Warning: Permanently added '[localhost]:16500' (ED25519) to the list of known hosts.
2025/08/02 21:52:08 ignoring optional flag "sandboxArg"="0"
2025/08/02 21:52:09 parsed 1 programs
[  133.306336][ T5662] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  137.941406][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  137.944825][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  139.935951][ T5719] chnl_net:caif_netlink_parms(): no params data found
[  140.004372][ T5719] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.008885][ T5719] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.012143][ T5719] bridge_slave_0: entered allmulticast mode
[  140.016317][ T5719] bridge_slave_0: entered promiscuous mode
[  140.022797][ T5719] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.026119][ T5719] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.029997][ T5719] bridge_slave_1: entered allmulticast mode
[  140.034132][ T5719] bridge_slave_1: entered promiscuous mode
[  140.061519][ T5719] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  140.068676][ T5719] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  140.093930][ T5719] team0: Port device team_slave_0 added
[  140.100658][ T5719] team0: Port device team_slave_1 added
[  140.125844][ T5719] batman_adv: batadv0: Adding interface: batadv_slave_0
[  140.129351][ T5719] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.141581][ T5719] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  140.148276][ T5719] batman_adv: batadv0: Adding interface: batadv_slave_1
[  140.151601][ T5719] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.163847][ T5719] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  140.203861][ T5719] hsr_slave_0: entered promiscuous mode
[  140.207728][ T5719] hsr_slave_1: entered promiscuous mode
[  140.844692][ T5719] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  140.868389][ T5719] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  140.881725][ T5719] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  140.906548][ T5719] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  141.089417][ T5719] 8021q: adding VLAN 0 to HW filter on device bond0
[  141.115120][ T5719] 8021q: adding VLAN 0 to HW filter on device team0
[  141.132018][ T3090] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.135798][ T3090] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.166152][ T3090] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.169526][ T3090] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.553765][ T5719] 8021q: adding VLAN 0 to HW filter on device batadv0
[  141.625117][ T5719] veth0_vlan: entered promiscuous mode
[  141.653310][ T5719] veth1_vlan: entered promiscuous mode
[  141.700435][ T5719] veth0_macvtap: entered promiscuous mode
[  141.720544][ T5719] veth1_macvtap: entered promiscuous mode
[  141.759528][ T5719] batman_adv: batadv0: Interface activated: batadv_slave_0
[  141.782363][ T5719] batman_adv: batadv0: Interface activated: batadv_slave_1
[  141.805143][ T3090] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.830092][ T3090] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.864293][ T1041] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.870632][ T1041] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  142.061778][ T3090] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.073352][   T45] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  142.078767][   T45] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  142.083415][   T45] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  142.091570][   T45] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  142.096015][   T45] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  142.186125][ T3090] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.278876][ T3090] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.353163][ T3090] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.800319][   T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  142.803800][   T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  142.866315][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  142.871866][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.837583][ T3090] bridge_slave_1: left allmulticast mode
[  143.843831][ T3090] bridge_slave_1: left promiscuous mode
[  143.846537][ T3090] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.877118][ T3090] bridge_slave_0: left allmulticast mode
[  143.884268][ T3090] bridge_slave_0: left promiscuous mode
[  143.897376][ T3090] bridge0: port 1(bridge_slave_0) entered disabled state
2025/08/02 21:52:25 executed programs: 0
[  144.883181][ T4701] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  144.889097][ T4701] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  144.892974][ T4701] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  144.897080][ T4701] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  144.902708][ T4701] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  144.924818][ T3090] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  144.939136][ T3090] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  144.958863][ T3090] bond0 (unregistering): Released all slaves
[  145.124885][ T3090] hsr_slave_0: left promiscuous mode
[  145.149245][ T3090] hsr_slave_1: left promiscuous mode
[  145.154257][ T3090] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  145.177436][ T3090] batman_adv: batadv0: Removing interface: batadv_slave_0
[  145.187790][ T3090] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  145.191159][ T3090] batman_adv: batadv0: Removing interface: batadv_slave_1
[  145.225429][ T3090] veth1_macvtap: left promiscuous mode
[  145.231783][ T3090] veth0_macvtap: left promiscuous mode
[  145.234997][ T3090] veth1_vlan: left promiscuous mode
[  145.252370][ T3090] veth0_vlan: left promiscuous mode
[  145.586678][ T3090] team0 (unregistering): Port device team_slave_1 removed
[  145.614502][ T3090] team0 (unregistering): Port device team_slave_0 removed
[  146.338940][ T5808] chnl_net:caif_netlink_parms(): no params data found
[  146.812964][ T5808] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.821538][ T5808] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.824919][ T5808] bridge_slave_0: entered allmulticast mode
[  146.859359][ T5808] bridge_slave_0: entered promiscuous mode
[  146.864416][ T5808] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.877398][ T5808] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.880946][ T5808] bridge_slave_1: entered allmulticast mode
[  146.889613][ T5808] bridge_slave_1: entered promiscuous mode
[  146.978952][ T4701] Bluetooth: hci0: command tx timeout
[  147.040961][ T5808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  147.080605][ T5808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  147.146072][ T5808] team0: Port device team_slave_0 added
[  147.151489][ T5808] team0: Port device team_slave_1 added
[  147.202589][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_0
[  147.205815][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.238826][ T5808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  147.251138][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_1
[  147.254134][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.267502][ T5808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  147.338223][ T5808] hsr_slave_0: entered promiscuous mode
[  147.348319][ T5808] hsr_slave_1: entered promiscuous mode
[  147.840299][ T5808] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  147.861024][ T5808] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  147.878076][ T5808] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  147.885061][ T5808] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  148.038672][ T5808] 8021q: adding VLAN 0 to HW filter on device bond0
[  148.066094][ T5808] 8021q: adding VLAN 0 to HW filter on device team0
[  148.100453][ T3090] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.103938][ T3090] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.132957][ T3090] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.136198][ T3090] bridge0: port 2(bridge_slave_1) entered forwarding state
[  148.231994][ T5808] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  148.527967][ T5808] 8021q: adding VLAN 0 to HW filter on device batadv0
[  148.599822][ T5808] veth0_vlan: entered promiscuous mode
[  148.618395][ T5808] veth1_vlan: entered promiscuous mode
[  148.679575][ T5808] veth0_macvtap: entered promiscuous mode
[  148.690101][ T5808] veth1_macvtap: entered promiscuous mode
[  148.721871][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_0
[  148.751003][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_1
[  148.770168][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.774177][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.802383][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.817758][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.929451][   T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  148.933092][   T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  148.986607][   T70] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  148.993073][   T70] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.057802][ T4701] Bluetooth: hci0: command tx timeout
[  149.594437][ T5871] loop0: detected capacity change from 0 to 32768
[  149.611018][ T5871] XFS: ikeep mount option is deprecated.
[  149.669197][ T5871] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  149.780263][ T5871] XFS (loop0): Ending clean mount
[  149.800678][ T5871] XFS (loop0): Quotacheck needed: Please wait.
[  149.862510][ T5871] XFS (loop0): Quotacheck: Done.
[  150.045300][ T5808] BUG: Bad page state in process syz-executor  pfn:40801
[  150.050584][ T5808] page does not match folio
[  150.053640][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x40801
2025/08/02 21:52:30 executed programs: 3
[  150.076591][ T5808] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  150.080994][ T5808] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  150.084884][ T5808] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  150.109573][ T5808] page dumped because: nonzero pincount
[  150.113493][ T5808] page_owner tracks the page as allocated
[  150.116210][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5871, tgid 5870 (syz.0.16), ts 149929571883, free_ts 149763396456
[  150.149162][ T5808]  post_alloc_hook+0x240/0x2a0
[  150.151616][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  150.154215][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  150.156624][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  150.167573][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  150.169891][ T5808]  alloc_pages_noprof+0xa9/0x190
[  150.178670][ T5808]  folio_alloc_noprof+0x1e/0x30
[  150.181195][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  150.184044][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  150.186364][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  150.206907][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  150.209586][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  150.212074][ T5808]  vfs_write+0x54b/0xa90
[  150.214074][ T5808]  ksys_write+0x145/0x250
[  150.216031][ T5808]  do_syscall_64+0xfa/0x3b0
[  150.226899][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.229675][ T5808] page last free pid 5871 tgid 5870 stack trace:
[  150.232539][ T5808]  __free_frozen_pages+0xbc4/0xd30
[  150.234771][ T5808]  free_large_kmalloc+0x13a/0x1f0
[  150.261923][ T5808]  xlog_write_log_records+0x349/0x3c0
[  150.265443][ T5808]  xlog_clear_stale_blocks+0x1d9/0x3c0
[  150.268844][ T5808]  xlog_find_tail+0x655/0x840
[  150.271197][ T5808]  xlog_recover+0x4b/0x3e0
[  150.273272][ T5808]  xfs_log_mount+0x253/0x3e0
[  150.285723][ T5808]  xfs_mountfs+0xe5e/0x2330
[  150.288242][ T5808]  xfs_fs_fill_super+0x11b3/0x1600
[  150.290728][ T5808]  get_tree_bdev_flags+0x40b/0x4d0
[  150.293219][ T5808]  vfs_get_tree+0x8f/0x2b0
[  150.295374][ T5808]  do_new_mount+0x2a2/0x9e0
[  150.317987][ T5808]  __se_sys_mount+0x317/0x410
[  150.320453][ T5808]  do_syscall_64+0xfa/0x3b0
[  150.322508][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.343970][ T5808] Modules linked in:
[  150.345951][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Not tainted 6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  150.345970][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  150.345976][ T5808] Call Trace:
[  150.345981][ T5808]  <TASK>
[  150.345987][ T5808]  dump_stack_lvl+0x189/0x250
[  150.346007][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  150.346019][ T5808]  ? __pfx_print_modules+0x10/0x10
[  150.346035][ T5808]  ? percpu_ref_put+0x19/0x180
[  150.346048][ T5808]  ? percpu_ref_put+0x19/0x180
[  150.346060][ T5808]  ? percpu_ref_put+0xf9/0x180
[  150.346076][ T5808]  bad_page+0x180/0x1c0
[  150.346088][ T5808]  free_tail_page_prepare+0x2c3/0x4f0
[  150.346104][ T5808]  __free_frozen_pages+0x7b7/0xd30
[  150.346125][ T5808]  __folio_put+0x21b/0x2c0
[  150.346143][ T5808]  ? __pfx___folio_put+0x10/0x10
[  150.346162][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  150.346181][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  150.346195][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  150.346215][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  150.346229][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  150.346249][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  150.346259][ T5808]  ? lockdep_unlock+0x89/0x120
[  150.346294][ T5808]  ? __lock_acquire+0xab9/0xd20
[  150.346324][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  150.346342][ T5808]  ? _raw_spin_unlock_irq+0x23/0x50
[  150.346357][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  150.346368][ T5808]  ? lockdep_hardirqs_on+0x9c/0x150
[  150.346387][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  150.346400][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  150.346413][ T5808]  evict+0x501/0x9c0
[  150.346430][ T5808]  ? __pfx_evict+0x10/0x10
[  150.346447][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  150.346463][ T5808]  evict_inodes+0x64c/0x6d0
[  150.346477][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  150.346493][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  150.346513][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  150.346529][ T5808]  kill_block_super+0x44/0x90
[  150.346541][ T5808]  xfs_kill_sb+0x15/0x50
[  150.346553][ T5808]  deactivate_locked_super+0xbc/0x130
[  150.346573][ T5808]  cleanup_mnt+0x425/0x4c0
[  150.346589][ T5808]  ? lockdep_hardirqs_on+0x9c/0x150
[  150.346606][ T5808]  task_work_run+0x1d1/0x260
[  150.346623][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  150.346636][ T5808]  ? __x64_sys_umount+0x122/0x160
[  150.346658][ T5808]  ? exit_to_user_mode_loop+0x40/0x110
[  150.346677][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  150.346691][ T5808]  do_syscall_64+0x2bd/0x3b0
[  150.346702][ T5808]  ? lockdep_hardirqs_on+0x9c/0x150
[  150.346716][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.346727][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  150.346740][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.346773][ T5808] RIP: 0033:0x7fea26f8e117
[  150.346788][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  150.346796][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  150.346809][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  150.346816][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  150.346822][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  150.346829][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  150.346840][ T5808] R13: 00007fea2700e08c R14: 0000000000024953 R15: 00007ffca5bc0080
[  150.346859][ T5808]  </TASK>
[  150.786723][ T5808] Disabling lock debugging due to kernel taint
[  150.789882][ T5808] BUG: Bad page state in process syz-executor  pfn:40800
[  150.793195][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x40800
[  150.807497][ T5808] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  150.811322][ T5808] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  150.815487][ T5808] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  150.848115][ T5808] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  150.852014][ T5808] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  150.855979][ T5808] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  150.867704][ T5808] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  150.871714][ T5808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  150.875512][ T5808] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  150.899473][ T5808] page_owner tracks the page as allocated
[  150.901969][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5871, tgid 5870 (syz.0.16), ts 149929571883, free_ts 149763396456
[  150.927191][ T5808]  post_alloc_hook+0x240/0x2a0
[  150.929516][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  150.932013][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  150.934282][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  150.947407][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  150.955179][ T5808]  alloc_pages_noprof+0xa9/0x190
[  150.967136][ T5808]  folio_alloc_noprof+0x1e/0x30
[  150.969373][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  150.971891][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  150.974200][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  150.976259][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  150.987832][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  151.001138][ T5808]  vfs_write+0x54b/0xa90
[  151.003090][ T5808]  ksys_write+0x145/0x250
[  151.005252][ T5808]  do_syscall_64+0xfa/0x3b0
[  151.017216][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.019808][ T5808] page last free pid 5871 tgid 5870 stack trace:
[  151.022641][ T5808]  __free_frozen_pages+0xbc4/0xd30
[  151.024911][ T5808]  free_large_kmalloc+0x13a/0x1f0
[  151.036923][ T5808]  xlog_write_log_records+0x349/0x3c0
[  151.039319][ T5808]  xlog_clear_stale_blocks+0x1d9/0x3c0
[  151.041886][ T5808]  xlog_find_tail+0x655/0x840
[  151.044051][ T5808]  xlog_recover+0x4b/0x3e0
[  151.046170][ T5808]  xfs_log_mount+0x253/0x3e0
[  151.067052][ T5808]  xfs_mountfs+0xe5e/0x2330
[  151.069089][ T5808]  xfs_fs_fill_super+0x11b3/0x1600
[  151.071480][ T5808]  get_tree_bdev_flags+0x40b/0x4d0
[  151.074137][ T5808]  vfs_get_tree+0x8f/0x2b0
[  151.076337][ T5808]  do_new_mount+0x2a2/0x9e0
[  151.093104][ T5808]  __se_sys_mount+0x317/0x410
[  151.095557][ T5808]  do_syscall_64+0xfa/0x3b0
[  151.098960][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.107287][ T5808] Modules linked in:
[  151.109063][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  151.109076][ T5808] Tainted: [B]=BAD_PAGE
[  151.109079][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.109083][ T5808] Call Trace:
[  151.109086][ T5808]  <TASK>
[  151.109089][ T5808]  dump_stack_lvl+0x189/0x250
[  151.109101][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.109109][ T5808]  ? __pfx_print_modules+0x10/0x10
[  151.109118][ T5808]  bad_page+0x180/0x1c0
[  151.109125][ T5808]  __free_frozen_pages+0xce2/0xd30
[  151.109134][ T5808]  __folio_put+0x21b/0x2c0
[  151.109143][ T5808]  ? __pfx___folio_put+0x10/0x10
[  151.109151][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  151.109160][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  151.109167][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  151.109181][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  151.109191][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  151.109203][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  151.109212][ T5808]  ? lockdep_unlock+0x89/0x120
[  151.109230][ T5808]  ? __lock_acquire+0xab9/0xd20
[  151.109247][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  151.109261][ T5808]  ? _raw_spin_unlock_irq+0x23/0x50
[  151.109274][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  151.109286][ T5808]  ? lockdep_hardirqs_on+0x9c/0x150
[  151.109301][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  151.109312][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  151.109324][ T5808]  evict+0x501/0x9c0
[  151.109335][ T5808]  ? __pfx_evict+0x10/0x10
[  151.109344][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  151.109356][ T5808]  evict_inodes+0x64c/0x6d0
[  151.109368][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  151.109379][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  151.109415][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  151.109427][ T5808]  kill_block_super+0x44/0x90
[  151.109437][ T5808]  xfs_kill_sb+0x15/0x50
[  151.109447][ T5808]  deactivate_locked_super+0xbc/0x130
[  151.109461][ T5808]  cleanup_mnt+0x425/0x4c0
[  151.109475][ T5808]  ? lockdep_hardirqs_on+0x9c/0x150
[  151.109487][ T5808]  task_work_run+0x1d1/0x260
[  151.109502][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  151.109513][ T5808]  ? __x64_sys_umount+0x122/0x160
[  151.109524][ T5808]  ? exit_to_user_mode_loop+0x40/0x110
[  151.109538][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  151.109552][ T5808]  do_syscall_64+0x2bd/0x3b0
[  151.109561][ T5808]  ? lockdep_hardirqs_on+0x9c/0x150
[  151.109573][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.109582][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  151.109592][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.109601][ T5808] RIP: 0033:0x7fea26f8e117
[  151.109611][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  151.109619][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  151.109631][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  151.109637][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  151.109644][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  151.109650][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  151.109657][ T5808] R13: 00007fea2700e08c R14: 0000000000024953 R15: 00007ffca5bc0080
[  151.109667][ T5808]  </TASK>
[  151.110094][ T5808] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.283784][ T4701] Bluetooth: hci0: command tx timeout
[  151.660579][ T5916] loop0: detected capacity change from 0 to 32768
[  151.672078][ T5916] XFS: ikeep mount option is deprecated.
[  151.685284][ T5916] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.713133][ T5916] XFS (loop0): Ending clean mount
[  151.716096][ T5916] XFS (loop0): Quotacheck needed: Please wait.
[  151.724737][ T5916] XFS (loop0): Quotacheck: Done.
[  151.755505][ T5808] BUG: Bad page state in process syz-executor  pfn:40a01
[  151.758858][ T5808] page does not match folio
[  151.760967][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x40a01
[  151.765356][ T5808] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  151.769830][ T5808] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  151.773796][ T5808] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  151.779267][ T5808] page dumped because: nonzero pincount
[  151.781710][ T5808] page_owner tracks the page as allocated
[  151.784050][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5916, tgid 5915 (syz.0.17), ts 151738031802, free_ts 144559521130
[  151.794476][ T5808]  post_alloc_hook+0x240/0x2a0
[  151.796619][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  151.800789][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  151.803111][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  151.805639][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  151.807977][ T5808]  alloc_pages_noprof+0xa9/0x190
[  151.810655][ T5808]  folio_alloc_noprof+0x1e/0x30
[  151.812622][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  151.814860][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  151.817622][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  151.819742][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  151.822348][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  151.824810][ T5808]  vfs_write+0x54b/0xa90
[  151.826708][ T5808]  ksys_write+0x145/0x250
[  151.829555][ T5808]  do_syscall_64+0xfa/0x3b0
[  151.831695][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.834296][ T5808] page last free pid 30 tgid 30 stack trace:
[  151.837361][ T5808]  __free_frozen_pages+0xbc4/0xd30
[  151.839572][ T5808]  __folio_put+0x21b/0x2c0
[  151.841531][ T5808]  migrate_pages_batch+0x234a/0x3620
[  151.843790][ T5808]  migrate_pages+0x1bcc/0x2930
[  151.845933][ T5808]  compact_zone+0x23e1/0x4ab0
[  151.848684][ T5808]  compact_node+0x1d2/0x280
[  151.850734][ T5808]  kcompactd+0xbc8/0x1290
[  151.852557][ T5808]  kthread+0x711/0x8a0
[  151.854417][ T5808]  ret_from_fork+0x3f9/0x770
[  151.856391][ T5808]  ret_from_fork_asm+0x1a/0x30
[  151.860929][ T5808] Modules linked in:
[  151.862929][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  151.862948][ T5808] Tainted: [B]=BAD_PAGE
[  151.862952][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  151.862958][ T5808] Call Trace:
[  151.862963][ T5808]  <TASK>
[  151.862968][ T5808]  dump_stack_lvl+0x189/0x250
[  151.862986][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.862996][ T5808]  ? __pfx_print_modules+0x10/0x10
[  151.863010][ T5808]  ? percpu_ref_put+0x19/0x180
[  151.863022][ T5808]  ? percpu_ref_put+0xf9/0x180
[  151.863034][ T5808]  bad_page+0x180/0x1c0
[  151.863044][ T5808]  free_tail_page_prepare+0x2c3/0x4f0
[  151.863056][ T5808]  __free_frozen_pages+0x7b7/0xd30
[  151.863069][ T5808]  __folio_put+0x21b/0x2c0
[  151.863081][ T5808]  ? __pfx___folio_put+0x10/0x10
[  151.863094][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  151.863107][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  151.863119][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  151.863134][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  151.863144][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  151.863154][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  151.863167][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  151.863181][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  151.863198][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  151.863210][ T5808]  ? rcu_is_watching+0x15/0xb0
[  151.863220][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  151.863231][ T5808]  ? rcu_is_watching+0x15/0xb0
[  151.863241][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  151.863252][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  151.863265][ T5808]  evict+0x501/0x9c0
[  151.863275][ T5808]  ? __pfx_evict+0x10/0x10
[  151.863284][ T5808]  ? rcu_is_watching+0x15/0xb0
[  151.863293][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  151.863304][ T5808]  evict_inodes+0x64c/0x6d0
[  151.863318][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  151.863328][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  151.863341][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  151.863352][ T5808]  kill_block_super+0x44/0x90
[  151.863362][ T5808]  xfs_kill_sb+0x15/0x50
[  151.863372][ T5808]  deactivate_locked_super+0xbc/0x130
[  151.863387][ T5808]  cleanup_mnt+0x425/0x4c0
[  151.863403][ T5808]  task_work_run+0x1d1/0x260
[  151.863417][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  151.863428][ T5808]  ? __x64_sys_umount+0x122/0x160
[  151.863438][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  151.863449][ T5808]  ? rcu_is_watching+0x15/0xb0
[  151.863459][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  151.863472][ T5808]  do_syscall_64+0x2bd/0x3b0
[  151.863483][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.863492][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  151.863503][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.863511][ T5808] RIP: 0033:0x7fea26f8e117
[  151.863523][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  151.863531][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  151.863543][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  151.863549][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  151.863554][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  151.863559][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  151.863565][ T5808] R13: 00007fea2700e08c R14: 000000000002500b R15: 00007ffca5bc0080
[  151.863575][ T5808]  </TASK>
[  151.863618][ T5808] BUG: Bad page state in process syz-executor  pfn:40a00
[  152.061923][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x40a00
[  152.070929][ T5808] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  152.074492][ T5808] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  152.079537][ T5808] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  152.083217][ T5808] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  152.087462][ T5808] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  152.091161][ T5808] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  152.095080][ T5808] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  152.099474][ T5808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  152.103303][ T5808] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  152.106469][ T5808] page_owner tracks the page as allocated
[  152.109242][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5916, tgid 5915 (syz.0.17), ts 151738031802, free_ts 144559538902
[  152.119907][ T5808]  post_alloc_hook+0x240/0x2a0
[  152.122157][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  152.124654][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  152.127989][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  152.130786][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  152.133495][ T5808]  alloc_pages_noprof+0xa9/0x190
[  152.136289][ T5808]  folio_alloc_noprof+0x1e/0x30
[  152.139591][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  152.142850][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  152.146052][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  152.149517][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  152.152670][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  152.155631][ T5808]  vfs_write+0x54b/0xa90
[  152.158513][ T5808]  ksys_write+0x145/0x250
[  152.160854][ T5808]  do_syscall_64+0xfa/0x3b0
[  152.163166][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.165699][ T5808] page last free pid 30 tgid 30 stack trace:
[  152.168792][ T5808]  __free_frozen_pages+0xbc4/0xd30
[  152.170996][ T5808]  __folio_put+0x21b/0x2c0
[  152.172920][ T5808]  migrate_pages_batch+0x234a/0x3620
[  152.175558][ T5808]  migrate_pages+0x1bcc/0x2930
[  152.178995][ T5808]  compact_zone+0x23e1/0x4ab0
[  152.181631][ T5808]  compact_node+0x1d2/0x280
[  152.183971][ T5808]  kcompactd+0xbc8/0x1290
[  152.185917][ T5808]  kthread+0x711/0x8a0
[  152.188180][ T5808]  ret_from_fork+0x3f9/0x770
[  152.190271][ T5808]  ret_from_fork_asm+0x1a/0x30
[  152.192471][ T5808] Modules linked in:
[  152.194203][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  152.194217][ T5808] Tainted: [B]=BAD_PAGE
[  152.194221][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.194227][ T5808] Call Trace:
[  152.194233][ T5808]  <TASK>
[  152.194237][ T5808]  dump_stack_lvl+0x189/0x250
[  152.194253][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.194264][ T5808]  ? __pfx_print_modules+0x10/0x10
[  152.194280][ T5808]  bad_page+0x180/0x1c0
[  152.194290][ T5808]  __free_frozen_pages+0xce2/0xd30
[  152.194303][ T5808]  __folio_put+0x21b/0x2c0
[  152.194316][ T5808]  ? __pfx___folio_put+0x10/0x10
[  152.194333][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  152.194349][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  152.194363][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  152.194378][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  152.194388][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  152.194399][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  152.194412][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  152.194426][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  152.194442][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  152.194454][ T5808]  ? rcu_is_watching+0x15/0xb0
[  152.194463][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  152.194474][ T5808]  ? rcu_is_watching+0x15/0xb0
[  152.194485][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  152.194497][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  152.194511][ T5808]  evict+0x501/0x9c0
[  152.194524][ T5808]  ? __pfx_evict+0x10/0x10
[  152.194533][ T5808]  ? rcu_is_watching+0x15/0xb0
[  152.194542][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  152.194554][ T5808]  evict_inodes+0x64c/0x6d0
[  152.194566][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  152.194576][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  152.194589][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  152.194599][ T5808]  kill_block_super+0x44/0x90
[  152.194609][ T5808]  xfs_kill_sb+0x15/0x50
[  152.194619][ T5808]  deactivate_locked_super+0xbc/0x130
[  152.194632][ T5808]  cleanup_mnt+0x425/0x4c0
[  152.194648][ T5808]  task_work_run+0x1d1/0x260
[  152.194663][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  152.194676][ T5808]  ? __x64_sys_umount+0x122/0x160
[  152.194688][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  152.194698][ T5808]  ? rcu_is_watching+0x15/0xb0
[  152.194707][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  152.194720][ T5808]  do_syscall_64+0x2bd/0x3b0
[  152.194730][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.194739][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  152.194749][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.194758][ T5808] RIP: 0033:0x7fea26f8e117
[  152.194769][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  152.194777][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  152.194788][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  152.194794][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  152.194800][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  152.194805][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  152.194813][ T5808] R13: 00007fea2700e08c R14: 000000000002500b R15: 00007ffca5bc0080
[  152.194824][ T5808]  </TASK>
[  152.195183][ T5808] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  152.557914][ T5927] loop0: detected capacity change from 0 to 32768
[  152.564493][ T5927] XFS: ikeep mount option is deprecated.
[  152.575304][ T5927] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  152.605135][ T5927] XFS (loop0): Ending clean mount
[  152.614035][ T5927] XFS (loop0): Quotacheck needed: Please wait.
[  152.622627][ T5927] XFS (loop0): Quotacheck: Done.
[  152.644437][ T5808] BUG: Bad page state in process syz-executor  pfn:40c01
[  152.647909][ T5808] page does not match folio
[  152.650086][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x40c01
[  152.654808][ T5808] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  152.660218][ T5808] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  152.663793][ T5808] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  152.668507][ T5808] page dumped because: nonzero pincount
[  152.671127][ T5808] page_owner tracks the page as allocated
[  152.673675][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5927, tgid 5926 (syz.0.18), ts 152630356738, free_ts 152194876477
[  152.684243][ T5808]  post_alloc_hook+0x240/0x2a0
[  152.686386][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  152.690154][ T5808]  __alloc_frozen_pages_noprof+0x181/0x370
[  152.692706][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  152.694796][ T5808]  alloc_pages_noprof+0xa9/0x190
[  152.697484][ T5808]  folio_alloc_noprof+0x1e/0x30
[  152.699563][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  152.702041][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  152.704270][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  152.706557][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  152.709504][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  152.711988][ T5808]  vfs_write+0x54b/0xa90
[  152.713912][ T5808]  ksys_write+0x145/0x250
[  152.715853][ T5808]  do_syscall_64+0xfa/0x3b0
[  152.718424][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.721054][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  152.723820][ T5808]  free_unref_folios+0xdbd/0x1520
[  152.726028][ T5808]  folios_put_refs+0x559/0x640
[  152.728489][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  152.731625][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  152.733869][ T5808]  evict+0x501/0x9c0
[  152.735644][ T5808]  evict_inodes+0x64c/0x6d0
[  152.738304][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  152.740618][ T5808]  kill_block_super+0x44/0x90
[  152.742594][ T5808]  xfs_kill_sb+0x15/0x50
[  152.744360][ T5808]  deactivate_locked_super+0xbc/0x130
[  152.746608][ T5808]  cleanup_mnt+0x425/0x4c0
[  152.748990][ T5808]  task_work_run+0x1d1/0x260
[  152.750976][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  152.753207][ T5808]  do_syscall_64+0x2bd/0x3b0
[  152.755233][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.758716][ T5808] Modules linked in:
[  152.760784][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  152.760802][ T5808] Tainted: [B]=BAD_PAGE
[  152.760807][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  152.760813][ T5808] Call Trace:
[  152.760818][ T5808]  <TASK>
[  152.760822][ T5808]  dump_stack_lvl+0x189/0x250
[  152.760836][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.760846][ T5808]  ? __pfx_print_modules+0x10/0x10
[  152.760860][ T5808]  ? percpu_ref_put+0x19/0x180
[  152.760872][ T5808]  ? percpu_ref_put+0xf9/0x180
[  152.760883][ T5808]  bad_page+0x180/0x1c0
[  152.760893][ T5808]  free_tail_page_prepare+0x2c3/0x4f0
[  152.760904][ T5808]  __free_frozen_pages+0x7b7/0xd30
[  152.760917][ T5808]  __folio_put+0x21b/0x2c0
[  152.760930][ T5808]  ? __pfx___folio_put+0x10/0x10
[  152.760946][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  152.760963][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  152.760976][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  152.760991][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  152.761000][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  152.761011][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  152.761024][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  152.761038][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  152.761060][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  152.761072][ T5808]  ? rcu_is_watching+0x15/0xb0
[  152.761081][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  152.761092][ T5808]  ? rcu_is_watching+0x15/0xb0
[  152.761100][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  152.761113][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  152.761127][ T5808]  evict+0x501/0x9c0
[  152.761139][ T5808]  ? __pfx_evict+0x10/0x10
[  152.761150][ T5808]  ? rcu_is_watching+0x15/0xb0
[  152.761159][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  152.761170][ T5808]  evict_inodes+0x64c/0x6d0
[  152.761182][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  152.761192][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  152.761205][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  152.761214][ T5808]  kill_block_super+0x44/0x90
[  152.761224][ T5808]  xfs_kill_sb+0x15/0x50
[  152.761234][ T5808]  deactivate_locked_super+0xbc/0x130
[  152.761248][ T5808]  cleanup_mnt+0x425/0x4c0
[  152.761262][ T5808]  task_work_run+0x1d1/0x260
[  152.761278][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  152.761291][ T5808]  ? __x64_sys_umount+0x122/0x160
[  152.761302][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  152.761314][ T5808]  ? rcu_is_watching+0x15/0xb0
[  152.761323][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  152.761336][ T5808]  do_syscall_64+0x2bd/0x3b0
[  152.761346][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.761354][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  152.761364][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.761373][ T5808] RIP: 0033:0x7fea26f8e117
[  152.761410][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  152.761417][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  152.761429][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  152.761438][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  152.761444][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  152.761450][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  152.761459][ T5808] R13: 00007fea2700e08c R14: 0000000000025397 R15: 00007ffca5bc0080
[  152.761471][ T5808]  </TASK>
[  152.761500][ T5808] BUG: Bad page state in process syz-executor  pfn:40c00
[  152.918788][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x40c00
[  152.922658][ T5808] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  152.926197][ T5808] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  152.930942][ T5808] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  152.934650][ T5808] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  152.939216][ T5808] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  152.942937][ T5808] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  152.946619][ T5808] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  152.950886][ T5808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  152.954660][ T5808] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  152.958227][ T5808] page_owner tracks the page as allocated
[  152.960738][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5927, tgid 5926 (syz.0.18), ts 152630356738, free_ts 152194876477
[  152.971480][ T5808]  post_alloc_hook+0x240/0x2a0
[  152.974033][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  152.976425][ T5808]  __alloc_frozen_pages_noprof+0x181/0x370
[  152.980023][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  152.982351][ T5808]  alloc_pages_noprof+0xa9/0x190
[  152.984686][ T5808]  folio_alloc_noprof+0x1e/0x30
[  152.987405][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  152.989881][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  152.992112][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  152.994308][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  152.996490][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  152.999387][ T5808]  vfs_write+0x54b/0xa90
[  153.001240][ T5808]  ksys_write+0x145/0x250
[  153.003109][ T5808]  do_syscall_64+0xfa/0x3b0
[  153.005109][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.008407][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  153.011207][ T5808]  free_unref_folios+0xdbd/0x1520
[  153.013593][ T5808]  folios_put_refs+0x559/0x640
[  153.015704][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  153.019065][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  153.021161][ T5808]  evict+0x501/0x9c0
[  153.022883][ T5808]  evict_inodes+0x64c/0x6d0
[  153.024785][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  153.027674][ T5808]  kill_block_super+0x44/0x90
[  153.029448][ T5808]  xfs_kill_sb+0x15/0x50
[  153.031200][ T5808]  deactivate_locked_super+0xbc/0x130
[  153.033593][ T5808]  cleanup_mnt+0x425/0x4c0
[  153.035545][ T5808]  task_work_run+0x1d1/0x260
[  153.038638][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  153.040921][ T5808]  do_syscall_64+0x2bd/0x3b0
[  153.042953][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.045556][ T5808] Modules linked in:
[  153.047876][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  153.047893][ T5808] Tainted: [B]=BAD_PAGE
[  153.047897][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.047903][ T5808] Call Trace:
[  153.047907][ T5808]  <TASK>
[  153.047911][ T5808]  dump_stack_lvl+0x189/0x250
[  153.047927][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.047941][ T5808]  ? __pfx_print_modules+0x10/0x10
[  153.047957][ T5808]  bad_page+0x180/0x1c0
[  153.047968][ T5808]  __free_frozen_pages+0xce2/0xd30
[  153.047983][ T5808]  __folio_put+0x21b/0x2c0
[  153.047998][ T5808]  ? __pfx___folio_put+0x10/0x10
[  153.048013][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  153.048029][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  153.048041][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  153.048058][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  153.048070][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  153.048082][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  153.048096][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  153.048112][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  153.048130][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.048144][ T5808]  ? rcu_is_watching+0x15/0xb0
[  153.048155][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.048169][ T5808]  ? rcu_is_watching+0x15/0xb0
[  153.048178][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.048190][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  153.048203][ T5808]  evict+0x501/0x9c0
[  153.048217][ T5808]  ? __pfx_evict+0x10/0x10
[  153.048225][ T5808]  ? rcu_is_watching+0x15/0xb0
[  153.048235][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  153.048248][ T5808]  evict_inodes+0x64c/0x6d0
[  153.048263][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  153.048273][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  153.048288][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  153.048299][ T5808]  kill_block_super+0x44/0x90
[  153.048312][ T5808]  xfs_kill_sb+0x15/0x50
[  153.048321][ T5808]  deactivate_locked_super+0xbc/0x130
[  153.048337][ T5808]  cleanup_mnt+0x425/0x4c0
[  153.048355][ T5808]  task_work_run+0x1d1/0x260
[  153.048368][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  153.048381][ T5808]  ? __x64_sys_umount+0x122/0x160
[  153.048391][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  153.048404][ T5808]  ? rcu_is_watching+0x15/0xb0
[  153.048413][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  153.048427][ T5808]  do_syscall_64+0x2bd/0x3b0
[  153.048438][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.048449][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  153.048459][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.048470][ T5808] RIP: 0033:0x7fea26f8e117
[  153.048480][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  153.048490][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  153.048501][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  153.048508][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  153.048514][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  153.048521][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  153.048528][ T5808] R13: 00007fea2700e08c R14: 0000000000025397 R15: 00007ffca5bc0080
[  153.048547][ T5808]  </TASK>
[  153.048931][ T5808] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.297682][ T4701] Bluetooth: hci0: command tx timeout
[  153.399610][ T5937] loop0: detected capacity change from 0 to 32768
[  153.407763][ T5937] XFS: ikeep mount option is deprecated.
[  153.439995][ T5937] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.467299][ T5937] XFS (loop0): Ending clean mount
[  153.470686][ T5937] XFS (loop0): Quotacheck needed: Please wait.
[  153.487868][ T5937] XFS (loop0): Quotacheck: Done.
[  153.513724][ T5808] BUG: Bad page state in process syz-executor  pfn:53e01
[  153.517297][ T5808] page does not match folio
[  153.519468][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x53e01
[  153.523901][ T5808] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  153.529357][ T5808] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  153.575177][ T5808] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  153.579611][ T5808] page dumped because: nonzero pincount
[  153.582179][ T5808] page_owner tracks the page as allocated
[  153.584757][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5937, tgid 5936 (syz.0.19), ts 153496605585, free_ts 153048595011
[  153.595687][ T5808]  post_alloc_hook+0x240/0x2a0
[  153.598189][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  153.600867][ T5808]  __alloc_frozen_pages_noprof+0x181/0x370
[  153.603553][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  153.605724][ T5808]  alloc_pages_noprof+0xa9/0x190
[  153.608761][ T5808]  folio_alloc_noprof+0x1e/0x30
[  153.611001][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  153.613689][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  153.616041][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  153.628159][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  153.631359][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  153.633871][ T5808]  vfs_write+0x54b/0xa90
[  153.635911][ T5808]  ksys_write+0x145/0x250
[  153.642315][ T5808]  do_syscall_64+0xfa/0x3b0
[  153.644508][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.647896][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  153.650687][ T5808]  free_unref_folios+0xdbd/0x1520
[  153.653616][ T5808]  folios_put_refs+0x559/0x640
[  153.655739][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  153.658725][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  153.660886][ T5808]  evict+0x501/0x9c0
[  153.662739][ T5808]  evict_inodes+0x64c/0x6d0
[  153.664948][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  153.668344][ T5808]  kill_block_super+0x44/0x90
[  153.670484][ T5808]  xfs_kill_sb+0x15/0x50
[  153.672335][ T5808]  deactivate_locked_super+0xbc/0x130
[  153.674723][ T5808]  cleanup_mnt+0x425/0x4c0
[  153.676694][ T5808]  task_work_run+0x1d1/0x260
[  153.679471][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  153.681793][ T5808]  do_syscall_64+0x2bd/0x3b0
[  153.684205][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.688229][ T5808] Modules linked in:
[  153.690416][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  153.690435][ T5808] Tainted: [B]=BAD_PAGE
[  153.690439][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.690446][ T5808] Call Trace:
[  153.690451][ T5808]  <TASK>
[  153.690457][ T5808]  dump_stack_lvl+0x189/0x250
[  153.690486][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.690497][ T5808]  ? __pfx_print_modules+0x10/0x10
[  153.690513][ T5808]  ? percpu_ref_put+0x19/0x180
[  153.690527][ T5808]  ? percpu_ref_put+0xf9/0x180
[  153.690540][ T5808]  bad_page+0x180/0x1c0
[  153.690551][ T5808]  free_tail_page_prepare+0x2c3/0x4f0
[  153.690564][ T5808]  __free_frozen_pages+0x7b7/0xd30
[  153.690578][ T5808]  __folio_put+0x21b/0x2c0
[  153.690594][ T5808]  ? __pfx___folio_put+0x10/0x10
[  153.690608][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  153.690625][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  153.690635][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  153.690652][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  153.690663][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  153.690675][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  153.690688][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  153.690704][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  153.690722][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.690735][ T5808]  ? rcu_is_watching+0x15/0xb0
[  153.690745][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.690754][ T5808]  ? rcu_is_watching+0x15/0xb0
[  153.690761][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.690767][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  153.690776][ T5808]  evict+0x501/0x9c0
[  153.690784][ T5808]  ? __pfx_evict+0x10/0x10
[  153.690789][ T5808]  ? rcu_is_watching+0x15/0xb0
[  153.690795][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  153.690806][ T5808]  evict_inodes+0x64c/0x6d0
[  153.690818][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  153.690828][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  153.690840][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  153.690851][ T5808]  kill_block_super+0x44/0x90
[  153.690862][ T5808]  xfs_kill_sb+0x15/0x50
[  153.690873][ T5808]  deactivate_locked_super+0xbc/0x130
[  153.690888][ T5808]  cleanup_mnt+0x425/0x4c0
[  153.690902][ T5808]  task_work_run+0x1d1/0x260
[  153.690918][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  153.690929][ T5808]  ? __x64_sys_umount+0x122/0x160
[  153.690939][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  153.690950][ T5808]  ? rcu_is_watching+0x15/0xb0
[  153.690959][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  153.690979][ T5808]  do_syscall_64+0x2bd/0x3b0
[  153.690990][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.691001][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  153.691011][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.691020][ T5808] RIP: 0033:0x7fea26f8e117
[  153.691031][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  153.691040][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  153.691051][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  153.691057][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  153.691063][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  153.691069][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  153.691076][ T5808] R13: 00007fea2700e08c R14: 00000000000256f6 R15: 00007ffca5bc0080
[  153.691085][ T5808]  </TASK>
[  153.691119][ T5808] BUG: Bad page state in process syz-executor  pfn:53e00
[  153.861557][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53e00
[  153.865359][ T5808] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  153.869684][ T5808] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  153.873870][ T5808] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  153.878326][ T5808] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  153.882150][ T5808] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  153.885802][ T5808] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  153.890064][ T5808] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  153.893796][ T5808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  153.897971][ T5808] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  153.901092][ T5808] page_owner tracks the page as allocated
[  153.903538][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5937, tgid 5936 (syz.0.19), ts 153496605585, free_ts 153048595011
[  153.914611][ T5808]  post_alloc_hook+0x240/0x2a0
[  153.917033][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  153.919397][ T5808]  __alloc_frozen_pages_noprof+0x181/0x370
[  153.921961][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  153.924015][ T5808]  alloc_pages_noprof+0xa9/0x190
[  153.926159][ T5808]  folio_alloc_noprof+0x1e/0x30
[  153.929004][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  153.931494][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  153.933987][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  153.936155][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  153.940890][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  153.943269][ T5808]  vfs_write+0x54b/0xa90
[  153.945064][ T5808]  ksys_write+0x145/0x250
[  153.947713][ T5808]  do_syscall_64+0xfa/0x3b0
[  153.950660][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.953194][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  153.955861][ T5808]  free_unref_folios+0xdbd/0x1520
[  153.959400][ T5808]  folios_put_refs+0x559/0x640
[  153.962106][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  153.964506][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  153.969680][ T5808]  evict+0x501/0x9c0
[  153.971343][ T5808]  evict_inodes+0x64c/0x6d0
[  153.973341][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  153.975605][ T5808]  kill_block_super+0x44/0x90
[  153.978140][ T5808]  xfs_kill_sb+0x15/0x50
[  153.979937][ T5808]  deactivate_locked_super+0xbc/0x130
[  153.982253][ T5808]  cleanup_mnt+0x425/0x4c0
[  153.984211][ T5808]  task_work_run+0x1d1/0x260
[  153.986327][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  153.989253][ T5808]  do_syscall_64+0x2bd/0x3b0
[  153.991533][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.994184][ T5808] Modules linked in:
[  153.995900][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  153.995918][ T5808] Tainted: [B]=BAD_PAGE
[  153.995922][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  153.995930][ T5808] Call Trace:
[  153.995939][ T5808]  <TASK>
[  153.995946][ T5808]  dump_stack_lvl+0x189/0x250
[  153.996019][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.996032][ T5808]  ? __pfx_print_modules+0x10/0x10
[  153.996050][ T5808]  bad_page+0x180/0x1c0
[  153.996061][ T5808]  __free_frozen_pages+0xce2/0xd30
[  153.996077][ T5808]  __folio_put+0x21b/0x2c0
[  153.996092][ T5808]  ? __pfx___folio_put+0x10/0x10
[  153.996108][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  153.996124][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  153.996137][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  153.996154][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  153.996166][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  153.996178][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  153.996193][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  153.996210][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  153.996226][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.996239][ T5808]  ? rcu_is_watching+0x15/0xb0
[  153.996249][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.996261][ T5808]  ? rcu_is_watching+0x15/0xb0
[  153.996271][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  153.996284][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  153.996297][ T5808]  evict+0x501/0x9c0
[  153.996310][ T5808]  ? __pfx_evict+0x10/0x10
[  153.996320][ T5808]  ? rcu_is_watching+0x15/0xb0
[  153.996331][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  153.996345][ T5808]  evict_inodes+0x64c/0x6d0
[  153.996359][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  153.996371][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  153.996386][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  153.996397][ T5808]  kill_block_super+0x44/0x90
[  153.996409][ T5808]  xfs_kill_sb+0x15/0x50
[  153.996420][ T5808]  deactivate_locked_super+0xbc/0x130
[  153.996437][ T5808]  cleanup_mnt+0x425/0x4c0
[  153.996454][ T5808]  task_work_run+0x1d1/0x260
[  153.996468][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  153.996481][ T5808]  ? __x64_sys_umount+0x122/0x160
[  153.996492][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  153.996504][ T5808]  ? rcu_is_watching+0x15/0xb0
[  153.996514][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  153.996529][ T5808]  do_syscall_64+0x2bd/0x3b0
[  153.996542][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.996552][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  153.996564][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.996575][ T5808] RIP: 0033:0x7fea26f8e117
[  153.996593][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  153.996603][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  153.996616][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  153.996624][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  153.996630][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  153.996637][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  153.996644][ T5808] R13: 00007fea2700e08c R14: 00000000000256f6 R15: 00007ffca5bc0080
[  153.996655][ T5808]  </TASK>
[  154.146599][ T5808] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.365568][ T5947] loop0: detected capacity change from 0 to 32768
[  154.376227][ T5947] XFS: ikeep mount option is deprecated.
[  154.389332][ T5947] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.421716][ T5947] XFS (loop0): Ending clean mount
[  154.428632][ T5947] XFS (loop0): Quotacheck needed: Please wait.
[  154.439948][ T5947] XFS (loop0): Quotacheck: Done.
[  154.474667][ T5808] BUG: Bad page state in process syz-executor  pfn:40e01
[  154.481531][ T5808] page does not match folio
[  154.483825][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x40e01
[  154.489481][ T5808] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  154.492992][ T5808] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  154.498636][ T5808] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  154.502611][ T5808] page dumped because: nonzero pincount
[  154.505046][ T5808] page_owner tracks the page as allocated
[  154.508057][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5947, tgid 5946 (syz.0.20), ts 154457890111, free_ts 154146011210
[  154.520499][ T5808]  post_alloc_hook+0x240/0x2a0
[  154.523031][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  154.525736][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  154.528594][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  154.531201][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  154.533352][ T5808]  alloc_pages_noprof+0xa9/0x190
[  154.535519][ T5808]  folio_alloc_noprof+0x1e/0x30
[  154.538489][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  154.540971][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  154.543116][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  154.545289][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  154.548178][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  154.550795][ T5808]  vfs_write+0x54b/0xa90
[  154.552887][ T5808]  ksys_write+0x145/0x250
[  154.554890][ T5808]  do_syscall_64+0xfa/0x3b0
[  154.557992][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.560961][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  154.563866][ T5808]  free_unref_folios+0xdbd/0x1520
[  154.567610][ T5808]  folios_put_refs+0x559/0x640
[  154.569876][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  154.572461][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  154.575655][ T5808]  evict+0x501/0x9c0
[  154.579241][ T5808]  evict_inodes+0x64c/0x6d0
[  154.581325][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  154.583734][ T5808]  kill_block_super+0x44/0x90
[  154.585999][ T5808]  xfs_kill_sb+0x15/0x50
[  154.588615][ T5808]  deactivate_locked_super+0xbc/0x130
[  154.591160][ T5808]  cleanup_mnt+0x425/0x4c0
[  154.593160][ T5808]  task_work_run+0x1d1/0x260
[  154.595347][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  154.598552][ T5808]  do_syscall_64+0x2bd/0x3b0
[  154.600704][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.603370][ T5808] Modules linked in:
[  154.605181][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  154.605197][ T5808] Tainted: [B]=BAD_PAGE
[  154.605201][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.605208][ T5808] Call Trace:
[  154.605215][ T5808]  <TASK>
[  154.605220][ T5808]  dump_stack_lvl+0x189/0x250
[  154.605249][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.605259][ T5808]  ? __pfx_print_modules+0x10/0x10
[  154.605272][ T5808]  ? percpu_ref_put+0x19/0x180
[  154.605286][ T5808]  ? percpu_ref_put+0xf9/0x180
[  154.605297][ T5808]  bad_page+0x180/0x1c0
[  154.605307][ T5808]  free_tail_page_prepare+0x2c3/0x4f0
[  154.605321][ T5808]  __free_frozen_pages+0x7b7/0xd30
[  154.605336][ T5808]  __folio_put+0x21b/0x2c0
[  154.605351][ T5808]  ? __pfx___folio_put+0x10/0x10
[  154.605391][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  154.605406][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  154.605420][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  154.605436][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  154.605448][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  154.605461][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  154.605477][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  154.605495][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  154.605514][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  154.605529][ T5808]  ? rcu_is_watching+0x15/0xb0
[  154.605539][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  154.605552][ T5808]  ? rcu_is_watching+0x15/0xb0
[  154.605563][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  154.605576][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  154.605589][ T5808]  evict+0x501/0x9c0
[  154.605601][ T5808]  ? __pfx_evict+0x10/0x10
[  154.605610][ T5808]  ? rcu_is_watching+0x15/0xb0
[  154.605621][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  154.605635][ T5808]  evict_inodes+0x64c/0x6d0
[  154.605648][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  154.605661][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  154.605676][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  154.605688][ T5808]  kill_block_super+0x44/0x90
[  154.605701][ T5808]  xfs_kill_sb+0x15/0x50
[  154.605713][ T5808]  deactivate_locked_super+0xbc/0x130
[  154.605730][ T5808]  cleanup_mnt+0x425/0x4c0
[  154.605748][ T5808]  task_work_run+0x1d1/0x260
[  154.605763][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  154.605775][ T5808]  ? __x64_sys_umount+0x122/0x160
[  154.605786][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  154.605799][ T5808]  ? rcu_is_watching+0x15/0xb0
[  154.605810][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  154.605825][ T5808]  do_syscall_64+0x2bd/0x3b0
[  154.605837][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.605848][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  154.605866][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.605877][ T5808] RIP: 0033:0x7fea26f8e117
[  154.605897][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  154.605907][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  154.605920][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  154.605928][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  154.605934][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  154.605941][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  154.605948][ T5808] R13: 00007fea2700e08c R14: 0000000000025abc R15: 00007ffca5bc0080
[  154.605960][ T5808]  </TASK>
[  154.605995][ T5808] BUG: Bad page state in process syz-executor  pfn:40e00
[  154.764883][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x40e00
[  154.769228][ T5808] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  154.773536][ T5808] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  154.778244][ T5808] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  154.782483][ T5808] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  154.786139][ T5808] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  154.790298][ T5808] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  154.794655][ T5808] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  154.799200][ T5808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  154.803751][ T5808] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  154.807816][ T5808] page_owner tracks the page as allocated
[  154.810367][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5947, tgid 5946 (syz.0.20), ts 154457890111, free_ts 154146011210
[  154.820740][ T5808]  post_alloc_hook+0x240/0x2a0
[  154.822814][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  154.825110][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  154.827853][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  154.830307][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  154.832325][ T5808]  alloc_pages_noprof+0xa9/0x190
[  154.834405][ T5808]  folio_alloc_noprof+0x1e/0x30
[  154.836511][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  154.839618][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  154.841816][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  154.843908][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  154.846255][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  154.848921][ T5808]  vfs_write+0x54b/0xa90
[  154.850772][ T5808]  ksys_write+0x145/0x250
[  154.852746][ T5808]  do_syscall_64+0xfa/0x3b0
[  154.854663][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.859959][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  154.862853][ T5808]  free_unref_folios+0xdbd/0x1520
[  154.865093][ T5808]  folios_put_refs+0x559/0x640
[  154.872460][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  154.874953][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  154.877875][ T5808]  evict+0x501/0x9c0
[  154.879776][ T5808]  evict_inodes+0x64c/0x6d0
[  154.882677][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  154.884984][ T5808]  kill_block_super+0x44/0x90
[  154.887429][ T5808]  xfs_kill_sb+0x15/0x50
[  154.889244][ T5808]  deactivate_locked_super+0xbc/0x130
[  154.891507][ T5808]  cleanup_mnt+0x425/0x4c0
[  154.893428][ T5808]  task_work_run+0x1d1/0x260
[  154.895361][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  154.900890][ T5808]  do_syscall_64+0x2bd/0x3b0
[  154.902889][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.905543][ T5808] Modules linked in:
[  154.908113][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  154.908133][ T5808] Tainted: [B]=BAD_PAGE
[  154.908137][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  154.908145][ T5808] Call Trace:
[  154.908157][ T5808]  <TASK>
[  154.908163][ T5808]  dump_stack_lvl+0x189/0x250
[  154.909296][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.909310][ T5808]  ? __pfx_print_modules+0x10/0x10
[  154.909331][ T5808]  bad_page+0x180/0x1c0
[  154.909344][ T5808]  __free_frozen_pages+0xce2/0xd30
[  154.909397][ T5808]  __folio_put+0x21b/0x2c0
[  154.909414][ T5808]  ? __pfx___folio_put+0x10/0x10
[  154.909427][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  154.909442][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  154.909453][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  154.909466][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  154.909475][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  154.909485][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  154.909501][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  154.909519][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  154.909540][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  154.909554][ T5808]  ? rcu_is_watching+0x15/0xb0
[  154.909566][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  154.909581][ T5808]  ? rcu_is_watching+0x15/0xb0
[  154.909592][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  154.909606][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  154.909620][ T5808]  evict+0x501/0x9c0
[  154.909633][ T5808]  ? __pfx_evict+0x10/0x10
[  154.909644][ T5808]  ? rcu_is_watching+0x15/0xb0
[  154.909656][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  154.909671][ T5808]  evict_inodes+0x64c/0x6d0
[  154.909685][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  154.909698][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  154.909715][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  154.909728][ T5808]  kill_block_super+0x44/0x90
[  154.909740][ T5808]  xfs_kill_sb+0x15/0x50
[  154.909753][ T5808]  deactivate_locked_super+0xbc/0x130
[  154.909771][ T5808]  cleanup_mnt+0x425/0x4c0
[  154.909797][ T5808]  task_work_run+0x1d1/0x260
[  154.909813][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  154.909827][ T5808]  ? __x64_sys_umount+0x122/0x160
[  154.909839][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  154.909852][ T5808]  ? rcu_is_watching+0x15/0xb0
[  154.909864][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  154.909880][ T5808]  do_syscall_64+0x2bd/0x3b0
[  154.909893][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.909905][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  154.909917][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.909929][ T5808] RIP: 0033:0x7fea26f8e117
[  154.909942][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  154.909951][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  154.909966][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  154.909975][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  154.909982][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  154.909990][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  154.909997][ T5808] R13: 00007fea2700e08c R14: 0000000000025abc R15: 00007ffca5bc0080
[  154.910009][ T5808]  </TASK>
[  154.910559][ T5808] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  155.290210][ T5957] loop0: detected capacity change from 0 to 32768
[  155.299085][ T5957] XFS: ikeep mount option is deprecated.
[  155.309725][ T5957] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  155.339238][ T5957] XFS (loop0): Ending clean mount
[  155.348302][ T5957] XFS (loop0): Quotacheck needed: Please wait.
[  155.358787][ T5957] XFS (loop0): Quotacheck: Done.
[  155.392522][ T5808] BUG: Bad page state in process syz-executor  pfn:53601
[  155.396096][ T5808] page does not match folio
[  155.398774][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x53601
[  155.403210][ T5808] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  155.406602][ T5808] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  155.411083][ T5808] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  155.414938][ T5808] page dumped because: nonzero pincount
[  155.418672][ T5808] page_owner tracks the page as allocated
[  155.421154][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5957, tgid 5956 (syz.0.21), ts 155377325558, free_ts 155373316524
[  155.431935][ T5808]  post_alloc_hook+0x240/0x2a0
[  155.434228][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  155.436665][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
2025/08/02 21:52:36 executed programs: 8
[  155.441923][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  155.444656][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  155.449019][ T5808]  alloc_pages_noprof+0xa9/0x190
[  155.451379][ T5808]  folio_alloc_noprof+0x1e/0x30
[  155.453504][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  155.455905][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  155.459228][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  155.461626][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  155.464067][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  155.466389][ T5808]  vfs_write+0x54b/0xa90
[  155.468669][ T5808]  ksys_write+0x145/0x250
[  155.470532][ T5808]  do_syscall_64+0xfa/0x3b0
[  155.472487][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.474933][ T5808] page last free pid 79 tgid 79 stack trace:
[  155.479118][ T5808]  free_unref_folios+0xdbd/0x1520
[  155.481167][ T5808]  shrink_folio_list+0x2977/0x4cd0
[  155.483316][ T5808]  evict_folios+0x47f2/0x58b0
[  155.485264][ T5808]  try_to_shrink_lruvec+0x8a3/0xb50
[  155.487933][ T5808]  shrink_one+0x21b/0x7c0
[  155.489997][ T5808]  shrink_node+0x314e/0x3760
[  155.492127][ T5808]  kswapd+0x147c/0x2830
[  155.493997][ T5808]  kthread+0x711/0x8a0
[  155.496507][ T5808]  ret_from_fork+0x3f9/0x770
[  155.499829][ T5808]  ret_from_fork_asm+0x1a/0x30
[  155.501852][ T5808] Modules linked in:
[  155.503496][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  155.503519][ T5808] Tainted: [B]=BAD_PAGE
[  155.503523][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.503529][ T5808] Call Trace:
[  155.503535][ T5808]  <TASK>
[  155.503540][ T5808]  dump_stack_lvl+0x189/0x250
[  155.503597][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.503609][ T5808]  ? __pfx_print_modules+0x10/0x10
[  155.503621][ T5808]  ? percpu_ref_put+0x19/0x180
[  155.503633][ T5808]  ? percpu_ref_put+0xf9/0x180
[  155.503644][ T5808]  bad_page+0x180/0x1c0
[  155.503654][ T5808]  free_tail_page_prepare+0x2c3/0x4f0
[  155.503666][ T5808]  __free_frozen_pages+0x7b7/0xd30
[  155.503679][ T5808]  __folio_put+0x21b/0x2c0
[  155.503692][ T5808]  ? __pfx___folio_put+0x10/0x10
[  155.503705][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  155.503719][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  155.503730][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  155.503745][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  155.503755][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  155.503767][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  155.503780][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  155.503795][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  155.503808][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.503817][ T5808]  ? rcu_is_watching+0x15/0xb0
[  155.503823][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.503831][ T5808]  ? rcu_is_watching+0x15/0xb0
[  155.503837][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.503844][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  155.503851][ T5808]  evict+0x501/0x9c0
[  155.503858][ T5808]  ? __pfx_evict+0x10/0x10
[  155.503863][ T5808]  ? rcu_is_watching+0x15/0xb0
[  155.503869][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  155.503877][ T5808]  evict_inodes+0x64c/0x6d0
[  155.503889][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  155.503898][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  155.503911][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  155.503920][ T5808]  kill_block_super+0x44/0x90
[  155.503931][ T5808]  xfs_kill_sb+0x15/0x50
[  155.503941][ T5808]  deactivate_locked_super+0xbc/0x130
[  155.503955][ T5808]  cleanup_mnt+0x425/0x4c0
[  155.503970][ T5808]  task_work_run+0x1d1/0x260
[  155.503985][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  155.503998][ T5808]  ? __x64_sys_umount+0x122/0x160
[  155.504008][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  155.504020][ T5808]  ? rcu_is_watching+0x15/0xb0
[  155.504031][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  155.504045][ T5808]  do_syscall_64+0x2bd/0x3b0
[  155.504057][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.504067][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  155.504079][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.504089][ T5808] RIP: 0033:0x7fea26f8e117
[  155.504100][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  155.504109][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  155.504121][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  155.504128][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  155.504134][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  155.504139][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  155.504145][ T5808] R13: 00007fea2700e08c R14: 0000000000025e53 R15: 00007ffca5bc0080
[  155.504155][ T5808]  </TASK>
[  155.504187][ T5808] BUG: Bad page state in process syz-executor  pfn:53600
[  155.664862][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53600
[  155.668747][ T5808] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  155.672901][ T5808] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  155.677823][ T5808] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  155.681877][ T5808] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  155.685604][ T5808] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  155.690035][ T5808] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  155.694272][ T5808] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  155.698575][ T5808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  155.702862][ T5808] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  155.705948][ T5808] page_owner tracks the page as allocated
[  155.708811][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5957, tgid 5956 (syz.0.21), ts 155377325558, free_ts 155373318708
[  155.719068][ T5808]  post_alloc_hook+0x240/0x2a0
[  155.721400][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  155.723725][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  155.726103][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  155.729111][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  155.731282][ T5808]  alloc_pages_noprof+0xa9/0x190
[  155.733406][ T5808]  folio_alloc_noprof+0x1e/0x30
[  155.735464][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  155.740424][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  155.742661][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  155.744942][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  155.747936][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  155.750302][ T5808]  vfs_write+0x54b/0xa90
[  155.752178][ T5808]  ksys_write+0x145/0x250
[  155.754106][ T5808]  do_syscall_64+0xfa/0x3b0
[  155.756094][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.759368][ T5808] page last free pid 79 tgid 79 stack trace:
[  155.761940][ T5808]  free_unref_folios+0xdbd/0x1520
[  155.764061][ T5808]  shrink_folio_list+0x2977/0x4cd0
[  155.766355][ T5808]  evict_folios+0x47f2/0x58b0
[  155.771728][ T5808]  try_to_shrink_lruvec+0x8a3/0xb50
[  155.774104][ T5808]  shrink_one+0x21b/0x7c0
[  155.775935][ T5808]  shrink_node+0x314e/0x3760
[  155.778433][ T5808]  kswapd+0x147c/0x2830
[  155.780276][ T5808]  kthread+0x711/0x8a0
[  155.782116][ T5808]  ret_from_fork+0x3f9/0x770
[  155.784124][ T5808]  ret_from_fork_asm+0x1a/0x30
[  155.786290][ T5808] Modules linked in:
[  155.788640][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  155.788664][ T5808] Tainted: [B]=BAD_PAGE
[  155.788670][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  155.788678][ T5808] Call Trace:
[  155.788682][ T5808]  <TASK>
[  155.788686][ T5808]  dump_stack_lvl+0x189/0x250
[  155.788713][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.788726][ T5808]  ? __pfx_print_modules+0x10/0x10
[  155.788743][ T5808]  bad_page+0x180/0x1c0
[  155.788754][ T5808]  __free_frozen_pages+0xce2/0xd30
[  155.788770][ T5808]  __folio_put+0x21b/0x2c0
[  155.788785][ T5808]  ? __pfx___folio_put+0x10/0x10
[  155.788800][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  155.788816][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  155.788830][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  155.788846][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  155.788858][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  155.788871][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  155.788886][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  155.788902][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  155.788920][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.788934][ T5808]  ? rcu_is_watching+0x15/0xb0
[  155.788944][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.788957][ T5808]  ? rcu_is_watching+0x15/0xb0
[  155.788968][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  155.788981][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  155.788993][ T5808]  evict+0x501/0x9c0
[  155.789006][ T5808]  ? __pfx_evict+0x10/0x10
[  155.789015][ T5808]  ? rcu_is_watching+0x15/0xb0
[  155.789026][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  155.789040][ T5808]  evict_inodes+0x64c/0x6d0
[  155.789053][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  155.789065][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  155.789080][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  155.789091][ T5808]  kill_block_super+0x44/0x90
[  155.789103][ T5808]  xfs_kill_sb+0x15/0x50
[  155.789115][ T5808]  deactivate_locked_super+0xbc/0x130
[  155.789131][ T5808]  cleanup_mnt+0x425/0x4c0
[  155.789147][ T5808]  task_work_run+0x1d1/0x260
[  155.789166][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  155.789179][ T5808]  ? __x64_sys_umount+0x122/0x160
[  155.789189][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  155.789201][ T5808]  ? rcu_is_watching+0x15/0xb0
[  155.789210][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  155.789224][ T5808]  do_syscall_64+0x2bd/0x3b0
[  155.789235][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.789246][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  155.789258][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.789267][ T5808] RIP: 0033:0x7fea26f8e117
[  155.789279][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  155.789288][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  155.789301][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  155.789309][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  155.789315][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  155.789322][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  155.789328][ T5808] R13: 00007fea2700e08c R14: 0000000000025e53 R15: 00007ffca5bc0080
[  155.789340][ T5808]  </TASK>
[  155.789978][ T5808] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  156.141557][ T5967] loop0: detected capacity change from 0 to 32768
[  156.148633][ T5967] XFS: ikeep mount option is deprecated.
[  156.160610][ T5967] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  156.189424][ T5967] XFS (loop0): Ending clean mount
[  156.198071][ T5967] XFS (loop0): Quotacheck needed: Please wait.
[  156.209501][ T5967] XFS (loop0): Quotacheck: Done.
[  156.242989][ T5808] BUG: Bad page state in process syz-executor  pfn:53201
[  156.246088][ T5808] page does not match folio
[  156.249052][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x53201
[  156.254747][ T5808] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  156.258617][ T5808] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  156.262211][ T5808] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  156.265867][ T5808] page dumped because: nonzero pincount
[  156.271068][ T5808] page_owner tracks the page as allocated
[  156.273631][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5967, tgid 5966 (syz.0.22), ts 156227523413, free_ts 156224552523
[  156.283913][ T5808]  post_alloc_hook+0x240/0x2a0
[  156.286261][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  156.290616][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  156.293108][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  156.295678][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  156.298171][ T5808]  alloc_pages_noprof+0xa9/0x190
[  156.300280][ T5808]  folio_alloc_noprof+0x1e/0x30
[  156.302408][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  156.304719][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  156.307576][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  156.309891][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  156.312519][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  156.315660][ T5808]  vfs_write+0x54b/0xa90
[  156.318101][ T5808]  ksys_write+0x145/0x250
[  156.320258][ T5808]  do_syscall_64+0xfa/0x3b0
[  156.322633][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.325169][ T5808] page last free pid 79 tgid 79 stack trace:
[  156.328995][ T5808]  free_unref_folios+0xdbd/0x1520
[  156.331227][ T5808]  shrink_folio_list+0x2977/0x4cd0
[  156.333575][ T5808]  evict_folios+0x47f2/0x58b0
[  156.335938][ T5808]  try_to_shrink_lruvec+0x8a3/0xb50
[  156.339395][ T5808]  shrink_one+0x21b/0x7c0
[  156.341254][ T5808]  shrink_node+0x314e/0x3760
[  156.343298][ T5808]  kswapd+0x147c/0x2830
[  156.345005][ T5808]  kthread+0x711/0x8a0
[  156.347779][ T5808]  ret_from_fork+0x3f9/0x770
[  156.350417][ T5808]  ret_from_fork_asm+0x1a/0x30
[  156.352689][ T5808] Modules linked in:
[  156.354535][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  156.354563][ T5808] Tainted: [B]=BAD_PAGE
[  156.354566][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.354573][ T5808] Call Trace:
[  156.354582][ T5808]  <TASK>
[  156.354588][ T5808]  dump_stack_lvl+0x189/0x250
[  156.354617][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.354629][ T5808]  ? __pfx_print_modules+0x10/0x10
[  156.354643][ T5808]  ? percpu_ref_put+0x19/0x180
[  156.354655][ T5808]  ? percpu_ref_put+0xf9/0x180
[  156.354667][ T5808]  bad_page+0x180/0x1c0
[  156.354677][ T5808]  free_tail_page_prepare+0x2c3/0x4f0
[  156.354690][ T5808]  __free_frozen_pages+0x7b7/0xd30
[  156.354711][ T5808]  __folio_put+0x21b/0x2c0
[  156.354815][ T5808]  ? __pfx___folio_put+0x10/0x10
[  156.354840][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  156.354862][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  156.354882][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  156.354898][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  156.354908][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  156.354920][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  156.354933][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  156.354948][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  156.354964][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  156.354977][ T5808]  ? rcu_is_watching+0x15/0xb0
[  156.354986][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  156.354998][ T5808]  ? rcu_is_watching+0x15/0xb0
[  156.355007][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  156.355018][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  156.355031][ T5808]  evict+0x501/0x9c0
[  156.355043][ T5808]  ? __pfx_evict+0x10/0x10
[  156.355051][ T5808]  ? rcu_is_watching+0x15/0xb0
[  156.355060][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  156.355074][ T5808]  evict_inodes+0x64c/0x6d0
[  156.355088][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  156.355099][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  156.355112][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  156.355123][ T5808]  kill_block_super+0x44/0x90
[  156.355135][ T5808]  xfs_kill_sb+0x15/0x50
[  156.355144][ T5808]  deactivate_locked_super+0xbc/0x130
[  156.355160][ T5808]  cleanup_mnt+0x425/0x4c0
[  156.355177][ T5808]  task_work_run+0x1d1/0x260
[  156.355193][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  156.355207][ T5808]  ? __x64_sys_umount+0x122/0x160
[  156.355218][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  156.355229][ T5808]  ? rcu_is_watching+0x15/0xb0
[  156.355235][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  156.355247][ T5808]  do_syscall_64+0x2bd/0x3b0
[  156.355258][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.355268][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  156.355279][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.355290][ T5808] RIP: 0033:0x7fea26f8e117
[  156.355371][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  156.355384][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  156.355399][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  156.355408][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  156.355414][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  156.355421][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  156.355428][ T5808] R13: 00007fea2700e08c R14: 00000000000261a6 R15: 00007ffca5bc0080
[  156.355445][ T5808]  </TASK>
[  156.355482][ T5808] BUG: Bad page state in process syz-executor  pfn:53200
[  156.516324][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53200
[  156.520822][ T5808] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  156.524409][ T5808] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  156.529147][ T5808] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  156.533262][ T5808] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  156.537258][ T5808] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  156.540958][ T5808] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  156.544540][ T5808] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  156.548770][ T5808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  156.552572][ T5808] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  156.556297][ T5808] page_owner tracks the page as allocated
[  156.559988][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5967, tgid 5966 (syz.0.22), ts 156227523413, free_ts 156224557461
[  156.570744][ T5808]  post_alloc_hook+0x240/0x2a0
[  156.572846][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  156.575234][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  156.578019][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  156.580585][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  156.582708][ T5808]  alloc_pages_noprof+0xa9/0x190
[  156.584965][ T5808]  folio_alloc_noprof+0x1e/0x30
[  156.588022][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  156.590602][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  156.592975][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  156.595234][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  156.598157][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  156.600545][ T5808]  vfs_write+0x54b/0xa90
[  156.602422][ T5808]  ksys_write+0x145/0x250
[  156.604309][ T5808]  do_syscall_64+0xfa/0x3b0
[  156.606316][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.609655][ T5808] page last free pid 79 tgid 79 stack trace:
[  156.612403][ T5808]  free_unref_folios+0xdbd/0x1520
[  156.615477][ T5808]  shrink_folio_list+0x2977/0x4cd0
[  156.619587][ T5808]  evict_folios+0x47f2/0x58b0
[  156.621675][ T5808]  try_to_shrink_lruvec+0x8a3/0xb50
[  156.624679][ T5808]  shrink_one+0x21b/0x7c0
[  156.626676][ T5808]  shrink_node+0x314e/0x3760
[  156.629680][ T5808]  kswapd+0x147c/0x2830
[  156.631798][ T5808]  kthread+0x711/0x8a0
[  156.633643][ T5808]  ret_from_fork+0x3f9/0x770
[  156.635722][ T5808]  ret_from_fork_asm+0x1a/0x30
[  156.638492][ T5808] Modules linked in:
[  156.640239][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  156.640257][ T5808] Tainted: [B]=BAD_PAGE
[  156.640261][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  156.640268][ T5808] Call Trace:
[  156.640275][ T5808]  <TASK>
[  156.640280][ T5808]  dump_stack_lvl+0x189/0x250
[  156.640297][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.640310][ T5808]  ? __pfx_print_modules+0x10/0x10
[  156.640328][ T5808]  bad_page+0x180/0x1c0
[  156.640339][ T5808]  __free_frozen_pages+0xce2/0xd30
[  156.640356][ T5808]  __folio_put+0x21b/0x2c0
[  156.640372][ T5808]  ? __pfx___folio_put+0x10/0x10
[  156.640387][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  156.640404][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  156.640417][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  156.640434][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  156.640446][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  156.640458][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  156.640474][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  156.640490][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  156.640509][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  156.640529][ T5808]  ? rcu_is_watching+0x15/0xb0
[  156.640540][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  156.640553][ T5808]  ? rcu_is_watching+0x15/0xb0
[  156.640564][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  156.640577][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  156.640590][ T5808]  evict+0x501/0x9c0
[  156.640603][ T5808]  ? __pfx_evict+0x10/0x10
[  156.640612][ T5808]  ? rcu_is_watching+0x15/0xb0
[  156.640624][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  156.640638][ T5808]  evict_inodes+0x64c/0x6d0
[  156.640652][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  156.640664][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  156.640679][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  156.640691][ T5808]  kill_block_super+0x44/0x90
[  156.640703][ T5808]  xfs_kill_sb+0x15/0x50
[  156.640714][ T5808]  deactivate_locked_super+0xbc/0x130
[  156.640731][ T5808]  cleanup_mnt+0x425/0x4c0
[  156.640748][ T5808]  task_work_run+0x1d1/0x260
[  156.640762][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  156.640775][ T5808]  ? __x64_sys_umount+0x122/0x160
[  156.640786][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  156.640798][ T5808]  ? rcu_is_watching+0x15/0xb0
[  156.640809][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  156.640824][ T5808]  do_syscall_64+0x2bd/0x3b0
[  156.640836][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.640847][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  156.640859][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.640870][ T5808] RIP: 0033:0x7fea26f8e117
[  156.640934][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  156.640945][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  156.640959][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  156.640966][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  156.640973][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  156.640979][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  156.640987][ T5808] R13: 00007fea2700e08c R14: 00000000000261a6 R15: 00007ffca5bc0080
[  156.640998][ T5808]  </TASK>
[  156.641557][ T5808] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  156.981774][ T5977] loop0: detected capacity change from 0 to 32768
[  156.989079][ T5977] XFS: ikeep mount option is deprecated.
[  156.999937][ T5977] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.031575][ T5977] XFS (loop0): Ending clean mount
[  157.035905][ T5977] XFS (loop0): Quotacheck needed: Please wait.
[  157.045338][ T5977] XFS (loop0): Quotacheck: Done.
[  157.078345][ T5808] BUG: Bad page state in process syz-executor  pfn:40401
[  157.081379][ T5808] page does not match folio
[  157.083447][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x40401
[  157.088457][ T5808] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  157.091877][ T5808] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  157.095820][ T5808] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  157.101187][ T5808] page dumped because: nonzero pincount
[  157.103605][ T5808] page_owner tracks the page as allocated
[  157.106069][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5977, tgid 5976 (syz.0.23), ts 157058038250, free_ts 156641063575
[  157.119428][ T5808]  post_alloc_hook+0x240/0x2a0
[  157.121632][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  157.124026][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  157.126468][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  157.129744][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  157.131798][ T5808]  alloc_pages_noprof+0xa9/0x190
[  157.133925][ T5808]  folio_alloc_noprof+0x1e/0x30
[  157.136701][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  157.140754][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  157.143136][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  157.145447][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  157.148526][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  157.150889][ T5808]  vfs_write+0x54b/0xa90
[  157.152734][ T5808]  ksys_write+0x145/0x250
[  157.154633][ T5808]  do_syscall_64+0xfa/0x3b0
[  157.156523][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.159521][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  157.162416][ T5808]  free_unref_folios+0xdbd/0x1520
[  157.164810][ T5808]  folios_put_refs+0x559/0x640
[  157.168039][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  157.170500][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  157.172646][ T5808]  evict+0x501/0x9c0
[  157.174398][ T5808]  evict_inodes+0x64c/0x6d0
[  157.176355][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  157.179173][ T5808]  kill_block_super+0x44/0x90
[  157.181262][ T5808]  xfs_kill_sb+0x15/0x50
[  157.183116][ T5808]  deactivate_locked_super+0xbc/0x130
[  157.185517][ T5808]  cleanup_mnt+0x425/0x4c0
[  157.188198][ T5808]  task_work_run+0x1d1/0x260
[  157.196299][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  157.220098][ T5808]  do_syscall_64+0x2bd/0x3b0
[  157.222142][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.229939][ T5808] Modules linked in:
[  157.231673][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  157.231693][ T5808] Tainted: [B]=BAD_PAGE
[  157.231696][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.231702][ T5808] Call Trace:
[  157.231707][ T5808]  <TASK>
[  157.231711][ T5808]  dump_stack_lvl+0x189/0x250
[  157.231736][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.231747][ T5808]  ? __pfx_print_modules+0x10/0x10
[  157.231762][ T5808]  ? percpu_ref_put+0x19/0x180
[  157.231775][ T5808]  ? percpu_ref_put+0xf9/0x180
[  157.231786][ T5808]  bad_page+0x180/0x1c0
[  157.231797][ T5808]  free_tail_page_prepare+0x2c3/0x4f0
[  157.231809][ T5808]  __free_frozen_pages+0x7b7/0xd30
[  157.231823][ T5808]  __folio_put+0x21b/0x2c0
[  157.231836][ T5808]  ? __pfx___folio_put+0x10/0x10
[  157.231851][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  157.231867][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  157.231878][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  157.231893][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  157.231903][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  157.231914][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  157.231926][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  157.231939][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  157.231955][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  157.231967][ T5808]  ? rcu_is_watching+0x15/0xb0
[  157.231977][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  157.231988][ T5808]  ? rcu_is_watching+0x15/0xb0
[  157.231998][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  157.232008][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  157.232019][ T5808]  evict+0x501/0x9c0
[  157.232030][ T5808]  ? __pfx_evict+0x10/0x10
[  157.232039][ T5808]  ? rcu_is_watching+0x15/0xb0
[  157.232049][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  157.232061][ T5808]  evict_inodes+0x64c/0x6d0
[  157.232073][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  157.232083][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  157.232097][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  157.232108][ T5808]  kill_block_super+0x44/0x90
[  157.232119][ T5808]  xfs_kill_sb+0x15/0x50
[  157.232129][ T5808]  deactivate_locked_super+0xbc/0x130
[  157.232145][ T5808]  cleanup_mnt+0x425/0x4c0
[  157.232160][ T5808]  task_work_run+0x1d1/0x260
[  157.232174][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  157.232185][ T5808]  ? __x64_sys_umount+0x122/0x160
[  157.232194][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  157.232204][ T5808]  ? rcu_is_watching+0x15/0xb0
[  157.232213][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  157.232227][ T5808]  do_syscall_64+0x2bd/0x3b0
[  157.232237][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.232247][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  157.232258][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.232267][ T5808] RIP: 0033:0x7fea26f8e117
[  157.232278][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  157.232285][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  157.232298][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  157.232304][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  157.232310][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  157.232317][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  157.232323][ T5808] R13: 00007fea2700e08c R14: 00000000000264e2 R15: 00007ffca5bc0080
[  157.232334][ T5808]  </TASK>
[  157.232362][ T5808] BUG: Bad page state in process syz-executor  pfn:40400
[  157.402048][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x40400
[  157.406029][ T5808] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  157.410301][ T5808] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  157.414906][ T5808] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  157.419507][ T5808] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  157.423672][ T5808] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  157.427883][ T5808] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  157.431637][ T5808] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  157.435202][ T5808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  157.439239][ T5808] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  157.443012][ T5808] page_owner tracks the page as allocated
[  157.445528][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5977, tgid 5976 (syz.0.23), ts 157058038250, free_ts 156641063575
[  157.456094][ T5808]  post_alloc_hook+0x240/0x2a0
[  157.458410][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  157.460821][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  157.463184][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  157.465697][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  157.468340][ T5808]  alloc_pages_noprof+0xa9/0x190
[  157.470516][ T5808]  folio_alloc_noprof+0x1e/0x30
[  157.472563][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  157.475023][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  157.477805][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  157.480146][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  157.482724][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  157.485118][ T5808]  vfs_write+0x54b/0xa90
[  157.487729][ T5808]  ksys_write+0x145/0x250
[  157.489588][ T5808]  do_syscall_64+0xfa/0x3b0
[  157.491490][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.494037][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  157.497533][ T5808]  free_unref_folios+0xdbd/0x1520
[  157.499868][ T5808]  folios_put_refs+0x559/0x640
[  157.502013][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  157.504444][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  157.506549][ T5808]  evict+0x501/0x9c0
[  157.510515][ T5808]  evict_inodes+0x64c/0x6d0
[  157.512490][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  157.514726][ T5808]  kill_block_super+0x44/0x90
[  157.516678][ T5808]  xfs_kill_sb+0x15/0x50
[  157.518986][ T5808]  deactivate_locked_super+0xbc/0x130
[  157.521290][ T5808]  cleanup_mnt+0x425/0x4c0
[  157.523218][ T5808]  task_work_run+0x1d1/0x260
[  157.525191][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  157.528297][ T5808]  do_syscall_64+0x2bd/0x3b0
[  157.530468][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.533308][ T5808] Modules linked in:
[  157.535146][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  157.535164][ T5808] Tainted: [B]=BAD_PAGE
[  157.535168][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  157.535174][ T5808] Call Trace:
[  157.535179][ T5808]  <TASK>
[  157.535183][ T5808]  dump_stack_lvl+0x189/0x250
[  157.535194][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.535201][ T5808]  ? __pfx_print_modules+0x10/0x10
[  157.535211][ T5808]  bad_page+0x180/0x1c0
[  157.535218][ T5808]  __free_frozen_pages+0xce2/0xd30
[  157.535226][ T5808]  __folio_put+0x21b/0x2c0
[  157.535235][ T5808]  ? __pfx___folio_put+0x10/0x10
[  157.535244][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  157.535253][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  157.535260][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  157.535270][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  157.535276][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  157.535283][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  157.535292][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  157.535301][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  157.535310][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  157.535318][ T5808]  ? rcu_is_watching+0x15/0xb0
[  157.535324][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  157.535331][ T5808]  ? rcu_is_watching+0x15/0xb0
[  157.535337][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  157.535344][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  157.535351][ T5808]  evict+0x501/0x9c0
[  157.535359][ T5808]  ? __pfx_evict+0x10/0x10
[  157.535364][ T5808]  ? rcu_is_watching+0x15/0xb0
[  157.535370][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  157.535379][ T5808]  evict_inodes+0x64c/0x6d0
[  157.535389][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  157.535400][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  157.535411][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  157.535421][ T5808]  kill_block_super+0x44/0x90
[  157.535432][ T5808]  xfs_kill_sb+0x15/0x50
[  157.535443][ T5808]  deactivate_locked_super+0xbc/0x130
[  157.535460][ T5808]  cleanup_mnt+0x425/0x4c0
[  157.535476][ T5808]  task_work_run+0x1d1/0x260
[  157.535500][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  157.535510][ T5808]  ? __x64_sys_umount+0x122/0x160
[  157.535519][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  157.535527][ T5808]  ? rcu_is_watching+0x15/0xb0
[  157.535536][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  157.535549][ T5808]  do_syscall_64+0x2bd/0x3b0
[  157.535563][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.535573][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  157.535585][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.535595][ T5808] RIP: 0033:0x7fea26f8e117
[  157.535607][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  157.535615][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  157.535627][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  157.535634][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  157.535639][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  157.535645][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  157.535650][ T5808] R13: 00007fea2700e08c R14: 00000000000264e2 R15: 00007ffca5bc0080
[  157.535659][ T5808]  </TASK>
[  157.536089][ T5808] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.901168][ T5987] loop0: detected capacity change from 0 to 32768
[  157.913247][ T5987] XFS: ikeep mount option is deprecated.
[  157.923961][ T5987] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.955130][ T5987] XFS (loop0): Ending clean mount
[  157.961712][ T5987] XFS (loop0): Quotacheck needed: Please wait.
[  157.970409][ T5987] XFS (loop0): Quotacheck: Done.
[  158.001992][ T5808] BUG: Bad page state in process syz-executor  pfn:53001
[  158.004938][ T5808] page does not match folio
[  158.007457][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x53001
[  158.011800][ T5808] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  158.015536][ T5808] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  158.022192][ T5808] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  158.025664][ T5808] page dumped because: nonzero pincount
[  158.028560][ T5808] page_owner tracks the page as allocated
[  158.031352][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5987, tgid 5986 (syz.0.24), ts 157983200763, free_ts 157535718593
[  158.042237][ T5808]  post_alloc_hook+0x240/0x2a0
[  158.044824][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  158.048867][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  158.051138][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  158.053659][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  158.056569][ T5808]  alloc_pages_noprof+0xa9/0x190
[  158.059289][ T5808]  folio_alloc_noprof+0x1e/0x30
[  158.061436][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  158.063828][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  158.065955][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  158.068577][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  158.071829][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  158.074215][ T5808]  vfs_write+0x54b/0xa90
[  158.076200][ T5808]  ksys_write+0x145/0x250
[  158.080134][ T5808]  do_syscall_64+0xfa/0x3b0
[  158.082261][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.084902][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  158.088607][ T5808]  free_unref_folios+0xdbd/0x1520
[  158.091071][ T5808]  folios_put_refs+0x559/0x640
[  158.093436][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  158.096079][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  158.099748][ T5808]  evict+0x501/0x9c0
[  158.101814][ T5808]  evict_inodes+0x64c/0x6d0
[  158.103883][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  158.107244][ T5808]  kill_block_super+0x44/0x90
[  158.109431][ T5808]  xfs_kill_sb+0x15/0x50
[  158.111356][ T5808]  deactivate_locked_super+0xbc/0x130
[  158.113949][ T5808]  cleanup_mnt+0x425/0x4c0
[  158.116128][ T5808]  task_work_run+0x1d1/0x260
[  158.119188][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  158.121577][ T5808]  do_syscall_64+0x2bd/0x3b0
[  158.123707][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.126409][ T5808] Modules linked in:
[  158.129557][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  158.129579][ T5808] Tainted: [B]=BAD_PAGE
[  158.129583][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.129589][ T5808] Call Trace:
[  158.129593][ T5808]  <TASK>
[  158.129598][ T5808]  dump_stack_lvl+0x189/0x250
[  158.129652][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.129661][ T5808]  ? __pfx_print_modules+0x10/0x10
[  158.129676][ T5808]  ? percpu_ref_put+0x19/0x180
[  158.129688][ T5808]  ? percpu_ref_put+0xf9/0x180
[  158.129698][ T5808]  bad_page+0x180/0x1c0
[  158.129707][ T5808]  free_tail_page_prepare+0x2c3/0x4f0
[  158.129720][ T5808]  __free_frozen_pages+0x7b7/0xd30
[  158.129733][ T5808]  __folio_put+0x21b/0x2c0
[  158.129747][ T5808]  ? __pfx___folio_put+0x10/0x10
[  158.129760][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  158.129774][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  158.129784][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  158.129800][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  158.129811][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  158.129821][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  158.129834][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  158.129847][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  158.129863][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.129876][ T5808]  ? rcu_is_watching+0x15/0xb0
[  158.129885][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.129897][ T5808]  ? rcu_is_watching+0x15/0xb0
[  158.129906][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.129916][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  158.129928][ T5808]  evict+0x501/0x9c0
[  158.129939][ T5808]  ? __pfx_evict+0x10/0x10
[  158.129947][ T5808]  ? rcu_is_watching+0x15/0xb0
[  158.129957][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  158.129969][ T5808]  evict_inodes+0x64c/0x6d0
[  158.129983][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  158.129994][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  158.130007][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  158.130017][ T5808]  kill_block_super+0x44/0x90
[  158.130028][ T5808]  xfs_kill_sb+0x15/0x50
[  158.130038][ T5808]  deactivate_locked_super+0xbc/0x130
[  158.130053][ T5808]  cleanup_mnt+0x425/0x4c0
[  158.130068][ T5808]  task_work_run+0x1d1/0x260
[  158.130082][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  158.130093][ T5808]  ? __x64_sys_umount+0x122/0x160
[  158.130102][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  158.130113][ T5808]  ? rcu_is_watching+0x15/0xb0
[  158.130122][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  158.130136][ T5808]  do_syscall_64+0x2bd/0x3b0
[  158.130146][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.130155][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  158.130166][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.130175][ T5808] RIP: 0033:0x7fea26f8e117
[  158.130184][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  158.130192][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  158.130205][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  158.130211][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  158.130216][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  158.130223][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  158.130229][ T5808] R13: 00007fea2700e08c R14: 0000000000026887 R15: 00007ffca5bc0080
[  158.130239][ T5808]  </TASK>
[  158.130266][ T5808] BUG: Bad page state in process syz-executor  pfn:53000
[  158.295364][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x53000
[  158.300070][ T5808] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  158.303691][ T5808] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  158.308705][ T5808] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  158.312891][ T5808] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  158.316580][ T5808] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  158.322131][ T5808] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  158.325750][ T5808] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  158.330171][ T5808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  158.334118][ T5808] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  158.338265][ T5808] page_owner tracks the page as allocated
[  158.340724][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5987, tgid 5986 (syz.0.24), ts 157983200763, free_ts 157535718593
[  158.351313][ T5808]  post_alloc_hook+0x240/0x2a0
[  158.353456][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  158.355867][ T5808]  __alloc_pages_slowpath+0x2fe/0xce0
[  158.358718][ T5808]  __alloc_frozen_pages_noprof+0x319/0x370
[  158.361374][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  158.364254][ T5808]  alloc_pages_noprof+0xa9/0x190
[  158.366528][ T5808]  folio_alloc_noprof+0x1e/0x30
[  158.369865][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  158.372245][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  158.374386][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  158.376462][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  158.379454][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  158.381786][ T5808]  vfs_write+0x54b/0xa90
[  158.383640][ T5808]  ksys_write+0x145/0x250
[  158.385749][ T5808]  do_syscall_64+0xfa/0x3b0
[  158.388636][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.391265][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  158.393932][ T5808]  free_unref_folios+0xdbd/0x1520
[  158.396021][ T5808]  folios_put_refs+0x559/0x640
[  158.399534][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  158.401936][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  158.404024][ T5808]  evict+0x501/0x9c0
[  158.405873][ T5808]  evict_inodes+0x64c/0x6d0
[  158.408677][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  158.410955][ T5808]  kill_block_super+0x44/0x90
[  158.412917][ T5808]  xfs_kill_sb+0x15/0x50
[  158.414765][ T5808]  deactivate_locked_super+0xbc/0x130
[  158.417906][ T5808]  cleanup_mnt+0x425/0x4c0
[  158.419843][ T5808]  task_work_run+0x1d1/0x260
[  158.421804][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  158.424125][ T5808]  do_syscall_64+0x2bd/0x3b0
[  158.426184][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.430699][ T5808] Modules linked in:
[  158.432606][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  158.432626][ T5808] Tainted: [B]=BAD_PAGE
[  158.432630][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.432637][ T5808] Call Trace:
[  158.432643][ T5808]  <TASK>
[  158.432648][ T5808]  dump_stack_lvl+0x189/0x250
[  158.432677][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.432690][ T5808]  ? __pfx_print_modules+0x10/0x10
[  158.432710][ T5808]  bad_page+0x180/0x1c0
[  158.432722][ T5808]  __free_frozen_pages+0xce2/0xd30
[  158.432737][ T5808]  __folio_put+0x21b/0x2c0
[  158.432762][ T5808]  ? __pfx___folio_put+0x10/0x10
[  158.432778][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  158.432794][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  158.432807][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  158.432824][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  158.432836][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  158.432849][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  158.432864][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  158.432881][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  158.432900][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.432914][ T5808]  ? rcu_is_watching+0x15/0xb0
[  158.432924][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.432938][ T5808]  ? rcu_is_watching+0x15/0xb0
[  158.432949][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.432961][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  158.432975][ T5808]  evict+0x501/0x9c0
[  158.432987][ T5808]  ? __pfx_evict+0x10/0x10
[  158.432998][ T5808]  ? rcu_is_watching+0x15/0xb0
[  158.433008][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  158.433022][ T5808]  evict_inodes+0x64c/0x6d0
[  158.433036][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  158.433049][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  158.433064][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  158.433075][ T5808]  kill_block_super+0x44/0x90
[  158.433088][ T5808]  xfs_kill_sb+0x15/0x50
[  158.433099][ T5808]  deactivate_locked_super+0xbc/0x130
[  158.433116][ T5808]  cleanup_mnt+0x425/0x4c0
[  158.433133][ T5808]  task_work_run+0x1d1/0x260
[  158.433148][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  158.433161][ T5808]  ? __x64_sys_umount+0x122/0x160
[  158.433171][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  158.433183][ T5808]  ? rcu_is_watching+0x15/0xb0
[  158.433194][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  158.433209][ T5808]  do_syscall_64+0x2bd/0x3b0
[  158.433221][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.433231][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  158.433243][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.433254][ T5808] RIP: 0033:0x7fea26f8e117
[  158.433308][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  158.433318][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  158.433356][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  158.433363][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  158.433369][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  158.433374][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  158.433382][ T5808] R13: 00007fea2700e08c R14: 0000000000026887 R15: 00007ffca5bc0080
[  158.433392][ T5808]  </TASK>
[  158.433938][ T5808] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.778004][ T5997] loop0: detected capacity change from 0 to 32768
[  158.784646][ T5997] XFS: ikeep mount option is deprecated.
[  158.795375][ T5997] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.827340][ T5997] XFS (loop0): Ending clean mount
[  158.836437][ T5997] XFS (loop0): Quotacheck needed: Please wait.
[  158.846512][ T5997] XFS (loop0): Quotacheck: Done.
[  158.870576][ T5808] BUG: Bad page state in process syz-executor  pfn:40601
[  158.873673][ T5808] page does not match folio
[  158.876505][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x40601
[  158.881749][ T5808] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  158.885037][ T5808] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  158.889918][ T5808] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  158.893637][ T5808] page dumped because: nonzero pincount
[  158.896070][ T5808] page_owner tracks the page as allocated
[  158.901844][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5997, tgid 5996 (syz.0.25), ts 158854572625, free_ts 158433448267
[  158.913584][ T5808]  post_alloc_hook+0x240/0x2a0
[  158.915661][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  158.920112][ T5808]  __alloc_frozen_pages_noprof+0x181/0x370
[  158.922825][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  158.925291][ T5808]  alloc_pages_noprof+0xa9/0x190
[  158.928270][ T5808]  folio_alloc_noprof+0x1e/0x30
[  158.930557][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  158.932967][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  158.935248][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  158.938186][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  158.940794][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  158.943353][ T5808]  vfs_write+0x54b/0xa90
[  158.945254][ T5808]  ksys_write+0x145/0x250
[  158.947719][ T5808]  do_syscall_64+0xfa/0x3b0
[  158.949898][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.952692][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  158.955610][ T5808]  free_unref_folios+0xdbd/0x1520
[  158.958631][ T5808]  folios_put_refs+0x559/0x640
[  158.960847][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  158.963483][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  158.965636][ T5808]  evict+0x501/0x9c0
[  158.967694][ T5808]  evict_inodes+0x64c/0x6d0
[  158.969834][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  158.972198][ T5808]  kill_block_super+0x44/0x90
[  158.974248][ T5808]  xfs_kill_sb+0x15/0x50
[  158.976189][ T5808]  deactivate_locked_super+0xbc/0x130
[  158.979736][ T5808]  cleanup_mnt+0x425/0x4c0
[  158.981818][ T5808]  task_work_run+0x1d1/0x260
[  158.983877][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  158.986320][ T5808]  do_syscall_64+0x2bd/0x3b0
[  158.988816][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.991547][ T5808] Modules linked in:
[  158.993262][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  158.993279][ T5808] Tainted: [B]=BAD_PAGE
[  158.993283][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  158.993289][ T5808] Call Trace:
[  158.993296][ T5808]  <TASK>
[  158.993301][ T5808]  dump_stack_lvl+0x189/0x250
[  158.993355][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.993367][ T5808]  ? __pfx_print_modules+0x10/0x10
[  158.993381][ T5808]  ? percpu_ref_put+0x19/0x180
[  158.993394][ T5808]  ? percpu_ref_put+0xf9/0x180
[  158.993406][ T5808]  bad_page+0x180/0x1c0
[  158.993416][ T5808]  free_tail_page_prepare+0x2c3/0x4f0
[  158.993429][ T5808]  __free_frozen_pages+0x7b7/0xd30
[  158.993441][ T5808]  __folio_put+0x21b/0x2c0
[  158.993456][ T5808]  ? __pfx___folio_put+0x10/0x10
[  158.993471][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  158.993485][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  158.993498][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  158.993513][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  158.993530][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  158.993541][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  158.993554][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  158.993569][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  158.993586][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.993600][ T5808]  ? rcu_is_watching+0x15/0xb0
[  158.993610][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.993623][ T5808]  ? rcu_is_watching+0x15/0xb0
[  158.993632][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  158.993644][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  158.993657][ T5808]  evict+0x501/0x9c0
[  158.993668][ T5808]  ? __pfx_evict+0x10/0x10
[  158.993676][ T5808]  ? rcu_is_watching+0x15/0xb0
[  158.993686][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  158.993699][ T5808]  evict_inodes+0x64c/0x6d0
[  158.993712][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  158.993724][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  158.993738][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  158.993749][ T5808]  kill_block_super+0x44/0x90
[  158.993759][ T5808]  xfs_kill_sb+0x15/0x50
[  158.993769][ T5808]  deactivate_locked_super+0xbc/0x130
[  158.993784][ T5808]  cleanup_mnt+0x425/0x4c0
[  158.993800][ T5808]  task_work_run+0x1d1/0x260
[  158.993814][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  158.993825][ T5808]  ? __x64_sys_umount+0x122/0x160
[  158.993835][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  158.993845][ T5808]  ? rcu_is_watching+0x15/0xb0
[  158.993856][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  158.993869][ T5808]  do_syscall_64+0x2bd/0x3b0
[  158.993880][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.993890][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  158.993902][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.993912][ T5808] RIP: 0033:0x7fea26f8e117
[  158.993923][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  158.993932][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  158.993945][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  158.993952][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  158.993958][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  158.993965][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  158.993977][ T5808] R13: 00007fea2700e08c R14: 0000000000026beb R15: 00007ffca5bc0080
[  158.993987][ T5808]  </TASK>
[  158.994016][ T5808] BUG: Bad page state in process syz-executor  pfn:40600
[  159.157947][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x40600
[  159.161915][ T5808] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  159.165602][ T5808] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  159.170348][ T5808] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  159.173989][ T5808] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  159.177985][ T5808] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  159.181655][ T5808] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  159.185899][ T5808] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  159.190070][ T5808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  159.193858][ T5808] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  159.197453][ T5808] page_owner tracks the page as allocated
[  159.200099][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5997, tgid 5996 (syz.0.25), ts 158854572625, free_ts 158433448267
[  159.211126][ T5808]  post_alloc_hook+0x240/0x2a0
[  159.213395][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  159.215807][ T5808]  __alloc_frozen_pages_noprof+0x181/0x370
[  159.218741][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  159.221111][ T5808]  alloc_pages_noprof+0xa9/0x190
[  159.223618][ T5808]  folio_alloc_noprof+0x1e/0x30
[  159.226061][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  159.229042][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  159.231246][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  159.233349][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  159.235699][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  159.238459][ T5808]  vfs_write+0x54b/0xa90
[  159.240313][ T5808]  ksys_write+0x145/0x250
[  159.242152][ T5808]  do_syscall_64+0xfa/0x3b0
[  159.244097][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.246663][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  159.249996][ T5808]  free_unref_folios+0xdbd/0x1520
[  159.252203][ T5808]  folios_put_refs+0x559/0x640
[  159.254447][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  159.258249][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  159.260744][ T5808]  evict+0x501/0x9c0
[  159.262440][ T5808]  evict_inodes+0x64c/0x6d0
[  159.264411][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  159.266651][ T5808]  kill_block_super+0x44/0x90
[  159.269355][ T5808]  xfs_kill_sb+0x15/0x50
[  159.271205][ T5808]  deactivate_locked_super+0xbc/0x130
[  159.273578][ T5808]  cleanup_mnt+0x425/0x4c0
[  159.275518][ T5808]  task_work_run+0x1d1/0x260
[  159.278057][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  159.280470][ T5808]  do_syscall_64+0x2bd/0x3b0
[  159.282445][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.285735][ T5808] Modules linked in:
[  159.288116][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  159.288134][ T5808] Tainted: [B]=BAD_PAGE
[  159.288138][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.288144][ T5808] Call Trace:
[  159.288148][ T5808]  <TASK>
[  159.288152][ T5808]  dump_stack_lvl+0x189/0x250
[  159.288220][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.288232][ T5808]  ? __pfx_print_modules+0x10/0x10
[  159.288247][ T5808]  bad_page+0x180/0x1c0
[  159.288258][ T5808]  __free_frozen_pages+0xce2/0xd30
[  159.288271][ T5808]  __folio_put+0x21b/0x2c0
[  159.288284][ T5808]  ? __pfx___folio_put+0x10/0x10
[  159.288297][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  159.288311][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  159.288323][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  159.288339][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  159.288349][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  159.288360][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  159.288374][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  159.288389][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  159.288404][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  159.288416][ T5808]  ? rcu_is_watching+0x15/0xb0
[  159.288426][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  159.288438][ T5808]  ? rcu_is_watching+0x15/0xb0
[  159.288447][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  159.288458][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  159.288470][ T5808]  evict+0x501/0x9c0
[  159.288481][ T5808]  ? __pfx_evict+0x10/0x10
[  159.288488][ T5808]  ? rcu_is_watching+0x15/0xb0
[  159.288496][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  159.288508][ T5808]  evict_inodes+0x64c/0x6d0
[  159.288518][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  159.288527][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  159.288539][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  159.288549][ T5808]  kill_block_super+0x44/0x90
[  159.288560][ T5808]  xfs_kill_sb+0x15/0x50
[  159.288570][ T5808]  deactivate_locked_super+0xbc/0x130
[  159.288583][ T5808]  cleanup_mnt+0x425/0x4c0
[  159.288598][ T5808]  task_work_run+0x1d1/0x260
[  159.288612][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  159.288623][ T5808]  ? __x64_sys_umount+0x122/0x160
[  159.288632][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  159.288642][ T5808]  ? rcu_is_watching+0x15/0xb0
[  159.288651][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  159.288664][ T5808]  do_syscall_64+0x2bd/0x3b0
[  159.288675][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.288685][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  159.288696][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.288705][ T5808] RIP: 0033:0x7fea26f8e117
[  159.288714][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  159.288721][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  159.288733][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  159.288739][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  159.288744][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  159.288750][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  159.288763][ T5808] R13: 00007fea2700e08c R14: 0000000000026beb R15: 00007ffca5bc0080
[  159.288773][ T5808]  </TASK>
[  159.289306][ T5808] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  159.634583][ T6007] loop0: detected capacity change from 0 to 32768
[  159.641745][ T6007] XFS: ikeep mount option is deprecated.
[  159.651692][ T6007] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  159.683666][ T6007] XFS (loop0): Ending clean mount
[  159.695980][ T6007] XFS (loop0): Quotacheck needed: Please wait.
[  159.715432][ T6007] XFS (loop0): Quotacheck: Done.
[  159.736078][ T5808] BUG: Bad page state in process syz-executor  pfn:41001
[  159.739586][ T5808] page does not match folio
[  159.741523][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x41001
[  159.745677][ T5808] ksm flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff)
[  159.749534][ T5808] raw: 04fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[  159.753177][ T5808] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[  159.756740][ T5808] page dumped because: nonzero pincount
[  159.760273][ T5808] page_owner tracks the page as allocated
[  159.762585][ T5808] page last allocated via order 9, migratetype Movable, gfp_mask 0x153c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_WRITE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6007, tgid 6006 (syz.0.26), ts 159722175018, free_ts 159288900033
[  159.773985][ T5808]  post_alloc_hook+0x240/0x2a0
[  159.775934][ T5808]  get_page_from_freelist+0x21e4/0x22c0
[  159.780052][ T5808]  __alloc_frozen_pages_noprof+0x181/0x370
[  159.782607][ T5808]  alloc_pages_mpol+0x232/0x4a0
[  159.784663][ T5808]  alloc_pages_noprof+0xa9/0x190
[  159.786707][ T5808]  folio_alloc_noprof+0x1e/0x30
[  159.789596][ T5808]  filemap_alloc_folio_noprof+0xdf/0x470
[  159.792118][ T5808]  __filemap_get_folio+0x3f2/0xaf0
[  159.794497][ T5808]  iomap_write_begin+0x5d7/0x1c70
[  159.797799][ T5808]  iomap_file_buffered_write+0x441/0x9b0
[  159.800328][ T5808]  xfs_file_buffered_write+0x209/0x8a0
[  159.802977][ T5808]  vfs_write+0x54b/0xa90
[  159.804802][ T5808]  ksys_write+0x145/0x250
[  159.806723][ T5808]  do_syscall_64+0xfa/0x3b0
[  159.809431][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.812562][ T5808] page last free pid 5808 tgid 5808 stack trace:
[  159.815321][ T5808]  free_unref_folios+0xdbd/0x1520
[  159.818226][ T5808]  folios_put_refs+0x559/0x640
[  159.820467][ T5808]  truncate_inode_pages_range+0x346/0xda0
[  159.822975][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  159.825088][ T5808]  evict+0x501/0x9c0
[  159.827280][ T5808]  evict_inodes+0x64c/0x6d0
[  159.829296][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  159.831723][ T5808]  kill_block_super+0x44/0x90
[  159.833956][ T5808]  xfs_kill_sb+0x15/0x50
[  159.836083][ T5808]  deactivate_locked_super+0xbc/0x130
[  159.839442][ T5808]  cleanup_mnt+0x425/0x4c0
[  159.841501][ T5808]  task_work_run+0x1d1/0x260
[  159.843634][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  159.846067][ T5808]  do_syscall_64+0x2bd/0x3b0
[  159.848671][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.851591][ T5808] Modules linked in:
[  159.853348][ T5808] CPU: 0 UID: 0 PID: 5808 Comm: syz-executor Tainted: G    B               6.16.0-syzkaller-11241-g186f3edfdd41 #0 PREEMPT(full) 
[  159.853365][ T5808] Tainted: [B]=BAD_PAGE
[  159.853368][ T5808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  159.853374][ T5808] Call Trace:
[  159.853380][ T5808]  <TASK>
[  159.853384][ T5808]  dump_stack_lvl+0x189/0x250
[  159.853412][ T5808]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.853422][ T5808]  ? __pfx_print_modules+0x10/0x10
[  159.853435][ T5808]  ? percpu_ref_put+0x19/0x180
[  159.853446][ T5808]  ? percpu_ref_put+0xf9/0x180
[  159.853459][ T5808]  bad_page+0x180/0x1c0
[  159.853469][ T5808]  free_tail_page_prepare+0x2c3/0x4f0
[  159.853481][ T5808]  __free_frozen_pages+0x7b7/0xd30
[  159.853492][ T5808]  __folio_put+0x21b/0x2c0
[  159.853508][ T5808]  ? __pfx___folio_put+0x10/0x10
[  159.853520][ T5808]  delete_from_page_cache_batch+0x84c/0x9b0
[  159.853541][ T5808]  ? __pfx_delete_from_page_cache_batch+0x10/0x10
[  159.853556][ T5808]  ? __pfx_workingset_update_node+0x10/0x10
[  159.853571][ T5808]  ? truncate_cleanup_folio+0x34a/0x430
[  159.853582][ T5808]  truncate_inode_pages_range+0x28a/0xda0
[  159.853594][ T5808]  ? filemap_get_folios_tag+0xed/0x630
[  159.853606][ T5808]  ? __pfx_truncate_inode_pages_range+0x10/0x10
[  159.853619][ T5808]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  159.853635][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  159.853646][ T5808]  ? rcu_is_watching+0x15/0xb0
[  159.853656][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  159.853667][ T5808]  ? rcu_is_watching+0x15/0xb0
[  159.853676][ T5808]  ? __pfx_xfs_fs_evict_inode+0x10/0x10
[  159.853687][ T5808]  xfs_fs_evict_inode+0x67/0x90
[  159.853698][ T5808]  evict+0x501/0x9c0
[  159.853709][ T5808]  ? __pfx_evict+0x10/0x10
[  159.853718][ T5808]  ? rcu_is_watching+0x15/0xb0
[  159.853734][ T5808]  ? do_raw_spin_unlock+0x4d/0x240
[  159.853745][ T5808]  evict_inodes+0x64c/0x6d0
[  159.853757][ T5808]  ? __pfx_evict_inodes+0x10/0x10
[  159.853767][ T5808]  ? xfs_fs_sync_fs+0x1cf/0x380
[  159.853779][ T5808]  generic_shutdown_super+0x9a/0x2c0
[  159.853788][ T5808]  kill_block_super+0x44/0x90
[  159.853799][ T5808]  xfs_kill_sb+0x15/0x50
[  159.853810][ T5808]  deactivate_locked_super+0xbc/0x130
[  159.853825][ T5808]  cleanup_mnt+0x425/0x4c0
[  159.853839][ T5808]  task_work_run+0x1d1/0x260
[  159.853852][ T5808]  ? __pfx_task_work_run+0x10/0x10
[  159.853864][ T5808]  ? __x64_sys_umount+0x122/0x160
[  159.853874][ T5808]  ? __pfx___x64_sys_umount+0x10/0x10
[  159.853884][ T5808]  ? rcu_is_watching+0x15/0xb0
[  159.853892][ T5808]  exit_to_user_mode_loop+0xec/0x110
[  159.853906][ T5808]  do_syscall_64+0x2bd/0x3b0
[  159.853916][ T5808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.853926][ T5808]  ? clear_bhb_loop+0x60/0xb0
[  159.853935][ T5808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.853945][ T5808] RIP: 0033:0x7fea26f8e117
[  159.853954][ T5808] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  159.853963][ T5808] RSP: 002b:00007ffca5bbeef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  159.853975][ T5808] RAX: 0000000000000000 RBX: 00007fea2700e08c RCX: 00007fea26f8e117
[  159.853981][ T5808] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca5bbefb0
[  159.853987][ T5808] RBP: 00007ffca5bbefb0 R08: 0000000000000000 R09: 0000000000000000
[  159.853993][ T5808] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca5bc0040
[  159.853999][ T5808] R13: 00007fea2700e08c R14: 0000000000026f4a R15: 00007ffca5bc0080
[  159.854008][ T5808]  </TASK>
[  159.854036][ T5808] BUG: Bad page state in process syz-executor  pfn:41000
[  160.019581][ T5808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x41000
[  160.023258][ T5808] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[  160.027540][ T5808] flags: 0x4fff0800000004d(locked|referenced|uptodate|head|node=1|zone=1|lastcpupid=0x7ff)
[  160.031880][ T5808] raw: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  160.035672][ T5808] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  160.039763][ T5808] head: 04fff0800000004d dead000000000100 dead000000000122 0000000000000000
[  160.043551][ T5808] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  160.048273][ T5808] head: 04fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[  160.052177][ T5808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000