.459633][ T5866]  do_syscall_64+0x2bd/0x3b0
[  154.461615][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.464199][ T5866] Modules linked in:
[  154.466485][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  154.466500][ T5866] Tainted: [B]=BAD_PAGE
[  154.466503][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.466509][ T5866] Call Trace:
[  154.466513][ T5866]  <TASK>
[  154.466519][ T5866]  dump_stack_lvl+0x189/0x250
[  154.466533][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.466544][ T5866]  ? __pfx_print_modules+0x10/0x10
[  154.466561][ T5866]  bad_page+0x180/0x1c0
[  154.466572][ T5866]  __free_frozen_pages+0xce2/0xd30
[  154.466585][ T5866]  __folio_put+0x21b/0x2c0
[  154.466599][ T5866]  ? __pfx___folio_put+0x10/0x10
[  154.466613][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  154.466634][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  154.466646][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  154.466662][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  154.466673][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  154.466683][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  154.466698][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  154.466712][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  154.466729][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  154.466742][ T5866]  ? rcu_is_watching+0x15/0xb0
[  154.466751][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  154.466764][ T5866]  ? rcu_is_watching+0x15/0xb0
[  154.466774][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  154.466784][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  154.466797][ T5866]  evict+0x501/0x9c0
[  154.466808][ T5866]  ? __pfx_evict+0x10/0x10
[  154.466816][ T5866]  ? rcu_is_watching+0x15/0xb0
[  154.466825][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  154.466839][ T5866]  evict_inodes+0x64c/0x6d0
[  154.466850][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  154.466861][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  154.466875][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  154.466885][ T5866]  kill_block_super+0x44/0x90
[  154.466894][ T5866]  xfs_kill_sb+0x15/0x50
[  154.466906][ T5866]  deactivate_locked_super+0xbc/0x130
[  154.466919][ T5866]  cleanup_mnt+0x425/0x4c0
[  154.466934][ T5866]  task_work_run+0x1d1/0x260
[  154.466947][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  154.466958][ T5866]  ? __x64_sys_umount+0x122/0x160
[  154.466969][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  154.466979][ T5866]  ? rcu_is_watching+0x15/0xb0
[  154.466988][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  154.467002][ T5866]  do_syscall_64+0x2bd/0x3b0
[  154.467012][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.467021][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  154.467033][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.467042][ T5866] RIP: 0033:0x7f7ff658e117
[  154.467052][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  154.467061][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  154.467072][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  154.467078][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  154.467084][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  154.467090][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  154.467098][ T5866] R13: 00007f7ff660e08c R14: 00000000000258fe R15: 00007ffd5b1f3a50
[  154.467108][ T5866]  </TASK>
[  154.467599][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.833780][ T5965] loop0: detected capacity change from 0 to 32768
[  154.855403][ T5965] XFS: ikeep mount option is deprecated.
[  154.867487][ T5965] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.898331][ T5965] XFS (loop0): Ending clean mount
[  154.901520][ T5965] XFS (loop0): Quotacheck needed: Please wait.
[  154.919465][ T5965] XFS (loop0): Quotacheck: Done.
[  154.940956][ T5866] BUG: Bad page state in process syz-executor  pfn:54a01
[  154.944534][ T5866] page does not match folio
[  154.948255][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x54a01
[  154.952196][ T5866] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  154.954986][ T5866] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  154.959686][ T5866] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  154.962900][ T5866] page dumped because: nonzero pincount
[  154.965025][ T5866] page_owner tracks the page as allocated
[  154.967647][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5965, tgid 5964 (syz.0.21), ts 154926359169, free_ts 154467154169
[  154.978138][ T5866]  post_alloc_hook+0x240/0x2a0
[  154.980391][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  154.982892][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  154.985499][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  154.990140][ T5866]  alloc_pages_noprof+0xa9/0x190
[  154.992851][ T5866]  folio_alloc_noprof+0x1e/0x30
[  154.994880][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  154.997817][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  155.000162][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  155.002407][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  155.004927][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  155.007774][ T5866]  vfs_write+0x54b/0xa90
[  155.009794][ T5866]  ksys_write+0x145/0x250
[  155.011704][ T5866]  do_syscall_64+0xfa/0x3b0
[  155.013694][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.016817][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  155.019607][ T5866]  free_unref_folios+0xdbd/0x1520
[  155.022023][ T5866]  folios_put_refs+0x559/0x640
[  155.024252][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  155.027315][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  155.029443][ T5866]  evict+0x501/0x9c0
[  155.031167][ T5866]  evict_inodes+0x64c/0x6d0
[  155.033197][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  155.035497][ T5866]  kill_block_super+0x44/0x90
[  155.038508][ T5866]  xfs_kill_sb+0x15/0x50
[  155.040822][ T5866]  deactivate_locked_super+0xbc/0x130
[  155.043286][ T5866]  cleanup_mnt+0x425/0x4c0
[  155.045363][ T5866]  task_work_run+0x1d1/0x260
[  155.047995][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  155.050388][ T5866]  do_syscall_64+0x2bd/0x3b0
[  155.052406][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.054868][ T5866] Modules linked in:
[  155.057963][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  155.057980][ T5866] Tainted: [B]=BAD_PAGE
[  155.057983][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.057989][ T5866] Call Trace:
[  155.057994][ T5866]  <TASK>
[  155.057998][ T5866]  dump_stack_lvl+0x189/0x250
[  155.058013][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.058024][ T5866]  ? __pfx_print_modules+0x10/0x10
[  155.058038][ T5866]  ? percpu_ref_put+0x19/0x180
[  155.058051][ T5866]  ? percpu_ref_put+0xf9/0x180
[  155.058061][ T5866]  bad_page+0x180/0x1c0
[  155.058070][ T5866]  free_tail_page_prepare+0x2c3/0x4f0
[  155.058082][ T5866]  __free_frozen_pages+0x7b7/0xd30
[  155.058095][ T5866]  __folio_put+0x21b/0x2c0
[  155.058108][ T5866]  ? __pfx___folio_put+0x10/0x10
[  155.058122][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  155.058137][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  155.058148][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  155.058164][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  155.058173][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  155.058183][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  155.058195][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  155.058210][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  155.058225][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.058238][ T5866]  ? rcu_is_watching+0x15/0xb0
[  155.058248][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.058259][ T5866]  ? rcu_is_watching+0x15/0xb0
[  155.058267][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.058278][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  155.058289][ T5866]  evict+0x501/0x9c0
[  155.058301][ T5866]  ? __pfx_evict+0x10/0x10
[  155.058309][ T5866]  ? rcu_is_watching+0x15/0xb0
[  155.058317][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  155.058328][ T5866]  evict_inodes+0x64c/0x6d0
[  155.058341][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  155.058351][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  155.058363][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  155.058373][ T5866]  kill_block_super+0x44/0x90
[  155.058383][ T5866]  xfs_kill_sb+0x15/0x50
[  155.058393][ T5866]  deactivate_locked_super+0xbc/0x130
[  155.058408][ T5866]  cleanup_mnt+0x425/0x4c0
[  155.058424][ T5866]  task_work_run+0x1d1/0x260
[  155.058438][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  155.058449][ T5866]  ? __x64_sys_umount+0x122/0x160
[  155.058458][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  155.058466][ T5866]  ? rcu_is_watching+0x15/0xb0
[  155.058473][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  155.058485][ T5866]  do_syscall_64+0x2bd/0x3b0
[  155.058495][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.058505][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  155.058516][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.058525][ T5866] RIP: 0033:0x7f7ff658e117
[  155.058534][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  155.058543][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  155.058556][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  155.058562][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  155.058565][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  155.058569][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  155.058574][ T5866] R13: 00007f7ff660e08c R14: 0000000000025c7e R15: 00007ffd5b1f3a50
[  155.058583][ T5866]  </TASK>
[  155.058610][ T5866] BUG: Bad page state in process syz-executor  pfn:54a00
[  155.239557][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54a00
[  155.243843][ T5866] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  155.248663][ T5866] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  155.253551][ T5866] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  155.257636][ T5866] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  155.261304][ T5866] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  155.265205][ T5866] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  155.269652][ T5866] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  155.273370][ T5866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  155.277549][ T5866] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  155.280667][ T5866] page_owner tracks the page as allocated
[  155.283091][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5965, tgid 5964 (syz.0.21), ts 154926359169, free_ts 154467154169
[  155.293840][ T5866]  post_alloc_hook+0x240/0x2a0
[  155.296270][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  155.298674][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  155.301756][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  155.304030][ T5866]  alloc_pages_noprof+0xa9/0x190
[  155.307259][ T5866]  folio_alloc_noprof+0x1e/0x30
[  155.309833][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  155.312382][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  155.314697][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  155.317312][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  155.319732][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  155.321975][ T5866]  vfs_write+0x54b/0xa90
[  155.324025][ T5866]  ksys_write+0x145/0x250
[  155.326810][ T5866]  do_syscall_64+0xfa/0x3b0
[  155.328999][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.332310][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  155.335263][ T5866]  free_unref_folios+0xdbd/0x1520
[  155.338041][ T5866]  folios_put_refs+0x559/0x640
[  155.340238][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  155.342745][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  155.345058][ T5866]  evict+0x501/0x9c0
[  155.348463][ T5866]  evict_inodes+0x64c/0x6d0
[  155.350645][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  155.352943][ T5866]  kill_block_super+0x44/0x90
[  155.354978][ T5866]  xfs_kill_sb+0x15/0x50
[  155.357349][ T5866]  deactivate_locked_super+0xbc/0x130
[  155.359879][ T5866]  cleanup_mnt+0x425/0x4c0
[  155.362157][ T5866]  task_work_run+0x1d1/0x260
[  155.364509][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  155.368447][ T5866]  do_syscall_64+0x2bd/0x3b0
[  155.370606][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.373187][ T5866] Modules linked in:
[  155.374921][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  155.374939][ T5866] Tainted: [B]=BAD_PAGE
[  155.374943][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.374949][ T5866] Call Trace:
[  155.374957][ T5866]  <TASK>
[  155.374962][ T5866]  dump_stack_lvl+0x189/0x250
[  155.374978][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.374989][ T5866]  ? __pfx_print_modules+0x10/0x10
[  155.375003][ T5866]  bad_page+0x180/0x1c0
[  155.375014][ T5866]  __free_frozen_pages+0xce2/0xd30
[  155.375028][ T5866]  __folio_put+0x21b/0x2c0
[  155.375041][ T5866]  ? __pfx___folio_put+0x10/0x10
[  155.375055][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  155.375069][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  155.375080][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  155.375095][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  155.375104][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  155.375115][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  155.375128][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  155.375142][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  155.375158][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.375170][ T5866]  ? rcu_is_watching+0x15/0xb0
[  155.375179][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.375191][ T5866]  ? rcu_is_watching+0x15/0xb0
[  155.375200][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.375210][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  155.375222][ T5866]  evict+0x501/0x9c0
[  155.375233][ T5866]  ? __pfx_evict+0x10/0x10
[  155.375241][ T5866]  ? rcu_is_watching+0x15/0xb0
[  155.375250][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  155.375262][ T5866]  evict_inodes+0x64c/0x6d0
[  155.375274][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  155.375285][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  155.375298][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  155.375309][ T5866]  kill_block_super+0x44/0x90
[  155.375321][ T5866]  xfs_kill_sb+0x15/0x50
[  155.375331][ T5866]  deactivate_locked_super+0xbc/0x130
[  155.375346][ T5866]  cleanup_mnt+0x425/0x4c0
[  155.375361][ T5866]  task_work_run+0x1d1/0x260
[  155.375374][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  155.375385][ T5866]  ? __x64_sys_umount+0x122/0x160
[  155.375395][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  155.375434][ T5866]  ? rcu_is_watching+0x15/0xb0
[  155.375444][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  155.375458][ T5866]  do_syscall_64+0x2bd/0x3b0
[  155.375469][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.375478][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  155.375489][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.375499][ T5866] RIP: 0033:0x7f7ff658e117
[  155.375509][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  155.375517][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  155.375529][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  155.375535][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  155.375541][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  155.375546][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  155.375552][ T5866] R13: 00007f7ff660e08c R14: 0000000000025c7e R15: 00007ffd5b1f3a50
[  155.375565][ T5866]  </TASK>
[  155.525679][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  155.723597][ T5975] loop0: detected capacity change from 0 to 32768
[  155.733244][ T5975] XFS: ikeep mount option is deprecated.
[  155.744923][ T5975] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  155.789035][ T4701] Bluetooth: hci0: command tx timeout
[  155.791475][ T5975] XFS (loop0): Ending clean mount
[  155.803131][ T5975] XFS (loop0): Quotacheck needed: Please wait.
[  155.813461][ T5975] XFS (loop0): Quotacheck: Done.
[  155.833799][ T5866] BUG: Bad page state in process syz-executor  pfn:55001
[  155.837967][ T5866] page does not match folio
[  155.840105][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55001
[  155.844392][ T5866] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  155.849866][ T5866] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  155.853925][ T5866] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  155.858926][ T5866] page dumped because: nonzero pincount
[  155.861434][ T5866] page_owner tracks the page as allocated
[  155.864483][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5975, tgid 5974 (syz.0.22), ts 155819691386, free_ts 155375621347
[  155.875666][ T5866]  post_alloc_hook+0x240/0x2a0
[  155.880620][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  155.883312][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  155.886385][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  155.889030][ T5866]  alloc_pages_noprof+0xa9/0x190
[  155.891526][ T5866]  folio_alloc_noprof+0x1e/0x30
[  155.893856][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  155.896894][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  155.899026][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  155.901266][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  155.903678][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  155.906491][ T5866]  vfs_write+0x54b/0xa90
[  155.908363][ T5866]  ksys_write+0x145/0x250
[  155.910246][ T5866]  do_syscall_64+0xfa/0x3b0
[  155.912392][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.916489][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  155.919485][ T5866]  free_unref_folios+0xdbd/0x1520
[  155.921667][ T5866]  folios_put_refs+0x559/0x640
[  155.923742][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  155.926669][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  155.928890][ T5866]  evict+0x501/0x9c0
[  155.930627][ T5866]  evict_inodes+0x64c/0x6d0
[  155.932596][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  155.934957][ T5866]  kill_block_super+0x44/0x90
[  155.938265][ T5866]  xfs_kill_sb+0x15/0x50
[  155.940657][ T5866]  deactivate_locked_super+0xbc/0x130
[  155.943148][ T5866]  cleanup_mnt+0x425/0x4c0
[  155.945138][ T5866]  task_work_run+0x1d1/0x260
[  155.948133][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  155.950874][ T5866]  do_syscall_64+0x2bd/0x3b0
[  155.953088][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.957059][ T5866] Modules linked in:
[  155.958851][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  155.958871][ T5866] Tainted: [B]=BAD_PAGE
[  155.958874][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.958880][ T5866] Call Trace:
[  155.958886][ T5866]  <TASK>
[  155.958890][ T5866]  dump_stack_lvl+0x189/0x250
[  155.958907][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.958918][ T5866]  ? __pfx_print_modules+0x10/0x10
[  155.958932][ T5866]  ? percpu_ref_put+0x19/0x180
[  155.958950][ T5866]  ? percpu_ref_put+0xf9/0x180
[  155.958961][ T5866]  bad_page+0x180/0x1c0
[  155.958970][ T5866]  free_tail_page_prepare+0x2c3/0x4f0
[  155.958983][ T5866]  __free_frozen_pages+0x7b7/0xd30
[  155.958996][ T5866]  __folio_put+0x21b/0x2c0
[  155.959010][ T5866]  ? __pfx___folio_put+0x10/0x10
[  155.959024][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  155.959039][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  155.959050][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  155.959065][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  155.959076][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  155.959087][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  155.959100][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  155.959115][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  155.959130][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.959142][ T5866]  ? rcu_is_watching+0x15/0xb0
[  155.959150][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.959162][ T5866]  ? rcu_is_watching+0x15/0xb0
[  155.959172][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.959181][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  155.959192][ T5866]  evict+0x501/0x9c0
[  155.959204][ T5866]  ? __pfx_evict+0x10/0x10
[  155.959212][ T5866]  ? rcu_is_watching+0x15/0xb0
[  155.959222][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  155.959235][ T5866]  evict_inodes+0x64c/0x6d0
[  155.959247][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  155.959257][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  155.959267][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  155.959273][ T5866]  kill_block_super+0x44/0x90
[  155.959280][ T5866]  xfs_kill_sb+0x15/0x50
[  155.959287][ T5866]  deactivate_locked_super+0xbc/0x130
[  155.959298][ T5866]  cleanup_mnt+0x425/0x4c0
[  155.959312][ T5866]  task_work_run+0x1d1/0x260
[  155.959325][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  155.959335][ T5866]  ? __x64_sys_umount+0x122/0x160
[  155.959345][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  155.959356][ T5866]  ? rcu_is_watching+0x15/0xb0
[  155.959365][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  155.959377][ T5866]  do_syscall_64+0x2bd/0x3b0
[  155.959387][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.959396][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  155.959439][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.959447][ T5866] RIP: 0033:0x7f7ff658e117
[  155.959458][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  155.959467][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  155.959478][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  155.959484][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  155.959490][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  155.959495][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  155.959502][ T5866] R13: 00007f7ff660e08c R14: 0000000000025fff R15: 00007ffd5b1f3a50
[  155.959511][ T5866]  </TASK>
[  155.959538][ T5866] BUG: Bad page state in process syz-executor  pfn:55000
[  156.130508][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55000
[  156.134375][ T5866] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  156.138371][ T5866] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  156.142660][ T5866] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  156.147740][ T5866] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  156.152566][ T5866] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  156.156727][ T5866] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  156.160551][ T5866] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  156.164254][ T5866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  156.168485][ T5866] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  156.172361][ T5866] page_owner tracks the page as allocated
[  156.175256][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5975, tgid 5974 (syz.0.22), ts 155819691386, free_ts 155375621347
[  156.185591][ T5866]  post_alloc_hook+0x240/0x2a0
[  156.188124][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  156.190519][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  156.193083][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  156.195253][ T5866]  alloc_pages_noprof+0xa9/0x190
[  156.198058][ T5866]  folio_alloc_noprof+0x1e/0x30
[  156.200279][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  156.202739][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  156.205022][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  156.207944][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  156.210788][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  156.213283][ T5866]  vfs_write+0x54b/0xa90
[  156.215184][ T5866]  ksys_write+0x145/0x250
[  156.217548][ T5866]  do_syscall_64+0xfa/0x3b0
[  156.219664][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.222965][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  156.225797][ T5866]  free_unref_folios+0xdbd/0x1520
[  156.228730][ T5866]  folios_put_refs+0x559/0x640
[  156.230957][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  156.233623][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  156.237291][ T5866]  evict+0x501/0x9c0
[  156.239043][ T5866]  evict_inodes+0x64c/0x6d0
[  156.241034][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  156.243301][ T5866]  kill_block_super+0x44/0x90
[  156.245364][ T5866]  xfs_kill_sb+0x15/0x50
[  156.247837][ T5866]  deactivate_locked_super+0xbc/0x130
[  156.250251][ T5866]  cleanup_mnt+0x425/0x4c0
[  156.252515][ T5866]  task_work_run+0x1d1/0x260
[  156.255080][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  156.257820][ T5866]  do_syscall_64+0x2bd/0x3b0
[  156.259788][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.262525][ T5866] Modules linked in:
[  156.264490][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  156.264509][ T5866] Tainted: [B]=BAD_PAGE
[  156.264513][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.264520][ T5866] Call Trace:
[  156.264528][ T5866]  <TASK>
[  156.264534][ T5866]  dump_stack_lvl+0x189/0x250
[  156.264551][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.264564][ T5866]  ? __pfx_print_modules+0x10/0x10
[  156.264583][ T5866]  bad_page+0x180/0x1c0
[  156.264603][ T5866]  __free_frozen_pages+0xce2/0xd30
[  156.264618][ T5866]  __folio_put+0x21b/0x2c0
[  156.264634][ T5866]  ? __pfx___folio_put+0x10/0x10
[  156.264649][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  156.264664][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  156.264677][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  156.264695][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  156.264705][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  156.264717][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  156.264733][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  156.264749][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  156.264770][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  156.264784][ T5866]  ? rcu_is_watching+0x15/0xb0
[  156.264794][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  156.264809][ T5866]  ? rcu_is_watching+0x15/0xb0
[  156.264820][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  156.264833][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  156.264846][ T5866]  evict+0x501/0x9c0
[  156.264858][ T5866]  ? __pfx_evict+0x10/0x10
[  156.264868][ T5866]  ? rcu_is_watching+0x15/0xb0
[  156.264879][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  156.264892][ T5866]  evict_inodes+0x64c/0x6d0
[  156.264906][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  156.264919][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  156.264933][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  156.264944][ T5866]  kill_block_super+0x44/0x90
[  156.264957][ T5866]  xfs_kill_sb+0x15/0x50
[  156.264967][ T5866]  deactivate_locked_super+0xbc/0x130
[  156.264984][ T5866]  cleanup_mnt+0x425/0x4c0
[  156.265001][ T5866]  task_work_run+0x1d1/0x260
[  156.265017][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  156.265030][ T5866]  ? __x64_sys_umount+0x122/0x160
[  156.265042][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  156.265053][ T5866]  ? rcu_is_watching+0x15/0xb0
[  156.265062][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  156.265073][ T5866]  do_syscall_64+0x2bd/0x3b0
[  156.265085][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.265095][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  156.265107][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.265117][ T5866] RIP: 0033:0x7f7ff658e117
[  156.265146][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  156.265155][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  156.265169][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  156.265176][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  156.265182][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  156.265188][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  156.265195][ T5866] R13: 00007f7ff660e08c R14: 0000000000025fff R15: 00007ffd5b1f3a50
[  156.265206][ T5866]  </TASK>
[  156.265646][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  156.639054][ T5985] loop0: detected capacity change from 0 to 32768
[  156.646851][ T5985] XFS: ikeep mount option is deprecated.
[  156.657395][ T5985] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  156.683644][ T5985] XFS (loop0): Ending clean mount
[  156.687727][ T5985] XFS (loop0): Quotacheck needed: Please wait.
[  156.701273][ T5985] XFS (loop0): Quotacheck: Done.
[  156.730210][ T5866] BUG: Bad page state in process syz-executor  pfn:53601
[  156.733968][ T5866] page does not match folio
[  156.736933][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x53601
[  156.741711][ T5866] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  156.745198][ T5866] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  156.751220][ T5866] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  156.754975][ T5866] page dumped because: nonzero pincount
[  156.758257][ T5866] page_owner tracks the page as allocated
[  156.761032][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5985, tgid 5984 (syz.0.23), ts 156712652910, free_ts 156265271769
[  156.772086][ T5866]  post_alloc_hook+0x240/0x2a0
[  156.774433][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  156.780645][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  156.783289][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  156.785580][ T5866]  alloc_pages_noprof+0xa9/0x190
[  156.788508][ T5866]  folio_alloc_noprof+0x1e/0x30
[  156.790894][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  156.793642][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  156.796396][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  156.798683][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  156.801293][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  156.803661][ T5866]  vfs_write+0x54b/0xa90
[  156.805536][ T5866]  ksys_write+0x145/0x250
[  156.808100][ T5866]  do_syscall_64+0xfa/0x3b0
[  156.810174][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.813053][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  156.816928][ T5866]  free_unref_folios+0xdbd/0x1520
[  156.819258][ T5866]  folios_put_refs+0x559/0x640
[  156.821437][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  156.824047][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  156.826823][ T5866]  evict+0x501/0x9c0
[  156.828649][ T5866]  evict_inodes+0x64c/0x6d0
[  156.830805][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  156.833183][ T5866]  kill_block_super+0x44/0x90
[  156.836980][ T5866]  xfs_kill_sb+0x15/0x50
[  156.839503][ T5866]  deactivate_locked_super+0xbc/0x130
[  156.841800][ T5866]  cleanup_mnt+0x425/0x4c0
[  156.843726][ T5866]  task_work_run+0x1d1/0x260
[  156.845681][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  156.848520][ T5866]  do_syscall_64+0x2bd/0x3b0
[  156.850777][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.853536][ T5866] Modules linked in:
[  156.855426][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  156.855447][ T5866] Tainted: [B]=BAD_PAGE
[  156.855451][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.855458][ T5866] Call Trace:
[  156.855466][ T5866]  <TASK>
[  156.855472][ T5866]  dump_stack_lvl+0x189/0x250
[  156.855490][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.855501][ T5866]  ? __pfx_print_modules+0x10/0x10
[  156.855515][ T5866]  ? percpu_ref_put+0x19/0x180
[  156.855528][ T5866]  ? percpu_ref_put+0xf9/0x180
[  156.855539][ T5866]  bad_page+0x180/0x1c0
[  156.855549][ T5866]  free_tail_page_prepare+0x2c3/0x4f0
[  156.855562][ T5866]  __free_frozen_pages+0x7b7/0xd30
[  156.855576][ T5866]  __folio_put+0x21b/0x2c0
[  156.855590][ T5866]  ? __pfx___folio_put+0x10/0x10
[  156.855605][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  156.855618][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  156.855630][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  156.855646][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  156.855656][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  156.855667][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  156.855680][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  156.855695][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  156.855712][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  156.855724][ T5866]  ? rcu_is_watching+0x15/0xb0
[  156.855734][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  156.855746][ T5866]  ? rcu_is_watching+0x15/0xb0
[  156.855758][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  156.855769][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  156.855780][ T5866]  evict+0x501/0x9c0
[  156.855791][ T5866]  ? __pfx_evict+0x10/0x10
[  156.855799][ T5866]  ? rcu_is_watching+0x15/0xb0
[  156.855808][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  156.855820][ T5866]  evict_inodes+0x64c/0x6d0
[  156.855832][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  156.855873][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  156.855889][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  156.855899][ T5866]  kill_block_super+0x44/0x90
[  156.855909][ T5866]  xfs_kill_sb+0x15/0x50
[  156.855920][ T5866]  deactivate_locked_super+0xbc/0x130
[  156.855935][ T5866]  cleanup_mnt+0x425/0x4c0
[  156.855950][ T5866]  task_work_run+0x1d1/0x260
[  156.855963][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  156.855974][ T5866]  ? __x64_sys_umount+0x122/0x160
[  156.855984][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  156.855994][ T5866]  ? rcu_is_watching+0x15/0xb0
[  156.856002][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  156.856015][ T5866]  do_syscall_64+0x2bd/0x3b0
[  156.856027][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.856036][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  156.856047][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.856057][ T5866] RIP: 0033:0x7f7ff658e117
[  156.856068][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  156.856076][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  156.856087][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  156.856094][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  156.856099][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  156.856105][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  156.856111][ T5866] R13: 00007f7ff660e08c R14: 0000000000026380 R15: 00007ffd5b1f3a50
[  156.856121][ T5866]  </TASK>
[  157.016029][ T5866] BUG: Bad page state in process syz-executor  pfn:53600
[  157.019130][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53600
[  157.023029][ T5866] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  157.027340][ T5866] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  157.031818][ T5866] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  157.036204][ T5866] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  157.040643][ T5866] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  157.044237][ T5866] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  157.048821][ T5866] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  157.053135][ T5866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  157.057532][ T5866] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  157.061017][ T5866] page_owner tracks the page as allocated
[  157.063428][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5985, tgid 5984 (syz.0.23), ts 156712652910, free_ts 156265271769
[  157.074083][ T5866]  post_alloc_hook+0x240/0x2a0
[  157.076412][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  157.078800][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  157.081401][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  157.083502][ T5866]  alloc_pages_noprof+0xa9/0x190
[  157.085776][ T5866]  folio_alloc_noprof+0x1e/0x30
[  157.088737][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  157.091211][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  157.093412][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  157.095583][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  157.098477][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  157.100885][ T5866]  vfs_write+0x54b/0xa90
[  157.102743][ T5866]  ksys_write+0x145/0x250
[  157.104763][ T5866]  do_syscall_64+0xfa/0x3b0
[  157.107471][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.110220][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  157.112952][ T5866]  free_unref_folios+0xdbd/0x1520
[  157.115116][ T5866]  folios_put_refs+0x559/0x640
[  157.118565][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  157.121223][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  157.123636][ T5866]  evict+0x501/0x9c0
[  157.125623][ T5866]  evict_inodes+0x64c/0x6d0
[  157.128583][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  157.130846][ T5866]  kill_block_super+0x44/0x90
[  157.133165][ T5866]  xfs_kill_sb+0x15/0x50
[  157.135065][ T5866]  deactivate_locked_super+0xbc/0x130
[  157.137887][ T5866]  cleanup_mnt+0x425/0x4c0
[  157.139955][ T5866]  task_work_run+0x1d1/0x260
[  157.141974][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  157.144742][ T5866]  do_syscall_64+0x2bd/0x3b0
[  157.147376][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.149950][ T5866] Modules linked in:
[  157.151753][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  157.151773][ T5866] Tainted: [B]=BAD_PAGE
[  157.151776][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.151783][ T5866] Call Trace:
[  157.151789][ T5866]  <TASK>
[  157.151793][ T5866]  dump_stack_lvl+0x189/0x250
[  157.151809][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.151821][ T5866]  ? __pfx_print_modules+0x10/0x10
[  157.151836][ T5866]  bad_page+0x180/0x1c0
[  157.151846][ T5866]  __free_frozen_pages+0xce2/0xd30
[  157.151859][ T5866]  __folio_put+0x21b/0x2c0
[  157.151873][ T5866]  ? __pfx___folio_put+0x10/0x10
[  157.151887][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  157.151900][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  157.151911][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  157.151957][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  157.151967][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  157.151979][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  157.151992][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  157.152005][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  157.152020][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  157.152032][ T5866]  ? rcu_is_watching+0x15/0xb0
[  157.152041][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  157.152053][ T5866]  ? rcu_is_watching+0x15/0xb0
[  157.152062][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  157.152072][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  157.152084][ T5866]  evict+0x501/0x9c0
[  157.152095][ T5866]  ? __pfx_evict+0x10/0x10
[  157.152103][ T5866]  ? rcu_is_watching+0x15/0xb0
[  157.152122][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  157.152134][ T5866]  evict_inodes+0x64c/0x6d0
[  157.152147][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  157.152158][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  157.152170][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  157.152180][ T5866]  kill_block_super+0x44/0x90
[  157.152191][ T5866]  xfs_kill_sb+0x15/0x50
[  157.152200][ T5866]  deactivate_locked_super+0xbc/0x130
[  157.152216][ T5866]  cleanup_mnt+0x425/0x4c0
[  157.152231][ T5866]  task_work_run+0x1d1/0x260
[  157.152244][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  157.152257][ T5866]  ? __x64_sys_umount+0x122/0x160
[  157.152267][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  157.152277][ T5866]  ? rcu_is_watching+0x15/0xb0
[  157.152286][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  157.152299][ T5866]  do_syscall_64+0x2bd/0x3b0
[  157.152309][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.152319][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  157.152329][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.152339][ T5866] RIP: 0033:0x7f7ff658e117
[  157.152349][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  157.152358][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  157.152370][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  157.152377][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  157.152382][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  157.152389][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  157.152397][ T5866] R13: 00007f7ff660e08c R14: 0000000000026380 R15: 00007ffd5b1f3a50
[  157.152407][ T5866]  </TASK>
[  157.152818][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.511640][ T5995] loop0: detected capacity change from 0 to 32768
[  157.521331][ T5995] XFS: ikeep mount option is deprecated.
[  157.531441][ T5995] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.580194][ T5995] XFS (loop0): Ending clean mount
[  157.587013][ T5995] XFS (loop0): Quotacheck needed: Please wait.
[  157.596736][ T5995] XFS (loop0): Quotacheck: Done.
[  157.616733][ T5866] BUG: Bad page state in process syz-executor  pfn:53001
[  157.619936][ T5866] page does not match folio
[  157.621964][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x53001
[  157.628858][ T5866] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  157.632191][ T5866] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  157.637337][ T5866] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  157.640968][ T5866] page dumped because: nonzero pincount
[  157.643463][ T5866] page_owner tracks the page as allocated
[  157.646537][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5995, tgid 5994 (syz.0.24), ts 157603131719, free_ts 150185223740
[  157.660111][ T5866]  post_alloc_hook+0x240/0x2a0
[  157.662228][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  157.664602][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  157.667617][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  157.669892][ T5866]  alloc_pages_noprof+0xa9/0x190
[  157.672536][ T5866]  folio_alloc_noprof+0x1e/0x30
[  157.675104][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  157.678335][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  157.680768][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  157.683066][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  157.685629][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  157.688553][ T5866]  vfs_write+0x54b/0xa90
[  157.690570][ T5866]  ksys_write+0x145/0x250
[  157.692514][ T5866]  do_syscall_64+0xfa/0x3b0
[  157.694560][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.697871][ T5866] page last free pid 78 tgid 78 stack trace:
[  157.700560][ T5866]  free_unref_folios+0xdbd/0x1520
[  157.703148][ T5866]  shrink_folio_list+0x2977/0x4cd0
[  157.706421][ T5866]  evict_folios+0x47f2/0x58b0
[  157.708601][ T5866]  try_to_shrink_lruvec+0x8a3/0xb50
[  157.711008][ T5866]  shrink_one+0x21b/0x7c0
[  157.713285][ T5866]  shrink_node+0x314e/0x3760
[  157.715478][ T5866]  kswapd+0x147c/0x2830
[  157.718368][ T5866]  kthread+0x711/0x8a0
[  157.720561][ T5866]  ret_from_fork+0x3f9/0x770
[  157.722644][ T5866]  ret_from_fork_asm+0x1a/0x30
[  157.724925][ T5866] Modules linked in:
[  157.727771][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  157.727791][ T5866] Tainted: [B]=BAD_PAGE
[  157.727795][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.727803][ T5866] Call Trace:
[  157.727808][ T5866]  <TASK>
[  157.727812][ T5866]  dump_stack_lvl+0x189/0x250
[  157.727830][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.727843][ T5866]  ? __pfx_print_modules+0x10/0x10
[  157.727860][ T5866]  ? percpu_ref_put+0x19/0x180
[  157.727875][ T5866]  ? percpu_ref_put+0xf9/0x180
[  157.727888][ T5866]  bad_page+0x180/0x1c0
[  157.727907][ T5866]  free_tail_page_prepare+0x2c3/0x4f0
[  157.727922][ T5866]  __free_frozen_pages+0x7b7/0xd30
[  157.727938][ T5866]  __folio_put+0x21b/0x2c0
[  157.727954][ T5866]  ? __pfx___folio_put+0x10/0x10
[  157.727972][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  157.727990][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  157.728005][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  157.728024][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  157.728037][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  157.728051][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  157.728068][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  157.728086][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  157.728108][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  157.728123][ T5866]  ? rcu_is_watching+0x15/0xb0
[  157.728134][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  157.728149][ T5866]  ? rcu_is_watching+0x15/0xb0
[  157.728161][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  157.728175][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  157.728190][ T5866]  evict+0x501/0x9c0
[  157.728203][ T5866]  ? __pfx_evict+0x10/0x10
[  157.728214][ T5866]  ? rcu_is_watching+0x15/0xb0
[  157.728226][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  157.728241][ T5866]  evict_inodes+0x64c/0x6d0
[  157.728257][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  157.728271][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  157.728287][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  157.728299][ T5866]  kill_block_super+0x44/0x90
[  157.728313][ T5866]  xfs_kill_sb+0x15/0x50
[  157.728325][ T5866]  deactivate_locked_super+0xbc/0x130
[  157.728343][ T5866]  cleanup_mnt+0x425/0x4c0
[  157.728361][ T5866]  task_work_run+0x1d1/0x260
[  157.728376][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  157.728386][ T5866]  ? __x64_sys_umount+0x122/0x160
[  157.728396][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  157.728406][ T5866]  ? rcu_is_watching+0x15/0xb0
[  157.728414][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  157.728427][ T5866]  do_syscall_64+0x2bd/0x3b0
[  157.728437][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.728447][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  157.728457][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.728466][ T5866] RIP: 0033:0x7f7ff658e117
[  157.728476][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  157.728485][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  157.728498][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  157.728505][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  157.728510][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  157.728517][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  157.728524][ T5866] R13: 00007f7ff660e08c R14: 00000000000266fb R15: 00007ffd5b1f3a50
[  157.728536][ T5866]  </TASK>
[  157.728564][ T5866] BUG: Bad page state in process syz-executor  pfn:53000
[  157.898868][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53000
[  157.903097][ T5866] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  157.907925][ T5866] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  157.912595][ T5866] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  157.917020][ T5866] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  157.921518][ T5866] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  157.928227][ T5866] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  157.933193][ T5866] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  157.937504][ T5866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  157.942145][ T5866] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  157.946943][ T5866] page_owner tracks the page as allocated
[  157.949726][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5995, tgid 5994 (syz.0.24), ts 157603131719, free_ts 150185215914
[  157.962266][ T5866]  post_alloc_hook+0x240/0x2a0
[  157.964682][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  157.968053][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  157.972252][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  157.974971][ T5866]  alloc_pages_noprof+0xa9/0x190
[  157.977658][ T5866]  folio_alloc_noprof+0x1e/0x30
[  157.979894][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  157.982403][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  157.984717][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  157.987774][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  157.990678][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  157.993347][ T5866]  vfs_write+0x54b/0xa90
[  157.995354][ T5866]  ksys_write+0x145/0x250
[  157.997822][ T5866]  do_syscall_64+0xfa/0x3b0
[  157.999867][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.002465][ T5866] page last free pid 78 tgid 78 stack trace:
[  158.005153][ T5866]  free_unref_folios+0xdbd/0x1520
[  158.008749][ T5866]  shrink_folio_list+0x2977/0x4cd0
[  158.011536][ T5866]  evict_folios+0x47f2/0x58b0
[  158.013766][ T5866]  try_to_shrink_lruvec+0x8a3/0xb50
[  158.016363][ T5866]  shrink_one+0x21b/0x7c0
[  158.018209][ T5866]  shrink_node+0x314e/0x3760
[  158.020415][ T5866]  kswapd+0x147c/0x2830
[  158.022469][ T5866]  kthread+0x711/0x8a0
[  158.024315][ T5866]  ret_from_fork+0x3f9/0x770
[  158.027372][ T5866]  ret_from_fork_asm+0x1a/0x30
[  158.029748][ T5866] Modules linked in:
[  158.031656][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  158.031675][ T5866] Tainted: [B]=BAD_PAGE
[  158.031679][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.031687][ T5866] Call Trace:
[  158.031694][ T5866]  <TASK>
[  158.031699][ T5866]  dump_stack_lvl+0x189/0x250
[  158.031717][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.031729][ T5866]  ? __pfx_print_modules+0x10/0x10
[  158.031747][ T5866]  bad_page+0x180/0x1c0
[  158.031758][ T5866]  __free_frozen_pages+0xce2/0xd30
[  158.031772][ T5866]  __folio_put+0x21b/0x2c0
[  158.031786][ T5866]  ? __pfx___folio_put+0x10/0x10
[  158.031801][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  158.031818][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  158.031831][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  158.031854][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  158.031865][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  158.031877][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  158.031893][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  158.031907][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  158.031925][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.031938][ T5866]  ? rcu_is_watching+0x15/0xb0
[  158.031948][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.031960][ T5866]  ? rcu_is_watching+0x15/0xb0
[  158.031971][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.031984][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  158.031997][ T5866]  evict+0x501/0x9c0
[  158.032008][ T5866]  ? __pfx_evict+0x10/0x10
[  158.032018][ T5866]  ? rcu_is_watching+0x15/0xb0
[  158.032028][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  158.032042][ T5866]  evict_inodes+0x64c/0x6d0
[  158.032056][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  158.032068][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  158.032083][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  158.032094][ T5866]  kill_block_super+0x44/0x90
[  158.032107][ T5866]  xfs_kill_sb+0x15/0x50
[  158.032118][ T5866]  deactivate_locked_super+0xbc/0x130
[  158.032135][ T5866]  cleanup_mnt+0x425/0x4c0
[  158.032152][ T5866]  task_work_run+0x1d1/0x260
[  158.032166][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  158.032180][ T5866]  ? __x64_sys_umount+0x122/0x160
[  158.032192][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  158.032202][ T5866]  ? rcu_is_watching+0x15/0xb0
[  158.032212][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  158.032228][ T5866]  do_syscall_64+0x2bd/0x3b0
[  158.032240][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.032250][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  158.032262][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.032273][ T5866] RIP: 0033:0x7f7ff658e117
[  158.032285][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  158.032295][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  158.032307][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  158.032315][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  158.032323][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  158.032330][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  158.032337][ T5866] R13: 00007f7ff660e08c R14: 00000000000266fb R15: 00007ffd5b1f3a50
[  158.032348][ T5866]  </TASK>
[  158.032795][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.379332][ T6005] loop0: detected capacity change from 0 to 32768
[  158.388169][ T6005] XFS: ikeep mount option is deprecated.
[  158.399454][ T6005] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.436988][ T6005] XFS (loop0): Ending clean mount
[  158.440473][ T6005] XFS (loop0): Quotacheck needed: Please wait.
[  158.448501][ T6005] XFS (loop0): Quotacheck: Done.
[  158.470038][ T5866] BUG: Bad page state in process syz-executor  pfn:53201
[  158.473055][ T5866] page does not match folio
[  158.475409][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x53201
[  158.480888][ T5866] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  158.484032][ T5866] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  158.488506][ T5866] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  158.492272][ T5866] page dumped because: nonzero pincount
[  158.494687][ T5866] page_owner tracks the page as allocated
[  158.498291][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6005, tgid 6004 (syz.0.25), ts 158454471615, free_ts 158032397098
[  158.508588][ T5866]  post_alloc_hook+0x240/0x2a0
[  158.510778][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  158.513164][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  158.515637][ T5866]  alloc_pages_mpol+0x232/0x4a0
2025/08/02 21:37:42 executed programs: 12
[  158.521308][ T5866]  alloc_pages_noprof+0xa9/0x190
[  158.523410][ T5866]  folio_alloc_noprof+0x1e/0x30
[  158.525454][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  158.528189][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  158.530537][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  158.532805][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  158.535159][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  158.538192][ T5866]  vfs_write+0x54b/0xa90
[  158.540076][ T5866]  ksys_write+0x145/0x250
[  158.541843][ T5866]  do_syscall_64+0xfa/0x3b0
[  158.543756][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.546731][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  158.549444][ T5866]  free_unref_folios+0xdbd/0x1520
[  158.551781][ T5866]  folios_put_refs+0x559/0x640
[  158.553967][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  158.557141][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  158.559447][ T5866]  evict+0x501/0x9c0
[  158.561169][ T5866]  evict_inodes+0x64c/0x6d0
[  158.563213][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  158.565467][ T5866]  kill_block_super+0x44/0x90
[  158.568117][ T5866]  xfs_kill_sb+0x15/0x50
[  158.570381][ T5866]  deactivate_locked_super+0xbc/0x130
[  158.572833][ T5866]  cleanup_mnt+0x425/0x4c0
[  158.574745][ T5866]  task_work_run+0x1d1/0x260
[  158.577853][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  158.580236][ T5866]  do_syscall_64+0x2bd/0x3b0
[  158.582371][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.585085][ T5866] Modules linked in:
[  158.587472][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  158.587490][ T5866] Tainted: [B]=BAD_PAGE
[  158.587494][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.587501][ T5866] Call Trace:
[  158.587505][ T5866]  <TASK>
[  158.587510][ T5866]  dump_stack_lvl+0x189/0x250
[  158.587527][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.587538][ T5866]  ? __pfx_print_modules+0x10/0x10
[  158.587553][ T5866]  ? percpu_ref_put+0x19/0x180
[  158.587566][ T5866]  ? percpu_ref_put+0xf9/0x180
[  158.587586][ T5866]  bad_page+0x180/0x1c0
[  158.587595][ T5866]  free_tail_page_prepare+0x2c3/0x4f0
[  158.587604][ T5866]  __free_frozen_pages+0x7b7/0xd30
[  158.587613][ T5866]  __folio_put+0x21b/0x2c0
[  158.587627][ T5866]  ? __pfx___folio_put+0x10/0x10
[  158.587640][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  158.587654][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  158.587666][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  158.587682][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  158.587692][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  158.587704][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  158.587718][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  158.587732][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  158.587748][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.587760][ T5866]  ? rcu_is_watching+0x15/0xb0
[  158.587770][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.587781][ T5866]  ? rcu_is_watching+0x15/0xb0
[  158.587791][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.587801][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  158.587814][ T5866]  evict+0x501/0x9c0
[  158.587825][ T5866]  ? __pfx_evict+0x10/0x10
[  158.587840][ T5866]  ? rcu_is_watching+0x15/0xb0
[  158.587849][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  158.587862][ T5866]  evict_inodes+0x64c/0x6d0
[  158.587874][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  158.587885][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  158.587897][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  158.587907][ T5866]  kill_block_super+0x44/0x90
[  158.587918][ T5866]  xfs_kill_sb+0x15/0x50
[  158.587929][ T5866]  deactivate_locked_super+0xbc/0x130
[  158.587944][ T5866]  cleanup_mnt+0x425/0x4c0
[  158.587959][ T5866]  task_work_run+0x1d1/0x260
[  158.587972][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  158.587982][ T5866]  ? __x64_sys_umount+0x122/0x160
[  158.587991][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  158.588002][ T5866]  ? rcu_is_watching+0x15/0xb0
[  158.588011][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  158.588025][ T5866]  do_syscall_64+0x2bd/0x3b0
[  158.588036][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.588046][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  158.588056][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.588065][ T5866] RIP: 0033:0x7f7ff658e117
[  158.588074][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  158.588083][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  158.588094][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  158.588101][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  158.588107][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  158.588112][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  158.588118][ T5866] R13: 00007f7ff660e08c R14: 0000000000026a4e R15: 00007ffd5b1f3a50
[  158.588127][ T5866]  </TASK>
[  158.588160][ T5866] BUG: Bad page state in process syz-executor  pfn:53200
[  158.749465][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53200
[  158.753819][ T5866] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  158.758325][ T5866] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  158.762769][ T5866] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  158.767210][ T5866] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  158.770995][ T5866] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  158.774986][ T5866] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  158.779171][ T5866] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  158.783933][ T5866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  158.788359][ T5866] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  158.791785][ T5866] page_owner tracks the page as allocated
[  158.794496][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6005, tgid 6004 (syz.0.25), ts 158454471615, free_ts 158032397098
[  158.805549][ T5866]  post_alloc_hook+0x240/0x2a0
[  158.808253][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  158.811008][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  158.814217][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  158.817184][ T5866]  alloc_pages_noprof+0xa9/0x190
[  158.819243][ T5866]  folio_alloc_noprof+0x1e/0x30
[  158.821541][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  158.823988][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  158.826973][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  158.829269][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  158.831821][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  158.834292][ T5866]  vfs_write+0x54b/0xa90
[  158.836716][ T5866]  ksys_write+0x145/0x250
[  158.838757][ T5866]  do_syscall_64+0xfa/0x3b0
[  158.841079][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.843924][ T5866] page last free pid 5866 tgid 5866 stack trace:
[  158.847553][ T5866]  free_unref_folios+0xdbd/0x1520
[  158.849805][ T5866]  folios_put_refs+0x559/0x640
[  158.852007][ T5866]  truncate_inode_pages_range+0x346/0xda0
[  158.854699][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  158.858626][ T5866]  evict+0x501/0x9c0
[  158.860807][ T5866]  evict_inodes+0x64c/0x6d0
[  158.862825][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  158.865145][ T5866]  kill_block_super+0x44/0x90
[  158.867939][ T5866]  xfs_kill_sb+0x15/0x50
[  158.869881][ T5866]  deactivate_locked_super+0xbc/0x130
[  158.872412][ T5866]  cleanup_mnt+0x425/0x4c0
[  158.874458][ T5866]  task_work_run+0x1d1/0x260
[  158.877143][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  158.880008][ T5866]  do_syscall_64+0x2bd/0x3b0
[  158.882406][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.886963][ T5866] Modules linked in:
[  158.888929][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  158.888949][ T5866] Tainted: [B]=BAD_PAGE
[  158.888953][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.888961][ T5866] Call Trace:
[  158.888968][ T5866]  <TASK>
[  158.888973][ T5866]  dump_stack_lvl+0x189/0x250
[  158.888991][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.889003][ T5866]  ? __pfx_print_modules+0x10/0x10
[  158.889021][ T5866]  bad_page+0x180/0x1c0
[  158.889031][ T5866]  __free_frozen_pages+0xce2/0xd30
[  158.889046][ T5866]  __folio_put+0x21b/0x2c0
[  158.889062][ T5866]  ? __pfx___folio_put+0x10/0x10
[  158.889076][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  158.889091][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  158.889104][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  158.889124][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  158.889134][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  158.889146][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  158.889161][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  158.889176][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  158.889195][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.889208][ T5866]  ? rcu_is_watching+0x15/0xb0
[  158.889220][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.889230][ T5866]  ? rcu_is_watching+0x15/0xb0
[  158.889241][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.889253][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  158.889265][ T5866]  evict+0x501/0x9c0
[  158.889277][ T5866]  ? __pfx_evict+0x10/0x10
[  158.889287][ T5866]  ? rcu_is_watching+0x15/0xb0
[  158.889298][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  158.889312][ T5866]  evict_inodes+0x64c/0x6d0
[  158.889326][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  158.889336][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  158.889351][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  158.889362][ T5866]  kill_block_super+0x44/0x90
[  158.889375][ T5866]  xfs_kill_sb+0x15/0x50
[  158.889385][ T5866]  deactivate_locked_super+0xbc/0x130
[  158.889401][ T5866]  cleanup_mnt+0x425/0x4c0
[  158.889418][ T5866]  task_work_run+0x1d1/0x260
[  158.889432][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  158.889442][ T5866]  ? __x64_sys_umount+0x122/0x160
[  158.889456][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  158.889465][ T5866]  ? rcu_is_watching+0x15/0xb0
[  158.889475][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  158.889489][ T5866]  do_syscall_64+0x2bd/0x3b0
[  158.889499][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.889510][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  158.889521][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.889531][ T5866] RIP: 0033:0x7f7ff658e117
[  158.889543][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  158.889553][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  158.889567][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  158.889573][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  158.889579][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  158.889585][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  158.889599][ T5866] R13: 00007f7ff660e08c R14: 0000000000026a4e R15: 00007ffd5b1f3a50
[  158.889612][ T5866]  </TASK>
[  158.890025][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  159.250262][ T6015] loop0: detected capacity change from 0 to 32768
[  159.260824][ T6015] XFS: ikeep mount option is deprecated.
[  159.272023][ T6015] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  159.303246][ T6015] XFS (loop0): Ending clean mount
[  159.308903][ T6015] XFS (loop0): Quotacheck needed: Please wait.
[  159.319007][ T6015] XFS (loop0): Quotacheck: Done.
[  159.339960][ T5866] BUG: Bad page state in process syz-executor  pfn:4a801
[  159.343126][ T5866] page does not match folio
[  159.345174][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x4a801
[  159.351633][ T5866] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  159.354962][ T5866] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  159.359571][ T5866] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  159.363173][ T5866] page dumped because: nonzero pincount
[  159.365555][ T5866] page_owner tracks the page as allocated
[  159.368765][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6015, tgid 6014 (syz.0.26), ts 159326491548, free_ts 136364551933
[  159.380120][ T5866]  post_alloc_hook+0x240/0x2a0
[  159.382179][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  159.384530][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  159.391940][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  159.394066][ T5866]  alloc_pages_noprof+0xa9/0x190
[  159.396911][ T5866]  folio_alloc_noprof+0x1e/0x30
[  159.399037][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  159.401694][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  159.404083][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  159.406925][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  159.409313][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  159.411678][ T5866]  vfs_write+0x54b/0xa90
[  159.413458][ T5866]  ksys_write+0x145/0x250
[  159.415332][ T5866]  do_syscall_64+0xfa/0x3b0
[  159.417900][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.420777][ T5866] page last free pid 5658 tgid 5658 stack trace:
[  159.423659][ T5866]  free_unref_folios+0xdbd/0x1520
[  159.425839][ T5866]  folios_put_refs+0x559/0x640
[  159.428712][ T5866]  free_pages_and_swap_cache+0x277/0x520
[  159.431068][ T5866]  tlb_flush_mmu+0x3a0/0x680
[  159.433059][ T5866]  tlb_finish_mmu+0xc3/0x1d0
[  159.434993][ T5866]  vms_clear_ptes+0x42c/0x540
[  159.437474][ T5866]  vms_complete_munmap_vmas+0x206/0x8a0
[  159.440050][ T5866]  do_vmi_align_munmap+0x358/0x420
[  159.442570][ T5866]  do_vmi_munmap+0x253/0x2e0
[  159.444885][ T5866]  __vm_munmap+0x23b/0x3d0
[  159.447535][ T5866]  __x64_sys_munmap+0x60/0x70
[  159.449624][ T5866]  do_syscall_64+0xfa/0x3b0
[  159.451627][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.454196][ T5866] Modules linked in:
[  159.456320][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  159.456337][ T5866] Tainted: [B]=BAD_PAGE
[  159.456340][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.456347][ T5866] Call Trace:
[  159.456351][ T5866]  <TASK>
[  159.456355][ T5866]  dump_stack_lvl+0x189/0x250
[  159.456370][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.456381][ T5866]  ? __pfx_print_modules+0x10/0x10
[  159.456395][ T5866]  ? percpu_ref_put+0x19/0x180
[  159.456410][ T5866]  ? percpu_ref_put+0xf9/0x180
[  159.456420][ T5866]  bad_page+0x180/0x1c0
[  159.456430][ T5866]  free_tail_page_prepare+0x2c3/0x4f0
[  159.456444][ T5866]  __free_frozen_pages+0x7b7/0xd30
[  159.456457][ T5866]  __folio_put+0x21b/0x2c0
[  159.456472][ T5866]  ? __pfx___folio_put+0x10/0x10
[  159.456486][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  159.456502][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  159.456513][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  159.456528][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  159.456540][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  159.456551][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  159.456564][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  159.456588][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  159.456606][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  159.456619][ T5866]  ? rcu_is_watching+0x15/0xb0
[  159.456629][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  159.456642][ T5866]  ? rcu_is_watching+0x15/0xb0
[  159.456652][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  159.456663][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  159.456676][ T5866]  evict+0x501/0x9c0
[  159.456686][ T5866]  ? __pfx_evict+0x10/0x10
[  159.456695][ T5866]  ? rcu_is_watching+0x15/0xb0
[  159.456704][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  159.456718][ T5866]  evict_inodes+0x64c/0x6d0
[  159.456730][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  159.456743][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  159.456756][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  159.456766][ T5866]  kill_block_super+0x44/0x90
[  159.456778][ T5866]  xfs_kill_sb+0x15/0x50
[  159.456788][ T5866]  deactivate_locked_super+0xbc/0x130
[  159.456803][ T5866]  cleanup_mnt+0x425/0x4c0
[  159.456819][ T5866]  task_work_run+0x1d1/0x260
[  159.456832][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  159.456842][ T5866]  ? __x64_sys_umount+0x122/0x160
[  159.456854][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  159.456864][ T5866]  ? rcu_is_watching+0x15/0xb0
[  159.456873][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  159.456889][ T5866]  do_syscall_64+0x2bd/0x3b0
[  159.456899][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.456908][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  159.456920][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.456930][ T5866] RIP: 0033:0x7f7ff658e117
[  159.456939][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  159.456948][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  159.456961][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  159.456968][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  159.456973][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  159.456979][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  159.456987][ T5866] R13: 00007f7ff660e08c R14: 0000000000026db0 R15: 00007ffd5b1f3a50
[  159.456998][ T5866]  </TASK>
[  159.457025][ T5866] BUG: Bad page state in process syz-executor  pfn:4a800
[  159.619182][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4a800
[  159.623220][ T5866] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  159.627819][ T5866] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  159.632271][ T5866] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  159.636334][ T5866] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  159.640019][ T5866] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  159.644010][ T5866] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  159.648721][ T5866] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  159.652579][ T5866] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  159.657220][ T5866] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  159.660856][ T5866] page_owner tracks the page as allocated
[  159.663321][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6015, tgid 6014 (syz.0.26), ts 159326491548, free_ts 136364540989
[  159.674709][ T5866]  post_alloc_hook+0x240/0x2a0
[  159.677776][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  159.680342][ T5866]  __alloc_frozen_pages_noprof+0x181/0x370
[  159.682991][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  159.685228][ T5866]  alloc_pages_noprof+0xa9/0x190
[  159.688247][ T5866]  folio_alloc_noprof+0x1e/0x30
[  159.690469][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  159.693207][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  159.695652][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  159.698487][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  159.701026][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  159.704033][ T5866]  vfs_write+0x54b/0xa90
[  159.706670][ T5866]  ksys_write+0x145/0x250
[  159.708683][ T5866]  do_syscall_64+0xfa/0x3b0
[  159.710850][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.713822][ T5866] page last free pid 5658 tgid 5658 stack trace:
[  159.717189][ T5866]  free_unref_folios+0xdbd/0x1520
[  159.719712][ T5866]  folios_put_refs+0x559/0x640
[  159.722259][ T5866]  free_pages_and_swap_cache+0x277/0x520
[  159.724868][ T5866]  tlb_flush_mmu+0x3a0/0x680
[  159.728683][ T5866]  tlb_finish_mmu+0xc3/0x1d0
[  159.730913][ T5866]  vms_clear_ptes+0x42c/0x540
[  159.733102][ T5866]  vms_complete_munmap_vmas+0x206/0x8a0
[  159.735632][ T5866]  do_vmi_align_munmap+0x358/0x420
[  159.738462][ T5866]  do_vmi_munmap+0x253/0x2e0
[  159.740693][ T5866]  __vm_munmap+0x23b/0x3d0
[  159.742654][ T5866]  __x64_sys_munmap+0x60/0x70
[  159.744819][ T5866]  do_syscall_64+0xfa/0x3b0
[  159.747709][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.750816][ T5866] Modules linked in:
[  159.752763][ T5866] CPU: 0 UID: 0 PID: 5866 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  159.752782][ T5866] Tainted: [B]=BAD_PAGE
[  159.752786][ T5866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.752794][ T5866] Call Trace:
[  159.752801][ T5866]  <TASK>
[  159.752807][ T5866]  dump_stack_lvl+0x189/0x250
[  159.752826][ T5866]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.752837][ T5866]  ? __pfx_print_modules+0x10/0x10
[  159.752850][ T5866]  bad_page+0x180/0x1c0
[  159.752859][ T5866]  __free_frozen_pages+0xce2/0xd30
[  159.752870][ T5866]  __folio_put+0x21b/0x2c0
[  159.752885][ T5866]  ? __pfx___folio_put+0x10/0x10
[  159.752900][ T5866]  delete_from_page_cache_batch+0x84c/0x9b0
[  159.752915][ T5866]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  159.752927][ T5866]  ? __pfx_workingset_update_node+0x10/0x10
[  159.752944][ T5866]  ? truncate_cleanup_folio+0x34a/0x430
[  159.752954][ T5866]  truncate_inode_pages_range+0x28a/0xda0
[  159.752967][ T5866]  ? filemap_get_folios_tag+0xed/0x630
[  159.752977][ T5866]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  159.752986][ T5866]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  159.752996][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  159.753007][ T5866]  ? rcu_is_watching+0x15/0xb0
[  159.753017][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  159.753028][ T5866]  ? rcu_is_watching+0x15/0xb0
[  159.753038][ T5866]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  159.753050][ T5866]  xfs_fs_evict_inode+0x67/0x90
[  159.753062][ T5866]  evict+0x501/0x9c0
[  159.753074][ T5866]  ? __pfx_evict+0x10/0x10
[  159.753083][ T5866]  ? rcu_is_watching+0x15/0xb0
[  159.753092][ T5866]  ? do_raw_spin_unlock+0x4d/0x240
[  159.753101][ T5866]  evict_inodes+0x64c/0x6d0
[  159.753109][ T5866]  ? __pfx_evict_inodes+0x10/0x10
[  159.753116][ T5866]  ? xfs_fs_sync_fs+0x1cf/0x380
[  159.753126][ T5866]  generic_shutdown_super+0x9a/0x2c0
[  159.753135][ T5866]  kill_block_super+0x44/0x90
[  159.753145][ T5866]  xfs_kill_sb+0x15/0x50
[  159.753157][ T5866]  deactivate_locked_super+0xbc/0x130
[  159.753171][ T5866]  cleanup_mnt+0x425/0x4c0
[  159.753187][ T5866]  task_work_run+0x1d1/0x260
[  159.753201][ T5866]  ? __pfx_task_work_run+0x10/0x10
[  159.753212][ T5866]  ? __x64_sys_umount+0x122/0x160
[  159.753221][ T5866]  ? __pfx___x64_sys_umount+0x10/0x10
[  159.753230][ T5866]  ? rcu_is_watching+0x15/0xb0
[  159.753239][ T5866]  exit_to_user_mode_loop+0xec/0x110
[  159.753254][ T5866]  do_syscall_64+0x2bd/0x3b0
[  159.753264][ T5866]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.753274][ T5866]  ? clear_bhb_loop+0x60/0xb0
[  159.753285][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.753295][ T5866] RIP: 0033:0x7f7ff658e117
[  159.753306][ T5866] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  159.753315][ T5866] RSP: 002b:00007ffd5b1f28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  159.753328][ T5866] RAX: 0000000000000000 RBX: 00007f7ff660e08c RCX: 00007f7ff658e117
[  159.753334][ T5866] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd5b1f2980
[  159.753339][ T5866] RBP: 00007ffd5b1f2980 R08: 0000000000000000 R09: 0000000000000000
[  159.753345][ T5866] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5b1f3a10
[  159.753350][ T5866] R13: 00007f7ff660e08c R14: 0000000000026db0 R15: 00007ffd5b1f3a50
[  159.753360][ T5866]  </TASK>
[  159.753814][ T5866] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  160.097727][ T6025] loop0: detected capacity change from 0 to 32768
[  160.107319][ T6025] XFS: ikeep mount option is deprecated.
[  160.117844][ T6025] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  160.147895][ T6025] XFS (loop0): Ending clean mount
[  160.154961][ T6025] XFS (loop0): Quotacheck needed: Please wait.
[  160.164026][ T6025] XFS (loop0): Quotacheck: Done.
[  160.197734][ T5866] BUG: Bad page state in process syz-executor  pfn:52e01
[  160.200828][ T5866] page does not match folio
[  160.202757][ T5866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x52e01
[  160.208025][ T5866] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  160.211222][ T5866] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  160.215502][ T5866] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  160.220353][ T5866] page dumped because: nonzero pincount
[  160.222753][ T5866] page_owner tracks the page as allocated
[  160.225140][ T5866] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6025, tgid 6024 (syz.0.27), ts 160183404566, free_ts 160174201237
[  160.235485][ T5866]  post_alloc_hook+0x240/0x2a0
[  160.239484][ T5866]  get_page_from_freelist+0x21e4/0x22c0
[  160.241769][ T5866]  __alloc_pages_slowpath+0x2fe/0xce0
[  160.243943][ T5866]  __alloc_frozen_pages_noprof+0x319/0x370
[  160.247578][ T5866]  alloc_pages_mpol+0x232/0x4a0
[  160.249791][ T5866]  alloc_pages_noprof+0xa9/0x190
[  160.251994][ T5866]  folio_alloc_noprof+0x1e/0x30
[  160.254101][ T5866]  filemap_alloc_folio_noprof+0xdf/0x470
[  160.256862][ T5866]  __filemap_get_folio+0x3f2/0xaf0
[  160.259054][ T5866]  iomap_write_begin+0x5d7/0x1c70
[  160.261179][ T5866]  iomap_file_buffered_write+0x441/0x9b0
[  160.263730][ T5866]  xfs_file_buffered_write+0x209/0x8a0
[  160.266937][ T5866]  vfs_write+0x54b/0xa90
[  160.268970][ T5866]  ksys_write+0x145/0x250
[  160.270723][ T5866]  do_syscall_64+0xfa/0x3b0
[  160.272645][ T5866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.275196][ T5866] page last free pid 78 tgid 78 stack trace:
[  160.278242][ T5866]  free_unref_folios+0xdbd/0x1520
[  160.280406][ T5866]  shrink_folio_list+0x2977/0x4cd0
[  160.282615][ T5866]  evict_folios+0x47f2/0x58b0
[  160.284937][ T5866]  try_to_shrink_lruvec+0x8a3/0xb50
[  160.288313][ T5866]  shrink_one+0x21b/0x7c0
[  160.290268][ T5866]  shrink_node+0x314e/0x3760
[  160.292222][ T5866]  kswapd+0x147c/0x2830
[  160.293963][ T5866]  kthread+0x711/0x8a0
[  160.295705][ T5866]  ret_from_fork+0x3f9/0x770
[  160.298163][ T5866]  ret_from_fork_asm+0x1a/0x30
[  160.300222][ T5866] Modules linked in: