[ 71.009546][ T1426] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.011623][ T1426] ieee802154 phy1 wpan1: encryption failed: -22
Warning: Permanently added '[localhost]:6163' (ED25519) to the list of known hosts.
2025/08/01 09:03:28 ignoring optional flag "sandboxArg"="0"
2025/08/01 09:03:29 parsed 1 programs
[ 74.786438][ T40] audit: type=1400 audit(1754039011.189:118): avc: denied { unlink } for pid=6228 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 75.693872][ T6228] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 77.507822][ T6279] chnl_net:caif_netlink_parms(): no params data found
[ 77.569774][ T6279] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.572080][ T6279] bridge0: port 1(bridge_slave_0) entered disabled state
[ 77.574445][ T6279] bridge_slave_0: entered allmulticast mode
[ 77.577172][ T6279] bridge_slave_0: entered promiscuous mode
[ 77.580548][ T6279] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.582873][ T6279] bridge0: port 2(bridge_slave_1) entered disabled state
[ 77.585150][ T6279] bridge_slave_1: entered allmulticast mode
[ 77.587833][ T6279] bridge_slave_1: entered promiscuous mode
[ 77.618781][ T6279] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 77.623282][ T6279] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 77.655753][ T6279] team0: Port device team_slave_0 added
[ 77.659053][ T6279] team0: Port device team_slave_1 added
[ 77.689126][ T6279] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 77.691396][ T6279] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 77.701409][ T6279] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 77.705710][ T6279] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 77.708037][ T6279] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 77.716057][ T6279] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 77.755359][ T6279] hsr_slave_0: entered promiscuous mode
[ 77.757666][ T6279] hsr_slave_1: entered promiscuous mode
[ 78.283414][ T6279] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 78.288416][ T6279] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 78.292302][ T6279] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 78.296615][ T6279] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 78.314509][ T6279] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.316794][ T6279] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.319143][ T6279] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.321374][ T6279] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.347029][ T6279] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.354731][ T104] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.359569][ T104] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.373832][ T6279] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.380351][ T104] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.382683][ T104] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.388993][ T104] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.391288][ T104] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.523279][ T6279] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 78.544958][ T6279] veth0_vlan: entered promiscuous mode
[ 78.552325][ T6279] veth1_vlan: entered promiscuous mode
[ 78.563239][ T6279] veth0_macvtap: entered promiscuous mode
[ 78.568663][ T6279] veth1_macvtap: entered promiscuous mode
[ 78.579675][ T6279] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 78.584438][ T6279] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 78.590499][ T83] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.593297][ T83] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.597137][ T83] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.599861][ T83] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.659328][ T83] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.713477][ T71] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.715969][ T71] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.728731][ T83] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.742694][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.745191][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.845616][ T83] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.911358][ T83] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.977205][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 78.980282][ T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 78.982826][ T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 78.985608][ T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 78.989317][ T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 79.290519][ T40] audit: type=1401 audit(1754039015.699:119): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
2025/08/01 09:03:36 executed programs: 0
[ 80.190712][ T6012] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 80.193534][ T6012] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 80.198200][ T6012] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 80.201255][ T6012] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 80.203926][ T6012] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 80.313966][ T6471] chnl_net:caif_netlink_parms(): no params data found
[ 80.398564][ T6471] bridge0: port 1(bridge_slave_0) entered blocking state
[ 80.401561][ T6471] bridge0: port 1(bridge_slave_0) entered disabled state
[ 80.404459][ T6471] bridge_slave_0: entered allmulticast mode
[ 80.410215][ T6471] bridge_slave_0: entered promiscuous mode
[ 80.414591][ T6471] bridge0: port 2(bridge_slave_1) entered blocking state
[ 80.417127][ T6471] bridge0: port 2(bridge_slave_1) entered disabled state
[ 80.419338][ T6471] bridge_slave_1: entered allmulticast mode
[ 80.423939][ T6471] bridge_slave_1: entered promiscuous mode
[ 80.457379][ T6471] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 80.462183][ T6471] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 80.492767][ T6471] team0: Port device team_slave_0 added
[ 80.495998][ T6471] team0: Port device team_slave_1 added
[ 80.538858][ T6471] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 80.541090][ T6471] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.550657][ T6471] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 80.555197][ T6471] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 80.557449][ T6471] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 80.565292][ T6471] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 80.614116][ T6471] hsr_slave_0: entered promiscuous mode
[ 80.616333][ T6471] hsr_slave_1: entered promiscuous mode
[ 80.618854][ T6471] debugfs: 'hsr0' already exists in 'hsr'
[ 80.620657][ T6471] Cannot create hsr debugfs directory
[ 81.247359][ T10] cfg80211: failed to load regulatory.db
[ 81.903775][ T83] bridge_slave_1: left allmulticast mode
[ 81.905640][ T83] bridge_slave_1: left promiscuous mode
[ 81.907645][ T83] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.911902][ T83] bridge_slave_0: left allmulticast mode
[ 81.913711][ T83] bridge_slave_0: left promiscuous mode
[ 81.915769][ T83] bridge0: port 1(bridge_slave_0) entered disabled state
[ 82.130657][ T83] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 82.136254][ T83] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 82.141533][ T83] bond0 (unregistering): Released all slaves
[ 82.269977][ T83] hsr_slave_0: left promiscuous mode
[ 82.272107][ T83] hsr_slave_1: left promiscuous mode
[ 82.274094][ T83] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 82.276656][ T83] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 82.280190][ T83] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 82.282570][ T83] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 82.286690][ T6012] Bluetooth: hci0: command tx timeout
[ 82.294700][ T83] veth1_macvtap: left promiscuous mode
[ 82.296649][ T83] veth0_macvtap: left promiscuous mode
[ 82.298493][ T83] veth1_vlan: left promiscuous mode
[ 82.300169][ T83] veth0_vlan: left promiscuous mode
[ 82.643844][ T83] team0 (unregistering): Port device team_slave_1 removed
[ 82.678844][ T83] team0 (unregistering): Port device team_slave_0 removed
[ 83.303796][ T6471] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 83.307829][ T6471] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 83.312883][ T6471] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 83.316883][ T6471] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 83.356712][ T6471] 8021q: adding VLAN 0 to HW filter on device bond0
[ 83.365649][ T6471] 8021q: adding VLAN 0 to HW filter on device team0
[ 83.370904][ T1220] bridge0: port 1(bridge_slave_0) entered blocking state
[ 83.373198][ T1220] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 83.378566][ T1220] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.380868][ T1220] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 83.671896][ T6471] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 83.691467][ T6471] veth0_vlan: entered promiscuous mode
[ 83.695820][ T6471] veth1_vlan: entered promiscuous mode
[ 83.709167][ T6471] veth0_macvtap: entered promiscuous mode
[ 83.712758][ T6471] veth1_macvtap: entered promiscuous mode
[ 83.721513][ T6471] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 83.729663][ T6471] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 83.738924][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.742013][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.745701][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.748618][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.796426][ T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 83.799522][ T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 83.819330][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 83.822661][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 83.854657][ T40] audit: type=1400 audit(1754039020.259:120): avc: denied { read write } for pid=6542 comm="syz.0.16" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 83.863165][ T40] audit: type=1400 audit(1754039020.259:121): avc: denied { open } for pid=6542 comm="syz.0.16" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 83.870381][ T40] audit: type=1400 audit(1754039020.259:122): avc: denied { map } for pid=6542 comm="syz.0.16" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 83.877493][ T40] audit: type=1400 audit(1754039020.259:123): avc: denied { execute } for pid=6542 comm="syz.0.16" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 83.885842][ T40] audit: type=1400 audit(1754039020.259:124): avc: denied { create } for pid=6542 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 83.891843][ T40] audit: type=1400 audit(1754039020.269:125): avc: denied { bind } for pid=6542 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 83.898159][ T40] audit: type=1400 audit(1754039020.269:126): avc: denied { write } for pid=6542 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 83.900227][ T6543] BUG: Bad page state in process syz.0.16 pfn:43801
[ 83.903993][ T40] audit: type=1400 audit(1754039020.279:127): avc: denied { create } for pid=6542 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 83.906157][ T6543] page does not match folio
[ 83.913987][ T40] audit: type=1400 audit(1754039020.319:128): avc: denied { read } for pid=5342 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 83.915155][ T6543] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x43801
[ 83.921727][ T40] audit: type=1400 audit(1754039020.319:129): avc: denied { search } for pid=5342 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 83.931640][ T6543] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 83.933970][ T6543] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 83.936933][ T6543] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 83.939871][ T6543] page dumped because: nonzero pincount
[ 83.941643][ T6543] page_owner tracks the page as allocated
[ 83.943476][ T6543] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6542, tgid 6542 (syz.0.16), ts 83857649316, free_ts 79913057622
[ 83.949776][ T6543] post_alloc_hook+0x1c0/0x230
[ 83.951357][ T6543] get_page_from_freelist+0x132b/0x38e0
[ 83.953123][ T6543] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 83.954981][ T6543] alloc_pages_mpol+0x1fb/0x550
[ 83.956590][ T6543] folio_alloc_noprof+0x20/0x2d0
[ 83.958173][ T6543] filemap_alloc_folio_noprof+0x3a1/0x470
[ 83.959960][ T6543] page_cache_ra_order+0x4e1/0xd70
[ 83.961590][ T6543] filemap_fault+0x1b4b/0x2930
[ 83.963110][ T6543] __do_fault+0x10a/0x490
[ 83.964481][ T6543] do_pte_missing+0x1a6/0x3ba0
[ 83.966007][ T6543] __handle_mm_fault+0x152a/0x2a50
[ 83.968216][ T6543] handle_mm_fault+0x589/0xd10
[ 83.969787][ T6543] do_user_addr_fault+0x60c/0x1370
[ 83.971440][ T6543] exc_page_fault+0x5c/0xb0
[ 83.972912][ T6543] asm_exc_page_fault+0x26/0x30
[ 83.974449][ T6543] page last free pid 6442 tgid 6442 stack trace:
[ 83.976478][ T6543] __free_frozen_pages+0x7d5/0x10f0
[ 83.978139][ T6543] vfree+0x1fd/0xb50
[ 83.979402][ T6543] kcov_close+0x34/0x60
[ 83.980744][ T6543] __fput+0x3ff/0xb70
[ 83.982028][ T6543] task_work_run+0x14d/0x240
[ 83.983493][ T6543] do_exit+0x86f/0x2bf0
[ 83.984822][ T6543] do_group_exit+0xd3/0x2a0
[ 83.986265][ T6543] get_signal+0x2673/0x26d0
[ 83.987813][ T6543] arch_do_signal_or_restart+0x8f/0x7d0
[ 83.989557][ T6543] exit_to_user_mode_loop+0x84/0x110
[ 83.991235][ T6543] do_syscall_64+0x3f6/0x4c0
[ 83.992696][ T6543] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 83.994744][ T6543] Modules linked in:
[ 83.996020][ T6543] CPU: 0 UID: 0 PID: 6543 Comm: syz.0.16 Not tainted 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 83.996035][ T6543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 83.996041][ T6543] Call Trace:
[ 83.996045][ T6543]
[ 83.996049][ T6543] dump_stack_lvl+0x16c/0x1f0
[ 83.996066][ T6543] bad_page+0xcf/0x220
[ 83.996078][ T6543] ? __pfx_bad_page+0x10/0x10
[ 83.996092][ T6543] free_tail_page_prepare+0x44f/0x5b0
[ 83.996111][ T6543] __free_frozen_pages+0xbae/0x10f0
[ 83.996130][ T6543] __folio_put+0x329/0x450
[ 83.996141][ T6543] ? __pfx___folio_put+0x10/0x10
[ 83.996152][ T6543] ? find_held_lock+0x2b/0x80
[ 83.996165][ T6543] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 83.996177][ T6543] ? mark_held_locks+0x49/0x80
[ 83.996194][ T6543] filemap_free_folio+0x132/0x170
[ 83.996205][ T6543] delete_from_page_cache_batch+0x741/0x9b0
[ 83.996219][ T6543] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 83.996232][ T6543] ? __pfx_workingset_update_node+0x10/0x10
[ 83.996247][ T6543] truncate_inode_pages_range+0x279/0xe50
[ 83.996264][ T6543] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 83.996290][ T6543] ? has_bh_in_lru+0x9d/0x100
[ 83.996301][ T6543] ? smp_call_function_many_cond+0x457/0x1600
[ 83.996328][ T6543] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.996340][ T6543] ? __pfx_has_bh_in_lru+0x10/0x10
[ 83.996365][ T6543] blkdev_flush_mapping+0xfb/0x290
[ 83.996378][ T6543] ? filemap_check_errors+0xa9/0x160
[ 83.996394][ T6543] blkdev_put_whole+0xc4/0xf0
[ 83.996405][ T6543] bdev_release+0x47e/0x6d0
[ 83.996421][ T6543] ? __pfx_blkdev_release+0x10/0x10
[ 83.996434][ T6543] blkdev_release+0x15/0x20
[ 83.996447][ T6543] __fput+0x3ff/0xb70
[ 83.996464][ T6543] task_work_run+0x14d/0x240
[ 83.996476][ T6543] ? __pfx_task_work_run+0x10/0x10
[ 83.996488][ T6543] ? do_raw_spin_unlock+0x172/0x230
[ 83.996501][ T6543] do_exit+0x86f/0x2bf0
[ 83.996516][ T6543] ? find_held_lock+0x2b/0x80
[ 83.996531][ T6543] ? __pfx_do_exit+0x10/0x10
[ 83.996546][ T6543] ? do_raw_spin_lock+0x12c/0x2b0
[ 83.996556][ T6543] ? find_held_lock+0x2b/0x80
[ 83.996570][ T6543] do_group_exit+0xd3/0x2a0
[ 83.996587][ T6543] get_signal+0x2673/0x26d0
[ 83.996606][ T6543] ? __pfx_get_signal+0x10/0x10
[ 83.996619][ T6543] ? do_futex+0x122/0x350
[ 83.996635][ T6543] ? __pfx_do_futex+0x10/0x10
[ 83.996652][ T6543] arch_do_signal_or_restart+0x8f/0x7d0
[ 83.996667][ T6543] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 83.996684][ T6543] ? xfd_validate_state+0x61/0x180
[ 83.996701][ T6543] ? __pfx_do_preadv+0x10/0x10
[ 83.996719][ T6543] exit_to_user_mode_loop+0x84/0x110
[ 83.996731][ T6543] do_syscall_64+0x3f6/0x4c0
[ 83.996747][ T6543] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 83.996757][ T6543] RIP: 0033:0x7fac75f8e969
[ 83.996766][ T6543] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 83.996770][ T6543] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 83.996780][ T6543] RAX: 0000000000000001 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 83.996787][ T6543] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fac761b5fac
[ 83.996793][ T6543] RBP: 00007fac761b5fa0 R08: 00007fac76df2000 R09: 0000000000000000
[ 83.996799][ T6543] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fac761b5fac
[ 83.996820][ T6543] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 83.996834][ T6543]
[ 84.098990][ T6543] Disabling lock debugging due to kernel taint
[ 84.100957][ T6543] BUG: Bad page state in process syz.0.16 pfn:43800
[ 84.103055][ T6543] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x43800
[ 84.105788][ T6543] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 84.108457][ T6543] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 84.111535][ T6543] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 84.114198][ T6543] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.117074][ T6543] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 84.119765][ T6543] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.122450][ T6543] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.125144][ T6543] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 84.127871][ T6543] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 84.130181][ T6543] page_owner tracks the page as allocated
[ 84.131952][ T6543] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6542, tgid 6542 (syz.0.16), ts 83857649316, free_ts 79913051951
[ 84.138165][ T6543] post_alloc_hook+0x1c0/0x230
[ 84.139684][ T6543] get_page_from_freelist+0x132b/0x38e0
[ 84.141443][ T6543] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 84.143292][ T6543] alloc_pages_mpol+0x1fb/0x550
[ 84.144830][ T6543] folio_alloc_noprof+0x20/0x2d0
[ 84.146439][ T6543] filemap_alloc_folio_noprof+0x3a1/0x470
[ 84.148217][ T6543] page_cache_ra_order+0x4e1/0xd70
[ 84.149837][ T6543] filemap_fault+0x1b4b/0x2930
[ 84.151339][ T6543] __do_fault+0x10a/0x490
[ 84.152691][ T6543] do_pte_missing+0x1a6/0x3ba0
[ 84.154212][ T6543] __handle_mm_fault+0x152a/0x2a50
[ 84.155822][ T6543] handle_mm_fault+0x589/0xd10
[ 84.157438][ T6543] do_user_addr_fault+0x60c/0x1370
[ 84.159114][ T6543] exc_page_fault+0x5c/0xb0
[ 84.160598][ T6543] asm_exc_page_fault+0x26/0x30
[ 84.162188][ T6543] page last free pid 6442 tgid 6442 stack trace:
[ 84.164160][ T6543] __free_frozen_pages+0x7d5/0x10f0
[ 84.165827][ T6543] vfree+0x1fd/0xb50
[ 84.167201][ T6543] kcov_close+0x34/0x60
[ 84.168536][ T6543] __fput+0x3ff/0xb70
[ 84.169828][ T6543] task_work_run+0x14d/0x240
[ 84.171307][ T6543] do_exit+0x86f/0x2bf0
[ 84.172635][ T6543] do_group_exit+0xd3/0x2a0
[ 84.174090][ T6543] get_signal+0x2673/0x26d0
[ 84.175534][ T6543] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.177375][ T6543] exit_to_user_mode_loop+0x84/0x110
[ 84.179043][ T6543] do_syscall_64+0x3f6/0x4c0
[ 84.180518][ T6543] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.182424][ T6543] Modules linked in:
[ 84.183678][ T6543] CPU: 2 UID: 0 PID: 6543 Comm: syz.0.16 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 84.183695][ T6543] Tainted: [B]=BAD_PAGE
[ 84.183698][ T6543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.183705][ T6543] Call Trace:
[ 84.183709][ T6543]
[ 84.183713][ T6543] dump_stack_lvl+0x16c/0x1f0
[ 84.183729][ T6543] bad_page+0xcf/0x220
[ 84.183740][ T6543] ? __pfx_bad_page+0x10/0x10
[ 84.183751][ T6543] ? page_bad_reason+0x9d/0x1f0
[ 84.183763][ T6543] __free_frozen_pages+0x7f7/0x10f0
[ 84.183780][ T6543] __folio_put+0x329/0x450
[ 84.183790][ T6543] ? __pfx___folio_put+0x10/0x10
[ 84.183800][ T6543] ? find_held_lock+0x2b/0x80
[ 84.183813][ T6543] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 84.183824][ T6543] ? mark_held_locks+0x49/0x80
[ 84.183840][ T6543] filemap_free_folio+0x132/0x170
[ 84.183850][ T6543] delete_from_page_cache_batch+0x741/0x9b0
[ 84.183862][ T6543] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 84.183874][ T6543] ? __pfx_workingset_update_node+0x10/0x10
[ 84.183886][ T6543] truncate_inode_pages_range+0x279/0xe50
[ 84.183901][ T6543] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.183919][ T6543] ? has_bh_in_lru+0x9d/0x100
[ 84.183929][ T6543] ? smp_call_function_many_cond+0x457/0x1600
[ 84.183948][ T6543] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.183960][ T6543] ? __pfx_has_bh_in_lru+0x10/0x10
[ 84.183970][ T6543] blkdev_flush_mapping+0xfb/0x290
[ 84.183987][ T6543] ? filemap_check_errors+0xa9/0x160
[ 84.184001][ T6543] blkdev_put_whole+0xc4/0xf0
[ 84.184012][ T6543] bdev_release+0x47e/0x6d0
[ 84.184025][ T6543] ? __pfx_blkdev_release+0x10/0x10
[ 84.184039][ T6543] blkdev_release+0x15/0x20
[ 84.184051][ T6543] __fput+0x3ff/0xb70
[ 84.184065][ T6543] task_work_run+0x14d/0x240
[ 84.184077][ T6543] ? __pfx_task_work_run+0x10/0x10
[ 84.184088][ T6543] ? do_raw_spin_unlock+0x172/0x230
[ 84.184100][ T6543] do_exit+0x86f/0x2bf0
[ 84.184114][ T6543] ? find_held_lock+0x2b/0x80
[ 84.184126][ T6543] ? __pfx_do_exit+0x10/0x10
[ 84.184141][ T6543] ? do_raw_spin_lock+0x12c/0x2b0
[ 84.184151][ T6543] ? find_held_lock+0x2b/0x80
[ 84.184163][ T6543] do_group_exit+0xd3/0x2a0
[ 84.184179][ T6543] get_signal+0x2673/0x26d0
[ 84.184194][ T6543] ? __pfx_get_signal+0x10/0x10
[ 84.184206][ T6543] ? do_futex+0x122/0x350
[ 84.184221][ T6543] ? __pfx_do_futex+0x10/0x10
[ 84.184239][ T6543] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.184252][ T6543] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 84.184267][ T6543] ? xfd_validate_state+0x61/0x180
[ 84.184283][ T6543] ? __pfx_do_preadv+0x10/0x10
[ 84.184300][ T6543] exit_to_user_mode_loop+0x84/0x110
[ 84.184311][ T6543] do_syscall_64+0x3f6/0x4c0
[ 84.184326][ T6543] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.184336][ T6543] RIP: 0033:0x7fac75f8e969
[ 84.184344][ T6543] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 84.184348][ T6543] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 84.184358][ T6543] RAX: 0000000000000001 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 84.184365][ T6543] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fac761b5fac
[ 84.184371][ T6543] RBP: 00007fac761b5fa0 R08: 00007fac76df2000 R09: 0000000000000000
[ 84.184377][ T6543] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fac761b5fac
[ 84.184383][ T6543] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 84.184392][ T6543]
[ 84.308709][ T6545] BUG: Bad page state in process syz.0.17 pfn:55201
[ 84.310883][ T6545] page does not match folio
[ 84.312309][ T6545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55201
[ 84.315407][ T6545] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 84.317792][ T6545] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 84.320445][ T6545] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 84.323130][ T6545] page dumped because: nonzero pincount
[ 84.324859][ T6545] page_owner tracks the page as allocated
[ 84.326680][ T6545] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6544, tgid 6544 (syz.0.17), ts 84240867579, free_ts 84184420953
[ 84.332790][ T6545] post_alloc_hook+0x1c0/0x230
[ 84.334339][ T6545] get_page_from_freelist+0x132b/0x38e0
[ 84.336067][ T6545] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 84.338030][ T6545] alloc_pages_mpol+0x1fb/0x550
[ 84.339604][ T6545] folio_alloc_noprof+0x20/0x2d0
[ 84.341180][ T6545] filemap_alloc_folio_noprof+0x3a1/0x470
[ 84.342967][ T6545] page_cache_ra_order+0x4e1/0xd70
[ 84.344592][ T6545] filemap_fault+0x1b4b/0x2930
[ 84.346081][ T6545] __do_fault+0x10a/0x490
[ 84.347465][ T6545] do_pte_missing+0x1a6/0x3ba0
[ 84.348946][ T6545] __handle_mm_fault+0x152a/0x2a50
[ 84.350572][ T6545] handle_mm_fault+0x589/0xd10
[ 84.352096][ T6545] do_user_addr_fault+0x60c/0x1370
[ 84.353687][ T6545] exc_page_fault+0x5c/0xb0
[ 84.355113][ T6545] asm_exc_page_fault+0x26/0x30
[ 84.356682][ T6545] page last free pid 6543 tgid 6542 stack trace:
[ 84.358641][ T6545] free_unref_folios+0xa61/0x16b0
[ 84.360221][ T6545] folios_put_refs+0x56f/0x740
[ 84.361744][ T6545] truncate_inode_pages_range+0x311/0xe50
[ 84.363529][ T6545] blkdev_flush_mapping+0xfb/0x290
[ 84.365150][ T6545] blkdev_put_whole+0xc4/0xf0
[ 84.366787][ T6545] bdev_release+0x47e/0x6d0
[ 84.366887][ T6012] Bluetooth: hci0: command tx timeout
[ 84.368735][ T6545] blkdev_release+0x15/0x20
[ 84.371851][ T6545] __fput+0x3ff/0xb70
[ 84.373107][ T6545] task_work_run+0x14d/0x240
[ 84.374523][ T6545] do_exit+0x86f/0x2bf0
[ 84.375824][ T6545] do_group_exit+0xd3/0x2a0
[ 84.377327][ T6545] get_signal+0x2673/0x26d0
[ 84.378753][ T6545] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.380484][ T6545] exit_to_user_mode_loop+0x84/0x110
[ 84.382190][ T6545] do_syscall_64+0x3f6/0x4c0
[ 84.383896][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.386278][ T6545] Modules linked in:
[ 84.388029][ T6545] CPU: 3 UID: 0 PID: 6545 Comm: syz.0.17 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 84.388048][ T6545] Tainted: [B]=BAD_PAGE
[ 84.388052][ T6545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.388059][ T6545] Call Trace:
[ 84.388062][ T6545]
[ 84.388066][ T6545] dump_stack_lvl+0x16c/0x1f0
[ 84.388083][ T6545] bad_page+0xcf/0x220
[ 84.388095][ T6545] ? __pfx_bad_page+0x10/0x10
[ 84.388107][ T6545] free_tail_page_prepare+0x44f/0x5b0
[ 84.388120][ T6545] __free_frozen_pages+0xbae/0x10f0
[ 84.388137][ T6545] __folio_put+0x329/0x450
[ 84.388148][ T6545] ? __pfx___folio_put+0x10/0x10
[ 84.388158][ T6545] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 84.388169][ T6545] ? rcu_is_watching+0x12/0xc0
[ 84.388182][ T6545] ? lock_release+0x201/0x2f0
[ 84.388198][ T6545] filemap_free_folio+0x132/0x170
[ 84.388208][ T6545] delete_from_page_cache_batch+0x741/0x9b0
[ 84.388220][ T6545] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 84.388232][ T6545] ? __pfx_workingset_update_node+0x10/0x10
[ 84.388243][ T6545] ? xas_move_index+0xb0/0x110
[ 84.388258][ T6545] truncate_inode_pages_range+0x279/0xe50
[ 84.388273][ T6545] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.388296][ T6545] ? trace_csd_queue_cpu+0x181/0x1f0
[ 84.388309][ T6545] ? has_bh_in_lru+0x9d/0x100
[ 84.388319][ T6545] ? smp_call_function_many_cond+0x457/0x1600
[ 84.388337][ T6545] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.388349][ T6545] ? __pfx_has_bh_in_lru+0x10/0x10
[ 84.388360][ T6545] blkdev_flush_mapping+0xfb/0x290
[ 84.388372][ T6545] ? filemap_check_errors+0xa9/0x160
[ 84.388386][ T6545] blkdev_put_whole+0xc4/0xf0
[ 84.388397][ T6545] bdev_release+0x47e/0x6d0
[ 84.388410][ T6545] ? __pfx_blkdev_release+0x10/0x10
[ 84.388423][ T6545] blkdev_release+0x15/0x20
[ 84.388436][ T6545] __fput+0x3ff/0xb70
[ 84.388450][ T6545] task_work_run+0x14d/0x240
[ 84.388461][ T6545] ? __pfx_task_work_run+0x10/0x10
[ 84.388472][ T6545] ? do_raw_spin_unlock+0x172/0x230
[ 84.388483][ T6545] do_exit+0x86f/0x2bf0
[ 84.388500][ T6545] ? __pfx_do_exit+0x10/0x10
[ 84.388514][ T6545] ? do_raw_spin_lock+0x12c/0x2b0
[ 84.388525][ T6545] ? get_signal+0x8f5/0x26d0
[ 84.388537][ T6545] ? rcu_is_watching+0x12/0xc0
[ 84.388549][ T6545] do_group_exit+0xd3/0x2a0
[ 84.388565][ T6545] get_signal+0x2673/0x26d0
[ 84.388578][ T6545] ? percpu_counter_add_batch+0xb8/0x1f0
[ 84.388594][ T6545] ? __pfx_get_signal+0x10/0x10
[ 84.388607][ T6545] ? do_futex+0x122/0x350
[ 84.388622][ T6545] ? __pfx_do_futex+0x10/0x10
[ 84.388637][ T6545] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.388651][ T6545] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 84.388666][ T6545] ? xfd_validate_state+0x61/0x180
[ 84.388684][ T6545] exit_to_user_mode_loop+0x84/0x110
[ 84.388694][ T6545] do_syscall_64+0x3f6/0x4c0
[ 84.388709][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.388720][ T6545] RIP: 0033:0x7fac75f8e969
[ 84.388727][ T6545] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 84.388732][ T6545] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 84.388742][ T6545] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 84.388749][ T6545] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 84.388755][ T6545] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 84.388761][ T6545] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 84.388767][ T6545] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 84.388775][ T6545]
[ 84.388790][ T6545] BUG: Bad page state in process syz.0.17 pfn:55200
[ 84.528825][ T6545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55200
[ 84.531609][ T6545] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 84.534378][ T6545] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 84.538317][ T6545] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 84.541668][ T6545] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.545045][ T6545] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 84.548527][ T6545] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.551947][ T6545] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.555374][ T6545] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 84.558838][ T6545] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 84.561745][ T6545] page_owner tracks the page as allocated
[ 84.563982][ T6545] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6544, tgid 6544 (syz.0.17), ts 84240867579, free_ts 84184420953
[ 84.571826][ T6545] post_alloc_hook+0x1c0/0x230
[ 84.573699][ T6545] get_page_from_freelist+0x132b/0x38e0
[ 84.575852][ T6545] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 84.578268][ T6545] alloc_pages_mpol+0x1fb/0x550
[ 84.580189][ T6545] folio_alloc_noprof+0x20/0x2d0
[ 84.582150][ T6545] filemap_alloc_folio_noprof+0x3a1/0x470
[ 84.584374][ T6545] page_cache_ra_order+0x4e1/0xd70
[ 84.586476][ T6545] filemap_fault+0x1b4b/0x2930
[ 84.588330][ T6545] __do_fault+0x10a/0x490
[ 84.590047][ T6545] do_pte_missing+0x1a6/0x3ba0
[ 84.591929][ T6545] __handle_mm_fault+0x152a/0x2a50
[ 84.593942][ T6545] handle_mm_fault+0x589/0xd10
[ 84.595816][ T6545] do_user_addr_fault+0x60c/0x1370
[ 84.597915][ T6545] exc_page_fault+0x5c/0xb0
[ 84.599683][ T6545] asm_exc_page_fault+0x26/0x30
[ 84.601610][ T6545] page last free pid 6543 tgid 6542 stack trace:
[ 84.604063][ T6545] free_unref_folios+0xa61/0x16b0
[ 84.606070][ T6545] folios_put_refs+0x56f/0x740
[ 84.608355][ T6545] truncate_inode_pages_range+0x311/0xe50
[ 84.610221][ T6545] blkdev_flush_mapping+0xfb/0x290
[ 84.611851][ T6545] blkdev_put_whole+0xc4/0xf0
[ 84.613367][ T6545] bdev_release+0x47e/0x6d0
[ 84.614815][ T6545] blkdev_release+0x15/0x20
[ 84.616280][ T6545] __fput+0x3ff/0xb70
[ 84.617796][ T6545] task_work_run+0x14d/0x240
[ 84.619275][ T6545] do_exit+0x86f/0x2bf0
[ 84.620609][ T6545] do_group_exit+0xd3/0x2a0
[ 84.622112][ T6545] get_signal+0x2673/0x26d0
[ 84.623644][ T6545] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.625439][ T6545] exit_to_user_mode_loop+0x84/0x110
[ 84.627381][ T6545] do_syscall_64+0x3f6/0x4c0
[ 84.628930][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.630872][ T6545] Modules linked in:
[ 84.632169][ T6545] CPU: 2 UID: 0 PID: 6545 Comm: syz.0.17 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 84.632186][ T6545] Tainted: [B]=BAD_PAGE
[ 84.632189][ T6545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.632196][ T6545] Call Trace:
[ 84.632200][ T6545]
[ 84.632204][ T6545] dump_stack_lvl+0x16c/0x1f0
[ 84.632221][ T6545] bad_page+0xcf/0x220
[ 84.632233][ T6545] ? __pfx_bad_page+0x10/0x10
[ 84.632244][ T6545] ? page_bad_reason+0x9d/0x1f0
[ 84.632260][ T6545] __free_frozen_pages+0x7f7/0x10f0
[ 84.632276][ T6545] __folio_put+0x329/0x450
[ 84.632287][ T6545] ? __pfx___folio_put+0x10/0x10
[ 84.632297][ T6545] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 84.632309][ T6545] ? rcu_is_watching+0x12/0xc0
[ 84.632321][ T6545] ? lock_release+0x201/0x2f0
[ 84.632338][ T6545] filemap_free_folio+0x132/0x170
[ 84.632348][ T6545] delete_from_page_cache_batch+0x741/0x9b0
[ 84.632360][ T6545] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 84.632371][ T6545] ? __pfx_workingset_update_node+0x10/0x10
[ 84.632381][ T6545] ? xas_move_index+0xb0/0x110
[ 84.632397][ T6545] truncate_inode_pages_range+0x279/0xe50
[ 84.632421][ T6545] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.632441][ T6545] ? trace_csd_queue_cpu+0x181/0x1f0
[ 84.632454][ T6545] ? has_bh_in_lru+0x9d/0x100
[ 84.632464][ T6545] ? smp_call_function_many_cond+0x457/0x1600
[ 84.632482][ T6545] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.632494][ T6545] ? __pfx_has_bh_in_lru+0x10/0x10
[ 84.632505][ T6545] blkdev_flush_mapping+0xfb/0x290
[ 84.632518][ T6545] ? filemap_check_errors+0xa9/0x160
[ 84.632532][ T6545] blkdev_put_whole+0xc4/0xf0
[ 84.632543][ T6545] bdev_release+0x47e/0x6d0
[ 84.632556][ T6545] ? __pfx_blkdev_release+0x10/0x10
[ 84.632569][ T6545] blkdev_release+0x15/0x20
[ 84.632582][ T6545] __fput+0x3ff/0xb70
[ 84.632596][ T6545] task_work_run+0x14d/0x240
[ 84.632609][ T6545] ? __pfx_task_work_run+0x10/0x10
[ 84.632619][ T6545] ? do_raw_spin_unlock+0x172/0x230
[ 84.632631][ T6545] do_exit+0x86f/0x2bf0
[ 84.632647][ T6545] ? __pfx_do_exit+0x10/0x10
[ 84.632662][ T6545] ? do_raw_spin_lock+0x12c/0x2b0
[ 84.632672][ T6545] ? get_signal+0x8f5/0x26d0
[ 84.632684][ T6545] ? rcu_is_watching+0x12/0xc0
[ 84.632697][ T6545] do_group_exit+0xd3/0x2a0
[ 84.632712][ T6545] get_signal+0x2673/0x26d0
[ 84.632725][ T6545] ? percpu_counter_add_batch+0xb8/0x1f0
[ 84.632742][ T6545] ? __pfx_get_signal+0x10/0x10
[ 84.632754][ T6545] ? do_futex+0x122/0x350
[ 84.632769][ T6545] ? __pfx_do_futex+0x10/0x10
[ 84.632785][ T6545] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.632817][ T6545] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 84.632833][ T6545] ? xfd_validate_state+0x61/0x180
[ 84.632851][ T6545] exit_to_user_mode_loop+0x84/0x110
[ 84.632861][ T6545] do_syscall_64+0x3f6/0x4c0
[ 84.632877][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.632888][ T6545] RIP: 0033:0x7fac75f8e969
[ 84.632895][ T6545] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 84.632900][ T6545] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 84.632909][ T6545] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 84.632916][ T6545] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 84.632922][ T6545] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 84.632928][ T6545] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 84.632934][ T6545] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 84.632943][ T6545]
[ 84.764695][ T6547] BUG: Bad page state in process syz.0.18 pfn:55401
[ 84.767412][ T6547] page does not match folio
[ 84.769218][ T6547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55401
[ 84.773154][ T6547] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 84.776070][ T6547] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 84.779358][ T6547] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 84.782813][ T6547] page dumped because: nonzero pincount
[ 84.784563][ T6547] page_owner tracks the page as allocated
[ 84.786421][ T6547] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6547, tgid 6547 (syz.0.18), ts 84748054982, free_ts 84633013682
[ 84.792585][ T6547] post_alloc_hook+0x1c0/0x230
[ 84.794144][ T6547] get_page_from_freelist+0x132b/0x38e0
[ 84.795887][ T6547] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 84.797781][ T6547] alloc_pages_mpol+0x1fb/0x550
[ 84.799288][ T6547] folio_alloc_noprof+0x20/0x2d0
[ 84.800859][ T6547] filemap_alloc_folio_noprof+0x3a1/0x470
[ 84.802647][ T6547] page_cache_ra_order+0x4e1/0xd70
[ 84.804264][ T6547] filemap_fault+0x1b4b/0x2930
[ 84.805779][ T6547] __do_fault+0x10a/0x490
[ 84.807204][ T6547] do_pte_missing+0x1a6/0x3ba0
[ 84.808711][ T6547] __handle_mm_fault+0x152a/0x2a50
[ 84.810335][ T6547] handle_mm_fault+0x589/0xd10
[ 84.811876][ T6547] do_user_addr_fault+0x60c/0x1370
[ 84.813496][ T6547] exc_page_fault+0x5c/0xb0
[ 84.814927][ T6547] asm_exc_page_fault+0x26/0x30
[ 84.816610][ T6547] page last free pid 6545 tgid 6544 stack trace:
[ 84.818674][ T6547] free_unref_folios+0xa61/0x16b0
[ 84.820263][ T6547] folios_put_refs+0x56f/0x740
[ 84.821780][ T6547] truncate_inode_pages_range+0x311/0xe50
[ 84.823562][ T6547] blkdev_flush_mapping+0xfb/0x290
[ 84.825182][ T6547] blkdev_put_whole+0xc4/0xf0
[ 84.826730][ T6547] bdev_release+0x47e/0x6d0
[ 84.828166][ T6547] blkdev_release+0x15/0x20
[ 84.829607][ T6547] __fput+0x3ff/0xb70
[ 84.830896][ T6547] task_work_run+0x14d/0x240
[ 84.832359][ T6547] do_exit+0x86f/0x2bf0
[ 84.833686][ T6547] do_group_exit+0xd3/0x2a0
[ 84.835128][ T6547] get_signal+0x2673/0x26d0
[ 84.836622][ T6547] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.838380][ T6547] exit_to_user_mode_loop+0x84/0x110
[ 84.840007][ T6547] do_syscall_64+0x3f6/0x4c0
[ 84.841520][ T6547] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.843361][ T6547] Modules linked in:
[ 84.844582][ T6547] CPU: 3 UID: 0 PID: 6547 Comm: syz.0.18 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 84.844599][ T6547] Tainted: [B]=BAD_PAGE
[ 84.844603][ T6547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.844611][ T6547] Call Trace:
[ 84.844616][ T6547]
[ 84.844620][ T6547] dump_stack_lvl+0x16c/0x1f0
[ 84.844636][ T6547] bad_page+0xcf/0x220
[ 84.844647][ T6547] ? __pfx_bad_page+0x10/0x10
[ 84.844659][ T6547] free_tail_page_prepare+0x44f/0x5b0
[ 84.844673][ T6547] __free_frozen_pages+0xbae/0x10f0
[ 84.844689][ T6547] __folio_put+0x329/0x450
[ 84.844700][ T6547] ? __pfx___folio_put+0x10/0x10
[ 84.844711][ T6547] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 84.844723][ T6547] ? rcu_is_watching+0x12/0xc0
[ 84.844735][ T6547] ? lock_release+0x201/0x2f0
[ 84.844751][ T6547] filemap_free_folio+0x132/0x170
[ 84.844761][ T6547] delete_from_page_cache_batch+0x741/0x9b0
[ 84.844773][ T6547] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 84.844785][ T6547] ? __pfx_workingset_update_node+0x10/0x10
[ 84.844796][ T6547] ? xas_move_index+0xb0/0x110
[ 84.844826][ T6547] truncate_inode_pages_range+0x279/0xe50
[ 84.844841][ T6547] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.844858][ T6547] ? rcu_is_watching+0x12/0xc0
[ 84.844870][ T6547] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 84.844882][ T6547] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.844894][ T6547] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.844906][ T6547] ? smp_call_function_many_cond+0x457/0x1600
[ 84.844925][ T6547] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.844937][ T6547] ? __pfx_has_bh_in_lru+0x10/0x10
[ 84.844947][ T6547] blkdev_flush_mapping+0xfb/0x290
[ 84.844960][ T6547] blkdev_put_whole+0xc4/0xf0
[ 84.844971][ T6547] bdev_release+0x47e/0x6d0
[ 84.844984][ T6547] ? __pfx_blkdev_release+0x10/0x10
[ 84.844998][ T6547] blkdev_release+0x15/0x20
[ 84.845010][ T6547] __fput+0x3ff/0xb70
[ 84.845025][ T6547] task_work_run+0x14d/0x240
[ 84.845040][ T6547] ? __pfx_task_work_run+0x10/0x10
[ 84.845051][ T6547] ? do_raw_spin_unlock+0x172/0x230
[ 84.845062][ T6547] do_exit+0x86f/0x2bf0
[ 84.845078][ T6547] ? __pfx_do_exit+0x10/0x10
[ 84.845093][ T6547] ? preempt_schedule_thunk+0x16/0x30
[ 84.845109][ T6547] do_group_exit+0xd3/0x2a0
[ 84.845125][ T6547] __x64_sys_exit_group+0x3e/0x50
[ 84.845140][ T6547] x64_sys_call+0x14fa/0x1720
[ 84.845152][ T6547] do_syscall_64+0xcd/0x4c0
[ 84.845167][ T6547] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.845177][ T6547] RIP: 0033:0x7fac75f8e969
[ 84.845185][ T6547] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 84.845190][ T6547] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 84.845200][ T6547] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 84.845206][ T6547] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 84.845212][ T6547] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 84.845219][ T6547] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 84.845225][ T6547] R13: 00000000000927c0 R14: 00000000000148e5 R15: 00007ffcdde9e150
[ 84.845233][ T6547]
[ 84.845248][ T6547] BUG: Bad page state in process syz.0.18 pfn:55400
[ 84.944532][ T6547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55400
[ 84.948870][ T6547] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 84.952014][ T6547] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 84.955639][ T6547] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 84.958958][ T6547] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.962144][ T6547] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 84.965380][ T6547] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.968676][ T6547] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.971978][ T6547] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 84.975176][ T6547] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 84.977955][ T6547] page_owner tracks the page as allocated
[ 84.980070][ T6547] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6547, tgid 6547 (syz.0.18), ts 84748054982, free_ts 84633013682
[ 84.987536][ T6547] post_alloc_hook+0x1c0/0x230
[ 84.989356][ T6547] get_page_from_freelist+0x132b/0x38e0
[ 84.991434][ T6547] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 84.993641][ T6547] alloc_pages_mpol+0x1fb/0x550
[ 84.995465][ T6547] folio_alloc_noprof+0x20/0x2d0
[ 84.998002][ T6547] filemap_alloc_folio_noprof+0x3a1/0x470
[ 85.000136][ T6547] page_cache_ra_order+0x4e1/0xd70
[ 85.002068][ T6547] filemap_fault+0x1b4b/0x2930
[ 85.003862][ T6547] __do_fault+0x10a/0x490
[ 85.005495][ T6547] do_pte_missing+0x1a6/0x3ba0
[ 85.007360][ T6547] __handle_mm_fault+0x152a/0x2a50
[ 85.009286][ T6547] handle_mm_fault+0x589/0xd10
[ 85.011093][ T6547] do_user_addr_fault+0x60c/0x1370
[ 85.013012][ T6547] exc_page_fault+0x5c/0xb0
[ 85.014725][ T6547] asm_exc_page_fault+0x26/0x30
[ 85.016608][ T6547] page last free pid 6545 tgid 6544 stack trace:
[ 85.018959][ T6547] free_unref_folios+0xa61/0x16b0
[ 85.020862][ T6547] folios_put_refs+0x56f/0x740
[ 85.022661][ T6547] truncate_inode_pages_range+0x311/0xe50
[ 85.024786][ T6547] blkdev_flush_mapping+0xfb/0x290
[ 85.026778][ T6547] blkdev_put_whole+0xc4/0xf0
[ 85.028553][ T6547] bdev_release+0x47e/0x6d0
[ 85.030282][ T6547] blkdev_release+0x15/0x20
[ 85.031987][ T6547] __fput+0x3ff/0xb70
[ 85.033508][ T6547] task_work_run+0x14d/0x240
[ 85.035243][ T6547] do_exit+0x86f/0x2bf0
[ 85.036879][ T6547] do_group_exit+0xd3/0x2a0
[ 85.038594][ T6547] get_signal+0x2673/0x26d0
[ 85.040308][ T6547] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.042379][ T6547] exit_to_user_mode_loop+0x84/0x110
[ 85.044350][ T6547] do_syscall_64+0x3f6/0x4c0
[ 85.046101][ T6547] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.048385][ T6547] Modules linked in:
[ 85.050090][ T6547] CPU: 1 UID: 0 PID: 6547 Comm: syz.0.18 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 85.050113][ T6547] Tainted: [B]=BAD_PAGE
[ 85.050118][ T6547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.050127][ T6547] Call Trace:
[ 85.050131][ T6547]
[ 85.050137][ T6547] dump_stack_lvl+0x16c/0x1f0
[ 85.050157][ T6547] bad_page+0xcf/0x220
[ 85.050172][ T6547] ? __pfx_bad_page+0x10/0x10
[ 85.050187][ T6547] ? page_bad_reason+0x9d/0x1f0
[ 85.050203][ T6547] __free_frozen_pages+0x7f7/0x10f0
[ 85.050225][ T6547] __folio_put+0x329/0x450
[ 85.050238][ T6547] ? __pfx___folio_put+0x10/0x10
[ 85.050253][ T6547] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 85.050268][ T6547] ? rcu_is_watching+0x12/0xc0
[ 85.050286][ T6547] ? lock_release+0x201/0x2f0
[ 85.050307][ T6547] filemap_free_folio+0x132/0x170
[ 85.050320][ T6547] delete_from_page_cache_batch+0x741/0x9b0
[ 85.050337][ T6547] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 85.050353][ T6547] ? __pfx_workingset_update_node+0x10/0x10
[ 85.050367][ T6547] ? xas_move_index+0xb0/0x110
[ 85.050388][ T6547] truncate_inode_pages_range+0x279/0xe50
[ 85.050407][ T6547] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 85.050432][ T6547] ? rcu_is_watching+0x12/0xc0
[ 85.050448][ T6547] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 85.050464][ T6547] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.050480][ T6547] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.050496][ T6547] ? smp_call_function_many_cond+0x457/0x1600
[ 85.050522][ T6547] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.050538][ T6547] ? __pfx_has_bh_in_lru+0x10/0x10
[ 85.050554][ T6547] blkdev_flush_mapping+0xfb/0x290
[ 85.050570][ T6547] blkdev_put_whole+0xc4/0xf0
[ 85.050585][ T6547] bdev_release+0x47e/0x6d0
[ 85.050603][ T6547] ? __pfx_blkdev_release+0x10/0x10
[ 85.050621][ T6547] blkdev_release+0x15/0x20
[ 85.050637][ T6547] __fput+0x3ff/0xb70
[ 85.050656][ T6547] task_work_run+0x14d/0x240
[ 85.050671][ T6547] ? __pfx_task_work_run+0x10/0x10
[ 85.050686][ T6547] ? do_raw_spin_unlock+0x172/0x230
[ 85.050702][ T6547] do_exit+0x86f/0x2bf0
[ 85.050723][ T6547] ? __pfx_do_exit+0x10/0x10
[ 85.050742][ T6547] ? preempt_schedule_thunk+0x16/0x30
[ 85.050764][ T6547] do_group_exit+0xd3/0x2a0
[ 85.050784][ T6547] __x64_sys_exit_group+0x3e/0x50
[ 85.050805][ T6547] x64_sys_call+0x14fa/0x1720
[ 85.050821][ T6547] do_syscall_64+0xcd/0x4c0
[ 85.050840][ T6547] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.050854][ T6547] RIP: 0033:0x7fac75f8e969
[ 85.050864][ T6547] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 85.050871][ T6547] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 85.050885][ T6547] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 85.050894][ T6547] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 85.050902][ T6547] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 85.050911][ T6547] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002
[ 85.050920][ T6547] R13: 00000000000927c0 R14: 00000000000148e5 R15: 00007ffcdde9e150
[ 85.050933][ T6547]
[ 85.085497][ T6550] BUG: Bad page state in process syz.0.19 pfn:55601
[ 85.162049][ T6550] page does not match folio
[ 85.163512][ T6550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55601
[ 85.167288][ T6550] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 85.169610][ T6550] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 85.172305][ T6550] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 85.174945][ T6550] page dumped because: nonzero pincount
[ 85.176720][ T6550] page_owner tracks the page as allocated
[ 85.178486][ T6550] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6549, tgid 6549 (syz.0.19), ts 85056669883, free_ts 85050988172
[ 85.184558][ T6550] post_alloc_hook+0x1c0/0x230
[ 85.186080][ T6550] get_page_from_freelist+0x132b/0x38e0
[ 85.187873][ T6550] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 85.189737][ T6550] alloc_pages_mpol+0x1fb/0x550
[ 85.191285][ T6550] folio_alloc_noprof+0x20/0x2d0
[ 85.192862][ T6550] filemap_alloc_folio_noprof+0x3a1/0x470
[ 85.194651][ T6550] page_cache_ra_order+0x4e1/0xd70
[ 85.196270][ T6550] filemap_fault+0x1b4b/0x2930
[ 85.197854][ T6550] __do_fault+0x10a/0x490
[ 85.199223][ T6550] do_pte_missing+0x1a6/0x3ba0
[ 85.200736][ T6550] __handle_mm_fault+0x152a/0x2a50
[ 85.202350][ T6550] handle_mm_fault+0x589/0xd10
[ 85.203856][ T6550] do_user_addr_fault+0x60c/0x1370
[ 85.205469][ T6550] exc_page_fault+0x5c/0xb0
[ 85.206965][ T6550] asm_exc_page_fault+0x26/0x30
[ 85.208512][ T6550] page last free pid 6547 tgid 6547 stack trace:
[ 85.210510][ T6550] free_unref_folios+0xa61/0x16b0
[ 85.212114][ T6550] folios_put_refs+0x56f/0x740
[ 85.213627][ T6550] truncate_inode_pages_range+0x311/0xe50
[ 85.215411][ T6550] blkdev_flush_mapping+0xfb/0x290
[ 85.217088][ T6550] blkdev_put_whole+0xc4/0xf0
[ 85.218605][ T6550] bdev_release+0x47e/0x6d0
[ 85.220041][ T6550] blkdev_release+0x15/0x20
[ 85.221500][ T6550] __fput+0x3ff/0xb70
[ 85.222768][ T6550] task_work_run+0x14d/0x240
[ 85.224229][ T6550] do_exit+0x86f/0x2bf0
[ 85.225551][ T6550] do_group_exit+0xd3/0x2a0
[ 85.227044][ T6550] __x64_sys_exit_group+0x3e/0x50
[ 85.228652][ T6550] x64_sys_call+0x14fa/0x1720
[ 85.230162][ T6550] do_syscall_64+0xcd/0x4c0
[ 85.231613][ T6550] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.233468][ T6550] Modules linked in:
[ 85.234706][ T6550] CPU: 3 UID: 0 PID: 6550 Comm: syz.0.19 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 85.234722][ T6550] Tainted: [B]=BAD_PAGE
[ 85.234726][ T6550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.234732][ T6550] Call Trace:
[ 85.234736][ T6550]
[ 85.234740][ T6550] dump_stack_lvl+0x16c/0x1f0
[ 85.234755][ T6550] bad_page+0xcf/0x220
[ 85.234767][ T6550] ? __pfx_bad_page+0x10/0x10
[ 85.234778][ T6550] free_tail_page_prepare+0x44f/0x5b0
[ 85.234792][ T6550] __free_frozen_pages+0xbae/0x10f0
[ 85.234809][ T6550] __folio_put+0x329/0x450
[ 85.234819][ T6550] ? __pfx___folio_put+0x10/0x10
[ 85.234830][ T6550] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 85.234841][ T6550] ? rcu_is_watching+0x12/0xc0
[ 85.234853][ T6550] ? lock_release+0x201/0x2f0
[ 85.234869][ T6550] filemap_free_folio+0x132/0x170
[ 85.234879][ T6550] delete_from_page_cache_batch+0x741/0x9b0
[ 85.234891][ T6550] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 85.234903][ T6550] ? __pfx_workingset_update_node+0x10/0x10
[ 85.234914][ T6550] ? xas_move_index+0xb0/0x110
[ 85.234929][ T6550] truncate_inode_pages_range+0x279/0xe50
[ 85.234944][ T6550] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 85.234961][ T6550] ? rcu_is_watching+0x12/0xc0
[ 85.234973][ T6550] ? has_bh_in_lru+0x9d/0x100
[ 85.234984][ T6550] ? smp_call_function_many_cond+0x457/0x1600
[ 85.235002][ T6550] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.235014][ T6550] ? __pfx_has_bh_in_lru+0x10/0x10
[ 85.235028][ T6550] blkdev_flush_mapping+0xfb/0x290
[ 85.235041][ T6550] ? filemap_check_errors+0xa9/0x160
[ 85.235055][ T6550] blkdev_put_whole+0xc4/0xf0
[ 85.235066][ T6550] bdev_release+0x47e/0x6d0
[ 85.235079][ T6550] ? __pfx_blkdev_release+0x10/0x10
[ 85.235092][ T6550] blkdev_release+0x15/0x20
[ 85.235105][ T6550] __fput+0x3ff/0xb70
[ 85.235119][ T6550] task_work_run+0x14d/0x240
[ 85.235130][ T6550] ? __pfx_task_work_run+0x10/0x10
[ 85.235140][ T6550] ? do_raw_spin_unlock+0x172/0x230
[ 85.235152][ T6550] do_exit+0x86f/0x2bf0
[ 85.235167][ T6550] ? __pfx_do_exit+0x10/0x10
[ 85.235182][ T6550] ? do_raw_spin_lock+0x12c/0x2b0
[ 85.235192][ T6550] ? get_signal+0x8f5/0x26d0
[ 85.235205][ T6550] ? rcu_is_watching+0x12/0xc0
[ 85.235217][ T6550] do_group_exit+0xd3/0x2a0
[ 85.235233][ T6550] get_signal+0x2673/0x26d0
[ 85.235247][ T6550] ? __pfx_get_signal+0x10/0x10
[ 85.235259][ T6550] ? do_futex+0x122/0x350
[ 85.235274][ T6550] ? __pfx_do_futex+0x10/0x10
[ 85.235290][ T6550] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.235304][ T6550] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 85.235319][ T6550] ? __pfx_do_preadv+0x10/0x10
[ 85.235336][ T6550] exit_to_user_mode_loop+0x84/0x110
[ 85.235346][ T6550] do_syscall_64+0x3f6/0x4c0
[ 85.235361][ T6550] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.235372][ T6550] RIP: 0033:0x7fac75f8e969
[ 85.235381][ T6550] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 85.235385][ T6550] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 85.235395][ T6550] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 85.235402][ T6550] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 85.235408][ T6550] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 85.235414][ T6550] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 85.235420][ T6550] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 85.235429][ T6550]
[ 85.235443][ T6550] BUG: Bad page state in process syz.0.19 pfn:55600
[ 85.343529][ T6550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55600
[ 85.346169][ T6550] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 85.348790][ T6550] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 85.351764][ T6550] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 85.354386][ T6550] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.357034][ T6550] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 85.359696][ T6550] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.362336][ T6550] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.364961][ T6550] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 85.367701][ T6550] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 85.369969][ T6550] page_owner tracks the page as allocated
[ 85.371729][ T6550] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6549, tgid 6549 (syz.0.19), ts 85056669883, free_ts 85050988172
[ 85.377803][ T6550] post_alloc_hook+0x1c0/0x230
[ 85.379271][ T6550] get_page_from_freelist+0x132b/0x38e0
[ 85.380976][ T6550] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 85.382786][ T6550] alloc_pages_mpol+0x1fb/0x550
[ 85.384300][ T6550] folio_alloc_noprof+0x20/0x2d0
[ 85.385810][ T6550] filemap_alloc_folio_noprof+0x3a1/0x470
[ 85.387589][ T6550] page_cache_ra_order+0x4e1/0xd70
[ 85.389189][ T6550] filemap_fault+0x1b4b/0x2930
[ 85.390683][ T6550] __do_fault+0x10a/0x490
[ 85.392009][ T6550] do_pte_missing+0x1a6/0x3ba0
[ 85.393528][ T6550] __handle_mm_fault+0x152a/0x2a50
[ 85.395115][ T6550] handle_mm_fault+0x589/0xd10
[ 85.396671][ T6550] do_user_addr_fault+0x60c/0x1370
[ 85.398264][ T6550] exc_page_fault+0x5c/0xb0
[ 85.399676][ T6550] asm_exc_page_fault+0x26/0x30
[ 85.401175][ T6550] page last free pid 6547 tgid 6547 stack trace:
[ 85.403116][ T6550] free_unref_folios+0xa61/0x16b0
[ 85.404668][ T6550] folios_put_refs+0x56f/0x740
[ 85.406176][ T6550] truncate_inode_pages_range+0x311/0xe50
[ 85.408295][ T6550] blkdev_flush_mapping+0xfb/0x290
[ 85.409914][ T6550] blkdev_put_whole+0xc4/0xf0
[ 85.411373][ T6550] bdev_release+0x47e/0x6d0
[ 85.412782][ T6550] blkdev_release+0x15/0x20
[ 85.414217][ T6550] __fput+0x3ff/0xb70
[ 85.415471][ T6550] task_work_run+0x14d/0x240
[ 85.417032][ T6550] do_exit+0x86f/0x2bf0
[ 85.418327][ T6550] do_group_exit+0xd3/0x2a0
[ 85.419738][ T6550] __x64_sys_exit_group+0x3e/0x50
[ 85.421304][ T6550] x64_sys_call+0x14fa/0x1720
[ 85.422753][ T6550] do_syscall_64+0xcd/0x4c0
[ 85.424167][ T6550] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.426020][ T6550] Modules linked in:
[ 85.427339][ T6550] CPU: 3 UID: 0 PID: 6550 Comm: syz.0.19 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 85.427356][ T6550] Tainted: [B]=BAD_PAGE
[ 85.427359][ T6550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.427366][ T6550] Call Trace:
[ 85.427369][ T6550]
[ 85.427372][ T6550] dump_stack_lvl+0x16c/0x1f0
[ 85.427388][ T6550] bad_page+0xcf/0x220
[ 85.427400][ T6550] ? __pfx_bad_page+0x10/0x10
[ 85.427411][ T6550] ? page_bad_reason+0x9d/0x1f0
[ 85.427422][ T6550] __free_frozen_pages+0x7f7/0x10f0
[ 85.427438][ T6550] __folio_put+0x329/0x450
[ 85.427449][ T6550] ? __pfx___folio_put+0x10/0x10
[ 85.427459][ T6550] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 85.427471][ T6550] ? rcu_is_watching+0x12/0xc0
[ 85.427483][ T6550] ? lock_release+0x201/0x2f0
[ 85.427499][ T6550] filemap_free_folio+0x132/0x170
[ 85.427509][ T6550] delete_from_page_cache_batch+0x741/0x9b0
[ 85.427521][ T6550] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 85.427533][ T6550] ? __pfx_workingset_update_node+0x10/0x10
[ 85.427543][ T6550] ? xas_move_index+0xb0/0x110
[ 85.427559][ T6550] truncate_inode_pages_range+0x279/0xe50
[ 85.427573][ T6550] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 85.427590][ T6550] ? rcu_is_watching+0x12/0xc0
[ 85.427602][ T6550] ? has_bh_in_lru+0x9d/0x100
[ 85.427613][ T6550] ? smp_call_function_many_cond+0x457/0x1600
[ 85.427632][ T6550] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.427644][ T6550] ? __pfx_has_bh_in_lru+0x10/0x10
[ 85.427654][ T6550] blkdev_flush_mapping+0xfb/0x290
[ 85.427666][ T6550] ? filemap_check_errors+0xa9/0x160
[ 85.427680][ T6550] blkdev_put_whole+0xc4/0xf0
[ 85.427691][ T6550] bdev_release+0x47e/0x6d0
[ 85.427704][ T6550] ? __pfx_blkdev_release+0x10/0x10
[ 85.427717][ T6550] blkdev_release+0x15/0x20
[ 85.427729][ T6550] __fput+0x3ff/0xb70
[ 85.427743][ T6550] task_work_run+0x14d/0x240
[ 85.427754][ T6550] ? __pfx_task_work_run+0x10/0x10
[ 85.427765][ T6550] ? do_raw_spin_unlock+0x172/0x230
[ 85.427777][ T6550] do_exit+0x86f/0x2bf0
2025/08/01 09:03:41 executed programs: 6
[ 85.427792][ T6550] ? __pfx_do_exit+0x10/0x10
[ 85.427807][ T6550] ? do_raw_spin_lock+0x12c/0x2b0
[ 85.427817][ T6550] ? get_signal+0x8f5/0x26d0
[ 85.427829][ T6550] ? rcu_is_watching+0x12/0xc0
[ 85.427842][ T6550] do_group_exit+0xd3/0x2a0
[ 85.427857][ T6550] get_signal+0x2673/0x26d0
[ 85.427872][ T6550] ? __pfx_get_signal+0x10/0x10
[ 85.427884][ T6550] ? do_futex+0x122/0x350
[ 85.427899][ T6550] ? __pfx_do_futex+0x10/0x10
[ 85.427915][ T6550] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.427929][ T6550] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 85.427944][ T6550] ? __pfx_do_preadv+0x10/0x10
[ 85.427960][ T6550] exit_to_user_mode_loop+0x84/0x110
[ 85.427970][ T6550] do_syscall_64+0x3f6/0x4c0
[ 85.427985][ T6550] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.427995][ T6550] RIP: 0033:0x7fac75f8e969
[ 85.428003][ T6550] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 85.428007][ T6550] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 85.428017][ T6550] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 85.428029][ T6550] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 85.428035][ T6550] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 85.428041][ T6550] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 85.428047][ T6550] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 85.428056][ T6550]
[ 85.554003][ T6553] BUG: Bad page state in process syz.0.20 pfn:55801
[ 85.556545][ T6553] page does not match folio
[ 85.558069][ T6553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55801
[ 85.561866][ T6553] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 85.564194][ T6553] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 85.567925][ T6553] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 85.572012][ T6553] page dumped because: nonzero pincount
[ 85.581852][ T6553] page_owner tracks the page as allocated
[ 85.583932][ T6553] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6551, tgid 6551 (syz.0.20), ts 85434332080, free_ts 85428081525
[ 85.596028][ T6553] post_alloc_hook+0x1c0/0x230
[ 85.597909][ T6553] get_page_from_freelist+0x132b/0x38e0
[ 85.600124][ T6553] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 85.602609][ T6553] alloc_pages_mpol+0x1fb/0x550
[ 85.604552][ T6553] folio_alloc_noprof+0x20/0x2d0
[ 85.606789][ T6553] filemap_alloc_folio_noprof+0x3a1/0x470
[ 85.609079][ T6553] page_cache_ra_order+0x4e1/0xd70
[ 85.610851][ T6553] filemap_fault+0x1b4b/0x2930
[ 85.612482][ T6553] __do_fault+0x10a/0x490
[ 85.613931][ T6553] do_pte_missing+0x1a6/0x3ba0
[ 85.615404][ T6553] __handle_mm_fault+0x152a/0x2a50
[ 85.617109][ T6553] handle_mm_fault+0x589/0xd10
[ 85.618583][ T6553] do_user_addr_fault+0x60c/0x1370
[ 85.620131][ T6553] exc_page_fault+0x5c/0xb0
[ 85.621541][ T6553] asm_exc_page_fault+0x26/0x30
[ 85.623449][ T6553] page last free pid 6550 tgid 6549 stack trace:
[ 85.626434][ T6553] free_unref_folios+0xa61/0x16b0
[ 85.628023][ T6553] folios_put_refs+0x56f/0x740
[ 85.629552][ T6553] truncate_inode_pages_range+0x311/0xe50
[ 85.631383][ T6553] blkdev_flush_mapping+0xfb/0x290
[ 85.632976][ T6553] blkdev_put_whole+0xc4/0xf0
[ 85.634431][ T6553] bdev_release+0x47e/0x6d0
[ 85.635856][ T6553] blkdev_release+0x15/0x20
[ 85.637347][ T6553] __fput+0x3ff/0xb70
[ 85.638596][ T6553] task_work_run+0x14d/0x240
[ 85.640071][ T6553] do_exit+0x86f/0x2bf0
[ 85.641397][ T6553] do_group_exit+0xd3/0x2a0
[ 85.642811][ T6553] get_signal+0x2673/0x26d0
[ 85.644228][ T6553] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.645954][ T6553] exit_to_user_mode_loop+0x84/0x110
[ 85.647814][ T6553] do_syscall_64+0x3f6/0x4c0
[ 85.649282][ T6553] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.651134][ T6553] Modules linked in:
[ 85.652359][ T6553] CPU: 2 UID: 0 PID: 6553 Comm: syz.0.20 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 85.652375][ T6553] Tainted: [B]=BAD_PAGE
[ 85.652379][ T6553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.652385][ T6553] Call Trace:
[ 85.652389][ T6553]
[ 85.652393][ T6553] dump_stack_lvl+0x16c/0x1f0
[ 85.652408][ T6553] bad_page+0xcf/0x220
[ 85.652419][ T6553] ? __pfx_bad_page+0x10/0x10
[ 85.652437][ T6553] free_tail_page_prepare+0x44f/0x5b0
[ 85.652451][ T6553] __free_frozen_pages+0xbae/0x10f0
[ 85.652468][ T6553] __folio_put+0x329/0x450
[ 85.652478][ T6553] ? __pfx___folio_put+0x10/0x10
[ 85.652488][ T6553] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 85.652500][ T6553] ? rcu_is_watching+0x12/0xc0
[ 85.652513][ T6553] ? lock_release+0x201/0x2f0
[ 85.652529][ T6553] filemap_free_folio+0x132/0x170
[ 85.652538][ T6553] delete_from_page_cache_batch+0x741/0x9b0
[ 85.652550][ T6553] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 85.652562][ T6553] ? __pfx_workingset_update_node+0x10/0x10
[ 85.652572][ T6553] ? xas_move_index+0xb0/0x110
[ 85.652588][ T6553] truncate_inode_pages_range+0x279/0xe50
[ 85.652602][ T6553] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 85.652619][ T6553] ? rcu_is_watching+0x12/0xc0
[ 85.652631][ T6553] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 85.652643][ T6553] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.652656][ T6553] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.652668][ T6553] ? smp_call_function_many_cond+0x457/0x1600
[ 85.652686][ T6553] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.652697][ T6553] ? __pfx_has_bh_in_lru+0x10/0x10
[ 85.652708][ T6553] blkdev_flush_mapping+0xfb/0x290
[ 85.652721][ T6553] ? filemap_check_errors+0xa9/0x160
[ 85.652735][ T6553] blkdev_put_whole+0xc4/0xf0
[ 85.652746][ T6553] bdev_release+0x47e/0x6d0
[ 85.652759][ T6553] ? __pfx_blkdev_release+0x10/0x10
[ 85.652772][ T6553] blkdev_release+0x15/0x20
[ 85.652784][ T6553] __fput+0x3ff/0xb70
[ 85.652814][ T6553] task_work_run+0x14d/0x240
[ 85.652826][ T6553] ? __pfx_task_work_run+0x10/0x10
[ 85.652836][ T6553] ? do_raw_spin_unlock+0x172/0x230
[ 85.652848][ T6553] do_exit+0x86f/0x2bf0
[ 85.652869][ T6553] ? __pfx_do_exit+0x10/0x10
[ 85.652884][ T6553] ? do_raw_spin_lock+0x12c/0x2b0
[ 85.652894][ T6553] ? get_signal+0x8f5/0x26d0
[ 85.652906][ T6553] ? rcu_is_watching+0x12/0xc0
[ 85.652919][ T6553] do_group_exit+0xd3/0x2a0
[ 85.652934][ T6553] get_signal+0x2673/0x26d0
[ 85.652948][ T6553] ? __pfx_get_signal+0x10/0x10
[ 85.652961][ T6553] ? do_futex+0x122/0x350
[ 85.652976][ T6553] ? __pfx_do_futex+0x10/0x10
[ 85.652991][ T6553] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.653005][ T6553] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 85.653022][ T6553] exit_to_user_mode_loop+0x84/0x110
[ 85.653033][ T6553] do_syscall_64+0x3f6/0x4c0
[ 85.653047][ T6553] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.653058][ T6553] RIP: 0033:0x7fac75f8e969
[ 85.653066][ T6553] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 85.653070][ T6553] RSP: 002b:00007fac76dd00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 85.653080][ T6553] RAX: fffffffffffffe00 RBX: 00007fac761b6088 RCX: 00007fac75f8e969
[ 85.653086][ T6553] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b6088
[ 85.653092][ T6553] RBP: 00007fac761b6080 R08: 0000000000000000 R09: 0000000000000000
[ 85.653098][ T6553] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b608c
[ 85.653104][ T6553] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 85.653113][ T6553]
[ 85.653128][ T6553] BUG: Bad page state in process syz.0.20 pfn:55800
[ 85.762692][ T6553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55800
[ 85.765369][ T6553] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 85.768204][ T6553] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 85.771183][ T6553] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 85.773795][ T6553] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.776876][ T6553] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 85.779492][ T6553] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.782079][ T6553] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.784682][ T6553] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 85.787386][ T6553] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 85.789529][ T6553] page_owner tracks the page as allocated
[ 85.791268][ T6553] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6551, tgid 6551 (syz.0.20), ts 85434332080, free_ts 85428081525
[ 85.797154][ T6553] post_alloc_hook+0x1c0/0x230
[ 85.798600][ T6553] get_page_from_freelist+0x132b/0x38e0
[ 85.800260][ T6553] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 85.802078][ T6553] alloc_pages_mpol+0x1fb/0x550
[ 85.803591][ T6553] folio_alloc_noprof+0x20/0x2d0
[ 85.805088][ T6553] filemap_alloc_folio_noprof+0x3a1/0x470
[ 85.806924][ T6553] page_cache_ra_order+0x4e1/0xd70
[ 85.808497][ T6553] filemap_fault+0x1b4b/0x2930
[ 85.809994][ T6553] __do_fault+0x10a/0x490
[ 85.811303][ T6553] do_pte_missing+0x1a6/0x3ba0
[ 85.812751][ T6553] __handle_mm_fault+0x152a/0x2a50
[ 85.814343][ T6553] handle_mm_fault+0x589/0xd10
[ 85.815840][ T6553] do_user_addr_fault+0x60c/0x1370
[ 85.817559][ T6553] exc_page_fault+0x5c/0xb0
[ 85.818973][ T6553] asm_exc_page_fault+0x26/0x30
[ 85.820469][ T6553] page last free pid 6550 tgid 6549 stack trace:
[ 85.822411][ T6553] free_unref_folios+0xa61/0x16b0
[ 85.823967][ T6553] folios_put_refs+0x56f/0x740
[ 85.825450][ T6553] truncate_inode_pages_range+0x311/0xe50
[ 85.827251][ T6553] blkdev_flush_mapping+0xfb/0x290
[ 85.828828][ T6553] blkdev_put_whole+0xc4/0xf0
[ 85.830286][ T6553] bdev_release+0x47e/0x6d0
[ 85.831702][ T6553] blkdev_release+0x15/0x20
[ 85.833117][ T6553] __fput+0x3ff/0xb70
[ 85.834347][ T6553] task_work_run+0x14d/0x240
[ 85.835765][ T6553] do_exit+0x86f/0x2bf0
[ 85.837130][ T6553] do_group_exit+0xd3/0x2a0
[ 85.838557][ T6553] get_signal+0x2673/0x26d0
[ 85.839975][ T6553] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.841682][ T6553] exit_to_user_mode_loop+0x84/0x110
[ 85.843283][ T6553] do_syscall_64+0x3f6/0x4c0
[ 85.844705][ T6553] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.846572][ T6553] Modules linked in:
[ 85.847794][ T6553] CPU: 2 UID: 0 PID: 6553 Comm: syz.0.20 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 85.847811][ T6553] Tainted: [B]=BAD_PAGE
[ 85.847814][ T6553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.847821][ T6553] Call Trace:
[ 85.847825][ T6553]
[ 85.847829][ T6553] dump_stack_lvl+0x16c/0x1f0
[ 85.847844][ T6553] bad_page+0xcf/0x220
[ 85.847856][ T6553] ? __pfx_bad_page+0x10/0x10
[ 85.847867][ T6553] ? page_bad_reason+0x9d/0x1f0
[ 85.847878][ T6553] __free_frozen_pages+0x7f7/0x10f0
[ 85.847895][ T6553] __folio_put+0x329/0x450
[ 85.847906][ T6553] ? __pfx___folio_put+0x10/0x10
[ 85.847916][ T6553] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 85.847927][ T6553] ? rcu_is_watching+0x12/0xc0
[ 85.847940][ T6553] ? lock_release+0x201/0x2f0
[ 85.847956][ T6553] filemap_free_folio+0x132/0x170
[ 85.847966][ T6553] delete_from_page_cache_batch+0x741/0x9b0
[ 85.847978][ T6553] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 85.847994][ T6553] ? __pfx_workingset_update_node+0x10/0x10
[ 85.848004][ T6553] ? xas_move_index+0xb0/0x110
[ 85.848019][ T6553] truncate_inode_pages_range+0x279/0xe50
[ 85.848034][ T6553] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 85.848051][ T6553] ? rcu_is_watching+0x12/0xc0
[ 85.848063][ T6553] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 85.848075][ T6553] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.848088][ T6553] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.848099][ T6553] ? smp_call_function_many_cond+0x457/0x1600
[ 85.848118][ T6553] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.848130][ T6553] ? __pfx_has_bh_in_lru+0x10/0x10
[ 85.848140][ T6553] blkdev_flush_mapping+0xfb/0x290
[ 85.848153][ T6553] ? filemap_check_errors+0xa9/0x160
[ 85.848167][ T6553] blkdev_put_whole+0xc4/0xf0
[ 85.848178][ T6553] bdev_release+0x47e/0x6d0
[ 85.848191][ T6553] ? __pfx_blkdev_release+0x10/0x10
[ 85.848204][ T6553] blkdev_release+0x15/0x20
[ 85.848217][ T6553] __fput+0x3ff/0xb70
[ 85.848231][ T6553] task_work_run+0x14d/0x240
[ 85.848242][ T6553] ? __pfx_task_work_run+0x10/0x10
[ 85.848253][ T6553] ? do_raw_spin_unlock+0x172/0x230
[ 85.848264][ T6553] do_exit+0x86f/0x2bf0
[ 85.848280][ T6553] ? __pfx_do_exit+0x10/0x10
[ 85.848295][ T6553] ? do_raw_spin_lock+0x12c/0x2b0
[ 85.848305][ T6553] ? get_signal+0x8f5/0x26d0
[ 85.848318][ T6553] ? rcu_is_watching+0x12/0xc0
[ 85.848330][ T6553] do_group_exit+0xd3/0x2a0
[ 85.848346][ T6553] get_signal+0x2673/0x26d0
[ 85.848360][ T6553] ? __pfx_get_signal+0x10/0x10
[ 85.848372][ T6553] ? do_futex+0x122/0x350
[ 85.848388][ T6553] ? __pfx_do_futex+0x10/0x10
[ 85.848403][ T6553] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.848417][ T6553] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 85.848434][ T6553] exit_to_user_mode_loop+0x84/0x110
[ 85.848444][ T6553] do_syscall_64+0x3f6/0x4c0
[ 85.848459][ T6553] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.848469][ T6553] RIP: 0033:0x7fac75f8e969
[ 85.848477][ T6553] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 85.848481][ T6553] RSP: 002b:00007fac76dd00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 85.848491][ T6553] RAX: fffffffffffffe00 RBX: 00007fac761b6088 RCX: 00007fac75f8e969
[ 85.848497][ T6553] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b6088
[ 85.848503][ T6553] RBP: 00007fac761b6080 R08: 0000000000000000 R09: 0000000000000000
[ 85.848509][ T6553] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b608c
[ 85.848515][ T6553] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 85.848524][ T6553]
[ 85.987086][ T6555] BUG: Bad page state in process syz.0.21 pfn:55a01
[ 85.989426][ T6555] page does not match folio
[ 85.991035][ T6555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55a01
[ 85.994491][ T6555] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 85.997366][ T6555] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 86.000010][ T6555] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.002533][ T6555] page dumped because: nonzero pincount
[ 86.004210][ T6555] page_owner tracks the page as allocated
[ 86.005894][ T6555] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6554, tgid 6554 (syz.0.21), ts 85854526174, free_ts 85848551415
[ 86.011902][ T6555] post_alloc_hook+0x1c0/0x230
[ 86.013353][ T6555] get_page_from_freelist+0x132b/0x38e0
[ 86.015020][ T6555] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.016911][ T6555] alloc_pages_mpol+0x1fb/0x550
[ 86.018381][ T6555] folio_alloc_noprof+0x20/0x2d0
[ 86.019883][ T6555] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.021677][ T6555] page_cache_ra_order+0x4e1/0xd70
[ 86.023204][ T6555] filemap_fault+0x1b4b/0x2930
[ 86.024639][ T6555] __do_fault+0x10a/0x490
[ 86.025968][ T6555] do_pte_missing+0x1a6/0x3ba0
[ 86.027496][ T6555] __handle_mm_fault+0x152a/0x2a50
[ 86.029092][ T6555] handle_mm_fault+0x589/0xd10
[ 86.030532][ T6555] do_user_addr_fault+0x60c/0x1370
[ 86.032134][ T6555] exc_page_fault+0x5c/0xb0
[ 86.033516][ T6555] asm_exc_page_fault+0x26/0x30
[ 86.034998][ T6555] page last free pid 6553 tgid 6551 stack trace:
[ 86.036925][ T6555] free_unref_folios+0xa61/0x16b0
[ 86.038480][ T6555] folios_put_refs+0x56f/0x740
[ 86.039937][ T6555] truncate_inode_pages_range+0x311/0xe50
[ 86.041682][ T6555] blkdev_flush_mapping+0xfb/0x290
[ 86.043448][ T6555] blkdev_put_whole+0xc4/0xf0
[ 86.044843][ T6555] bdev_release+0x47e/0x6d0
[ 86.046233][ T6555] blkdev_release+0x15/0x20
[ 86.047675][ T6555] __fput+0x3ff/0xb70
[ 86.048895][ T6555] task_work_run+0x14d/0x240
[ 86.050321][ T6555] do_exit+0x86f/0x2bf0
[ 86.051567][ T6555] do_group_exit+0xd3/0x2a0
[ 86.053008][ T6555] get_signal+0x2673/0x26d0
[ 86.054800][ T6555] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.056541][ T6555] exit_to_user_mode_loop+0x84/0x110
[ 86.058110][ T6555] do_syscall_64+0x3f6/0x4c0
[ 86.059513][ T6555] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.061296][ T6555] Modules linked in:
[ 86.062457][ T6555] CPU: 1 UID: 0 PID: 6555 Comm: syz.0.21 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 86.062474][ T6555] Tainted: [B]=BAD_PAGE
[ 86.062478][ T6555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.062484][ T6555] Call Trace:
[ 86.062488][ T6555]
[ 86.062492][ T6555] dump_stack_lvl+0x16c/0x1f0
[ 86.062508][ T6555] bad_page+0xcf/0x220
[ 86.062519][ T6555] ? __pfx_bad_page+0x10/0x10
[ 86.062531][ T6555] free_tail_page_prepare+0x44f/0x5b0
[ 86.062545][ T6555] __free_frozen_pages+0xbae/0x10f0
[ 86.062562][ T6555] __folio_put+0x329/0x450
[ 86.062573][ T6555] ? __pfx___folio_put+0x10/0x10
[ 86.062583][ T6555] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 86.062594][ T6555] ? rcu_is_watching+0x12/0xc0
[ 86.062608][ T6555] ? lock_release+0x201/0x2f0
[ 86.062624][ T6555] filemap_free_folio+0x132/0x170
[ 86.062634][ T6555] delete_from_page_cache_batch+0x741/0x9b0
[ 86.062646][ T6555] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 86.062658][ T6555] ? __pfx_workingset_update_node+0x10/0x10
[ 86.062668][ T6555] ? xas_move_index+0xb0/0x110
[ 86.062683][ T6555] truncate_inode_pages_range+0x279/0xe50
[ 86.062698][ T6555] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 86.062715][ T6555] ? rcu_is_watching+0x12/0xc0
[ 86.062727][ T6555] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 86.062739][ T6555] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.062752][ T6555] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.062764][ T6555] ? smp_call_function_many_cond+0x457/0x1600
[ 86.062782][ T6555] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.062794][ T6555] ? __pfx_has_bh_in_lru+0x10/0x10
[ 86.062805][ T6555] blkdev_flush_mapping+0xfb/0x290
[ 86.062817][ T6555] ? filemap_check_errors+0xa9/0x160
[ 86.062831][ T6555] blkdev_put_whole+0xc4/0xf0
[ 86.062842][ T6555] bdev_release+0x47e/0x6d0
[ 86.062856][ T6555] ? __pfx_blkdev_release+0x10/0x10
[ 86.062870][ T6555] blkdev_release+0x15/0x20
[ 86.062888][ T6555] __fput+0x3ff/0xb70
[ 86.062909][ T6555] task_work_run+0x14d/0x240
[ 86.062928][ T6555] ? __pfx_task_work_run+0x10/0x10
[ 86.062947][ T6555] ? do_raw_spin_unlock+0x172/0x230
[ 86.062962][ T6555] do_exit+0x86f/0x2bf0
[ 86.062979][ T6555] ? __pfx_do_exit+0x10/0x10
[ 86.062993][ T6555] ? do_raw_spin_lock+0x12c/0x2b0
[ 86.063004][ T6555] ? get_signal+0x8f5/0x26d0
[ 86.063016][ T6555] ? rcu_is_watching+0x12/0xc0
[ 86.063033][ T6555] do_group_exit+0xd3/0x2a0
[ 86.063049][ T6555] get_signal+0x2673/0x26d0
[ 86.063064][ T6555] ? __pfx_get_signal+0x10/0x10
[ 86.063076][ T6555] ? do_futex+0x122/0x350
[ 86.063091][ T6555] ? __pfx_do_futex+0x10/0x10
[ 86.063107][ T6555] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.063121][ T6555] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.063136][ T6555] ? xfd_validate_state+0x61/0x180
[ 86.063153][ T6555] ? __pfx_do_preadv+0x10/0x10
[ 86.063169][ T6555] exit_to_user_mode_loop+0x84/0x110
[ 86.063180][ T6555] do_syscall_64+0x3f6/0x4c0
[ 86.063195][ T6555] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.063206][ T6555] RIP: 0033:0x7fac75f8e969
[ 86.063214][ T6555] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 86.063219][ T6555] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.063229][ T6555] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 86.063236][ T6555] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 86.063242][ T6555] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 86.063249][ T6555] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 86.063255][ T6555] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 86.063264][ T6555]
[ 86.063280][ T6555] BUG: Bad page state in process syz.0.21 pfn:55a00
[ 86.172098][ T6555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55a00
[ 86.174808][ T6555] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 86.177497][ T6555] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 86.180421][ T6555] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 86.182985][ T6555] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.185574][ T6555] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 86.188222][ T6555] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.190922][ T6555] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.193534][ T6555] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.196071][ T6555] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 86.198415][ T6555] page_owner tracks the page as allocated
[ 86.200187][ T6555] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6554, tgid 6554 (syz.0.21), ts 85854526174, free_ts 85848551415
[ 86.206152][ T6555] post_alloc_hook+0x1c0/0x230
[ 86.207647][ T6555] get_page_from_freelist+0x132b/0x38e0
[ 86.209313][ T6555] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.211234][ T6555] alloc_pages_mpol+0x1fb/0x550
[ 86.212685][ T6555] folio_alloc_noprof+0x20/0x2d0
[ 86.214176][ T6555] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.215899][ T6555] page_cache_ra_order+0x4e1/0xd70
[ 86.217619][ T6555] filemap_fault+0x1b4b/0x2930
[ 86.219519][ T6555] __do_fault+0x10a/0x490
[ 86.221211][ T6555] do_pte_missing+0x1a6/0x3ba0
[ 86.222880][ T6555] __handle_mm_fault+0x152a/0x2a50
[ 86.224621][ T6555] handle_mm_fault+0x589/0xd10
[ 86.226237][ T6555] do_user_addr_fault+0x60c/0x1370
[ 86.228063][ T6555] exc_page_fault+0x5c/0xb0
[ 86.229639][ T6555] asm_exc_page_fault+0x26/0x30
[ 86.231285][ T6555] page last free pid 6553 tgid 6551 stack trace:
[ 86.233402][ T6555] free_unref_folios+0xa61/0x16b0
[ 86.235109][ T6555] folios_put_refs+0x56f/0x740
[ 86.236814][ T6555] truncate_inode_pages_range+0x311/0xe50
[ 86.238783][ T6555] blkdev_flush_mapping+0xfb/0x290
[ 86.240504][ T6555] blkdev_put_whole+0xc4/0xf0
[ 86.242116][ T6555] bdev_release+0x47e/0x6d0
[ 86.243659][ T6555] blkdev_release+0x15/0x20
[ 86.245229][ T6555] __fput+0x3ff/0xb70
[ 86.246668][ T6555] task_work_run+0x14d/0x240
[ 86.248257][ T6555] do_exit+0x86f/0x2bf0
[ 86.249780][ T6555] do_group_exit+0xd3/0x2a0
[ 86.251359][ T6555] get_signal+0x2673/0x26d0
[ 86.252944][ T6555] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.254809][ T6555] exit_to_user_mode_loop+0x84/0x110
[ 86.256669][ T6555] do_syscall_64+0x3f6/0x4c0
[ 86.258263][ T6555] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.260332][ T6555] Modules linked in:
[ 86.261687][ T6555] CPU: 3 UID: 0 PID: 6555 Comm: syz.0.21 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 86.261710][ T6555] Tainted: [B]=BAD_PAGE
[ 86.261714][ T6555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.261723][ T6555] Call Trace:
[ 86.261728][ T6555]
[ 86.261733][ T6555] dump_stack_lvl+0x16c/0x1f0
[ 86.261752][ T6555] bad_page+0xcf/0x220
[ 86.261768][ T6555] ? __pfx_bad_page+0x10/0x10
[ 86.261782][ T6555] ? page_bad_reason+0x9d/0x1f0
[ 86.261797][ T6555] __free_frozen_pages+0x7f7/0x10f0
[ 86.261819][ T6555] __folio_put+0x329/0x450
[ 86.261832][ T6555] ? __pfx___folio_put+0x10/0x10
[ 86.261845][ T6555] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 86.261860][ T6555] ? rcu_is_watching+0x12/0xc0
[ 86.261877][ T6555] ? lock_release+0x201/0x2f0
[ 86.261898][ T6555] filemap_free_folio+0x132/0x170
[ 86.261911][ T6555] delete_from_page_cache_batch+0x741/0x9b0
[ 86.261927][ T6555] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 86.261942][ T6555] ? __pfx_workingset_update_node+0x10/0x10
[ 86.261955][ T6555] ? xas_move_index+0xb0/0x110
[ 86.261975][ T6555] truncate_inode_pages_range+0x279/0xe50
[ 86.261995][ T6555] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 86.262018][ T6555] ? rcu_is_watching+0x12/0xc0
[ 86.262033][ T6555] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 86.262049][ T6555] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.262066][ T6555] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.262082][ T6555] ? smp_call_function_many_cond+0x457/0x1600
[ 86.262106][ T6555] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.262122][ T6555] ? __pfx_has_bh_in_lru+0x10/0x10
[ 86.262136][ T6555] blkdev_flush_mapping+0xfb/0x290
[ 86.262152][ T6555] ? filemap_check_errors+0xa9/0x160
[ 86.262171][ T6555] blkdev_put_whole+0xc4/0xf0
[ 86.262185][ T6555] bdev_release+0x47e/0x6d0
[ 86.262202][ T6555] ? __pfx_blkdev_release+0x10/0x10
[ 86.262219][ T6555] blkdev_release+0x15/0x20
[ 86.262235][ T6555] __fput+0x3ff/0xb70
[ 86.262254][ T6555] task_work_run+0x14d/0x240
[ 86.262269][ T6555] ? __pfx_task_work_run+0x10/0x10
[ 86.262283][ T6555] ? do_raw_spin_unlock+0x172/0x230
[ 86.262298][ T6555] do_exit+0x86f/0x2bf0
[ 86.262319][ T6555] ? __pfx_do_exit+0x10/0x10
[ 86.262343][ T6555] ? do_raw_spin_lock+0x12c/0x2b0
[ 86.262356][ T6555] ? get_signal+0x8f5/0x26d0
[ 86.262372][ T6555] ? rcu_is_watching+0x12/0xc0
[ 86.262388][ T6555] do_group_exit+0xd3/0x2a0
[ 86.262409][ T6555] get_signal+0x2673/0x26d0
[ 86.262427][ T6555] ? __pfx_get_signal+0x10/0x10
[ 86.262444][ T6555] ? do_futex+0x122/0x350
[ 86.262464][ T6555] ? __pfx_do_futex+0x10/0x10
[ 86.262484][ T6555] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.262503][ T6555] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.262523][ T6555] ? xfd_validate_state+0x61/0x180
[ 86.262543][ T6555] ? __pfx_do_preadv+0x10/0x10
[ 86.262565][ T6555] exit_to_user_mode_loop+0x84/0x110
[ 86.262579][ T6555] do_syscall_64+0x3f6/0x4c0
[ 86.262598][ T6555] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.262612][ T6555] RIP: 0033:0x7fac75f8e969
[ 86.262622][ T6555] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 86.262628][ T6555] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.262642][ T6555] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 86.262651][ T6555] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 86.262659][ T6555] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 86.262668][ T6555] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 86.262676][ T6555] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 86.262689][ T6555]
[ 86.294287][ T6557] BUG: Bad page state in process syz.0.22 pfn:55c01
[ 86.381660][ T6557] page does not match folio
[ 86.383096][ T6557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55c01
[ 86.386064][ T6557] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 86.388319][ T6557] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 86.390854][ T6557] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.393401][ T6557] page dumped because: nonzero pincount
[ 86.395028][ T6557] page_owner tracks the page as allocated
[ 86.397147][ T6557] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6556, tgid 6556 (syz.0.22), ts 86269733097, free_ts 86262727859
[ 86.403102][ T6557] post_alloc_hook+0x1c0/0x230
[ 86.404542][ T6557] get_page_from_freelist+0x132b/0x38e0
[ 86.406218][ T6557] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.408046][ T6557] alloc_pages_mpol+0x1fb/0x550
[ 86.409498][ T6557] folio_alloc_noprof+0x20/0x2d0
[ 86.411009][ T6557] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.412733][ T6557] page_cache_ra_order+0x4e1/0xd70
[ 86.414296][ T6557] filemap_fault+0x1b4b/0x2930
[ 86.415699][ T6557] __do_fault+0x10a/0x490
[ 86.417059][ T6557] do_pte_missing+0x1a6/0x3ba0
[ 86.418504][ T6557] __handle_mm_fault+0x152a/0x2a50
[ 86.420023][ T6557] handle_mm_fault+0x589/0xd10
[ 86.421457][ T6557] do_user_addr_fault+0x60c/0x1370
[ 86.423000][ T6557] exc_page_fault+0x5c/0xb0
[ 86.424375][ T6557] asm_exc_page_fault+0x26/0x30
[ 86.425823][ T6557] page last free pid 6555 tgid 6554 stack trace:
[ 86.427725][ T6557] free_unref_folios+0xa61/0x16b0
[ 86.429242][ T6557] folios_put_refs+0x56f/0x740
[ 86.430696][ T6557] truncate_inode_pages_range+0x311/0xe50
[ 86.432409][ T6557] blkdev_flush_mapping+0xfb/0x290
[ 86.433961][ T6557] blkdev_put_whole+0xc4/0xf0
[ 86.435362][ T6557] bdev_release+0x47e/0x6d0
[ 86.436828][ T6557] blkdev_release+0x15/0x20
[ 86.438217][ T6557] __fput+0x3ff/0xb70
[ 86.439466][ T6557] task_work_run+0x14d/0x240
[ 86.440906][ T6557] do_exit+0x86f/0x2bf0
[ 86.442207][ T6557] do_group_exit+0xd3/0x2a0
[ 86.443586][ T6557] get_signal+0x2673/0x26d0
[ 86.444958][ T6557] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.447665][ T6557] exit_to_user_mode_loop+0x84/0x110
[ 86.449581][ T6557] do_syscall_64+0x3f6/0x4c0
[ 86.451240][ T6557] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.453322][ T6557] Modules linked in:
[ 86.454765][ T6557] CPU: 2 UID: 0 PID: 6557 Comm: syz.0.22 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 86.454790][ T6557] Tainted: [B]=BAD_PAGE
[ 86.454795][ T6557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.454805][ T6557] Call Trace:
[ 86.454811][ T6557]
[ 86.454817][ T6557] dump_stack_lvl+0x16c/0x1f0
[ 86.454839][ T6557] bad_page+0xcf/0x220
[ 86.454856][ T6557] ? __pfx_bad_page+0x10/0x10
[ 86.454874][ T6557] free_tail_page_prepare+0x44f/0x5b0
[ 86.454895][ T6557] __free_frozen_pages+0xbae/0x10f0
[ 86.454918][ T6557] __folio_put+0x329/0x450
[ 86.454934][ T6557] ? __pfx___folio_put+0x10/0x10
[ 86.454950][ T6557] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 86.454966][ T6557] ? rcu_is_watching+0x12/0xc0
[ 86.454985][ T6557] ? lock_release+0x201/0x2f0
[ 86.455008][ T6557] filemap_free_folio+0x132/0x170
[ 86.455031][ T6557] delete_from_page_cache_batch+0x741/0x9b0
[ 86.455051][ T6557] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 86.455069][ T6557] ? __pfx_workingset_update_node+0x10/0x10
[ 86.455084][ T6557] ? xas_move_index+0xb0/0x110
[ 86.455106][ T6557] truncate_inode_pages_range+0x279/0xe50
[ 86.455128][ T6557] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 86.455154][ T6557] ? rcu_is_watching+0x12/0xc0
[ 86.455172][ T6557] ? has_bh_in_lru+0x9d/0x100
[ 86.455187][ T6557] ? smp_call_function_many_cond+0x457/0x1600
[ 86.455215][ T6557] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.455233][ T6557] ? __pfx_has_bh_in_lru+0x10/0x10
[ 86.455249][ T6557] blkdev_flush_mapping+0xfb/0x290
[ 86.455266][ T6557] ? filemap_check_errors+0xa9/0x160
[ 86.455287][ T6557] blkdev_put_whole+0xc4/0xf0
[ 86.455303][ T6557] bdev_release+0x47e/0x6d0
[ 86.455323][ T6557] ? __pfx_blkdev_release+0x10/0x10
[ 86.455341][ T6557] blkdev_release+0x15/0x20
[ 86.455359][ T6557] __fput+0x3ff/0xb70
[ 86.455380][ T6557] task_work_run+0x14d/0x240
[ 86.455397][ T6557] ? __pfx_task_work_run+0x10/0x10
[ 86.455413][ T6557] ? do_raw_spin_unlock+0x172/0x230
[ 86.455431][ T6557] do_exit+0x86f/0x2bf0
[ 86.455454][ T6557] ? __pfx_do_exit+0x10/0x10
[ 86.455475][ T6557] ? do_raw_spin_lock+0x12c/0x2b0
[ 86.455491][ T6557] ? get_signal+0x8f5/0x26d0
[ 86.455510][ T6557] ? rcu_is_watching+0x12/0xc0
[ 86.455528][ T6557] do_group_exit+0xd3/0x2a0
[ 86.455551][ T6557] get_signal+0x2673/0x26d0
[ 86.455573][ T6557] ? __pfx_get_signal+0x10/0x10
[ 86.455592][ T6557] ? do_futex+0x122/0x350
[ 86.455614][ T6557] ? __pfx_do_futex+0x10/0x10
[ 86.455637][ T6557] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.455658][ T6557] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.455681][ T6557] ? __pfx_do_preadv+0x10/0x10
[ 86.455705][ T6557] exit_to_user_mode_loop+0x84/0x110
[ 86.455721][ T6557] do_syscall_64+0x3f6/0x4c0
[ 86.455743][ T6557] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.455758][ T6557] RIP: 0033:0x7fac75f8e969
[ 86.455769][ T6557] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 86.455777][ T6557] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.455791][ T6557] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 86.455802][ T6557] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 86.455811][ T6557] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 86.455821][ T6557] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 86.455831][ T6557] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 86.455845][ T6557]
[ 86.455873][ T6557] BUG: Bad page state in process syz.0.22 pfn:55c00
[ 86.456426][ T6012] Bluetooth: hci0: command tx timeout
[ 86.460413][ T6557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55c00
[ 86.578273][ T6557] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 86.580824][ T6557] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 86.583768][ T6557] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 86.586426][ T6557] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.589026][ T6557] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 86.591601][ T6557] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.594309][ T6557] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.597038][ T6557] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.599675][ T6557] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 86.601938][ T6557] page_owner tracks the page as allocated
[ 86.603644][ T6557] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6556, tgid 6556 (syz.0.22), ts 86269733097, free_ts 86262727859
[ 86.609749][ T6557] post_alloc_hook+0x1c0/0x230
[ 86.611247][ T6557] get_page_from_freelist+0x132b/0x38e0
[ 86.612989][ T6557] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.614742][ T6557] alloc_pages_mpol+0x1fb/0x550
[ 86.616223][ T6557] folio_alloc_noprof+0x20/0x2d0
[ 86.617785][ T6557] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.619533][ T6557] page_cache_ra_order+0x4e1/0xd70
[ 86.621186][ T6557] filemap_fault+0x1b4b/0x2930
[ 86.622739][ T6557] __do_fault+0x10a/0x490
[ 86.624035][ T6557] do_pte_missing+0x1a6/0x3ba0
[ 86.625481][ T6557] __handle_mm_fault+0x152a/0x2a50
[ 86.627092][ T6557] handle_mm_fault+0x589/0xd10
[ 86.628538][ T6557] do_user_addr_fault+0x60c/0x1370
[ 86.630120][ T6557] exc_page_fault+0x5c/0xb0
[ 86.631551][ T6557] asm_exc_page_fault+0x26/0x30
[ 86.633048][ T6557] page last free pid 6555 tgid 6554 stack trace:
[ 86.634957][ T6557] free_unref_folios+0xa61/0x16b0
[ 86.636547][ T6557] folios_put_refs+0x56f/0x740
[ 86.638009][ T6557] truncate_inode_pages_range+0x311/0xe50
[ 86.639742][ T6557] blkdev_flush_mapping+0xfb/0x290
[ 86.641309][ T6557] blkdev_put_whole+0xc4/0xf0
[ 86.642850][ T6557] bdev_release+0x47e/0x6d0
[ 86.644239][ T6557] blkdev_release+0x15/0x20
[ 86.645631][ T6557] __fput+0x3ff/0xb70
[ 86.646911][ T6557] task_work_run+0x14d/0x240
[ 86.648332][ T6557] do_exit+0x86f/0x2bf0
[ 86.649608][ T6557] do_group_exit+0xd3/0x2a0
[ 86.650981][ T6557] get_signal+0x2673/0x26d0
[ 86.652596][ T6557] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.654520][ T6557] exit_to_user_mode_loop+0x84/0x110
[ 86.656124][ T6557] do_syscall_64+0x3f6/0x4c0
[ 86.657573][ T6557] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.659364][ T6557] Modules linked in:
[ 86.660538][ T6557] CPU: 1 UID: 0 PID: 6557 Comm: syz.0.22 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 86.660555][ T6557] Tainted: [B]=BAD_PAGE
[ 86.660559][ T6557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.660566][ T6557] Call Trace:
[ 86.660570][ T6557]
[ 86.660574][ T6557] dump_stack_lvl+0x16c/0x1f0
[ 86.660589][ T6557] bad_page+0xcf/0x220
[ 86.660601][ T6557] ? __pfx_bad_page+0x10/0x10
[ 86.660612][ T6557] ? page_bad_reason+0x9d/0x1f0
[ 86.660624][ T6557] __free_frozen_pages+0x7f7/0x10f0
[ 86.660640][ T6557] __folio_put+0x329/0x450
[ 86.660651][ T6557] ? __pfx___folio_put+0x10/0x10
[ 86.660662][ T6557] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 86.660673][ T6557] ? rcu_is_watching+0x12/0xc0
[ 86.660686][ T6557] ? lock_release+0x201/0x2f0
[ 86.660702][ T6557] filemap_free_folio+0x132/0x170
[ 86.660712][ T6557] delete_from_page_cache_batch+0x741/0x9b0
[ 86.660724][ T6557] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 86.660736][ T6557] ? __pfx_workingset_update_node+0x10/0x10
[ 86.660746][ T6557] ? xas_move_index+0xb0/0x110
[ 86.660762][ T6557] truncate_inode_pages_range+0x279/0xe50
[ 86.660776][ T6557] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 86.660810][ T6557] ? rcu_is_watching+0x12/0xc0
[ 86.660822][ T6557] ? has_bh_in_lru+0x9d/0x100
[ 86.660833][ T6557] ? smp_call_function_many_cond+0x457/0x1600
[ 86.660851][ T6557] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.660863][ T6557] ? __pfx_has_bh_in_lru+0x10/0x10
[ 86.660874][ T6557] blkdev_flush_mapping+0xfb/0x290
[ 86.660886][ T6557] ? filemap_check_errors+0xa9/0x160
[ 86.660901][ T6557] blkdev_put_whole+0xc4/0xf0
[ 86.660912][ T6557] bdev_release+0x47e/0x6d0
[ 86.660925][ T6557] ? __pfx_blkdev_release+0x10/0x10
[ 86.660938][ T6557] blkdev_release+0x15/0x20
[ 86.660951][ T6557] __fput+0x3ff/0xb70
[ 86.660965][ T6557] task_work_run+0x14d/0x240
[ 86.660977][ T6557] ? __pfx_task_work_run+0x10/0x10
[ 86.660987][ T6557] ? do_raw_spin_unlock+0x172/0x230
[ 86.660999][ T6557] do_exit+0x86f/0x2bf0
[ 86.661016][ T6557] ? __pfx_do_exit+0x10/0x10
[ 86.661031][ T6557] ? do_raw_spin_lock+0x12c/0x2b0
[ 86.661041][ T6557] ? get_signal+0x8f5/0x26d0
[ 86.661053][ T6557] ? rcu_is_watching+0x12/0xc0
[ 86.661066][ T6557] do_group_exit+0xd3/0x2a0
[ 86.661082][ T6557] get_signal+0x2673/0x26d0
[ 86.661097][ T6557] ? __pfx_get_signal+0x10/0x10
[ 86.661109][ T6557] ? do_futex+0x122/0x350
[ 86.661125][ T6557] ? __pfx_do_futex+0x10/0x10
[ 86.661140][ T6557] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.661154][ T6557] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.661170][ T6557] ? __pfx_do_preadv+0x10/0x10
[ 86.661186][ T6557] exit_to_user_mode_loop+0x84/0x110
[ 86.661196][ T6557] do_syscall_64+0x3f6/0x4c0
[ 86.661211][ T6557] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.661221][ T6557] RIP: 0033:0x7fac75f8e969
[ 86.661229][ T6557] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 86.661234][ T6557] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.661244][ T6557] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 86.661251][ T6557] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 86.661257][ T6557] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 86.661264][ T6557] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 86.661270][ T6557] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 86.661279][ T6557]
[ 86.691707][ T6559] BUG: Bad page state in process syz.0.23 pfn:55e01
[ 86.770369][ T6559] page does not match folio
[ 86.771739][ T6559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55e01
[ 86.774719][ T6559] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 86.777041][ T6559] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 86.779534][ T6559] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.782059][ T6559] page dumped because: nonzero pincount
[ 86.783699][ T6559] page_owner tracks the page as allocated
[ 86.785388][ T6559] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6558, tgid 6558 (syz.0.23), ts 86667251450, free_ts 86661310059
[ 86.792025][ T6559] post_alloc_hook+0x1c0/0x230
[ 86.793467][ T6559] get_page_from_freelist+0x132b/0x38e0
[ 86.795094][ T6559] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.796878][ T6559] alloc_pages_mpol+0x1fb/0x550
[ 86.798297][ T6559] folio_alloc_noprof+0x20/0x2d0
[ 86.799743][ T6559] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.801454][ T6559] page_cache_ra_order+0x4e1/0xd70
[ 86.802942][ T6559] filemap_fault+0x1b4b/0x2930
[ 86.804352][ T6559] __do_fault+0x10a/0x490
[ 86.805688][ T6559] do_pte_missing+0x1a6/0x3ba0
[ 86.807159][ T6559] __handle_mm_fault+0x152a/0x2a50
[ 86.808665][ T6559] handle_mm_fault+0x589/0xd10
[ 86.810244][ T6559] do_user_addr_fault+0x60c/0x1370
[ 86.812045][ T6559] exc_page_fault+0x5c/0xb0
[ 86.813461][ T6559] asm_exc_page_fault+0x26/0x30
[ 86.814941][ T6559] page last free pid 6557 tgid 6556 stack trace:
[ 86.817285][ T6559] free_unref_folios+0xa61/0x16b0
[ 86.818814][ T6559] folios_put_refs+0x56f/0x740
[ 86.820257][ T6559] truncate_inode_pages_range+0x311/0xe50
[ 86.821973][ T6559] blkdev_flush_mapping+0xfb/0x290
[ 86.823529][ T6559] blkdev_put_whole+0xc4/0xf0
[ 86.824956][ T6559] bdev_release+0x47e/0x6d0
[ 86.826334][ T6559] blkdev_release+0x15/0x20
[ 86.827771][ T6559] __fput+0x3ff/0xb70
[ 86.828995][ T6559] task_work_run+0x14d/0x240
[ 86.830420][ T6559] do_exit+0x86f/0x2bf0
[ 86.831700][ T6559] do_group_exit+0xd3/0x2a0
[ 86.833105][ T6559] get_signal+0x2673/0x26d0
[ 86.834483][ T6559] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.836152][ T6559] exit_to_user_mode_loop+0x84/0x110
[ 86.837839][ T6559] do_syscall_64+0x3f6/0x4c0
[ 86.839260][ T6559] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.841070][ T6559] Modules linked in:
[ 86.842271][ T6559] CPU: 2 UID: 0 PID: 6559 Comm: syz.0.23 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 86.842288][ T6559] Tainted: [B]=BAD_PAGE
[ 86.842292][ T6559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.842298][ T6559] Call Trace:
[ 86.842302][ T6559]
[ 86.842306][ T6559] dump_stack_lvl+0x16c/0x1f0
[ 86.842322][ T6559] bad_page+0xcf/0x220
[ 86.842333][ T6559] ? __pfx_bad_page+0x10/0x10
[ 86.842345][ T6559] free_tail_page_prepare+0x44f/0x5b0
[ 86.842359][ T6559] __free_frozen_pages+0xbae/0x10f0
[ 86.842376][ T6559] __folio_put+0x329/0x450
[ 86.842387][ T6559] ? __pfx___folio_put+0x10/0x10
[ 86.842398][ T6559] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 86.842409][ T6559] ? rcu_is_watching+0x12/0xc0
[ 86.842422][ T6559] ? lock_release+0x201/0x2f0
[ 86.842438][ T6559] filemap_free_folio+0x132/0x170
[ 86.842448][ T6559] delete_from_page_cache_batch+0x741/0x9b0
[ 86.842460][ T6559] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 86.842472][ T6559] ? __pfx_workingset_update_node+0x10/0x10
[ 86.842483][ T6559] ? xas_move_index+0xb0/0x110
[ 86.842499][ T6559] truncate_inode_pages_range+0x279/0xe50
[ 86.842513][ T6559] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 86.842531][ T6559] ? rcu_is_watching+0x12/0xc0
[ 86.842543][ T6559] ? has_bh_in_lru+0x9d/0x100
[ 86.842554][ T6559] ? smp_call_function_many_cond+0x457/0x1600
[ 86.842573][ T6559] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.842585][ T6559] ? __pfx_has_bh_in_lru+0x10/0x10
[ 86.842596][ T6559] blkdev_flush_mapping+0xfb/0x290
[ 86.842609][ T6559] ? filemap_check_errors+0xa9/0x160
[ 86.842623][ T6559] blkdev_put_whole+0xc4/0xf0
[ 86.842635][ T6559] bdev_release+0x47e/0x6d0
[ 86.842648][ T6559] ? __pfx_blkdev_release+0x10/0x10
[ 86.842661][ T6559] blkdev_release+0x15/0x20
[ 86.842674][ T6559] __fput+0x3ff/0xb70
[ 86.842688][ T6559] task_work_run+0x14d/0x240
[ 86.842700][ T6559] ? __pfx_task_work_run+0x10/0x10
[ 86.842711][ T6559] ? do_raw_spin_unlock+0x172/0x230
[ 86.842723][ T6559] do_exit+0x86f/0x2bf0
[ 86.842739][ T6559] ? __pfx_do_exit+0x10/0x10
[ 86.842753][ T6559] ? do_raw_spin_lock+0x12c/0x2b0
[ 86.842764][ T6559] ? get_signal+0x8f5/0x26d0
[ 86.842776][ T6559] ? rcu_is_watching+0x12/0xc0
[ 86.842789][ T6559] do_group_exit+0xd3/0x2a0
[ 86.842804][ T6559] get_signal+0x2673/0x26d0
[ 86.842819][ T6559] ? __pfx_get_signal+0x10/0x10
[ 86.842832][ T6559] ? do_futex+0x122/0x350
[ 86.842847][ T6559] ? __pfx_do_futex+0x10/0x10
[ 86.842863][ T6559] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.842877][ T6559] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.842892][ T6559] ? __pfx_do_preadv+0x10/0x10
[ 86.842909][ T6559] exit_to_user_mode_loop+0x84/0x110
[ 86.842920][ T6559] do_syscall_64+0x3f6/0x4c0
[ 86.842935][ T6559] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.842945][ T6559] RIP: 0033:0x7fac75f8e969
[ 86.842953][ T6559] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 86.842958][ T6559] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.842968][ T6559] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 86.842975][ T6559] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 86.842981][ T6559] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 86.842988][ T6559] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 86.842994][ T6559] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 86.843003][ T6559]
[ 86.843021][ T6559] BUG: Bad page state in process syz.0.23 pfn:55e00
[ 86.949153][ T6559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55e00
[ 86.952193][ T6559] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 86.955101][ T6559] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 86.958092][ T6559] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 86.960668][ T6559] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.963287][ T6559] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 86.965913][ T6559] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.968705][ T6559] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.971362][ T6559] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.973956][ T6559] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 86.976136][ T6559] page_owner tracks the page as allocated
[ 86.977935][ T6559] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6558, tgid 6558 (syz.0.23), ts 86667251450, free_ts 86661310059
[ 86.984311][ T6559] post_alloc_hook+0x1c0/0x230
[ 86.985983][ T6559] get_page_from_freelist+0x132b/0x38e0
[ 86.987954][ T6559] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.990096][ T6559] alloc_pages_mpol+0x1fb/0x550
[ 86.991576][ T6559] folio_alloc_noprof+0x20/0x2d0
[ 86.993062][ T6559] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.994782][ T6559] page_cache_ra_order+0x4e1/0xd70
[ 86.996675][ T6559] filemap_fault+0x1b4b/0x2930
[ 86.998358][ T6559] __do_fault+0x10a/0x490
[ 86.999891][ T6559] do_pte_missing+0x1a6/0x3ba0
[ 87.001674][ T6559] __handle_mm_fault+0x152a/0x2a50
[ 87.003353][ T6559] handle_mm_fault+0x589/0xd10
[ 87.005056][ T6559] do_user_addr_fault+0x60c/0x1370
[ 87.007100][ T6559] exc_page_fault+0x5c/0xb0
[ 87.008564][ T6559] asm_exc_page_fault+0x26/0x30
[ 87.010262][ T6559] page last free pid 6557 tgid 6556 stack trace:
[ 87.012539][ T6559] free_unref_folios+0xa61/0x16b0
[ 87.014437][ T6559] folios_put_refs+0x56f/0x740
[ 87.016040][ T6559] truncate_inode_pages_range+0x311/0xe50
[ 87.017959][ T6559] blkdev_flush_mapping+0xfb/0x290
[ 87.019775][ T6559] blkdev_put_whole+0xc4/0xf0
[ 87.021518][ T6559] bdev_release+0x47e/0x6d0
[ 87.023142][ T6559] blkdev_release+0x15/0x20
[ 87.024809][ T6559] __fput+0x3ff/0xb70
[ 87.026326][ T6559] task_work_run+0x14d/0x240
[ 87.028101][ T6559] do_exit+0x86f/0x2bf0
[ 87.029392][ T6559] do_group_exit+0xd3/0x2a0
[ 87.030988][ T6559] get_signal+0x2673/0x26d0
[ 87.032611][ T6559] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.034580][ T6559] exit_to_user_mode_loop+0x84/0x110
[ 87.036550][ T6559] do_syscall_64+0x3f6/0x4c0
[ 87.038291][ T6559] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.040378][ T6559] Modules linked in:
[ 87.041785][ T6559] CPU: 3 UID: 0 PID: 6559 Comm: syz.0.23 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 87.041802][ T6559] Tainted: [B]=BAD_PAGE
[ 87.041806][ T6559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.041813][ T6559] Call Trace:
[ 87.041817][ T6559]
[ 87.041822][ T6559] dump_stack_lvl+0x16c/0x1f0
[ 87.041838][ T6559] bad_page+0xcf/0x220
[ 87.041850][ T6559] ? __pfx_bad_page+0x10/0x10
[ 87.041861][ T6559] ? page_bad_reason+0x9d/0x1f0
[ 87.041873][ T6559] __free_frozen_pages+0x7f7/0x10f0
[ 87.041890][ T6559] __folio_put+0x329/0x450
[ 87.041901][ T6559] ? __pfx___folio_put+0x10/0x10
[ 87.041911][ T6559] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 87.041923][ T6559] ? rcu_is_watching+0x12/0xc0
[ 87.041936][ T6559] ? lock_release+0x201/0x2f0
[ 87.041952][ T6559] filemap_free_folio+0x132/0x170
[ 87.041962][ T6559] delete_from_page_cache_batch+0x741/0x9b0
[ 87.041975][ T6559] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 87.041987][ T6559] ? __pfx_workingset_update_node+0x10/0x10
[ 87.041998][ T6559] ? xas_move_index+0xb0/0x110
[ 87.042013][ T6559] truncate_inode_pages_range+0x279/0xe50
[ 87.042028][ T6559] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 87.042046][ T6559] ? rcu_is_watching+0x12/0xc0
[ 87.042058][ T6559] ? has_bh_in_lru+0x9d/0x100
[ 87.042071][ T6559] ? smp_call_function_many_cond+0x457/0x1600
[ 87.042090][ T6559] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.042103][ T6559] ? __pfx_has_bh_in_lru+0x10/0x10
[ 87.042114][ T6559] blkdev_flush_mapping+0xfb/0x290
[ 87.042126][ T6559] ? filemap_check_errors+0xa9/0x160
[ 87.042140][ T6559] blkdev_put_whole+0xc4/0xf0
[ 87.042152][ T6559] bdev_release+0x47e/0x6d0
[ 87.042165][ T6559] ? __pfx_blkdev_release+0x10/0x10
[ 87.042178][ T6559] blkdev_release+0x15/0x20
[ 87.042191][ T6559] __fput+0x3ff/0xb70
[ 87.042206][ T6559] task_work_run+0x14d/0x240
[ 87.042217][ T6559] ? __pfx_task_work_run+0x10/0x10
[ 87.042228][ T6559] ? do_raw_spin_unlock+0x172/0x230
[ 87.042240][ T6559] do_exit+0x86f/0x2bf0
[ 87.042256][ T6559] ? __pfx_do_exit+0x10/0x10
[ 87.042271][ T6559] ? do_raw_spin_lock+0x12c/0x2b0
[ 87.042282][ T6559] ? get_signal+0x8f5/0x26d0
[ 87.042294][ T6559] ? rcu_is_watching+0x12/0xc0
[ 87.042307][ T6559] do_group_exit+0xd3/0x2a0
[ 87.042326][ T6559] get_signal+0x2673/0x26d0
[ 87.042341][ T6559] ? __pfx_get_signal+0x10/0x10
[ 87.042353][ T6559] ? do_futex+0x122/0x350
[ 87.042369][ T6559] ? __pfx_do_futex+0x10/0x10
[ 87.042385][ T6559] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.042399][ T6559] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 87.042414][ T6559] ? __pfx_do_preadv+0x10/0x10
[ 87.042430][ T6559] exit_to_user_mode_loop+0x84/0x110
[ 87.042441][ T6559] do_syscall_64+0x3f6/0x4c0
[ 87.042456][ T6559] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.042467][ T6559] RIP: 0033:0x7fac75f8e969
[ 87.042474][ T6559] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 87.042479][ T6559] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 87.042489][ T6559] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 87.042496][ T6559] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 87.042502][ T6559] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 87.042509][ T6559] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 87.042515][ T6559] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 87.042524][ T6559]
[ 87.070036][ T6560] BUG: Bad page state in process syz.0.24 pfn:56001
[ 87.162456][ T6560] page does not match folio
[ 87.163809][ T6560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x56001
[ 87.166860][ T6560] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 87.169072][ T6560] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 87.171645][ T6560] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 87.174214][ T6560] page dumped because: nonzero pincount
[ 87.175894][ T6560] page_owner tracks the page as allocated
[ 87.178167][ T6560] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6560, tgid 6560 (syz.0.24), ts 87049356395, free_ts 87042557495
[ 87.183980][ T6560] post_alloc_hook+0x1c0/0x230
[ 87.185434][ T6560] get_page_from_freelist+0x132b/0x38e0
[ 87.187166][ T6560] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 87.188959][ T6560] alloc_pages_mpol+0x1fb/0x550
[ 87.190450][ T6560] folio_alloc_noprof+0x20/0x2d0
[ 87.191963][ T6560] filemap_alloc_folio_noprof+0x3a1/0x470
[ 87.193701][ T6560] page_cache_ra_order+0x4e1/0xd70
[ 87.195211][ T6560] filemap_fault+0x1b4b/0x2930
[ 87.196689][ T6560] __do_fault+0x10a/0x490
[ 87.197974][ T6560] do_pte_missing+0x1a6/0x3ba0
[ 87.199421][ T6560] __handle_mm_fault+0x152a/0x2a50
[ 87.201109][ T6560] handle_mm_fault+0x589/0xd10
[ 87.202555][ T6560] do_user_addr_fault+0x60c/0x1370
[ 87.204097][ T6560] exc_page_fault+0x5c/0xb0
[ 87.205456][ T6560] asm_exc_page_fault+0x26/0x30
[ 87.206956][ T6560] page last free pid 6559 tgid 6558 stack trace:
[ 87.208874][ T6560] free_unref_folios+0xa61/0x16b0
[ 87.210382][ T6560] folios_put_refs+0x56f/0x740
[ 87.211837][ T6560] truncate_inode_pages_range+0x311/0xe50
[ 87.213543][ T6560] blkdev_flush_mapping+0xfb/0x290
[ 87.215117][ T6560] blkdev_put_whole+0xc4/0xf0
[ 87.216645][ T6560] bdev_release+0x47e/0x6d0
[ 87.218076][ T6560] blkdev_release+0x15/0x20
[ 87.219504][ T6560] __fput+0x3ff/0xb70
[ 87.220790][ T6560] task_work_run+0x14d/0x240
[ 87.222239][ T6560] do_exit+0x86f/0x2bf0
[ 87.223541][ T6560] do_group_exit+0xd3/0x2a0
[ 87.224962][ T6560] get_signal+0x2673/0x26d0
[ 87.226417][ T6560] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.228117][ T6560] exit_to_user_mode_loop+0x84/0x110
[ 87.229747][ T6560] do_syscall_64+0x3f6/0x4c0
[ 87.231205][ T6560] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.233052][ T6560] Modules linked in:
[ 87.234255][ T6560] CPU: 2 UID: 0 PID: 6560 Comm: syz.0.24 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 87.234272][ T6560] Tainted: [B]=BAD_PAGE
[ 87.234276][ T6560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.234283][ T6560] Call Trace:
[ 87.234286][ T6560]
[ 87.234290][ T6560] dump_stack_lvl+0x16c/0x1f0
[ 87.234306][ T6560] bad_page+0xcf/0x220
[ 87.234318][ T6560] ? __pfx_bad_page+0x10/0x10
[ 87.234329][ T6560] free_tail_page_prepare+0x44f/0x5b0
[ 87.234344][ T6560] __free_frozen_pages+0xbae/0x10f0
[ 87.234360][ T6560] __folio_put+0x329/0x450
[ 87.234371][ T6560] ? __pfx___folio_put+0x10/0x10
[ 87.234381][ T6560] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 87.234393][ T6560] ? rcu_is_watching+0x12/0xc0
[ 87.234406][ T6560] ? lock_release+0x201/0x2f0
[ 87.234422][ T6560] filemap_free_folio+0x132/0x170
[ 87.234432][ T6560] delete_from_page_cache_batch+0x741/0x9b0
[ 87.234445][ T6560] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 87.234457][ T6560] ? __pfx_workingset_update_node+0x10/0x10
[ 87.234467][ T6560] ? xas_move_index+0xb0/0x110
[ 87.234483][ T6560] truncate_inode_pages_range+0x279/0xe50
[ 87.234497][ T6560] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 87.234515][ T6560] ? rcu_is_watching+0x12/0xc0
[ 87.234527][ T6560] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 87.234539][ T6560] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.234551][ T6560] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.234564][ T6560] ? smp_call_function_many_cond+0x457/0x1600
[ 87.234582][ T6560] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.234594][ T6560] ? __pfx_has_bh_in_lru+0x10/0x10
[ 87.234605][ T6560] blkdev_flush_mapping+0xfb/0x290
[ 87.234618][ T6560] blkdev_put_whole+0xc4/0xf0
[ 87.234629][ T6560] bdev_release+0x47e/0x6d0
[ 87.234643][ T6560] ? __pfx_blkdev_release+0x10/0x10
[ 87.234656][ T6560] blkdev_release+0x15/0x20
[ 87.234668][ T6560] __fput+0x3ff/0xb70
[ 87.234682][ T6560] task_work_run+0x14d/0x240
[ 87.234694][ T6560] ? __pfx_task_work_run+0x10/0x10
[ 87.234705][ T6560] ? do_raw_spin_unlock+0x172/0x230
[ 87.234716][ T6560] do_exit+0x86f/0x2bf0
[ 87.234732][ T6560] ? __pfx_do_exit+0x10/0x10
[ 87.234747][ T6560] ? preempt_schedule_thunk+0x16/0x30
[ 87.234763][ T6560] do_group_exit+0xd3/0x2a0
[ 87.234778][ T6560] __x64_sys_exit_group+0x3e/0x50
[ 87.234794][ T6560] x64_sys_call+0x14fa/0x1720
[ 87.234806][ T6560] do_syscall_64+0xcd/0x4c0
[ 87.234821][ T6560] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.234832][ T6560] RIP: 0033:0x7fac75f8e969
[ 87.234839][ T6560] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 87.234844][ T6560] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 87.234854][ T6560] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 87.234861][ T6560] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 87.234867][ T6560] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 87.234873][ T6560] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000008
[ 87.234880][ T6560] R13: 00000000000927c0 R14: 000000000001523d R15: 00007ffcdde9e150
[ 87.234888][ T6560]
[ 87.234903][ T6560] BUG: Bad page state in process syz.0.24 pfn:56000
[ 87.328404][ T6560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x56000
[ 87.331007][ T6560] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 87.333532][ T6560] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 87.336497][ T6560] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 87.339028][ T6560] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 87.341616][ T6560] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 87.344212][ T6560] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 87.346859][ T6560] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 87.349458][ T6560] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 87.352069][ T6560] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 87.354255][ T6560] page_owner tracks the page as allocated
[ 87.355961][ T6560] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6560, tgid 6560 (syz.0.24), ts 87049356395, free_ts 87042557495
[ 87.365084][ T6560] post_alloc_hook+0x1c0/0x230
[ 87.366586][ T6560] get_page_from_freelist+0x132b/0x38e0
[ 87.368263][ T6560] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 87.370049][ T6560] alloc_pages_mpol+0x1fb/0x550
[ 87.371573][ T6560] folio_alloc_noprof+0x20/0x2d0
[ 87.373060][ T6560] filemap_alloc_folio_noprof+0x3a1/0x470
[ 87.374768][ T6560] page_cache_ra_order+0x4e1/0xd70
[ 87.376322][ T6560] filemap_fault+0x1b4b/0x2930
[ 87.377827][ T6560] __do_fault+0x10a/0x490
[ 87.379130][ T6560] do_pte_missing+0x1a6/0x3ba0
[ 87.380597][ T6560] __handle_mm_fault+0x152a/0x2a50
[ 87.382151][ T6560] handle_mm_fault+0x589/0xd10
[ 87.383603][ T6560] do_user_addr_fault+0x60c/0x1370
[ 87.385161][ T6560] exc_page_fault+0x5c/0xb0
[ 87.386610][ T6560] asm_exc_page_fault+0x26/0x30
[ 87.388084][ T6560] page last free pid 6559 tgid 6558 stack trace:
[ 87.390112][ T6560] free_unref_folios+0xa61/0x16b0
[ 87.391715][ T6560] folios_put_refs+0x56f/0x740
[ 87.393212][ T6560] truncate_inode_pages_range+0x311/0xe50
[ 87.394970][ T6560] blkdev_flush_mapping+0xfb/0x290
[ 87.396649][ T6560] blkdev_put_whole+0xc4/0xf0
[ 87.398128][ T6560] bdev_release+0x47e/0x6d0
[ 87.399555][ T6560] blkdev_release+0x15/0x20
[ 87.400970][ T6560] __fput+0x3ff/0xb70
[ 87.402195][ T6560] task_work_run+0x14d/0x240
[ 87.403612][ T6560] do_exit+0x86f/0x2bf0
[ 87.405036][ T6560] do_group_exit+0xd3/0x2a0
[ 87.406571][ T6560] get_signal+0x2673/0x26d0
[ 87.407916][ T6560] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.409611][ T6560] exit_to_user_mode_loop+0x84/0x110
[ 87.411230][ T6560] do_syscall_64+0x3f6/0x4c0
[ 87.412626][ T6560] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.414470][ T6560] Modules linked in:
[ 87.415627][ T6560] CPU: 2 UID: 0 PID: 6560 Comm: syz.0.24 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 87.415645][ T6560] Tainted: [B]=BAD_PAGE
[ 87.415649][ T6560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.415656][ T6560] Call Trace:
[ 87.415660][ T6560]
[ 87.415665][ T6560] dump_stack_lvl+0x16c/0x1f0
[ 87.415681][ T6560] bad_page+0xcf/0x220
[ 87.415693][ T6560] ? __pfx_bad_page+0x10/0x10
[ 87.415704][ T6560] ? page_bad_reason+0x9d/0x1f0
[ 87.415716][ T6560] __free_frozen_pages+0x7f7/0x10f0
[ 87.415732][ T6560] __folio_put+0x329/0x450
[ 87.415743][ T6560] ? __pfx___folio_put+0x10/0x10
[ 87.415754][ T6560] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 87.415765][ T6560] ? rcu_is_watching+0x12/0xc0
[ 87.415778][ T6560] ? lock_release+0x201/0x2f0
[ 87.415794][ T6560] filemap_free_folio+0x132/0x170
[ 87.415804][ T6560] delete_from_page_cache_batch+0x741/0x9b0
[ 87.415817][ T6560] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 87.415828][ T6560] ? __pfx_workingset_update_node+0x10/0x10
[ 87.415840][ T6560] ? xas_move_index+0xb0/0x110
[ 87.415855][ T6560] truncate_inode_pages_range+0x279/0xe50
[ 87.415870][ T6560] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 87.415888][ T6560] ? rcu_is_watching+0x12/0xc0
[ 87.415900][ T6560] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 87.415912][ T6560] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.415924][ T6560] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.415936][ T6560] ? smp_call_function_many_cond+0x457/0x1600
[ 87.415956][ T6560] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.415967][ T6560] ? __pfx_has_bh_in_lru+0x10/0x10
[ 87.415978][ T6560] blkdev_flush_mapping+0xfb/0x290
[ 87.415991][ T6560] blkdev_put_whole+0xc4/0xf0
[ 87.416006][ T6560] bdev_release+0x47e/0x6d0
[ 87.416020][ T6560] ? __pfx_blkdev_release+0x10/0x10
[ 87.416033][ T6560] blkdev_release+0x15/0x20
[ 87.416046][ T6560] __fput+0x3ff/0xb70
[ 87.416060][ T6560] task_work_run+0x14d/0x240
[ 87.416072][ T6560] ? __pfx_task_work_run+0x10/0x10
[ 87.416083][ T6560] ? do_raw_spin_unlock+0x172/0x230
[ 87.416095][ T6560] do_exit+0x86f/0x2bf0
[ 87.416111][ T6560] ? __pfx_do_exit+0x10/0x10
[ 87.416126][ T6560] ? preempt_schedule_thunk+0x16/0x30
[ 87.416142][ T6560] do_group_exit+0xd3/0x2a0
[ 87.416158][ T6560] __x64_sys_exit_group+0x3e/0x50
[ 87.416173][ T6560] x64_sys_call+0x14fa/0x1720
[ 87.416186][ T6560] do_syscall_64+0xcd/0x4c0
[ 87.416200][ T6560] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.416211][ T6560] RIP: 0033:0x7fac75f8e969
[ 87.416219][ T6560] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 87.416224][ T6560] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 87.416234][ T6560] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 87.416241][ T6560] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 87.416247][ T6560] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 87.416254][ T6560] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000008
[ 87.416260][ T6560] R13: 00000000000927c0 R14: 000000000001523d R15: 00007ffcdde9e150
[ 87.416269][ T6560]
[ 87.537321][ T6563] BUG: Bad page state in process syz.0.25 pfn:56201
[ 87.539318][ T6563] page does not match folio
[ 87.540662][ T6563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x56201
[ 87.543652][ T6563] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 87.545889][ T6563] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 87.548555][ T6563] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 87.551120][ T6563] page dumped because: nonzero pincount
[ 87.552811][ T6563] page_owner tracks the page as allocated
[ 87.554509][ T6563] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6562, tgid 6562 (syz.0.25), ts 87520771168, free_ts 87416295298
[ 87.560504][ T6563] post_alloc_hook+0x1c0/0x230
[ 87.562016][ T6563] get_page_from_freelist+0x132b/0x38e0
[ 87.563687][ T6563] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 87.565489][ T6563] alloc_pages_mpol+0x1fb/0x550
[ 87.567189][ T6563] folio_alloc_noprof+0x20/0x2d0
[ 87.568771][ T6563] filemap_alloc_folio_noprof+0x3a1/0x470
[ 87.570523][ T6563] page_cache_ra_order+0x4e1/0xd70
[ 87.572132][ T6563] filemap_fault+0x1b4b/0x2930
[ 87.573617][ T6563] __do_fault+0x10a/0x490
[ 87.574935][ T6563] do_pte_missing+0x1a6/0x3ba0
[ 87.576438][ T6563] __handle_mm_fault+0x152a/0x2a50
[ 87.578004][ T6563] handle_mm_fault+0x589/0xd10
[ 87.579458][ T6563] do_user_addr_fault+0x60c/0x1370
[ 87.580992][ T6563] exc_page_fault+0x5c/0xb0
[ 87.582421][ T6563] asm_exc_page_fault+0x26/0x30
[ 87.583936][ T6563] page last free pid 6560 tgid 6560 stack trace:
[ 87.585893][ T6563] free_unref_folios+0xa61/0x16b0
[ 87.590323][ T6563] folios_put_refs+0x56f/0x740
[ 87.591770][ T6563] truncate_inode_pages_range+0x311/0xe50
[ 87.593523][ T6563] blkdev_flush_mapping+0xfb/0x290
[ 87.595099][ T6563] blkdev_put_whole+0xc4/0xf0
[ 87.596640][ T6563] bdev_release+0x47e/0x6d0
[ 87.598039][ T6563] blkdev_release+0x15/0x20
[ 87.599409][ T6563] __fput+0x3ff/0xb70
[ 87.600660][ T6563] task_work_run+0x14d/0x240
[ 87.602082][ T6563] do_exit+0x86f/0x2bf0
[ 87.603372][ T6563] do_group_exit+0xd3/0x2a0
[ 87.604812][ T6563] __x64_sys_exit_group+0x3e/0x50
[ 87.606335][ T6563] x64_sys_call+0x14fa/0x1720
[ 87.607805][ T6563] do_syscall_64+0xcd/0x4c0
[ 87.609211][ T6563] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.611041][ T6563] Modules linked in:
[ 87.612239][ T6563] CPU: 3 UID: 0 PID: 6563 Comm: syz.0.25 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 87.612257][ T6563] Tainted: [B]=BAD_PAGE
[ 87.612260][ T6563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.612267][ T6563] Call Trace:
[ 87.612271][ T6563]
[ 87.612275][ T6563] dump_stack_lvl+0x16c/0x1f0
[ 87.612291][ T6563] bad_page+0xcf/0x220
[ 87.612304][ T6563] ? __pfx_bad_page+0x10/0x10
[ 87.612316][ T6563] free_tail_page_prepare+0x44f/0x5b0
[ 87.612330][ T6563] __free_frozen_pages+0xbae/0x10f0
[ 87.612347][ T6563] __folio_put+0x329/0x450
[ 87.612358][ T6563] ? __pfx___folio_put+0x10/0x10
[ 87.612369][ T6563] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 87.612380][ T6563] ? rcu_is_watching+0x12/0xc0
[ 87.612393][ T6563] ? lock_release+0x201/0x2f0
[ 87.612409][ T6563] filemap_free_folio+0x132/0x170
[ 87.612419][ T6563] delete_from_page_cache_batch+0x741/0x9b0
[ 87.612432][ T6563] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 87.612444][ T6563] ? __pfx_workingset_update_node+0x10/0x10
[ 87.612454][ T6563] ? xas_move_index+0xb0/0x110
[ 87.612470][ T6563] truncate_inode_pages_range+0x279/0xe50
[ 87.612485][ T6563] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 87.612503][ T6563] ? rcu_is_watching+0x12/0xc0
[ 87.612515][ T6563] ? has_bh_in_lru+0x9d/0x100
[ 87.612526][ T6563] ? smp_call_function_many_cond+0x457/0x1600
[ 87.612545][ T6563] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.612557][ T6563] ? __pfx_has_bh_in_lru+0x10/0x10
[ 87.612568][ T6563] blkdev_flush_mapping+0xfb/0x290
[ 87.612580][ T6563] ? filemap_check_errors+0xa9/0x160
[ 87.612594][ T6563] blkdev_put_whole+0xc4/0xf0
[ 87.612606][ T6563] bdev_release+0x47e/0x6d0
[ 87.612619][ T6563] ? __pfx_blkdev_release+0x10/0x10
[ 87.612633][ T6563] blkdev_release+0x15/0x20
[ 87.612646][ T6563] __fput+0x3ff/0xb70
[ 87.612660][ T6563] task_work_run+0x14d/0x240
[ 87.612672][ T6563] ? __pfx_task_work_run+0x10/0x10
[ 87.612683][ T6563] ? do_raw_spin_unlock+0x172/0x230
[ 87.612694][ T6563] do_exit+0x86f/0x2bf0
[ 87.612710][ T6563] ? __pfx_do_exit+0x10/0x10
[ 87.612725][ T6563] ? do_raw_spin_lock+0x12c/0x2b0
[ 87.612735][ T6563] ? get_signal+0x8f5/0x26d0
[ 87.612748][ T6563] ? rcu_is_watching+0x12/0xc0
[ 87.612761][ T6563] do_group_exit+0xd3/0x2a0
[ 87.612792][ T6563] get_signal+0x2673/0x26d0
[ 87.612808][ T6563] ? __pfx_get_signal+0x10/0x10
[ 87.612820][ T6563] ? do_futex+0x122/0x350
[ 87.612836][ T6563] ? __pfx_do_futex+0x10/0x10
[ 87.612852][ T6563] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.612867][ T6563] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 87.612882][ T6563] ? __pfx_do_preadv+0x10/0x10
[ 87.612899][ T6563] exit_to_user_mode_loop+0x84/0x110
[ 87.612911][ T6563] do_syscall_64+0x3f6/0x4c0
[ 87.612926][ T6563] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.612936][ T6563] RIP: 0033:0x7fac75f8e969
[ 87.612944][ T6563] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 87.612949][ T6563] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 87.612959][ T6563] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 87.612966][ T6563] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 87.612972][ T6563] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 87.612978][ T6563] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 87.612984][ T6563] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 87.612994][ T6563]
[ 87.613009][ T6563] BUG: Bad page state in process syz.0.25 pfn:56200
[ 87.717081][ T6563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x56200
[ 87.720547][ T6563] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 87.723821][ T6563] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 87.727742][ T6563] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 87.731056][ T6563] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 87.733593][ T6563] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 87.736153][ T6563] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 87.738785][ T6563] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 87.741387][ T6563] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 87.743931][ T6563] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 87.746067][ T6563] page_owner tracks the page as allocated
[ 87.747829][ T6563] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6562, tgid 6562 (syz.0.25), ts 87520771168, free_ts 87416295298
[ 87.753807][ T6563] post_alloc_hook+0x1c0/0x230
[ 87.755245][ T6563] get_page_from_freelist+0x132b/0x38e0
[ 87.757022][ T6563] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 87.758791][ T6563] alloc_pages_mpol+0x1fb/0x550
[ 87.760420][ T6563] folio_alloc_noprof+0x20/0x2d0
[ 87.761916][ T6563] filemap_alloc_folio_noprof+0x3a1/0x470
[ 87.763613][ T6563] page_cache_ra_order+0x4e1/0xd70
[ 87.765178][ T6563] filemap_fault+0x1b4b/0x2930
[ 87.766684][ T6563] __do_fault+0x10a/0x490
[ 87.767980][ T6563] do_pte_missing+0x1a6/0x3ba0
[ 87.769472][ T6563] __handle_mm_fault+0x152a/0x2a50
[ 87.771043][ T6563] handle_mm_fault+0x589/0xd10
[ 87.772477][ T6563] do_user_addr_fault+0x60c/0x1370
[ 87.773991][ T6563] exc_page_fault+0x5c/0xb0
[ 87.775391][ T6563] asm_exc_page_fault+0x26/0x30
[ 87.776914][ T6563] page last free pid 6560 tgid 6560 stack trace:
[ 87.778783][ T6563] free_unref_folios+0xa61/0x16b0
[ 87.780343][ T6563] folios_put_refs+0x56f/0x740
[ 87.781800][ T6563] truncate_inode_pages_range+0x311/0xe50
[ 87.783505][ T6563] blkdev_flush_mapping+0xfb/0x290
[ 87.785088][ T6563] blkdev_put_whole+0xc4/0xf0
[ 87.786614][ T6563] bdev_release+0x47e/0x6d0
[ 87.788025][ T6563] blkdev_release+0x15/0x20
[ 87.789406][ T6563] __fput+0x3ff/0xb70
[ 87.790659][ T6563] task_work_run+0x14d/0x240
[ 87.792081][ T6563] do_exit+0x86f/0x2bf0
[ 87.793341][ T6563] do_group_exit+0xd3/0x2a0
[ 87.794751][ T6563] __x64_sys_exit_group+0x3e/0x50
[ 87.796259][ T6563] x64_sys_call+0x14fa/0x1720
[ 87.797779][ T6563] do_syscall_64+0xcd/0x4c0
[ 87.799133][ T6563] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.801024][ T6563] Modules linked in:
[ 87.802209][ T6563] CPU: 2 UID: 0 PID: 6563 Comm: syz.0.25 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 87.802227][ T6563] Tainted: [B]=BAD_PAGE
[ 87.802231][ T6563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.802237][ T6563] Call Trace:
[ 87.802242][ T6563]
[ 87.802246][ T6563] dump_stack_lvl+0x16c/0x1f0
[ 87.802262][ T6563] bad_page+0xcf/0x220
[ 87.802274][ T6563] ? __pfx_bad_page+0x10/0x10
[ 87.802285][ T6563] ? page_bad_reason+0x9d/0x1f0
[ 87.802296][ T6563] __free_frozen_pages+0x7f7/0x10f0
[ 87.802314][ T6563] __folio_put+0x329/0x450
[ 87.802325][ T6563] ? __pfx___folio_put+0x10/0x10
[ 87.802336][ T6563] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 87.802348][ T6563] ? rcu_is_watching+0x12/0xc0
[ 87.802361][ T6563] ? lock_release+0x201/0x2f0
[ 87.802377][ T6563] filemap_free_folio+0x132/0x170
[ 87.802388][ T6563] delete_from_page_cache_batch+0x741/0x9b0
[ 87.802400][ T6563] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 87.802411][ T6563] ? __pfx_workingset_update_node+0x10/0x10
[ 87.802422][ T6563] ? xas_move_index+0xb0/0x110
[ 87.802437][ T6563] truncate_inode_pages_range+0x279/0xe50
[ 87.802452][ T6563] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 87.802469][ T6563] ? rcu_is_watching+0x12/0xc0
[ 87.802481][ T6563] ? has_bh_in_lru+0x9d/0x100
[ 87.802492][ T6563] ? smp_call_function_many_cond+0x457/0x1600
[ 87.802512][ T6563] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.802524][ T6563] ? __pfx_has_bh_in_lru+0x10/0x10
[ 87.802535][ T6563] blkdev_flush_mapping+0xfb/0x290
[ 87.802547][ T6563] ? filemap_check_errors+0xa9/0x160
[ 87.802563][ T6563] blkdev_put_whole+0xc4/0xf0
[ 87.802574][ T6563] bdev_release+0x47e/0x6d0
[ 87.802587][ T6563] ? __pfx_blkdev_release+0x10/0x10
[ 87.802600][ T6563] blkdev_release+0x15/0x20
[ 87.802613][ T6563] __fput+0x3ff/0xb70
[ 87.802627][ T6563] task_work_run+0x14d/0x240
[ 87.802639][ T6563] ? __pfx_task_work_run+0x10/0x10
[ 87.802650][ T6563] ? do_raw_spin_unlock+0x172/0x230
[ 87.802662][ T6563] do_exit+0x86f/0x2bf0
[ 87.802678][ T6563] ? __pfx_do_exit+0x10/0x10
[ 87.802693][ T6563] ? do_raw_spin_lock+0x12c/0x2b0
[ 87.802704][ T6563] ? get_signal+0x8f5/0x26d0
[ 87.802716][ T6563] ? rcu_is_watching+0x12/0xc0
[ 87.802729][ T6563] do_group_exit+0xd3/0x2a0
[ 87.802745][ T6563] get_signal+0x2673/0x26d0
[ 87.802759][ T6563] ? __pfx_get_signal+0x10/0x10
[ 87.802772][ T6563] ? do_futex+0x122/0x350
[ 87.802787][ T6563] ? __pfx_do_futex+0x10/0x10
[ 87.802803][ T6563] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.802818][ T6563] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 87.802833][ T6563] ? __pfx_do_preadv+0x10/0x10
[ 87.802850][ T6563] exit_to_user_mode_loop+0x84/0x110
[ 87.802861][ T6563] do_syscall_64+0x3f6/0x4c0
[ 87.802876][ T6563] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.802887][ T6563] RIP: 0033:0x7fac75f8e969
[ 87.802895][ T6563] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 87.802899][ T6563] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 87.802909][ T6563] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 87.802916][ T6563] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 87.802923][ T6563] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 87.802929][ T6563] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 87.802935][ T6563] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 87.802945][ T6563]
[ 87.829467][ T6565] BUG: Bad page state in process syz.0.26 pfn:56401
[ 87.923247][ T6565] page does not match folio
[ 87.925120][ T6565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x56401
[ 87.929172][ T6565] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 87.931427][ T6565] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 87.933983][ T6565] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 87.936812][ T6565] page dumped because: nonzero pincount
[ 87.938464][ T6565] page_owner tracks the page as allocated
[ 87.940131][ T6565] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6564, tgid 6564 (syz.0.26), ts 87811365119, free_ts 87802986306
[ 87.945970][ T6565] post_alloc_hook+0x1c0/0x230
[ 87.947570][ T6565] get_page_from_freelist+0x132b/0x38e0
[ 87.949227][ T6565] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 87.951034][ T6565] alloc_pages_mpol+0x1fb/0x550
[ 87.952517][ T6565] folio_alloc_noprof+0x20/0x2d0
[ 87.953994][ T6565] filemap_alloc_folio_noprof+0x3a1/0x470
[ 87.955704][ T6565] page_cache_ra_order+0x4e1/0xd70
[ 87.957624][ T6565] filemap_fault+0x1b4b/0x2930
[ 87.959083][ T6565] __do_fault+0x10a/0x490
[ 87.960393][ T6565] do_pte_missing+0x1a6/0x3ba0
[ 87.961926][ T6565] __handle_mm_fault+0x152a/0x2a50
[ 87.963481][ T6565] handle_mm_fault+0x589/0xd10
[ 87.964928][ T6565] do_user_addr_fault+0x60c/0x1370
[ 87.966555][ T6565] exc_page_fault+0x5c/0xb0
[ 87.967928][ T6565] asm_exc_page_fault+0x26/0x30
[ 87.969407][ T6565] page last free pid 6563 tgid 6562 stack trace:
[ 87.971299][ T6565] free_unref_folios+0xa61/0x16b0
[ 87.972817][ T6565] folios_put_refs+0x56f/0x740
[ 87.974219][ T6565] truncate_inode_pages_range+0x311/0xe50
[ 87.975876][ T6565] blkdev_flush_mapping+0xfb/0x290
[ 87.977458][ T6565] blkdev_put_whole+0xc4/0xf0
[ 87.978853][ T6565] bdev_release+0x47e/0x6d0
[ 87.980218][ T6565] blkdev_release+0x15/0x20
[ 87.981605][ T6565] __fput+0x3ff/0xb70
[ 87.982859][ T6565] task_work_run+0x14d/0x240
[ 87.984259][ T6565] do_exit+0x86f/0x2bf0
[ 87.985554][ T6565] do_group_exit+0xd3/0x2a0
[ 87.986973][ T6565] get_signal+0x2673/0x26d0
[ 87.988362][ T6565] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.990057][ T6565] exit_to_user_mode_loop+0x84/0x110
[ 87.991621][ T6565] do_syscall_64+0x3f6/0x4c0
[ 87.993052][ T6565] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.994838][ T6565] Modules linked in:
[ 87.996010][ T6565] CPU: 1 UID: 0 PID: 6565 Comm: syz.0.26 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 87.996027][ T6565] Tainted: [B]=BAD_PAGE
[ 87.996031][ T6565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.996038][ T6565] Call Trace:
[ 87.996042][ T6565]
[ 87.996046][ T6565] dump_stack_lvl+0x16c/0x1f0
[ 87.996062][ T6565] bad_page+0xcf/0x220
[ 87.996074][ T6565] ? __pfx_bad_page+0x10/0x10
[ 87.996086][ T6565] free_tail_page_prepare+0x44f/0x5b0
[ 87.996100][ T6565] __free_frozen_pages+0xbae/0x10f0
[ 87.996117][ T6565] __folio_put+0x329/0x450
[ 87.996127][ T6565] ? __pfx___folio_put+0x10/0x10
[ 87.996138][ T6565] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 87.996149][ T6565] ? rcu_is_watching+0x12/0xc0
[ 87.996162][ T6565] ? lock_release+0x201/0x2f0
[ 87.996179][ T6565] filemap_free_folio+0x132/0x170
[ 87.996189][ T6565] delete_from_page_cache_batch+0x741/0x9b0
[ 87.996202][ T6565] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 87.996214][ T6565] ? __pfx_workingset_update_node+0x10/0x10
[ 87.996224][ T6565] ? xas_move_index+0xb0/0x110
[ 87.996239][ T6565] truncate_inode_pages_range+0x279/0xe50
[ 87.996254][ T6565] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 87.996276][ T6565] ? rcu_is_watching+0x12/0xc0
[ 87.996288][ T6565] ? has_bh_in_lru+0x9d/0x100
[ 87.996299][ T6565] ? smp_call_function_many_cond+0x457/0x1600
[ 87.996318][ T6565] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.996330][ T6565] ? __pfx_has_bh_in_lru+0x10/0x10
[ 87.996341][ T6565] blkdev_flush_mapping+0xfb/0x290
[ 87.996366][ T6565] ? filemap_check_errors+0xa9/0x160
[ 87.996380][ T6565] blkdev_put_whole+0xc4/0xf0
[ 87.996391][ T6565] bdev_release+0x47e/0x6d0
[ 87.996405][ T6565] ? __pfx_blkdev_release+0x10/0x10
[ 87.996418][ T6565] blkdev_release+0x15/0x20
[ 87.996431][ T6565] __fput+0x3ff/0xb70
[ 87.996445][ T6565] task_work_run+0x14d/0x240
[ 87.996457][ T6565] ? __pfx_task_work_run+0x10/0x10
[ 87.996472][ T6565] ? do_raw_spin_unlock+0x172/0x230
[ 87.996491][ T6565] do_exit+0x86f/0x2bf0
[ 87.996513][ T6565] ? __pfx_do_exit+0x10/0x10
[ 87.996528][ T6565] ? do_raw_spin_lock+0x12c/0x2b0
[ 87.996539][ T6565] ? get_signal+0x8f5/0x26d0
[ 87.996551][ T6565] ? rcu_is_watching+0x12/0xc0
[ 87.996563][ T6565] do_group_exit+0xd3/0x2a0
[ 87.996579][ T6565] get_signal+0x2673/0x26d0
[ 87.996594][ T6565] ? __pfx_get_signal+0x10/0x10
[ 87.996606][ T6565] ? do_futex+0x122/0x350
[ 87.996622][ T6565] ? __pfx_do_futex+0x10/0x10
[ 87.996638][ T6565] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.996652][ T6565] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 87.996667][ T6565] ? __pfx_do_preadv+0x10/0x10
[ 87.996684][ T6565] exit_to_user_mode_loop+0x84/0x110
[ 87.996695][ T6565] do_syscall_64+0x3f6/0x4c0
[ 87.996710][ T6565] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.996720][ T6565] RIP: 0033:0x7fac75f8e969
[ 87.996729][ T6565] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 87.996733][ T6565] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 87.996744][ T6565] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 87.996750][ T6565] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 87.996757][ T6565] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 87.996763][ T6565] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 87.996788][ T6565] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 87.996801][ T6565]
[ 88.099133][ T6565] BUG: Bad page state in process syz.0.26 pfn:56400
[ 88.101115][ T6565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x56400
[ 88.103762][ T6565] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 88.106276][ T6565] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 88.109260][ T6565] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 88.111905][ T6565] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.114555][ T6565] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 88.117284][ T6565] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.119843][ T6565] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.122590][ T6565] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 88.125156][ T6565] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 88.127397][ T6565] page_owner tracks the page as allocated
[ 88.129102][ T6565] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6564, tgid 6564 (syz.0.26), ts 87811365119, free_ts 87802986306
[ 88.135031][ T6565] post_alloc_hook+0x1c0/0x230
[ 88.136513][ T6565] get_page_from_freelist+0x132b/0x38e0
[ 88.138155][ T6565] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.139927][ T6565] alloc_pages_mpol+0x1fb/0x550
[ 88.141390][ T6565] folio_alloc_noprof+0x20/0x2d0
[ 88.142895][ T6565] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.144576][ T6565] page_cache_ra_order+0x4e1/0xd70
[ 88.146127][ T6565] filemap_fault+0x1b4b/0x2930
[ 88.147613][ T6565] __do_fault+0x10a/0x490
[ 88.148873][ T6565] do_pte_missing+0x1a6/0x3ba0
[ 88.150317][ T6565] __handle_mm_fault+0x152a/0x2a50
[ 88.151871][ T6565] handle_mm_fault+0x589/0xd10
[ 88.153337][ T6565] do_user_addr_fault+0x60c/0x1370
[ 88.154852][ T6565] exc_page_fault+0x5c/0xb0
[ 88.156226][ T6565] asm_exc_page_fault+0x26/0x30
[ 88.157760][ T6565] page last free pid 6563 tgid 6562 stack trace:
[ 88.159746][ T6565] free_unref_folios+0xa61/0x16b0
[ 88.161354][ T6565] folios_put_refs+0x56f/0x740
[ 88.162806][ T6565] truncate_inode_pages_range+0x311/0xe50
[ 88.164475][ T6565] blkdev_flush_mapping+0xfb/0x290
[ 88.166015][ T6565] blkdev_put_whole+0xc4/0xf0
[ 88.167584][ T6565] bdev_release+0x47e/0x6d0
[ 88.169065][ T6565] blkdev_release+0x15/0x20
[ 88.170470][ T6565] __fput+0x3ff/0xb70
[ 88.171677][ T6565] task_work_run+0x14d/0x240
[ 88.173069][ T6565] do_exit+0x86f/0x2bf0
[ 88.174326][ T6565] do_group_exit+0xd3/0x2a0
[ 88.175705][ T6565] get_signal+0x2673/0x26d0
[ 88.177233][ T6565] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.178972][ T6565] exit_to_user_mode_loop+0x84/0x110
[ 88.180516][ T6565] do_syscall_64+0x3f6/0x4c0
[ 88.181923][ T6565] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.183765][ T6565] Modules linked in:
[ 88.184971][ T6565] CPU: 2 UID: 0 PID: 6565 Comm: syz.0.26 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.184992][ T6565] Tainted: [B]=BAD_PAGE
[ 88.184996][ T6565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.185003][ T6565] Call Trace:
[ 88.185008][ T6565]
[ 88.185011][ T6565] dump_stack_lvl+0x16c/0x1f0
[ 88.185029][ T6565] bad_page+0xcf/0x220
[ 88.185041][ T6565] ? __pfx_bad_page+0x10/0x10
[ 88.185052][ T6565] ? page_bad_reason+0x9d/0x1f0
[ 88.185063][ T6565] __free_frozen_pages+0x7f7/0x10f0
[ 88.185080][ T6565] __folio_put+0x329/0x450
[ 88.185091][ T6565] ? __pfx___folio_put+0x10/0x10
[ 88.185102][ T6565] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.185114][ T6565] ? rcu_is_watching+0x12/0xc0
[ 88.185127][ T6565] ? lock_release+0x201/0x2f0
[ 88.185143][ T6565] filemap_free_folio+0x132/0x170
[ 88.185153][ T6565] delete_from_page_cache_batch+0x741/0x9b0
[ 88.185165][ T6565] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.185177][ T6565] ? __pfx_workingset_update_node+0x10/0x10
[ 88.185188][ T6565] ? xas_move_index+0xb0/0x110
[ 88.185203][ T6565] truncate_inode_pages_range+0x279/0xe50
[ 88.185218][ T6565] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.185236][ T6565] ? rcu_is_watching+0x12/0xc0
[ 88.185248][ T6565] ? has_bh_in_lru+0x9d/0x100
[ 88.185259][ T6565] ? smp_call_function_many_cond+0x457/0x1600
[ 88.185278][ T6565] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.185290][ T6565] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.185301][ T6565] blkdev_flush_mapping+0xfb/0x290
[ 88.185312][ T6565] ? filemap_check_errors+0xa9/0x160
[ 88.185327][ T6565] blkdev_put_whole+0xc4/0xf0
[ 88.185338][ T6565] bdev_release+0x47e/0x6d0
[ 88.185352][ T6565] ? __pfx_blkdev_release+0x10/0x10
[ 88.185365][ T6565] blkdev_release+0x15/0x20
[ 88.185378][ T6565] __fput+0x3ff/0xb70
[ 88.185392][ T6565] task_work_run+0x14d/0x240
[ 88.185403][ T6565] ? __pfx_task_work_run+0x10/0x10
[ 88.185414][ T6565] ? do_raw_spin_unlock+0x172/0x230
[ 88.185426][ T6565] do_exit+0x86f/0x2bf0
[ 88.185442][ T6565] ? __pfx_do_exit+0x10/0x10
[ 88.185457][ T6565] ? do_raw_spin_lock+0x12c/0x2b0
[ 88.185468][ T6565] ? get_signal+0x8f5/0x26d0
[ 88.185480][ T6565] ? rcu_is_watching+0x12/0xc0
[ 88.185492][ T6565] do_group_exit+0xd3/0x2a0
[ 88.185508][ T6565] get_signal+0x2673/0x26d0
[ 88.185523][ T6565] ? __pfx_get_signal+0x10/0x10
[ 88.185536][ T6565] ? do_futex+0x122/0x350
[ 88.185551][ T6565] ? __pfx_do_futex+0x10/0x10
[ 88.185566][ T6565] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.185581][ T6565] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 88.185596][ T6565] ? __pfx_do_preadv+0x10/0x10
[ 88.185613][ T6565] exit_to_user_mode_loop+0x84/0x110
[ 88.185623][ T6565] do_syscall_64+0x3f6/0x4c0
[ 88.185639][ T6565] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.185649][ T6565] RIP: 0033:0x7fac75f8e969
[ 88.185657][ T6565] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 88.185661][ T6565] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 88.185671][ T6565] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 88.185678][ T6565] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 88.185684][ T6565] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 88.185690][ T6565] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 88.185697][ T6565] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 88.185706][ T6565]
[ 88.320667][ T6566] BUG: Bad page state in process syz.0.27 pfn:56601
[ 88.323324][ T6566] page does not match folio
[ 88.325084][ T6566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x56601
[ 88.329137][ T6566] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 88.331467][ T6566] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 88.334266][ T6566] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 88.337044][ T6566] page dumped because: nonzero pincount
[ 88.338675][ T6566] page_owner tracks the page as allocated
[ 88.340341][ T6566] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6566, tgid 6566 (syz.0.27), ts 88244271613, free_ts 88185730862
[ 88.346774][ T6566] post_alloc_hook+0x1c0/0x230
[ 88.348404][ T6566] get_page_from_freelist+0x132b/0x38e0
[ 88.350276][ T6566] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.352309][ T6566] alloc_pages_mpol+0x1fb/0x550
[ 88.353988][ T6566] folio_alloc_noprof+0x20/0x2d0
[ 88.355921][ T6566] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.357932][ T6566] page_cache_ra_order+0x4e1/0xd70
[ 88.359617][ T6566] filemap_fault+0x1b4b/0x2930
[ 88.361107][ T6566] __do_fault+0x10a/0x490
[ 88.362472][ T6566] do_pte_missing+0x1a6/0x3ba0
[ 88.363961][ T6566] __handle_mm_fault+0x152a/0x2a50
[ 88.365541][ T6566] handle_mm_fault+0x589/0xd10
[ 88.367185][ T6566] do_user_addr_fault+0x60c/0x1370
[ 88.368781][ T6566] exc_page_fault+0x5c/0xb0
[ 88.370167][ T6566] asm_exc_page_fault+0x26/0x30
[ 88.371628][ T6566] page last free pid 6565 tgid 6564 stack trace:
[ 88.373729][ T6566] free_unref_folios+0xa61/0x16b0
[ 88.375252][ T6566] folios_put_refs+0x56f/0x740
[ 88.376782][ T6566] truncate_inode_pages_range+0x311/0xe50
[ 88.378421][ T6566] blkdev_flush_mapping+0xfb/0x290
[ 88.379929][ T6566] blkdev_put_whole+0xc4/0xf0
[ 88.381410][ T6566] bdev_release+0x47e/0x6d0
[ 88.382780][ T6566] blkdev_release+0x15/0x20
[ 88.384210][ T6566] __fput+0x3ff/0xb70
[ 88.385420][ T6566] task_work_run+0x14d/0x240
[ 88.386876][ T6566] do_exit+0x86f/0x2bf0
[ 88.388175][ T6566] do_group_exit+0xd3/0x2a0
[ 88.389534][ T6566] get_signal+0x2673/0x26d0
[ 88.390901][ T6566] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.392631][ T6566] exit_to_user_mode_loop+0x84/0x110
[ 88.394209][ T6566] do_syscall_64+0x3f6/0x4c0
[ 88.395597][ T6566] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.397645][ T6566] Modules linked in:
[ 88.398888][ T6566] CPU: 0 UID: 0 PID: 6566 Comm: syz.0.27 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.398915][ T6566] Tainted: [B]=BAD_PAGE
[ 88.398920][ T6566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.398927][ T6566] Call Trace:
[ 88.398931][ T6566]
[ 88.398935][ T6566] dump_stack_lvl+0x16c/0x1f0
[ 88.398951][ T6566] bad_page+0xcf/0x220
[ 88.398963][ T6566] ? __pfx_bad_page+0x10/0x10
[ 88.398975][ T6566] free_tail_page_prepare+0x44f/0x5b0
[ 88.398989][ T6566] __free_frozen_pages+0xbae/0x10f0
[ 88.399005][ T6566] __folio_put+0x329/0x450
[ 88.399016][ T6566] ? __pfx___folio_put+0x10/0x10
[ 88.399027][ T6566] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.399038][ T6566] ? rcu_is_watching+0x12/0xc0
[ 88.399051][ T6566] ? lock_release+0x201/0x2f0
[ 88.399067][ T6566] filemap_free_folio+0x132/0x170
[ 88.399077][ T6566] delete_from_page_cache_batch+0x741/0x9b0
[ 88.399089][ T6566] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.399101][ T6566] ? __pfx_workingset_update_node+0x10/0x10
[ 88.399112][ T6566] ? xas_move_index+0xb0/0x110
[ 88.399127][ T6566] truncate_inode_pages_range+0x279/0xe50
[ 88.399142][ T6566] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.399155][ T6566] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 88.399171][ T6566] ? kvm_smp_send_call_func_ipi+0xfd/0x250
[ 88.399185][ T6566] ? on_each_cpu_cond_mask+0x40/0x90
[ 88.399198][ T6566] ? has_bh_in_lru+0x9d/0x100
[ 88.399208][ T6566] ? on_each_cpu_cond_mask+0x40/0x90
[ 88.399221][ T6566] ? smp_call_function_many_cond+0x457/0x1600
[ 88.399239][ T6566] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.399251][ T6566] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.399262][ T6566] blkdev_flush_mapping+0xfb/0x290
[ 88.399275][ T6566] blkdev_put_whole+0xc4/0xf0
[ 88.399295][ T6566] bdev_release+0x47e/0x6d0
[ 88.399308][ T6566] ? __pfx_blkdev_release+0x10/0x10
[ 88.399321][ T6566] blkdev_release+0x15/0x20
[ 88.399334][ T6566] __fput+0x3ff/0xb70
[ 88.399348][ T6566] task_work_run+0x14d/0x240
[ 88.399359][ T6566] ? __pfx_task_work_run+0x10/0x10
[ 88.399370][ T6566] ? do_raw_spin_unlock+0x172/0x230
[ 88.399382][ T6566] do_exit+0x86f/0x2bf0
[ 88.399398][ T6566] ? __pfx_do_exit+0x10/0x10
[ 88.399413][ T6566] ? preempt_schedule_thunk+0x16/0x30
[ 88.399429][ T6566] do_group_exit+0xd3/0x2a0
[ 88.399445][ T6566] __x64_sys_exit_group+0x3e/0x50
[ 88.399460][ T6566] x64_sys_call+0x14fa/0x1720
[ 88.399472][ T6566] do_syscall_64+0xcd/0x4c0
[ 88.399487][ T6566] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.399498][ T6566] RIP: 0033:0x7fac75f8e969
[ 88.399506][ T6566] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 88.399510][ T6566] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 88.399521][ T6566] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 88.399527][ T6566] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 88.399534][ T6566] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 88.399540][ T6566] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b
[ 88.399546][ T6566] R13: 00000000000927c0 R14: 00000000000156a8 R15: 00007ffcdde9e150
[ 88.399555][ T6566]
[ 88.399581][ T6566] BUG: Bad page state in process syz.0.27 pfn:56600
[ 88.494961][ T6566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x56600
[ 88.497634][ T6566] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 88.500131][ T6566] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 88.503010][ T6566] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 88.505540][ T6566] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.508147][ T6566] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 88.510738][ T6566] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.513277][ T6566] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.515795][ T6566] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 88.518412][ T6566] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 88.520570][ T6566] page_owner tracks the page as allocated
[ 88.522259][ T6566] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6566, tgid 6566 (syz.0.27), ts 88244271613, free_ts 88185730862
[ 88.528225][ T6012] Bluetooth: hci0: command tx timeout
[ 88.530051][ T6566] post_alloc_hook+0x1c0/0x230
[ 88.531536][ T6566] get_page_from_freelist+0x132b/0x38e0
[ 88.533399][ T6566] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.535379][ T6566] alloc_pages_mpol+0x1fb/0x550
[ 88.537117][ T6566] folio_alloc_noprof+0x20/0x2d0
[ 88.538798][ T6566] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.540713][ T6566] page_cache_ra_order+0x4e1/0xd70
[ 88.542464][ T6566] filemap_fault+0x1b4b/0x2930
[ 88.544039][ T6566] __do_fault+0x10a/0x490
[ 88.545425][ T6566] do_pte_missing+0x1a6/0x3ba0
[ 88.546961][ T6566] __handle_mm_fault+0x152a/0x2a50
[ 88.548506][ T6566] handle_mm_fault+0x589/0xd10
[ 88.550046][ T6566] do_user_addr_fault+0x60c/0x1370
[ 88.551594][ T6566] exc_page_fault+0x5c/0xb0
[ 88.553023][ T6566] asm_exc_page_fault+0x26/0x30
[ 88.554487][ T6566] page last free pid 6565 tgid 6564 stack trace:
[ 88.556338][ T6566] free_unref_folios+0xa61/0x16b0
[ 88.557905][ T6566] folios_put_refs+0x56f/0x740
[ 88.559327][ T6566] truncate_inode_pages_range+0x311/0xe50
[ 88.561047][ T6566] blkdev_flush_mapping+0xfb/0x290
[ 88.562613][ T6566] blkdev_put_whole+0xc4/0xf0
[ 88.564015][ T6566] bdev_release+0x47e/0x6d0
[ 88.565364][ T6566] blkdev_release+0x15/0x20
[ 88.566779][ T6566] __fput+0x3ff/0xb70
[ 88.568032][ T6566] task_work_run+0x14d/0x240
[ 88.569427][ T6566] do_exit+0x86f/0x2bf0
[ 88.570708][ T6566] do_group_exit+0xd3/0x2a0
[ 88.572132][ T6566] get_signal+0x2673/0x26d0
[ 88.573922][ T6566] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.576103][ T6566] exit_to_user_mode_loop+0x84/0x110
[ 88.578271][ T6566] do_syscall_64+0x3f6/0x4c0
[ 88.580093][ T6566] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.582448][ T6566] Modules linked in:
[ 88.583994][ T6566] CPU: 0 UID: 0 PID: 6566 Comm: syz.0.27 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.584023][ T6566] Tainted: [B]=BAD_PAGE
[ 88.584029][ T6566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.584041][ T6566] Call Trace:
[ 88.584047][ T6566]
[ 88.584053][ T6566] dump_stack_lvl+0x16c/0x1f0
[ 88.584077][ T6566] bad_page+0xcf/0x220
[ 88.584094][ T6566] ? __pfx_bad_page+0x10/0x10
[ 88.584113][ T6566] ? page_bad_reason+0x9d/0x1f0
[ 88.584132][ T6566] __free_frozen_pages+0x7f7/0x10f0
[ 88.584156][ T6566] __folio_put+0x329/0x450
[ 88.584174][ T6566] ? __pfx___folio_put+0x10/0x10
[ 88.584189][ T6566] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.584207][ T6566] ? rcu_is_watching+0x12/0xc0
[ 88.584228][ T6566] ? lock_release+0x201/0x2f0
[ 88.584253][ T6566] filemap_free_folio+0x132/0x170
[ 88.584269][ T6566] delete_from_page_cache_batch+0x741/0x9b0
[ 88.584288][ T6566] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.584306][ T6566] ? __pfx_workingset_update_node+0x10/0x10
[ 88.584324][ T6566] ? xas_move_index+0xb0/0x110
[ 88.584347][ T6566] truncate_inode_pages_range+0x279/0xe50
[ 88.584370][ T6566] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.584391][ T6566] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 88.584417][ T6566] ? kvm_smp_send_call_func_ipi+0xfd/0x250
[ 88.584437][ T6566] ? on_each_cpu_cond_mask+0x40/0x90
[ 88.584457][ T6566] ? has_bh_in_lru+0x9d/0x100
[ 88.584473][ T6566] ? on_each_cpu_cond_mask+0x40/0x90
[ 88.584491][ T6566] ? smp_call_function_many_cond+0x457/0x1600
[ 88.584520][ T6566] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.584540][ T6566] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.584556][ T6566] blkdev_flush_mapping+0xfb/0x290
[ 88.584577][ T6566] blkdev_put_whole+0xc4/0xf0
[ 88.584596][ T6566] bdev_release+0x47e/0x6d0
[ 88.584616][ T6566] ? __pfx_blkdev_release+0x10/0x10
[ 88.584636][ T6566] blkdev_release+0x15/0x20
[ 88.584656][ T6566] __fput+0x3ff/0xb70
[ 88.584678][ T6566] task_work_run+0x14d/0x240
[ 88.584697][ T6566] ? __pfx_task_work_run+0x10/0x10
[ 88.584712][ T6566] ? do_raw_spin_unlock+0x172/0x230
[ 88.584732][ T6566] do_exit+0x86f/0x2bf0
[ 88.584757][ T6566] ? __pfx_do_exit+0x10/0x10
[ 88.584797][ T6566] ? preempt_schedule_thunk+0x16/0x30
[ 88.584822][ T6566] do_group_exit+0xd3/0x2a0
[ 88.584847][ T6566] __x64_sys_exit_group+0x3e/0x50
[ 88.584870][ T6566] x64_sys_call+0x14fa/0x1720
[ 88.584889][ T6566] do_syscall_64+0xcd/0x4c0
[ 88.584912][ T6566] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.584928][ T6566] RIP: 0033:0x7fac75f8e969
[ 88.584942][ T6566] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 88.584949][ T6566] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 88.584966][ T6566] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 88.584977][ T6566] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 88.584986][ T6566] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 88.584997][ T6566] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b
[ 88.585007][ T6566] R13: 00000000000927c0 R14: 00000000000156a8 R15: 00007ffcdde9e150
[ 88.585027][ T6566]
[ 88.715854][ T6570] BUG: Bad page state in process syz.0.28 pfn:56801
[ 88.718364][ T6570] page does not match folio
[ 88.719907][ T6570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x56801
[ 88.723376][ T6570] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 88.726042][ T6570] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 88.729220][ T6570] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 88.732177][ T6570] page dumped because: nonzero pincount
[ 88.734157][ T6570] page_owner tracks the page as allocated
[ 88.736433][ T6570] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6569, tgid 6569 (syz.0.28), ts 88698568698, free_ts 88585070608
[ 88.743568][ T6570] post_alloc_hook+0x1c0/0x230
[ 88.745324][ T6570] get_page_from_freelist+0x132b/0x38e0
[ 88.747522][ T6570] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.749303][ T6570] alloc_pages_mpol+0x1fb/0x550
[ 88.750778][ T6570] folio_alloc_noprof+0x20/0x2d0
[ 88.752250][ T6570] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.753940][ T6570] page_cache_ra_order+0x4e1/0xd70
[ 88.755462][ T6570] filemap_fault+0x1b4b/0x2930
[ 88.756982][ T6570] __do_fault+0x10a/0x490
[ 88.758278][ T6570] do_pte_missing+0x1a6/0x3ba0
[ 88.759707][ T6570] __handle_mm_fault+0x152a/0x2a50
[ 88.761242][ T6570] handle_mm_fault+0x589/0xd10
[ 88.762679][ T6570] do_user_addr_fault+0x60c/0x1370
[ 88.764197][ T6570] exc_page_fault+0x5c/0xb0
[ 88.765549][ T6570] asm_exc_page_fault+0x26/0x30
[ 88.767050][ T6570] page last free pid 6566 tgid 6566 stack trace:
[ 88.768912][ T6570] free_unref_folios+0xa61/0x16b0
[ 88.770533][ T6570] folios_put_refs+0x56f/0x740
[ 88.771993][ T6570] truncate_inode_pages_range+0x311/0xe50
[ 88.773713][ T6570] blkdev_flush_mapping+0xfb/0x290
[ 88.775246][ T6570] blkdev_put_whole+0xc4/0xf0
[ 88.776703][ T6570] bdev_release+0x47e/0x6d0
[ 88.778112][ T6570] blkdev_release+0x15/0x20
[ 88.779481][ T6570] __fput+0x3ff/0xb70
[ 88.780700][ T6570] task_work_run+0x14d/0x240
[ 88.782100][ T6570] do_exit+0x86f/0x2bf0
[ 88.783347][ T6570] do_group_exit+0xd3/0x2a0
[ 88.784696][ T6570] __x64_sys_exit_group+0x3e/0x50
[ 88.786225][ T6570] x64_sys_call+0x14fa/0x1720
[ 88.787697][ T6570] do_syscall_64+0xcd/0x4c0
[ 88.789052][ T6570] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.790814][ T6570] Modules linked in:
[ 88.792033][ T6570] CPU: 1 UID: 0 PID: 6570 Comm: syz.0.28 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.792050][ T6570] Tainted: [B]=BAD_PAGE
[ 88.792054][ T6570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.792060][ T6570] Call Trace:
[ 88.792064][ T6570]
[ 88.792069][ T6570] dump_stack_lvl+0x16c/0x1f0
[ 88.792084][ T6570] bad_page+0xcf/0x220
[ 88.792096][ T6570] ? __pfx_bad_page+0x10/0x10
[ 88.792108][ T6570] free_tail_page_prepare+0x44f/0x5b0
[ 88.792122][ T6570] __free_frozen_pages+0xbae/0x10f0
[ 88.792139][ T6570] __folio_put+0x329/0x450
[ 88.792150][ T6570] ? __pfx___folio_put+0x10/0x10
[ 88.792160][ T6570] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.792172][ T6570] ? rcu_is_watching+0x12/0xc0
[ 88.792185][ T6570] ? lock_release+0x201/0x2f0
[ 88.792201][ T6570] filemap_free_folio+0x132/0x170
[ 88.792212][ T6570] delete_from_page_cache_batch+0x741/0x9b0
[ 88.792224][ T6570] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.792236][ T6570] ? __pfx_workingset_update_node+0x10/0x10
[ 88.792247][ T6570] ? xas_move_index+0xb0/0x110
[ 88.792263][ T6570] truncate_inode_pages_range+0x279/0xe50
[ 88.792277][ T6570] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.792295][ T6570] ? rcu_is_watching+0x12/0xc0
[ 88.792307][ T6570] ? has_bh_in_lru+0x9d/0x100
[ 88.792318][ T6570] ? smp_call_function_many_cond+0x457/0x1600
[ 88.792338][ T6570] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.792350][ T6570] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.792361][ T6570] blkdev_flush_mapping+0xfb/0x290
[ 88.792373][ T6570] ? filemap_check_errors+0xa9/0x160
[ 88.792387][ T6570] blkdev_put_whole+0xc4/0xf0
[ 88.792398][ T6570] bdev_release+0x47e/0x6d0
[ 88.792411][ T6570] ? __pfx_blkdev_release+0x10/0x10
[ 88.792425][ T6570] blkdev_release+0x15/0x20
[ 88.792437][ T6570] __fput+0x3ff/0xb70
[ 88.792451][ T6570] task_work_run+0x14d/0x240
[ 88.792463][ T6570] ? __pfx_task_work_run+0x10/0x10
[ 88.792474][ T6570] ? do_raw_spin_unlock+0x172/0x230
[ 88.792485][ T6570] do_exit+0x86f/0x2bf0
[ 88.792502][ T6570] ? __pfx_do_exit+0x10/0x10
[ 88.792516][ T6570] ? do_raw_spin_lock+0x12c/0x2b0
[ 88.792527][ T6570] ? get_signal+0x8f5/0x26d0
[ 88.792539][ T6570] ? rcu_is_watching+0x12/0xc0
[ 88.792552][ T6570] do_group_exit+0xd3/0x2a0
[ 88.792568][ T6570] get_signal+0x2673/0x26d0
[ 88.792582][ T6570] ? __pfx_get_signal+0x10/0x10
[ 88.792595][ T6570] ? do_futex+0x122/0x350
[ 88.792610][ T6570] ? __pfx_do_futex+0x10/0x10
[ 88.792626][ T6570] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.792641][ T6570] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 88.792656][ T6570] ? __pfx_do_preadv+0x10/0x10
[ 88.792673][ T6570] exit_to_user_mode_loop+0x84/0x110
[ 88.792684][ T6570] do_syscall_64+0x3f6/0x4c0
[ 88.792699][ T6570] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.792709][ T6570] RIP: 0033:0x7fac75f8e969
[ 88.792717][ T6570] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 88.792722][ T6570] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 88.792732][ T6570] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 88.792739][ T6570] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 88.792745][ T6570] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 88.792752][ T6570] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 88.792758][ T6570] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 88.792782][ T6570]
[ 88.792798][ T6570] BUG: Bad page state in process syz.0.28 pfn:56800
[ 88.900198][ T6570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x56800
[ 88.902809][ T6570] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 88.905294][ T6570] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 88.908395][ T6570] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 88.910970][ T6570] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.913512][ T6570] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 88.916050][ T6570] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.919349][ T6570] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.921951][ T6570] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 88.924545][ T6570] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 88.926898][ T6570] page_owner tracks the page as allocated
[ 88.928613][ T6570] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6569, tgid 6569 (syz.0.28), ts 88698568698, free_ts 88585070608
[ 88.934468][ T6570] post_alloc_hook+0x1c0/0x230
[ 88.935893][ T6570] get_page_from_freelist+0x132b/0x38e0
[ 88.937620][ T6570] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.939353][ T6570] alloc_pages_mpol+0x1fb/0x550
[ 88.940993][ T6570] folio_alloc_noprof+0x20/0x2d0
[ 88.942490][ T6570] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.944201][ T6570] page_cache_ra_order+0x4e1/0xd70
[ 88.945719][ T6570] filemap_fault+0x1b4b/0x2930
[ 88.947193][ T6570] __do_fault+0x10a/0x490
[ 88.948496][ T6570] do_pte_missing+0x1a6/0x3ba0
[ 88.949928][ T6570] __handle_mm_fault+0x152a/0x2a50
[ 88.951485][ T6570] handle_mm_fault+0x589/0xd10
[ 88.952937][ T6570] do_user_addr_fault+0x60c/0x1370
[ 88.954487][ T6570] exc_page_fault+0x5c/0xb0
[ 88.955894][ T6570] asm_exc_page_fault+0x26/0x30
[ 88.957435][ T6570] page last free pid 6566 tgid 6566 stack trace:
[ 88.959300][ T6570] free_unref_folios+0xa61/0x16b0
[ 88.960833][ T6570] folios_put_refs+0x56f/0x740
[ 88.962254][ T6570] truncate_inode_pages_range+0x311/0xe50
[ 88.963944][ T6570] blkdev_flush_mapping+0xfb/0x290
[ 88.965506][ T6570] blkdev_put_whole+0xc4/0xf0
[ 88.966970][ T6570] bdev_release+0x47e/0x6d0
[ 88.968360][ T6570] blkdev_release+0x15/0x20
[ 88.969730][ T6570] __fput+0x3ff/0xb70
[ 88.970969][ T6570] task_work_run+0x14d/0x240
[ 88.972347][ T6570] do_exit+0x86f/0x2bf0
[ 88.973610][ T6570] do_group_exit+0xd3/0x2a0
[ 88.974978][ T6570] __x64_sys_exit_group+0x3e/0x50
[ 88.976532][ T6570] x64_sys_call+0x14fa/0x1720
[ 88.977935][ T6570] do_syscall_64+0xcd/0x4c0
[ 88.979281][ T6570] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.981049][ T6570] Modules linked in:
[ 88.982219][ T6570] CPU: 1 UID: 0 PID: 6570 Comm: syz.0.28 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.982237][ T6570] Tainted: [B]=BAD_PAGE
[ 88.982240][ T6570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.982251][ T6570] Call Trace:
[ 88.982255][ T6570]
[ 88.982259][ T6570] dump_stack_lvl+0x16c/0x1f0
[ 88.982275][ T6570] bad_page+0xcf/0x220
[ 88.982286][ T6570] ? __pfx_bad_page+0x10/0x10
[ 88.982298][ T6570] ? page_bad_reason+0x9d/0x1f0
[ 88.982309][ T6570] __free_frozen_pages+0x7f7/0x10f0
[ 88.982325][ T6570] __folio_put+0x329/0x450
[ 88.982336][ T6570] ? __pfx___folio_put+0x10/0x10
[ 88.982347][ T6570] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.982358][ T6570] ? rcu_is_watching+0x12/0xc0
[ 88.982371][ T6570] ? lock_release+0x201/0x2f0
[ 88.982387][ T6570] filemap_free_folio+0x132/0x170
[ 88.982397][ T6570] delete_from_page_cache_batch+0x741/0x9b0
[ 88.982410][ T6570] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.982422][ T6570] ? __pfx_workingset_update_node+0x10/0x10
[ 88.982433][ T6570] ? xas_move_index+0xb0/0x110
[ 88.982448][ T6570] truncate_inode_pages_range+0x279/0xe50
[ 88.982463][ T6570] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.982481][ T6570] ? rcu_is_watching+0x12/0xc0
[ 88.982493][ T6570] ? has_bh_in_lru+0x9d/0x100
[ 88.982504][ T6570] ? smp_call_function_many_cond+0x457/0x1600
[ 88.982523][ T6570] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.982535][ T6570] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.982546][ T6570] blkdev_flush_mapping+0xfb/0x290
[ 88.982558][ T6570] ? filemap_check_errors+0xa9/0x160
[ 88.982573][ T6570] blkdev_put_whole+0xc4/0xf0
[ 88.982584][ T6570] bdev_release+0x47e/0x6d0
[ 88.982597][ T6570] ? __pfx_blkdev_release+0x10/0x10
[ 88.982611][ T6570] blkdev_release+0x15/0x20
[ 88.982624][ T6570] __fput+0x3ff/0xb70
[ 88.982639][ T6570] task_work_run+0x14d/0x240
[ 88.982650][ T6570] ? __pfx_task_work_run+0x10/0x10
[ 88.982661][ T6570] ? do_raw_spin_unlock+0x172/0x230
[ 88.982673][ T6570] do_exit+0x86f/0x2bf0
[ 88.982689][ T6570] ? __pfx_do_exit+0x10/0x10
[ 88.982704][ T6570] ? do_raw_spin_lock+0x12c/0x2b0
[ 88.982714][ T6570] ? get_signal+0x8f5/0x26d0
[ 88.982727][ T6570] ? rcu_is_watching+0x12/0xc0
[ 88.982739][ T6570] do_group_exit+0xd3/0x2a0
[ 88.982755][ T6570] get_signal+0x2673/0x26d0
[ 88.982770][ T6570] ? __pfx_get_signal+0x10/0x10
[ 88.982782][ T6570] ? do_futex+0x122/0x350
[ 88.982798][ T6570] ? __pfx_do_futex+0x10/0x10
[ 88.982813][ T6570] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.982828][ T6570] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 88.982843][ T6570] ? __pfx_do_preadv+0x10/0x10
[ 88.982860][ T6570] exit_to_user_mode_loop+0x84/0x110
[ 88.982871][ T6570] do_syscall_64+0x3f6/0x4c0
[ 88.982886][ T6570] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.982896][ T6570] RIP: 0033:0x7fac75f8e969
[ 88.982904][ T6570] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 88.982909][ T6570] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 88.982919][ T6570] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 88.982926][ T6570] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 88.982932][ T6570] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 88.982938][ T6570] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 88.982944][ T6570] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 88.982953][ T6570]
[ 89.009049][ T6572] BUG: Bad page state in process syz.0.29 pfn:56a01
[ 89.090790][ T6572] page does not match folio
[ 89.092144][ T6572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x56a01
[ 89.095082][ T6572] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 89.097315][ T6572] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 89.099799][ T6572] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 89.102325][ T6572] page dumped because: nonzero pincount
[ 89.103913][ T6572] page_owner tracks the page as allocated
[ 89.105585][ T6572] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6571, tgid 6571 (syz.0.29), ts 88990101621, free_ts 88982980642
[ 89.111566][ T6572] post_alloc_hook+0x1c0/0x230
[ 89.113042][ T6572] get_page_from_freelist+0x132b/0x38e0
[ 89.114722][ T6572] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 89.116600][ T6572] alloc_pages_mpol+0x1fb/0x550
[ 89.118141][ T6572] folio_alloc_noprof+0x20/0x2d0
[ 89.119679][ T6572] filemap_alloc_folio_noprof+0x3a1/0x470
[ 89.121448][ T6572] page_cache_ra_order+0x4e1/0xd70
[ 89.123024][ T6572] filemap_fault+0x1b4b/0x2930
[ 89.124494][ T6572] __do_fault+0x10a/0x490
[ 89.125840][ T6572] do_pte_missing+0x1a6/0x3ba0
[ 89.127405][ T6572] __handle_mm_fault+0x152a/0x2a50
[ 89.129018][ T6572] handle_mm_fault+0x589/0xd10
[ 89.130535][ T6572] do_user_addr_fault+0x60c/0x1370
[ 89.132133][ T6572] exc_page_fault+0x5c/0xb0
[ 89.133537][ T6572] asm_exc_page_fault+0x26/0x30
[ 89.135021][ T6572] page last free pid 6570 tgid 6569 stack trace:
[ 89.136993][ T6572] free_unref_folios+0xa61/0x16b0
[ 89.138504][ T6572] folios_put_refs+0x56f/0x740
[ 89.139963][ T6572] truncate_inode_pages_range+0x311/0xe50
[ 89.141693][ T6572] blkdev_flush_mapping+0xfb/0x290
[ 89.143243][ T6572] blkdev_put_whole+0xc4/0xf0
[ 89.144660][ T6572] bdev_release+0x47e/0x6d0
[ 89.146208][ T6572] blkdev_release+0x15/0x20
[ 89.147641][ T6572] __fput+0x3ff/0xb70
[ 89.148900][ T6572] task_work_run+0x14d/0x240
[ 89.150320][ T6572] do_exit+0x86f/0x2bf0
[ 89.151609][ T6572] do_group_exit+0xd3/0x2a0
[ 89.153000][ T6572] get_signal+0x2673/0x26d0
[ 89.154393][ T6572] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.156069][ T6572] exit_to_user_mode_loop+0x84/0x110
[ 89.157696][ T6572] do_syscall_64+0x3f6/0x4c0
[ 89.159088][ T6572] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.160858][ T6572] Modules linked in:
[ 89.162088][ T6572] CPU: 2 UID: 0 PID: 6572 Comm: syz.0.29 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 89.162106][ T6572] Tainted: [B]=BAD_PAGE
[ 89.162109][ T6572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.162116][ T6572] Call Trace:
[ 89.162120][ T6572]
[ 89.162124][ T6572] dump_stack_lvl+0x16c/0x1f0
[ 89.162140][ T6572] bad_page+0xcf/0x220
[ 89.162151][ T6572] ? __pfx_bad_page+0x10/0x10
[ 89.162163][ T6572] free_tail_page_prepare+0x44f/0x5b0
[ 89.162177][ T6572] __free_frozen_pages+0xbae/0x10f0
[ 89.162199][ T6572] __folio_put+0x329/0x450
[ 89.162209][ T6572] ? __pfx___folio_put+0x10/0x10
[ 89.162220][ T6572] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 89.162231][ T6572] ? rcu_is_watching+0x12/0xc0
[ 89.162244][ T6572] ? lock_release+0x201/0x2f0
[ 89.162260][ T6572] filemap_free_folio+0x132/0x170
[ 89.162271][ T6572] delete_from_page_cache_batch+0x741/0x9b0
[ 89.162283][ T6572] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 89.162295][ T6572] ? __pfx_workingset_update_node+0x10/0x10
[ 89.162306][ T6572] ? xas_move_index+0xb0/0x110
[ 89.162321][ T6572] truncate_inode_pages_range+0x279/0xe50
[ 89.162336][ T6572] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 89.162353][ T6572] ? rcu_is_watching+0x12/0xc0
[ 89.162365][ T6572] ? has_bh_in_lru+0x9d/0x100
[ 89.162376][ T6572] ? smp_call_function_many_cond+0x457/0x1600
[ 89.162395][ T6572] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.162408][ T6572] ? __pfx_has_bh_in_lru+0x10/0x10
[ 89.162418][ T6572] blkdev_flush_mapping+0xfb/0x290
[ 89.162431][ T6572] ? filemap_check_errors+0xa9/0x160
[ 89.162445][ T6572] blkdev_put_whole+0xc4/0xf0
[ 89.162456][ T6572] bdev_release+0x47e/0x6d0
[ 89.162470][ T6572] ? __pfx_blkdev_release+0x10/0x10
[ 89.162483][ T6572] blkdev_release+0x15/0x20
[ 89.162496][ T6572] __fput+0x3ff/0xb70
[ 89.162510][ T6572] task_work_run+0x14d/0x240
[ 89.162521][ T6572] ? __pfx_task_work_run+0x10/0x10
[ 89.162532][ T6572] ? do_raw_spin_unlock+0x172/0x230
[ 89.162544][ T6572] do_exit+0x86f/0x2bf0
[ 89.162559][ T6572] ? __pfx_do_exit+0x10/0x10
[ 89.162574][ T6572] ? do_raw_spin_lock+0x12c/0x2b0
[ 89.162585][ T6572] ? get_signal+0x8f5/0x26d0
[ 89.162597][ T6572] ? rcu_is_watching+0x12/0xc0
[ 89.162609][ T6572] do_group_exit+0xd3/0x2a0
[ 89.162625][ T6572] get_signal+0x2673/0x26d0
[ 89.162640][ T6572] ? __pfx_get_signal+0x10/0x10
[ 89.162653][ T6572] ? do_futex+0x122/0x350
[ 89.162668][ T6572] ? __pfx_do_futex+0x10/0x10
[ 89.162684][ T6572] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.162698][ T6572] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 89.162713][ T6572] ? __pfx_do_preadv+0x10/0x10
[ 89.162730][ T6572] exit_to_user_mode_loop+0x84/0x110
[ 89.162740][ T6572] do_syscall_64+0x3f6/0x4c0
[ 89.162756][ T6572] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.162766][ T6572] RIP: 0033:0x7fac75f8e969
[ 89.162774][ T6572] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 89.162779][ T6572] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 89.162789][ T6572] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 89.162795][ T6572] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 89.162802][ T6572] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 89.162808][ T6572] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 89.162814][ T6572] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 89.162823][ T6572]
[ 89.162839][ T6572] BUG: Bad page state in process syz.0.29 pfn:56a00
[ 89.271107][ T6572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x56a00
[ 89.273702][ T6572] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 89.276163][ T6572] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 89.279109][ T6572] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 89.281631][ T6572] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.284152][ T6572] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 89.286751][ T6572] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.289468][ T6572] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.291956][ T6572] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 89.294433][ T6572] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 89.296603][ T6572] page_owner tracks the page as allocated
[ 89.298326][ T6572] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6571, tgid 6571 (syz.0.29), ts 88990101621, free_ts 88982980642
[ 89.304078][ T6572] post_alloc_hook+0x1c0/0x230
[ 89.305502][ T6572] get_page_from_freelist+0x132b/0x38e0
[ 89.310649][ T6572] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 89.312421][ T6572] alloc_pages_mpol+0x1fb/0x550
[ 89.313873][ T6572] folio_alloc_noprof+0x20/0x2d0
[ 89.315317][ T6572] filemap_alloc_folio_noprof+0x3a1/0x470
[ 89.317083][ T6572] page_cache_ra_order+0x4e1/0xd70
[ 89.318597][ T6572] filemap_fault+0x1b4b/0x2930
[ 89.320021][ T6572] __do_fault+0x10a/0x490
[ 89.321337][ T6572] do_pte_missing+0x1a6/0x3ba0
[ 89.322775][ T6572] __handle_mm_fault+0x152a/0x2a50
[ 89.324324][ T6572] handle_mm_fault+0x589/0xd10
[ 89.325789][ T6572] do_user_addr_fault+0x60c/0x1370
[ 89.327409][ T6572] exc_page_fault+0x5c/0xb0
[ 89.328751][ T6572] asm_exc_page_fault+0x26/0x30
[ 89.330220][ T6572] page last free pid 6570 tgid 6569 stack trace:
[ 89.332058][ T6572] free_unref_folios+0xa61/0x16b0
[ 89.333559][ T6572] folios_put_refs+0x56f/0x740
[ 89.334982][ T6572] truncate_inode_pages_range+0x311/0xe50
[ 89.336722][ T6572] blkdev_flush_mapping+0xfb/0x290
[ 89.338291][ T6572] blkdev_put_whole+0xc4/0xf0
[ 89.339684][ T6572] bdev_release+0x47e/0x6d0
[ 89.341029][ T6572] blkdev_release+0x15/0x20
[ 89.342386][ T6572] __fput+0x3ff/0xb70
[ 89.343628][ T6572] task_work_run+0x14d/0x240
[ 89.345052][ T6572] do_exit+0x86f/0x2bf0
[ 89.346292][ T6572] do_group_exit+0xd3/0x2a0
[ 89.347709][ T6572] get_signal+0x2673/0x26d0
[ 89.349069][ T6572] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.350871][ T6572] exit_to_user_mode_loop+0x84/0x110
[ 89.352418][ T6572] do_syscall_64+0x3f6/0x4c0
[ 89.353800][ T6572] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.355558][ T6572] Modules linked in:
[ 89.356787][ T6572] CPU: 2 UID: 0 PID: 6572 Comm: syz.0.29 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 89.356804][ T6572] Tainted: [B]=BAD_PAGE
[ 89.356808][ T6572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.356814][ T6572] Call Trace:
[ 89.356818][ T6572]
[ 89.356822][ T6572] dump_stack_lvl+0x16c/0x1f0
[ 89.356838][ T6572] bad_page+0xcf/0x220
[ 89.356850][ T6572] ? __pfx_bad_page+0x10/0x10
[ 89.356862][ T6572] ? page_bad_reason+0x9d/0x1f0
[ 89.356873][ T6572] __free_frozen_pages+0x7f7/0x10f0
[ 89.356890][ T6572] __folio_put+0x329/0x450
[ 89.356900][ T6572] ? __pfx___folio_put+0x10/0x10
[ 89.356911][ T6572] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 89.356922][ T6572] ? rcu_is_watching+0x12/0xc0
[ 89.356935][ T6572] ? lock_release+0x201/0x2f0
[ 89.356951][ T6572] filemap_free_folio+0x132/0x170
[ 89.356961][ T6572] delete_from_page_cache_batch+0x741/0x9b0
[ 89.356973][ T6572] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 89.356985][ T6572] ? __pfx_workingset_update_node+0x10/0x10
[ 89.356995][ T6572] ? xas_move_index+0xb0/0x110
[ 89.357011][ T6572] truncate_inode_pages_range+0x279/0xe50
[ 89.357026][ T6572] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 89.357043][ T6572] ? rcu_is_watching+0x12/0xc0
[ 89.357055][ T6572] ? has_bh_in_lru+0x9d/0x100
[ 89.357066][ T6572] ? smp_call_function_many_cond+0x457/0x1600
[ 89.357085][ T6572] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.357097][ T6572] ? __pfx_has_bh_in_lru+0x10/0x10
[ 89.357108][ T6572] blkdev_flush_mapping+0xfb/0x290
[ 89.357120][ T6572] ? filemap_check_errors+0xa9/0x160
[ 89.357135][ T6572] blkdev_put_whole+0xc4/0xf0
[ 89.357146][ T6572] bdev_release+0x47e/0x6d0
[ 89.357159][ T6572] ? __pfx_blkdev_release+0x10/0x10
[ 89.357172][ T6572] blkdev_release+0x15/0x20
[ 89.357189][ T6572] __fput+0x3ff/0xb70
[ 89.357203][ T6572] task_work_run+0x14d/0x240
[ 89.357215][ T6572] ? __pfx_task_work_run+0x10/0x10
[ 89.357226][ T6572] ? do_raw_spin_unlock+0x172/0x230
[ 89.357238][ T6572] do_exit+0x86f/0x2bf0
[ 89.357254][ T6572] ? __pfx_do_exit+0x10/0x10
[ 89.357269][ T6572] ? do_raw_spin_lock+0x12c/0x2b0
[ 89.357279][ T6572] ? get_signal+0x8f5/0x26d0
[ 89.357292][ T6572] ? rcu_is_watching+0x12/0xc0
[ 89.357304][ T6572] do_group_exit+0xd3/0x2a0
[ 89.357320][ T6572] get_signal+0x2673/0x26d0
[ 89.357335][ T6572] ? __pfx_get_signal+0x10/0x10
[ 89.357347][ T6572] ? do_futex+0x122/0x350
[ 89.357362][ T6572] ? __pfx_do_futex+0x10/0x10
[ 89.357378][ T6572] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.357392][ T6572] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 89.357407][ T6572] ? __pfx_do_preadv+0x10/0x10
[ 89.357424][ T6572] exit_to_user_mode_loop+0x84/0x110
[ 89.357435][ T6572] do_syscall_64+0x3f6/0x4c0
[ 89.357450][ T6572] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.357461][ T6572] RIP: 0033:0x7fac75f8e969
[ 89.357468][ T6572] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 89.357473][ T6572] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 89.357483][ T6572] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 89.357489][ T6572] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 89.357496][ T6572] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 89.357502][ T6572] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 89.357508][ T6572] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 89.357517][ T6572]
[ 89.378908][ T6573] BUG: Bad page state in process syz.0.30 pfn:56c01
[ 89.471332][ T6573] page does not match folio
[ 89.472678][ T6573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x56c01
[ 89.475676][ T6573] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 89.477995][ T6573] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 89.480557][ T6573] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 89.483077][ T6573] page dumped because: nonzero pincount
[ 89.484735][ T6573] page_owner tracks the page as allocated
[ 89.486682][ T6573] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6573, tgid 6573 (syz.0.30), ts 89363026984, free_ts 89357543406
[ 89.492522][ T6573] post_alloc_hook+0x1c0/0x230
[ 89.493982][ T6573] get_page_from_freelist+0x132b/0x38e0
[ 89.495678][ T6573] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 89.497507][ T6573] alloc_pages_mpol+0x1fb/0x550
[ 89.498979][ T6573] folio_alloc_noprof+0x20/0x2d0
[ 89.500482][ T6573] filemap_alloc_folio_noprof+0x3a1/0x470
[ 89.502213][ T6573] page_cache_ra_order+0x4e1/0xd70
[ 89.503755][ T6573] filemap_fault+0x1b4b/0x2930
[ 89.505202][ T6573] __do_fault+0x10a/0x490
[ 89.506568][ T6573] do_pte_missing+0x1a6/0x3ba0
[ 89.508024][ T6573] __handle_mm_fault+0x152a/0x2a50
[ 89.509576][ T6573] handle_mm_fault+0x589/0xd10
[ 89.511022][ T6573] do_user_addr_fault+0x60c/0x1370
[ 89.512554][ T6573] exc_page_fault+0x5c/0xb0
[ 89.513912][ T6573] asm_exc_page_fault+0x26/0x30
[ 89.515359][ T6573] page last free pid 6572 tgid 6571 stack trace:
[ 89.517310][ T6573] free_unref_folios+0xa61/0x16b0
[ 89.518817][ T6573] folios_put_refs+0x56f/0x740
[ 89.520251][ T6573] truncate_inode_pages_range+0x311/0xe50
[ 89.521996][ T6573] blkdev_flush_mapping+0xfb/0x290
[ 89.523521][ T6573] blkdev_put_whole+0xc4/0xf0
[ 89.524983][ T6573] bdev_release+0x47e/0x6d0
[ 89.526389][ T6573] blkdev_release+0x15/0x20
[ 89.527831][ T6573] __fput+0x3ff/0xb70
[ 89.529081][ T6573] task_work_run+0x14d/0x240
[ 89.530532][ T6573] do_exit+0x86f/0x2bf0
[ 89.531849][ T6573] do_group_exit+0xd3/0x2a0
[ 89.533291][ T6573] get_signal+0x2673/0x26d0
[ 89.534718][ T6573] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.536501][ T6573] exit_to_user_mode_loop+0x84/0x110
[ 89.538133][ T6573] do_syscall_64+0x3f6/0x4c0
[ 89.539567][ T6573] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.541360][ T6573] Modules linked in:
[ 89.542539][ T6573] CPU: 1 UID: 0 PID: 6573 Comm: syz.0.30 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 89.542556][ T6573] Tainted: [B]=BAD_PAGE
[ 89.542560][ T6573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.542567][ T6573] Call Trace:
[ 89.542571][ T6573]
[ 89.542575][ T6573] dump_stack_lvl+0x16c/0x1f0
[ 89.542591][ T6573] bad_page+0xcf/0x220
[ 89.542602][ T6573] ? __pfx_bad_page+0x10/0x10
[ 89.542614][ T6573] free_tail_page_prepare+0x44f/0x5b0
[ 89.542628][ T6573] __free_frozen_pages+0xbae/0x10f0
[ 89.542645][ T6573] __folio_put+0x329/0x450
[ 89.542656][ T6573] ? __pfx___folio_put+0x10/0x10
[ 89.542666][ T6573] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 89.542678][ T6573] ? rcu_is_watching+0x12/0xc0
[ 89.542691][ T6573] ? lock_release+0x201/0x2f0
[ 89.542707][ T6573] filemap_free_folio+0x132/0x170
[ 89.542718][ T6573] delete_from_page_cache_batch+0x741/0x9b0
[ 89.542731][ T6573] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 89.542742][ T6573] ? __pfx_workingset_update_node+0x10/0x10
[ 89.542754][ T6573] ? xas_move_index+0xb0/0x110
[ 89.542769][ T6573] truncate_inode_pages_range+0x279/0xe50
[ 89.542784][ T6573] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 89.542802][ T6573] ? rcu_is_watching+0x12/0xc0
[ 89.542814][ T6573] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 89.542826][ T6573] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.542839][ T6573] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.542850][ T6573] ? smp_call_function_many_cond+0x457/0x1600
[ 89.542869][ T6573] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.542881][ T6573] ? __pfx_has_bh_in_lru+0x10/0x10
[ 89.542893][ T6573] blkdev_flush_mapping+0xfb/0x290
[ 89.542905][ T6573] blkdev_put_whole+0xc4/0xf0
[ 89.542917][ T6573] bdev_release+0x47e/0x6d0
[ 89.542930][ T6573] ? __pfx_blkdev_release+0x10/0x10
[ 89.542943][ T6573] blkdev_release+0x15/0x20
[ 89.542955][ T6573] __fput+0x3ff/0xb70
[ 89.542970][ T6573] task_work_run+0x14d/0x240
[ 89.542981][ T6573] ? __pfx_task_work_run+0x10/0x10
[ 89.542992][ T6573] ? do_raw_spin_unlock+0x172/0x230
[ 89.543003][ T6573] do_exit+0x86f/0x2bf0
[ 89.543019][ T6573] ? __pfx_do_exit+0x10/0x10
[ 89.543034][ T6573] ? preempt_schedule_thunk+0x16/0x30
[ 89.543050][ T6573] do_group_exit+0xd3/0x2a0
[ 89.543066][ T6573] __x64_sys_exit_group+0x3e/0x50
[ 89.543082][ T6573] x64_sys_call+0x14fa/0x1720
[ 89.543094][ T6573] do_syscall_64+0xcd/0x4c0
[ 89.543109][ T6573] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.543120][ T6573] RIP: 0033:0x7fac75f8e969
[ 89.543128][ T6573] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 89.543133][ T6573] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 89.543142][ T6573] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 89.543149][ T6573] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 89.543156][ T6573] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 89.543162][ T6573] R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000000e
[ 89.543169][ T6573] R13: 00000000000927c0 R14: 0000000000015b39 R15: 00007ffcdde9e150
[ 89.543178][ T6573]
[ 89.543194][ T6573] BUG: Bad page state in process syz.0.30 pfn:56c00
[ 89.637902][ T6573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x56c00
[ 89.641381][ T6573] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 89.644709][ T6573] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 89.649003][ T6573] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 89.652435][ T6573] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.655815][ T6573] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 89.659487][ T6573] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.662590][ T6573] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.665603][ T6573] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 89.669641][ T6573] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 89.672235][ T6573] page_owner tracks the page as allocated
[ 89.674028][ T6573] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6573, tgid 6573 (syz.0.30), ts 89363026984, free_ts 89357543406
[ 89.680501][ T6573] post_alloc_hook+0x1c0/0x230
[ 89.682448][ T6573] get_page_from_freelist+0x132b/0x38e0
[ 89.684655][ T6573] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 89.687146][ T6573] alloc_pages_mpol+0x1fb/0x550
[ 89.689122][ T6573] folio_alloc_noprof+0x20/0x2d0
[ 89.691107][ T6573] filemap_alloc_folio_noprof+0x3a1/0x470
[ 89.693367][ T6573] page_cache_ra_order+0x4e1/0xd70
[ 89.695414][ T6573] filemap_fault+0x1b4b/0x2930
[ 89.697452][ T6573] __do_fault+0x10a/0x490
[ 89.699189][ T6573] do_pte_missing+0x1a6/0x3ba0
[ 89.701133][ T6573] __handle_mm_fault+0x152a/0x2a50
[ 89.703166][ T6573] handle_mm_fault+0x589/0xd10
[ 89.705081][ T6573] do_user_addr_fault+0x60c/0x1370
[ 89.707190][ T6573] exc_page_fault+0x5c/0xb0
[ 89.709013][ T6573] asm_exc_page_fault+0x26/0x30
[ 89.711003][ T6573] page last free pid 6572 tgid 6571 stack trace:
[ 89.713495][ T6573] free_unref_folios+0xa61/0x16b0
[ 89.715503][ T6573] folios_put_refs+0x56f/0x740
[ 89.717538][ T6573] truncate_inode_pages_range+0x311/0xe50
[ 89.719792][ T6573] blkdev_flush_mapping+0xfb/0x290
[ 89.721836][ T6573] blkdev_put_whole+0xc4/0xf0
[ 89.723705][ T6573] bdev_release+0x47e/0x6d0
[ 89.725520][ T6573] blkdev_release+0x15/0x20
[ 89.727423][ T6573] __fput+0x3ff/0xb70
[ 89.729145][ T6573] task_work_run+0x14d/0x240
[ 89.730882][ T6573] do_exit+0x86f/0x2bf0
[ 89.732424][ T6573] do_group_exit+0xd3/0x2a0
[ 89.734160][ T6573] get_signal+0x2673/0x26d0
[ 89.735847][ T6573] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.738047][ T6573] exit_to_user_mode_loop+0x84/0x110
[ 89.740021][ T6573] do_syscall_64+0x3f6/0x4c0
[ 89.741792][ T6573] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.743992][ T6573] Modules linked in:
[ 89.745466][ T6573] CPU: 0 UID: 0 PID: 6573 Comm: syz.0.30 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 89.745490][ T6573] Tainted: [B]=BAD_PAGE
[ 89.745496][ T6573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.745506][ T6573] Call Trace:
[ 89.745509][ T6573]
[ 89.745514][ T6573] dump_stack_lvl+0x16c/0x1f0
[ 89.745537][ T6573] bad_page+0xcf/0x220
[ 89.745553][ T6573] ? __pfx_bad_page+0x10/0x10
[ 89.745569][ T6573] ? page_bad_reason+0x9d/0x1f0
[ 89.745586][ T6573] __free_frozen_pages+0x7f7/0x10f0
[ 89.745607][ T6573] __folio_put+0x329/0x450
[ 89.745622][ T6573] ? __pfx___folio_put+0x10/0x10
[ 89.745638][ T6573] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 89.745654][ T6573] ? rcu_is_watching+0x12/0xc0
[ 89.745673][ T6573] ? lock_release+0x201/0x2f0
[ 89.745696][ T6573] filemap_free_folio+0x132/0x170
[ 89.745706][ T6573] delete_from_page_cache_batch+0x741/0x9b0
[ 89.745725][ T6573] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 89.745742][ T6573] ? __pfx_workingset_update_node+0x10/0x10
[ 89.745758][ T6573] ? xas_move_index+0xb0/0x110
[ 89.745780][ T6573] truncate_inode_pages_range+0x279/0xe50
[ 89.745797][ T6573] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 89.745824][ T6573] ? rcu_is_watching+0x12/0xc0
[ 89.745842][ T6573] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 89.745858][ T6573] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.745876][ T6573] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.745892][ T6573] ? smp_call_function_many_cond+0x457/0x1600
[ 89.745918][ T6573] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.745936][ T6573] ? __pfx_has_bh_in_lru+0x10/0x10
[ 89.745952][ T6573] blkdev_flush_mapping+0xfb/0x290
[ 89.745971][ T6573] blkdev_put_whole+0xc4/0xf0
[ 89.745985][ T6573] bdev_release+0x47e/0x6d0
[ 89.746003][ T6573] ? __pfx_blkdev_release+0x10/0x10
[ 89.746022][ T6573] blkdev_release+0x15/0x20
[ 89.746040][ T6573] __fput+0x3ff/0xb70
[ 89.746061][ T6573] task_work_run+0x14d/0x240
[ 89.746079][ T6573] ? __pfx_task_work_run+0x10/0x10
[ 89.746090][ T6573] ? do_raw_spin_unlock+0x172/0x230
[ 89.746108][ T6573] do_exit+0x86f/0x2bf0
[ 89.746132][ T6573] ? __pfx_do_exit+0x10/0x10
[ 89.746153][ T6573] ? preempt_schedule_thunk+0x16/0x30
[ 89.746172][ T6573] do_group_exit+0xd3/0x2a0
[ 89.746195][ T6573] __x64_sys_exit_group+0x3e/0x50
[ 89.746217][ T6573] x64_sys_call+0x14fa/0x1720
[ 89.746234][ T6573] do_syscall_64+0xcd/0x4c0
[ 89.746253][ T6573] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.746272][ T6573] RIP: 0033:0x7fac75f8e969
[ 89.746284][ T6573] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 89.746292][ T6573] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 89.746307][ T6573] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 89.746317][ T6573] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 89.746326][ T6573] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 89.746334][ T6573] R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000000e
[ 89.746341][ T6573] R13: 00000000000927c0 R14: 0000000000015b39 R15: 00007ffcdde9e150
[ 89.746370][ T6573]
[ 89.877033][ T6577] BUG: Bad page state in process syz.0.31 pfn:56e01
[ 89.879473][ T6577] page does not match folio
[ 89.881141][ T6577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x56e01
[ 89.884600][ T6577] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 89.887510][ T6577] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 89.890734][ T6577] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 89.893714][ T6577] page dumped because: nonzero pincount
[ 89.895636][ T6577] page_owner tracks the page as allocated
[ 89.897777][ T6577] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6576, tgid 6576 (syz.0.31), ts 89859583504, free_ts 89853787509
[ 89.904511][ T6577] post_alloc_hook+0x1c0/0x230
[ 89.906258][ T6577] get_page_from_freelist+0x132b/0x38e0
[ 89.908305][ T6577] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 89.910442][ T6577] alloc_pages_mpol+0x1fb/0x550
[ 89.912317][ T6577] folio_alloc_noprof+0x20/0x2d0
[ 89.914076][ T6577] filemap_alloc_folio_noprof+0x3a1/0x470
[ 89.915817][ T6577] page_cache_ra_order+0x4e1/0xd70
[ 89.917451][ T6577] filemap_fault+0x1b4b/0x2930
[ 89.918939][ T6577] __do_fault+0x10a/0x490
[ 89.920285][ T6577] do_pte_missing+0x1a6/0x3ba0
[ 89.921782][ T6577] __handle_mm_fault+0x152a/0x2a50
[ 89.923351][ T6577] handle_mm_fault+0x589/0xd10
[ 89.924844][ T6577] do_user_addr_fault+0x60c/0x1370
[ 89.926490][ T6577] exc_page_fault+0x5c/0xb0
[ 89.927909][ T6577] asm_exc_page_fault+0x26/0x30
[ 89.929416][ T6577] page last free pid 6573 tgid 6573 stack trace:
[ 89.931376][ T6577] free_unref_folios+0xa61/0x16b0
[ 89.932962][ T6577] folios_put_refs+0x56f/0x740
[ 89.934453][ T6577] truncate_inode_pages_range+0x311/0xe50
[ 89.936211][ T6577] blkdev_flush_mapping+0xfb/0x290
[ 89.937845][ T6577] blkdev_put_whole+0xc4/0xf0
[ 89.939466][ T6577] bdev_release+0x47e/0x6d0
[ 89.941027][ T6577] blkdev_release+0x15/0x20
[ 89.942495][ T6577] __fput+0x3ff/0xb70
[ 89.943816][ T6577] task_work_run+0x14d/0x240
[ 89.945510][ T6577] do_exit+0x86f/0x2bf0
[ 89.947124][ T6577] do_group_exit+0xd3/0x2a0
[ 89.948783][ T6577] __x64_sys_exit_group+0x3e/0x50
[ 89.950543][ T6577] x64_sys_call+0x14fa/0x1720
[ 89.952159][ T6577] do_syscall_64+0xcd/0x4c0
[ 89.953682][ T6577] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.955884][ T6577] Modules linked in:
[ 89.958174][ T6577] CPU: 1 UID: 0 PID: 6577 Comm: syz.0.31 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 89.958199][ T6577] Tainted: [B]=BAD_PAGE
[ 89.958205][ T6577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.958215][ T6577] Call Trace:
[ 89.958220][ T6577]
[ 89.958226][ T6577] dump_stack_lvl+0x16c/0x1f0
[ 89.958249][ T6577] bad_page+0xcf/0x220
[ 89.958265][ T6577] ? __pfx_bad_page+0x10/0x10
[ 89.958280][ T6577] free_tail_page_prepare+0x44f/0x5b0
[ 89.958294][ T6577] __free_frozen_pages+0xbae/0x10f0
[ 89.958311][ T6577] __folio_put+0x329/0x450
[ 89.958321][ T6577] ? __pfx___folio_put+0x10/0x10
[ 89.958332][ T6577] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 89.958343][ T6577] ? rcu_is_watching+0x12/0xc0
[ 89.958356][ T6577] ? lock_release+0x201/0x2f0
[ 89.958372][ T6577] filemap_free_folio+0x132/0x170
[ 89.958382][ T6577] delete_from_page_cache_batch+0x741/0x9b0
[ 89.958394][ T6577] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 89.958406][ T6577] ? __pfx_workingset_update_node+0x10/0x10
[ 89.958417][ T6577] ? xas_move_index+0xb0/0x110
[ 89.958433][ T6577] truncate_inode_pages_range+0x279/0xe50
[ 89.958448][ T6577] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 89.958466][ T6577] ? rcu_is_watching+0x12/0xc0
[ 89.958478][ T6577] ? has_bh_in_lru+0x9d/0x100
[ 89.958488][ T6577] ? smp_call_function_many_cond+0x457/0x1600
[ 89.958507][ T6577] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.958519][ T6577] ? __pfx_has_bh_in_lru+0x10/0x10
[ 89.958530][ T6577] blkdev_flush_mapping+0xfb/0x290
[ 89.958542][ T6577] ? filemap_check_errors+0xa9/0x160
[ 89.958557][ T6577] blkdev_put_whole+0xc4/0xf0
[ 89.958568][ T6577] bdev_release+0x47e/0x6d0
[ 89.958581][ T6577] ? __pfx_blkdev_release+0x10/0x10
[ 89.958595][ T6577] blkdev_release+0x15/0x20
[ 89.958607][ T6577] __fput+0x3ff/0xb70
[ 89.958621][ T6577] task_work_run+0x14d/0x240
[ 89.958633][ T6577] ? __pfx_task_work_run+0x10/0x10
[ 89.958644][ T6577] ? do_raw_spin_unlock+0x172/0x230
[ 89.958656][ T6577] do_exit+0x86f/0x2bf0
[ 89.958672][ T6577] ? __pfx_do_exit+0x10/0x10
[ 89.958687][ T6577] ? do_raw_spin_lock+0x12c/0x2b0
[ 89.958697][ T6577] ? get_signal+0x8f5/0x26d0
[ 89.958709][ T6577] ? rcu_is_watching+0x12/0xc0
[ 89.958722][ T6577] do_group_exit+0xd3/0x2a0
[ 89.958738][ T6577] get_signal+0x2673/0x26d0
[ 89.958753][ T6577] ? __pfx_get_signal+0x10/0x10
[ 89.958765][ T6577] ? do_futex+0x122/0x350
[ 89.958780][ T6577] ? __pfx_do_futex+0x10/0x10
[ 89.958796][ T6577] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.958811][ T6577] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 89.958828][ T6577] exit_to_user_mode_loop+0x84/0x110
[ 89.958838][ T6577] do_syscall_64+0x3f6/0x4c0
[ 89.958853][ T6577] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.958864][ T6577] RIP: 0033:0x7fac75f8e969
[ 89.958872][ T6577] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 89.958877][ T6577] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 89.958887][ T6577] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 89.958894][ T6577] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 89.958901][ T6577] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 89.958907][ T6577] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 89.958913][ T6577] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 89.958922][ T6577]
[ 89.958937][ T6577] BUG: Bad page state in process syz.0.31 pfn:56e00
[ 90.078621][ T6577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x56e00
[ 90.081508][ T6577] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 90.084716][ T6577] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 90.088369][ T6577] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 90.091580][ T6577] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.094280][ T6577] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 90.096862][ T6577] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.099312][ T6577] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.101811][ T6577] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 90.104332][ T6577] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 90.106515][ T6577] page_owner tracks the page as allocated
[ 90.108162][ T6577] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6576, tgid 6576 (syz.0.31), ts 89859583504, free_ts 89853787509
[ 90.113788][ T6577] post_alloc_hook+0x1c0/0x230
[ 90.115202][ T6577] get_page_from_freelist+0x132b/0x38e0
[ 90.116886][ T6577] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 90.118859][ T6577] alloc_pages_mpol+0x1fb/0x550
[ 90.120640][ T6577] folio_alloc_noprof+0x20/0x2d0
[ 90.122263][ T6577] filemap_alloc_folio_noprof+0x3a1/0x470
[ 90.124310][ T6577] page_cache_ra_order+0x4e1/0xd70
[ 90.126211][ T6577] filemap_fault+0x1b4b/0x2930
[ 90.128139][ T6577] __do_fault+0x10a/0x490
[ 90.129829][ T6577] do_pte_missing+0x1a6/0x3ba0
[ 90.131552][ T6577] __handle_mm_fault+0x152a/0x2a50
[ 90.133388][ T6577] handle_mm_fault+0x589/0xd10
[ 90.135150][ T6577] do_user_addr_fault+0x60c/0x1370
[ 90.136792][ T6577] exc_page_fault+0x5c/0xb0
[ 90.138153][ T6577] asm_exc_page_fault+0x26/0x30
[ 90.139567][ T6577] page last free pid 6573 tgid 6573 stack trace:
[ 90.141443][ T6577] free_unref_folios+0xa61/0x16b0
[ 90.142914][ T6577] folios_put_refs+0x56f/0x740
[ 90.144294][ T6577] truncate_inode_pages_range+0x311/0xe50
[ 90.145957][ T6577] blkdev_flush_mapping+0xfb/0x290
[ 90.147504][ T6577] blkdev_put_whole+0xc4/0xf0
[ 90.148875][ T6577] bdev_release+0x47e/0x6d0
[ 90.150225][ T6577] blkdev_release+0x15/0x20
[ 90.151572][ T6577] __fput+0x3ff/0xb70
[ 90.152776][ T6577] task_work_run+0x14d/0x240
[ 90.154120][ T6577] do_exit+0x86f/0x2bf0
[ 90.155346][ T6577] do_group_exit+0xd3/0x2a0
[ 90.156796][ T6577] __x64_sys_exit_group+0x3e/0x50
[ 90.158243][ T6577] x64_sys_call+0x14fa/0x1720
[ 90.159633][ T6577] do_syscall_64+0xcd/0x4c0
[ 90.160978][ T6577] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.162883][ T6577] Modules linked in:
[ 90.164183][ T6577] CPU: 1 UID: 0 PID: 6577 Comm: syz.0.31 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 90.164200][ T6577] Tainted: [B]=BAD_PAGE
[ 90.164204][ T6577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 90.164211][ T6577] Call Trace:
[ 90.164215][ T6577]
[ 90.164220][ T6577] dump_stack_lvl+0x16c/0x1f0
[ 90.164238][ T6577] bad_page+0xcf/0x220
[ 90.164250][ T6577] ? __pfx_bad_page+0x10/0x10
[ 90.164261][ T6577] ? page_bad_reason+0x9d/0x1f0
[ 90.164273][ T6577] __free_frozen_pages+0x7f7/0x10f0
[ 90.164290][ T6577] __folio_put+0x329/0x450
[ 90.164301][ T6577] ? __pfx___folio_put+0x10/0x10
[ 90.164311][ T6577] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 90.164323][ T6577] ? rcu_is_watching+0x12/0xc0
[ 90.164336][ T6577] ? lock_release+0x201/0x2f0
[ 90.164352][ T6577] filemap_free_folio+0x132/0x170
[ 90.164362][ T6577] delete_from_page_cache_batch+0x741/0x9b0
[ 90.164375][ T6577] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 90.164387][ T6577] ? __pfx_workingset_update_node+0x10/0x10
[ 90.164397][ T6577] ? xas_move_index+0xb0/0x110
[ 90.164413][ T6577] truncate_inode_pages_range+0x279/0xe50
[ 90.164428][ T6577] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 90.164446][ T6577] ? rcu_is_watching+0x12/0xc0
[ 90.164458][ T6577] ? has_bh_in_lru+0x9d/0x100
[ 90.164469][ T6577] ? smp_call_function_many_cond+0x457/0x1600
[ 90.164488][ T6577] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.164500][ T6577] ? __pfx_has_bh_in_lru+0x10/0x10
[ 90.164511][ T6577] blkdev_flush_mapping+0xfb/0x290
[ 90.164523][ T6577] ? filemap_check_errors+0xa9/0x160
[ 90.164538][ T6577] blkdev_put_whole+0xc4/0xf0
[ 90.164549][ T6577] bdev_release+0x47e/0x6d0
[ 90.164562][ T6577] ? __pfx_blkdev_release+0x10/0x10
[ 90.164576][ T6577] blkdev_release+0x15/0x20
[ 90.164589][ T6577] __fput+0x3ff/0xb70
[ 90.164603][ T6577] task_work_run+0x14d/0x240
[ 90.164615][ T6577] ? __pfx_task_work_run+0x10/0x10
[ 90.164626][ T6577] ? do_raw_spin_unlock+0x172/0x230
[ 90.164638][ T6577] do_exit+0x86f/0x2bf0
[ 90.164654][ T6577] ? __pfx_do_exit+0x10/0x10
[ 90.164669][ T6577] ? do_raw_spin_lock+0x12c/0x2b0
[ 90.164679][ T6577] ? get_signal+0x8f5/0x26d0
[ 90.164692][ T6577] ? rcu_is_watching+0x12/0xc0
[ 90.164704][ T6577] do_group_exit+0xd3/0x2a0
[ 90.164720][ T6577] get_signal+0x2673/0x26d0
[ 90.164735][ T6577] ? __pfx_get_signal+0x10/0x10
[ 90.164747][ T6577] ? do_futex+0x122/0x350
[ 90.164787][ T6577] ? __pfx_do_futex+0x10/0x10
[ 90.164803][ T6577] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.164817][ T6577] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 90.164834][ T6577] exit_to_user_mode_loop+0x84/0x110
[ 90.164846][ T6577] do_syscall_64+0x3f6/0x4c0
[ 90.164862][ T6577] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.164873][ T6577] RIP: 0033:0x7fac75f8e969
[ 90.164881][ T6577] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 90.164885][ T6577] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 90.164896][ T6577] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 90.164902][ T6577] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 90.164909][ T6577] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 90.164915][ T6577] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 90.164921][ T6577] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 90.164930][ T6577]
[ 90.294442][ T6579] BUG: Bad page state in process syz.0.32 pfn:57001
[ 90.296506][ T6579] page does not match folio
[ 90.297851][ T6579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x57001
[ 90.300790][ T6579] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 90.303024][ T6579] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 90.305574][ T6579] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 90.308366][ T6579] page dumped because: nonzero pincount
[ 90.310049][ T6579] page_owner tracks the page as allocated
[ 90.311783][ T6579] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6578, tgid 6578 (syz.0.32), ts 90276029410, free_ts 90165018764
[ 90.317876][ T6579] post_alloc_hook+0x1c0/0x230
[ 90.319341][ T6579] get_page_from_freelist+0x132b/0x38e0
[ 90.320990][ T6579] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 90.322775][ T6579] alloc_pages_mpol+0x1fb/0x550
[ 90.324283][ T6579] folio_alloc_noprof+0x20/0x2d0
[ 90.325774][ T6579] filemap_alloc_folio_noprof+0x3a1/0x470
[ 90.330073][ T6579] page_cache_ra_order+0x4e1/0xd70
[ 90.331630][ T6579] filemap_fault+0x1b4b/0x2930
[ 90.333560][ T6579] __do_fault+0x10a/0x490
[ 90.335295][ T6579] do_pte_missing+0x1a6/0x3ba0
[ 90.337401][ T6579] __handle_mm_fault+0x152a/0x2a50
[ 90.339171][ T6579] handle_mm_fault+0x589/0xd10
[ 90.340809][ T6579] do_user_addr_fault+0x60c/0x1370
[ 90.342481][ T6579] exc_page_fault+0x5c/0xb0
[ 90.343939][ T6579] asm_exc_page_fault+0x26/0x30
[ 90.345546][ T6579] page last free pid 6577 tgid 6576 stack trace:
[ 90.347708][ T6579] free_unref_folios+0xa61/0x16b0
[ 90.349390][ T6579] folios_put_refs+0x56f/0x740
[ 90.350999][ T6579] truncate_inode_pages_range+0x311/0xe50
[ 90.352905][ T6579] blkdev_flush_mapping+0xfb/0x290
[ 90.354575][ T6579] blkdev_put_whole+0xc4/0xf0
[ 90.356129][ T6579] bdev_release+0x47e/0x6d0
[ 90.357736][ T6579] blkdev_release+0x15/0x20
[ 90.359246][ T6579] __fput+0x3ff/0xb70
[ 90.360553][ T6579] task_work_run+0x14d/0x240
[ 90.362113][ T6579] do_exit+0x86f/0x2bf0
[ 90.363484][ T6579] do_group_exit+0xd3/0x2a0
[ 90.364982][ T6579] get_signal+0x2673/0x26d0
[ 90.366651][ T6579] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.368448][ T6579] exit_to_user_mode_loop+0x84/0x110
[ 90.370141][ T6579] do_syscall_64+0x3f6/0x4c0
[ 90.371568][ T6579] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.373402][ T6579] Modules linked in:
[ 90.374565][ T6579] CPU: 3 UID: 0 PID: 6579 Comm: syz.0.32 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 90.374582][ T6579] Tainted: [B]=BAD_PAGE
[ 90.374585][ T6579] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 90.374592][ T6579] Call Trace:
[ 90.374596][ T6579]
[ 90.374600][ T6579] dump_stack_lvl+0x16c/0x1f0
[ 90.374616][ T6579] bad_page+0xcf/0x220
[ 90.374628][ T6579] ? __pfx_bad_page+0x10/0x10
[ 90.374640][ T6579] free_tail_page_prepare+0x44f/0x5b0
[ 90.374654][ T6579] __free_frozen_pages+0xbae/0x10f0
[ 90.374671][ T6579] __folio_put+0x329/0x450
[ 90.374682][ T6579] ? __pfx___folio_put+0x10/0x10
[ 90.374693][ T6579] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 90.374705][ T6579] ? rcu_is_watching+0x12/0xc0
[ 90.374718][ T6579] ? lock_release+0x201/0x2f0
[ 90.374734][ T6579] filemap_free_folio+0x132/0x170
[ 90.374744][ T6579] delete_from_page_cache_batch+0x741/0x9b0
[ 90.374756][ T6579] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 90.374768][ T6579] ? __pfx_workingset_update_node+0x10/0x10
[ 90.374779][ T6579] ? xas_move_index+0xb0/0x110
[ 90.374794][ T6579] truncate_inode_pages_range+0x279/0xe50
[ 90.374809][ T6579] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 90.374827][ T6579] ? rcu_is_watching+0x12/0xc0
[ 90.374839][ T6579] ? has_bh_in_lru+0x9d/0x100
[ 90.374850][ T6579] ? smp_call_function_many_cond+0x457/0x1600
[ 90.374869][ T6579] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.374898][ T6579] ? __pfx_has_bh_in_lru+0x10/0x10
[ 90.374911][ T6579] blkdev_flush_mapping+0xfb/0x290
[ 90.374924][ T6579] ? filemap_check_errors+0xa9/0x160
[ 90.374938][ T6579] blkdev_put_whole+0xc4/0xf0
[ 90.374949][ T6579] bdev_release+0x47e/0x6d0
[ 90.374962][ T6579] ? __pfx_blkdev_release+0x10/0x10
[ 90.374975][ T6579] blkdev_release+0x15/0x20
[ 90.374988][ T6579] __fput+0x3ff/0xb70
[ 90.375003][ T6579] task_work_run+0x14d/0x240
[ 90.375017][ T6579] ? __pfx_task_work_run+0x10/0x10
[ 90.375032][ T6579] ? do_raw_spin_unlock+0x172/0x230
[ 90.375044][ T6579] do_exit+0x86f/0x2bf0
[ 90.375060][ T6579] ? __pfx_do_exit+0x10/0x10
[ 90.375074][ T6579] ? do_raw_spin_lock+0x12c/0x2b0
[ 90.375085][ T6579] ? get_signal+0x8f5/0x26d0
[ 90.375097][ T6579] ? rcu_is_watching+0x12/0xc0
[ 90.375109][ T6579] do_group_exit+0xd3/0x2a0
[ 90.375125][ T6579] get_signal+0x2673/0x26d0
[ 90.375140][ T6579] ? __pfx_get_signal+0x10/0x10
[ 90.375152][ T6579] ? do_futex+0x122/0x350
[ 90.375168][ T6579] ? __pfx_do_futex+0x10/0x10
[ 90.375183][ T6579] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.375198][ T6579] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 90.375213][ T6579] ? __pfx_do_preadv+0x10/0x10
[ 90.375230][ T6579] exit_to_user_mode_loop+0x84/0x110
[ 90.375241][ T6579] do_syscall_64+0x3f6/0x4c0
[ 90.375256][ T6579] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.375266][ T6579] RIP: 0033:0x7fac75f8e969
[ 90.375274][ T6579] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 90.375279][ T6579] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 90.375290][ T6579] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 90.375296][ T6579] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 90.375303][ T6579] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 90.375309][ T6579] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 90.375315][ T6579] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 90.375324][ T6579]
[ 90.375340][ T6579] BUG: Bad page state in process syz.0.32 pfn:57000
[ 90.477012][ T6579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57000
[ 90.479635][ T6579] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 90.482188][ T6579] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 90.485100][ T6579] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 90.487741][ T6579] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.490299][ T6579] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 90.492933][ T6579] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.495586][ T6579] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.498273][ T6579] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 90.500832][ T6579] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 90.502988][ T6579] page_owner tracks the page as allocated
[ 90.504643][ T6579] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6578, tgid 6578 (syz.0.32), ts 90276029410, free_ts 90165018764
[ 90.510555][ T6579] post_alloc_hook+0x1c0/0x230
[ 90.512157][ T6579] get_page_from_freelist+0x132b/0x38e0
[ 90.513871][ T6579] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 90.515613][ T6579] alloc_pages_mpol+0x1fb/0x550
[ 90.517166][ T6579] folio_alloc_noprof+0x20/0x2d0
[ 90.518667][ T6579] filemap_alloc_folio_noprof+0x3a1/0x470
[ 90.520365][ T6579] page_cache_ra_order+0x4e1/0xd70
[ 90.521912][ T6579] filemap_fault+0x1b4b/0x2930
[ 90.523380][ T6579] __do_fault+0x10a/0x490
[ 90.524679][ T6579] do_pte_missing+0x1a6/0x3ba0
[ 90.526134][ T6579] __handle_mm_fault+0x152a/0x2a50
[ 90.527728][ T6579] handle_mm_fault+0x589/0xd10
[ 90.529279][ T6579] do_user_addr_fault+0x60c/0x1370
[ 90.530808][ T6579] exc_page_fault+0x5c/0xb0
[ 90.532273][ T6579] asm_exc_page_fault+0x26/0x30
[ 90.533863][ T6579] page last free pid 6577 tgid 6576 stack trace:
[ 90.535733][ T6579] free_unref_folios+0xa61/0x16b0
[ 90.537474][ T6579] folios_put_refs+0x56f/0x740
[ 90.538928][ T6579] truncate_inode_pages_range+0x311/0xe50
[ 90.540676][ T6579] blkdev_flush_mapping+0xfb/0x290
[ 90.542284][ T6579] blkdev_put_whole+0xc4/0xf0
[ 90.543824][ T6579] bdev_release+0x47e/0x6d0
[ 90.545189][ T6579] blkdev_release+0x15/0x20
[ 90.546652][ T6579] __fput+0x3ff/0xb70
[ 90.547930][ T6579] task_work_run+0x14d/0x240
[ 90.549344][ T6579] do_exit+0x86f/0x2bf0
[ 90.550638][ T6579] do_group_exit+0xd3/0x2a0
[ 90.552159][ T6579] get_signal+0x2673/0x26d0
[ 90.553629][ T6579] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.555289][ T6579] exit_to_user_mode_loop+0x84/0x110
[ 90.556930][ T6579] do_syscall_64+0x3f6/0x4c0
[ 90.558370][ T6579] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.560112][ T6579] Modules linked in:
[ 90.561363][ T6579] CPU: 0 UID: 0 PID: 6579 Comm: syz.0.32 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 90.561379][ T6579] Tainted: [B]=BAD_PAGE
[ 90.561383][ T6579] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 90.561390][ T6579] Call Trace:
[ 90.561394][ T6579]
[ 90.561398][ T6579] dump_stack_lvl+0x16c/0x1f0
[ 90.561414][ T6579] bad_page+0xcf/0x220
[ 90.561426][ T6579] ? __pfx_bad_page+0x10/0x10
[ 90.561437][ T6579] ? page_bad_reason+0x9d/0x1f0
[ 90.561448][ T6579] __free_frozen_pages+0x7f7/0x10f0
[ 90.561466][ T6579] __folio_put+0x329/0x450
[ 90.561476][ T6579] ? __pfx___folio_put+0x10/0x10
[ 90.561487][ T6579] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 90.561499][ T6579] ? rcu_is_watching+0x12/0xc0
[ 90.561512][ T6579] ? lock_release+0x201/0x2f0
[ 90.561528][ T6579] filemap_free_folio+0x132/0x170
[ 90.561538][ T6579] delete_from_page_cache_batch+0x741/0x9b0
[ 90.561550][ T6579] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 90.561562][ T6579] ? __pfx_workingset_update_node+0x10/0x10
[ 90.561572][ T6579] ? xas_move_index+0xb0/0x110
[ 90.561588][ T6579] truncate_inode_pages_range+0x279/0xe50
[ 90.561603][ T6579] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 90.561620][ T6579] ? rcu_is_watching+0x12/0xc0
[ 90.561632][ T6579] ? has_bh_in_lru+0x9d/0x100
[ 90.561643][ T6579] ? smp_call_function_many_cond+0x457/0x1600
[ 90.561662][ T6579] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.561674][ T6579] ? __pfx_has_bh_in_lru+0x10/0x10
[ 90.561684][ T6579] blkdev_flush_mapping+0xfb/0x290
[ 90.561696][ T6579] ? filemap_check_errors+0xa9/0x160
[ 90.561711][ T6579] blkdev_put_whole+0xc4/0xf0
[ 90.561723][ T6579] bdev_release+0x47e/0x6d0
[ 90.561736][ T6579] ? __pfx_blkdev_release+0x10/0x10
2025/08/01 09:03:47 executed programs: 19
[ 90.561750][ T6579] blkdev_release+0x15/0x20
[ 90.561762][ T6579] __fput+0x3ff/0xb70
[ 90.561777][ T6579] task_work_run+0x14d/0x240
[ 90.561788][ T6579] ? __pfx_task_work_run+0x10/0x10
[ 90.561800][ T6579] ? do_raw_spin_unlock+0x172/0x230
[ 90.561817][ T6579] do_exit+0x86f/0x2bf0
[ 90.561833][ T6579] ? __pfx_do_exit+0x10/0x10
[ 90.561848][ T6579] ? do_raw_spin_lock+0x12c/0x2b0
[ 90.561858][ T6579] ? get_signal+0x8f5/0x26d0
[ 90.561870][ T6579] ? rcu_is_watching+0x12/0xc0
[ 90.561883][ T6579] do_group_exit+0xd3/0x2a0
[ 90.561898][ T6579] get_signal+0x2673/0x26d0
[ 90.561913][ T6579] ? __pfx_get_signal+0x10/0x10
[ 90.561926][ T6579] ? do_futex+0x122/0x350
[ 90.561941][ T6579] ? __pfx_do_futex+0x10/0x10
[ 90.561956][ T6579] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.561970][ T6579] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 90.561985][ T6579] ? __pfx_do_preadv+0x10/0x10
[ 90.562002][ T6579] exit_to_user_mode_loop+0x84/0x110
[ 90.562013][ T6579] do_syscall_64+0x3f6/0x4c0
[ 90.562028][ T6579] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.562038][ T6579] RIP: 0033:0x7fac75f8e969
[ 90.562046][ T6579] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 90.562050][ T6579] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 90.562061][ T6579] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 90.562067][ T6579] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 90.562074][ T6579] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 90.562080][ T6579] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 90.562086][ T6579] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 90.562095][ T6579]
[ 90.585491][ T6581] BUG: Bad page state in process syz.0.33 pfn:57201
[ 90.675534][ T6581] page does not match folio
[ 90.677490][ T6581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x57201
[ 90.680314][ T6581] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 90.682705][ T6581] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 90.685094][ T6581] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 90.687601][ T6581] page dumped because: nonzero pincount
[ 90.689138][ T6581] page_owner tracks the page as allocated
[ 90.690706][ T6581] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6580, tgid 6580 (syz.0.33), ts 90567855855, free_ts 90562155678
[ 90.696174][ T6581] post_alloc_hook+0x1c0/0x230
[ 90.697599][ T6581] get_page_from_freelist+0x132b/0x38e0
[ 90.699101][ T6581] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 90.700682][ T6581] alloc_pages_mpol+0x1fb/0x550
[ 90.702185][ T6581] folio_alloc_noprof+0x20/0x2d0
[ 90.703666][ T6581] filemap_alloc_folio_noprof+0x3a1/0x470
[ 90.705199][ T6581] page_cache_ra_order+0x4e1/0xd70
[ 90.706690][ T6581] filemap_fault+0x1b4b/0x2930
[ 90.708060][ T6581] __do_fault+0x10a/0x490
[ 90.709271][ T6581] do_pte_missing+0x1a6/0x3ba0
[ 90.710604][ T6581] __handle_mm_fault+0x152a/0x2a50
[ 90.712044][ T6581] handle_mm_fault+0x589/0xd10
[ 90.713377][ T6581] do_user_addr_fault+0x60c/0x1370
[ 90.715054][ T6581] exc_page_fault+0x5c/0xb0
[ 90.716312][ T6581] asm_exc_page_fault+0x26/0x30
[ 90.717798][ T6581] page last free pid 6579 tgid 6578 stack trace:
[ 90.719523][ T6581] free_unref_folios+0xa61/0x16b0
[ 90.720949][ T6581] folios_put_refs+0x56f/0x740
[ 90.722317][ T6581] truncate_inode_pages_range+0x311/0xe50
[ 90.723870][ T6581] blkdev_flush_mapping+0xfb/0x290
[ 90.725370][ T6581] blkdev_put_whole+0xc4/0xf0
[ 90.726778][ T6581] bdev_release+0x47e/0x6d0
[ 90.728148][ T6581] blkdev_release+0x15/0x20
[ 90.729446][ T6581] __fput+0x3ff/0xb70
[ 90.730565][ T6581] task_work_run+0x14d/0x240
[ 90.731897][ T6581] do_exit+0x86f/0x2bf0
[ 90.733100][ T6581] do_group_exit+0xd3/0x2a0
[ 90.734333][ T6581] get_signal+0x2673/0x26d0
[ 90.735562][ T6581] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.737109][ T6581] exit_to_user_mode_loop+0x84/0x110
[ 90.738567][ T6581] do_syscall_64+0x3f6/0x4c0
[ 90.739807][ T6581] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.741416][ T6581] Modules linked in:
[ 90.742612][ T6581] CPU: 2 UID: 0 PID: 6581 Comm: syz.0.33 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 90.742629][ T6581] Tainted: [B]=BAD_PAGE
[ 90.742633][ T6581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 90.742640][ T6581] Call Trace:
[ 90.742644][ T6581]
[ 90.742648][ T6581] dump_stack_lvl+0x16c/0x1f0
[ 90.742664][ T6581] bad_page+0xcf/0x220
[ 90.742676][ T6581] ? __pfx_bad_page+0x10/0x10
[ 90.742688][ T6581] free_tail_page_prepare+0x44f/0x5b0
[ 90.742702][ T6581] __free_frozen_pages+0xbae/0x10f0
[ 90.742719][ T6581] __folio_put+0x329/0x450
[ 90.742730][ T6581] ? __pfx___folio_put+0x10/0x10
[ 90.742740][ T6581] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 90.742751][ T6581] ? rcu_is_watching+0x12/0xc0
[ 90.742764][ T6581] ? lock_release+0x201/0x2f0
[ 90.742780][ T6581] filemap_free_folio+0x132/0x170
[ 90.742790][ T6581] delete_from_page_cache_batch+0x741/0x9b0
[ 90.742802][ T6581] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 90.742814][ T6581] ? __pfx_workingset_update_node+0x10/0x10
[ 90.742825][ T6581] ? xas_move_index+0xb0/0x110
[ 90.742841][ T6581] truncate_inode_pages_range+0x279/0xe50
[ 90.742856][ T6581] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 90.742873][ T6581] ? rcu_is_watching+0x12/0xc0
[ 90.742885][ T6581] ? has_bh_in_lru+0x9d/0x100
[ 90.742896][ T6581] ? smp_call_function_many_cond+0x457/0x1600
[ 90.742915][ T6581] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.742927][ T6581] ? __pfx_has_bh_in_lru+0x10/0x10
[ 90.742938][ T6581] blkdev_flush_mapping+0xfb/0x290
[ 90.742950][ T6581] ? filemap_check_errors+0xa9/0x160
[ 90.742965][ T6581] blkdev_put_whole+0xc4/0xf0
[ 90.742976][ T6581] bdev_release+0x47e/0x6d0
[ 90.742989][ T6581] ? __pfx_blkdev_release+0x10/0x10
[ 90.743002][ T6581] blkdev_release+0x15/0x20
[ 90.743015][ T6581] __fput+0x3ff/0xb70
[ 90.743034][ T6581] task_work_run+0x14d/0x240
[ 90.743046][ T6581] ? __pfx_task_work_run+0x10/0x10
[ 90.743056][ T6581] ? do_raw_spin_unlock+0x172/0x230
[ 90.743068][ T6581] do_exit+0x86f/0x2bf0
[ 90.743084][ T6581] ? __pfx_do_exit+0x10/0x10
[ 90.743099][ T6581] ? do_raw_spin_lock+0x12c/0x2b0
[ 90.743110][ T6581] ? get_signal+0x8f5/0x26d0
[ 90.743122][ T6581] ? rcu_is_watching+0x12/0xc0
[ 90.743135][ T6581] do_group_exit+0xd3/0x2a0
[ 90.743150][ T6581] get_signal+0x2673/0x26d0
[ 90.743165][ T6581] ? __pfx_get_signal+0x10/0x10
[ 90.743178][ T6581] ? do_futex+0x122/0x350
[ 90.743193][ T6581] ? __pfx_do_futex+0x10/0x10
[ 90.743209][ T6581] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.743223][ T6581] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 90.743239][ T6581] ? __pfx_do_preadv+0x10/0x10
[ 90.743255][ T6581] exit_to_user_mode_loop+0x84/0x110
[ 90.743266][ T6581] do_syscall_64+0x3f6/0x4c0
[ 90.743282][ T6581] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.743292][ T6581] RIP: 0033:0x7fac75f8e969
[ 90.743300][ T6581] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 90.743305][ T6581] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 90.743315][ T6581] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 90.743322][ T6581] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 90.743328][ T6581] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 90.743334][ T6581] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 90.743341][ T6581] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 90.743350][ T6581]
[ 90.743365][ T6581] BUG: Bad page state in process syz.0.33 pfn:57200
[ 90.836974][ T6581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57200
[ 90.839670][ T6581] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 90.842251][ T6581] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 90.845114][ T6581] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 90.848002][ T6581] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.850581][ T6581] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 90.853180][ T6581] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.855721][ T6581] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.858384][ T6581] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 90.861050][ T6581] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 90.863256][ T6581] page_owner tracks the page as allocated
[ 90.865184][ T6581] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6580, tgid 6580 (syz.0.33), ts 90567855855, free_ts 90562155678
[ 90.871143][ T6581] post_alloc_hook+0x1c0/0x230
[ 90.872630][ T6581] get_page_from_freelist+0x132b/0x38e0
[ 90.874284][ T6581] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 90.876062][ T6581] alloc_pages_mpol+0x1fb/0x550
[ 90.877630][ T6581] folio_alloc_noprof+0x20/0x2d0
[ 90.879138][ T6581] filemap_alloc_folio_noprof+0x3a1/0x470
[ 90.880932][ T6581] page_cache_ra_order+0x4e1/0xd70
[ 90.882526][ T6581] filemap_fault+0x1b4b/0x2930
[ 90.884042][ T6581] __do_fault+0x10a/0x490
[ 90.885792][ T6581] do_pte_missing+0x1a6/0x3ba0
[ 90.887991][ T6581] __handle_mm_fault+0x152a/0x2a50
[ 90.890044][ T6581] handle_mm_fault+0x589/0xd10
[ 90.891935][ T6581] do_user_addr_fault+0x60c/0x1370
[ 90.893965][ T6581] exc_page_fault+0x5c/0xb0
[ 90.895596][ T6581] asm_exc_page_fault+0x26/0x30
[ 90.897253][ T6581] page last free pid 6579 tgid 6578 stack trace:
[ 90.899132][ T6581] free_unref_folios+0xa61/0x16b0
[ 90.900668][ T6581] folios_put_refs+0x56f/0x740
[ 90.902139][ T6581] truncate_inode_pages_range+0x311/0xe50
[ 90.903797][ T6581] blkdev_flush_mapping+0xfb/0x290
[ 90.905329][ T6581] blkdev_put_whole+0xc4/0xf0
[ 90.906833][ T6581] bdev_release+0x47e/0x6d0
[ 90.908079][ T6581] blkdev_release+0x15/0x20
[ 90.909325][ T6581] __fput+0x3ff/0xb70
[ 90.910408][ T6581] task_work_run+0x14d/0x240
[ 90.911701][ T6581] do_exit+0x86f/0x2bf0
[ 90.912894][ T6581] do_group_exit+0xd3/0x2a0
[ 90.914103][ T6581] get_signal+0x2673/0x26d0
[ 90.915393][ T6581] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.916925][ T6581] exit_to_user_mode_loop+0x84/0x110
[ 90.918350][ T6581] do_syscall_64+0x3f6/0x4c0
[ 90.919591][ T6581] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.921242][ T6581] Modules linked in:
[ 90.922374][ T6581] CPU: 2 UID: 0 PID: 6581 Comm: syz.0.33 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 90.922391][ T6581] Tainted: [B]=BAD_PAGE
[ 90.922395][ T6581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 90.922402][ T6581] Call Trace:
[ 90.922406][ T6581]
[ 90.922410][ T6581] dump_stack_lvl+0x16c/0x1f0
[ 90.922426][ T6581] bad_page+0xcf/0x220
[ 90.922439][ T6581] ? __pfx_bad_page+0x10/0x10
[ 90.922450][ T6581] ? page_bad_reason+0x9d/0x1f0
[ 90.922462][ T6581] __free_frozen_pages+0x7f7/0x10f0
[ 90.922479][ T6581] __folio_put+0x329/0x450
[ 90.922489][ T6581] ? __pfx___folio_put+0x10/0x10
[ 90.922500][ T6581] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 90.922511][ T6581] ? rcu_is_watching+0x12/0xc0
[ 90.922524][ T6581] ? lock_release+0x201/0x2f0
[ 90.922541][ T6581] filemap_free_folio+0x132/0x170
[ 90.922551][ T6581] delete_from_page_cache_batch+0x741/0x9b0
[ 90.922563][ T6581] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 90.922575][ T6581] ? __pfx_workingset_update_node+0x10/0x10
[ 90.922586][ T6581] ? xas_move_index+0xb0/0x110
[ 90.922601][ T6581] truncate_inode_pages_range+0x279/0xe50
[ 90.922616][ T6581] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 90.922634][ T6581] ? rcu_is_watching+0x12/0xc0
[ 90.922646][ T6581] ? has_bh_in_lru+0x9d/0x100
[ 90.922657][ T6581] ? smp_call_function_many_cond+0x457/0x1600
[ 90.922676][ T6581] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.922688][ T6581] ? __pfx_has_bh_in_lru+0x10/0x10
[ 90.922699][ T6581] blkdev_flush_mapping+0xfb/0x290
[ 90.922712][ T6581] ? filemap_check_errors+0xa9/0x160
[ 90.922726][ T6581] blkdev_put_whole+0xc4/0xf0
[ 90.922737][ T6581] bdev_release+0x47e/0x6d0
[ 90.922751][ T6581] ? __pfx_blkdev_release+0x10/0x10
[ 90.922764][ T6581] blkdev_release+0x15/0x20
[ 90.922776][ T6581] __fput+0x3ff/0xb70
[ 90.922791][ T6581] task_work_run+0x14d/0x240
[ 90.922803][ T6581] ? __pfx_task_work_run+0x10/0x10
[ 90.922814][ T6581] ? do_raw_spin_unlock+0x172/0x230
[ 90.922826][ T6581] do_exit+0x86f/0x2bf0
[ 90.922842][ T6581] ? __pfx_do_exit+0x10/0x10
[ 90.922857][ T6581] ? do_raw_spin_lock+0x12c/0x2b0
[ 90.922867][ T6581] ? get_signal+0x8f5/0x26d0
[ 90.922879][ T6581] ? rcu_is_watching+0x12/0xc0
[ 90.922892][ T6581] do_group_exit+0xd3/0x2a0
[ 90.922908][ T6581] get_signal+0x2673/0x26d0
[ 90.922923][ T6581] ? __pfx_get_signal+0x10/0x10
[ 90.922935][ T6581] ? do_futex+0x122/0x350
[ 90.922951][ T6581] ? __pfx_do_futex+0x10/0x10
[ 90.922967][ T6581] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.922981][ T6581] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 90.922996][ T6581] ? __pfx_do_preadv+0x10/0x10
[ 90.923013][ T6581] exit_to_user_mode_loop+0x84/0x110
[ 90.923028][ T6581] do_syscall_64+0x3f6/0x4c0
[ 90.923043][ T6581] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.923054][ T6581] RIP: 0033:0x7fac75f8e969
[ 90.923061][ T6581] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 90.923066][ T6581] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 90.923076][ T6581] RAX: fffffffffffffe00 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 90.923083][ T6581] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b5fa8
[ 90.923089][ T6581] RBP: 00007fac761b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 90.923095][ T6581] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b5fac
[ 90.923102][ T6581] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 90.923111][ T6581]
[ 90.945743][ T6585] BUG: Bad page state in process syz.0.34 pfn:4ee01
[ 91.028356][ T6585] page does not match folio
[ 91.029825][ T6585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x4ee01
[ 91.032788][ T6585] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 91.034980][ T6585] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 91.037836][ T6585] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 91.040336][ T6585] page dumped because: nonzero pincount
[ 91.041996][ T6585] page_owner tracks the page as allocated
[ 91.043681][ T6585] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6584, tgid 6584 (syz.0.34), ts 90928801541, free_ts 90923140036
[ 91.049607][ T6585] post_alloc_hook+0x1c0/0x230
[ 91.051125][ T6585] get_page_from_freelist+0x132b/0x38e0
[ 91.052773][ T6585] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 91.054553][ T6585] alloc_pages_mpol+0x1fb/0x550
[ 91.055994][ T6585] folio_alloc_noprof+0x20/0x2d0
[ 91.057566][ T6585] filemap_alloc_folio_noprof+0x3a1/0x470
[ 91.059277][ T6585] page_cache_ra_order+0x4e1/0xd70
[ 91.060876][ T6585] filemap_fault+0x1b4b/0x2930
[ 91.062321][ T6585] __do_fault+0x10a/0x490
[ 91.063624][ T6585] do_pte_missing+0x1a6/0x3ba0
[ 91.065078][ T6585] __handle_mm_fault+0x152a/0x2a50
[ 91.066647][ T6585] handle_mm_fault+0x589/0xd10
[ 91.068067][ T6585] do_user_addr_fault+0x60c/0x1370
[ 91.069609][ T6585] exc_page_fault+0x5c/0xb0
[ 91.071005][ T6585] asm_exc_page_fault+0x26/0x30
[ 91.072451][ T6585] page last free pid 6581 tgid 6580 stack trace:
[ 91.074332][ T6585] free_unref_folios+0xa61/0x16b0
[ 91.075846][ T6585] folios_put_refs+0x56f/0x740
[ 91.077380][ T6585] truncate_inode_pages_range+0x311/0xe50
[ 91.079110][ T6585] blkdev_flush_mapping+0xfb/0x290
[ 91.080650][ T6585] blkdev_put_whole+0xc4/0xf0
[ 91.082066][ T6585] bdev_release+0x47e/0x6d0
[ 91.083437][ T6585] blkdev_release+0x15/0x20
[ 91.084854][ T6585] __fput+0x3ff/0xb70
[ 91.086047][ T6585] task_work_run+0x14d/0x240
[ 91.087493][ T6585] do_exit+0x86f/0x2bf0
[ 91.088765][ T6585] do_group_exit+0xd3/0x2a0
[ 91.090120][ T6585] get_signal+0x2673/0x26d0
[ 91.091665][ T6585] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.093354][ T6585] exit_to_user_mode_loop+0x84/0x110
[ 91.094987][ T6585] do_syscall_64+0x3f6/0x4c0
[ 91.096485][ T6585] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.098265][ T6585] Modules linked in:
[ 91.099458][ T6585] CPU: 1 UID: 0 PID: 6585 Comm: syz.0.34 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 91.099476][ T6585] Tainted: [B]=BAD_PAGE
[ 91.099479][ T6585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.099486][ T6585] Call Trace:
[ 91.099490][ T6585]
[ 91.099494][ T6585] dump_stack_lvl+0x16c/0x1f0
[ 91.099511][ T6585] bad_page+0xcf/0x220
[ 91.099522][ T6585] ? __pfx_bad_page+0x10/0x10
[ 91.099534][ T6585] free_tail_page_prepare+0x44f/0x5b0
[ 91.099548][ T6585] __free_frozen_pages+0xbae/0x10f0
[ 91.099565][ T6585] __folio_put+0x329/0x450
[ 91.099575][ T6585] ? __pfx___folio_put+0x10/0x10
[ 91.099586][ T6585] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 91.099598][ T6585] ? rcu_is_watching+0x12/0xc0
[ 91.099611][ T6585] ? lock_release+0x201/0x2f0
[ 91.099627][ T6585] filemap_free_folio+0x132/0x170
[ 91.099638][ T6585] delete_from_page_cache_batch+0x741/0x9b0
[ 91.099650][ T6585] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 91.099662][ T6585] ? __pfx_workingset_update_node+0x10/0x10
[ 91.099672][ T6585] ? xas_move_index+0xb0/0x110
[ 91.099687][ T6585] truncate_inode_pages_range+0x279/0xe50
[ 91.099701][ T6585] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 91.099719][ T6585] ? rcu_is_watching+0x12/0xc0
[ 91.099731][ T6585] ? has_bh_in_lru+0x9d/0x100
[ 91.099742][ T6585] ? smp_call_function_many_cond+0x457/0x1600
[ 91.099761][ T6585] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.099773][ T6585] ? __pfx_has_bh_in_lru+0x10/0x10
[ 91.099784][ T6585] blkdev_flush_mapping+0xfb/0x290
[ 91.099795][ T6585] ? filemap_check_errors+0xa9/0x160
[ 91.099810][ T6585] blkdev_put_whole+0xc4/0xf0
[ 91.099821][ T6585] bdev_release+0x47e/0x6d0
[ 91.099834][ T6585] ? __pfx_blkdev_release+0x10/0x10
[ 91.099847][ T6585] blkdev_release+0x15/0x20
[ 91.099860][ T6585] __fput+0x3ff/0xb70
[ 91.099874][ T6585] task_work_run+0x14d/0x240
[ 91.099885][ T6585] ? __pfx_task_work_run+0x10/0x10
[ 91.099896][ T6585] ? do_raw_spin_unlock+0x172/0x230
[ 91.099908][ T6585] do_exit+0x86f/0x2bf0
[ 91.099923][ T6585] ? futex_private_hash_put+0x112/0x300
[ 91.099937][ T6585] ? rcu_is_watching+0x12/0xc0
[ 91.099949][ T6585] ? __pfx_do_exit+0x10/0x10
[ 91.099964][ T6585] ? do_raw_spin_lock+0x12c/0x2b0
[ 91.099974][ T6585] ? get_signal+0x8f5/0x26d0
[ 91.099987][ T6585] ? rcu_is_watching+0x12/0xc0
[ 91.100000][ T6585] do_group_exit+0xd3/0x2a0
[ 91.100015][ T6585] get_signal+0x2673/0x26d0
[ 91.100028][ T6585] ? rcu_is_watching+0x12/0xc0
[ 91.100042][ T6585] ? __pfx_get_signal+0x10/0x10
[ 91.100054][ T6585] ? do_futex+0x122/0x350
[ 91.100069][ T6585] ? __pfx_do_futex+0x10/0x10
[ 91.100085][ T6585] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.100099][ T6585] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 91.100114][ T6585] ? xfd_validate_state+0x61/0x180
[ 91.100130][ T6585] ? __pfx_do_preadv+0x10/0x10
[ 91.100146][ T6585] exit_to_user_mode_loop+0x84/0x110
[ 91.100157][ T6585] do_syscall_64+0x3f6/0x4c0
[ 91.100172][ T6585] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.100182][ T6585] RIP: 0033:0x7fac75f8e969
[ 91.100190][ T6585] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 91.100195][ T6585] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 91.100209][ T6585] RAX: 0000000000000001 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 91.100215][ T6585] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fac761b5fac
[ 91.100222][ T6585] RBP: 00007fac761b5fa0 R08: 00007fac76df2000 R09: 0000000000000000
[ 91.100228][ T6585] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fac761b5fac
[ 91.100234][ T6585] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 91.100243][ T6585]
[ 91.100259][ T6585] BUG: Bad page state in process syz.0.34 pfn:4ee00
[ 91.209938][ T6585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4ee00
[ 91.212489][ T6585] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 91.214991][ T6585] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 91.217930][ T6585] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 91.220403][ T6585] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.222960][ T6585] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 91.225505][ T6585] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.228069][ T6585] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.230631][ T6585] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 91.233169][ T6585] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 91.235327][ T6585] page_owner tracks the page as allocated
[ 91.237075][ T6585] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6584, tgid 6584 (syz.0.34), ts 90928801541, free_ts 90923140036
[ 91.242917][ T6585] post_alloc_hook+0x1c0/0x230
[ 91.244376][ T6585] get_page_from_freelist+0x132b/0x38e0
[ 91.246065][ T6585] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 91.247875][ T6585] alloc_pages_mpol+0x1fb/0x550
[ 91.249348][ T6585] folio_alloc_noprof+0x20/0x2d0
[ 91.250872][ T6585] filemap_alloc_folio_noprof+0x3a1/0x470
[ 91.252552][ T6585] page_cache_ra_order+0x4e1/0xd70
[ 91.254114][ T6585] filemap_fault+0x1b4b/0x2930
[ 91.255560][ T6585] __do_fault+0x10a/0x490
[ 91.256892][ T6585] do_pte_missing+0x1a6/0x3ba0
[ 91.258292][ T6585] __handle_mm_fault+0x152a/0x2a50
[ 91.259813][ T6585] handle_mm_fault+0x589/0xd10
[ 91.261328][ T6585] do_user_addr_fault+0x60c/0x1370
[ 91.262863][ T6585] exc_page_fault+0x5c/0xb0
[ 91.264237][ T6585] asm_exc_page_fault+0x26/0x30
[ 91.265698][ T6585] page last free pid 6581 tgid 6580 stack trace:
[ 91.267616][ T6585] free_unref_folios+0xa61/0x16b0
[ 91.269127][ T6585] folios_put_refs+0x56f/0x740
[ 91.270570][ T6585] truncate_inode_pages_range+0x311/0xe50
[ 91.272277][ T6585] blkdev_flush_mapping+0xfb/0x290
[ 91.273799][ T6585] blkdev_put_whole+0xc4/0xf0
[ 91.275213][ T6585] bdev_release+0x47e/0x6d0
[ 91.276616][ T6585] blkdev_release+0x15/0x20
[ 91.277991][ T6585] __fput+0x3ff/0xb70
[ 91.279188][ T6585] task_work_run+0x14d/0x240
[ 91.280568][ T6585] do_exit+0x86f/0x2bf0
[ 91.281833][ T6585] do_group_exit+0xd3/0x2a0
[ 91.283181][ T6585] get_signal+0x2673/0x26d0
[ 91.284555][ T6585] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.286185][ T6585] exit_to_user_mode_loop+0x84/0x110
[ 91.287801][ T6585] do_syscall_64+0x3f6/0x4c0
[ 91.289192][ T6585] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.290935][ T6585] Modules linked in:
[ 91.292098][ T6585] CPU: 1 UID: 0 PID: 6585 Comm: syz.0.34 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 91.292115][ T6585] Tainted: [B]=BAD_PAGE
[ 91.292119][ T6585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.292126][ T6585] Call Trace:
[ 91.292129][ T6585]
[ 91.292133][ T6585] dump_stack_lvl+0x16c/0x1f0
[ 91.292149][ T6585] bad_page+0xcf/0x220
[ 91.292161][ T6585] ? __pfx_bad_page+0x10/0x10
[ 91.292173][ T6585] ? page_bad_reason+0x9d/0x1f0
[ 91.292184][ T6585] __free_frozen_pages+0x7f7/0x10f0
[ 91.292204][ T6585] __folio_put+0x329/0x450
[ 91.292215][ T6585] ? __pfx___folio_put+0x10/0x10
[ 91.292225][ T6585] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 91.292236][ T6585] ? rcu_is_watching+0x12/0xc0
[ 91.292249][ T6585] ? lock_release+0x201/0x2f0
[ 91.292265][ T6585] filemap_free_folio+0x132/0x170
[ 91.292276][ T6585] delete_from_page_cache_batch+0x741/0x9b0
[ 91.292288][ T6585] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 91.292300][ T6585] ? __pfx_workingset_update_node+0x10/0x10
[ 91.292310][ T6585] ? xas_move_index+0xb0/0x110
[ 91.292326][ T6585] truncate_inode_pages_range+0x279/0xe50
[ 91.292340][ T6585] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 91.292358][ T6585] ? rcu_is_watching+0x12/0xc0
[ 91.292370][ T6585] ? has_bh_in_lru+0x9d/0x100
[ 91.292381][ T6585] ? smp_call_function_many_cond+0x457/0x1600
[ 91.292399][ T6585] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.292412][ T6585] ? __pfx_has_bh_in_lru+0x10/0x10
[ 91.292423][ T6585] blkdev_flush_mapping+0xfb/0x290
[ 91.292435][ T6585] ? filemap_check_errors+0xa9/0x160
[ 91.292449][ T6585] blkdev_put_whole+0xc4/0xf0
[ 91.292460][ T6585] bdev_release+0x47e/0x6d0
[ 91.292474][ T6585] ? __pfx_blkdev_release+0x10/0x10
[ 91.292487][ T6585] blkdev_release+0x15/0x20
[ 91.292499][ T6585] __fput+0x3ff/0xb70
[ 91.292513][ T6585] task_work_run+0x14d/0x240
[ 91.292525][ T6585] ? __pfx_task_work_run+0x10/0x10
[ 91.292536][ T6585] ? do_raw_spin_unlock+0x172/0x230
[ 91.292547][ T6585] do_exit+0x86f/0x2bf0
[ 91.292563][ T6585] ? futex_private_hash_put+0x112/0x300
[ 91.292577][ T6585] ? rcu_is_watching+0x12/0xc0
[ 91.292590][ T6585] ? __pfx_do_exit+0x10/0x10
[ 91.292604][ T6585] ? do_raw_spin_lock+0x12c/0x2b0
[ 91.292615][ T6585] ? get_signal+0x8f5/0x26d0
[ 91.292627][ T6585] ? rcu_is_watching+0x12/0xc0
[ 91.292640][ T6585] do_group_exit+0xd3/0x2a0
[ 91.292656][ T6585] get_signal+0x2673/0x26d0
[ 91.292669][ T6585] ? rcu_is_watching+0x12/0xc0
[ 91.292682][ T6585] ? __pfx_get_signal+0x10/0x10
[ 91.292695][ T6585] ? do_futex+0x122/0x350
[ 91.292710][ T6585] ? __pfx_do_futex+0x10/0x10
[ 91.292726][ T6585] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.292760][ T6585] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 91.292777][ T6585] ? xfd_validate_state+0x61/0x180
[ 91.292793][ T6585] ? __pfx_do_preadv+0x10/0x10
[ 91.292810][ T6585] exit_to_user_mode_loop+0x84/0x110
[ 91.292821][ T6585] do_syscall_64+0x3f6/0x4c0
[ 91.292836][ T6585] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.292847][ T6585] RIP: 0033:0x7fac75f8e969
[ 91.292855][ T6585] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 91.292860][ T6585] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 91.292869][ T6585] RAX: 0000000000000001 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 91.292876][ T6585] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fac761b5fac
[ 91.292882][ T6585] RBP: 00007fac761b5fa0 R08: 00007fac76df2000 R09: 0000000000000000
[ 91.292889][ T6585] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fac761b5fac
[ 91.292895][ T6585] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 91.292904][ T6585]
[ 91.423293][ T6589] BUG: Bad page state in process syz.0.35 pfn:57601
[ 91.425328][ T6589] page does not match folio
[ 91.426861][ T6589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x57601
[ 91.429860][ T6589] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 91.432142][ T6589] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 91.434690][ T6589] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 91.437301][ T6589] page dumped because: nonzero pincount
[ 91.439011][ T6589] page_owner tracks the page as allocated
[ 91.440670][ T6589] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6587, tgid 6587 (syz.0.35), ts 91350377588, free_ts 0
[ 91.446546][ T6589] post_alloc_hook+0x1c0/0x230
[ 91.448236][ T6589] get_page_from_freelist+0x132b/0x38e0
[ 91.449942][ T6589] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 91.451713][ T6589] alloc_pages_mpol+0x1fb/0x550
[ 91.453350][ T6589] folio_alloc_noprof+0x20/0x2d0
[ 91.454842][ T6589] filemap_alloc_folio_noprof+0x3a1/0x470
[ 91.456609][ T6589] page_cache_ra_order+0x4e1/0xd70
[ 91.458170][ T6589] filemap_fault+0x1b4b/0x2930
[ 91.459629][ T6589] __do_fault+0x10a/0x490
[ 91.460940][ T6589] do_pte_missing+0x1a6/0x3ba0
[ 91.462466][ T6589] __handle_mm_fault+0x152a/0x2a50
[ 91.464008][ T6589] handle_mm_fault+0x589/0xd10
[ 91.465468][ T6589] do_user_addr_fault+0x60c/0x1370
[ 91.467047][ T6589] exc_page_fault+0x5c/0xb0
[ 91.468438][ T6589] asm_exc_page_fault+0x26/0x30
[ 91.469909][ T6589] page_owner free stack trace missing
[ 91.471478][ T6589] Modules linked in:
[ 91.472684][ T6589] CPU: 0 UID: 0 PID: 6589 Comm: syz.0.35 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 91.472701][ T6589] Tainted: [B]=BAD_PAGE
[ 91.472705][ T6589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.472712][ T6589] Call Trace:
[ 91.472716][ T6589]
[ 91.472719][ T6589] dump_stack_lvl+0x16c/0x1f0
[ 91.472736][ T6589] bad_page+0xcf/0x220
[ 91.472763][ T6589] ? __pfx_bad_page+0x10/0x10
[ 91.472775][ T6589] free_tail_page_prepare+0x44f/0x5b0
[ 91.472789][ T6589] __free_frozen_pages+0xbae/0x10f0
[ 91.472806][ T6589] __folio_put+0x329/0x450
[ 91.472816][ T6589] ? __pfx___folio_put+0x10/0x10
[ 91.472827][ T6589] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 91.472838][ T6589] ? rcu_is_watching+0x12/0xc0
[ 91.472852][ T6589] ? lock_release+0x201/0x2f0
[ 91.472868][ T6589] filemap_free_folio+0x132/0x170
[ 91.472879][ T6589] delete_from_page_cache_batch+0x741/0x9b0
[ 91.472891][ T6589] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 91.472902][ T6589] ? __pfx_workingset_update_node+0x10/0x10
[ 91.472913][ T6589] ? xas_move_index+0xb0/0x110
[ 91.472929][ T6589] truncate_inode_pages_range+0x279/0xe50
[ 91.472944][ T6589] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 91.472962][ T6589] ? rcu_is_watching+0x12/0xc0
[ 91.472974][ T6589] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 91.472986][ T6589] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.472999][ T6589] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.473011][ T6589] ? smp_call_function_many_cond+0x457/0x1600
[ 91.473030][ T6589] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.473042][ T6589] ? __pfx_has_bh_in_lru+0x10/0x10
[ 91.473053][ T6589] blkdev_flush_mapping+0xfb/0x290
[ 91.473065][ T6589] ? filemap_check_errors+0xa9/0x160
[ 91.473080][ T6589] blkdev_put_whole+0xc4/0xf0
[ 91.473091][ T6589] bdev_release+0x47e/0x6d0
[ 91.473105][ T6589] ? __pfx_blkdev_release+0x10/0x10
[ 91.473118][ T6589] blkdev_release+0x15/0x20
[ 91.473131][ T6589] __fput+0x3ff/0xb70
[ 91.473145][ T6589] task_work_run+0x14d/0x240
[ 91.473157][ T6589] ? __pfx_task_work_run+0x10/0x10
[ 91.473168][ T6589] ? do_raw_spin_unlock+0x172/0x230
[ 91.473180][ T6589] do_exit+0x86f/0x2bf0
[ 91.473196][ T6589] ? __pfx_do_exit+0x10/0x10
[ 91.473211][ T6589] ? do_raw_spin_lock+0x12c/0x2b0
[ 91.473221][ T6589] ? get_signal+0x8f5/0x26d0
[ 91.473234][ T6589] ? rcu_is_watching+0x12/0xc0
[ 91.473250][ T6589] do_group_exit+0xd3/0x2a0
[ 91.473266][ T6589] get_signal+0x2673/0x26d0
[ 91.473280][ T6589] ? __pfx_get_signal+0x10/0x10
[ 91.473293][ T6589] ? do_futex+0x122/0x350
[ 91.473308][ T6589] ? __pfx_do_futex+0x10/0x10
[ 91.473324][ T6589] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.473339][ T6589] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 91.473354][ T6589] ? __pfx_do_preadv+0x10/0x10
[ 91.473372][ T6589] exit_to_user_mode_loop+0x84/0x110
[ 91.473383][ T6589] do_syscall_64+0x3f6/0x4c0
[ 91.473398][ T6589] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.473409][ T6589] RIP: 0033:0x7fac75f8e969
[ 91.473417][ T6589] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 91.473421][ T6589] RSP: 002b:00007fac76dd00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 91.473431][ T6589] RAX: fffffffffffffe00 RBX: 00007fac761b6088 RCX: 00007fac75f8e969
[ 91.473438][ T6589] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b6088
[ 91.473445][ T6589] RBP: 00007fac761b6080 R08: 0000000000000000 R09: 0000000000000000
[ 91.473451][ T6589] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b608c
[ 91.473457][ T6589] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 91.473467][ T6589]
[ 91.473481][ T6589] BUG: Bad page state in process syz.0.35 pfn:57600
[ 91.582111][ T6589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57600
[ 91.584763][ T6589] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 91.587409][ T6589] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 91.590383][ T6589] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 91.593048][ T6589] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.595647][ T6589] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 91.599379][ T6589] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.602043][ T6589] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.604688][ T6589] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 91.607562][ T6589] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 91.609951][ T6589] page_owner tracks the page as allocated
[ 91.611740][ T6589] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6587, tgid 6587 (syz.0.35), ts 91350377588, free_ts 0
[ 91.617734][ T6589] post_alloc_hook+0x1c0/0x230
[ 91.619232][ T6589] get_page_from_freelist+0x132b/0x38e0
[ 91.620965][ T6589] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 91.623002][ T6589] alloc_pages_mpol+0x1fb/0x550
[ 91.624528][ T6589] folio_alloc_noprof+0x20/0x2d0
[ 91.626077][ T6589] filemap_alloc_folio_noprof+0x3a1/0x470
[ 91.627941][ T6589] page_cache_ra_order+0x4e1/0xd70
[ 91.629539][ T6589] filemap_fault+0x1b4b/0x2930
[ 91.631058][ T6589] __do_fault+0x10a/0x490
[ 91.632503][ T6589] do_pte_missing+0x1a6/0x3ba0
[ 91.634165][ T6589] __handle_mm_fault+0x152a/0x2a50
[ 91.635745][ T6589] handle_mm_fault+0x589/0xd10
[ 91.637331][ T6589] do_user_addr_fault+0x60c/0x1370
[ 91.638931][ T6589] exc_page_fault+0x5c/0xb0
[ 91.640384][ T6589] asm_exc_page_fault+0x26/0x30
[ 91.641907][ T6589] page_owner free stack trace missing
[ 91.643562][ T6589] Modules linked in:
[ 91.644812][ T6589] CPU: 0 UID: 0 PID: 6589 Comm: syz.0.35 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 91.644829][ T6589] Tainted: [B]=BAD_PAGE
[ 91.644833][ T6589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.644840][ T6589] Call Trace:
[ 91.644844][ T6589]
[ 91.644848][ T6589] dump_stack_lvl+0x16c/0x1f0
[ 91.644864][ T6589] bad_page+0xcf/0x220
[ 91.644875][ T6589] ? __pfx_bad_page+0x10/0x10
[ 91.644886][ T6589] ? page_bad_reason+0x9d/0x1f0
[ 91.644898][ T6589] __free_frozen_pages+0x7f7/0x10f0
[ 91.644915][ T6589] __folio_put+0x329/0x450
[ 91.644925][ T6589] ? __pfx___folio_put+0x10/0x10
[ 91.644936][ T6589] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 91.644947][ T6589] ? rcu_is_watching+0x12/0xc0
[ 91.644960][ T6589] ? lock_release+0x201/0x2f0
[ 91.644976][ T6589] filemap_free_folio+0x132/0x170
[ 91.644986][ T6589] delete_from_page_cache_batch+0x741/0x9b0
[ 91.644998][ T6589] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 91.645010][ T6589] ? __pfx_workingset_update_node+0x10/0x10
[ 91.645020][ T6589] ? xas_move_index+0xb0/0x110
[ 91.645036][ T6589] truncate_inode_pages_range+0x279/0xe50
[ 91.645051][ T6589] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 91.645069][ T6589] ? rcu_is_watching+0x12/0xc0
[ 91.645081][ T6589] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 91.645093][ T6589] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.645105][ T6589] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.645118][ T6589] ? smp_call_function_many_cond+0x457/0x1600
[ 91.645136][ T6589] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.645148][ T6589] ? __pfx_has_bh_in_lru+0x10/0x10
[ 91.645159][ T6589] blkdev_flush_mapping+0xfb/0x290
[ 91.645172][ T6589] ? filemap_check_errors+0xa9/0x160
[ 91.645186][ T6589] blkdev_put_whole+0xc4/0xf0
[ 91.645197][ T6589] bdev_release+0x47e/0x6d0
[ 91.645211][ T6589] ? __pfx_blkdev_release+0x10/0x10
[ 91.645224][ T6589] blkdev_release+0x15/0x20
[ 91.645237][ T6589] __fput+0x3ff/0xb70
[ 91.645255][ T6589] task_work_run+0x14d/0x240
[ 91.645267][ T6589] ? __pfx_task_work_run+0x10/0x10
[ 91.645278][ T6589] ? do_raw_spin_unlock+0x172/0x230
[ 91.645290][ T6589] do_exit+0x86f/0x2bf0
[ 91.645306][ T6589] ? __pfx_do_exit+0x10/0x10
[ 91.645321][ T6589] ? do_raw_spin_lock+0x12c/0x2b0
[ 91.645331][ T6589] ? get_signal+0x8f5/0x26d0
[ 91.645344][ T6589] ? rcu_is_watching+0x12/0xc0
[ 91.645357][ T6589] do_group_exit+0xd3/0x2a0
[ 91.645372][ T6589] get_signal+0x2673/0x26d0
[ 91.645387][ T6589] ? __pfx_get_signal+0x10/0x10
[ 91.645399][ T6589] ? do_futex+0x122/0x350
[ 91.645415][ T6589] ? __pfx_do_futex+0x10/0x10
[ 91.645430][ T6589] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.645444][ T6589] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 91.645460][ T6589] ? __pfx_do_preadv+0x10/0x10
[ 91.645476][ T6589] exit_to_user_mode_loop+0x84/0x110
[ 91.645487][ T6589] do_syscall_64+0x3f6/0x4c0
[ 91.645502][ T6589] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.645513][ T6589] RIP: 0033:0x7fac75f8e969
[ 91.645521][ T6589] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 91.645526][ T6589] RSP: 002b:00007fac76dd00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 91.645535][ T6589] RAX: fffffffffffffe00 RBX: 00007fac761b6088 RCX: 00007fac75f8e969
[ 91.645542][ T6589] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fac761b6088
[ 91.645548][ T6589] RBP: 00007fac761b6080 R08: 0000000000000000 R09: 0000000000000000
[ 91.645555][ T6589] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fac761b608c
[ 91.645561][ T6589] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 91.645570][ T6589]
[ 91.774064][ T6591] BUG: Bad page state in process syz.0.36 pfn:57801
[ 91.778054][ T6591] page does not match folio
[ 91.779926][ T6591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x57801
[ 91.783818][ T6591] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 91.786797][ T6591] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 91.790112][ T6591] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 91.793379][ T6591] page dumped because: nonzero pincount
[ 91.795547][ T6591] page_owner tracks the page as allocated
[ 91.797826][ T6591] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6591, tgid 6591 (syz.0.36), ts 91757672180, free_ts 91645592806
[ 91.803716][ T6591] post_alloc_hook+0x1c0/0x230
[ 91.805230][ T6591] get_page_from_freelist+0x132b/0x38e0
[ 91.806933][ T6591] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 91.808699][ T6591] alloc_pages_mpol+0x1fb/0x550
[ 91.810176][ T6591] folio_alloc_noprof+0x20/0x2d0
[ 91.811681][ T6591] filemap_alloc_folio_noprof+0x3a1/0x470
[ 91.813394][ T6591] page_cache_ra_order+0x4e1/0xd70
[ 91.814956][ T6591] filemap_fault+0x1b4b/0x2930
[ 91.816481][ T6591] __do_fault+0x10a/0x490
[ 91.817793][ T6591] do_pte_missing+0x1a6/0x3ba0
[ 91.819214][ T6591] __handle_mm_fault+0x152a/0x2a50
[ 91.820716][ T6591] handle_mm_fault+0x589/0xd10
[ 91.822159][ T6591] do_user_addr_fault+0x60c/0x1370
[ 91.823715][ T6591] exc_page_fault+0x5c/0xb0
[ 91.825110][ T6591] asm_exc_page_fault+0x26/0x30
[ 91.826812][ T6591] page last free pid 6589 tgid 6587 stack trace:
[ 91.828730][ T6591] free_unref_folios+0xa61/0x16b0
[ 91.830289][ T6591] folios_put_refs+0x56f/0x740
[ 91.831766][ T6591] truncate_inode_pages_range+0x311/0xe50
[ 91.833515][ T6591] blkdev_flush_mapping+0xfb/0x290
[ 91.835063][ T6591] blkdev_put_whole+0xc4/0xf0
[ 91.836638][ T6591] bdev_release+0x47e/0x6d0
[ 91.838088][ T6591] blkdev_release+0x15/0x20
[ 91.839487][ T6591] __fput+0x3ff/0xb70
[ 91.840749][ T6591] task_work_run+0x14d/0x240
[ 91.842164][ T6591] do_exit+0x86f/0x2bf0
[ 91.843447][ T6591] do_group_exit+0xd3/0x2a0
[ 91.844847][ T6591] get_signal+0x2673/0x26d0
[ 91.846245][ T6591] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.848236][ T6591] exit_to_user_mode_loop+0x84/0x110
[ 91.850386][ T6591] do_syscall_64+0x3f6/0x4c0
[ 91.852251][ T6591] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.854582][ T6591] Modules linked in:
[ 91.856087][ T6591] CPU: 3 UID: 0 PID: 6591 Comm: syz.0.36 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 91.856114][ T6591] Tainted: [B]=BAD_PAGE
[ 91.856120][ T6591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.856131][ T6591] Call Trace:
[ 91.856137][ T6591]
[ 91.856144][ T6591] dump_stack_lvl+0x16c/0x1f0
[ 91.856169][ T6591] bad_page+0xcf/0x220
[ 91.856188][ T6591] ? __pfx_bad_page+0x10/0x10
[ 91.856208][ T6591] free_tail_page_prepare+0x44f/0x5b0
[ 91.856231][ T6591] __free_frozen_pages+0xbae/0x10f0
[ 91.856257][ T6591] __folio_put+0x329/0x450
[ 91.856274][ T6591] ? __pfx___folio_put+0x10/0x10
[ 91.856291][ T6591] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 91.856309][ T6591] ? rcu_is_watching+0x12/0xc0
[ 91.856329][ T6591] ? lock_release+0x201/0x2f0
[ 91.856367][ T6591] filemap_free_folio+0x132/0x170
[ 91.856384][ T6591] delete_from_page_cache_batch+0x741/0x9b0
[ 91.856401][ T6591] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 91.856418][ T6591] ? __pfx_workingset_update_node+0x10/0x10
[ 91.856433][ T6591] ? xas_move_index+0xb0/0x110
[ 91.856453][ T6591] truncate_inode_pages_range+0x279/0xe50
[ 91.856473][ T6591] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 91.856498][ T6591] ? rcu_is_watching+0x12/0xc0
[ 91.856514][ T6591] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 91.856543][ T6591] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.856560][ T6591] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.856577][ T6591] ? smp_call_function_many_cond+0x457/0x1600
[ 91.856602][ T6591] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.856618][ T6591] ? __pfx_has_bh_in_lru+0x10/0x10
[ 91.856632][ T6591] blkdev_flush_mapping+0xfb/0x290
[ 91.856650][ T6591] blkdev_put_whole+0xc4/0xf0
[ 91.856664][ T6591] bdev_release+0x47e/0x6d0
[ 91.856682][ T6591] ? __pfx_blkdev_release+0x10/0x10
[ 91.856700][ T6591] blkdev_release+0x15/0x20
[ 91.856717][ T6591] __fput+0x3ff/0xb70
[ 91.856757][ T6591] task_work_run+0x14d/0x240
[ 91.856774][ T6591] ? __pfx_task_work_run+0x10/0x10
[ 91.856789][ T6591] ? do_raw_spin_unlock+0x172/0x230
[ 91.856805][ T6591] do_exit+0x86f/0x2bf0
[ 91.856827][ T6591] ? __pfx_do_exit+0x10/0x10
[ 91.856846][ T6591] ? preempt_schedule_thunk+0x16/0x30
[ 91.856869][ T6591] do_group_exit+0xd3/0x2a0
[ 91.856890][ T6591] __x64_sys_exit_group+0x3e/0x50
[ 91.856910][ T6591] x64_sys_call+0x14fa/0x1720
[ 91.856927][ T6591] do_syscall_64+0xcd/0x4c0
[ 91.856947][ T6591] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.856961][ T6591] RIP: 0033:0x7fac75f8e969
[ 91.856972][ T6591] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 91.856979][ T6591] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 91.856993][ T6591] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 91.857011][ T6591] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 91.857019][ T6591] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 91.857028][ T6591] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000014
[ 91.857036][ T6591] R13: 00000000000927c0 R14: 00000000000164a4 R15: 00007ffcdde9e150
[ 91.857050][ T6591]
[ 91.955451][ T6591] BUG: Bad page state in process syz.0.36 pfn:57800
[ 91.958620][ T6591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57800
[ 91.961273][ T6591] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 91.963763][ T6591] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 91.969274][ T6591] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 91.971891][ T6591] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.974540][ T6591] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 91.977253][ T6591] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.979862][ T6591] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.982476][ T6591] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 91.985082][ T6591] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 91.987381][ T6591] page_owner tracks the page as allocated
[ 91.989186][ T6591] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6591, tgid 6591 (syz.0.36), ts 91757672180, free_ts 91645592806
[ 91.995640][ T6591] post_alloc_hook+0x1c0/0x230
[ 91.997203][ T6591] get_page_from_freelist+0x132b/0x38e0
[ 91.998903][ T6591] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 92.000707][ T6591] alloc_pages_mpol+0x1fb/0x550
[ 92.002185][ T6591] folio_alloc_noprof+0x20/0x2d0
[ 92.003691][ T6591] filemap_alloc_folio_noprof+0x3a1/0x470
[ 92.005418][ T6591] page_cache_ra_order+0x4e1/0xd70
[ 92.007041][ T6591] filemap_fault+0x1b4b/0x2930
[ 92.008550][ T6591] __do_fault+0x10a/0x490
[ 92.009902][ T6591] do_pte_missing+0x1a6/0x3ba0
[ 92.011381][ T6591] __handle_mm_fault+0x152a/0x2a50
[ 92.013138][ T6591] handle_mm_fault+0x589/0xd10
[ 92.014615][ T6591] do_user_addr_fault+0x60c/0x1370
[ 92.016158][ T6591] exc_page_fault+0x5c/0xb0
[ 92.017666][ T6591] asm_exc_page_fault+0x26/0x30
[ 92.019164][ T6591] page last free pid 6589 tgid 6587 stack trace:
[ 92.021061][ T6591] free_unref_folios+0xa61/0x16b0
[ 92.022589][ T6591] folios_put_refs+0x56f/0x740
[ 92.024048][ T6591] truncate_inode_pages_range+0x311/0xe50
[ 92.025769][ T6591] blkdev_flush_mapping+0xfb/0x290
[ 92.027413][ T6591] blkdev_put_whole+0xc4/0xf0
[ 92.028845][ T6591] bdev_release+0x47e/0x6d0
[ 92.030251][ T6591] blkdev_release+0x15/0x20
[ 92.031652][ T6591] __fput+0x3ff/0xb70
[ 92.032893][ T6591] task_work_run+0x14d/0x240
[ 92.034316][ T6591] do_exit+0x86f/0x2bf0
[ 92.035602][ T6591] do_group_exit+0xd3/0x2a0
[ 92.037091][ T6591] get_signal+0x2673/0x26d0
[ 92.038489][ T6591] arch_do_signal_or_restart+0x8f/0x7d0
[ 92.040185][ T6591] exit_to_user_mode_loop+0x84/0x110
[ 92.041833][ T6591] do_syscall_64+0x3f6/0x4c0
[ 92.043265][ T6591] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.045087][ T6591] Modules linked in:
[ 92.046293][ T6591] CPU: 2 UID: 0 PID: 6591 Comm: syz.0.36 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 92.046309][ T6591] Tainted: [B]=BAD_PAGE
[ 92.046313][ T6591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.046320][ T6591] Call Trace:
[ 92.046323][ T6591]
[ 92.046327][ T6591] dump_stack_lvl+0x16c/0x1f0
[ 92.046342][ T6591] bad_page+0xcf/0x220
[ 92.046366][ T6591] ? __pfx_bad_page+0x10/0x10
[ 92.046377][ T6591] ? page_bad_reason+0x9d/0x1f0
[ 92.046389][ T6591] __free_frozen_pages+0x7f7/0x10f0
[ 92.046405][ T6591] __folio_put+0x329/0x450
[ 92.046415][ T6591] ? __pfx___folio_put+0x10/0x10
[ 92.046425][ T6591] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 92.046437][ T6591] ? rcu_is_watching+0x12/0xc0
[ 92.046450][ T6591] ? lock_release+0x201/0x2f0
[ 92.046466][ T6591] filemap_free_folio+0x132/0x170
[ 92.046476][ T6591] delete_from_page_cache_batch+0x741/0x9b0
[ 92.046488][ T6591] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 92.046500][ T6591] ? __pfx_workingset_update_node+0x10/0x10
[ 92.046510][ T6591] ? xas_move_index+0xb0/0x110
[ 92.046526][ T6591] truncate_inode_pages_range+0x279/0xe50
[ 92.046540][ T6591] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 92.046558][ T6591] ? rcu_is_watching+0x12/0xc0
[ 92.046570][ T6591] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 92.046582][ T6591] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.046595][ T6591] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.046607][ T6591] ? smp_call_function_many_cond+0x457/0x1600
[ 92.046625][ T6591] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.046637][ T6591] ? __pfx_has_bh_in_lru+0x10/0x10
[ 92.046648][ T6591] blkdev_flush_mapping+0xfb/0x290
[ 92.046660][ T6591] blkdev_put_whole+0xc4/0xf0
[ 92.046671][ T6591] bdev_release+0x47e/0x6d0
[ 92.046684][ T6591] ? __pfx_blkdev_release+0x10/0x10
[ 92.046697][ T6591] blkdev_release+0x15/0x20
[ 92.046710][ T6591] __fput+0x3ff/0xb70
[ 92.046724][ T6591] task_work_run+0x14d/0x240
[ 92.046735][ T6591] ? __pfx_task_work_run+0x10/0x10
[ 92.046745][ T6591] ? do_raw_spin_unlock+0x172/0x230
[ 92.046757][ T6591] do_exit+0x86f/0x2bf0
[ 92.046773][ T6591] ? __pfx_do_exit+0x10/0x10
[ 92.046787][ T6591] ? preempt_schedule_thunk+0x16/0x30
[ 92.046803][ T6591] do_group_exit+0xd3/0x2a0
[ 92.046818][ T6591] __x64_sys_exit_group+0x3e/0x50
[ 92.046834][ T6591] x64_sys_call+0x14fa/0x1720
[ 92.046846][ T6591] do_syscall_64+0xcd/0x4c0
[ 92.046861][ T6591] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.046871][ T6591] RIP: 0033:0x7fac75f8e969
[ 92.046879][ T6591] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 92.046884][ T6591] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 92.046894][ T6591] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 92.046900][ T6591] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 92.046906][ T6591] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 92.046912][ T6591] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000014
[ 92.046918][ T6591] R13: 00000000000927c0 R14: 00000000000164a4 R15: 00007ffcdde9e150
[ 92.046928][ T6591]
[ 92.160679][ T6593] BUG: Bad page state in process syz.0.37 pfn:57a01
[ 92.162761][ T6593] page does not match folio
[ 92.164154][ T6593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x57a01
[ 92.167318][ T6593] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 92.170081][ T6593] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 92.173184][ T6593] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 92.176302][ T6593] page dumped because: nonzero pincount
[ 92.178457][ T6593] page_owner tracks the page as allocated
[ 92.180551][ T6593] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6593, tgid 6593 (syz.0.37), ts 92143892595, free_ts 92138663388
[ 92.187789][ T6593] post_alloc_hook+0x1c0/0x230
[ 92.189589][ T6593] get_page_from_freelist+0x132b/0x38e0
[ 92.191697][ T6593] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 92.193913][ T6593] alloc_pages_mpol+0x1fb/0x550
[ 92.195748][ T6593] folio_alloc_noprof+0x20/0x2d0
[ 92.197721][ T6593] filemap_alloc_folio_noprof+0x3a1/0x470
[ 92.199837][ T6593] page_cache_ra_order+0x4e1/0xd70
[ 92.201760][ T6593] filemap_fault+0x1b4b/0x2930
[ 92.203528][ T6593] __do_fault+0x10a/0x490
[ 92.205128][ T6593] do_pte_missing+0x1a6/0x3ba0
[ 92.206998][ T6593] __handle_mm_fault+0x152a/0x2a50
[ 92.208901][ T6593] handle_mm_fault+0x589/0xd10
[ 92.210729][ T6593] do_user_addr_fault+0x60c/0x1370
[ 92.212636][ T6593] exc_page_fault+0x5c/0xb0
[ 92.214356][ T6593] asm_exc_page_fault+0x26/0x30
[ 92.216199][ T6593] page last free pid 6591 tgid 6591 stack trace:
[ 92.218776][ T6593] free_unref_folios+0xa61/0x16b0
[ 92.220682][ T6593] folios_put_refs+0x56f/0x740
[ 92.222501][ T6593] truncate_inode_pages_range+0x311/0xe50
[ 92.224620][ T6593] blkdev_flush_mapping+0xfb/0x290
[ 92.226616][ T6593] blkdev_put_whole+0xc4/0xf0
[ 92.228373][ T6593] bdev_release+0x47e/0x6d0
[ 92.230109][ T6593] blkdev_release+0x15/0x20
[ 92.231795][ T6593] __fput+0x3ff/0xb70
[ 92.233310][ T6593] task_work_run+0x14d/0x240
[ 92.235034][ T6593] do_exit+0x86f/0x2bf0
[ 92.236747][ T6593] do_group_exit+0xd3/0x2a0
[ 92.238497][ T6593] __x64_sys_exit_group+0x3e/0x50
[ 92.240432][ T6593] x64_sys_call+0x14fa/0x1720
[ 92.242256][ T6593] do_syscall_64+0xcd/0x4c0
[ 92.243958][ T6593] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.245893][ T6593] Modules linked in:
[ 92.247112][ T6593] CPU: 1 UID: 0 PID: 6593 Comm: syz.0.37 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 92.247129][ T6593] Tainted: [B]=BAD_PAGE
[ 92.247133][ T6593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.247140][ T6593] Call Trace:
[ 92.247144][ T6593]
[ 92.247148][ T6593] dump_stack_lvl+0x16c/0x1f0
[ 92.247164][ T6593] bad_page+0xcf/0x220
[ 92.247176][ T6593] ? __pfx_bad_page+0x10/0x10
[ 92.247192][ T6593] free_tail_page_prepare+0x44f/0x5b0
[ 92.247206][ T6593] __free_frozen_pages+0xbae/0x10f0
[ 92.247232][ T6593] __folio_put+0x329/0x450
[ 92.247245][ T6593] ? __pfx___folio_put+0x10/0x10
[ 92.247256][ T6593] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 92.247267][ T6593] ? rcu_is_watching+0x12/0xc0
[ 92.247280][ T6593] ? lock_release+0x201/0x2f0
[ 92.247296][ T6593] filemap_free_folio+0x132/0x170
[ 92.247306][ T6593] delete_from_page_cache_batch+0x741/0x9b0
[ 92.247317][ T6593] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 92.247329][ T6593] ? __pfx_workingset_update_node+0x10/0x10
[ 92.247340][ T6593] ? xas_move_index+0xb0/0x110
[ 92.247356][ T6593] truncate_inode_pages_range+0x279/0xe50
[ 92.247370][ T6593] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 92.247387][ T6593] ? rcu_is_watching+0x12/0xc0
[ 92.247400][ T6593] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 92.247411][ T6593] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.247425][ T6593] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.247436][ T6593] ? smp_call_function_many_cond+0x457/0x1600
[ 92.247456][ T6593] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.247467][ T6593] ? __pfx_has_bh_in_lru+0x10/0x10
[ 92.247478][ T6593] blkdev_flush_mapping+0xfb/0x290
[ 92.247491][ T6593] blkdev_put_whole+0xc4/0xf0
[ 92.247503][ T6593] bdev_release+0x47e/0x6d0
[ 92.247516][ T6593] ? __pfx_blkdev_release+0x10/0x10
[ 92.247529][ T6593] blkdev_release+0x15/0x20
[ 92.247542][ T6593] __fput+0x3ff/0xb70
[ 92.247556][ T6593] task_work_run+0x14d/0x240
[ 92.247567][ T6593] ? __pfx_task_work_run+0x10/0x10
[ 92.247578][ T6593] ? do_raw_spin_unlock+0x172/0x230
[ 92.247590][ T6593] do_exit+0x86f/0x2bf0
[ 92.247606][ T6593] ? __pfx_do_exit+0x10/0x10
[ 92.247621][ T6593] ? preempt_schedule_thunk+0x16/0x30
[ 92.247637][ T6593] do_group_exit+0xd3/0x2a0
[ 92.247653][ T6593] __x64_sys_exit_group+0x3e/0x50
[ 92.247669][ T6593] x64_sys_call+0x14fa/0x1720
[ 92.247681][ T6593] do_syscall_64+0xcd/0x4c0
[ 92.247696][ T6593] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.247707][ T6593] RIP: 0033:0x7fac75f8e969
[ 92.247714][ T6593] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 92.247719][ T6593] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 92.247729][ T6593] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 92.247735][ T6593] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 92.247741][ T6593] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 92.247748][ T6593] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000015
[ 92.247754][ T6593] R13: 00000000000927c0 R14: 000000000001660a R15: 00007ffcdde9e150
[ 92.247762][ T6593]
[ 92.247788][ T6593] BUG: Bad page state in process syz.0.37 pfn:57a00
[ 92.340697][ T6593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57a00
[ 92.343303][ T6593] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 92.345772][ T6593] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 92.348666][ T6593] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 92.351150][ T6593] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.353694][ T6593] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 92.356236][ T6593] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.358833][ T6593] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.361379][ T6593] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 92.363893][ T6593] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 92.366062][ T6593] page_owner tracks the page as allocated
[ 92.367853][ T6593] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6593, tgid 6593 (syz.0.37), ts 92143892595, free_ts 92138663388
[ 92.373676][ T6593] post_alloc_hook+0x1c0/0x230
[ 92.375167][ T6593] get_page_from_freelist+0x132b/0x38e0
[ 92.376914][ T6593] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 92.378679][ T6593] alloc_pages_mpol+0x1fb/0x550
[ 92.380110][ T6593] folio_alloc_noprof+0x20/0x2d0
[ 92.381591][ T6593] filemap_alloc_folio_noprof+0x3a1/0x470
[ 92.383297][ T6593] page_cache_ra_order+0x4e1/0xd70
[ 92.384855][ T6593] filemap_fault+0x1b4b/0x2930
[ 92.386252][ T6593] __do_fault+0x10a/0x490
[ 92.387568][ T6593] do_pte_missing+0x1a6/0x3ba0
[ 92.388961][ T6593] __handle_mm_fault+0x152a/0x2a50
[ 92.390462][ T6593] handle_mm_fault+0x589/0xd10
[ 92.391843][ T6593] do_user_addr_fault+0x60c/0x1370
[ 92.393377][ T6593] exc_page_fault+0x5c/0xb0
[ 92.394710][ T6593] asm_exc_page_fault+0x26/0x30
[ 92.396147][ T6593] page last free pid 6591 tgid 6591 stack trace:
[ 92.398030][ T6593] free_unref_folios+0xa61/0x16b0
[ 92.399488][ T6593] folios_put_refs+0x56f/0x740
[ 92.400885][ T6593] truncate_inode_pages_range+0x311/0xe50
[ 92.402542][ T6593] blkdev_flush_mapping+0xfb/0x290
[ 92.404029][ T6593] blkdev_put_whole+0xc4/0xf0
[ 92.405426][ T6593] bdev_release+0x47e/0x6d0
[ 92.406835][ T6593] blkdev_release+0x15/0x20
[ 92.408180][ T6593] __fput+0x3ff/0xb70
[ 92.409369][ T6593] task_work_run+0x14d/0x240
[ 92.410726][ T6593] do_exit+0x86f/0x2bf0
[ 92.411937][ T6593] do_group_exit+0xd3/0x2a0
[ 92.413271][ T6593] __x64_sys_exit_group+0x3e/0x50
[ 92.414763][ T6593] x64_sys_call+0x14fa/0x1720
[ 92.416218][ T6593] do_syscall_64+0xcd/0x4c0
[ 92.417679][ T6593] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.419357][ T6593] Modules linked in:
[ 92.420521][ T6593] CPU: 1 UID: 0 PID: 6593 Comm: syz.0.37 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 92.420538][ T6593] Tainted: [B]=BAD_PAGE
[ 92.420542][ T6593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.420548][ T6593] Call Trace:
[ 92.420552][ T6593]
[ 92.420556][ T6593] dump_stack_lvl+0x16c/0x1f0
[ 92.420572][ T6593] bad_page+0xcf/0x220
[ 92.420584][ T6593] ? __pfx_bad_page+0x10/0x10
[ 92.420595][ T6593] ? page_bad_reason+0x9d/0x1f0
[ 92.420606][ T6593] __free_frozen_pages+0x7f7/0x10f0
[ 92.420623][ T6593] __folio_put+0x329/0x450
[ 92.420633][ T6593] ? __pfx___folio_put+0x10/0x10
[ 92.420644][ T6593] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 92.420655][ T6593] ? rcu_is_watching+0x12/0xc0
[ 92.420668][ T6593] ? lock_release+0x201/0x2f0
[ 92.420685][ T6593] filemap_free_folio+0x132/0x170
[ 92.420695][ T6593] delete_from_page_cache_batch+0x741/0x9b0
[ 92.420707][ T6593] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 92.420720][ T6593] ? __pfx_workingset_update_node+0x10/0x10
[ 92.420745][ T6593] ? xas_move_index+0xb0/0x110
[ 92.420761][ T6593] truncate_inode_pages_range+0x279/0xe50
[ 92.420776][ T6593] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 92.420794][ T6593] ? rcu_is_watching+0x12/0xc0
[ 92.420806][ T6593] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 92.420818][ T6593] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.420830][ T6593] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.420843][ T6593] ? smp_call_function_many_cond+0x457/0x1600
[ 92.420862][ T6593] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.420874][ T6593] ? __pfx_has_bh_in_lru+0x10/0x10
[ 92.420885][ T6593] blkdev_flush_mapping+0xfb/0x290
[ 92.420898][ T6593] blkdev_put_whole+0xc4/0xf0
[ 92.420910][ T6593] bdev_release+0x47e/0x6d0
[ 92.420923][ T6593] ? __pfx_blkdev_release+0x10/0x10
[ 92.420936][ T6593] blkdev_release+0x15/0x20
[ 92.420949][ T6593] __fput+0x3ff/0xb70
[ 92.420963][ T6593] task_work_run+0x14d/0x240
[ 92.420975][ T6593] ? __pfx_task_work_run+0x10/0x10
[ 92.420986][ T6593] ? do_raw_spin_unlock+0x172/0x230
[ 92.420998][ T6593] do_exit+0x86f/0x2bf0
[ 92.421013][ T6593] ? __pfx_do_exit+0x10/0x10
[ 92.421028][ T6593] ? preempt_schedule_thunk+0x16/0x30
[ 92.421044][ T6593] do_group_exit+0xd3/0x2a0
[ 92.421060][ T6593] __x64_sys_exit_group+0x3e/0x50
[ 92.421076][ T6593] x64_sys_call+0x14fa/0x1720
[ 92.421088][ T6593] do_syscall_64+0xcd/0x4c0
[ 92.421103][ T6593] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.421113][ T6593] RIP: 0033:0x7fac75f8e969
[ 92.421121][ T6593] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 92.421125][ T6593] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 92.421136][ T6593] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 92.421142][ T6593] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 92.421148][ T6593] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 92.421155][ T6593] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000015
[ 92.421161][ T6593] R13: 00000000000927c0 R14: 000000000001660a R15: 00007ffcdde9e150
[ 92.421170][ T6593]
[ 92.537421][ T6596] BUG: Bad page state in process syz.0.38 pfn:57c01
[ 92.539816][ T6596] page does not match folio
[ 92.541362][ T6596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x57c01
[ 92.544672][ T6596] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 92.547304][ T6596] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 92.550279][ T6596] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 92.553194][ T6596] page dumped because: nonzero pincount
[ 92.555054][ T6596] page_owner tracks the page as allocated
[ 92.556999][ T6596] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6595, tgid 6595 (syz.0.38), ts 92515794524, free_ts 0
[ 92.563743][ T6596] post_alloc_hook+0x1c0/0x230
[ 92.565578][ T6596] get_page_from_freelist+0x132b/0x38e0
[ 92.567641][ T6596] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 92.569861][ T6596] alloc_pages_mpol+0x1fb/0x550
[ 92.571531][ T6596] folio_alloc_noprof+0x20/0x2d0
[ 92.573274][ T6596] filemap_alloc_folio_noprof+0x3a1/0x470
[ 92.575406][ T6596] page_cache_ra_order+0x4e1/0xd70
[ 92.577404][ T6596] filemap_fault+0x1b4b/0x2930
[ 92.579029][ T6596] __do_fault+0x10a/0x490
[ 92.580620][ T6596] do_pte_missing+0x1a6/0x3ba0
[ 92.582234][ T6596] __handle_mm_fault+0x152a/0x2a50
[ 92.584061][ T6596] handle_mm_fault+0x589/0xd10
[ 92.585626][ T6596] do_user_addr_fault+0x60c/0x1370
[ 92.587630][ T6596] exc_page_fault+0x5c/0xb0
[ 92.589387][ T6596] asm_exc_page_fault+0x26/0x30
[ 92.591085][ T6596] page_owner free stack trace missing
[ 92.593099][ T6596] Modules linked in:
[ 92.594345][ T6596] CPU: 3 UID: 0 PID: 6596 Comm: syz.0.38 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 92.594370][ T6596] Tainted: [B]=BAD_PAGE
[ 92.594373][ T6596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.594381][ T6596] Call Trace:
[ 92.594384][ T6596]
[ 92.594388][ T6596] dump_stack_lvl+0x16c/0x1f0
[ 92.594404][ T6596] bad_page+0xcf/0x220
[ 92.594416][ T6596] ? __pfx_bad_page+0x10/0x10
[ 92.594428][ T6596] free_tail_page_prepare+0x44f/0x5b0
[ 92.594442][ T6596] __free_frozen_pages+0xbae/0x10f0
[ 92.594459][ T6596] __folio_put+0x329/0x450
[ 92.594470][ T6596] ? __pfx___folio_put+0x10/0x10
[ 92.594486][ T6596] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 92.594502][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.594522][ T6596] ? lock_release+0x201/0x2f0
[ 92.594541][ T6596] filemap_free_folio+0x132/0x170
[ 92.594551][ T6596] delete_from_page_cache_batch+0x741/0x9b0
[ 92.594564][ T6596] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 92.594575][ T6596] ? __pfx_workingset_update_node+0x10/0x10
[ 92.594586][ T6596] ? xas_move_index+0xb0/0x110
[ 92.594601][ T6596] truncate_inode_pages_range+0x279/0xe50
[ 92.594616][ T6596] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 92.594642][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.594659][ T6596] ? has_bh_in_lru+0x9d/0x100
[ 92.594674][ T6596] ? smp_call_function_many_cond+0x457/0x1600
[ 92.594696][ T6596] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.594708][ T6596] ? __pfx_has_bh_in_lru+0x10/0x10
[ 92.594719][ T6596] blkdev_flush_mapping+0xfb/0x290
[ 92.594731][ T6596] ? filemap_check_errors+0xa9/0x160
[ 92.594746][ T6596] blkdev_put_whole+0xc4/0xf0
[ 92.594758][ T6596] bdev_release+0x47e/0x6d0
[ 92.594771][ T6596] ? __pfx_blkdev_release+0x10/0x10
[ 92.594786][ T6596] blkdev_release+0x15/0x20
[ 92.594805][ T6596] __fput+0x3ff/0xb70
[ 92.594826][ T6596] task_work_run+0x14d/0x240
[ 92.594842][ T6596] ? __pfx_task_work_run+0x10/0x10
[ 92.594858][ T6596] ? do_raw_spin_unlock+0x172/0x230
[ 92.594877][ T6596] do_exit+0x86f/0x2bf0
[ 92.594900][ T6596] ? futex_private_hash_put+0x112/0x300
[ 92.594920][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.594939][ T6596] ? __pfx_do_exit+0x10/0x10
[ 92.594961][ T6596] ? do_raw_spin_lock+0x12c/0x2b0
[ 92.594976][ T6596] ? get_signal+0x8f5/0x26d0
[ 92.594994][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.595013][ T6596] do_group_exit+0xd3/0x2a0
[ 92.595036][ T6596] get_signal+0x2673/0x26d0
[ 92.595053][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.595074][ T6596] ? __pfx_get_signal+0x10/0x10
[ 92.595092][ T6596] ? do_futex+0x122/0x350
[ 92.595114][ T6596] ? __pfx_do_futex+0x10/0x10
[ 92.595136][ T6596] arch_do_signal_or_restart+0x8f/0x7d0
[ 92.595157][ T6596] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 92.595178][ T6596] ? xfd_validate_state+0x61/0x180
[ 92.595197][ T6596] ? __pfx_do_preadv+0x10/0x10
[ 92.595213][ T6596] exit_to_user_mode_loop+0x84/0x110
[ 92.595228][ T6596] do_syscall_64+0x3f6/0x4c0
[ 92.595243][ T6596] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.595254][ T6596] RIP: 0033:0x7fac75f8e969
[ 92.595262][ T6596] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 92.595267][ T6596] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 92.595281][ T6596] RAX: 0000000000000001 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 92.595291][ T6596] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fac761b5fac
[ 92.595301][ T6596] RBP: 00007fac761b5fa0 R08: 00007fac76df2000 R09: 0000000000000000
[ 92.595311][ T6596] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fac761b5fac
[ 92.595321][ T6596] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 92.595336][ T6596]
[ 92.595352][ T6596] BUG: Bad page state in process syz.0.38 pfn:57c00
[ 92.705595][ T6596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57c00
[ 92.708261][ T6596] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 92.710755][ T6596] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 92.713677][ T6596] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 92.716169][ T6596] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.721892][ T6596] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 92.724425][ T6596] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.727029][ T6596] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.729537][ T6596] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 92.732081][ T6596] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 92.734205][ T6596] page_owner tracks the page as allocated
[ 92.735861][ T6596] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6595, tgid 6595 (syz.0.38), ts 92515794524, free_ts 0
[ 92.741509][ T6596] post_alloc_hook+0x1c0/0x230
[ 92.742969][ T6596] get_page_from_freelist+0x132b/0x38e0
[ 92.744656][ T6596] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 92.746494][ T6596] alloc_pages_mpol+0x1fb/0x550
[ 92.747959][ T6596] folio_alloc_noprof+0x20/0x2d0
[ 92.749449][ T6596] filemap_alloc_folio_noprof+0x3a1/0x470
[ 92.751152][ T6596] page_cache_ra_order+0x4e1/0xd70
[ 92.752711][ T6596] filemap_fault+0x1b4b/0x2930
[ 92.754128][ T6596] __do_fault+0x10a/0x490
[ 92.755472][ T6596] do_pte_missing+0x1a6/0x3ba0
[ 92.757029][ T6596] __handle_mm_fault+0x152a/0x2a50
[ 92.758606][ T6596] handle_mm_fault+0x589/0xd10
[ 92.760054][ T6596] do_user_addr_fault+0x60c/0x1370
[ 92.761612][ T6596] exc_page_fault+0x5c/0xb0
[ 92.762999][ T6596] asm_exc_page_fault+0x26/0x30
[ 92.764465][ T6596] page_owner free stack trace missing
[ 92.766092][ T6596] Modules linked in:
[ 92.767345][ T6596] CPU: 3 UID: 0 PID: 6596 Comm: syz.0.38 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 92.767362][ T6596] Tainted: [B]=BAD_PAGE
[ 92.767366][ T6596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.767372][ T6596] Call Trace:
[ 92.767376][ T6596]
[ 92.767380][ T6596] dump_stack_lvl+0x16c/0x1f0
[ 92.767396][ T6596] bad_page+0xcf/0x220
[ 92.767408][ T6596] ? __pfx_bad_page+0x10/0x10
[ 92.767419][ T6596] ? page_bad_reason+0x9d/0x1f0
[ 92.767430][ T6596] __free_frozen_pages+0x7f7/0x10f0
[ 92.767447][ T6596] __folio_put+0x329/0x450
[ 92.767457][ T6596] ? __pfx___folio_put+0x10/0x10
[ 92.767468][ T6596] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 92.767479][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.767492][ T6596] ? lock_release+0x201/0x2f0
[ 92.767508][ T6596] filemap_free_folio+0x132/0x170
[ 92.767518][ T6596] delete_from_page_cache_batch+0x741/0x9b0
[ 92.767530][ T6596] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 92.767541][ T6596] ? __pfx_workingset_update_node+0x10/0x10
[ 92.767552][ T6596] ? xas_move_index+0xb0/0x110
[ 92.767567][ T6596] truncate_inode_pages_range+0x279/0xe50
[ 92.767582][ T6596] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 92.767599][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.767611][ T6596] ? has_bh_in_lru+0x9d/0x100
[ 92.767622][ T6596] ? smp_call_function_many_cond+0x457/0x1600
[ 92.767641][ T6596] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.767653][ T6596] ? __pfx_has_bh_in_lru+0x10/0x10
[ 92.767664][ T6596] blkdev_flush_mapping+0xfb/0x290
[ 92.767676][ T6596] ? filemap_check_errors+0xa9/0x160
[ 92.767690][ T6596] blkdev_put_whole+0xc4/0xf0
[ 92.767701][ T6596] bdev_release+0x47e/0x6d0
[ 92.767714][ T6596] ? __pfx_blkdev_release+0x10/0x10
[ 92.767728][ T6596] blkdev_release+0x15/0x20
[ 92.767740][ T6596] __fput+0x3ff/0xb70
[ 92.767756][ T6596] task_work_run+0x14d/0x240
[ 92.767767][ T6596] ? __pfx_task_work_run+0x10/0x10
[ 92.767778][ T6596] ? do_raw_spin_unlock+0x172/0x230
[ 92.767790][ T6596] do_exit+0x86f/0x2bf0
[ 92.767805][ T6596] ? futex_private_hash_put+0x112/0x300
[ 92.767819][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.767832][ T6596] ? __pfx_do_exit+0x10/0x10
[ 92.767847][ T6596] ? do_raw_spin_lock+0x12c/0x2b0
[ 92.767857][ T6596] ? get_signal+0x8f5/0x26d0
[ 92.767870][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.767883][ T6596] do_group_exit+0xd3/0x2a0
[ 92.767898][ T6596] get_signal+0x2673/0x26d0
[ 92.767911][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.767925][ T6596] ? __pfx_get_signal+0x10/0x10
[ 92.767937][ T6596] ? do_futex+0x122/0x350
[ 92.767952][ T6596] ? __pfx_do_futex+0x10/0x10
[ 92.767968][ T6596] arch_do_signal_or_restart+0x8f/0x7d0
[ 92.767982][ T6596] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 92.767998][ T6596] ? xfd_validate_state+0x61/0x180
[ 92.768013][ T6596] ? __pfx_do_preadv+0x10/0x10
[ 92.768030][ T6596] exit_to_user_mode_loop+0x84/0x110
[ 92.768040][ T6596] do_syscall_64+0x3f6/0x4c0
[ 92.768055][ T6596] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.768066][ T6596] RIP: 0033:0x7fac75f8e969
[ 92.768073][ T6596] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 92.768078][ T6596] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 92.768088][ T6596] RAX: 0000000000000001 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 92.768094][ T6596] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fac761b5fac
[ 92.768101][ T6596] RBP: 00007fac761b5fa0 R08: 00007fac76df2000 R09: 0000000000000000
[ 92.768107][ T6596] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fac761b5fac
[ 92.768113][ T6596] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 92.768122][ T6596]
[ 92.799759][ T6599] BUG: Bad page state in process syz.0.39 pfn:57e01
[ 92.894633][ T6599] page does not match folio
[ 92.896521][ T6599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x57e01
[ 92.900509][ T6599] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 92.903379][ T6599] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 92.906745][ T6599] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 92.910081][ T6599] page dumped because: nonzero pincount
[ 92.912323][ T6599] page_owner tracks the page as allocated
[ 92.914566][ T6599] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6598, tgid 6598 (syz.0.39), ts 92775016719, free_ts 92768148260
[ 92.922364][ T6599] post_alloc_hook+0x1c0/0x230
[ 92.924348][ T6599] get_page_from_freelist+0x132b/0x38e0
[ 92.926183][ T6599] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 92.927977][ T6599] alloc_pages_mpol+0x1fb/0x550
[ 92.929443][ T6599] folio_alloc_noprof+0x20/0x2d0
[ 92.930906][ T6599] filemap_alloc_folio_noprof+0x3a1/0x470
[ 92.932585][ T6599] page_cache_ra_order+0x4e1/0xd70
[ 92.934138][ T6599] filemap_fault+0x1b4b/0x2930
[ 92.935718][ T6599] __do_fault+0x10a/0x490
[ 92.937465][ T6599] do_pte_missing+0x1a6/0x3ba0
[ 92.938905][ T6599] __handle_mm_fault+0x152a/0x2a50
[ 92.940432][ T6599] handle_mm_fault+0x589/0xd10
[ 92.941897][ T6599] do_user_addr_fault+0x60c/0x1370
[ 92.943434][ T6599] exc_page_fault+0x5c/0xb0
[ 92.944833][ T6599] asm_exc_page_fault+0x26/0x30
[ 92.946281][ T6599] page last free pid 6596 tgid 6595 stack trace:
[ 92.948262][ T6599] free_unref_folios+0xa61/0x16b0
[ 92.949761][ T6599] folios_put_refs+0x56f/0x740
[ 92.951151][ T6599] truncate_inode_pages_range+0x311/0xe50
[ 92.952819][ T6599] blkdev_flush_mapping+0xfb/0x290
[ 92.954324][ T6599] blkdev_put_whole+0xc4/0xf0
[ 92.955704][ T6599] bdev_release+0x47e/0x6d0
[ 92.957110][ T6599] blkdev_release+0x15/0x20
[ 92.958477][ T6599] __fput+0x3ff/0xb70
[ 92.959674][ T6599] task_work_run+0x14d/0x240
[ 92.961063][ T6599] do_exit+0x86f/0x2bf0
[ 92.962283][ T6599] do_group_exit+0xd3/0x2a0
[ 92.963627][ T6599] get_signal+0x2673/0x26d0
[ 92.964963][ T6599] arch_do_signal_or_restart+0x8f/0x7d0
[ 92.966633][ T6599] exit_to_user_mode_loop+0x84/0x110
[ 92.968191][ T6599] do_syscall_64+0x3f6/0x4c0
[ 92.969589][ T6599] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.971305][ T6599] Modules linked in:
[ 92.972509][ T6599] CPU: 1 UID: 0 PID: 6599 Comm: syz.0.39 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 92.972526][ T6599] Tainted: [B]=BAD_PAGE
[ 92.972530][ T6599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.972537][ T6599] Call Trace:
[ 92.972541][ T6599]
[ 92.972545][ T6599] dump_stack_lvl+0x16c/0x1f0
[ 92.972561][ T6599] bad_page+0xcf/0x220
[ 92.972573][ T6599] ? __pfx_bad_page+0x10/0x10
[ 92.972584][ T6599] free_tail_page_prepare+0x44f/0x5b0
[ 92.972598][ T6599] __free_frozen_pages+0xbae/0x10f0
[ 92.972615][ T6599] __folio_put+0x329/0x450
[ 92.972626][ T6599] ? __pfx___folio_put+0x10/0x10
[ 92.972636][ T6599] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 92.972648][ T6599] ? rcu_is_watching+0x12/0xc0
[ 92.972661][ T6599] ? lock_release+0x201/0x2f0
[ 92.972677][ T6599] filemap_free_folio+0x132/0x170
[ 92.972687][ T6599] delete_from_page_cache_batch+0x741/0x9b0
[ 92.972700][ T6599] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 92.972712][ T6599] ? __pfx_workingset_update_node+0x10/0x10
[ 92.972737][ T6599] ? xas_move_index+0xb0/0x110
[ 92.972755][ T6599] truncate_inode_pages_range+0x279/0xe50
[ 92.972770][ T6599] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 92.972788][ T6599] ? rcu_is_watching+0x12/0xc0
[ 92.972800][ T6599] ? has_bh_in_lru+0x9d/0x100
[ 92.972810][ T6599] ? smp_call_function_many_cond+0x457/0x1600
[ 92.972829][ T6599] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.972841][ T6599] ? __pfx_has_bh_in_lru+0x10/0x10
[ 92.972852][ T6599] blkdev_flush_mapping+0xfb/0x290
[ 92.972863][ T6599] ? filemap_check_errors+0xa9/0x160
[ 92.972878][ T6599] blkdev_put_whole+0xc4/0xf0
[ 92.972890][ T6599] bdev_release+0x47e/0x6d0
[ 92.972903][ T6599] ? __pfx_blkdev_release+0x10/0x10
[ 92.972916][ T6599] blkdev_release+0x15/0x20
[ 92.972928][ T6599] __fput+0x3ff/0xb70
[ 92.972942][ T6599] task_work_run+0x14d/0x240
[ 92.972954][ T6599] ? __pfx_task_work_run+0x10/0x10
[ 92.972965][ T6599] ? do_raw_spin_unlock+0x172/0x230
[ 92.972976][ T6599] do_exit+0x86f/0x2bf0
[ 92.972991][ T6599] ? futex_private_hash_put+0x112/0x300
[ 92.973005][ T6599] ? rcu_is_watching+0x12/0xc0
[ 92.973017][ T6599] ? __pfx_do_exit+0x10/0x10
[ 92.973036][ T6599] ? do_raw_spin_lock+0x12c/0x2b0
[ 92.973046][ T6599] ? get_signal+0x8f5/0x26d0
[ 92.973059][ T6599] ? rcu_is_watching+0x12/0xc0
[ 92.973071][ T6599] do_group_exit+0xd3/0x2a0
[ 92.973087][ T6599] get_signal+0x2673/0x26d0
[ 92.973099][ T6599] ? rcu_is_watching+0x12/0xc0
[ 92.973113][ T6599] ? __pfx_get_signal+0x10/0x10
[ 92.973128][ T6599] ? do_futex+0x122/0x350
[ 92.973143][ T6599] ? __pfx_do_futex+0x10/0x10
[ 92.973158][ T6599] arch_do_signal_or_restart+0x8f/0x7d0
[ 92.973172][ T6599] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 92.973187][ T6599] ? xfd_validate_state+0x61/0x180
[ 92.973203][ T6599] ? __pfx_do_preadv+0x10/0x10
[ 92.973220][ T6599] exit_to_user_mode_loop+0x84/0x110
[ 92.973230][ T6599] do_syscall_64+0x3f6/0x4c0
[ 92.973245][ T6599] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.973255][ T6599] RIP: 0033:0x7fac75f8e969
[ 92.973264][ T6599] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 92.973268][ T6599] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 92.973278][ T6599] RAX: 0000000000000001 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 92.973285][ T6599] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fac761b5fac
[ 92.973291][ T6599] RBP: 00007fac761b5fa0 R08: 00007fac76df2000 R09: 0000000000000000
[ 92.973298][ T6599] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fac761b5fac
[ 92.973304][ T6599] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 92.973313][ T6599]
[ 92.973329][ T6599] BUG: Bad page state in process syz.0.39 pfn:57e00
[ 93.079878][ T6599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57e00
[ 93.082352][ T6599] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 93.084755][ T6599] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 93.087640][ T6599] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 93.090089][ T6599] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 93.092578][ T6599] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 93.095069][ T6599] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 93.097581][ T6599] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 93.100004][ T6599] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 93.102471][ T6599] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 93.104494][ T6599] page_owner tracks the page as allocated
[ 93.106125][ T6599] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6598, tgid 6598 (syz.0.39), ts 92775016719, free_ts 92768148260
[ 93.111763][ T6599] post_alloc_hook+0x1c0/0x230
[ 93.113157][ T6599] get_page_from_freelist+0x132b/0x38e0
[ 93.114725][ T6599] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 93.116464][ T6599] alloc_pages_mpol+0x1fb/0x550
[ 93.117853][ T6599] folio_alloc_noprof+0x20/0x2d0
[ 93.119261][ T6599] filemap_alloc_folio_noprof+0x3a1/0x470
[ 93.120866][ T6599] page_cache_ra_order+0x4e1/0xd70
[ 93.122362][ T6599] filemap_fault+0x1b4b/0x2930
[ 93.123750][ T6599] __do_fault+0x10a/0x490
[ 93.125077][ T6599] do_pte_missing+0x1a6/0x3ba0
[ 93.126580][ T6599] __handle_mm_fault+0x152a/0x2a50
[ 93.128126][ T6599] handle_mm_fault+0x589/0xd10
[ 93.129567][ T6599] do_user_addr_fault+0x60c/0x1370
[ 93.131107][ T6599] exc_page_fault+0x5c/0xb0
[ 93.132430][ T6599] asm_exc_page_fault+0x26/0x30
[ 93.133847][ T6599] page last free pid 6596 tgid 6595 stack trace:
[ 93.135935][ T6599] free_unref_folios+0xa61/0x16b0
[ 93.137987][ T6599] folios_put_refs+0x56f/0x740
[ 93.140154][ T6599] truncate_inode_pages_range+0x311/0xe50
[ 93.142448][ T6599] blkdev_flush_mapping+0xfb/0x290
[ 93.144497][ T6599] blkdev_put_whole+0xc4/0xf0
[ 93.146441][ T6599] bdev_release+0x47e/0x6d0
[ 93.147906][ T6599] blkdev_release+0x15/0x20
[ 93.149317][ T6599] __fput+0x3ff/0xb70
[ 93.150819][ T6599] task_work_run+0x14d/0x240
[ 93.152669][ T6599] do_exit+0x86f/0x2bf0
[ 93.154365][ T6599] do_group_exit+0xd3/0x2a0
[ 93.156187][ T6599] get_signal+0x2673/0x26d0
[ 93.158116][ T6599] arch_do_signal_or_restart+0x8f/0x7d0
[ 93.160307][ T6599] exit_to_user_mode_loop+0x84/0x110
[ 93.162411][ T6599] do_syscall_64+0x3f6/0x4c0
[ 93.164245][ T6599] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.166673][ T6599] Modules linked in:
[ 93.168237][ T6599] CPU: 1 UID: 0 PID: 6599 Comm: syz.0.39 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 93.168264][ T6599] Tainted: [B]=BAD_PAGE
[ 93.168270][ T6599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.168280][ T6599] Call Trace:
[ 93.168287][ T6599]
[ 93.168293][ T6599] dump_stack_lvl+0x16c/0x1f0
[ 93.168318][ T6599] bad_page+0xcf/0x220
[ 93.168336][ T6599] ? __pfx_bad_page+0x10/0x10
[ 93.168354][ T6599] ? page_bad_reason+0x9d/0x1f0
[ 93.168372][ T6599] __free_frozen_pages+0x7f7/0x10f0
[ 93.168399][ T6599] __folio_put+0x329/0x450
[ 93.168417][ T6599] ? __pfx___folio_put+0x10/0x10
[ 93.168434][ T6599] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 93.168452][ T6599] ? rcu_is_watching+0x12/0xc0
[ 93.168473][ T6599] ? lock_release+0x201/0x2f0
[ 93.168499][ T6599] filemap_free_folio+0x132/0x170
[ 93.168515][ T6599] delete_from_page_cache_batch+0x741/0x9b0
[ 93.168534][ T6599] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 93.168554][ T6599] ? __pfx_workingset_update_node+0x10/0x10
[ 93.168571][ T6599] ? xas_move_index+0xb0/0x110
[ 93.168596][ T6599] truncate_inode_pages_range+0x279/0xe50
[ 93.168620][ T6599] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 93.168649][ T6599] ? rcu_is_watching+0x12/0xc0
[ 93.168668][ T6599] ? has_bh_in_lru+0x9d/0x100
[ 93.168685][ T6599] ? smp_call_function_many_cond+0x457/0x1600
[ 93.168717][ T6599] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 93.168756][ T6599] ? __pfx_has_bh_in_lru+0x10/0x10
[ 93.168774][ T6599] blkdev_flush_mapping+0xfb/0x290
[ 93.168793][ T6599] ? filemap_check_errors+0xa9/0x160
[ 93.168816][ T6599] blkdev_put_whole+0xc4/0xf0
[ 93.168834][ T6599] bdev_release+0x47e/0x6d0
[ 93.168855][ T6599] ? __pfx_blkdev_release+0x10/0x10
[ 93.168875][ T6599] blkdev_release+0x15/0x20
[ 93.168895][ T6599] __fput+0x3ff/0xb70
[ 93.168918][ T6599] task_work_run+0x14d/0x240
[ 93.168936][ T6599] ? __pfx_task_work_run+0x10/0x10
[ 93.168953][ T6599] ? do_raw_spin_unlock+0x172/0x230
[ 93.168971][ T6599] do_exit+0x86f/0x2bf0
[ 93.168995][ T6599] ? futex_private_hash_put+0x112/0x300
[ 93.169017][ T6599] ? rcu_is_watching+0x12/0xc0
[ 93.169043][ T6599] ? __pfx_do_exit+0x10/0x10
[ 93.169066][ T6599] ? do_raw_spin_lock+0x12c/0x2b0
[ 93.169082][ T6599] ? get_signal+0x8f5/0x26d0
[ 93.169101][ T6599] ? rcu_is_watching+0x12/0xc0
[ 93.169121][ T6599] do_group_exit+0xd3/0x2a0
[ 93.169145][ T6599] get_signal+0x2673/0x26d0
[ 93.169165][ T6599] ? rcu_is_watching+0x12/0xc0
[ 93.169187][ T6599] ? __pfx_get_signal+0x10/0x10
[ 93.169207][ T6599] ? do_futex+0x122/0x350
[ 93.169231][ T6599] ? __pfx_do_futex+0x10/0x10
[ 93.169256][ T6599] arch_do_signal_or_restart+0x8f/0x7d0
[ 93.169279][ T6599] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 93.169303][ T6599] ? xfd_validate_state+0x61/0x180
[ 93.169328][ T6599] ? __pfx_do_preadv+0x10/0x10
[ 93.169354][ T6599] exit_to_user_mode_loop+0x84/0x110
[ 93.169370][ T6599] do_syscall_64+0x3f6/0x4c0
[ 93.169394][ T6599] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.169410][ T6599] RIP: 0033:0x7fac75f8e969
[ 93.169422][ T6599] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 93.169430][ T6599] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 93.169445][ T6599] RAX: 0000000000000001 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 93.169456][ T6599] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fac761b5fac
[ 93.169465][ T6599] RBP: 00007fac761b5fa0 R08: 00007fac76df2000 R09: 0000000000000000
[ 93.169476][ T6599] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fac761b5fac
[ 93.169486][ T6599] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 93.169501][ T6599]
[ 93.322575][ T6604] BUG: Bad page state in process syz.0.41 pfn:58001
[ 93.325082][ T6604] page does not match folio
[ 93.326750][ T6604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x58001
[ 93.329846][ T6604] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 93.332100][ T6604] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 93.335166][ T6604] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 93.340599][ T6604] page dumped because: nonzero pincount
[ 93.342279][ T6604] page_owner tracks the page as allocated
[ 93.343993][ T6604] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6604, tgid 6604 (syz.0.41), ts 93304198859, free_ts 93298605788
[ 93.349853][ T6604] post_alloc_hook+0x1c0/0x230
[ 93.351293][ T6604] get_page_from_freelist+0x132b/0x38e0
[ 93.352972][ T6604] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 93.354731][ T6604] alloc_pages_mpol+0x1fb/0x550
[ 93.356209][ T6604] folio_alloc_noprof+0x20/0x2d0
[ 93.360533][ T6604] filemap_alloc_folio_noprof+0x3a1/0x470
[ 93.362380][ T6604] page_cache_ra_order+0x4e1/0xd70
[ 93.364084][ T6604] filemap_fault+0x1b4b/0x2930
[ 93.365646][ T6604] __do_fault+0x10a/0x490
[ 93.367042][ T6604] do_pte_missing+0x1a6/0x3ba0
[ 93.368533][ T6604] __handle_mm_fault+0x152a/0x2a50
[ 93.370140][ T6604] handle_mm_fault+0x589/0xd10
[ 93.371634][ T6604] do_user_addr_fault+0x60c/0x1370
[ 93.373209][ T6604] exc_page_fault+0x5c/0xb0
[ 93.374627][ T6604] asm_exc_page_fault+0x26/0x30
[ 93.376134][ T6604] page last free pid 6602 tgid 6601 stack trace:
[ 93.378109][ T6604] free_unref_folios+0xa61/0x16b0
[ 93.379687][ T6604] folios_put_refs+0x56f/0x740
[ 93.381203][ T6604] truncate_inode_pages_range+0x311/0xe50
[ 93.382921][ T6604] blkdev_flush_mapping+0xfb/0x290
[ 93.384515][ T6604] blkdev_put_whole+0xc4/0xf0
[ 93.385975][ T6604] bdev_release+0x47e/0x6d0
[ 93.387385][ T6604] blkdev_release+0x15/0x20
[ 93.388779][ T6604] __fput+0x3ff/0xb70
[ 93.389993][ T6604] task_work_run+0x14d/0x240
[ 93.391374][ T6604] do_exit+0x86f/0x2bf0
[ 93.392608][ T6604] do_group_exit+0xd3/0x2a0
[ 93.393963][ T6604] get_signal+0x2673/0x26d0
[ 93.395304][ T6604] arch_do_signal_or_restart+0x8f/0x7d0
[ 93.397012][ T6604] exit_to_user_mode_loop+0x84/0x110
[ 93.398599][ T6604] do_syscall_64+0x3f6/0x4c0
[ 93.399977][ T6604] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.401723][ T6604] Modules linked in:
[ 93.402884][ T6604] CPU: 0 UID: 0 PID: 6604 Comm: syz.0.41 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 93.402901][ T6604] Tainted: [B]=BAD_PAGE
[ 93.402906][ T6604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.402912][ T6604] Call Trace:
[ 93.402917][ T6604]
[ 93.402921][ T6604] dump_stack_lvl+0x16c/0x1f0
[ 93.402940][ T6604] bad_page+0xcf/0x220
[ 93.402952][ T6604] ? __pfx_bad_page+0x10/0x10
[ 93.402964][ T6604] free_tail_page_prepare+0x44f/0x5b0
[ 93.402979][ T6604] __free_frozen_pages+0xbae/0x10f0
[ 93.402996][ T6604] __folio_put+0x329/0x450
[ 93.403006][ T6604] ? __pfx___folio_put+0x10/0x10
[ 93.403017][ T6604] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 93.403028][ T6604] ? rcu_is_watching+0x12/0xc0
[ 93.403041][ T6604] ? lock_release+0x201/0x2f0
[ 93.403057][ T6604] filemap_free_folio+0x132/0x170
[ 93.403068][ T6604] delete_from_page_cache_batch+0x741/0x9b0
[ 93.403080][ T6604] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 93.403092][ T6604] ? __pfx_workingset_update_node+0x10/0x10
[ 93.403103][ T6604] ? xas_move_index+0xb0/0x110
[ 93.403118][ T6604] truncate_inode_pages_range+0x279/0xe50
[ 93.403133][ T6604] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 93.403151][ T6604] ? rcu_is_watching+0x12/0xc0
[ 93.403163][ T6604] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 93.403175][ T6604] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 93.403188][ T6604] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 93.403200][ T6604] ? smp_call_function_many_cond+0x457/0x1600
[ 93.403219][ T6604] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 93.403231][ T6604] ? __pfx_has_bh_in_lru+0x10/0x10
[ 93.403242][ T6604] blkdev_flush_mapping+0xfb/0x290
[ 93.403256][ T6604] blkdev_put_whole+0xc4/0xf0
[ 93.403267][ T6604] bdev_release+0x47e/0x6d0
[ 93.403280][ T6604] ? __pfx_blkdev_release+0x10/0x10
[ 93.403294][ T6604] blkdev_release+0x15/0x20
[ 93.403307][ T6604] __fput+0x3ff/0xb70
[ 93.403321][ T6604] task_work_run+0x14d/0x240
[ 93.403332][ T6604] ? __pfx_task_work_run+0x10/0x10
[ 93.403343][ T6604] ? do_raw_spin_unlock+0x172/0x230
[ 93.403355][ T6604] do_exit+0x86f/0x2bf0
[ 93.403371][ T6604] ? __pfx_do_exit+0x10/0x10
[ 93.403386][ T6604] ? preempt_schedule_thunk+0x16/0x30
[ 93.403402][ T6604] do_group_exit+0xd3/0x2a0
[ 93.403418][ T6604] __x64_sys_exit_group+0x3e/0x50
[ 93.403434][ T6604] x64_sys_call+0x14fa/0x1720
[ 93.403446][ T6604] do_syscall_64+0xcd/0x4c0
[ 93.403461][ T6604] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.403471][ T6604] RIP: 0033:0x7fac75f8e969
[ 93.403480][ T6604] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 93.403484][ T6604] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 93.403495][ T6604] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 93.403502][ T6604] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 93.403508][ T6604] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 93.403514][ T6604] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000019
[ 93.403521][ T6604] R13: 00000000000927c0 R14: 0000000000016c03 R15: 00007ffcdde9e150
[ 93.403530][ T6604]
[ 93.403545][ T6604] BUG: Bad page state in process syz.0.41 pfn:58000
[ 93.495834][ T6604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x58000
[ 93.498504][ T6604] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 93.500956][ T6604] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 93.503797][ T6604] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 93.506320][ T6604] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 93.508956][ T6604] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 93.511486][ T6604] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 93.514017][ T6604] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 93.516653][ T6604] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 93.519239][ T6604] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 93.521362][ T6604] page_owner tracks the page as allocated
[ 93.523025][ T6604] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6604, tgid 6604 (syz.0.41), ts 93304198859, free_ts 93298605788
[ 93.528794][ T6604] post_alloc_hook+0x1c0/0x230
[ 93.530216][ T6604] get_page_from_freelist+0x132b/0x38e0
[ 93.531842][ T6604] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 93.533578][ T6604] alloc_pages_mpol+0x1fb/0x550
[ 93.535024][ T6604] folio_alloc_noprof+0x20/0x2d0
[ 93.536529][ T6604] filemap_alloc_folio_noprof+0x3a1/0x470
[ 93.538214][ T6604] page_cache_ra_order+0x4e1/0xd70
[ 93.539714][ T6604] filemap_fault+0x1b4b/0x2930
[ 93.541131][ T6604] __do_fault+0x10a/0x490
[ 93.542420][ T6604] do_pte_missing+0x1a6/0x3ba0
[ 93.543849][ T6604] __handle_mm_fault+0x152a/0x2a50
[ 93.545380][ T6604] handle_mm_fault+0x589/0xd10
[ 93.547033][ T6604] do_user_addr_fault+0x60c/0x1370
[ 93.548604][ T6604] exc_page_fault+0x5c/0xb0
[ 93.550242][ T6604] asm_exc_page_fault+0x26/0x30
[ 93.552089][ T6604] page last free pid 6602 tgid 6601 stack trace:
[ 93.554213][ T6604] free_unref_folios+0xa61/0x16b0
[ 93.555706][ T6604] folios_put_refs+0x56f/0x740
[ 93.557206][ T6604] truncate_inode_pages_range+0x311/0xe50
[ 93.558883][ T6604] blkdev_flush_mapping+0xfb/0x290
[ 93.560403][ T6604] blkdev_put_whole+0xc4/0xf0
[ 93.561972][ T6604] bdev_release+0x47e/0x6d0
[ 93.563340][ T6604] blkdev_release+0x15/0x20
[ 93.564678][ T6604] __fput+0x3ff/0xb70
[ 93.565886][ T6604] task_work_run+0x14d/0x240
[ 93.567323][ T6604] do_exit+0x86f/0x2bf0
[ 93.568657][ T6604] do_group_exit+0xd3/0x2a0
[ 93.570042][ T6604] get_signal+0x2673/0x26d0
[ 93.571432][ T6604] arch_do_signal_or_restart+0x8f/0x7d0
[ 93.573083][ T6604] exit_to_user_mode_loop+0x84/0x110
[ 93.574655][ T6604] do_syscall_64+0x3f6/0x4c0
[ 93.576009][ T6604] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.577846][ T6604] Modules linked in:
[ 93.579030][ T6604] CPU: 0 UID: 0 PID: 6604 Comm: syz.0.41 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 93.579046][ T6604] Tainted: [B]=BAD_PAGE
[ 93.579050][ T6604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.579057][ T6604] Call Trace:
[ 93.579060][ T6604]
[ 93.579064][ T6604] dump_stack_lvl+0x16c/0x1f0
[ 93.579080][ T6604] bad_page+0xcf/0x220
[ 93.579092][ T6604] ? __pfx_bad_page+0x10/0x10
[ 93.579103][ T6604] ? page_bad_reason+0x9d/0x1f0
[ 93.579114][ T6604] __free_frozen_pages+0x7f7/0x10f0
[ 93.579131][ T6604] __folio_put+0x329/0x450
[ 93.579142][ T6604] ? __pfx___folio_put+0x10/0x10
[ 93.579152][ T6604] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 93.579163][ T6604] ? rcu_is_watching+0x12/0xc0
[ 93.579176][ T6604] ? lock_release+0x201/0x2f0
[ 93.579193][ T6604] filemap_free_folio+0x132/0x170
[ 93.579203][ T6604] delete_from_page_cache_batch+0x741/0x9b0
[ 93.579215][ T6604] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 93.579227][ T6604] ? __pfx_workingset_update_node+0x10/0x10
[ 93.579238][ T6604] ? xas_move_index+0xb0/0x110
[ 93.579254][ T6604] truncate_inode_pages_range+0x279/0xe50
[ 93.579269][ T6604] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 93.579286][ T6604] ? rcu_is_watching+0x12/0xc0
[ 93.579298][ T6604] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 93.579310][ T6604] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 93.579323][ T6604] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 93.579335][ T6604] ? smp_call_function_many_cond+0x457/0x1600
[ 93.579353][ T6604] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 93.579365][ T6604] ? __pfx_has_bh_in_lru+0x10/0x10
[ 93.579376][ T6604] blkdev_flush_mapping+0xfb/0x290
[ 93.579389][ T6604] blkdev_put_whole+0xc4/0xf0
[ 93.579400][ T6604] bdev_release+0x47e/0x6d0
[ 93.579413][ T6604] ? __pfx_blkdev_release+0x10/0x10
[ 93.579427][ T6604] blkdev_release+0x15/0x20
[ 93.579439][ T6604] __fput+0x3ff/0xb70
[ 93.579453][ T6604] task_work_run+0x14d/0x240
[ 93.579464][ T6604] ? __pfx_task_work_run+0x10/0x10
[ 93.579476][ T6604] ? do_raw_spin_unlock+0x172/0x230
[ 93.579487][ T6604] do_exit+0x86f/0x2bf0
[ 93.579503][ T6604] ? __pfx_do_exit+0x10/0x10
[ 93.579518][ T6604] ? preempt_schedule_thunk+0x16/0x30
[ 93.579534][ T6604] do_group_exit+0xd3/0x2a0
[ 93.579550][ T6604] __x64_sys_exit_group+0x3e/0x50
[ 93.579566][ T6604] x64_sys_call+0x14fa/0x1720
[ 93.579578][ T6604] do_syscall_64+0xcd/0x4c0
[ 93.579592][ T6604] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.579603][ T6604] RIP: 0033:0x7fac75f8e969
[ 93.579611][ T6604] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 93.579615][ T6604] RSP: 002b:00007ffcdde9e098 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 93.579626][ T6604] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fac75f8e969
[ 93.579632][ T6604] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 93.579639][ T6604] RBP: 00007ffcdde9e0fc R08: 00000016dde9e18f R09: 00000000000927c0
[ 93.579645][ T6604] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000019
[ 93.579651][ T6604] R13: 00000000000927c0 R14: 0000000000016c03 R15: 00007ffcdde9e150
[ 93.579660][ T6604]
[ 93.695185][ T6607] BUG: Bad page state in process syz.0.42 pfn:58201
[ 93.697448][ T6607] page does not match folio
[ 93.698799][ T6607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x58201
[ 93.701876][ T6607] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 93.704129][ T6607] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 93.706688][ T6607] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 93.709175][ T6607] page dumped because: nonzero pincount
[ 93.711141][ T6607] page_owner tracks the page as allocated
[ 93.713123][ T6607] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6606, tgid 6606 (syz.0.42), ts 93585384523, free_ts 93579687662
[ 93.719458][ T6607] post_alloc_hook+0x1c0/0x230
[ 93.720941][ T6607] get_page_from_freelist+0x132b/0x38e0
[ 93.722632][ T6607] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 93.724386][ T6607] alloc_pages_mpol+0x1fb/0x550
[ 93.725833][ T6607] folio_alloc_noprof+0x20/0x2d0
[ 93.727338][ T6607] filemap_alloc_folio_noprof+0x3a1/0x470
[ 93.729011][ T6607] page_cache_ra_order+0x4e1/0xd70
[ 93.730681][ T6607] filemap_fault+0x1b4b/0x2930
[ 93.732126][ T6607] __do_fault+0x10a/0x490
[ 93.733432][ T6607] do_pte_missing+0x1a6/0x3ba0
[ 93.734896][ T6607] __handle_mm_fault+0x152a/0x2a50
[ 93.736506][ T6607] handle_mm_fault+0x589/0xd10
[ 93.737992][ T6607] do_user_addr_fault+0x60c/0x1370
[ 93.739555][ T6607] exc_page_fault+0x5c/0xb0
[ 93.740999][ T6607] asm_exc_page_fault+0x26/0x30
[ 93.742441][ T6607] page last free pid 6604 tgid 6604 stack trace:
[ 93.744290][ T6607] free_unref_folios+0xa61/0x16b0
[ 93.745799][ T6607] folios_put_refs+0x56f/0x740
[ 93.750383][ T6607] truncate_inode_pages_range+0x311/0xe50
[ 93.752187][ T6607] blkdev_flush_mapping+0xfb/0x290
[ 93.753874][ T6607] blkdev_put_whole+0xc4/0xf0
[ 93.755355][ T6607] bdev_release+0x47e/0x6d0
[ 93.756800][ T6607] blkdev_release+0x15/0x20
[ 93.758185][ T6607] __fput+0x3ff/0xb70
[ 93.759389][ T6607] task_work_run+0x14d/0x240
[ 93.760822][ T6607] do_exit+0x86f/0x2bf0
[ 93.762109][ T6607] do_group_exit+0xd3/0x2a0
[ 93.763537][ T6607] __x64_sys_exit_group+0x3e/0x50
[ 93.765087][ T6607] x64_sys_call+0x14fa/0x1720
[ 93.766600][ T6607] do_syscall_64+0xcd/0x4c0
[ 93.768000][ T6607] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.769886][ T6607] Modules linked in:
[ 93.771150][ T6607] CPU: 1 UID: 0 PID: 6607 Comm: syz.0.42 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 93.771168][ T6607] Tainted: [B]=BAD_PAGE
[ 93.771171][ T6607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.771178][ T6607] Call Trace:
[ 93.771182][ T6607]
[ 93.771186][ T6607] dump_stack_lvl+0x16c/0x1f0
[ 93.771203][ T6607] bad_page+0xcf/0x220
[ 93.771215][ T6607] ? __pfx_bad_page+0x10/0x10
[ 93.771226][ T6607] free_tail_page_prepare+0x44f/0x5b0
[ 93.771241][ T6607] __free_frozen_pages+0xbae/0x10f0
[ 93.771257][ T6607] __folio_put+0x329/0x450
[ 93.771272][ T6607] ? __pfx___folio_put+0x10/0x10
[ 93.771283][ T6607] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 93.771295][ T6607] ? rcu_is_watching+0x12/0xc0
[ 93.771307][ T6607] ? lock_release+0x201/0x2f0
[ 93.771323][ T6607] filemap_free_folio+0x132/0x170
[ 93.771333][ T6607] delete_from_page_cache_batch+0x741/0x9b0
[ 93.771346][ T6607] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 93.771358][ T6607] ? __pfx_workingset_update_node+0x10/0x10
[ 93.771369][ T6607] ? xas_move_index+0xb0/0x110
[ 93.771384][ T6607] truncate_inode_pages_range+0x279/0xe50
[ 93.771399][ T6607] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 93.771417][ T6607] ? rcu_is_watching+0x12/0xc0
[ 93.771429][ T6607] ? has_bh_in_lru+0x9d/0x100
[ 93.771440][ T6607] ? smp_call_function_many_cond+0x457/0x1600
[ 93.771459][ T6607] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 93.771471][ T6607] ? __pfx_has_bh_in_lru+0x10/0x10
[ 93.771482][ T6607] blkdev_flush_mapping+0xfb/0x290
[ 93.771494][ T6607] ? filemap_check_errors+0xa9/0x160
[ 93.771509][ T6607] blkdev_put_whole+0xc4/0xf0
[ 93.771520][ T6607] bdev_release+0x47e/0x6d0
[ 93.771533][ T6607] ? __pfx_blkdev_release+0x10/0x10
[ 93.771546][ T6607] blkdev_release+0x15/0x20
[ 93.771559][ T6607] __fput+0x3ff/0xb70
[ 93.771573][ T6607] task_work_run+0x14d/0x240
[ 93.771584][ T6607] ? __pfx_task_work_run+0x10/0x10
[ 93.771595][ T6607] ? do_raw_spin_unlock+0x172/0x230
[ 93.771607][ T6607] do_exit+0x86f/0x2bf0
[ 93.771622][ T6607] ? futex_private_hash_put+0x112/0x300
[ 93.771636][ T6607] ? rcu_is_watching+0x12/0xc0
[ 93.771649][ T6607] ? __pfx_do_exit+0x10/0x10
[ 93.771664][ T6607] ? do_raw_spin_lock+0x12c/0x2b0
[ 93.771675][ T6607] ? get_signal+0x8f5/0x26d0
[ 93.771687][ T6607] ? rcu_is_watching+0x12/0xc0
[ 93.771700][ T6607] do_group_exit+0xd3/0x2a0
[ 93.771716][ T6607] get_signal+0x2673/0x26d0
[ 93.771728][ T6607] ? rcu_is_watching+0x12/0xc0
[ 93.771742][ T6607] ? __pfx_get_signal+0x10/0x10
[ 93.771755][ T6607] ? do_futex+0x122/0x350
[ 93.771770][ T6607] ? __pfx_do_futex+0x10/0x10
[ 93.771786][ T6607] arch_do_signal_or_restart+0x8f/0x7d0
[ 93.771801][ T6607] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 93.771816][ T6607] ? xfd_validate_state+0x61/0x180
[ 93.771832][ T6607] ? __pfx_do_preadv+0x10/0x10
[ 93.771849][ T6607] exit_to_user_mode_loop+0x84/0x110
[ 93.771860][ T6607] do_syscall_64+0x3f6/0x4c0
[ 93.771875][ T6607] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.771886][ T6607] RIP: 0033:0x7fac75f8e969
[ 93.771893][ T6607] Code: Unable to access opcode bytes at 0x7fac75f8e93f.
[ 93.771898][ T6607] RSP: 002b:00007fac76df10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 93.771908][ T6607] RAX: 0000000000000001 RBX: 00007fac761b5fa8 RCX: 00007fac75f8e969
[ 93.771915][ T6607] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fac761b5fac
[ 93.771921][ T6607] RBP: 00007fac761b5fa0 R08: 00007fac76df2000 R09: 0000000000000000
[ 93.771928][ T6607] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fac761b5fac
[ 93.771934][ T6607] R13: 0000000000000000 R14: 00007ffcdde9dc50 R15: 00007ffcdde9dd38
[ 93.771943][ T6607]
[ 93.771958][ T6607] BUG: Bad page state in process syz.0.42 pfn:58200
[ 93.883541][ T6607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x58200
[ 93.887161][ T6607] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 93.890121][ T6607] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 93.893535][ T6607] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 93.896644][ T6607] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 93.899642][ T6607] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 93.902600][ T6607] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 93.905508][ T6607] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000