Warning: Permanently added '[localhost]:47562' (ED25519) to the list of known hosts.
2025/08/01 08:44:11 ignoring optional flag "sandboxArg"="0"
2025/08/01 08:44:12 parsed 1 programs
[ 71.125904][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.127981][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[ 73.124187][ T40] kauditd_printk_skb: 28 callbacks suppressed
[ 73.124199][ T40] audit: type=1400 audit(1754037854.465:118): avc: denied { unlink } for pid=6205 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 74.030520][ T6205] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 76.773294][ T6313] chnl_net:caif_netlink_parms(): no params data found
[ 76.833289][ T6313] bridge0: port 1(bridge_slave_0) entered blocking state
[ 76.835591][ T6313] bridge0: port 1(bridge_slave_0) entered disabled state
[ 76.837853][ T6313] bridge_slave_0: entered allmulticast mode
[ 76.840389][ T6313] bridge_slave_0: entered promiscuous mode
[ 76.845056][ T6313] bridge0: port 2(bridge_slave_1) entered blocking state
[ 76.847336][ T6313] bridge0: port 2(bridge_slave_1) entered disabled state
[ 76.849588][ T6313] bridge_slave_1: entered allmulticast mode
[ 76.852139][ T6313] bridge_slave_1: entered promiscuous mode
[ 76.880945][ T6313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 76.887432][ T6313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 76.920153][ T6313] team0: Port device team_slave_0 added
[ 76.924197][ T6313] team0: Port device team_slave_1 added
[ 76.953416][ T6313] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 76.955615][ T6313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.963534][ T6313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 76.967597][ T6313] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 76.969753][ T6313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 76.978813][ T6313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 77.013996][ T6313] hsr_slave_0: entered promiscuous mode
[ 77.016201][ T6313] hsr_slave_1: entered promiscuous mode
[ 77.696455][ T6313] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 77.702470][ T6313] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 77.708462][ T6313] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 77.714569][ T6313] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 77.735729][ T6313] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.738520][ T6313] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 77.741427][ T6313] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.744276][ T6313] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 77.753785][ T1144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 77.756678][ T1144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 77.780070][ T6313] 8021q: adding VLAN 0 to HW filter on device bond0
[ 77.788960][ T6313] 8021q: adding VLAN 0 to HW filter on device team0
[ 77.793846][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 77.796141][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 77.801610][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state
[ 77.803895][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 77.900800][ T6313] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 77.918722][ T6313] veth0_vlan: entered promiscuous mode
[ 77.923784][ T6313] veth1_vlan: entered promiscuous mode
[ 77.936391][ T6313] veth0_macvtap: entered promiscuous mode
[ 77.939950][ T6313] veth1_macvtap: entered promiscuous mode
[ 77.951749][ T6313] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 77.957044][ T6313] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 77.964014][ T1143] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.966759][ T1143] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.970108][ T1143] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 77.972809][ T1143] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.026799][ T1143] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.032690][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 78.036248][ T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 78.039457][ T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 78.042778][ T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 78.046654][ T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 78.106750][ T1143] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.150824][ T40] audit: type=1401 audit(1754037859.485:119): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 78.172221][ T1143] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.232215][ T1143] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 78.239407][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.242412][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.263855][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.266314][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2025/08/01 08:44:19 executed programs: 0
[ 78.670448][ T5999] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 78.673335][ T5999] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 78.675943][ T5999] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 78.678637][ T5999] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 78.681029][ T5999] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 78.818899][ T6426] chnl_net:caif_netlink_parms(): no params data found
[ 78.910874][ T6426] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.916062][ T6426] bridge0: port 1(bridge_slave_0) entered disabled state
[ 78.918767][ T6426] bridge_slave_0: entered allmulticast mode
[ 78.922063][ T6426] bridge_slave_0: entered promiscuous mode
[ 78.926290][ T6426] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.928605][ T6426] bridge0: port 2(bridge_slave_1) entered disabled state
[ 78.930856][ T6426] bridge_slave_1: entered allmulticast mode
[ 78.933498][ T6426] bridge_slave_1: entered promiscuous mode
[ 78.962600][ T6426] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 78.967955][ T6426] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 78.999153][ T6426] team0: Port device team_slave_0 added
[ 79.002182][ T6426] team0: Port device team_slave_1 added
[ 79.031858][ T6426] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 79.035677][ T6426] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 79.043695][ T6426] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 79.048006][ T6426] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 79.050171][ T6426] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 79.060381][ T6426] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 79.101149][ T6426] hsr_slave_0: entered promiscuous mode
[ 79.105677][ T6426] hsr_slave_1: entered promiscuous mode
[ 79.107669][ T6426] debugfs: 'hsr0' already exists in 'hsr'
[ 79.109412][ T6426] Cannot create hsr debugfs directory
[ 80.713426][ T63] Bluetooth: hci0: command tx timeout
[ 81.354030][ T839] cfg80211: failed to load regulatory.db
[ 81.548869][ T1143] bridge_slave_1: left allmulticast mode
[ 81.550688][ T1143] bridge_slave_1: left promiscuous mode
[ 81.552520][ T1143] bridge0: port 2(bridge_slave_1) entered disabled state
[ 81.560892][ T1143] bridge_slave_0: left allmulticast mode
[ 81.562684][ T1143] bridge_slave_0: left promiscuous mode
[ 81.565553][ T1143] bridge0: port 1(bridge_slave_0) entered disabled state
[ 81.722327][ T1143] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 81.726889][ T1143] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 81.730263][ T1143] bond0 (unregistering): Released all slaves
[ 81.877469][ T1143] hsr_slave_0: left promiscuous mode
[ 81.879980][ T1143] hsr_slave_1: left promiscuous mode
[ 81.882383][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 81.884911][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 81.887589][ T1143] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 81.889942][ T1143] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 81.901252][ T1143] veth1_macvtap: left promiscuous mode
[ 81.903185][ T1143] veth0_macvtap: left promiscuous mode
[ 81.905173][ T1143] veth1_vlan: left promiscuous mode
[ 81.906858][ T1143] veth0_vlan: left promiscuous mode
[ 82.245476][ T1143] team0 (unregistering): Port device team_slave_1 removed
[ 82.281480][ T1143] team0 (unregistering): Port device team_slave_0 removed
[ 82.804242][ T63] Bluetooth: hci0: command tx timeout
[ 82.928978][ T6426] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 82.933069][ T6426] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 82.937092][ T6426] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 82.940951][ T6426] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 82.978802][ T6426] 8021q: adding VLAN 0 to HW filter on device bond0
[ 82.987059][ T6426] 8021q: adding VLAN 0 to HW filter on device team0
[ 82.991653][ T60] bridge0: port 1(bridge_slave_0) entered blocking state
[ 82.994490][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 83.001115][ T60] bridge0: port 2(bridge_slave_1) entered blocking state
[ 83.003480][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 83.171051][ T6426] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 83.191156][ T6426] veth0_vlan: entered promiscuous mode
[ 83.195924][ T6426] veth1_vlan: entered promiscuous mode
[ 83.209071][ T6426] veth0_macvtap: entered promiscuous mode
[ 83.212639][ T6426] veth1_macvtap: entered promiscuous mode
[ 83.221158][ T6426] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 83.228668][ T6426] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 83.235331][ T1144] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.238068][ T1144] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.244305][ T1144] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.247146][ T1144] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 83.281758][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 83.284434][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 83.304828][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 83.308131][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 83.326641][ T40] audit: type=1400 audit(1754037864.665:120): avc: denied { read write } for pid=6534 comm="syz.0.16" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 83.334360][ T40] audit: type=1400 audit(1754037864.665:121): avc: denied { open } for pid=6534 comm="syz.0.16" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 83.341313][ T40] audit: type=1400 audit(1754037864.665:122): avc: denied { map } for pid=6534 comm="syz.0.16" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 83.348995][ T40] audit: type=1400 audit(1754037864.665:123): avc: denied { execute } for pid=6534 comm="syz.0.16" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 83.356131][ T40] audit: type=1400 audit(1754037864.665:124): avc: denied { create } for pid=6534 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 83.361789][ T6534] BUG: Bad page state in process syz.0.16 pfn:22e01
[ 83.361886][ T40] audit: type=1400 audit(1754037864.665:125): avc: denied { bind } for pid=6534 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 83.366327][ T6534] page does not match folio
[ 83.372634][ T40] audit: type=1400 audit(1754037864.675:126): avc: denied { write } for pid=6534 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 83.374474][ T6534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x22e01
[ 83.381949][ T40] audit: type=1400 audit(1754037864.715:127): avc: denied { read } for pid=5336 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 83.385212][ T6534] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 83.391782][ T40] audit: type=1400 audit(1754037864.715:128): avc: denied { search } for pid=5336 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 83.394410][ T6534] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 83.400918][ T40] audit: type=1400 audit(1754037864.715:129): avc: denied { search } for pid=5336 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 83.403682][ T6534] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 83.412791][ T6534] page dumped because: nonzero pincount
[ 83.414636][ T6534] page_owner tracks the page as allocated
[ 83.416482][ T6534] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6534, tgid 6534 (syz.0.16), ts 83328752755, free_ts 0
[ 83.422354][ T6534] post_alloc_hook+0x1c0/0x230
[ 83.424359][ T6534] get_page_from_freelist+0x132b/0x38e0
[ 83.426128][ T6534] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 83.427970][ T6534] alloc_pages_mpol+0x1fb/0x550
[ 83.429482][ T6534] folio_alloc_noprof+0x20/0x2d0
[ 83.431042][ T6534] filemap_alloc_folio_noprof+0x3a1/0x470
[ 83.432820][ T6534] page_cache_ra_order+0x4e1/0xd70
[ 83.434547][ T6534] filemap_fault+0x1b4b/0x2930
[ 83.436102][ T6534] __do_fault+0x10a/0x490
[ 83.437470][ T6534] do_pte_missing+0x1a6/0x3ba0
[ 83.439002][ T6534] __handle_mm_fault+0x152a/0x2a50
[ 83.440606][ T6534] handle_mm_fault+0x589/0xd10
[ 83.442131][ T6534] do_user_addr_fault+0x60c/0x1370
[ 83.443851][ T6534] exc_page_fault+0x5c/0xb0
[ 83.445311][ T6534] asm_exc_page_fault+0x26/0x30
[ 83.446853][ T6534] page_owner free stack trace missing
[ 83.448652][ T6534] Modules linked in:
[ 83.449909][ T6534] CPU: 3 UID: 0 PID: 6534 Comm: syz.0.16 Not tainted 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 83.449923][ T6534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 83.449930][ T6534] Call Trace:
[ 83.449934][ T6534]
[ 83.449938][ T6534] dump_stack_lvl+0x16c/0x1f0
[ 83.449955][ T6534] bad_page+0xcf/0x220
[ 83.449967][ T6534] ? __pfx_bad_page+0x10/0x10
[ 83.449980][ T6534] free_tail_page_prepare+0x44f/0x5b0
[ 83.450000][ T6534] __free_frozen_pages+0xbae/0x10f0
[ 83.450019][ T6534] __folio_put+0x329/0x450
[ 83.450030][ T6534] ? __pfx___folio_put+0x10/0x10
[ 83.450041][ T6534] ? find_held_lock+0x2b/0x80
[ 83.450054][ T6534] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 83.450066][ T6534] ? mark_held_locks+0x49/0x80
[ 83.450082][ T6534] filemap_free_folio+0x132/0x170
[ 83.450093][ T6534] delete_from_page_cache_batch+0x741/0x9b0
[ 83.450107][ T6534] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 83.450120][ T6534] ? __pfx_workingset_update_node+0x10/0x10
[ 83.450135][ T6534] truncate_inode_pages_range+0x279/0xe50
[ 83.450152][ T6534] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 83.450177][ T6534] ? has_bh_in_lru+0x9d/0x100
[ 83.450189][ T6534] ? smp_call_function_many_cond+0x457/0x1600
[ 83.450216][ T6534] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.450227][ T6534] ? __pfx_has_bh_in_lru+0x10/0x10
[ 83.450240][ T6534] blkdev_flush_mapping+0xfb/0x290
[ 83.450255][ T6534] blkdev_put_whole+0xc4/0xf0
[ 83.450266][ T6534] bdev_release+0x47e/0x6d0
[ 83.450281][ T6534] ? __pfx_blkdev_release+0x10/0x10
[ 83.450295][ T6534] blkdev_release+0x15/0x20
[ 83.450307][ T6534] __fput+0x3ff/0xb70
[ 83.450324][ T6534] task_work_run+0x14d/0x240
[ 83.450336][ T6534] ? __pfx_task_work_run+0x10/0x10
[ 83.450348][ T6534] ? do_raw_spin_unlock+0x172/0x230
[ 83.450361][ T6534] do_exit+0x86f/0x2bf0
[ 83.450380][ T6534] ? __pfx_do_exit+0x10/0x10
[ 83.450395][ T6534] ? preempt_schedule_thunk+0x16/0x30
[ 83.450414][ T6534] do_group_exit+0xd3/0x2a0
[ 83.450430][ T6534] __x64_sys_exit_group+0x3e/0x50
[ 83.450446][ T6534] x64_sys_call+0x14fa/0x1720
[ 83.450458][ T6534] do_syscall_64+0xcd/0x4c0
[ 83.450474][ T6534] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 83.450485][ T6534] RIP: 0033:0x7fabb898e969
[ 83.450493][ T6534] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 83.450497][ T6534] RSP: 002b:00007fff6fc31168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 83.450507][ T6534] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fabb898e969
[ 83.450513][ T6534] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 83.450519][ T6534] RBP: 0000000000000003 R08: 000000066fc3125f R09: 00007fabb8b7d260
[ 83.450526][ T6534] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 83.450531][ T6534] R13: 00007fabb8b7d260 R14: 0000000000000003 R15: 00007fff6fc31220
[ 83.450544][ T6534]
[ 83.450548][ T6534] Disabling lock debugging due to kernel taint
[ 83.539840][ T6534] BUG: Bad page state in process syz.0.16 pfn:22e00
[ 83.541907][ T6534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x22e00
[ 83.544756][ T6534] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 83.547436][ T6534] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 83.550491][ T6534] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 83.553174][ T6534] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 83.555737][ T6534] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 83.558391][ T6534] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 83.561045][ T6534] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 83.563779][ T6534] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 83.566449][ T6534] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 83.568681][ T6534] page_owner tracks the page as allocated
[ 83.570439][ T6534] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6534, tgid 6534 (syz.0.16), ts 83328752755, free_ts 0
[ 83.576324][ T6534] post_alloc_hook+0x1c0/0x230
[ 83.577831][ T6534] get_page_from_freelist+0x132b/0x38e0
[ 83.579549][ T6534] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 83.581376][ T6534] alloc_pages_mpol+0x1fb/0x550
[ 83.582979][ T6534] folio_alloc_noprof+0x20/0x2d0
[ 83.584534][ T6534] filemap_alloc_folio_noprof+0x3a1/0x470
[ 83.586312][ T6534] page_cache_ra_order+0x4e1/0xd70
[ 83.587907][ T6534] filemap_fault+0x1b4b/0x2930
[ 83.589399][ T6534] __do_fault+0x10a/0x490
[ 83.590751][ T6534] do_pte_missing+0x1a6/0x3ba0
[ 83.592253][ T6534] __handle_mm_fault+0x152a/0x2a50
[ 83.593929][ T6534] handle_mm_fault+0x589/0xd10
[ 83.595437][ T6534] do_user_addr_fault+0x60c/0x1370
[ 83.597026][ T6534] exc_page_fault+0x5c/0xb0
[ 83.598454][ T6534] asm_exc_page_fault+0x26/0x30
[ 83.599968][ T6534] page_owner free stack trace missing
[ 83.601623][ T6534] Modules linked in:
[ 83.602921][ T6534] CPU: 2 UID: 0 PID: 6534 Comm: syz.0.16 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 83.602938][ T6534] Tainted: [B]=BAD_PAGE
[ 83.602942][ T6534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 83.602949][ T6534] Call Trace:
[ 83.602952][ T6534]
[ 83.602956][ T6534] dump_stack_lvl+0x16c/0x1f0
[ 83.602972][ T6534] bad_page+0xcf/0x220
[ 83.602983][ T6534] ? __pfx_bad_page+0x10/0x10
[ 83.602995][ T6534] ? page_bad_reason+0x9d/0x1f0
[ 83.603006][ T6534] __free_frozen_pages+0x7f7/0x10f0
[ 83.603022][ T6534] __folio_put+0x329/0x450
[ 83.603032][ T6534] ? __pfx___folio_put+0x10/0x10
[ 83.603042][ T6534] ? find_held_lock+0x2b/0x80
[ 83.603055][ T6534] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 83.603066][ T6534] ? mark_held_locks+0x49/0x80
[ 83.603081][ T6534] filemap_free_folio+0x132/0x170
[ 83.603091][ T6534] delete_from_page_cache_batch+0x741/0x9b0
[ 83.603103][ T6534] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 83.603115][ T6534] ? __pfx_workingset_update_node+0x10/0x10
[ 83.603127][ T6534] truncate_inode_pages_range+0x279/0xe50
[ 83.603142][ T6534] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 83.603160][ T6534] ? has_bh_in_lru+0x9d/0x100
[ 83.603171][ T6534] ? smp_call_function_many_cond+0x457/0x1600
[ 83.603190][ T6534] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.603202][ T6534] ? __pfx_has_bh_in_lru+0x10/0x10
[ 83.603213][ T6534] blkdev_flush_mapping+0xfb/0x290
[ 83.603226][ T6534] blkdev_put_whole+0xc4/0xf0
[ 83.603237][ T6534] bdev_release+0x47e/0x6d0
[ 83.603250][ T6534] ? __pfx_blkdev_release+0x10/0x10
[ 83.603263][ T6534] blkdev_release+0x15/0x20
2025/08/01 08:44:25 executed programs: 3
[ 83.603275][ T6534] __fput+0x3ff/0xb70
[ 83.603290][ T6534] task_work_run+0x14d/0x240
[ 83.603301][ T6534] ? __pfx_task_work_run+0x10/0x10
[ 83.603312][ T6534] ? do_raw_spin_unlock+0x172/0x230
[ 83.603323][ T6534] do_exit+0x86f/0x2bf0
[ 83.603340][ T6534] ? __pfx_do_exit+0x10/0x10
[ 83.603355][ T6534] ? preempt_schedule_thunk+0x16/0x30
[ 83.603371][ T6534] do_group_exit+0xd3/0x2a0
[ 83.603386][ T6534] __x64_sys_exit_group+0x3e/0x50
[ 83.603402][ T6534] x64_sys_call+0x14fa/0x1720
[ 83.603414][ T6534] do_syscall_64+0xcd/0x4c0
[ 83.603429][ T6534] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 83.603440][ T6534] RIP: 0033:0x7fabb898e969
[ 83.603448][ T6534] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 83.603452][ T6534] RSP: 002b:00007fff6fc31168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 83.603462][ T6534] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fabb898e969
[ 83.603468][ T6534] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 83.603474][ T6534] RBP: 0000000000000003 R08: 000000066fc3125f R09: 00007fabb8b7d260
[ 83.603480][ T6534] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 83.603486][ T6534] R13: 00007fabb8b7d260 R14: 0000000000000003 R15: 00007fff6fc31220
[ 83.603495][ T6534]
[ 83.710548][ T6536] BUG: Bad page state in process syz.0.17 pfn:50801
[ 83.712683][ T6536] page does not match folio
[ 83.714230][ T6536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x50801
[ 83.717333][ T6536] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 83.719693][ T6536] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 83.722341][ T6536] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 83.725172][ T6536] page dumped because: nonzero pincount
[ 83.726895][ T6536] page_owner tracks the page as allocated
[ 83.728667][ T6536] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6536, tgid 6536 (syz.0.17), ts 83608506508, free_ts 83603520858
[ 83.736499][ T6536] post_alloc_hook+0x1c0/0x230
[ 83.738380][ T6536] get_page_from_freelist+0x132b/0x38e0
[ 83.740574][ T6536] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 83.743013][ T6536] alloc_pages_mpol+0x1fb/0x550
[ 83.744899][ T6536] folio_alloc_noprof+0x20/0x2d0
[ 83.746939][ T6536] filemap_alloc_folio_noprof+0x3a1/0x470
[ 83.749186][ T6536] page_cache_ra_order+0x4e1/0xd70
[ 83.751222][ T6536] filemap_fault+0x1b4b/0x2930
[ 83.753165][ T6536] __do_fault+0x10a/0x490
[ 83.754863][ T6536] do_pte_missing+0x1a6/0x3ba0
[ 83.756732][ T6536] __handle_mm_fault+0x152a/0x2a50
[ 83.758931][ T6536] handle_mm_fault+0x589/0xd10
[ 83.760804][ T6536] do_user_addr_fault+0x60c/0x1370
[ 83.762803][ T6536] exc_page_fault+0x5c/0xb0
[ 83.764723][ T6536] asm_exc_page_fault+0x26/0x30
[ 83.766630][ T6536] page last free pid 6534 tgid 6534 stack trace:
[ 83.769185][ T6536] free_unref_folios+0xa61/0x16b0
[ 83.771194][ T6536] folios_put_refs+0x56f/0x740
[ 83.773195][ T6536] truncate_inode_pages_range+0x311/0xe50
[ 83.775429][ T6536] blkdev_flush_mapping+0xfb/0x290
[ 83.777470][ T6536] blkdev_put_whole+0xc4/0xf0
[ 83.779414][ T6536] bdev_release+0x47e/0x6d0
[ 83.781218][ T6536] blkdev_release+0x15/0x20
[ 83.783123][ T6536] __fput+0x3ff/0xb70
[ 83.784686][ T6536] task_work_run+0x14d/0x240
[ 83.786526][ T6536] do_exit+0x86f/0x2bf0
[ 83.788141][ T6536] do_group_exit+0xd3/0x2a0
[ 83.789966][ T6536] __x64_sys_exit_group+0x3e/0x50
[ 83.791969][ T6536] x64_sys_call+0x14fa/0x1720
[ 83.793932][ T6536] do_syscall_64+0xcd/0x4c0
[ 83.795770][ T6536] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 83.798138][ T6536] Modules linked in:
[ 83.799685][ T6536] CPU: 3 UID: 0 PID: 6536 Comm: syz.0.17 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 83.799709][ T6536] Tainted: [B]=BAD_PAGE
[ 83.799714][ T6536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 83.799723][ T6536] Call Trace:
[ 83.799728][ T6536]
[ 83.799734][ T6536] dump_stack_lvl+0x16c/0x1f0
[ 83.799755][ T6536] bad_page+0xcf/0x220
[ 83.799772][ T6536] ? __pfx_bad_page+0x10/0x10
[ 83.799786][ T6536] free_tail_page_prepare+0x44f/0x5b0
[ 83.799807][ T6536] __free_frozen_pages+0xbae/0x10f0
[ 83.799831][ T6536] __folio_put+0x329/0x450
[ 83.799846][ T6536] ? __pfx___folio_put+0x10/0x10
[ 83.799861][ T6536] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 83.799875][ T6536] ? rcu_is_watching+0x12/0xc0
[ 83.799892][ T6536] ? lock_release+0x201/0x2f0
[ 83.799916][ T6536] filemap_free_folio+0x132/0x170
[ 83.799931][ T6536] delete_from_page_cache_batch+0x741/0x9b0
[ 83.799948][ T6536] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 83.799965][ T6536] ? __pfx_workingset_update_node+0x10/0x10
[ 83.799977][ T6536] ? xas_move_index+0xb0/0x110
[ 83.800004][ T6536] truncate_inode_pages_range+0x279/0xe50
[ 83.800040][ T6536] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 83.800065][ T6536] ? rcu_is_watching+0x12/0xc0
[ 83.800080][ T6536] ? has_bh_in_lru+0x9d/0x100
[ 83.800096][ T6536] ? smp_call_function_many_cond+0x457/0x1600
[ 83.800123][ T6536] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.800141][ T6536] ? __pfx_has_bh_in_lru+0x10/0x10
[ 83.800157][ T6536] blkdev_flush_mapping+0xfb/0x290
[ 83.800173][ T6536] blkdev_put_whole+0xc4/0xf0
[ 83.800188][ T6536] bdev_release+0x47e/0x6d0
[ 83.800207][ T6536] ? __pfx_blkdev_release+0x10/0x10
[ 83.800226][ T6536] blkdev_release+0x15/0x20
[ 83.800244][ T6536] __fput+0x3ff/0xb70
[ 83.800264][ T6536] task_work_run+0x14d/0x240
[ 83.800276][ T6536] ? __pfx_task_work_run+0x10/0x10
[ 83.800293][ T6536] ? do_raw_spin_unlock+0x172/0x230
[ 83.800310][ T6536] do_exit+0x86f/0x2bf0
[ 83.800334][ T6536] ? __pfx_do_exit+0x10/0x10
[ 83.800354][ T6536] ? preempt_schedule_thunk+0x16/0x30
[ 83.800373][ T6536] do_group_exit+0xd3/0x2a0
[ 83.800396][ T6536] __x64_sys_exit_group+0x3e/0x50
[ 83.800418][ T6536] x64_sys_call+0x14fa/0x1720
[ 83.800435][ T6536] do_syscall_64+0xcd/0x4c0
[ 83.800456][ T6536] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 83.800468][ T6536] RIP: 0033:0x7fabb898e969
[ 83.800479][ T6536] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 83.800486][ T6536] RSP: 002b:00007fff6fc31168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 83.800501][ T6536] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fabb898e969
[ 83.800511][ T6536] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 83.800520][ T6536] RBP: 00007fff6fc311cc R08: 000000066fc3125f R09: 00000000000927c0
[ 83.800530][ T6536] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 83.800539][ T6536] R13: 00000000000927c0 R14: 0000000000014515 R15: 00007fff6fc31220
[ 83.800552][ T6536]
[ 83.800628][ T6536] BUG: Bad page state in process syz.0.17 pfn:50800
[ 83.908772][ T6536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x50800
[ 83.912127][ T6536] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 83.915675][ T6536] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 83.919450][ T6536] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 83.922696][ T6536] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 83.926114][ T6536] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 83.929381][ T6536] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 83.932645][ T6536] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 83.936040][ T6536] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 83.939364][ T6536] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 83.942103][ T6536] page_owner tracks the page as allocated
[ 83.944416][ T6536] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6536, tgid 6536 (syz.0.17), ts 83608506508, free_ts 83603520858
[ 83.951900][ T6536] post_alloc_hook+0x1c0/0x230
[ 83.953842][ T6536] get_page_from_freelist+0x132b/0x38e0
[ 83.955984][ T6536] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 83.958243][ T6536] alloc_pages_mpol+0x1fb/0x550
[ 83.960112][ T6536] folio_alloc_noprof+0x20/0x2d0
[ 83.962065][ T6536] filemap_alloc_folio_noprof+0x3a1/0x470
[ 83.964343][ T6536] page_cache_ra_order+0x4e1/0xd70
[ 83.966348][ T6536] filemap_fault+0x1b4b/0x2930
[ 83.968176][ T6536] __do_fault+0x10a/0x490
[ 83.969850][ T6536] do_pte_missing+0x1a6/0x3ba0
[ 83.971705][ T6536] __handle_mm_fault+0x152a/0x2a50
[ 83.973768][ T6536] handle_mm_fault+0x589/0xd10
[ 83.975647][ T6536] do_user_addr_fault+0x60c/0x1370
[ 83.977593][ T6536] exc_page_fault+0x5c/0xb0
[ 83.979368][ T6536] asm_exc_page_fault+0x26/0x30
[ 83.981234][ T6536] page last free pid 6534 tgid 6534 stack trace:
[ 83.983701][ T6536] free_unref_folios+0xa61/0x16b0
[ 83.985724][ T6536] folios_put_refs+0x56f/0x740
[ 83.987547][ T6536] truncate_inode_pages_range+0x311/0xe50
[ 83.989715][ T6536] blkdev_flush_mapping+0xfb/0x290
[ 83.991678][ T6536] blkdev_put_whole+0xc4/0xf0
[ 83.993865][ T6536] bdev_release+0x47e/0x6d0
[ 83.995660][ T6536] blkdev_release+0x15/0x20
[ 83.997475][ T6536] __fput+0x3ff/0xb70
[ 83.999019][ T6536] task_work_run+0x14d/0x240
[ 84.000777][ T6536] do_exit+0x86f/0x2bf0
[ 84.002352][ T6536] do_group_exit+0xd3/0x2a0
[ 84.004163][ T6536] __x64_sys_exit_group+0x3e/0x50
[ 84.006088][ T6536] x64_sys_call+0x14fa/0x1720
[ 84.007971][ T6536] do_syscall_64+0xcd/0x4c0
[ 84.009734][ T6536] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.011999][ T6536] Modules linked in:
[ 84.013564][ T6536] CPU: 2 UID: 0 PID: 6536 Comm: syz.0.17 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 84.013586][ T6536] Tainted: [B]=BAD_PAGE
[ 84.013592][ T6536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.013602][ T6536] Call Trace:
[ 84.013608][ T6536]
[ 84.013613][ T6536] dump_stack_lvl+0x16c/0x1f0
[ 84.013635][ T6536] bad_page+0xcf/0x220
[ 84.013651][ T6536] ? __pfx_bad_page+0x10/0x10
[ 84.013667][ T6536] ? page_bad_reason+0x9d/0x1f0
[ 84.013679][ T6536] __free_frozen_pages+0x7f7/0x10f0
[ 84.013715][ T6536] __folio_put+0x329/0x450
[ 84.013730][ T6536] ? __pfx___folio_put+0x10/0x10
[ 84.013746][ T6536] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 84.013761][ T6536] ? rcu_is_watching+0x12/0xc0
[ 84.013778][ T6536] ? lock_release+0x201/0x2f0
[ 84.013795][ T6536] filemap_free_folio+0x132/0x170
[ 84.013809][ T6536] delete_from_page_cache_batch+0x741/0x9b0
[ 84.013826][ T6536] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 84.013843][ T6536] ? __pfx_workingset_update_node+0x10/0x10
[ 84.013859][ T6536] ? xas_move_index+0xb0/0x110
[ 84.013880][ T6536] truncate_inode_pages_range+0x279/0xe50
[ 84.013899][ T6536] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.013930][ T6536] ? rcu_is_watching+0x12/0xc0
[ 84.013948][ T6536] ? has_bh_in_lru+0x9d/0x100
[ 84.013963][ T6536] ? smp_call_function_many_cond+0x457/0x1600
[ 84.013991][ T6536] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.014005][ T6536] ? __pfx_has_bh_in_lru+0x10/0x10
[ 84.014022][ T6536] blkdev_flush_mapping+0xfb/0x290
[ 84.014040][ T6536] blkdev_put_whole+0xc4/0xf0
[ 84.014056][ T6536] bdev_release+0x47e/0x6d0
[ 84.014075][ T6536] ? __pfx_blkdev_release+0x10/0x10
[ 84.014092][ T6536] blkdev_release+0x15/0x20
[ 84.014108][ T6536] __fput+0x3ff/0xb70
[ 84.014128][ T6536] task_work_run+0x14d/0x240
[ 84.014144][ T6536] ? __pfx_task_work_run+0x10/0x10
[ 84.014159][ T6536] ? do_raw_spin_unlock+0x172/0x230
[ 84.014177][ T6536] do_exit+0x86f/0x2bf0
[ 84.014196][ T6536] ? __pfx_do_exit+0x10/0x10
[ 84.014219][ T6536] ? preempt_schedule_thunk+0x16/0x30
[ 84.014242][ T6536] do_group_exit+0xd3/0x2a0
[ 84.014264][ T6536] __x64_sys_exit_group+0x3e/0x50
[ 84.014285][ T6536] x64_sys_call+0x14fa/0x1720
[ 84.014301][ T6536] do_syscall_64+0xcd/0x4c0
[ 84.014322][ T6536] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.014337][ T6536] RIP: 0033:0x7fabb898e969
[ 84.014349][ T6536] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 84.014356][ T6536] RSP: 002b:00007fff6fc31168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 84.014370][ T6536] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fabb898e969
[ 84.014380][ T6536] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 84.014386][ T6536] RBP: 00007fff6fc311cc R08: 000000066fc3125f R09: 00000000000927c0
[ 84.014395][ T6536] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 84.014404][ T6536] R13: 00000000000927c0 R14: 0000000000014515 R15: 00007fff6fc31220
[ 84.014418][ T6536]
[ 84.137113][ T6539] BUG: Bad page state in process syz.0.18 pfn:43c01
[ 84.139814][ T6539] page does not match folio
[ 84.141660][ T6539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x43c01
[ 84.145752][ T6539] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 84.148750][ T6539] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 84.152184][ T6539] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 84.155917][ T6539] page dumped because: nonzero pincount
[ 84.158139][ T6539] page_owner tracks the page as allocated
[ 84.160436][ T6539] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6538, tgid 6538 (syz.0.18), ts 84020374574, free_ts 51320327031
[ 84.168925][ T6539] post_alloc_hook+0x1c0/0x230
[ 84.170882][ T6539] get_page_from_freelist+0x132b/0x38e0
[ 84.173184][ T6539] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 84.175576][ T6539] alloc_pages_mpol+0x1fb/0x550
[ 84.177542][ T6539] folio_alloc_noprof+0x20/0x2d0
[ 84.179545][ T6539] filemap_alloc_folio_noprof+0x3a1/0x470
[ 84.181817][ T6539] page_cache_ra_order+0x4e1/0xd70
[ 84.183927][ T6539] filemap_fault+0x1b4b/0x2930
[ 84.185848][ T6539] __do_fault+0x10a/0x490
[ 84.187591][ T6539] do_pte_missing+0x1a6/0x3ba0
[ 84.189531][ T6539] __handle_mm_fault+0x152a/0x2a50
[ 84.191608][ T6539] handle_mm_fault+0x589/0xd10
[ 84.193583][ T6539] do_user_addr_fault+0x60c/0x1370
[ 84.195650][ T6539] exc_page_fault+0x5c/0xb0
[ 84.197478][ T6539] asm_exc_page_fault+0x26/0x30
[ 84.199456][ T6539] page last free pid 6019 tgid 6019 stack trace:
[ 84.201943][ T6539] __free_frozen_pages+0x7d5/0x10f0
[ 84.204096][ T6539] vfree+0x1fd/0xb50
[ 84.205706][ T6539] kcov_close+0x34/0x60
[ 84.207381][ T6539] __fput+0x3ff/0xb70
[ 84.209000][ T6539] task_work_run+0x14d/0x240
[ 84.210883][ T6539] do_exit+0x86f/0x2bf0
[ 84.212562][ T6539] do_group_exit+0xd3/0x2a0
[ 84.214477][ T6539] get_signal+0x2673/0x26d0
[ 84.216322][ T6539] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.218581][ T6539] exit_to_user_mode_loop+0x84/0x110
[ 84.220693][ T6539] do_syscall_64+0x3f6/0x4c0
[ 84.222561][ T6539] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.224988][ T6539] Modules linked in:
[ 84.226570][ T6539] CPU: 1 UID: 0 PID: 6539 Comm: syz.0.18 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 84.226595][ T6539] Tainted: [B]=BAD_PAGE
[ 84.226600][ T6539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.226609][ T6539] Call Trace:
[ 84.226616][ T6539]
[ 84.226622][ T6539] dump_stack_lvl+0x16c/0x1f0
[ 84.226646][ T6539] bad_page+0xcf/0x220
[ 84.226663][ T6539] ? __pfx_bad_page+0x10/0x10
[ 84.226683][ T6539] free_tail_page_prepare+0x44f/0x5b0
[ 84.226705][ T6539] __free_frozen_pages+0xbae/0x10f0
[ 84.226729][ T6539] __folio_put+0x329/0x450
[ 84.226747][ T6539] ? __pfx___folio_put+0x10/0x10
[ 84.226762][ T6539] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 84.226780][ T6539] ? rcu_is_watching+0x12/0xc0
[ 84.226800][ T6539] ? lock_release+0x201/0x2f0
[ 84.226824][ T6539] filemap_free_folio+0x132/0x170
[ 84.226841][ T6539] delete_from_page_cache_batch+0x741/0x9b0
[ 84.226859][ T6539] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 84.226878][ T6539] ? __pfx_workingset_update_node+0x10/0x10
[ 84.226897][ T6539] truncate_inode_pages_range+0x279/0xe50
[ 84.226919][ T6539] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.226954][ T6539] ? __pfx_has_bh_in_lru+0x10/0x10
[ 84.226971][ T6539] ? preempt_schedule_thunk+0x16/0x30
[ 84.226993][ T6539] ? on_each_cpu_cond_mask+0x5a/0x90
[ 84.227014][ T6539] ? on_each_cpu_cond_mask+0x70/0x90
[ 84.227035][ T6539] blkdev_flush_mapping+0xfb/0x290
[ 84.227052][ T6539] ? filemap_check_errors+0xa9/0x160
[ 84.227075][ T6539] blkdev_put_whole+0xc4/0xf0
[ 84.227092][ T6539] bdev_release+0x47e/0x6d0
[ 84.227111][ T6539] ? __pfx_blkdev_release+0x10/0x10
[ 84.227131][ T6539] blkdev_release+0x15/0x20
[ 84.227150][ T6539] __fput+0x3ff/0xb70
[ 84.227172][ T6539] task_work_run+0x14d/0x240
[ 84.227195][ T6539] ? __pfx_task_work_run+0x10/0x10
[ 84.227211][ T6539] ? do_raw_spin_unlock+0x172/0x230
[ 84.227230][ T6539] do_exit+0x86f/0x2bf0
[ 84.227254][ T6539] ? __pfx_do_exit+0x10/0x10
[ 84.227276][ T6539] ? do_raw_spin_lock+0x12c/0x2b0
[ 84.227293][ T6539] ? get_signal+0x8f5/0x26d0
[ 84.227310][ T6539] ? rcu_is_watching+0x12/0xc0
[ 84.227330][ T6539] do_group_exit+0xd3/0x2a0
[ 84.227354][ T6539] get_signal+0x2673/0x26d0
[ 84.227376][ T6539] ? __pfx_get_signal+0x10/0x10
[ 84.227395][ T6539] ? do_futex+0x122/0x350
[ 84.227419][ T6539] ? __pfx_do_futex+0x10/0x10
[ 84.227443][ T6539] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.227464][ T6539] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 84.227490][ T6539] exit_to_user_mode_loop+0x84/0x110
[ 84.227507][ T6539] do_syscall_64+0x3f6/0x4c0
[ 84.227529][ T6539] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.227546][ T6539] RIP: 0033:0x7fabb898e969
[ 84.227558][ T6539] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 84.227564][ T6539] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 84.227580][ T6539] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 84.227590][ T6539] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 84.227600][ T6539] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 84.227611][ T6539] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 84.227620][ T6539] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 84.227635][ T6539]
[ 84.227661][ T6539] BUG: Bad page state in process syz.0.18 pfn:43c00
[ 84.335050][ T6539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x43c00
[ 84.337723][ T6539] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 84.340192][ T6539] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 84.343227][ T6539] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 84.345796][ T6539] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.348401][ T6539] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 84.350933][ T6539] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.356283][ T6539] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.358963][ T6539] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 84.361585][ T6539] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 84.363873][ T6539] page_owner tracks the page as allocated
[ 84.365608][ T6539] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6538, tgid 6538 (syz.0.18), ts 84020374574, free_ts 51320321659
[ 84.371715][ T6539] post_alloc_hook+0x1c0/0x230
[ 84.373317][ T6539] get_page_from_freelist+0x132b/0x38e0
[ 84.375071][ T6539] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 84.376874][ T6539] alloc_pages_mpol+0x1fb/0x550
[ 84.378380][ T6539] folio_alloc_noprof+0x20/0x2d0
[ 84.379858][ T6539] filemap_alloc_folio_noprof+0x3a1/0x470
[ 84.381591][ T6539] page_cache_ra_order+0x4e1/0xd70
[ 84.383304][ T6539] filemap_fault+0x1b4b/0x2930
[ 84.384793][ T6539] __do_fault+0x10a/0x490
[ 84.386152][ T6539] do_pte_missing+0x1a6/0x3ba0
[ 84.387644][ T6539] __handle_mm_fault+0x152a/0x2a50
[ 84.389222][ T6539] handle_mm_fault+0x589/0xd10
[ 84.390696][ T6539] do_user_addr_fault+0x60c/0x1370
[ 84.392273][ T6539] exc_page_fault+0x5c/0xb0
[ 84.394622][ T6539] asm_exc_page_fault+0x26/0x30
[ 84.396590][ T6539] page last free pid 6019 tgid 6019 stack trace:
[ 84.399031][ T6539] __free_frozen_pages+0x7d5/0x10f0
[ 84.401016][ T6539] vfree+0x1fd/0xb50
[ 84.402548][ T6539] kcov_close+0x34/0x60
[ 84.404392][ T6539] __fput+0x3ff/0xb70
[ 84.405954][ T6539] task_work_run+0x14d/0x240
[ 84.407741][ T6539] do_exit+0x86f/0x2bf0
[ 84.409349][ T6539] do_group_exit+0xd3/0x2a0
[ 84.411122][ T6539] get_signal+0x2673/0x26d0
[ 84.412980][ T6539] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.415148][ T6539] exit_to_user_mode_loop+0x84/0x110
[ 84.417165][ T6539] do_syscall_64+0x3f6/0x4c0
[ 84.418959][ T6539] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.421202][ T6539] Modules linked in:
[ 84.422753][ T6539] CPU: 2 UID: 0 PID: 6539 Comm: syz.0.18 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 84.422777][ T6539] Tainted: [B]=BAD_PAGE
[ 84.422783][ T6539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.422792][ T6539] Call Trace:
[ 84.422798][ T6539]
[ 84.422803][ T6539] dump_stack_lvl+0x16c/0x1f0
[ 84.422826][ T6539] bad_page+0xcf/0x220
[ 84.422840][ T6539] ? __pfx_bad_page+0x10/0x10
[ 84.422869][ T6539] ? page_bad_reason+0x9d/0x1f0
[ 84.422888][ T6539] __free_frozen_pages+0x7f7/0x10f0
[ 84.422911][ T6539] __folio_put+0x329/0x450
[ 84.422924][ T6539] ? __pfx___folio_put+0x10/0x10
[ 84.422940][ T6539] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 84.422957][ T6539] ? rcu_is_watching+0x12/0xc0
[ 84.422975][ T6539] ? lock_release+0x201/0x2f0
[ 84.422998][ T6539] filemap_free_folio+0x132/0x170
[ 84.423012][ T6539] delete_from_page_cache_batch+0x741/0x9b0
[ 84.423026][ T6539] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 84.423044][ T6539] ? __pfx_workingset_update_node+0x10/0x10
[ 84.423063][ T6539] truncate_inode_pages_range+0x279/0xe50
[ 84.423084][ T6539] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.423113][ T6539] ? __pfx_has_bh_in_lru+0x10/0x10
[ 84.423128][ T6539] ? preempt_schedule_thunk+0x16/0x30
[ 84.423150][ T6539] ? on_each_cpu_cond_mask+0x5a/0x90
[ 84.423174][ T6539] ? on_each_cpu_cond_mask+0x70/0x90
[ 84.423193][ T6539] blkdev_flush_mapping+0xfb/0x290
[ 84.423210][ T6539] ? filemap_check_errors+0xa9/0x160
[ 84.423228][ T6539] blkdev_put_whole+0xc4/0xf0
[ 84.423245][ T6539] bdev_release+0x47e/0x6d0
[ 84.423263][ T6539] ? __pfx_blkdev_release+0x10/0x10
[ 84.423282][ T6539] blkdev_release+0x15/0x20
[ 84.423300][ T6539] __fput+0x3ff/0xb70
[ 84.423316][ T6539] task_work_run+0x14d/0x240
[ 84.423333][ T6539] ? __pfx_task_work_run+0x10/0x10
[ 84.423349][ T6539] ? do_raw_spin_unlock+0x172/0x230
[ 84.423367][ T6539] do_exit+0x86f/0x2bf0
[ 84.423390][ T6539] ? __pfx_do_exit+0x10/0x10
[ 84.423409][ T6539] ? do_raw_spin_lock+0x12c/0x2b0
[ 84.423423][ T6539] ? get_signal+0x8f5/0x26d0
[ 84.423441][ T6539] ? rcu_is_watching+0x12/0xc0
[ 84.423459][ T6539] do_group_exit+0xd3/0x2a0
[ 84.423481][ T6539] get_signal+0x2673/0x26d0
[ 84.423502][ T6539] ? __pfx_get_signal+0x10/0x10
[ 84.423520][ T6539] ? do_futex+0x122/0x350
[ 84.423539][ T6539] ? __pfx_do_futex+0x10/0x10
[ 84.423561][ T6539] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.423582][ T6539] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 84.423606][ T6539] exit_to_user_mode_loop+0x84/0x110
[ 84.423622][ T6539] do_syscall_64+0x3f6/0x4c0
[ 84.423640][ T6539] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.423655][ T6539] RIP: 0033:0x7fabb898e969
[ 84.423667][ T6539] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 84.423674][ T6539] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 84.423688][ T6539] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 84.423698][ T6539] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 84.423707][ T6539] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 84.423717][ T6539] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 84.423724][ T6539] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 84.423736][ T6539]
[ 84.565390][ T6541] BUG: Bad page state in process syz.0.19 pfn:51401
[ 84.567456][ T6541] page does not match folio
[ 84.568861][ T6541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x51401
[ 84.571863][ T6541] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 84.574211][ T6541] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 84.576829][ T6541] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 84.579435][ T6541] page dumped because: nonzero pincount
[ 84.581120][ T6541] page_owner tracks the page as allocated
[ 84.582828][ T6541] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6540, tgid 6540 (syz.0.19), ts 84550196930, free_ts 51327720806
[ 84.588668][ T6541] post_alloc_hook+0x1c0/0x230
[ 84.590161][ T6541] get_page_from_freelist+0x132b/0x38e0
[ 84.591867][ T6541] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 84.593745][ T6541] alloc_pages_mpol+0x1fb/0x550
[ 84.595523][ T6541] folio_alloc_noprof+0x20/0x2d0
[ 84.597426][ T6541] filemap_alloc_folio_noprof+0x3a1/0x470
[ 84.599611][ T6541] page_cache_ra_order+0x4e1/0xd70
[ 84.601561][ T6541] filemap_fault+0x1b4b/0x2930
[ 84.603514][ T6541] __do_fault+0x10a/0x490
[ 84.605182][ T6541] do_pte_missing+0x1a6/0x3ba0
[ 84.607034][ T6541] __handle_mm_fault+0x152a/0x2a50
[ 84.609021][ T6541] handle_mm_fault+0x589/0xd10
[ 84.610888][ T6541] do_user_addr_fault+0x60c/0x1370
[ 84.612931][ T6541] exc_page_fault+0x5c/0xb0
[ 84.614699][ T6541] asm_exc_page_fault+0x26/0x30
[ 84.616582][ T6541] page last free pid 6019 tgid 6019 stack trace:
[ 84.618993][ T6541] __free_frozen_pages+0x7d5/0x10f0
[ 84.620999][ T6541] vfree+0x1fd/0xb50
[ 84.622523][ T6541] kcov_close+0x34/0x60
[ 84.624305][ T6541] __fput+0x3ff/0xb70
[ 84.625812][ T6541] task_work_run+0x14d/0x240
[ 84.627479][ T6541] do_exit+0x86f/0x2bf0
[ 84.628979][ T6541] do_group_exit+0xd3/0x2a0
[ 84.630623][ T6541] get_signal+0x2673/0x26d0
[ 84.632254][ T6541] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.634569][ T6541] exit_to_user_mode_loop+0x84/0x110
[ 84.636837][ T6541] do_syscall_64+0x3f6/0x4c0
[ 84.638510][ T6541] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.640629][ T6541] Modules linked in:
[ 84.642038][ T6541] CPU: 0 UID: 0 PID: 6541 Comm: syz.0.19 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 84.642060][ T6541] Tainted: [B]=BAD_PAGE
[ 84.642065][ T6541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.642074][ T6541] Call Trace:
[ 84.642079][ T6541]
[ 84.642084][ T6541] dump_stack_lvl+0x16c/0x1f0
[ 84.642104][ T6541] bad_page+0xcf/0x220
[ 84.642124][ T6541] ? __pfx_bad_page+0x10/0x10
[ 84.642140][ T6541] free_tail_page_prepare+0x44f/0x5b0
[ 84.642158][ T6541] __free_frozen_pages+0xbae/0x10f0
[ 84.642180][ T6541] __folio_put+0x329/0x450
[ 84.642194][ T6541] ? __pfx___folio_put+0x10/0x10
[ 84.642209][ T6541] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 84.642224][ T6541] ? rcu_is_watching+0x12/0xc0
[ 84.642241][ T6541] ? lock_release+0x201/0x2f0
[ 84.642262][ T6541] filemap_free_folio+0x132/0x170
[ 84.642275][ T6541] delete_from_page_cache_batch+0x741/0x9b0
[ 84.642291][ T6541] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 84.642307][ T6541] ? __pfx_workingset_update_node+0x10/0x10
[ 84.642322][ T6541] ? xas_move_index+0xb0/0x110
[ 84.642344][ T6541] truncate_inode_pages_range+0x279/0xe50
[ 84.642363][ T6541] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.642387][ T6541] ? rcu_is_watching+0x12/0xc0
[ 84.642404][ T6541] ? has_bh_in_lru+0x9d/0x100
[ 84.642418][ T6541] ? smp_call_function_many_cond+0x457/0x1600
[ 84.642444][ T6541] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.642460][ T6541] ? __pfx_has_bh_in_lru+0x10/0x10
[ 84.642475][ T6541] blkdev_flush_mapping+0xfb/0x290
[ 84.642491][ T6541] ? filemap_check_errors+0xa9/0x160
[ 84.642510][ T6541] blkdev_put_whole+0xc4/0xf0
[ 84.642525][ T6541] bdev_release+0x47e/0x6d0
[ 84.642542][ T6541] ? __pfx_blkdev_release+0x10/0x10
[ 84.642560][ T6541] blkdev_release+0x15/0x20
[ 84.642576][ T6541] __fput+0x3ff/0xb70
[ 84.642595][ T6541] task_work_run+0x14d/0x240
[ 84.642609][ T6541] ? __pfx_task_work_run+0x10/0x10
[ 84.642624][ T6541] ? do_raw_spin_unlock+0x172/0x230
[ 84.642640][ T6541] do_exit+0x86f/0x2bf0
[ 84.642661][ T6541] ? __pfx_do_exit+0x10/0x10
[ 84.642681][ T6541] ? do_raw_spin_lock+0x12c/0x2b0
[ 84.642694][ T6541] ? get_signal+0x8f5/0x26d0
[ 84.642711][ T6541] ? rcu_is_watching+0x12/0xc0
[ 84.642728][ T6541] do_group_exit+0xd3/0x2a0
[ 84.642748][ T6541] get_signal+0x2673/0x26d0
[ 84.642768][ T6541] ? __pfx_get_signal+0x10/0x10
[ 84.642784][ T6541] ? do_futex+0x122/0x350
[ 84.642805][ T6541] ? __pfx_do_futex+0x10/0x10
[ 84.642825][ T6541] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.642844][ T6541] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 84.642879][ T6541] exit_to_user_mode_loop+0x84/0x110
[ 84.642894][ T6541] do_syscall_64+0x3f6/0x4c0
[ 84.642914][ T6541] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.642928][ T6541] RIP: 0033:0x7fabb898e969
[ 84.642938][ T6541] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 84.642944][ T6541] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 84.642958][ T6541] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 84.642967][ T6541] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 84.642976][ T6541] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 84.642985][ T6541] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 84.642994][ T6541] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 84.643007][ T6541]
[ 84.752066][ T6541] BUG: Bad page state in process syz.0.19 pfn:51400
[ 84.754204][ T6541] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x51400
[ 84.756893][ T6541] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 84.759348][ T6541] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 84.762183][ T6541] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 84.765274][ T6541] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.767912][ T6541] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 84.770527][ T6541] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.773226][ T6541] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.775879][ T6541] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 84.778418][ T6541] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 84.780558][ T6541] page_owner tracks the page as allocated
[ 84.782236][ T6541] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6540, tgid 6540 (syz.0.19), ts 84550196930, free_ts 51327715305
[ 84.788248][ T6541] post_alloc_hook+0x1c0/0x230
[ 84.790195][ T6541] get_page_from_freelist+0x132b/0x38e0
[ 84.791912][ T6541] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 84.793811][ T6541] alloc_pages_mpol+0x1fb/0x550
[ 84.795298][ T6541] folio_alloc_noprof+0x20/0x2d0
[ 84.796773][ T6541] filemap_alloc_folio_noprof+0x3a1/0x470
[ 84.798457][ T6541] page_cache_ra_order+0x4e1/0xd70
[ 84.800018][ T6541] filemap_fault+0x1b4b/0x2930
[ 84.801461][ T6541] __do_fault+0x10a/0x490
[ 84.802790][ T6541] do_pte_missing+0x1a6/0x3ba0
[ 84.804384][ T6541] __handle_mm_fault+0x152a/0x2a50
[ 84.805923][ T6541] handle_mm_fault+0x589/0xd10
[ 84.807349][ T6541] do_user_addr_fault+0x60c/0x1370
[ 84.808878][ T6541] exc_page_fault+0x5c/0xb0
[ 84.810334][ T6541] asm_exc_page_fault+0x26/0x30
[ 84.811823][ T6541] page last free pid 6019 tgid 6019 stack trace:
[ 84.813931][ T6541] __free_frozen_pages+0x7d5/0x10f0
[ 84.815507][ T6541] vfree+0x1fd/0xb50
[ 84.816711][ T6541] kcov_close+0x34/0x60
[ 84.817970][ T6541] __fput+0x3ff/0xb70
[ 84.819186][ T6541] task_work_run+0x14d/0x240
[ 84.820654][ T6541] do_exit+0x86f/0x2bf0
[ 84.821941][ T6541] do_group_exit+0xd3/0x2a0
[ 84.823427][ T6541] get_signal+0x2673/0x26d0
[ 84.824836][ T6541] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.826498][ T6541] exit_to_user_mode_loop+0x84/0x110
[ 84.828068][ T6541] do_syscall_64+0x3f6/0x4c0
[ 84.829450][ T6541] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.831290][ T6541] Modules linked in:
[ 84.832491][ T6541] CPU: 3 UID: 0 PID: 6541 Comm: syz.0.19 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 84.832508][ T6541] Tainted: [B]=BAD_PAGE
[ 84.832511][ T6541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.832518][ T6541] Call Trace:
[ 84.832521][ T6541]
[ 84.832525][ T6541] dump_stack_lvl+0x16c/0x1f0
[ 84.832541][ T6541] bad_page+0xcf/0x220
[ 84.832551][ T6541] ? __pfx_bad_page+0x10/0x10
[ 84.832562][ T6541] ? page_bad_reason+0x9d/0x1f0
[ 84.832574][ T6541] __free_frozen_pages+0x7f7/0x10f0
[ 84.832590][ T6541] __folio_put+0x329/0x450
[ 84.832600][ T6541] ? __pfx___folio_put+0x10/0x10
[ 84.832610][ T6541] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 84.832621][ T6541] ? rcu_is_watching+0x12/0xc0
[ 84.832634][ T6541] ? lock_release+0x201/0x2f0
[ 84.832650][ T6541] filemap_free_folio+0x132/0x170
[ 84.832660][ T6541] delete_from_page_cache_batch+0x741/0x9b0
[ 84.832672][ T6541] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 84.832683][ T6541] ? __pfx_workingset_update_node+0x10/0x10
[ 84.832694][ T6541] ? xas_move_index+0xb0/0x110
[ 84.832709][ T6541] truncate_inode_pages_range+0x279/0xe50
[ 84.832724][ T6541] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.832741][ T6541] ? rcu_is_watching+0x12/0xc0
[ 84.832753][ T6541] ? has_bh_in_lru+0x9d/0x100
[ 84.832763][ T6541] ? smp_call_function_many_cond+0x457/0x1600
[ 84.832782][ T6541] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.832794][ T6541] ? __pfx_has_bh_in_lru+0x10/0x10
[ 84.832804][ T6541] blkdev_flush_mapping+0xfb/0x290
[ 84.832816][ T6541] ? filemap_check_errors+0xa9/0x160
[ 84.832831][ T6541] blkdev_put_whole+0xc4/0xf0
[ 84.832842][ T6541] bdev_release+0x47e/0x6d0
[ 84.832855][ T6541] ? __pfx_blkdev_release+0x10/0x10
[ 84.832880][ T6541] blkdev_release+0x15/0x20
[ 84.832897][ T6541] __fput+0x3ff/0xb70
[ 84.832910][ T6541] task_work_run+0x14d/0x240
[ 84.832921][ T6541] ? __pfx_task_work_run+0x10/0x10
[ 84.832944][ T6541] ? do_raw_spin_unlock+0x172/0x230
[ 84.832956][ T6541] do_exit+0x86f/0x2bf0
[ 84.832972][ T6541] ? __pfx_do_exit+0x10/0x10
[ 84.832986][ T6541] ? do_raw_spin_lock+0x12c/0x2b0
[ 84.832996][ T6541] ? get_signal+0x8f5/0x26d0
[ 84.833008][ T6541] ? rcu_is_watching+0x12/0xc0
[ 84.833021][ T6541] do_group_exit+0xd3/0x2a0
[ 84.833037][ T6541] get_signal+0x2673/0x26d0
[ 84.833051][ T6541] ? __pfx_get_signal+0x10/0x10
[ 84.833064][ T6541] ? do_futex+0x122/0x350
[ 84.833079][ T6541] ? __pfx_do_futex+0x10/0x10
[ 84.833095][ T6541] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.833108][ T6541] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 84.833125][ T6541] exit_to_user_mode_loop+0x84/0x110
[ 84.833135][ T6541] do_syscall_64+0x3f6/0x4c0
[ 84.833150][ T6541] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.833160][ T6541] RIP: 0033:0x7fabb898e969
[ 84.833167][ T6541] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 84.833172][ T6541] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 84.833182][ T6541] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 84.833188][ T6541] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 84.833194][ T6541] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 84.833200][ T6541] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 84.833206][ T6541] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 84.833215][ T6541]
[ 84.893017][ T63] Bluetooth: hci0: command tx timeout
[ 84.927157][ T6542] BUG: Bad page state in process syz.0.20 pfn:51e01
[ 84.941361][ T6542] page does not match folio
[ 84.943239][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x51e01
[ 84.947067][ T6542] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 84.949933][ T6542] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 84.953535][ T6542] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 84.956811][ T6542] page dumped because: nonzero pincount
[ 84.958932][ T6542] page_owner tracks the page as allocated
[ 84.961112][ T6542] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6542, tgid 6542 (syz.0.20), ts 84900256542, free_ts 84545359301
[ 84.968733][ T6542] post_alloc_hook+0x1c0/0x230
[ 84.970624][ T6542] get_page_from_freelist+0x132b/0x38e0
[ 84.972764][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 84.979765][ T6542] alloc_pages_mpol+0x1fb/0x550
[ 84.981674][ T6542] folio_alloc_noprof+0x20/0x2d0
[ 84.983709][ T6542] filemap_alloc_folio_noprof+0x3a1/0x470
[ 84.985925][ T6542] page_cache_ra_order+0x4e1/0xd70
[ 84.987903][ T6542] filemap_fault+0x1b4b/0x2930
[ 84.989753][ T6542] __do_fault+0x10a/0x490
[ 84.991447][ T6542] do_pte_missing+0x1a6/0x3ba0
[ 84.993430][ T6542] __handle_mm_fault+0x152a/0x2a50
[ 84.995432][ T6542] handle_mm_fault+0x589/0xd10
[ 84.997309][ T6542] do_user_addr_fault+0x60c/0x1370
[ 84.999272][ T6542] exc_page_fault+0x5c/0xb0
[ 85.001024][ T6542] asm_exc_page_fault+0x26/0x30
[ 85.003040][ T6542] page last free pid 6539 tgid 6538 stack trace:
[ 85.005505][ T6542] free_unref_folios+0xa61/0x16b0
[ 85.007511][ T6542] folios_put_refs+0x56f/0x740
[ 85.009355][ T6542] truncate_inode_pages_range+0x311/0xe50
[ 85.011592][ T6542] blkdev_flush_mapping+0xfb/0x290
[ 85.013652][ T6542] blkdev_put_whole+0xc4/0xf0
[ 85.015506][ T6542] bdev_release+0x47e/0x6d0
[ 85.017252][ T6542] blkdev_release+0x15/0x20
[ 85.019015][ T6542] __fput+0x3ff/0xb70
[ 85.020569][ T6542] task_work_run+0x14d/0x240
[ 85.022378][ T6542] do_exit+0x86f/0x2bf0
[ 85.024217][ T6542] do_group_exit+0xd3/0x2a0
[ 85.025749][ T6542] get_signal+0x2673/0x26d0
[ 85.027562][ T6542] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.029681][ T6542] exit_to_user_mode_loop+0x84/0x110
[ 85.031841][ T6542] do_syscall_64+0x3f6/0x4c0
[ 85.033885][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.036223][ T6542] Modules linked in:
[ 85.037740][ T6542] CPU: 2 UID: 0 PID: 6542 Comm: syz.0.20 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 85.037764][ T6542] Tainted: [B]=BAD_PAGE
[ 85.037770][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.037780][ T6542] Call Trace:
[ 85.037786][ T6542]
[ 85.037790][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 85.037812][ T6542] bad_page+0xcf/0x220
[ 85.037829][ T6542] ? __pfx_bad_page+0x10/0x10
[ 85.037846][ T6542] free_tail_page_prepare+0x44f/0x5b0
[ 85.037866][ T6542] __free_frozen_pages+0xbae/0x10f0
[ 85.037895][ T6542] __folio_put+0x329/0x450
[ 85.037907][ T6542] ? __pfx___folio_put+0x10/0x10
[ 85.037923][ T6542] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 85.037939][ T6542] ? rcu_is_watching+0x12/0xc0
[ 85.037958][ T6542] ? lock_release+0x201/0x2f0
[ 85.037981][ T6542] filemap_free_folio+0x132/0x170
[ 85.037996][ T6542] delete_from_page_cache_batch+0x741/0x9b0
[ 85.038010][ T6542] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 85.038028][ T6542] ? __pfx_workingset_update_node+0x10/0x10
[ 85.038043][ T6542] ? xas_move_index+0xb0/0x110
[ 85.038065][ T6542] truncate_inode_pages_range+0x279/0xe50
[ 85.038087][ T6542] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 85.038109][ T6542] ? rcu_is_watching+0x12/0xc0
[ 85.038126][ T6542] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 85.038143][ T6542] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.038161][ T6542] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.038177][ T6542] ? smp_call_function_many_cond+0x457/0x1600
[ 85.038204][ T6542] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.038218][ T6542] ? __pfx_has_bh_in_lru+0x10/0x10
[ 85.038235][ T6542] blkdev_flush_mapping+0xfb/0x290
[ 85.038253][ T6542] blkdev_put_whole+0xc4/0xf0
[ 85.038269][ T6542] bdev_release+0x47e/0x6d0
[ 85.038288][ T6542] ? __pfx_blkdev_release+0x10/0x10
[ 85.038304][ T6542] blkdev_release+0x15/0x20
[ 85.038321][ T6542] __fput+0x3ff/0xb70
[ 85.038342][ T6542] task_work_run+0x14d/0x240
[ 85.038358][ T6542] ? __pfx_task_work_run+0x10/0x10
[ 85.038374][ T6542] ? do_raw_spin_unlock+0x172/0x230
[ 85.038391][ T6542] do_exit+0x86f/0x2bf0
[ 85.038412][ T6542] ? __pfx_do_exit+0x10/0x10
[ 85.038433][ T6542] ? preempt_schedule_thunk+0x16/0x30
[ 85.038456][ T6542] do_group_exit+0xd3/0x2a0
[ 85.038478][ T6542] __x64_sys_exit_group+0x3e/0x50
[ 85.038498][ T6542] x64_sys_call+0x14fa/0x1720
[ 85.038514][ T6542] do_syscall_64+0xcd/0x4c0
[ 85.038536][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.038551][ T6542] RIP: 0033:0x7fabb898e969
[ 85.038562][ T6542] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 85.038569][ T6542] RSP: 002b:00007fff6fc31168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 85.038583][ T6542] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fabb898e969
[ 85.038593][ T6542] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 85.038599][ T6542] RBP: 00007fff6fc311cc R08: 000000066fc3125f R09: 00000000000927c0
[ 85.038608][ T6542] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000004
[ 85.038617][ T6542] R13: 00000000000927c0 R14: 00000000000149d8 R15: 00007fff6fc31220
[ 85.038631][ T6542]
[ 85.038658][ T6542] BUG: Bad page state in process syz.0.20 pfn:51e00
[ 85.158823][ T6542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x51e00
[ 85.162164][ T6542] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 85.165488][ T6542] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 85.169189][ T6542] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 85.172461][ T6542] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.175776][ T6542] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 85.179069][ T6542] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.182365][ T6542] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.185739][ T6542] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 85.189000][ T6542] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 85.191758][ T6542] page_owner tracks the page as allocated
[ 85.195376][ T6542] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6542, tgid 6542 (syz.0.20), ts 84900256542, free_ts 84545359301
[ 85.202947][ T6542] post_alloc_hook+0x1c0/0x230
[ 85.204815][ T6542] get_page_from_freelist+0x132b/0x38e0
[ 85.206967][ T6542] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 85.209225][ T6542] alloc_pages_mpol+0x1fb/0x550
[ 85.211142][ T6542] folio_alloc_noprof+0x20/0x2d0
[ 85.213157][ T6542] filemap_alloc_folio_noprof+0x3a1/0x470
[ 85.215343][ T6542] page_cache_ra_order+0x4e1/0xd70
[ 85.217319][ T6542] filemap_fault+0x1b4b/0x2930
[ 85.219189][ T6542] __do_fault+0x10a/0x490
[ 85.220879][ T6542] do_pte_missing+0x1a6/0x3ba0
[ 85.222741][ T6542] __handle_mm_fault+0x152a/0x2a50
[ 85.224803][ T6542] handle_mm_fault+0x589/0xd10
[ 85.226701][ T6542] do_user_addr_fault+0x60c/0x1370
[ 85.228742][ T6542] exc_page_fault+0x5c/0xb0
[ 85.230560][ T6542] asm_exc_page_fault+0x26/0x30
[ 85.232506][ T6542] page last free pid 6539 tgid 6538 stack trace:
[ 85.235069][ T6542] free_unref_folios+0xa61/0x16b0
[ 85.237019][ T6542] folios_put_refs+0x56f/0x740
[ 85.238864][ T6542] truncate_inode_pages_range+0x311/0xe50
[ 85.241045][ T6542] blkdev_flush_mapping+0xfb/0x290
[ 85.243124][ T6542] blkdev_put_whole+0xc4/0xf0
[ 85.244968][ T6542] bdev_release+0x47e/0x6d0
[ 85.246723][ T6542] blkdev_release+0x15/0x20
[ 85.248484][ T6542] __fput+0x3ff/0xb70
[ 85.250045][ T6542] task_work_run+0x14d/0x240
[ 85.251841][ T6542] do_exit+0x86f/0x2bf0
[ 85.253530][ T6542] do_group_exit+0xd3/0x2a0
[ 85.255350][ T6542] get_signal+0x2673/0x26d0
[ 85.257143][ T6542] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.259322][ T6542] exit_to_user_mode_loop+0x84/0x110
[ 85.261339][ T6542] do_syscall_64+0x3f6/0x4c0
[ 85.263274][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.265631][ T6542] Modules linked in:
[ 85.267206][ T6542] CPU: 2 UID: 0 PID: 6542 Comm: syz.0.20 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 85.267230][ T6542] Tainted: [B]=BAD_PAGE
[ 85.267236][ T6542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.267245][ T6542] Call Trace:
[ 85.267250][ T6542]
[ 85.267256][ T6542] dump_stack_lvl+0x16c/0x1f0
[ 85.267277][ T6542] bad_page+0xcf/0x220
[ 85.267292][ T6542] ? __pfx_bad_page+0x10/0x10
[ 85.267309][ T6542] ? page_bad_reason+0x9d/0x1f0
[ 85.267325][ T6542] __free_frozen_pages+0x7f7/0x10f0
[ 85.267349][ T6542] __folio_put+0x329/0x450
[ 85.267364][ T6542] ? __pfx___folio_put+0x10/0x10
[ 85.267380][ T6542] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 85.267393][ T6542] ? rcu_is_watching+0x12/0xc0
[ 85.267411][ T6542] ? lock_release+0x201/0x2f0
[ 85.267434][ T6542] filemap_free_folio+0x132/0x170
[ 85.267449][ T6542] delete_from_page_cache_batch+0x741/0x9b0
[ 85.267467][ T6542] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 85.267484][ T6542] ? __pfx_workingset_update_node+0x10/0x10
[ 85.267496][ T6542] ? xas_move_index+0xb0/0x110
[ 85.267519][ T6542] truncate_inode_pages_range+0x279/0xe50
[ 85.267540][ T6542] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 85.267566][ T6542] ? rcu_is_watching+0x12/0xc0
[ 85.267584][ T6542] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 85.267597][ T6542] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.267616][ T6542] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.267633][ T6542] ? smp_call_function_many_cond+0x457/0x1600
[ 85.267660][ T6542] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.267677][ T6542] ? __pfx_has_bh_in_lru+0x10/0x10
[ 85.267689][ T6542] blkdev_flush_mapping+0xfb/0x290
[ 85.267708][ T6542] blkdev_put_whole+0xc4/0xf0
[ 85.267725][ T6542] bdev_release+0x47e/0x6d0
[ 85.267744][ T6542] ? __pfx_blkdev_release+0x10/0x10
[ 85.267762][ T6542] blkdev_release+0x15/0x20
[ 85.267780][ T6542] __fput+0x3ff/0xb70
[ 85.267797][ T6542] task_work_run+0x14d/0x240
[ 85.267813][ T6542] ? __pfx_task_work_run+0x10/0x10
[ 85.267829][ T6542] ? do_raw_spin_unlock+0x172/0x230
[ 85.267846][ T6542] do_exit+0x86f/0x2bf0
[ 85.267874][ T6542] ? __pfx_do_exit+0x10/0x10
[ 85.267892][ T6542] ? preempt_schedule_thunk+0x16/0x30
[ 85.267915][ T6542] do_group_exit+0xd3/0x2a0
[ 85.267937][ T6542] __x64_sys_exit_group+0x3e/0x50
[ 85.267959][ T6542] x64_sys_call+0x14fa/0x1720
[ 85.267977][ T6542] do_syscall_64+0xcd/0x4c0
[ 85.267994][ T6542] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.268010][ T6542] RIP: 0033:0x7fabb898e969
[ 85.268022][ T6542] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 85.268029][ T6542] RSP: 002b:00007fff6fc31168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 85.268044][ T6542] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fabb898e969
[ 85.268054][ T6542] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 85.268063][ T6542] RBP: 00007fff6fc311cc R08: 000000066fc3125f R09: 00000000000927c0
[ 85.268073][ T6542] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000004
[ 85.268082][ T6542] R13: 00000000000927c0 R14: 00000000000149d8 R15: 00007fff6fc31220
[ 85.268096][ T6542]
[ 85.292391][ T6545] BUG: Bad page state in process syz.0.21 pfn:4be01
[ 85.385018][ T6545] page does not match folio
[ 85.386456][ T6545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x4be01
[ 85.389370][ T6545] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 85.391612][ T6545] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 85.394538][ T6545] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 85.397127][ T6545] page dumped because: nonzero pincount
[ 85.398827][ T6545] page_owner tracks the page as allocated
[ 85.400539][ T6545] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6544, tgid 6544 (syz.0.21), ts 85273073741, free_ts 74459264545
[ 85.407159][ T6545] post_alloc_hook+0x1c0/0x230
[ 85.409116][ T6545] get_page_from_freelist+0x132b/0x38e0
[ 85.411261][ T6545] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 85.413725][ T6545] alloc_pages_mpol+0x1fb/0x550
[ 85.415716][ T6545] folio_alloc_noprof+0x20/0x2d0
[ 85.417710][ T6545] filemap_alloc_folio_noprof+0x3a1/0x470
[ 85.419949][ T6545] page_cache_ra_order+0x4e1/0xd70
[ 85.421938][ T6545] filemap_fault+0x1b4b/0x2930
[ 85.423843][ T6545] __do_fault+0x10a/0x490
[ 85.425501][ T6545] do_pte_missing+0x1a6/0x3ba0
[ 85.427323][ T6545] __handle_mm_fault+0x152a/0x2a50
[ 85.429401][ T6545] handle_mm_fault+0x589/0xd10
[ 85.431365][ T6545] do_user_addr_fault+0x60c/0x1370
[ 85.433809][ T6545] exc_page_fault+0x5c/0xb0
[ 85.435549][ T6545] asm_exc_page_fault+0x26/0x30
[ 85.437351][ T6545] page last free pid 6205 tgid 6205 stack trace:
[ 85.439714][ T6545] free_unref_folios+0xa61/0x16b0
[ 85.441516][ T6545] folios_put_refs+0x56f/0x740
[ 85.443084][ T6545] free_pages_and_swap_cache+0x245/0x4a0
[ 85.444809][ T6545] __tlb_batch_free_encoded_pages+0xf9/0x290
[ 85.446665][ T6545] tlb_finish_mmu+0x168/0x7c0
[ 85.448125][ T6545] vms_clear_ptes+0x55e/0x770
[ 85.449588][ T6545] vms_complete_munmap_vmas+0x1ca/0x970
[ 85.451295][ T6545] do_vmi_align_munmap+0x43b/0x7d0
[ 85.452926][ T6545] do_vmi_munmap+0x204/0x3e0
[ 85.454396][ T6545] __vm_munmap+0x19a/0x390
[ 85.455784][ T6545] __x64_sys_munmap+0x59/0x80
[ 85.457248][ T6545] do_syscall_64+0xcd/0x4c0
[ 85.458664][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.460520][ T6545] Modules linked in:
[ 85.461743][ T6545] CPU: 1 UID: 0 PID: 6545 Comm: syz.0.21 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 85.461759][ T6545] Tainted: [B]=BAD_PAGE
[ 85.461762][ T6545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.461769][ T6545] Call Trace:
[ 85.461772][ T6545]
[ 85.461776][ T6545] dump_stack_lvl+0x16c/0x1f0
[ 85.461791][ T6545] bad_page+0xcf/0x220
[ 85.461802][ T6545] ? __pfx_bad_page+0x10/0x10
[ 85.461814][ T6545] free_tail_page_prepare+0x44f/0x5b0
[ 85.461828][ T6545] __free_frozen_pages+0xbae/0x10f0
[ 85.461844][ T6545] __folio_put+0x329/0x450
[ 85.461854][ T6545] ? __pfx___folio_put+0x10/0x10
[ 85.461864][ T6545] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 85.461875][ T6545] ? rcu_is_watching+0x12/0xc0
[ 85.461888][ T6545] ? lock_release+0x201/0x2f0
[ 85.461903][ T6545] filemap_free_folio+0x132/0x170
[ 85.461913][ T6545] delete_from_page_cache_batch+0x741/0x9b0
[ 85.461926][ T6545] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 85.461937][ T6545] ? __pfx_workingset_update_node+0x10/0x10
[ 85.461948][ T6545] ? xas_move_index+0xb0/0x110
[ 85.461963][ T6545] truncate_inode_pages_range+0x279/0xe50
[ 85.461977][ T6545] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 85.461995][ T6545] ? rcu_is_watching+0x12/0xc0
[ 85.462006][ T6545] ? has_bh_in_lru+0x9d/0x100
[ 85.462018][ T6545] ? smp_call_function_many_cond+0x457/0x1600
[ 85.462036][ T6545] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.462048][ T6545] ? __pfx_has_bh_in_lru+0x10/0x10
[ 85.462059][ T6545] blkdev_flush_mapping+0xfb/0x290
[ 85.462071][ T6545] ? filemap_check_errors+0xa9/0x160
[ 85.462086][ T6545] blkdev_put_whole+0xc4/0xf0
[ 85.462097][ T6545] bdev_release+0x47e/0x6d0
[ 85.462109][ T6545] ? __pfx_blkdev_release+0x10/0x10
[ 85.462123][ T6545] blkdev_release+0x15/0x20
[ 85.462135][ T6545] __fput+0x3ff/0xb70
[ 85.462149][ T6545] task_work_run+0x14d/0x240
[ 85.462164][ T6545] ? __pfx_task_work_run+0x10/0x10
[ 85.462175][ T6545] ? do_raw_spin_unlock+0x172/0x230
[ 85.462187][ T6545] do_exit+0x86f/0x2bf0
[ 85.462202][ T6545] ? futex_private_hash_put+0x112/0x300
[ 85.462216][ T6545] ? rcu_is_watching+0x12/0xc0
[ 85.462228][ T6545] ? __pfx_do_exit+0x10/0x10
[ 85.462243][ T6545] ? do_raw_spin_lock+0x12c/0x2b0
[ 85.462253][ T6545] ? get_signal+0x8f5/0x26d0
[ 85.462265][ T6545] ? rcu_is_watching+0x12/0xc0
[ 85.462278][ T6545] do_group_exit+0xd3/0x2a0
[ 85.462293][ T6545] get_signal+0x2673/0x26d0
[ 85.462308][ T6545] ? __pfx_get_signal+0x10/0x10
[ 85.462320][ T6545] ? do_futex+0x122/0x350
[ 85.462335][ T6545] ? __pfx_do_futex+0x10/0x10
[ 85.462351][ T6545] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.462365][ T6545] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 85.462382][ T6545] exit_to_user_mode_loop+0x84/0x110
[ 85.462392][ T6545] do_syscall_64+0x3f6/0x4c0
[ 85.462407][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.462418][ T6545] RIP: 0033:0x7fabb898e969
[ 85.462425][ T6545] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 85.462430][ T6545] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 85.462439][ T6545] RAX: 0000000000000001 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 85.462446][ T6545] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fabb8bb5fac
[ 85.462452][ T6545] RBP: 00007fabb8bb5fa0 R08: 00007fabb97f9000 R09: 0000000000000000
[ 85.462458][ T6545] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 85.462464][ T6545] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 85.462473][ T6545]
[ 85.462488][ T6545] BUG: Bad page state in process syz.0.21 pfn:4be00
[ 85.569610][ T6545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4be00
[ 85.572275][ T6545] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 85.574899][ T6545] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 85.577858][ T6545] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 85.580460][ T6545] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.583214][ T6545] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 85.585764][ T6545] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.588395][ T6545] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.591000][ T6545] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 85.593912][ T6545] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 85.596147][ T6545] page_owner tracks the page as allocated
[ 85.597886][ T6545] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6544, tgid 6544 (syz.0.21), ts 85273073741, free_ts 74459259481
[ 85.604055][ T6545] post_alloc_hook+0x1c0/0x230
[ 85.605522][ T6545] get_page_from_freelist+0x132b/0x38e0
[ 85.607207][ T6545] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 85.608987][ T6545] alloc_pages_mpol+0x1fb/0x550
[ 85.610478][ T6545] folio_alloc_noprof+0x20/0x2d0
[ 85.611998][ T6545] filemap_alloc_folio_noprof+0x3a1/0x470
[ 85.613979][ T6545] page_cache_ra_order+0x4e1/0xd70
[ 85.615521][ T6545] filemap_fault+0x1b4b/0x2930
[ 85.616963][ T6545] __do_fault+0x10a/0x490
[ 85.618277][ T6545] do_pte_missing+0x1a6/0x3ba0
[ 85.619706][ T6545] __handle_mm_fault+0x152a/0x2a50
[ 85.621283][ T6545] handle_mm_fault+0x589/0xd10
[ 85.622839][ T6545] do_user_addr_fault+0x60c/0x1370
[ 85.624444][ T6545] exc_page_fault+0x5c/0xb0
[ 85.625847][ T6545] asm_exc_page_fault+0x26/0x30
[ 85.627346][ T6545] page last free pid 6205 tgid 6205 stack trace:
[ 85.629248][ T6545] free_unref_folios+0xa61/0x16b0
[ 85.630750][ T6545] folios_put_refs+0x56f/0x740
[ 85.632181][ T6545] free_pages_and_swap_cache+0x245/0x4a0
[ 85.634196][ T6545] __tlb_batch_free_encoded_pages+0xf9/0x290
[ 85.636254][ T6545] tlb_finish_mmu+0x168/0x7c0
[ 85.637885][ T6545] vms_clear_ptes+0x55e/0x770
[ 85.639530][ T6545] vms_complete_munmap_vmas+0x1ca/0x970
[ 85.641414][ T6545] do_vmi_align_munmap+0x43b/0x7d0
[ 85.643266][ T6545] do_vmi_munmap+0x204/0x3e0
[ 85.644855][ T6545] __vm_munmap+0x19a/0x390
[ 85.646380][ T6545] __x64_sys_munmap+0x59/0x80
[ 85.647980][ T6545] do_syscall_64+0xcd/0x4c0
[ 85.649525][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.651562][ T6545] Modules linked in:
[ 85.653014][ T6545] CPU: 1 UID: 0 PID: 6545 Comm: syz.0.21 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 85.653036][ T6545] Tainted: [B]=BAD_PAGE
[ 85.653041][ T6545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.653049][ T6545] Call Trace:
[ 85.653054][ T6545]
[ 85.653059][ T6545] dump_stack_lvl+0x16c/0x1f0
[ 85.653079][ T6545] bad_page+0xcf/0x220
[ 85.653093][ T6545] ? __pfx_bad_page+0x10/0x10
[ 85.653108][ T6545] ? page_bad_reason+0x9d/0x1f0
[ 85.653122][ T6545] __free_frozen_pages+0x7f7/0x10f0
[ 85.653143][ T6545] __folio_put+0x329/0x450
[ 85.653156][ T6545] ? __pfx___folio_put+0x10/0x10
[ 85.653174][ T6545] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 85.653188][ T6545] ? rcu_is_watching+0x12/0xc0
[ 85.653205][ T6545] ? lock_release+0x201/0x2f0
[ 85.653226][ T6545] filemap_free_folio+0x132/0x170
[ 85.653239][ T6545] delete_from_page_cache_batch+0x741/0x9b0
[ 85.653255][ T6545] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 85.653271][ T6545] ? __pfx_workingset_update_node+0x10/0x10
[ 85.653284][ T6545] ? xas_move_index+0xb0/0x110
[ 85.653304][ T6545] truncate_inode_pages_range+0x279/0xe50
[ 85.653324][ T6545] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 85.653347][ T6545] ? rcu_is_watching+0x12/0xc0
[ 85.653363][ T6545] ? has_bh_in_lru+0x9d/0x100
[ 85.653376][ T6545] ? smp_call_function_many_cond+0x457/0x1600
[ 85.653402][ T6545] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.653417][ T6545] ? __pfx_has_bh_in_lru+0x10/0x10
[ 85.653431][ T6545] blkdev_flush_mapping+0xfb/0x290
[ 85.653447][ T6545] ? filemap_check_errors+0xa9/0x160
[ 85.653465][ T6545] blkdev_put_whole+0xc4/0xf0
[ 85.653480][ T6545] bdev_release+0x47e/0x6d0
[ 85.653497][ T6545] ? __pfx_blkdev_release+0x10/0x10
[ 85.653514][ T6545] blkdev_release+0x15/0x20
[ 85.653530][ T6545] __fput+0x3ff/0xb70
[ 85.653548][ T6545] task_work_run+0x14d/0x240
[ 85.653563][ T6545] ? __pfx_task_work_run+0x10/0x10
[ 85.653578][ T6545] ? do_raw_spin_unlock+0x172/0x230
[ 85.653593][ T6545] do_exit+0x86f/0x2bf0
[ 85.653612][ T6545] ? futex_private_hash_put+0x112/0x300
[ 85.653631][ T6545] ? rcu_is_watching+0x12/0xc0
[ 85.653647][ T6545] ? __pfx_do_exit+0x10/0x10
[ 85.653666][ T6545] ? do_raw_spin_lock+0x12c/0x2b0
[ 85.653698][ T6545] ? get_signal+0x8f5/0x26d0
[ 85.653714][ T6545] ? rcu_is_watching+0x12/0xc0
[ 85.653731][ T6545] do_group_exit+0xd3/0x2a0
[ 85.653751][ T6545] get_signal+0x2673/0x26d0
[ 85.653770][ T6545] ? __pfx_get_signal+0x10/0x10
[ 85.653786][ T6545] ? do_futex+0x122/0x350
[ 85.653805][ T6545] ? __pfx_do_futex+0x10/0x10
[ 85.653826][ T6545] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.653844][ T6545] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 85.653866][ T6545] exit_to_user_mode_loop+0x84/0x110
[ 85.653879][ T6545] do_syscall_64+0x3f6/0x4c0
[ 85.653899][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.653913][ T6545] RIP: 0033:0x7fabb898e969
[ 85.653923][ T6545] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 85.653929][ T6545] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 85.653941][ T6545] RAX: 0000000000000001 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 85.653951][ T6545] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fabb8bb5fac
[ 85.653959][ T6545] RBP: 00007fabb8bb5fa0 R08: 00007fabb97f9000 R09: 0000000000000000
[ 85.653968][ T6545] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 85.653977][ T6545] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 85.653990][ T6545]
[ 85.785720][ T6547] BUG: Bad page state in process syz.0.22 pfn:4b401
[ 85.787663][ T6547] page does not match folio
[ 85.789010][ T6547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x4b401
[ 85.791905][ T6547] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 85.794210][ T6547] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 85.796705][ T6547] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 85.799197][ T6547] page dumped because: nonzero pincount
[ 85.800851][ T6547] page_owner tracks the page as allocated
[ 85.802544][ T6547] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6546, tgid 6546 (syz.0.22), ts 85659126245, free_ts 74443451232
[ 85.808636][ T6547] post_alloc_hook+0x1c0/0x230
[ 85.810140][ T6547] get_page_from_freelist+0x132b/0x38e0
[ 85.811843][ T6547] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 85.813798][ T6547] alloc_pages_mpol+0x1fb/0x550
[ 85.815318][ T6547] folio_alloc_noprof+0x20/0x2d0
[ 85.816821][ T6547] filemap_alloc_folio_noprof+0x3a1/0x470
[ 85.818585][ T6547] page_cache_ra_order+0x4e1/0xd70
[ 85.820154][ T6547] filemap_fault+0x1b4b/0x2930
[ 85.821632][ T6547] __do_fault+0x10a/0x490
[ 85.823096][ T6547] do_pte_missing+0x1a6/0x3ba0
[ 85.824963][ T6547] __handle_mm_fault+0x152a/0x2a50
[ 85.826544][ T6547] handle_mm_fault+0x589/0xd10
[ 85.828005][ T6547] do_user_addr_fault+0x60c/0x1370
[ 85.829578][ T6547] exc_page_fault+0x5c/0xb0
[ 85.830988][ T6547] asm_exc_page_fault+0x26/0x30
[ 85.832530][ T6547] page last free pid 6205 tgid 6205 stack trace:
[ 85.834580][ T6547] free_unref_folios+0xa61/0x16b0
[ 85.836209][ T6547] folios_put_refs+0x56f/0x740
[ 85.837809][ T6547] free_pages_and_swap_cache+0x245/0x4a0
[ 85.839674][ T6547] __tlb_batch_free_encoded_pages+0xf9/0x290
[ 85.841654][ T6547] tlb_finish_mmu+0x168/0x7c0
[ 85.843696][ T6547] vms_clear_ptes+0x55e/0x770
[ 85.845422][ T6547] vms_complete_munmap_vmas+0x1ca/0x970
[ 85.847337][ T6547] do_vmi_align_munmap+0x43b/0x7d0
[ 85.849068][ T6547] do_vmi_munmap+0x204/0x3e0
[ 85.850694][ T6547] __vm_munmap+0x19a/0x390
[ 85.852259][ T6547] __x64_sys_munmap+0x59/0x80
[ 85.854068][ T6547] do_syscall_64+0xcd/0x4c0
[ 85.855568][ T6547] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.857610][ T6547] Modules linked in:
[ 85.858935][ T6547] CPU: 0 UID: 0 PID: 6547 Comm: syz.0.22 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 85.858952][ T6547] Tainted: [B]=BAD_PAGE
[ 85.858956][ T6547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.858962][ T6547] Call Trace:
[ 85.858966][ T6547]
[ 85.858970][ T6547] dump_stack_lvl+0x16c/0x1f0
[ 85.858986][ T6547] bad_page+0xcf/0x220
[ 85.858997][ T6547] ? __pfx_bad_page+0x10/0x10
[ 85.859009][ T6547] free_tail_page_prepare+0x44f/0x5b0
[ 85.859023][ T6547] __free_frozen_pages+0xbae/0x10f0
[ 85.859040][ T6547] __folio_put+0x329/0x450
[ 85.859050][ T6547] ? __pfx___folio_put+0x10/0x10
[ 85.859060][ T6547] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 85.859071][ T6547] ? rcu_is_watching+0x12/0xc0
[ 85.859084][ T6547] ? lock_release+0x201/0x2f0
[ 85.859100][ T6547] filemap_free_folio+0x132/0x170
[ 85.859110][ T6547] delete_from_page_cache_batch+0x741/0x9b0
[ 85.859122][ T6547] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 85.859134][ T6547] ? __pfx_workingset_update_node+0x10/0x10
[ 85.859146][ T6547] ? xas_move_index+0xb0/0x110
[ 85.859161][ T6547] truncate_inode_pages_range+0x279/0xe50
[ 85.859176][ T6547] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 85.859193][ T6547] ? rcu_is_watching+0x12/0xc0
[ 85.859205][ T6547] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 85.859217][ T6547] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.859230][ T6547] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.859242][ T6547] ? smp_call_function_many_cond+0x457/0x1600
[ 85.859260][ T6547] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.859272][ T6547] ? __pfx_has_bh_in_lru+0x10/0x10
[ 85.859283][ T6547] blkdev_flush_mapping+0xfb/0x290
[ 85.859296][ T6547] ? filemap_check_errors+0xa9/0x160
[ 85.859310][ T6547] blkdev_put_whole+0xc4/0xf0
[ 85.859322][ T6547] bdev_release+0x47e/0x6d0
[ 85.859335][ T6547] ? __pfx_blkdev_release+0x10/0x10
[ 85.859349][ T6547] blkdev_release+0x15/0x20
[ 85.859361][ T6547] __fput+0x3ff/0xb70
[ 85.859375][ T6547] task_work_run+0x14d/0x240
[ 85.859387][ T6547] ? __pfx_task_work_run+0x10/0x10
[ 85.859399][ T6547] ? do_raw_spin_unlock+0x172/0x230
[ 85.859411][ T6547] do_exit+0x86f/0x2bf0
[ 85.859426][ T6547] ? futex_private_hash_put+0x112/0x300
[ 85.859440][ T6547] ? rcu_is_watching+0x12/0xc0
[ 85.859452][ T6547] ? __pfx_do_exit+0x10/0x10
[ 85.859467][ T6547] ? do_raw_spin_lock+0x12c/0x2b0
[ 85.859478][ T6547] ? get_signal+0x8f5/0x26d0
[ 85.859490][ T6547] ? rcu_is_watching+0x12/0xc0
[ 85.859502][ T6547] do_group_exit+0xd3/0x2a0
[ 85.859518][ T6547] get_signal+0x2673/0x26d0
[ 85.859532][ T6547] ? __pfx_get_signal+0x10/0x10
[ 85.859545][ T6547] ? do_futex+0x122/0x350
[ 85.859560][ T6547] ? __pfx_do_futex+0x10/0x10
[ 85.859576][ T6547] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.859590][ T6547] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 85.859607][ T6547] exit_to_user_mode_loop+0x84/0x110
[ 85.859619][ T6547] do_syscall_64+0x3f6/0x4c0
[ 85.859637][ T6547] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.859653][ T6547] RIP: 0033:0x7fabb898e969
[ 85.859662][ T6547] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 85.859667][ T6547] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 85.859676][ T6547] RAX: 0000000000000001 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 85.859683][ T6547] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fabb8bb5fac
[ 85.859690][ T6547] RBP: 00007fabb8bb5fa0 R08: 00007fabb97f9000 R09: 0000000000000000
[ 85.859696][ T6547] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 85.859702][ T6547] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 85.859711][ T6547]
[ 85.859725][ T6547] BUG: Bad page state in process syz.0.22 pfn:4b400
[ 85.982690][ T6547] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4b400
[ 85.987977][ T6547] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 85.990568][ T6547] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 85.993947][ T6547] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 85.996701][ T6547] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.999494][ T6547] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 86.002389][ T6547] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.005470][ T6547] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.008351][ T6547] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.011285][ T6547] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 86.013722][ T6547] page_owner tracks the page as allocated
[ 86.015536][ T6547] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6546, tgid 6546 (syz.0.22), ts 85659126245, free_ts 74443445933
[ 86.021632][ T6547] post_alloc_hook+0x1c0/0x230
[ 86.023336][ T6547] get_page_from_freelist+0x132b/0x38e0
[ 86.025175][ T6547] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.027269][ T6547] alloc_pages_mpol+0x1fb/0x550
[ 86.028949][ T6547] folio_alloc_noprof+0x20/0x2d0
[ 86.030755][ T6547] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.032673][ T6547] page_cache_ra_order+0x4e1/0xd70
[ 86.034502][ T6547] filemap_fault+0x1b4b/0x2930
[ 86.036111][ T6547] __do_fault+0x10a/0x490
[ 86.037594][ T6547] do_pte_missing+0x1a6/0x3ba0
[ 86.039215][ T6547] __handle_mm_fault+0x152a/0x2a50
[ 86.041021][ T6547] handle_mm_fault+0x589/0xd10
[ 86.042707][ T6547] do_user_addr_fault+0x60c/0x1370
[ 86.044445][ T6547] exc_page_fault+0x5c/0xb0
[ 86.045954][ T6547] asm_exc_page_fault+0x26/0x30
[ 86.047672][ T6547] page last free pid 6205 tgid 6205 stack trace:
[ 86.049834][ T6547] free_unref_folios+0xa61/0x16b0
[ 86.051652][ T6547] folios_put_refs+0x56f/0x740
[ 86.053234][ T6547] free_pages_and_swap_cache+0x245/0x4a0
[ 86.055074][ T6547] __tlb_batch_free_encoded_pages+0xf9/0x290
[ 86.056928][ T6547] tlb_finish_mmu+0x168/0x7c0
[ 86.058540][ T6547] vms_clear_ptes+0x55e/0x770
[ 86.060181][ T6547] vms_complete_munmap_vmas+0x1ca/0x970
[ 86.062131][ T6547] do_vmi_align_munmap+0x43b/0x7d0
[ 86.063786][ T6547] do_vmi_munmap+0x204/0x3e0
[ 86.065305][ T6547] __vm_munmap+0x19a/0x390
[ 86.066907][ T6547] __x64_sys_munmap+0x59/0x80
[ 86.068735][ T6547] do_syscall_64+0xcd/0x4c0
[ 86.070315][ T6547] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.072232][ T6547] Modules linked in:
[ 86.073663][ T6547] CPU: 0 UID: 0 PID: 6547 Comm: syz.0.22 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 86.073701][ T6547] Tainted: [B]=BAD_PAGE
[ 86.073708][ T6547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.073718][ T6547] Call Trace:
[ 86.073723][ T6547]
[ 86.073729][ T6547] dump_stack_lvl+0x16c/0x1f0
[ 86.073751][ T6547] bad_page+0xcf/0x220
[ 86.073762][ T6547] ? __pfx_bad_page+0x10/0x10
[ 86.073773][ T6547] ? page_bad_reason+0x9d/0x1f0
[ 86.073785][ T6547] __free_frozen_pages+0x7f7/0x10f0
[ 86.073801][ T6547] __folio_put+0x329/0x450
[ 86.073811][ T6547] ? __pfx___folio_put+0x10/0x10
[ 86.073822][ T6547] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 86.073833][ T6547] ? rcu_is_watching+0x12/0xc0
[ 86.073847][ T6547] ? lock_release+0x201/0x2f0
[ 86.073862][ T6547] filemap_free_folio+0x132/0x170
[ 86.073872][ T6547] delete_from_page_cache_batch+0x741/0x9b0
[ 86.073884][ T6547] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 86.073901][ T6547] ? __pfx_workingset_update_node+0x10/0x10
[ 86.073912][ T6547] ? xas_move_index+0xb0/0x110
[ 86.073928][ T6547] truncate_inode_pages_range+0x279/0xe50
[ 86.073942][ T6547] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 86.073960][ T6547] ? rcu_is_watching+0x12/0xc0
[ 86.073972][ T6547] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 86.073984][ T6547] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.073997][ T6547] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.074009][ T6547] ? smp_call_function_many_cond+0x457/0x1600
[ 86.074028][ T6547] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.074040][ T6547] ? __pfx_has_bh_in_lru+0x10/0x10
[ 86.074050][ T6547] blkdev_flush_mapping+0xfb/0x290
[ 86.074062][ T6547] ? filemap_check_errors+0xa9/0x160
[ 86.074077][ T6547] blkdev_put_whole+0xc4/0xf0
[ 86.074088][ T6547] bdev_release+0x47e/0x6d0
[ 86.074101][ T6547] ? __pfx_blkdev_release+0x10/0x10
[ 86.074114][ T6547] blkdev_release+0x15/0x20
[ 86.074126][ T6547] __fput+0x3ff/0xb70
[ 86.074142][ T6547] task_work_run+0x14d/0x240
[ 86.074153][ T6547] ? __pfx_task_work_run+0x10/0x10
[ 86.074164][ T6547] ? do_raw_spin_unlock+0x172/0x230
[ 86.074176][ T6547] do_exit+0x86f/0x2bf0
[ 86.074191][ T6547] ? futex_private_hash_put+0x112/0x300
[ 86.074205][ T6547] ? rcu_is_watching+0x12/0xc0
[ 86.074217][ T6547] ? __pfx_do_exit+0x10/0x10
[ 86.074232][ T6547] ? do_raw_spin_lock+0x12c/0x2b0
[ 86.074242][ T6547] ? get_signal+0x8f5/0x26d0
[ 86.074255][ T6547] ? rcu_is_watching+0x12/0xc0
[ 86.074267][ T6547] do_group_exit+0xd3/0x2a0
[ 86.074283][ T6547] get_signal+0x2673/0x26d0
[ 86.074297][ T6547] ? __pfx_get_signal+0x10/0x10
[ 86.074310][ T6547] ? do_futex+0x122/0x350
[ 86.074325][ T6547] ? __pfx_do_futex+0x10/0x10
[ 86.074340][ T6547] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.074354][ T6547] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.074371][ T6547] exit_to_user_mode_loop+0x84/0x110
[ 86.074382][ T6547] do_syscall_64+0x3f6/0x4c0
[ 86.074397][ T6547] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.074407][ T6547] RIP: 0033:0x7fabb898e969
[ 86.074415][ T6547] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 86.074419][ T6547] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.074430][ T6547] RAX: 0000000000000001 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 86.074437][ T6547] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fabb8bb5fac
[ 86.074443][ T6547] RBP: 00007fabb8bb5fa0 R08: 00007fabb97f9000 R09: 0000000000000000
[ 86.074450][ T6547] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 86.074457][ T6547] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 86.074466][ T6547]
[ 86.096654][ T6549] BUG: Bad page state in process syz.0.23 pfn:51001
[ 86.202846][ T6549] page does not match folio
[ 86.204483][ T6549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x51001
[ 86.207742][ T6549] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 86.210341][ T6549] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 86.213249][ T6549] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.216097][ T6549] page dumped because: nonzero pincount
[ 86.217858][ T6549] page_owner tracks the page as allocated
[ 86.219810][ T6549] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6548, tgid 6548 (syz.0.23), ts 86079187560, free_ts 85268135295
[ 86.226172][ T6549] post_alloc_hook+0x1c0/0x230
[ 86.227857][ T6549] get_page_from_freelist+0x132b/0x38e0
[ 86.229718][ T6549] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.231748][ T6549] alloc_pages_mpol+0x1fb/0x550
[ 86.234309][ T6549] folio_alloc_noprof+0x20/0x2d0
[ 86.236202][ T6549] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.238331][ T6549] page_cache_ra_order+0x4e1/0xd70
[ 86.239976][ T6549] filemap_fault+0x1b4b/0x2930
[ 86.241552][ T6549] __do_fault+0x10a/0x490
[ 86.242962][ T6549] do_pte_missing+0x1a6/0x3ba0
[ 86.244482][ T6549] __handle_mm_fault+0x152a/0x2a50
[ 86.246216][ T6549] handle_mm_fault+0x589/0xd10
[ 86.247712][ T6549] do_user_addr_fault+0x60c/0x1370
[ 86.249299][ T6549] exc_page_fault+0x5c/0xb0
[ 86.250801][ T6549] asm_exc_page_fault+0x26/0x30
[ 86.252499][ T6549] page last free pid 6542 tgid 6542 stack trace:
[ 86.254805][ T6549] free_unref_folios+0xa61/0x16b0
[ 86.256436][ T6549] folios_put_refs+0x56f/0x740
[ 86.258055][ T6549] truncate_inode_pages_range+0x311/0xe50
[ 86.259793][ T6549] blkdev_flush_mapping+0xfb/0x290
[ 86.261524][ T6549] blkdev_put_whole+0xc4/0xf0
[ 86.263117][ T6549] bdev_release+0x47e/0x6d0
[ 86.264681][ T6549] blkdev_release+0x15/0x20
[ 86.266201][ T6549] __fput+0x3ff/0xb70
[ 86.267441][ T6549] task_work_run+0x14d/0x240
[ 86.268862][ T6549] do_exit+0x86f/0x2bf0
[ 86.270161][ T6549] do_group_exit+0xd3/0x2a0
[ 86.271553][ T6549] __x64_sys_exit_group+0x3e/0x50
[ 86.273158][ T6549] x64_sys_call+0x14fa/0x1720
[ 86.274615][ T6549] do_syscall_64+0xcd/0x4c0
[ 86.276035][ T6549] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.277851][ T6549] Modules linked in:
[ 86.279255][ T6549] CPU: 2 UID: 0 PID: 6549 Comm: syz.0.23 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 86.279273][ T6549] Tainted: [B]=BAD_PAGE
[ 86.279278][ T6549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.279285][ T6549] Call Trace:
[ 86.279288][ T6549]
[ 86.279292][ T6549] dump_stack_lvl+0x16c/0x1f0
[ 86.279309][ T6549] bad_page+0xcf/0x220
[ 86.279321][ T6549] ? __pfx_bad_page+0x10/0x10
[ 86.279333][ T6549] free_tail_page_prepare+0x44f/0x5b0
[ 86.279347][ T6549] __free_frozen_pages+0xbae/0x10f0
[ 86.279364][ T6549] __folio_put+0x329/0x450
[ 86.279374][ T6549] ? __pfx___folio_put+0x10/0x10
[ 86.279385][ T6549] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 86.279396][ T6549] ? rcu_is_watching+0x12/0xc0
[ 86.279408][ T6549] ? lock_release+0x201/0x2f0
[ 86.279424][ T6549] filemap_free_folio+0x132/0x170
[ 86.279434][ T6549] delete_from_page_cache_batch+0x741/0x9b0
[ 86.279447][ T6549] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 86.279459][ T6549] ? __pfx_workingset_update_node+0x10/0x10
[ 86.279469][ T6549] ? xas_move_index+0xb0/0x110
[ 86.279484][ T6549] truncate_inode_pages_range+0x279/0xe50
[ 86.279499][ T6549] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 86.279516][ T6549] ? rcu_is_watching+0x12/0xc0
[ 86.279528][ T6549] ? has_bh_in_lru+0x9d/0x100
[ 86.279539][ T6549] ? smp_call_function_many_cond+0x457/0x1600
[ 86.279558][ T6549] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.279570][ T6549] ? __pfx_has_bh_in_lru+0x10/0x10
[ 86.279581][ T6549] blkdev_flush_mapping+0xfb/0x290
[ 86.279593][ T6549] ? filemap_check_errors+0xa9/0x160
[ 86.279607][ T6549] blkdev_put_whole+0xc4/0xf0
[ 86.279618][ T6549] bdev_release+0x47e/0x6d0
[ 86.279632][ T6549] ? __pfx_blkdev_release+0x10/0x10
[ 86.279645][ T6549] blkdev_release+0x15/0x20
[ 86.279658][ T6549] __fput+0x3ff/0xb70
[ 86.279671][ T6549] task_work_run+0x14d/0x240
[ 86.279682][ T6549] ? __pfx_task_work_run+0x10/0x10
[ 86.279693][ T6549] ? do_raw_spin_unlock+0x172/0x230
[ 86.279706][ T6549] do_exit+0x86f/0x2bf0
[ 86.279721][ T6549] ? __pfx_do_exit+0x10/0x10
[ 86.279736][ T6549] ? do_raw_spin_lock+0x12c/0x2b0
[ 86.279746][ T6549] ? get_signal+0x8f5/0x26d0
[ 86.279758][ T6549] ? rcu_is_watching+0x12/0xc0
[ 86.279771][ T6549] do_group_exit+0xd3/0x2a0
[ 86.279787][ T6549] get_signal+0x2673/0x26d0
[ 86.279802][ T6549] ? __pfx_get_signal+0x10/0x10
[ 86.279814][ T6549] ? do_futex+0x122/0x350
[ 86.279830][ T6549] ? __pfx_do_futex+0x10/0x10
[ 86.279845][ T6549] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.279860][ T6549] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.279876][ T6549] exit_to_user_mode_loop+0x84/0x110
[ 86.279888][ T6549] do_syscall_64+0x3f6/0x4c0
[ 86.279903][ T6549] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.279913][ T6549] RIP: 0033:0x7fabb898e969
[ 86.279921][ T6549] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 86.279926][ T6549] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.279936][ T6549] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 86.279942][ T6549] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 86.279953][ T6549] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 86.279959][ T6549] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 86.279965][ T6549] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 86.279974][ T6549]
[ 86.279989][ T6549] BUG: Bad page state in process syz.0.23 pfn:51000
[ 86.394720][ T6549] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x51000
[ 86.397632][ T6549] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 86.400263][ T6549] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 86.403505][ T6549] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 86.406525][ T6549] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.409405][ T6549] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 86.412268][ T6549] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.415229][ T6549] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.418001][ T6549] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.420905][ T6549] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 86.423341][ T6549] page_owner tracks the page as allocated
[ 86.425179][ T6549] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6548, tgid 6548 (syz.0.23), ts 86079187560, free_ts 85268135295
[ 86.431964][ T6549] post_alloc_hook+0x1c0/0x230
[ 86.433639][ T6549] get_page_from_freelist+0x132b/0x38e0
[ 86.435546][ T6549] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.437591][ T6549] alloc_pages_mpol+0x1fb/0x550
[ 86.439208][ T6549] folio_alloc_noprof+0x20/0x2d0
[ 86.440924][ T6549] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.442788][ T6549] page_cache_ra_order+0x4e1/0xd70
[ 86.444430][ T6549] filemap_fault+0x1b4b/0x2930
[ 86.446044][ T6549] __do_fault+0x10a/0x490
[ 86.447538][ T6549] do_pte_missing+0x1a6/0x3ba0
[ 86.449180][ T6549] __handle_mm_fault+0x152a/0x2a50
[ 86.450856][ T6549] handle_mm_fault+0x589/0xd10
[ 86.452636][ T6549] do_user_addr_fault+0x60c/0x1370
[ 86.454560][ T6549] exc_page_fault+0x5c/0xb0
[ 86.456212][ T6549] asm_exc_page_fault+0x26/0x30
[ 86.457873][ T6549] page last free pid 6542 tgid 6542 stack trace:
[ 86.460004][ T6549] free_unref_folios+0xa61/0x16b0
[ 86.461743][ T6549] folios_put_refs+0x56f/0x740
[ 86.463439][ T6549] truncate_inode_pages_range+0x311/0xe50
[ 86.465359][ T6549] blkdev_flush_mapping+0xfb/0x290
[ 86.467045][ T6549] blkdev_put_whole+0xc4/0xf0
[ 86.468735][ T6549] bdev_release+0x47e/0x6d0
[ 86.470413][ T6549] blkdev_release+0x15/0x20
[ 86.471918][ T6549] __fput+0x3ff/0xb70
[ 86.473253][ T6549] task_work_run+0x14d/0x240
[ 86.475019][ T6549] do_exit+0x86f/0x2bf0
[ 86.476500][ T6549] do_group_exit+0xd3/0x2a0
[ 86.478089][ T6549] __x64_sys_exit_group+0x3e/0x50
[ 86.479816][ T6549] x64_sys_call+0x14fa/0x1720
[ 86.481337][ T6549] do_syscall_64+0xcd/0x4c0
[ 86.483063][ T6549] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.485128][ T6549] Modules linked in:
[ 86.486445][ T6549] CPU: 2 UID: 0 PID: 6549 Comm: syz.0.23 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 86.486462][ T6549] Tainted: [B]=BAD_PAGE
[ 86.486466][ T6549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.486473][ T6549] Call Trace:
[ 86.486477][ T6549]
[ 86.486480][ T6549] dump_stack_lvl+0x16c/0x1f0
[ 86.486496][ T6549] bad_page+0xcf/0x220
[ 86.486508][ T6549] ? __pfx_bad_page+0x10/0x10
[ 86.486519][ T6549] ? page_bad_reason+0x9d/0x1f0
[ 86.486530][ T6549] __free_frozen_pages+0x7f7/0x10f0
[ 86.486546][ T6549] __folio_put+0x329/0x450
[ 86.486557][ T6549] ? __pfx___folio_put+0x10/0x10
[ 86.486567][ T6549] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 86.486578][ T6549] ? rcu_is_watching+0x12/0xc0
[ 86.486591][ T6549] ? lock_release+0x201/0x2f0
[ 86.486607][ T6549] filemap_free_folio+0x132/0x170
[ 86.486617][ T6549] delete_from_page_cache_batch+0x741/0x9b0
[ 86.486629][ T6549] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 86.486641][ T6549] ? __pfx_workingset_update_node+0x10/0x10
[ 86.486651][ T6549] ? xas_move_index+0xb0/0x110
[ 86.486667][ T6549] truncate_inode_pages_range+0x279/0xe50
[ 86.486682][ T6549] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 86.486700][ T6549] ? rcu_is_watching+0x12/0xc0
[ 86.486712][ T6549] ? has_bh_in_lru+0x9d/0x100
[ 86.486722][ T6549] ? smp_call_function_many_cond+0x457/0x1600
[ 86.486741][ T6549] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.486753][ T6549] ? __pfx_has_bh_in_lru+0x10/0x10
[ 86.486764][ T6549] blkdev_flush_mapping+0xfb/0x290
[ 86.486776][ T6549] ? filemap_check_errors+0xa9/0x160
[ 86.486791][ T6549] blkdev_put_whole+0xc4/0xf0
[ 86.486802][ T6549] bdev_release+0x47e/0x6d0
[ 86.486815][ T6549] ? __pfx_blkdev_release+0x10/0x10
[ 86.486828][ T6549] blkdev_release+0x15/0x20
[ 86.486841][ T6549] __fput+0x3ff/0xb70
[ 86.486855][ T6549] task_work_run+0x14d/0x240
[ 86.486870][ T6549] ? __pfx_task_work_run+0x10/0x10
[ 86.486881][ T6549] ? do_raw_spin_unlock+0x172/0x230
[ 86.486893][ T6549] do_exit+0x86f/0x2bf0
[ 86.486909][ T6549] ? __pfx_do_exit+0x10/0x10
[ 86.486924][ T6549] ? do_raw_spin_lock+0x12c/0x2b0
[ 86.486934][ T6549] ? get_signal+0x8f5/0x26d0
[ 86.486946][ T6549] ? rcu_is_watching+0x12/0xc0
[ 86.486959][ T6549] do_group_exit+0xd3/0x2a0
[ 86.486975][ T6549] get_signal+0x2673/0x26d0
[ 86.486990][ T6549] ? __pfx_get_signal+0x10/0x10
[ 86.487002][ T6549] ? do_futex+0x122/0x350
[ 86.487018][ T6549] ? __pfx_do_futex+0x10/0x10
[ 86.487033][ T6549] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.487048][ T6549] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.487065][ T6549] exit_to_user_mode_loop+0x84/0x110
[ 86.487076][ T6549] do_syscall_64+0x3f6/0x4c0
[ 86.487091][ T6549] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.487101][ T6549] RIP: 0033:0x7fabb898e969
[ 86.487110][ T6549] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 86.487116][ T6549] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.487126][ T6549] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 86.487133][ T6549] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 86.487139][ T6549] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 86.487145][ T6549] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 86.487152][ T6549] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 86.487161][ T6549]
[ 86.546825][ T6552] atomic_op ffff888027914198 conn xmit_atomic 0000000000000000
[ 86.635588][ T6554] BUG: Bad page state in process syz.0.25 pfn:4bc01
[ 86.637641][ T6554] page does not match folio
[ 86.639038][ T6554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x4bc01
[ 86.642085][ T6554] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 86.644498][ T6554] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 86.647134][ T6554] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.649712][ T6554] page dumped because: nonzero pincount
[ 86.651387][ T6554] page_owner tracks the page as allocated
[ 86.653870][ T6554] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6553, tgid 6553 (syz.0.25), ts 86612633758, free_ts 84893755076
[ 86.659940][ T6554] post_alloc_hook+0x1c0/0x230
[ 86.661428][ T6554] get_page_from_freelist+0x132b/0x38e0
[ 86.663160][ T6554] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.664976][ T6554] alloc_pages_mpol+0x1fb/0x550
[ 86.666490][ T6554] folio_alloc_noprof+0x20/0x2d0
[ 86.668006][ T6554] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.669756][ T6554] page_cache_ra_order+0x4e1/0xd70
[ 86.671360][ T6554] filemap_fault+0x1b4b/0x2930
[ 86.672845][ T6554] __do_fault+0x10a/0x490
[ 86.674221][ T6554] do_pte_missing+0x1a6/0x3ba0
[ 86.675719][ T6554] __handle_mm_fault+0x152a/0x2a50
[ 86.677308][ T6554] handle_mm_fault+0x589/0xd10
[ 86.678824][ T6554] do_user_addr_fault+0x60c/0x1370
[ 86.680394][ T6554] exc_page_fault+0x5c/0xb0
[ 86.681883][ T6554] asm_exc_page_fault+0x26/0x30
[ 86.683660][ T6554] page last free pid 6541 tgid 6540 stack trace:
[ 86.685596][ T6554] free_unref_folios+0xa61/0x16b0
[ 86.687149][ T6554] folios_put_refs+0x56f/0x740
[ 86.688609][ T6554] truncate_inode_pages_range+0x311/0xe50
[ 86.690362][ T6554] blkdev_flush_mapping+0xfb/0x290
[ 86.691924][ T6554] blkdev_put_whole+0xc4/0xf0
[ 86.693485][ T6554] bdev_release+0x47e/0x6d0
[ 86.694873][ T6554] blkdev_release+0x15/0x20
[ 86.696416][ T6554] __fput+0x3ff/0xb70
[ 86.697649][ T6554] task_work_run+0x14d/0x240
[ 86.699097][ T6554] do_exit+0x86f/0x2bf0
[ 86.700387][ T6554] do_group_exit+0xd3/0x2a0
[ 86.701812][ T6554] get_signal+0x2673/0x26d0
[ 86.703284][ T6554] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.704991][ T6554] exit_to_user_mode_loop+0x84/0x110
[ 86.706626][ T6554] do_syscall_64+0x3f6/0x4c0
[ 86.708074][ T6554] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.709920][ T6554] Modules linked in:
[ 86.711171][ T6554] CPU: 0 UID: 0 PID: 6554 Comm: syz.0.25 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 86.711188][ T6554] Tainted: [B]=BAD_PAGE
[ 86.711192][ T6554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.711198][ T6554] Call Trace:
[ 86.711202][ T6554]
[ 86.711206][ T6554] dump_stack_lvl+0x16c/0x1f0
[ 86.711222][ T6554] bad_page+0xcf/0x220
[ 86.711233][ T6554] ? __pfx_bad_page+0x10/0x10
[ 86.711245][ T6554] free_tail_page_prepare+0x44f/0x5b0
[ 86.711259][ T6554] __free_frozen_pages+0xbae/0x10f0
[ 86.711275][ T6554] __folio_put+0x329/0x450
[ 86.711285][ T6554] ? __pfx___folio_put+0x10/0x10
[ 86.711296][ T6554] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 86.711307][ T6554] ? rcu_is_watching+0x12/0xc0
[ 86.711320][ T6554] ? lock_release+0x201/0x2f0
[ 86.711336][ T6554] filemap_free_folio+0x132/0x170
[ 86.711346][ T6554] delete_from_page_cache_batch+0x741/0x9b0
[ 86.711358][ T6554] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 86.711370][ T6554] ? __pfx_workingset_update_node+0x10/0x10
[ 86.711381][ T6554] ? xas_move_index+0xb0/0x110
[ 86.711396][ T6554] truncate_inode_pages_range+0x279/0xe50
[ 86.711411][ T6554] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 86.711429][ T6554] ? rcu_is_watching+0x12/0xc0
[ 86.711441][ T6554] ? has_bh_in_lru+0x9d/0x100
[ 86.711452][ T6554] ? smp_call_function_many_cond+0x457/0x1600
[ 86.711470][ T6554] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.711482][ T6554] ? __pfx_has_bh_in_lru+0x10/0x10
[ 86.711493][ T6554] blkdev_flush_mapping+0xfb/0x290
[ 86.711505][ T6554] ? filemap_check_errors+0xa9/0x160
[ 86.711519][ T6554] blkdev_put_whole+0xc4/0xf0
[ 86.711530][ T6554] bdev_release+0x47e/0x6d0
[ 86.711544][ T6554] ? __pfx_blkdev_release+0x10/0x10
[ 86.711557][ T6554] blkdev_release+0x15/0x20
[ 86.711570][ T6554] __fput+0x3ff/0xb70
[ 86.711585][ T6554] task_work_run+0x14d/0x240
[ 86.711596][ T6554] ? __pfx_task_work_run+0x10/0x10
[ 86.711607][ T6554] ? do_raw_spin_unlock+0x172/0x230
[ 86.711619][ T6554] do_exit+0x86f/0x2bf0
[ 86.711635][ T6554] ? __pfx_do_exit+0x10/0x10
[ 86.711650][ T6554] ? do_raw_spin_lock+0x12c/0x2b0
[ 86.711660][ T6554] ? get_signal+0x8f5/0x26d0
[ 86.711672][ T6554] ? rcu_is_watching+0x12/0xc0
[ 86.711685][ T6554] do_group_exit+0xd3/0x2a0
[ 86.711701][ T6554] get_signal+0x2673/0x26d0
[ 86.711715][ T6554] ? __pfx_get_signal+0x10/0x10
[ 86.711728][ T6554] ? do_futex+0x122/0x350
[ 86.711743][ T6554] ? __pfx_do_futex+0x10/0x10
[ 86.711759][ T6554] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.711772][ T6554] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.711792][ T6554] exit_to_user_mode_loop+0x84/0x110
[ 86.711802][ T6554] do_syscall_64+0x3f6/0x4c0
[ 86.711817][ T6554] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.711828][ T6554] RIP: 0033:0x7fabb898e969
[ 86.711836][ T6554] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 86.711841][ T6554] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.711851][ T6554] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 86.711858][ T6554] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 86.711864][ T6554] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 86.711870][ T6554] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 86.711876][ T6554] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 86.711885][ T6554]
[ 86.711900][ T6554] BUG: Bad page state in process syz.0.25 pfn:4bc00
[ 86.817080][ T6554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4bc00
[ 86.819684][ T6554] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 86.822172][ T6554] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 86.825212][ T6554] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 86.827817][ T6554] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.830412][ T6554] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 86.835025][ T6554] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.837650][ T6554] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.840251][ T6554] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.842903][ T6554] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 86.845105][ T6554] page_owner tracks the page as allocated
[ 86.846823][ T6554] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6553, tgid 6553 (syz.0.25), ts 86612633758, free_ts 84893755076
[ 86.852755][ T6554] post_alloc_hook+0x1c0/0x230
[ 86.854355][ T6554] get_page_from_freelist+0x132b/0x38e0
[ 86.856053][ T6554] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.857857][ T6554] alloc_pages_mpol+0x1fb/0x550
[ 86.859312][ T6554] folio_alloc_noprof+0x20/0x2d0
[ 86.860827][ T6554] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.862586][ T6554] page_cache_ra_order+0x4e1/0xd70
[ 86.864222][ T6554] filemap_fault+0x1b4b/0x2930
[ 86.865707][ T6554] __do_fault+0x10a/0x490
[ 86.867033][ T6554] do_pte_missing+0x1a6/0x3ba0
[ 86.868498][ T6554] __handle_mm_fault+0x152a/0x2a50
[ 86.870070][ T6554] handle_mm_fault+0x589/0xd10
[ 86.871536][ T6554] do_user_addr_fault+0x60c/0x1370
[ 86.873287][ T6554] exc_page_fault+0x5c/0xb0
[ 86.874699][ T6554] asm_exc_page_fault+0x26/0x30
[ 86.876196][ T6554] page last free pid 6541 tgid 6540 stack trace:
[ 86.878097][ T6554] free_unref_folios+0xa61/0x16b0
[ 86.879637][ T6554] folios_put_refs+0x56f/0x740
[ 86.881126][ T6554] truncate_inode_pages_range+0x311/0xe50
[ 86.882936][ T6554] blkdev_flush_mapping+0xfb/0x290
[ 86.884512][ T6554] blkdev_put_whole+0xc4/0xf0
[ 86.885965][ T6554] bdev_release+0x47e/0x6d0
[ 86.887384][ T6554] blkdev_release+0x15/0x20
[ 86.889029][ T6554] __fput+0x3ff/0xb70
[ 86.890295][ T6554] task_work_run+0x14d/0x240
[ 86.891732][ T6554] do_exit+0x86f/0x2bf0
[ 86.893067][ T6554] do_group_exit+0xd3/0x2a0
[ 86.894483][ T6554] get_signal+0x2673/0x26d0
[ 86.895924][ T6554] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.897615][ T6554] exit_to_user_mode_loop+0x84/0x110
[ 86.899240][ T6554] do_syscall_64+0x3f6/0x4c0
[ 86.900647][ T6554] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.902470][ T6554] Modules linked in:
[ 86.903740][ T6554] CPU: 0 UID: 0 PID: 6554 Comm: syz.0.25 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 86.903757][ T6554] Tainted: [B]=BAD_PAGE
[ 86.903761][ T6554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.903768][ T6554] Call Trace:
[ 86.903771][ T6554]
[ 86.903775][ T6554] dump_stack_lvl+0x16c/0x1f0
[ 86.903791][ T6554] bad_page+0xcf/0x220
[ 86.903802][ T6554] ? __pfx_bad_page+0x10/0x10
[ 86.903813][ T6554] ? page_bad_reason+0x9d/0x1f0
[ 86.903825][ T6554] __free_frozen_pages+0x7f7/0x10f0
[ 86.903841][ T6554] __folio_put+0x329/0x450
[ 86.903851][ T6554] ? __pfx___folio_put+0x10/0x10
[ 86.903861][ T6554] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 86.903873][ T6554] ? rcu_is_watching+0x12/0xc0
[ 86.903885][ T6554] ? lock_release+0x201/0x2f0
[ 86.903905][ T6554] filemap_free_folio+0x132/0x170
[ 86.903915][ T6554] delete_from_page_cache_batch+0x741/0x9b0
[ 86.903927][ T6554] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 86.903940][ T6554] ? __pfx_workingset_update_node+0x10/0x10
[ 86.903951][ T6554] ? xas_move_index+0xb0/0x110
[ 86.903966][ T6554] truncate_inode_pages_range+0x279/0xe50
[ 86.903981][ T6554] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 86.903998][ T6554] ? rcu_is_watching+0x12/0xc0
[ 86.904011][ T6554] ? has_bh_in_lru+0x9d/0x100
[ 86.904021][ T6554] ? smp_call_function_many_cond+0x457/0x1600
[ 86.904040][ T6554] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.904052][ T6554] ? __pfx_has_bh_in_lru+0x10/0x10
[ 86.904063][ T6554] blkdev_flush_mapping+0xfb/0x290
[ 86.904075][ T6554] ? filemap_check_errors+0xa9/0x160
[ 86.904089][ T6554] blkdev_put_whole+0xc4/0xf0
[ 86.904100][ T6554] bdev_release+0x47e/0x6d0
[ 86.904114][ T6554] ? __pfx_blkdev_release+0x10/0x10
[ 86.904127][ T6554] blkdev_release+0x15/0x20
[ 86.904139][ T6554] __fput+0x3ff/0xb70
[ 86.904154][ T6554] task_work_run+0x14d/0x240
[ 86.904165][ T6554] ? __pfx_task_work_run+0x10/0x10
[ 86.904177][ T6554] ? do_raw_spin_unlock+0x172/0x230
[ 86.904188][ T6554] do_exit+0x86f/0x2bf0
[ 86.904204][ T6554] ? __pfx_do_exit+0x10/0x10
[ 86.904219][ T6554] ? do_raw_spin_lock+0x12c/0x2b0
[ 86.904229][ T6554] ? get_signal+0x8f5/0x26d0
[ 86.904241][ T6554] ? rcu_is_watching+0x12/0xc0
[ 86.904254][ T6554] do_group_exit+0xd3/0x2a0
[ 86.904270][ T6554] get_signal+0x2673/0x26d0
[ 86.904284][ T6554] ? __pfx_get_signal+0x10/0x10
[ 86.904297][ T6554] ? do_futex+0x122/0x350
[ 86.904312][ T6554] ? __pfx_do_futex+0x10/0x10
[ 86.904328][ T6554] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.904342][ T6554] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.904358][ T6554] exit_to_user_mode_loop+0x84/0x110
[ 86.904369][ T6554] do_syscall_64+0x3f6/0x4c0
[ 86.904384][ T6554] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.904395][ T6554] RIP: 0033:0x7fabb898e969
[ 86.904402][ T6554] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 86.904407][ T6554] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.904417][ T6554] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 86.904424][ T6554] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 86.904430][ T6554] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 86.904436][ T6554] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 86.904443][ T6554] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 86.904452][ T6554]
[ 86.929816][ T6555] BUG: Bad page state in process syz.0.26 pfn:4b601
[ 86.952958][ T63] Bluetooth: hci0: command tx timeout
[ 86.954524][ T6555] page does not match folio
[ 87.029792][ T6555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x4b601
[ 87.032856][ T6555] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 87.035330][ T6555] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 87.037904][ T6555] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 87.040488][ T6555] page dumped because: nonzero pincount
[ 87.042196][ T6555] page_owner tracks the page as allocated
[ 87.044005][ T6555] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6555, tgid 6555 (syz.0.26), ts 86910248287, free_ts 86904484304
[ 87.050007][ T6555] post_alloc_hook+0x1c0/0x230
[ 87.051495][ T6555] get_page_from_freelist+0x132b/0x38e0
[ 87.053323][ T6555] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 87.055179][ T6555] alloc_pages_mpol+0x1fb/0x550
[ 87.056699][ T6555] folio_alloc_noprof+0x20/0x2d0
[ 87.058239][ T6555] filemap_alloc_folio_noprof+0x3a1/0x470
[ 87.059999][ T6555] page_cache_ra_order+0x4e1/0xd70
[ 87.061596][ T6555] filemap_fault+0x1b4b/0x2930
[ 87.063164][ T6555] __do_fault+0x10a/0x490
[ 87.064539][ T6555] do_pte_missing+0x1a6/0x3ba0
[ 87.066047][ T6555] __handle_mm_fault+0x152a/0x2a50
[ 87.067640][ T6555] handle_mm_fault+0x589/0xd10
[ 87.069174][ T6555] do_user_addr_fault+0x60c/0x1370
[ 87.070763][ T6555] exc_page_fault+0x5c/0xb0
[ 87.072188][ T6555] asm_exc_page_fault+0x26/0x30
[ 87.073758][ T6555] page last free pid 6554 tgid 6553 stack trace:
[ 87.075705][ T6555] free_unref_folios+0xa61/0x16b0
[ 87.077257][ T6555] folios_put_refs+0x56f/0x740
[ 87.078747][ T6555] truncate_inode_pages_range+0x311/0xe50
[ 87.080486][ T6555] blkdev_flush_mapping+0xfb/0x290
[ 87.082103][ T6555] blkdev_put_whole+0xc4/0xf0
[ 87.083631][ T6555] bdev_release+0x47e/0x6d0
[ 87.085051][ T6555] blkdev_release+0x15/0x20
[ 87.086487][ T6555] __fput+0x3ff/0xb70
[ 87.087760][ T6555] task_work_run+0x14d/0x240
[ 87.089227][ T6555] do_exit+0x86f/0x2bf0
[ 87.090555][ T6555] do_group_exit+0xd3/0x2a0
[ 87.091999][ T6555] get_signal+0x2673/0x26d0
[ 87.093465][ T6555] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.095167][ T6555] exit_to_user_mode_loop+0x84/0x110
[ 87.096799][ T6555] do_syscall_64+0x3f6/0x4c0
[ 87.098249][ T6555] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.100062][ T6555] Modules linked in:
[ 87.101285][ T6555] CPU: 2 UID: 0 PID: 6555 Comm: syz.0.26 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 87.101302][ T6555] Tainted: [B]=BAD_PAGE
[ 87.101306][ T6555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.101313][ T6555] Call Trace:
[ 87.101317][ T6555]
[ 87.101320][ T6555] dump_stack_lvl+0x16c/0x1f0
[ 87.101336][ T6555] bad_page+0xcf/0x220
[ 87.101347][ T6555] ? __pfx_bad_page+0x10/0x10
[ 87.101359][ T6555] free_tail_page_prepare+0x44f/0x5b0
[ 87.101373][ T6555] __free_frozen_pages+0xbae/0x10f0
[ 87.101389][ T6555] __folio_put+0x329/0x450
[ 87.101400][ T6555] ? __pfx___folio_put+0x10/0x10
[ 87.101411][ T6555] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 87.101422][ T6555] ? rcu_is_watching+0x12/0xc0
[ 87.101435][ T6555] ? lock_release+0x201/0x2f0
[ 87.101452][ T6555] filemap_free_folio+0x132/0x170
[ 87.101462][ T6555] delete_from_page_cache_batch+0x741/0x9b0
[ 87.101474][ T6555] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 87.101491][ T6555] ? __pfx_workingset_update_node+0x10/0x10
[ 87.101507][ T6555] ? xas_move_index+0xb0/0x110
[ 87.101529][ T6555] truncate_inode_pages_range+0x279/0xe50
[ 87.101543][ T6555] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 87.101561][ T6555] ? rcu_is_watching+0x12/0xc0
[ 87.101573][ T6555] ? has_bh_in_lru+0x9d/0x100
[ 87.101585][ T6555] ? smp_call_function_many_cond+0x457/0x1600
[ 87.101604][ T6555] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.101616][ T6555] ? __pfx_has_bh_in_lru+0x10/0x10
[ 87.101627][ T6555] blkdev_flush_mapping+0xfb/0x290
[ 87.101640][ T6555] blkdev_put_whole+0xc4/0xf0
[ 87.101651][ T6555] bdev_release+0x47e/0x6d0
[ 87.101679][ T6555] ? __pfx_blkdev_release+0x10/0x10
[ 87.101694][ T6555] blkdev_release+0x15/0x20
[ 87.101706][ T6555] __fput+0x3ff/0xb70
[ 87.101721][ T6555] task_work_run+0x14d/0x240
[ 87.101732][ T6555] ? __pfx_task_work_run+0x10/0x10
[ 87.101743][ T6555] ? do_raw_spin_unlock+0x172/0x230
[ 87.101755][ T6555] do_exit+0x86f/0x2bf0
[ 87.101771][ T6555] ? __pfx_do_exit+0x10/0x10
[ 87.101786][ T6555] ? preempt_schedule_thunk+0x16/0x30
[ 87.101802][ T6555] do_group_exit+0xd3/0x2a0
[ 87.101818][ T6555] __x64_sys_exit_group+0x3e/0x50
[ 87.101833][ T6555] x64_sys_call+0x14fa/0x1720
[ 87.101846][ T6555] do_syscall_64+0xcd/0x4c0
[ 87.101860][ T6555] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.101871][ T6555] RIP: 0033:0x7fabb898e969
[ 87.101883][ T6555] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 87.101888][ T6555] RSP: 002b:00007fff6fc31168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 87.101898][ T6555] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fabb898e969
[ 87.101905][ T6555] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 87.101911][ T6555] RBP: 00007fff6fc311cc R08: 000000066fc3125f R09: 00000000000927c0
[ 87.101917][ T6555] R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000000a
[ 87.101923][ T6555] R13: 00000000000927c0 R14: 00000000000151e0 R15: 00007fff6fc31220
[ 87.101932][ T6555]
[ 87.101947][ T6555] BUG: Bad page state in process syz.0.26 pfn:4b600
[ 87.194273][ T6555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4b600
[ 87.196949][ T6555] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 87.199512][ T6555] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 87.202683][ T6555] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 87.205370][ T6555] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 87.207989][ T6555] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 87.210625][ T6555] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 87.213349][ T6555] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 87.215991][ T6555] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 87.218585][ T6555] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 87.220783][ T6555] page_owner tracks the page as allocated
[ 87.223017][ T6555] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6555, tgid 6555 (syz.0.26), ts 86910248287, free_ts 86904484304
[ 87.228953][ T6555] post_alloc_hook+0x1c0/0x230
[ 87.230423][ T6555] get_page_from_freelist+0x132b/0x38e0
[ 87.232127][ T6555] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 87.234024][ T6555] alloc_pages_mpol+0x1fb/0x550
[ 87.235518][ T6555] folio_alloc_noprof+0x20/0x2d0
[ 87.237156][ T6555] filemap_alloc_folio_noprof+0x3a1/0x470
[ 87.238924][ T6555] page_cache_ra_order+0x4e1/0xd70
[ 87.240520][ T6555] filemap_fault+0x1b4b/0x2930
[ 87.242038][ T6555] __do_fault+0x10a/0x490
[ 87.243470][ T6555] do_pte_missing+0x1a6/0x3ba0
[ 87.244982][ T6555] __handle_mm_fault+0x152a/0x2a50
[ 87.246579][ T6555] handle_mm_fault+0x589/0xd10
[ 87.248073][ T6555] do_user_addr_fault+0x60c/0x1370
[ 87.249658][ T6555] exc_page_fault+0x5c/0xb0
[ 87.251088][ T6555] asm_exc_page_fault+0x26/0x30
[ 87.252610][ T6555] page last free pid 6554 tgid 6553 stack trace:
[ 87.254608][ T6555] free_unref_folios+0xa61/0x16b0
[ 87.256187][ T6555] folios_put_refs+0x56f/0x740
[ 87.257661][ T6555] truncate_inode_pages_range+0x311/0xe50
[ 87.259453][ T6555] blkdev_flush_mapping+0xfb/0x290
[ 87.261026][ T6555] blkdev_put_whole+0xc4/0xf0
[ 87.262565][ T6555] bdev_release+0x47e/0x6d0
[ 87.264060][ T6555] blkdev_release+0x15/0x20
[ 87.265501][ T6555] __fput+0x3ff/0xb70
[ 87.266758][ T6555] task_work_run+0x14d/0x240
[ 87.268185][ T6555] do_exit+0x86f/0x2bf0
[ 87.269490][ T6555] do_group_exit+0xd3/0x2a0
[ 87.270900][ T6555] get_signal+0x2673/0x26d0
[ 87.272311][ T6555] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.274787][ T6555] exit_to_user_mode_loop+0x84/0x110
[ 87.276422][ T6555] do_syscall_64+0x3f6/0x4c0
[ 87.277863][ T6555] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.279681][ T6555] Modules linked in:
[ 87.280866][ T6555] CPU: 2 UID: 0 PID: 6555 Comm: syz.0.26 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 87.280884][ T6555] Tainted: [B]=BAD_PAGE
[ 87.280887][ T6555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.280894][ T6555] Call Trace:
[ 87.280898][ T6555]
[ 87.280902][ T6555] dump_stack_lvl+0x16c/0x1f0
[ 87.280918][ T6555] bad_page+0xcf/0x220
[ 87.280929][ T6555] ? __pfx_bad_page+0x10/0x10
[ 87.280941][ T6555] ? page_bad_reason+0x9d/0x1f0
[ 87.280952][ T6555] __free_frozen_pages+0x7f7/0x10f0
[ 87.280968][ T6555] __folio_put+0x329/0x450
[ 87.280979][ T6555] ? __pfx___folio_put+0x10/0x10
[ 87.280989][ T6555] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 87.281000][ T6555] ? rcu_is_watching+0x12/0xc0
[ 87.281013][ T6555] ? lock_release+0x201/0x2f0
[ 87.281030][ T6555] filemap_free_folio+0x132/0x170
[ 87.281040][ T6555] delete_from_page_cache_batch+0x741/0x9b0
[ 87.281052][ T6555] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 87.281064][ T6555] ? __pfx_workingset_update_node+0x10/0x10
[ 87.281075][ T6555] ? xas_move_index+0xb0/0x110
[ 87.281091][ T6555] truncate_inode_pages_range+0x279/0xe50
[ 87.281106][ T6555] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 87.281124][ T6555] ? rcu_is_watching+0x12/0xc0
[ 87.281135][ T6555] ? has_bh_in_lru+0x9d/0x100
[ 87.281146][ T6555] ? smp_call_function_many_cond+0x457/0x1600
[ 87.281165][ T6555] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.281177][ T6555] ? __pfx_has_bh_in_lru+0x10/0x10
[ 87.281188][ T6555] blkdev_flush_mapping+0xfb/0x290
[ 87.281207][ T6555] blkdev_put_whole+0xc4/0xf0
[ 87.281218][ T6555] bdev_release+0x47e/0x6d0
[ 87.281231][ T6555] ? __pfx_blkdev_release+0x10/0x10
[ 87.281245][ T6555] blkdev_release+0x15/0x20
[ 87.281257][ T6555] __fput+0x3ff/0xb70
[ 87.281271][ T6555] task_work_run+0x14d/0x240
[ 87.281283][ T6555] ? __pfx_task_work_run+0x10/0x10
[ 87.281294][ T6555] ? do_raw_spin_unlock+0x172/0x230
[ 87.281306][ T6555] do_exit+0x86f/0x2bf0
[ 87.281322][ T6555] ? __pfx_do_exit+0x10/0x10
[ 87.281337][ T6555] ? preempt_schedule_thunk+0x16/0x30
[ 87.281353][ T6555] do_group_exit+0xd3/0x2a0
[ 87.281369][ T6555] __x64_sys_exit_group+0x3e/0x50
[ 87.281385][ T6555] x64_sys_call+0x14fa/0x1720
[ 87.281397][ T6555] do_syscall_64+0xcd/0x4c0
[ 87.281412][ T6555] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.281422][ T6555] RIP: 0033:0x7fabb898e969
[ 87.281431][ T6555] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 87.281436][ T6555] RSP: 002b:00007fff6fc31168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 87.281446][ T6555] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fabb898e969
[ 87.281452][ T6555] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 87.281459][ T6555] RBP: 00007fff6fc311cc R08: 000000066fc3125f R09: 00000000000927c0
[ 87.281465][ T6555] R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000000a
[ 87.281471][ T6555] R13: 00000000000927c0 R14: 00000000000151e0 R15: 00007fff6fc31220
[ 87.281480][ T6555]
[ 87.390363][ T6558] BUG: Bad page state in process syz.0.27 pfn:4b801
[ 87.392438][ T6558] page does not match folio
[ 87.393980][ T6558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x4b801
[ 87.397010][ T6558] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 87.399272][ T6558] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 87.402142][ T6558] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 87.404855][ T6558] page dumped because: nonzero pincount
[ 87.406539][ T6558] page_owner tracks the page as allocated
[ 87.408264][ T6558] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6557, tgid 6557 (syz.0.27), ts 87375107065, free_ts 74449749530
[ 87.414321][ T6558] post_alloc_hook+0x1c0/0x230
[ 87.415812][ T6558] get_page_from_freelist+0x132b/0x38e0
[ 87.417515][ T6558] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 87.419342][ T6558] alloc_pages_mpol+0x1fb/0x550
[ 87.420839][ T6558] folio_alloc_noprof+0x20/0x2d0
[ 87.422385][ T6558] filemap_alloc_folio_noprof+0x3a1/0x470
[ 87.424296][ T6558] page_cache_ra_order+0x4e1/0xd70
[ 87.425882][ T6558] filemap_fault+0x1b4b/0x2930
[ 87.427364][ T6558] __do_fault+0x10a/0x490
[ 87.428694][ T6558] do_pte_missing+0x1a6/0x3ba0
[ 87.430186][ T6558] __handle_mm_fault+0x152a/0x2a50
[ 87.431751][ T6558] handle_mm_fault+0x589/0xd10
[ 87.433395][ T6558] do_user_addr_fault+0x60c/0x1370
[ 87.434973][ T6558] exc_page_fault+0x5c/0xb0
[ 87.436372][ T6558] asm_exc_page_fault+0x26/0x30
[ 87.437890][ T6558] page last free pid 6205 tgid 6205 stack trace:
[ 87.439813][ T6558] free_unref_folios+0xa61/0x16b0
[ 87.441365][ T6558] folios_put_refs+0x56f/0x740
[ 87.442832][ T6558] free_pages_and_swap_cache+0x245/0x4a0
[ 87.444734][ T6558] __tlb_batch_free_encoded_pages+0xf9/0x290
[ 87.446609][ T6558] tlb_finish_mmu+0x168/0x7c0
[ 87.448088][ T6558] vms_clear_ptes+0x55e/0x770
[ 87.449590][ T6558] vms_complete_munmap_vmas+0x1ca/0x970
[ 87.451319][ T6558] do_vmi_align_munmap+0x43b/0x7d0
[ 87.452972][ T6558] do_vmi_munmap+0x204/0x3e0
[ 87.454432][ T6558] __vm_munmap+0x19a/0x390
[ 87.455814][ T6558] __x64_sys_munmap+0x59/0x80
[ 87.457263][ T6558] do_syscall_64+0xcd/0x4c0
[ 87.458675][ T6558] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.460476][ T6558] Modules linked in:
[ 87.461696][ T6558] CPU: 0 UID: 0 PID: 6558 Comm: syz.0.27 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 87.461713][ T6558] Tainted: [B]=BAD_PAGE
[ 87.461717][ T6558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.461724][ T6558] Call Trace:
[ 87.461727][ T6558]
[ 87.461731][ T6558] dump_stack_lvl+0x16c/0x1f0
[ 87.461747][ T6558] bad_page+0xcf/0x220
[ 87.461758][ T6558] ? __pfx_bad_page+0x10/0x10
[ 87.461770][ T6558] free_tail_page_prepare+0x44f/0x5b0
[ 87.461784][ T6558] __free_frozen_pages+0xbae/0x10f0
[ 87.461800][ T6558] __folio_put+0x329/0x450
[ 87.461810][ T6558] ? __pfx___folio_put+0x10/0x10
[ 87.461821][ T6558] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 87.461832][ T6558] ? rcu_is_watching+0x12/0xc0
[ 87.461850][ T6558] ? lock_release+0x201/0x2f0
[ 87.461866][ T6558] filemap_free_folio+0x132/0x170
[ 87.461876][ T6558] delete_from_page_cache_batch+0x741/0x9b0
[ 87.461888][ T6558] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 87.461900][ T6558] ? __pfx_workingset_update_node+0x10/0x10
[ 87.461911][ T6558] ? xas_move_index+0xb0/0x110
[ 87.461927][ T6558] truncate_inode_pages_range+0x279/0xe50
[ 87.461942][ T6558] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 87.461959][ T6558] ? rcu_is_watching+0x12/0xc0
[ 87.461971][ T6558] ? has_bh_in_lru+0x9d/0x100
[ 87.461982][ T6558] ? smp_call_function_many_cond+0x457/0x1600
[ 87.462001][ T6558] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.462013][ T6558] ? __pfx_has_bh_in_lru+0x10/0x10
[ 87.462024][ T6558] blkdev_flush_mapping+0xfb/0x290
[ 87.462036][ T6558] ? filemap_check_errors+0xa9/0x160
[ 87.462050][ T6558] blkdev_put_whole+0xc4/0xf0
[ 87.462062][ T6558] bdev_release+0x47e/0x6d0
[ 87.462075][ T6558] ? __pfx_blkdev_release+0x10/0x10
[ 87.462088][ T6558] blkdev_release+0x15/0x20
[ 87.462101][ T6558] __fput+0x3ff/0xb70
[ 87.462115][ T6558] task_work_run+0x14d/0x240
[ 87.462127][ T6558] ? __pfx_task_work_run+0x10/0x10
[ 87.462138][ T6558] ? do_raw_spin_unlock+0x172/0x230
[ 87.462150][ T6558] do_exit+0x86f/0x2bf0
[ 87.462166][ T6558] ? __pfx_do_exit+0x10/0x10
[ 87.462181][ T6558] ? do_raw_spin_lock+0x12c/0x2b0
[ 87.462192][ T6558] ? get_signal+0x8f5/0x26d0
[ 87.462204][ T6558] ? rcu_is_watching+0x12/0xc0
[ 87.462217][ T6558] do_group_exit+0xd3/0x2a0
[ 87.462233][ T6558] get_signal+0x2673/0x26d0
[ 87.462247][ T6558] ? __pfx_get_signal+0x10/0x10
[ 87.462260][ T6558] ? do_futex+0x122/0x350
[ 87.462275][ T6558] ? __pfx_do_futex+0x10/0x10
[ 87.462291][ T6558] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.462305][ T6558] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 87.462322][ T6558] exit_to_user_mode_loop+0x84/0x110
[ 87.462333][ T6558] do_syscall_64+0x3f6/0x4c0
[ 87.462348][ T6558] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.462358][ T6558] RIP: 0033:0x7fabb898e969
[ 87.462366][ T6558] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 87.462371][ T6558] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 87.462381][ T6558] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 87.462388][ T6558] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 87.462394][ T6558] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 87.462400][ T6558] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 87.462407][ T6558] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 87.462416][ T6558]
[ 87.462431][ T6558] BUG: Bad page state in process syz.0.27 pfn:4b800
[ 87.568764][ T6558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4b800
[ 87.572134][ T6558] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 87.575505][ T6558] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 87.579219][ T6558] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 87.582501][ T6558] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 87.585850][ T6558] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 87.589152][ T6558] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 87.592450][ T6558] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 87.595932][ T6558] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 87.599258][ T6558] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 87.602026][ T6558] page_owner tracks the page as allocated
[ 87.604453][ T6558] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6557, tgid 6557 (syz.0.27), ts 87375107065, free_ts 74449743323
[ 87.611913][ T6558] post_alloc_hook+0x1c0/0x230
[ 87.613959][ T6558] get_page_from_freelist+0x132b/0x38e0
[ 87.616127][ T6558] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 87.618372][ T6558] alloc_pages_mpol+0x1fb/0x550
[ 87.620240][ T6558] folio_alloc_noprof+0x20/0x2d0
[ 87.622171][ T6558] filemap_alloc_folio_noprof+0x3a1/0x470
[ 87.624435][ T6558] page_cache_ra_order+0x4e1/0xd70
[ 87.626432][ T6558] filemap_fault+0x1b4b/0x2930
[ 87.628263][ T6558] __do_fault+0x10a/0x490
[ 87.629937][ T6558] do_pte_missing+0x1a6/0x3ba0
[ 87.631762][ T6558] __handle_mm_fault+0x152a/0x2a50
[ 87.633825][ T6558] handle_mm_fault+0x589/0xd10
[ 87.635661][ T6558] do_user_addr_fault+0x60c/0x1370
[ 87.637628][ T6558] exc_page_fault+0x5c/0xb0
[ 87.639382][ T6558] asm_exc_page_fault+0x26/0x30
[ 87.641243][ T6558] page last free pid 6205 tgid 6205 stack trace:
[ 87.643734][ T6558] free_unref_folios+0xa61/0x16b0
[ 87.645675][ T6558] folios_put_refs+0x56f/0x740
[ 87.647513][ T6558] free_pages_and_swap_cache+0x245/0x4a0
[ 87.649678][ T6558] __tlb_batch_free_encoded_pages+0xf9/0x290
[ 87.651952][ T6558] tlb_finish_mmu+0x168/0x7c0
[ 87.653837][ T6558] vms_clear_ptes+0x55e/0x770
[ 87.655674][ T6558] vms_complete_munmap_vmas+0x1ca/0x970
[ 87.657804][ T6558] do_vmi_align_munmap+0x43b/0x7d0
[ 87.659748][ T6558] do_vmi_munmap+0x204/0x3e0
[ 87.661539][ T6558] __vm_munmap+0x19a/0x390
[ 87.663330][ T6558] __x64_sys_munmap+0x59/0x80
[ 87.665123][ T6558] do_syscall_64+0xcd/0x4c0
[ 87.666876][ T6558] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.669146][ T6558] Modules linked in:
[ 87.670670][ T6558] CPU: 1 UID: 0 PID: 6558 Comm: syz.0.27 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 87.670695][ T6558] Tainted: [B]=BAD_PAGE
[ 87.670700][ T6558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.670710][ T6558] Call Trace:
[ 87.670715][ T6558]
[ 87.670721][ T6558] dump_stack_lvl+0x16c/0x1f0
[ 87.670741][ T6558] bad_page+0xcf/0x220
[ 87.670756][ T6558] ? __pfx_bad_page+0x10/0x10
[ 87.670773][ T6558] ? page_bad_reason+0x9d/0x1f0
[ 87.670789][ T6558] __free_frozen_pages+0x7f7/0x10f0
[ 87.670813][ T6558] __folio_put+0x329/0x450
[ 87.670827][ T6558] ? __pfx___folio_put+0x10/0x10
[ 87.670840][ T6558] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 87.670856][ T6558] ? rcu_is_watching+0x12/0xc0
[ 87.670875][ T6558] ? lock_release+0x201/0x2f0
[ 87.670898][ T6558] filemap_free_folio+0x132/0x170
[ 87.670913][ T6558] delete_from_page_cache_batch+0x741/0x9b0
[ 87.670934][ T6558] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 87.670949][ T6558] ? __pfx_workingset_update_node+0x10/0x10
[ 87.670965][ T6558] ? xas_move_index+0xb0/0x110
[ 87.670987][ T6558] truncate_inode_pages_range+0x279/0xe50
[ 87.671008][ T6558] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 87.671032][ T6558] ? rcu_is_watching+0x12/0xc0
[ 87.671047][ T6558] ? has_bh_in_lru+0x9d/0x100
[ 87.671063][ T6558] ? smp_call_function_many_cond+0x457/0x1600
[ 87.671091][ T6558] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.671108][ T6558] ? __pfx_has_bh_in_lru+0x10/0x10
[ 87.671123][ T6558] blkdev_flush_mapping+0xfb/0x290
[ 87.671137][ T6558] ? filemap_check_errors+0xa9/0x160
[ 87.671159][ T6558] blkdev_put_whole+0xc4/0xf0
[ 87.671176][ T6558] bdev_release+0x47e/0x6d0
[ 87.671195][ T6558] ? __pfx_blkdev_release+0x10/0x10
[ 87.671214][ T6558] blkdev_release+0x15/0x20
[ 87.671228][ T6558] __fput+0x3ff/0xb70
[ 87.671250][ T6558] task_work_run+0x14d/0x240
[ 87.671266][ T6558] ? __pfx_task_work_run+0x10/0x10
[ 87.671282][ T6558] ? do_raw_spin_unlock+0x172/0x230
[ 87.671299][ T6558] do_exit+0x86f/0x2bf0
[ 87.671321][ T6558] ? __pfx_do_exit+0x10/0x10
[ 87.671339][ T6558] ? do_raw_spin_lock+0x12c/0x2b0
[ 87.671355][ T6558] ? get_signal+0x8f5/0x26d0
[ 87.671373][ T6558] ? rcu_is_watching+0x12/0xc0
[ 87.671392][ T6558] do_group_exit+0xd3/0x2a0
[ 87.671414][ T6558] get_signal+0x2673/0x26d0
[ 87.671432][ T6558] ? __pfx_get_signal+0x10/0x10
[ 87.671450][ T6558] ? do_futex+0x122/0x350
[ 87.671472][ T6558] ? __pfx_do_futex+0x10/0x10
[ 87.671495][ T6558] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.671514][ T6558] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 87.671537][ T6558] exit_to_user_mode_loop+0x84/0x110
[ 87.671553][ T6558] do_syscall_64+0x3f6/0x4c0
[ 87.671575][ T6558] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.671591][ T6558] RIP: 0033:0x7fabb898e969
[ 87.671603][ T6558] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 87.671610][ T6558] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 87.671623][ T6558] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 87.671630][ T6558] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 87.671640][ T6558] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 87.671650][ T6558] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 87.671659][ T6558] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 87.671673][ T6558]
[ 87.824077][ T6563] BUG: Bad page state in process syz.0.29 pfn:4ba01
[ 87.826087][ T6563] page does not match folio
[ 87.827458][ T6563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x4ba01
[ 87.830455][ T6563] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 87.832699][ T6563] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 87.835447][ T6563] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 87.838032][ T6563] page dumped because: nonzero pincount
[ 87.839762][ T6563] page_owner tracks the page as allocated
[ 87.841909][ T6563] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6562, tgid 6562 (syz.0.29), ts 87808515386, free_ts 87671720652
[ 87.848007][ T6563] post_alloc_hook+0x1c0/0x230
[ 87.849499][ T6563] get_page_from_freelist+0x132b/0x38e0
[ 87.851171][ T6563] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 87.853149][ T6563] alloc_pages_mpol+0x1fb/0x550
[ 87.854627][ T6563] folio_alloc_noprof+0x20/0x2d0
[ 87.856127][ T6563] filemap_alloc_folio_noprof+0x3a1/0x470
[ 87.857835][ T6563] page_cache_ra_order+0x4e1/0xd70
[ 87.859397][ T6563] filemap_fault+0x1b4b/0x2930
[ 87.860824][ T6563] __do_fault+0x10a/0x490
[ 87.862152][ T6563] do_pte_missing+0x1a6/0x3ba0
[ 87.863694][ T6563] __handle_mm_fault+0x152a/0x2a50
[ 87.865277][ T6563] handle_mm_fault+0x589/0xd10
[ 87.866733][ T6563] do_user_addr_fault+0x60c/0x1370
[ 87.868255][ T6563] exc_page_fault+0x5c/0xb0
[ 87.869637][ T6563] asm_exc_page_fault+0x26/0x30
[ 87.871112][ T6563] page last free pid 6558 tgid 6557 stack trace:
[ 87.873034][ T6563] free_unref_folios+0xa61/0x16b0
[ 87.874565][ T6563] folios_put_refs+0x56f/0x740
[ 87.876014][ T6563] truncate_inode_pages_range+0x311/0xe50
[ 87.877712][ T6563] blkdev_flush_mapping+0xfb/0x290
[ 87.879243][ T6563] blkdev_put_whole+0xc4/0xf0
[ 87.880662][ T6563] bdev_release+0x47e/0x6d0
[ 87.882026][ T6563] blkdev_release+0x15/0x20
[ 87.883451][ T6563] __fput+0x3ff/0xb70
[ 87.884669][ T6563] task_work_run+0x14d/0x240
[ 87.886083][ T6563] do_exit+0x86f/0x2bf0
[ 87.887366][ T6563] do_group_exit+0xd3/0x2a0
[ 87.888739][ T6563] get_signal+0x2673/0x26d0
[ 87.890133][ T6563] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.891778][ T6563] exit_to_user_mode_loop+0x84/0x110
[ 87.893429][ T6563] do_syscall_64+0x3f6/0x4c0
[ 87.894864][ T6563] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.896712][ T6563] Modules linked in:
[ 87.897958][ T6563] CPU: 2 UID: 0 PID: 6563 Comm: syz.0.29 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 87.897975][ T6563] Tainted: [B]=BAD_PAGE
[ 87.897978][ T6563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 87.897985][ T6563] Call Trace:
[ 87.897989][ T6563]
[ 87.897993][ T6563] dump_stack_lvl+0x16c/0x1f0
[ 87.898008][ T6563] bad_page+0xcf/0x220
[ 87.898020][ T6563] ? __pfx_bad_page+0x10/0x10
[ 87.898032][ T6563] free_tail_page_prepare+0x44f/0x5b0
[ 87.898046][ T6563] __free_frozen_pages+0xbae/0x10f0
[ 87.898062][ T6563] __folio_put+0x329/0x450
[ 87.898073][ T6563] ? __pfx___folio_put+0x10/0x10
[ 87.898083][ T6563] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 87.898094][ T6563] ? rcu_is_watching+0x12/0xc0
[ 87.898107][ T6563] ? lock_release+0x201/0x2f0
[ 87.898124][ T6563] filemap_free_folio+0x132/0x170
[ 87.898134][ T6563] delete_from_page_cache_batch+0x741/0x9b0
[ 87.898146][ T6563] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 87.898158][ T6563] ? __pfx_workingset_update_node+0x10/0x10
[ 87.898168][ T6563] ? xas_move_index+0xb0/0x110
[ 87.898184][ T6563] truncate_inode_pages_range+0x279/0xe50
[ 87.898199][ T6563] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 87.898217][ T6563] ? rcu_is_watching+0x12/0xc0
[ 87.898229][ T6563] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 87.898240][ T6563] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.898253][ T6563] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.898265][ T6563] ? smp_call_function_many_cond+0x457/0x1600
[ 87.898284][ T6563] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 87.898296][ T6563] ? __pfx_has_bh_in_lru+0x10/0x10
[ 87.898307][ T6563] blkdev_flush_mapping+0xfb/0x290
[ 87.898319][ T6563] ? filemap_check_errors+0xa9/0x160
[ 87.898334][ T6563] blkdev_put_whole+0xc4/0xf0
[ 87.898345][ T6563] bdev_release+0x47e/0x6d0
[ 87.898358][ T6563] ? __pfx_blkdev_release+0x10/0x10
[ 87.898371][ T6563] blkdev_release+0x15/0x20
[ 87.898384][ T6563] __fput+0x3ff/0xb70
[ 87.898398][ T6563] task_work_run+0x14d/0x240
[ 87.898409][ T6563] ? __pfx_task_work_run+0x10/0x10
[ 87.898420][ T6563] ? do_raw_spin_unlock+0x172/0x230
[ 87.898432][ T6563] do_exit+0x86f/0x2bf0
[ 87.898447][ T6563] ? futex_private_hash_put+0x112/0x300
[ 87.898461][ T6563] ? rcu_is_watching+0x12/0xc0
[ 87.898475][ T6563] ? __pfx_do_exit+0x10/0x10
[ 87.898495][ T6563] ? do_raw_spin_lock+0x12c/0x2b0
[ 87.898511][ T6563] ? get_signal+0x8f5/0x26d0
[ 87.898527][ T6563] ? rcu_is_watching+0x12/0xc0
[ 87.898540][ T6563] do_group_exit+0xd3/0x2a0
[ 87.898556][ T6563] get_signal+0x2673/0x26d0
[ 87.898571][ T6563] ? __pfx_get_signal+0x10/0x10
[ 87.898583][ T6563] ? do_futex+0x122/0x350
[ 87.898599][ T6563] ? __pfx_do_futex+0x10/0x10
[ 87.898614][ T6563] arch_do_signal_or_restart+0x8f/0x7d0
[ 87.898629][ T6563] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 87.898645][ T6563] exit_to_user_mode_loop+0x84/0x110
[ 87.898656][ T6563] do_syscall_64+0x3f6/0x4c0
[ 87.898671][ T6563] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 87.898681][ T6563] RIP: 0033:0x7fabb898e969
[ 87.898689][ T6563] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 87.898694][ T6563] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 87.898704][ T6563] RAX: 0000000000000001 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 87.898711][ T6563] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fabb8bb5fac
[ 87.898717][ T6563] RBP: 00007fabb8bb5fa0 R08: 00007fabb97f9000 R09: 0000000000000000
[ 87.898723][ T6563] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 87.898730][ T6563] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 87.898739][ T6563]
[ 87.898754][ T6563] BUG: Bad page state in process syz.0.29 pfn:4ba00
[ 88.016206][ T6563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4ba00
[ 88.018954][ T6563] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 88.021504][ T6563] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 88.024727][ T6563] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 88.027343][ T6563] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.030067][ T6563] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 88.032732][ T6563] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.035544][ T6563] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.038177][ T6563] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 88.040839][ T6563] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 88.043237][ T6563] page_owner tracks the page as allocated
[ 88.044978][ T6563] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6562, tgid 6562 (syz.0.29), ts 87808515386, free_ts 87671720652
[ 88.051046][ T6563] post_alloc_hook+0x1c0/0x230
[ 88.052568][ T6563] get_page_from_freelist+0x132b/0x38e0
[ 88.054411][ T6563] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.056257][ T6563] alloc_pages_mpol+0x1fb/0x550
[ 88.057798][ T6563] folio_alloc_noprof+0x20/0x2d0
[ 88.059340][ T6563] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.061169][ T6563] page_cache_ra_order+0x4e1/0xd70
[ 88.062833][ T6563] filemap_fault+0x1b4b/0x2930
[ 88.064352][ T6563] __do_fault+0x10a/0x490
[ 88.065683][ T6563] do_pte_missing+0x1a6/0x3ba0
[ 88.067152][ T6563] __handle_mm_fault+0x152a/0x2a50
[ 88.068728][ T6563] handle_mm_fault+0x589/0xd10
[ 88.070202][ T6563] do_user_addr_fault+0x60c/0x1370
[ 88.071769][ T6563] exc_page_fault+0x5c/0xb0
[ 88.073362][ T6563] asm_exc_page_fault+0x26/0x30
[ 88.074910][ T6563] page last free pid 6558 tgid 6557 stack trace:
[ 88.076808][ T6563] free_unref_folios+0xa61/0x16b0
[ 88.078365][ T6563] folios_put_refs+0x56f/0x740
[ 88.079826][ T6563] truncate_inode_pages_range+0x311/0xe50
[ 88.081564][ T6563] blkdev_flush_mapping+0xfb/0x290
[ 88.083284][ T6563] blkdev_put_whole+0xc4/0xf0
[ 88.084741][ T6563] bdev_release+0x47e/0x6d0
[ 88.086123][ T6563] blkdev_release+0x15/0x20
[ 88.087503][ T6563] __fput+0x3ff/0xb70
[ 88.088718][ T6563] task_work_run+0x14d/0x240
[ 88.090144][ T6563] do_exit+0x86f/0x2bf0
[ 88.091420][ T6563] do_group_exit+0xd3/0x2a0
[ 88.092985][ T6563] get_signal+0x2673/0x26d0
[ 88.094417][ T6563] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.096106][ T6563] exit_to_user_mode_loop+0x84/0x110
[ 88.097711][ T6563] do_syscall_64+0x3f6/0x4c0
[ 88.099151][ T6563] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.100973][ T6563] Modules linked in:
[ 88.102207][ T6563] CPU: 0 UID: 0 PID: 6563 Comm: syz.0.29 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.102224][ T6563] Tainted: [B]=BAD_PAGE
[ 88.102228][ T6563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.102235][ T6563] Call Trace:
[ 88.102239][ T6563]
[ 88.102243][ T6563] dump_stack_lvl+0x16c/0x1f0
[ 88.102258][ T6563] bad_page+0xcf/0x220
[ 88.102272][ T6563] ? __pfx_bad_page+0x10/0x10
[ 88.102288][ T6563] ? page_bad_reason+0x9d/0x1f0
[ 88.102305][ T6563] __free_frozen_pages+0x7f7/0x10f0
[ 88.102332][ T6563] __folio_put+0x329/0x450
[ 88.102349][ T6563] ? __pfx___folio_put+0x10/0x10
[ 88.102366][ T6563] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.102383][ T6563] ? rcu_is_watching+0x12/0xc0
[ 88.102403][ T6563] ? lock_release+0x201/0x2f0
[ 88.102427][ T6563] filemap_free_folio+0x132/0x170
[ 88.102443][ T6563] delete_from_page_cache_batch+0x741/0x9b0
[ 88.102462][ T6563] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.102481][ T6563] ? __pfx_workingset_update_node+0x10/0x10
[ 88.102498][ T6563] ? xas_move_index+0xb0/0x110
[ 88.102522][ T6563] truncate_inode_pages_range+0x279/0xe50
[ 88.102545][ T6563] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.102574][ T6563] ? rcu_is_watching+0x12/0xc0
[ 88.102592][ T6563] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 88.102604][ T6563] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.102616][ T6563] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.102628][ T6563] ? smp_call_function_many_cond+0x457/0x1600
[ 88.102647][ T6563] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.102659][ T6563] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.102670][ T6563] blkdev_flush_mapping+0xfb/0x290
[ 88.102682][ T6563] ? filemap_check_errors+0xa9/0x160
[ 88.102696][ T6563] blkdev_put_whole+0xc4/0xf0
[ 88.102707][ T6563] bdev_release+0x47e/0x6d0
[ 88.102721][ T6563] ? __pfx_blkdev_release+0x10/0x10
[ 88.102734][ T6563] blkdev_release+0x15/0x20
[ 88.102746][ T6563] __fput+0x3ff/0xb70
[ 88.102760][ T6563] task_work_run+0x14d/0x240
[ 88.102772][ T6563] ? __pfx_task_work_run+0x10/0x10
[ 88.102783][ T6563] ? do_raw_spin_unlock+0x172/0x230
[ 88.102794][ T6563] do_exit+0x86f/0x2bf0
[ 88.102809][ T6563] ? futex_private_hash_put+0x112/0x300
[ 88.102824][ T6563] ? rcu_is_watching+0x12/0xc0
[ 88.102837][ T6563] ? __pfx_do_exit+0x10/0x10
[ 88.102851][ T6563] ? do_raw_spin_lock+0x12c/0x2b0
[ 88.102876][ T6563] ? get_signal+0x8f5/0x26d0
[ 88.102893][ T6563] ? rcu_is_watching+0x12/0xc0
[ 88.102906][ T6563] do_group_exit+0xd3/0x2a0
[ 88.102922][ T6563] get_signal+0x2673/0x26d0
[ 88.102936][ T6563] ? __pfx_get_signal+0x10/0x10
[ 88.102949][ T6563] ? do_futex+0x122/0x350
[ 88.102964][ T6563] ? __pfx_do_futex+0x10/0x10
[ 88.102979][ T6563] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.102993][ T6563] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 88.103010][ T6563] exit_to_user_mode_loop+0x84/0x110
[ 88.103020][ T6563] do_syscall_64+0x3f6/0x4c0
[ 88.103035][ T6563] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.103046][ T6563] RIP: 0033:0x7fabb898e969
[ 88.103054][ T6563] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 88.103059][ T6563] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 88.103069][ T6563] RAX: 0000000000000001 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 88.103075][ T6563] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fabb8bb5fac
[ 88.103082][ T6563] RBP: 00007fabb8bb5fa0 R08: 00007fabb97f9000 R09: 0000000000000000
[ 88.103088][ T6563] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 88.103095][ T6563] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 88.103104][ T6563]
[ 88.235021][ T6565] BUG: Bad page state in process syz.0.30 pfn:54001
[ 88.237098][ T6565] page does not match folio
[ 88.238498][ T6565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x54001
[ 88.241535][ T6565] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 88.243907][ T6565] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 88.246512][ T6565] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 88.249102][ T6565] page dumped because: nonzero pincount
[ 88.250798][ T6565] page_owner tracks the page as allocated
[ 88.252559][ T6565] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6564, tgid 6564 (syz.0.30), ts 88219288031, free_ts 88213580981
[ 88.259415][ T6565] post_alloc_hook+0x1c0/0x230
[ 88.260917][ T6565] get_page_from_freelist+0x132b/0x38e0
[ 88.262672][ T6565] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.264562][ T6565] alloc_pages_mpol+0x1fb/0x550
[ 88.266082][ T6565] folio_alloc_noprof+0x20/0x2d0
[ 88.267610][ T6565] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.269370][ T6565] page_cache_ra_order+0x4e1/0xd70
[ 88.270959][ T6565] filemap_fault+0x1b4b/0x2930
[ 88.272461][ T6565] __do_fault+0x10a/0x490
[ 88.273870][ T6565] do_pte_missing+0x1a6/0x3ba0
[ 88.275472][ T6565] __handle_mm_fault+0x152a/0x2a50
[ 88.277087][ T6565] handle_mm_fault+0x589/0xd10
[ 88.278626][ T6565] do_user_addr_fault+0x60c/0x1370
[ 88.280215][ T6565] exc_page_fault+0x5c/0xb0
[ 88.281651][ T6565] asm_exc_page_fault+0x26/0x30
[ 88.283338][ T6565] page last free pid 6563 tgid 6562 stack trace:
[ 88.285270][ T6565] free_unref_folios+0xa61/0x16b0
[ 88.286848][ T6565] folios_put_refs+0x56f/0x740
[ 88.288308][ T6565] truncate_inode_pages_range+0x311/0xe50
[ 88.290066][ T6565] blkdev_flush_mapping+0xfb/0x290
[ 88.291644][ T6565] blkdev_put_whole+0xc4/0xf0
[ 88.293221][ T6565] bdev_release+0x47e/0x6d0
[ 88.294654][ T6565] blkdev_release+0x15/0x20
[ 88.296072][ T6565] __fput+0x3ff/0xb70
[ 88.297312][ T6565] task_work_run+0x14d/0x240
[ 88.298753][ T6565] do_exit+0x86f/0x2bf0
[ 88.300044][ T6565] do_group_exit+0xd3/0x2a0
[ 88.301464][ T6565] get_signal+0x2673/0x26d0
[ 88.303027][ T6565] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.304779][ T6565] exit_to_user_mode_loop+0x84/0x110
[ 88.306412][ T6565] do_syscall_64+0x3f6/0x4c0
[ 88.307840][ T6565] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.309687][ T6565] Modules linked in:
[ 88.310909][ T6565] CPU: 3 UID: 0 PID: 6565 Comm: syz.0.30 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.310926][ T6565] Tainted: [B]=BAD_PAGE
[ 88.310930][ T6565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.310936][ T6565] Call Trace:
[ 88.310940][ T6565]
[ 88.310944][ T6565] dump_stack_lvl+0x16c/0x1f0
[ 88.310959][ T6565] bad_page+0xcf/0x220
[ 88.310971][ T6565] ? __pfx_bad_page+0x10/0x10
[ 88.310983][ T6565] free_tail_page_prepare+0x44f/0x5b0
[ 88.310997][ T6565] __free_frozen_pages+0xbae/0x10f0
[ 88.311013][ T6565] __folio_put+0x329/0x450
[ 88.311023][ T6565] ? __pfx___folio_put+0x10/0x10
[ 88.311034][ T6565] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.311045][ T6565] ? rcu_is_watching+0x12/0xc0
[ 88.311058][ T6565] ? lock_release+0x201/0x2f0
[ 88.311074][ T6565] filemap_free_folio+0x132/0x170
[ 88.311084][ T6565] delete_from_page_cache_batch+0x741/0x9b0
[ 88.311096][ T6565] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.311108][ T6565] ? __pfx_workingset_update_node+0x10/0x10
[ 88.311123][ T6565] ? xas_move_index+0xb0/0x110
[ 88.311138][ T6565] truncate_inode_pages_range+0x279/0xe50
[ 88.311153][ T6565] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.311171][ T6565] ? rcu_is_watching+0x12/0xc0
[ 88.311183][ T6565] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 88.311195][ T6565] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.311212][ T6565] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.311224][ T6565] ? smp_call_function_many_cond+0x457/0x1600
[ 88.311243][ T6565] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.311255][ T6565] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.311266][ T6565] blkdev_flush_mapping+0xfb/0x290
[ 88.311277][ T6565] ? filemap_check_errors+0xa9/0x160
[ 88.311292][ T6565] blkdev_put_whole+0xc4/0xf0
[ 88.311303][ T6565] bdev_release+0x47e/0x6d0
[ 88.311316][ T6565] ? __pfx_blkdev_release+0x10/0x10
[ 88.311329][ T6565] blkdev_release+0x15/0x20
[ 88.311342][ T6565] __fput+0x3ff/0xb70
[ 88.311356][ T6565] task_work_run+0x14d/0x240
[ 88.311367][ T6565] ? __pfx_task_work_run+0x10/0x10
[ 88.311378][ T6565] ? do_raw_spin_unlock+0x172/0x230
[ 88.311390][ T6565] do_exit+0x86f/0x2bf0
[ 88.311407][ T6565] ? __pfx_do_exit+0x10/0x10
[ 88.311421][ T6565] ? do_raw_spin_lock+0x12c/0x2b0
[ 88.311432][ T6565] ? get_signal+0x8f5/0x26d0
[ 88.311444][ T6565] ? rcu_is_watching+0x12/0xc0
[ 88.311457][ T6565] do_group_exit+0xd3/0x2a0
[ 88.311472][ T6565] get_signal+0x2673/0x26d0
[ 88.311487][ T6565] ? __pfx_get_signal+0x10/0x10
[ 88.311499][ T6565] ? do_futex+0x122/0x350
[ 88.311515][ T6565] ? __pfx_do_futex+0x10/0x10
[ 88.311530][ T6565] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.311544][ T6565] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 88.311561][ T6565] exit_to_user_mode_loop+0x84/0x110
[ 88.311571][ T6565] do_syscall_64+0x3f6/0x4c0
[ 88.311586][ T6565] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.311597][ T6565] RIP: 0033:0x7fabb898e969
[ 88.311605][ T6565] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 88.311609][ T6565] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 88.311619][ T6565] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 88.311626][ T6565] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 88.311632][ T6565] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 88.311638][ T6565] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 88.311645][ T6565] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 88.311654][ T6565]
[ 88.311668][ T6565] BUG: Bad page state in process syz.0.30 pfn:54000
[ 88.421129][ T6565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54000
[ 88.424899][ T6565] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 88.428102][ T6565] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 88.431748][ T6565] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 88.435248][ T6565] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.438778][ T6565] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 88.442014][ T6565] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.445385][ T6565] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.448612][ T6565] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 88.451831][ T6565] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 88.454664][ T6565] page_owner tracks the page as allocated
[ 88.456817][ T6565] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6564, tgid 6564 (syz.0.30), ts 88219288031, free_ts 88213580981
[ 88.464281][ T6565] post_alloc_hook+0x1c0/0x230
[ 88.466062][ T6565] get_page_from_freelist+0x132b/0x38e0
[ 88.468174][ T6565] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.470422][ T6565] alloc_pages_mpol+0x1fb/0x550
[ 88.472276][ T6565] folio_alloc_noprof+0x20/0x2d0
[ 88.474274][ T6565] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.476427][ T6565] page_cache_ra_order+0x4e1/0xd70
[ 88.478381][ T6565] filemap_fault+0x1b4b/0x2930
[ 88.480177][ T6565] __do_fault+0x10a/0x490
[ 88.481821][ T6565] do_pte_missing+0x1a6/0x3ba0
[ 88.483736][ T6565] __handle_mm_fault+0x152a/0x2a50
[ 88.485695][ T6565] handle_mm_fault+0x589/0xd10
[ 88.487514][ T6565] do_user_addr_fault+0x60c/0x1370
[ 88.489459][ T6565] exc_page_fault+0x5c/0xb0
[ 88.491194][ T6565] asm_exc_page_fault+0x26/0x30
[ 88.493123][ T6565] page last free pid 6563 tgid 6562 stack trace:
[ 88.495545][ T6565] free_unref_folios+0xa61/0x16b0
[ 88.497477][ T6565] folios_put_refs+0x56f/0x740
[ 88.499300][ T6565] truncate_inode_pages_range+0x311/0xe50
[ 88.501459][ T6565] blkdev_flush_mapping+0xfb/0x290
[ 88.503498][ T6565] blkdev_put_whole+0xc4/0xf0
[ 88.505279][ T6565] bdev_release+0x47e/0x6d0
[ 88.507039][ T6565] blkdev_release+0x15/0x20
[ 88.508767][ T6565] __fput+0x3ff/0xb70
[ 88.510330][ T6565] task_work_run+0x14d/0x240
[ 88.512089][ T6565] do_exit+0x86f/0x2bf0
[ 88.513854][ T6565] do_group_exit+0xd3/0x2a0
[ 88.515540][ T6565] get_signal+0x2673/0x26d0
[ 88.517307][ T6565] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.519414][ T6565] exit_to_user_mode_loop+0x84/0x110
[ 88.521412][ T6565] do_syscall_64+0x3f6/0x4c0
[ 88.523249][ T6565] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.525453][ T6565] Modules linked in:
[ 88.526987][ T6565] CPU: 2 UID: 0 PID: 6565 Comm: syz.0.30 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.527011][ T6565] Tainted: [B]=BAD_PAGE
[ 88.527015][ T6565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.527023][ T6565] Call Trace:
[ 88.527029][ T6565]
[ 88.527035][ T6565] dump_stack_lvl+0x16c/0x1f0
[ 88.527057][ T6565] bad_page+0xcf/0x220
[ 88.527073][ T6565] ? __pfx_bad_page+0x10/0x10
[ 88.527090][ T6565] ? page_bad_reason+0x9d/0x1f0
[ 88.527107][ T6565] __free_frozen_pages+0x7f7/0x10f0
[ 88.527127][ T6565] __folio_put+0x329/0x450
[ 88.527142][ T6565] ? __pfx___folio_put+0x10/0x10
[ 88.527157][ T6565] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.527173][ T6565] ? rcu_is_watching+0x12/0xc0
[ 88.527192][ T6565] ? lock_release+0x201/0x2f0
[ 88.527215][ T6565] filemap_free_folio+0x132/0x170
[ 88.527228][ T6565] delete_from_page_cache_batch+0x741/0x9b0
[ 88.527244][ T6565] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.527262][ T6565] ? __pfx_workingset_update_node+0x10/0x10
[ 88.527278][ T6565] ? xas_move_index+0xb0/0x110
[ 88.527300][ T6565] truncate_inode_pages_range+0x279/0xe50
[ 88.527321][ T6565] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.527344][ T6565] ? rcu_is_watching+0x12/0xc0
[ 88.527362][ T6565] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 88.527379][ T6565] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.527396][ T6565] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.527413][ T6565] ? smp_call_function_many_cond+0x457/0x1600
[ 88.527437][ T6565] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.527455][ T6565] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.527471][ T6565] blkdev_flush_mapping+0xfb/0x290
[ 88.527488][ T6565] ? filemap_check_errors+0xa9/0x160
[ 88.527509][ T6565] blkdev_put_whole+0xc4/0xf0
[ 88.527523][ T6565] bdev_release+0x47e/0x6d0
[ 88.527541][ T6565] ? __pfx_blkdev_release+0x10/0x10
[ 88.527560][ T6565] blkdev_release+0x15/0x20
[ 88.527578][ T6565] __fput+0x3ff/0xb70
[ 88.527598][ T6565] task_work_run+0x14d/0x240
[ 88.527614][ T6565] ? __pfx_task_work_run+0x10/0x10
[ 88.527630][ T6565] ? do_raw_spin_unlock+0x172/0x230
[ 88.527644][ T6565] do_exit+0x86f/0x2bf0
[ 88.527667][ T6565] ? __pfx_do_exit+0x10/0x10
[ 88.527688][ T6565] ? do_raw_spin_lock+0x12c/0x2b0
[ 88.527704][ T6565] ? get_signal+0x8f5/0x26d0
[ 88.527720][ T6565] ? rcu_is_watching+0x12/0xc0
[ 88.527733][ T6565] do_group_exit+0xd3/0x2a0
[ 88.527748][ T6565] get_signal+0x2673/0x26d0
[ 88.527765][ T6565] ? __pfx_get_signal+0x10/0x10
[ 88.527783][ T6565] ? do_futex+0x122/0x350
[ 88.527805][ T6565] ? __pfx_do_futex+0x10/0x10
[ 88.527828][ T6565] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.527850][ T6565] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 88.527875][ T6565] exit_to_user_mode_loop+0x84/0x110
[ 88.527891][ T6565] do_syscall_64+0x3f6/0x4c0
[ 88.527913][ T6565] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.527927][ T6565] RIP: 0033:0x7fabb898e969
[ 88.527936][ T6565] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 88.527944][ T6565] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 88.527959][ T6565] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 88.527970][ T6565] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 88.527980][ T6565] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 88.527989][ T6565] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 88.527998][ T6565] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 88.528012][ T6565]
[ 88.558541][ T6567] BUG: Bad page state in process syz.0.31 pfn:54401
[ 88.647561][ T6567] page does not match folio
[ 88.649400][ T6567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x54401
[ 88.653287][ T6567] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 88.656227][ T6567] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 88.659560][ T6567] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 88.663076][ T6567] page dumped because: nonzero pincount
[ 88.665214][ T6567] page_owner tracks the page as allocated
[ 88.667488][ T6567] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6566, tgid 6566 (syz.0.31), ts 88536924268, free_ts 0
[ 88.674726][ T6567] post_alloc_hook+0x1c0/0x230
[ 88.676624][ T6567] get_page_from_freelist+0x132b/0x38e0
[ 88.678781][ T6567] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.681083][ T6567] alloc_pages_mpol+0x1fb/0x550
[ 88.683088][ T6567] folio_alloc_noprof+0x20/0x2d0
[ 88.685038][ T6567] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.687272][ T6567] page_cache_ra_order+0x4e1/0xd70
[ 88.689265][ T6567] filemap_fault+0x1b4b/0x2930
[ 88.691154][ T6567] __do_fault+0x10a/0x490
[ 88.693009][ T6567] do_pte_missing+0x1a6/0x3ba0
[ 88.694888][ T6567] __handle_mm_fault+0x152a/0x2a50
[ 88.696863][ T6567] handle_mm_fault+0x589/0xd10
[ 88.698731][ T6567] do_user_addr_fault+0x60c/0x1370
[ 88.700716][ T6567] exc_page_fault+0x5c/0xb0
[ 88.702500][ T6567] asm_exc_page_fault+0x26/0x30
[ 88.704508][ T6567] page_owner free stack trace missing
[ 88.706597][ T6567] Modules linked in:
[ 88.708129][ T6567] CPU: 2 UID: 0 PID: 6567 Comm: syz.0.31 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.708153][ T6567] Tainted: [B]=BAD_PAGE
[ 88.708159][ T6567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.708168][ T6567] Call Trace:
[ 88.708174][ T6567]
[ 88.708180][ T6567] dump_stack_lvl+0x16c/0x1f0
[ 88.708202][ T6567] bad_page+0xcf/0x220
[ 88.708218][ T6567] ? __pfx_bad_page+0x10/0x10
[ 88.708234][ T6567] free_tail_page_prepare+0x44f/0x5b0
[ 88.708253][ T6567] __free_frozen_pages+0xbae/0x10f0
[ 88.708277][ T6567] __folio_put+0x329/0x450
[ 88.708292][ T6567] ? __pfx___folio_put+0x10/0x10
[ 88.708307][ T6567] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.708323][ T6567] ? rcu_is_watching+0x12/0xc0
[ 88.708338][ T6567] ? lock_release+0x201/0x2f0
[ 88.708362][ T6567] filemap_free_folio+0x132/0x170
[ 88.708377][ T6567] delete_from_page_cache_batch+0x741/0x9b0
[ 88.708395][ T6567] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.708412][ T6567] ? __pfx_workingset_update_node+0x10/0x10
[ 88.708427][ T6567] ? xas_move_index+0xb0/0x110
[ 88.708446][ T6567] truncate_inode_pages_range+0x279/0xe50
[ 88.708467][ T6567] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.708494][ T6567] ? rcu_is_watching+0x12/0xc0
[ 88.708511][ T6567] ? has_bh_in_lru+0x9d/0x100
[ 88.708526][ T6567] ? smp_call_function_many_cond+0x457/0x1600
[ 88.708551][ T6567] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.708568][ T6567] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.708585][ T6567] blkdev_flush_mapping+0xfb/0x290
[ 88.708602][ T6567] ? filemap_check_errors+0xa9/0x160
[ 88.708623][ T6567] blkdev_put_whole+0xc4/0xf0
[ 88.708639][ T6567] bdev_release+0x47e/0x6d0
[ 88.708654][ T6567] ? __pfx_blkdev_release+0x10/0x10
[ 88.708673][ T6567] blkdev_release+0x15/0x20
[ 88.708691][ T6567] __fput+0x3ff/0xb70
[ 88.708711][ T6567] task_work_run+0x14d/0x240
[ 88.708728][ T6567] ? __pfx_task_work_run+0x10/0x10
[ 88.708743][ T6567] ? do_raw_spin_unlock+0x172/0x230
[ 88.708757][ T6567] do_exit+0x86f/0x2bf0
[ 88.708781][ T6567] ? __pfx_do_exit+0x10/0x10
[ 88.708802][ T6567] ? do_raw_spin_lock+0x12c/0x2b0
[ 88.708818][ T6567] ? get_signal+0x8f5/0x26d0
[ 88.708836][ T6567] ? rcu_is_watching+0x12/0xc0
[ 88.708851][ T6567] do_group_exit+0xd3/0x2a0
[ 88.708880][ T6567] get_signal+0x2673/0x26d0
[ 88.708902][ T6567] ? __pfx_get_signal+0x10/0x10
[ 88.708920][ T6567] ? do_futex+0x122/0x350
[ 88.708942][ T6567] ? __pfx_do_futex+0x10/0x10
[ 88.708961][ T6567] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.708981][ T6567] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 88.709006][ T6567] exit_to_user_mode_loop+0x84/0x110
[ 88.709022][ T6567] do_syscall_64+0x3f6/0x4c0
[ 88.709044][ T6567] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.709059][ T6567] RIP: 0033:0x7fabb898e969
[ 88.709067][ T6567] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 88.709073][ T6567] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 88.709088][ T6567] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 88.709099][ T6567] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 88.709108][ T6567] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 88.709118][ T6567] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 88.709127][ T6567] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 88.709141][ T6567]
[ 88.709162][ T6567] BUG: Bad page state in process syz.0.31 pfn:54400
[ 88.840469][ T6567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54400
[ 88.843900][ T6567] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 88.847134][ T6567] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 88.850884][ T6567] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 88.854269][ T6567] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.857493][ T6567] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 88.860837][ T6567] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.864245][ T6567] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.867570][ T6567] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 88.870792][ T6567] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 88.873629][ T6567] page_owner tracks the page as allocated
[ 88.875862][ T6567] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6566, tgid 6566 (syz.0.31), ts 88536924268, free_ts 0
[ 88.883143][ T6567] post_alloc_hook+0x1c0/0x230
[ 88.885007][ T6567] get_page_from_freelist+0x132b/0x38e0
[ 88.887115][ T6567] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.889361][ T6567] alloc_pages_mpol+0x1fb/0x550
[ 88.891232][ T6567] folio_alloc_noprof+0x20/0x2d0
[ 88.893200][ T6567] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.895410][ T6567] page_cache_ra_order+0x4e1/0xd70
[ 88.897369][ T6567] filemap_fault+0x1b4b/0x2930
[ 88.899200][ T6567] __do_fault+0x10a/0x490
[ 88.900876][ T6567] do_pte_missing+0x1a6/0x3ba0
[ 88.902698][ T6567] __handle_mm_fault+0x152a/0x2a50
[ 88.904752][ T6567] handle_mm_fault+0x589/0xd10
[ 88.906577][ T6567] do_user_addr_fault+0x60c/0x1370
[ 88.908474][ T6567] exc_page_fault+0x5c/0xb0
[ 88.910219][ T6567] asm_exc_page_fault+0x26/0x30
[ 88.912067][ T6567] page_owner free stack trace missing
[ 88.914175][ T6567] Modules linked in:
[ 88.915687][ T6567] CPU: 2 UID: 0 PID: 6567 Comm: syz.0.31 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.915712][ T6567] Tainted: [B]=BAD_PAGE
[ 88.915717][ T6567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.915727][ T6567] Call Trace:
[ 88.915732][ T6567]
[ 88.915738][ T6567] dump_stack_lvl+0x16c/0x1f0
[ 88.915758][ T6567] bad_page+0xcf/0x220
[ 88.915775][ T6567] ? __pfx_bad_page+0x10/0x10
[ 88.915792][ T6567] ? page_bad_reason+0x9d/0x1f0
[ 88.915808][ T6567] __free_frozen_pages+0x7f7/0x10f0
[ 88.915832][ T6567] __folio_put+0x329/0x450
[ 88.915847][ T6567] ? __pfx___folio_put+0x10/0x10
[ 88.915858][ T6567] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.915880][ T6567] ? rcu_is_watching+0x12/0xc0
[ 88.915899][ T6567] ? lock_release+0x201/0x2f0
[ 88.915921][ T6567] filemap_free_folio+0x132/0x170
[ 88.915936][ T6567] delete_from_page_cache_batch+0x741/0x9b0
[ 88.915952][ T6567] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.915968][ T6567] ? __pfx_workingset_update_node+0x10/0x10
[ 88.915984][ T6567] ? xas_move_index+0xb0/0x110
[ 88.916006][ T6567] truncate_inode_pages_range+0x279/0xe50
[ 88.916027][ T6567] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.916045][ T6567] ? rcu_is_watching+0x12/0xc0
[ 88.916057][ T6567] ? has_bh_in_lru+0x9d/0x100
2025/08/01 08:44:30 executed programs: 18
[ 88.916068][ T6567] ? smp_call_function_many_cond+0x457/0x1600
[ 88.916088][ T6567] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.916105][ T6567] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.916121][ T6567] blkdev_flush_mapping+0xfb/0x290
[ 88.916138][ T6567] ? filemap_check_errors+0xa9/0x160
[ 88.916159][ T6567] blkdev_put_whole+0xc4/0xf0
[ 88.916172][ T6567] bdev_release+0x47e/0x6d0
[ 88.916191][ T6567] ? __pfx_blkdev_release+0x10/0x10
[ 88.916210][ T6567] blkdev_release+0x15/0x20
[ 88.916229][ T6567] __fput+0x3ff/0xb70
[ 88.916249][ T6567] task_work_run+0x14d/0x240
[ 88.916266][ T6567] ? __pfx_task_work_run+0x10/0x10
[ 88.916278][ T6567] ? do_raw_spin_unlock+0x172/0x230
[ 88.916296][ T6567] do_exit+0x86f/0x2bf0
[ 88.916320][ T6567] ? __pfx_do_exit+0x10/0x10
[ 88.916341][ T6567] ? do_raw_spin_lock+0x12c/0x2b0
[ 88.916356][ T6567] ? get_signal+0x8f5/0x26d0
[ 88.916371][ T6567] ? rcu_is_watching+0x12/0xc0
[ 88.916389][ T6567] do_group_exit+0xd3/0x2a0
[ 88.916412][ T6567] get_signal+0x2673/0x26d0
[ 88.916433][ T6567] ? __pfx_get_signal+0x10/0x10
[ 88.916451][ T6567] ? do_futex+0x122/0x350
[ 88.916469][ T6567] ? __pfx_do_futex+0x10/0x10
[ 88.916491][ T6567] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.916512][ T6567] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 88.916536][ T6567] exit_to_user_mode_loop+0x84/0x110
[ 88.916552][ T6567] do_syscall_64+0x3f6/0x4c0
[ 88.916570][ T6567] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.916586][ T6567] RIP: 0033:0x7fabb898e969
[ 88.916598][ T6567] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 88.916605][ T6567] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 88.916619][ T6567] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 88.916629][ T6567] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 88.916639][ T6567] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 88.916648][ T6567] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 88.916655][ T6567] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 88.916667][ T6567]
[ 89.077087][ T6570] BUG: Bad page state in process syz.0.32 pfn:54601
[ 89.079617][ T6570] page does not match folio
[ 89.081341][ T6570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x54601
[ 89.086003][ T6570] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 89.088834][ T6570] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 89.092037][ T6570] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 89.095385][ T6570] page dumped because: nonzero pincount
[ 89.097461][ T6570] page_owner tracks the page as allocated
[ 89.099586][ T6570] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6569, tgid 6569 (syz.0.32), ts 89051119294, free_ts 88916707695
[ 89.107233][ T6570] post_alloc_hook+0x1c0/0x230
[ 89.108770][ T6570] get_page_from_freelist+0x132b/0x38e0
[ 89.110524][ T6570] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 89.112375][ T6570] alloc_pages_mpol+0x1fb/0x550
[ 89.114340][ T6570] folio_alloc_noprof+0x20/0x2d0
[ 89.115915][ T6570] filemap_alloc_folio_noprof+0x3a1/0x470
[ 89.117688][ T6570] page_cache_ra_order+0x4e1/0xd70
[ 89.119284][ T6570] filemap_fault+0x1b4b/0x2930
[ 89.120778][ T6570] __do_fault+0x10a/0x490
[ 89.122112][ T6570] do_pte_missing+0x1a6/0x3ba0
[ 89.123793][ T6570] __handle_mm_fault+0x152a/0x2a50
[ 89.125368][ T6570] handle_mm_fault+0x589/0xd10
[ 89.126852][ T6570] do_user_addr_fault+0x60c/0x1370
[ 89.128415][ T6570] exc_page_fault+0x5c/0xb0
[ 89.129817][ T6570] asm_exc_page_fault+0x26/0x30
[ 89.131320][ T6570] page last free pid 6567 tgid 6566 stack trace:
[ 89.133368][ T6570] free_unref_folios+0xa61/0x16b0
[ 89.134970][ T6570] folios_put_refs+0x56f/0x740
[ 89.136441][ T6570] truncate_inode_pages_range+0x311/0xe50
[ 89.138176][ T6570] blkdev_flush_mapping+0xfb/0x290
[ 89.139761][ T6570] blkdev_put_whole+0xc4/0xf0
[ 89.141226][ T6570] bdev_release+0x47e/0x6d0
[ 89.142650][ T6570] blkdev_release+0x15/0x20
[ 89.144127][ T6570] __fput+0x3ff/0xb70
[ 89.145376][ T6570] task_work_run+0x14d/0x240
[ 89.146817][ T6570] do_exit+0x86f/0x2bf0
[ 89.148126][ T6570] do_group_exit+0xd3/0x2a0
[ 89.149546][ T6570] get_signal+0x2673/0x26d0
[ 89.150983][ T6570] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.152703][ T6570] exit_to_user_mode_loop+0x84/0x110
[ 89.154388][ T6570] do_syscall_64+0x3f6/0x4c0
[ 89.155844][ T6570] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.157679][ T6570] Modules linked in:
[ 89.158901][ T6570] CPU: 3 UID: 0 PID: 6570 Comm: syz.0.32 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 89.158922][ T6570] Tainted: [B]=BAD_PAGE
[ 89.158925][ T6570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.158932][ T6570] Call Trace:
[ 89.158935][ T6570]
[ 89.158950][ T6570] dump_stack_lvl+0x16c/0x1f0
[ 89.158966][ T6570] bad_page+0xcf/0x220
[ 89.158978][ T6570] ? __pfx_bad_page+0x10/0x10
[ 89.158990][ T6570] free_tail_page_prepare+0x44f/0x5b0
[ 89.159004][ T6570] __free_frozen_pages+0xbae/0x10f0
[ 89.159021][ T6570] __folio_put+0x329/0x450
[ 89.159031][ T6570] ? __pfx___folio_put+0x10/0x10
[ 89.159042][ T6570] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 89.159053][ T6570] ? rcu_is_watching+0x12/0xc0
[ 89.159067][ T6570] ? lock_release+0x201/0x2f0
[ 89.159083][ T6570] filemap_free_folio+0x132/0x170
[ 89.159093][ T6570] delete_from_page_cache_batch+0x741/0x9b0
[ 89.159105][ T6570] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 89.159117][ T6570] ? __pfx_workingset_update_node+0x10/0x10
[ 89.159128][ T6570] ? xas_move_index+0xb0/0x110
[ 89.159143][ T6570] truncate_inode_pages_range+0x279/0xe50
[ 89.159158][ T6570] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 89.159176][ T6570] ? rcu_is_watching+0x12/0xc0
[ 89.159188][ T6570] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 89.159200][ T6570] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.159212][ T6570] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.159224][ T6570] ? smp_call_function_many_cond+0x457/0x1600
[ 89.159243][ T6570] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.159255][ T6570] ? __pfx_has_bh_in_lru+0x10/0x10
[ 89.159266][ T6570] blkdev_flush_mapping+0xfb/0x290
[ 89.159278][ T6570] ? filemap_check_errors+0xa9/0x160
[ 89.159293][ T6570] blkdev_put_whole+0xc4/0xf0
[ 89.159304][ T6570] bdev_release+0x47e/0x6d0
[ 89.159317][ T6570] ? __pfx_blkdev_release+0x10/0x10
[ 89.159331][ T6570] blkdev_release+0x15/0x20
[ 89.159343][ T6570] __fput+0x3ff/0xb70
[ 89.159357][ T6570] task_work_run+0x14d/0x240
[ 89.159369][ T6570] ? __pfx_task_work_run+0x10/0x10
[ 89.159380][ T6570] ? do_raw_spin_unlock+0x172/0x230
[ 89.159392][ T6570] do_exit+0x86f/0x2bf0
[ 89.159408][ T6570] ? __pfx_do_exit+0x10/0x10
[ 89.159423][ T6570] ? do_raw_spin_lock+0x12c/0x2b0
[ 89.159433][ T6570] ? get_signal+0x8f5/0x26d0
[ 89.159445][ T6570] ? rcu_is_watching+0x12/0xc0
[ 89.159458][ T6570] do_group_exit+0xd3/0x2a0
[ 89.159473][ T6570] get_signal+0x2673/0x26d0
[ 89.159488][ T6570] ? __pfx_get_signal+0x10/0x10
[ 89.159500][ T6570] ? do_futex+0x122/0x350
[ 89.159515][ T6570] ? __pfx_do_futex+0x10/0x10
[ 89.159531][ T6570] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.159545][ T6570] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 89.159562][ T6570] exit_to_user_mode_loop+0x84/0x110
[ 89.159573][ T6570] do_syscall_64+0x3f6/0x4c0
[ 89.159588][ T6570] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.159598][ T6570] RIP: 0033:0x7fabb898e969
[ 89.159606][ T6570] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 89.159611][ T6570] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 89.159621][ T6570] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 89.159628][ T6570] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 89.159634][ T6570] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 89.159640][ T6570] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 89.159647][ T6570] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 89.159656][ T6570]
[ 89.159681][ T6570] BUG: Bad page state in process syz.0.32 pfn:54600
[ 89.269740][ T6570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54600
[ 89.272411][ T6570] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 89.275048][ T6570] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 89.278004][ T6570] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 89.280617][ T6570] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.283301][ T6570] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 89.285945][ T6570] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.288567][ T6570] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.291184][ T6570] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 89.293895][ T6570] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 89.296142][ T6570] page_owner tracks the page as allocated
[ 89.297878][ T6570] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6569, tgid 6569 (syz.0.32), ts 89051119294, free_ts 88916707695
[ 89.303930][ T6570] post_alloc_hook+0x1c0/0x230
[ 89.305420][ T6570] get_page_from_freelist+0x132b/0x38e0
[ 89.307118][ T6570] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 89.308938][ T6570] alloc_pages_mpol+0x1fb/0x550
[ 89.310467][ T6570] folio_alloc_noprof+0x20/0x2d0
[ 89.311999][ T6570] filemap_alloc_folio_noprof+0x3a1/0x470
[ 89.313827][ T6570] page_cache_ra_order+0x4e1/0xd70
[ 89.315417][ T6570] filemap_fault+0x1b4b/0x2930
[ 89.316911][ T6570] __do_fault+0x10a/0x490
[ 89.318251][ T6570] do_pte_missing+0x1a6/0x3ba0
[ 89.319725][ T6570] __handle_mm_fault+0x152a/0x2a50
[ 89.321306][ T6570] handle_mm_fault+0x589/0xd10
[ 89.322806][ T6570] do_user_addr_fault+0x60c/0x1370
[ 89.324458][ T6570] exc_page_fault+0x5c/0xb0
[ 89.325868][ T6570] asm_exc_page_fault+0x26/0x30
[ 89.327358][ T6570] page last free pid 6567 tgid 6566 stack trace:
[ 89.329279][ T6570] free_unref_folios+0xa61/0x16b0
[ 89.330842][ T6570] folios_put_refs+0x56f/0x740
[ 89.332330][ T6570] truncate_inode_pages_range+0x311/0xe50
[ 89.334146][ T6570] blkdev_flush_mapping+0xfb/0x290
[ 89.335731][ T6570] blkdev_put_whole+0xc4/0xf0
[ 89.337182][ T6570] bdev_release+0x47e/0x6d0
[ 89.338592][ T6570] blkdev_release+0x15/0x20
[ 89.340004][ T6570] __fput+0x3ff/0xb70
[ 89.341262][ T6570] task_work_run+0x14d/0x240
[ 89.342711][ T6570] do_exit+0x86f/0x2bf0
[ 89.344064][ T6570] do_group_exit+0xd3/0x2a0
[ 89.345476][ T6570] get_signal+0x2673/0x26d0
[ 89.346873][ T6570] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.348567][ T6570] exit_to_user_mode_loop+0x84/0x110
[ 89.350163][ T6570] do_syscall_64+0x3f6/0x4c0
[ 89.351578][ T6570] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.353429][ T6570] Modules linked in:
[ 89.354662][ T6570] CPU: 3 UID: 0 PID: 6570 Comm: syz.0.32 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 89.354679][ T6570] Tainted: [B]=BAD_PAGE
[ 89.354683][ T6570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.354689][ T6570] Call Trace:
[ 89.354693][ T6570]
[ 89.354704][ T6570] dump_stack_lvl+0x16c/0x1f0
[ 89.354720][ T6570] bad_page+0xcf/0x220
[ 89.354731][ T6570] ? __pfx_bad_page+0x10/0x10
[ 89.354743][ T6570] ? page_bad_reason+0x9d/0x1f0
[ 89.354754][ T6570] __free_frozen_pages+0x7f7/0x10f0
[ 89.354770][ T6570] __folio_put+0x329/0x450
[ 89.354780][ T6570] ? __pfx___folio_put+0x10/0x10
[ 89.354791][ T6570] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 89.354802][ T6570] ? rcu_is_watching+0x12/0xc0
[ 89.354815][ T6570] ? lock_release+0x201/0x2f0
[ 89.354831][ T6570] filemap_free_folio+0x132/0x170
[ 89.354841][ T6570] delete_from_page_cache_batch+0x741/0x9b0
[ 89.354853][ T6570] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 89.354865][ T6570] ? __pfx_workingset_update_node+0x10/0x10
[ 89.354876][ T6570] ? xas_move_index+0xb0/0x110
[ 89.354892][ T6570] truncate_inode_pages_range+0x279/0xe50
[ 89.354910][ T6570] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 89.354927][ T6570] ? rcu_is_watching+0x12/0xc0
[ 89.354940][ T6570] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 89.354951][ T6570] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.354964][ T6570] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.354976][ T6570] ? smp_call_function_many_cond+0x457/0x1600
[ 89.354995][ T6570] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.355007][ T6570] ? __pfx_has_bh_in_lru+0x10/0x10
[ 89.355018][ T6570] blkdev_flush_mapping+0xfb/0x290
[ 89.355029][ T6570] ? filemap_check_errors+0xa9/0x160
[ 89.355044][ T6570] blkdev_put_whole+0xc4/0xf0
[ 89.355055][ T6570] bdev_release+0x47e/0x6d0
[ 89.355069][ T6570] ? __pfx_blkdev_release+0x10/0x10
[ 89.355083][ T6570] blkdev_release+0x15/0x20
[ 89.355095][ T6570] __fput+0x3ff/0xb70
[ 89.355110][ T6570] task_work_run+0x14d/0x240
[ 89.355121][ T6570] ? __pfx_task_work_run+0x10/0x10
[ 89.355132][ T6570] ? do_raw_spin_unlock+0x172/0x230
[ 89.355144][ T6570] do_exit+0x86f/0x2bf0
[ 89.355160][ T6570] ? __pfx_do_exit+0x10/0x10
[ 89.355177][ T6570] ? do_raw_spin_lock+0x12c/0x2b0
[ 89.355187][ T6570] ? get_signal+0x8f5/0x26d0
[ 89.355200][ T6570] ? rcu_is_watching+0x12/0xc0
[ 89.355212][ T6570] do_group_exit+0xd3/0x2a0
[ 89.355228][ T6570] get_signal+0x2673/0x26d0
[ 89.355243][ T6570] ? __pfx_get_signal+0x10/0x10
[ 89.355256][ T6570] ? do_futex+0x122/0x350
[ 89.355271][ T6570] ? __pfx_do_futex+0x10/0x10
[ 89.355287][ T6570] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.355301][ T6570] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 89.355317][ T6570] exit_to_user_mode_loop+0x84/0x110
[ 89.355328][ T6570] do_syscall_64+0x3f6/0x4c0
[ 89.355343][ T6570] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.355354][ T6570] RIP: 0033:0x7fabb898e969
[ 89.355361][ T6570] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 89.355366][ T6570] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 89.355376][ T6570] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 89.355383][ T6570] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 89.355389][ T6570] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 89.355395][ T6570] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 89.355402][ T6570] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 89.355411][ T6570]
[ 89.417914][ T6573] atomic_op ffff88802745a198 conn xmit_atomic 0000000000000000
[ 89.511938][ T6575] BUG: Bad page state in process syz.0.34 pfn:54201
[ 89.514458][ T6575] page does not match folio
[ 89.516088][ T6575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x54201
[ 89.519664][ T6575] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 89.522349][ T6575] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 89.525792][ T6575] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 89.528917][ T6575] page dumped because: nonzero pincount
[ 89.530898][ T6575] page_owner tracks the page as allocated
[ 89.532987][ T6575] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6574, tgid 6574 (syz.0.34), ts 89487233723, free_ts 89355448938
[ 89.539693][ T6575] post_alloc_hook+0x1c0/0x230
[ 89.541218][ T6575] get_page_from_freelist+0x132b/0x38e0
[ 89.543471][ T6575] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 89.545278][ T6575] alloc_pages_mpol+0x1fb/0x550
[ 89.546751][ T6575] folio_alloc_noprof+0x20/0x2d0
[ 89.548261][ T6575] filemap_alloc_folio_noprof+0x3a1/0x470
[ 89.550003][ T6575] page_cache_ra_order+0x4e1/0xd70
[ 89.551559][ T6575] filemap_fault+0x1b4b/0x2930
[ 89.553105][ T6575] __do_fault+0x10a/0x490
[ 89.554465][ T6575] do_pte_missing+0x1a6/0x3ba0
[ 89.555931][ T6575] __handle_mm_fault+0x152a/0x2a50
[ 89.557492][ T6575] handle_mm_fault+0x589/0xd10
[ 89.559036][ T6575] do_user_addr_fault+0x60c/0x1370
[ 89.560606][ T6575] exc_page_fault+0x5c/0xb0
[ 89.562028][ T6575] asm_exc_page_fault+0x26/0x30
[ 89.563612][ T6575] page last free pid 6570 tgid 6569 stack trace:
[ 89.565543][ T6575] free_unref_folios+0xa61/0x16b0
[ 89.567126][ T6575] folios_put_refs+0x56f/0x740
[ 89.568633][ T6575] truncate_inode_pages_range+0x311/0xe50
[ 89.570415][ T6575] blkdev_flush_mapping+0xfb/0x290
[ 89.572022][ T6575] blkdev_put_whole+0xc4/0xf0
[ 89.573549][ T6575] bdev_release+0x47e/0x6d0
[ 89.574993][ T6575] blkdev_release+0x15/0x20
[ 89.576419][ T6575] __fput+0x3ff/0xb70
[ 89.577684][ T6575] task_work_run+0x14d/0x240
[ 89.579138][ T6575] do_exit+0x86f/0x2bf0
[ 89.580453][ T6575] do_group_exit+0xd3/0x2a0
[ 89.581883][ T6575] get_signal+0x2673/0x26d0
[ 89.583374][ T6575] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.585098][ T6575] exit_to_user_mode_loop+0x84/0x110
[ 89.586747][ T6575] do_syscall_64+0x3f6/0x4c0
[ 89.588199][ T6575] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.590046][ T6575] Modules linked in:
[ 89.591269][ T6575] CPU: 1 UID: 0 PID: 6575 Comm: syz.0.34 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 89.591287][ T6575] Tainted: [B]=BAD_PAGE
[ 89.591291][ T6575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.591298][ T6575] Call Trace:
[ 89.591302][ T6575]
[ 89.591306][ T6575] dump_stack_lvl+0x16c/0x1f0
[ 89.591321][ T6575] bad_page+0xcf/0x220
[ 89.591332][ T6575] ? __pfx_bad_page+0x10/0x10
[ 89.591344][ T6575] free_tail_page_prepare+0x44f/0x5b0
[ 89.591358][ T6575] __free_frozen_pages+0xbae/0x10f0
[ 89.591375][ T6575] __folio_put+0x329/0x450
[ 89.591385][ T6575] ? __pfx___folio_put+0x10/0x10
[ 89.591395][ T6575] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 89.591407][ T6575] ? rcu_is_watching+0x12/0xc0
[ 89.591420][ T6575] ? lock_release+0x201/0x2f0
[ 89.591435][ T6575] filemap_free_folio+0x132/0x170
[ 89.591446][ T6575] delete_from_page_cache_batch+0x741/0x9b0
[ 89.591458][ T6575] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 89.591469][ T6575] ? __pfx_workingset_update_node+0x10/0x10
[ 89.591480][ T6575] ? xas_move_index+0xb0/0x110
[ 89.591495][ T6575] truncate_inode_pages_range+0x279/0xe50
[ 89.591510][ T6575] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 89.591523][ T6575] ? rcu_is_watching+0x12/0xc0
[ 89.591535][ T6575] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 89.591551][ T6575] ? kvm_smp_send_call_func_ipi+0xfd/0x250
[ 89.591564][ T6575] ? on_each_cpu_cond_mask+0x40/0x90
[ 89.591577][ T6575] ? has_bh_in_lru+0x9d/0x100
[ 89.591588][ T6575] ? on_each_cpu_cond_mask+0x40/0x90
[ 89.591600][ T6575] ? smp_call_function_many_cond+0x457/0x1600
[ 89.591619][ T6575] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.591630][ T6575] ? __pfx_has_bh_in_lru+0x10/0x10
[ 89.591641][ T6575] blkdev_flush_mapping+0xfb/0x290
[ 89.591653][ T6575] ? filemap_check_errors+0xa9/0x160
[ 89.591667][ T6575] blkdev_put_whole+0xc4/0xf0
[ 89.591678][ T6575] bdev_release+0x47e/0x6d0
[ 89.591691][ T6575] ? __pfx_blkdev_release+0x10/0x10
[ 89.591704][ T6575] blkdev_release+0x15/0x20
[ 89.591717][ T6575] __fput+0x3ff/0xb70
[ 89.591731][ T6575] task_work_run+0x14d/0x240
[ 89.591742][ T6575] ? __pfx_task_work_run+0x10/0x10
[ 89.591753][ T6575] ? do_raw_spin_unlock+0x172/0x230
[ 89.591764][ T6575] do_exit+0x86f/0x2bf0
[ 89.591780][ T6575] ? __pfx_do_exit+0x10/0x10
[ 89.591795][ T6575] ? do_raw_spin_lock+0x12c/0x2b0
[ 89.591805][ T6575] ? get_signal+0x8f5/0x26d0
[ 89.591817][ T6575] ? rcu_is_watching+0x12/0xc0
[ 89.591830][ T6575] do_group_exit+0xd3/0x2a0
[ 89.591846][ T6575] get_signal+0x2673/0x26d0
[ 89.591861][ T6575] ? __pfx_get_signal+0x10/0x10
[ 89.591873][ T6575] ? do_futex+0x122/0x350
[ 89.591889][ T6575] ? __pfx_do_futex+0x10/0x10
[ 89.591904][ T6575] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.591918][ T6575] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 89.591935][ T6575] exit_to_user_mode_loop+0x84/0x110
[ 89.591945][ T6575] do_syscall_64+0x3f6/0x4c0
[ 89.591960][ T6575] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.591970][ T6575] RIP: 0033:0x7fabb898e969
[ 89.591979][ T6575] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 89.591983][ T6575] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 89.591993][ T6575] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 89.592000][ T6575] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 89.592006][ T6575] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 89.592013][ T6575] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 89.592019][ T6575] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 89.592028][ T6575]
[ 89.592042][ T6575] BUG: Bad page state in process syz.0.34 pfn:54200
[ 89.704203][ T6575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54200
[ 89.706853][ T6575] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 89.709369][ T6575] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 89.712403][ T6575] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 89.716010][ T6575] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.718638][ T6575] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 89.721257][ T6575] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.724120][ T6575] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.726752][ T6575] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 89.729392][ T6575] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 89.731642][ T6575] page_owner tracks the page as allocated
[ 89.733453][ T6575] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6574, tgid 6574 (syz.0.34), ts 89487233723, free_ts 89355448938
[ 89.739336][ T6575] post_alloc_hook+0x1c0/0x230
[ 89.740799][ T6575] get_page_from_freelist+0x132b/0x38e0
[ 89.742547][ T6575] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 89.744433][ T6575] alloc_pages_mpol+0x1fb/0x550
[ 89.745973][ T6575] folio_alloc_noprof+0x20/0x2d0
[ 89.747509][ T6575] filemap_alloc_folio_noprof+0x3a1/0x470
[ 89.749273][ T6575] page_cache_ra_order+0x4e1/0xd70
[ 89.750892][ T6575] filemap_fault+0x1b4b/0x2930
[ 89.752388][ T6575] __do_fault+0x10a/0x490
[ 89.753773][ T6575] do_pte_missing+0x1a6/0x3ba0
[ 89.755508][ T6575] __handle_mm_fault+0x152a/0x2a50
[ 89.757085][ T6575] handle_mm_fault+0x589/0xd10
[ 89.758578][ T6575] do_user_addr_fault+0x60c/0x1370
[ 89.760155][ T6575] exc_page_fault+0x5c/0xb0
[ 89.761591][ T6575] asm_exc_page_fault+0x26/0x30
[ 89.763135][ T6575] page last free pid 6570 tgid 6569 stack trace:
[ 89.765074][ T6575] free_unref_folios+0xa61/0x16b0
[ 89.766634][ T6575] folios_put_refs+0x56f/0x740
[ 89.768099][ T6575] truncate_inode_pages_range+0x311/0xe50
[ 89.769832][ T6575] blkdev_flush_mapping+0xfb/0x290
[ 89.771404][ T6575] blkdev_put_whole+0xc4/0xf0
[ 89.772935][ T6575] bdev_release+0x47e/0x6d0
[ 89.774356][ T6575] blkdev_release+0x15/0x20
[ 89.775771][ T6575] __fput+0x3ff/0xb70
[ 89.777012][ T6575] task_work_run+0x14d/0x240
[ 89.778461][ T6575] do_exit+0x86f/0x2bf0
[ 89.779762][ T6575] do_group_exit+0xd3/0x2a0
[ 89.781180][ T6575] get_signal+0x2673/0x26d0
[ 89.782606][ T6575] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.784398][ T6575] exit_to_user_mode_loop+0x84/0x110
[ 89.786048][ T6575] do_syscall_64+0x3f6/0x4c0
[ 89.787508][ T6575] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.789365][ T6575] Modules linked in:
[ 89.790595][ T6575] CPU: 0 UID: 0 PID: 6575 Comm: syz.0.34 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 89.790611][ T6575] Tainted: [B]=BAD_PAGE
[ 89.790626][ T6575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.790633][ T6575] Call Trace:
[ 89.790637][ T6575]
[ 89.790641][ T6575] dump_stack_lvl+0x16c/0x1f0
[ 89.790656][ T6575] bad_page+0xcf/0x220
[ 89.790668][ T6575] ? __pfx_bad_page+0x10/0x10
[ 89.790679][ T6575] ? page_bad_reason+0x9d/0x1f0
[ 89.790691][ T6575] __free_frozen_pages+0x7f7/0x10f0
[ 89.790707][ T6575] __folio_put+0x329/0x450
[ 89.790717][ T6575] ? __pfx___folio_put+0x10/0x10
[ 89.790728][ T6575] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 89.790740][ T6575] ? rcu_is_watching+0x12/0xc0
[ 89.790752][ T6575] ? lock_release+0x201/0x2f0
[ 89.790769][ T6575] filemap_free_folio+0x132/0x170
[ 89.790779][ T6575] delete_from_page_cache_batch+0x741/0x9b0
[ 89.790791][ T6575] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 89.790803][ T6575] ? __pfx_workingset_update_node+0x10/0x10
[ 89.790814][ T6575] ? xas_move_index+0xb0/0x110
[ 89.790829][ T6575] truncate_inode_pages_range+0x279/0xe50
[ 89.790844][ T6575] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 89.790857][ T6575] ? rcu_is_watching+0x12/0xc0
[ 89.790869][ T6575] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 89.790885][ T6575] ? kvm_smp_send_call_func_ipi+0xfd/0x250
[ 89.790899][ T6575] ? on_each_cpu_cond_mask+0x40/0x90
[ 89.790912][ T6575] ? has_bh_in_lru+0x9d/0x100
[ 89.790923][ T6575] ? on_each_cpu_cond_mask+0x40/0x90
[ 89.790936][ T6575] ? smp_call_function_many_cond+0x457/0x1600
[ 89.790954][ T6575] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.790966][ T6575] ? __pfx_has_bh_in_lru+0x10/0x10
[ 89.790977][ T6575] blkdev_flush_mapping+0xfb/0x290
[ 89.790989][ T6575] ? filemap_check_errors+0xa9/0x160
[ 89.791003][ T6575] blkdev_put_whole+0xc4/0xf0
[ 89.791014][ T6575] bdev_release+0x47e/0x6d0
[ 89.791028][ T6575] ? __pfx_blkdev_release+0x10/0x10
[ 89.791040][ T6575] blkdev_release+0x15/0x20
[ 89.791053][ T6575] __fput+0x3ff/0xb70
[ 89.791067][ T6575] task_work_run+0x14d/0x240
[ 89.791082][ T6575] ? __pfx_task_work_run+0x10/0x10
[ 89.791093][ T6575] ? do_raw_spin_unlock+0x172/0x230
[ 89.791105][ T6575] do_exit+0x86f/0x2bf0
[ 89.791121][ T6575] ? __pfx_do_exit+0x10/0x10
[ 89.791136][ T6575] ? do_raw_spin_lock+0x12c/0x2b0
[ 89.791146][ T6575] ? get_signal+0x8f5/0x26d0
[ 89.791159][ T6575] ? rcu_is_watching+0x12/0xc0
[ 89.791171][ T6575] do_group_exit+0xd3/0x2a0
[ 89.791187][ T6575] get_signal+0x2673/0x26d0
[ 89.791201][ T6575] ? __pfx_get_signal+0x10/0x10
[ 89.791214][ T6575] ? do_futex+0x122/0x350
[ 89.791230][ T6575] ? __pfx_do_futex+0x10/0x10
[ 89.791245][ T6575] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.791259][ T6575] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 89.791276][ T6575] exit_to_user_mode_loop+0x84/0x110
[ 89.791287][ T6575] do_syscall_64+0x3f6/0x4c0
[ 89.791302][ T6575] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.791312][ T6575] RIP: 0033:0x7fabb898e969
[ 89.791320][ T6575] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 89.791325][ T6575] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 89.791335][ T6575] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 89.791342][ T6575] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 89.791348][ T6575] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 89.791355][ T6575] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 89.791361][ T6575] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 89.791370][ T6575]
[ 89.824543][ T6578] BUG: Bad page state in process syz.0.35 pfn:54801
[ 89.916716][ T6578] page does not match folio
[ 89.918158][ T6578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x54801
[ 89.921116][ T6578] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 89.924583][ T6578] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 89.927147][ T6578] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 89.929694][ T6578] page dumped because: nonzero pincount
[ 89.931332][ T6578] page_owner tracks the page as allocated
[ 89.933168][ T6578] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6577, tgid 6577 (syz.0.35), ts 89798831892, free_ts 89791405048
[ 89.940109][ T6578] post_alloc_hook+0x1c0/0x230
[ 89.941838][ T6578] get_page_from_freelist+0x132b/0x38e0
[ 89.943896][ T6578] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 89.946048][ T6578] alloc_pages_mpol+0x1fb/0x550
[ 89.947777][ T6578] folio_alloc_noprof+0x20/0x2d0
[ 89.949530][ T6578] filemap_alloc_folio_noprof+0x3a1/0x470
[ 89.951546][ T6578] page_cache_ra_order+0x4e1/0xd70
[ 89.956766][ T6578] filemap_fault+0x1b4b/0x2930
[ 89.958223][ T6578] __do_fault+0x10a/0x490
[ 89.959521][ T6578] do_pte_missing+0x1a6/0x3ba0
[ 89.960957][ T6578] __handle_mm_fault+0x152a/0x2a50
[ 89.962490][ T6578] handle_mm_fault+0x589/0xd10
[ 89.963993][ T6578] do_user_addr_fault+0x60c/0x1370
[ 89.965522][ T6578] exc_page_fault+0x5c/0xb0
[ 89.966867][ T6578] asm_exc_page_fault+0x26/0x30
[ 89.968310][ T6578] page last free pid 6575 tgid 6574 stack trace:
[ 89.970183][ T6578] free_unref_folios+0xa61/0x16b0
[ 89.971670][ T6578] folios_put_refs+0x56f/0x740
[ 89.973151][ T6578] truncate_inode_pages_range+0x311/0xe50
[ 89.974872][ T6578] blkdev_flush_mapping+0xfb/0x290
[ 89.976387][ T6578] blkdev_put_whole+0xc4/0xf0
[ 89.977798][ T6578] bdev_release+0x47e/0x6d0
[ 89.979164][ T6578] blkdev_release+0x15/0x20
[ 89.980534][ T6578] __fput+0x3ff/0xb70
[ 89.981753][ T6578] task_work_run+0x14d/0x240
[ 89.983212][ T6578] do_exit+0x86f/0x2bf0
[ 89.984462][ T6578] do_group_exit+0xd3/0x2a0
[ 89.985823][ T6578] get_signal+0x2673/0x26d0
[ 89.987173][ T6578] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.988815][ T6578] exit_to_user_mode_loop+0x84/0x110
[ 89.990409][ T6578] do_syscall_64+0x3f6/0x4c0
[ 89.991802][ T6578] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.993675][ T6578] Modules linked in:
[ 89.994874][ T6578] CPU: 3 UID: 0 PID: 6578 Comm: syz.0.35 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 89.994894][ T6578] Tainted: [B]=BAD_PAGE
[ 89.994898][ T6578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.994904][ T6578] Call Trace:
[ 89.994908][ T6578]
[ 89.994912][ T6578] dump_stack_lvl+0x16c/0x1f0
[ 89.994927][ T6578] bad_page+0xcf/0x220
[ 89.994939][ T6578] ? __pfx_bad_page+0x10/0x10
[ 89.994950][ T6578] free_tail_page_prepare+0x44f/0x5b0
[ 89.994965][ T6578] __free_frozen_pages+0xbae/0x10f0
[ 89.994981][ T6578] __folio_put+0x329/0x450
[ 89.994991][ T6578] ? __pfx___folio_put+0x10/0x10
[ 89.995002][ T6578] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 89.995013][ T6578] ? rcu_is_watching+0x12/0xc0
[ 89.995026][ T6578] ? lock_release+0x201/0x2f0
[ 89.995042][ T6578] filemap_free_folio+0x132/0x170
[ 89.995052][ T6578] delete_from_page_cache_batch+0x741/0x9b0
[ 89.995064][ T6578] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 89.995076][ T6578] ? __pfx_workingset_update_node+0x10/0x10
[ 89.995087][ T6578] ? xas_move_index+0xb0/0x110
[ 89.995102][ T6578] truncate_inode_pages_range+0x279/0xe50
[ 89.995116][ T6578] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 89.995134][ T6578] ? rcu_is_watching+0x12/0xc0
[ 89.995146][ T6578] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 89.995158][ T6578] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.995172][ T6578] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.995185][ T6578] ? smp_call_function_many_cond+0x457/0x1600
[ 89.995203][ T6578] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.995215][ T6578] ? __pfx_has_bh_in_lru+0x10/0x10
[ 89.995226][ T6578] blkdev_flush_mapping+0xfb/0x290
[ 89.995239][ T6578] ? filemap_check_errors+0xa9/0x160
[ 89.995253][ T6578] blkdev_put_whole+0xc4/0xf0
[ 89.995264][ T6578] bdev_release+0x47e/0x6d0
[ 89.995278][ T6578] ? __pfx_blkdev_release+0x10/0x10
[ 89.995291][ T6578] blkdev_release+0x15/0x20
[ 89.995303][ T6578] __fput+0x3ff/0xb70
[ 89.995318][ T6578] task_work_run+0x14d/0x240
[ 89.995329][ T6578] ? __pfx_task_work_run+0x10/0x10
[ 89.995340][ T6578] ? do_raw_spin_unlock+0x172/0x230
[ 89.995351][ T6578] do_exit+0x86f/0x2bf0
[ 89.995367][ T6578] ? __pfx_do_exit+0x10/0x10
[ 89.995382][ T6578] ? do_raw_spin_lock+0x12c/0x2b0
[ 89.995392][ T6578] ? get_signal+0x8f5/0x26d0
[ 89.995404][ T6578] ? rcu_is_watching+0x12/0xc0
[ 89.995417][ T6578] do_group_exit+0xd3/0x2a0
[ 89.995432][ T6578] get_signal+0x2673/0x26d0
[ 89.995447][ T6578] ? __pfx_get_signal+0x10/0x10
[ 89.995460][ T6578] ? do_futex+0x122/0x350
[ 89.995475][ T6578] ? __pfx_do_futex+0x10/0x10
[ 89.995491][ T6578] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.995505][ T6578] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 89.995521][ T6578] exit_to_user_mode_loop+0x84/0x110
[ 89.995532][ T6578] do_syscall_64+0x3f6/0x4c0
[ 89.995547][ T6578] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.995557][ T6578] RIP: 0033:0x7fabb898e969
[ 89.995565][ T6578] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 89.995569][ T6578] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 89.995579][ T6578] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 89.995586][ T6578] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 89.995592][ T6578] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 89.995598][ T6578] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 89.995605][ T6578] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 89.995614][ T6578]
[ 89.995628][ T6578] BUG: Bad page state in process syz.0.35 pfn:54800
[ 90.102467][ T6578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54800
[ 90.105451][ T6578] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 90.107994][ T6578] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 90.110994][ T6578] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 90.113671][ T6578] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.116259][ T6578] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 90.118878][ T6578] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.121537][ T6578] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.124317][ T6578] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 90.126946][ T6578] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 90.129175][ T6578] page_owner tracks the page as allocated
[ 90.130930][ T6578] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6577, tgid 6577 (syz.0.35), ts 89798831892, free_ts 89791405048
[ 90.137000][ T6578] post_alloc_hook+0x1c0/0x230
[ 90.138487][ T6578] get_page_from_freelist+0x132b/0x38e0
[ 90.140193][ T6578] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 90.141999][ T6578] alloc_pages_mpol+0x1fb/0x550
[ 90.143619][ T6578] folio_alloc_noprof+0x20/0x2d0
[ 90.145180][ T6578] filemap_alloc_folio_noprof+0x3a1/0x470
[ 90.146931][ T6578] page_cache_ra_order+0x4e1/0xd70
[ 90.148512][ T6578] filemap_fault+0x1b4b/0x2930
[ 90.149995][ T6578] __do_fault+0x10a/0x490
[ 90.151337][ T6578] do_pte_missing+0x1a6/0x3ba0
[ 90.152841][ T6578] __handle_mm_fault+0x152a/0x2a50
[ 90.154709][ T6578] handle_mm_fault+0x589/0xd10
[ 90.156219][ T6578] do_user_addr_fault+0x60c/0x1370
[ 90.157832][ T6578] exc_page_fault+0x5c/0xb0
[ 90.159232][ T6578] asm_exc_page_fault+0x26/0x30
[ 90.160734][ T6578] page last free pid 6575 tgid 6574 stack trace:
[ 90.162777][ T6578] free_unref_folios+0xa61/0x16b0
[ 90.164408][ T6578] folios_put_refs+0x56f/0x740
[ 90.165913][ T6578] truncate_inode_pages_range+0x311/0xe50
[ 90.167723][ T6578] blkdev_flush_mapping+0xfb/0x290
[ 90.169300][ T6578] blkdev_put_whole+0xc4/0xf0
[ 90.170760][ T6578] bdev_release+0x47e/0x6d0
[ 90.172167][ T6578] blkdev_release+0x15/0x20
[ 90.173741][ T6578] __fput+0x3ff/0xb70
[ 90.175003][ T6578] task_work_run+0x14d/0x240
[ 90.176438][ T6578] do_exit+0x86f/0x2bf0
[ 90.177740][ T6578] do_group_exit+0xd3/0x2a0
[ 90.179153][ T6578] get_signal+0x2673/0x26d0
[ 90.180546][ T6578] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.182253][ T6578] exit_to_user_mode_loop+0x84/0x110
[ 90.184233][ T6578] do_syscall_64+0x3f6/0x4c0
[ 90.185906][ T6578] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.187959][ T6578] Modules linked in:
[ 90.189340][ T6578] CPU: 2 UID: 0 PID: 6578 Comm: syz.0.35 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 90.189363][ T6578] Tainted: [B]=BAD_PAGE
[ 90.189368][ T6578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 90.189377][ T6578] Call Trace:
[ 90.189382][ T6578]
[ 90.189387][ T6578] dump_stack_lvl+0x16c/0x1f0
[ 90.189407][ T6578] bad_page+0xcf/0x220
[ 90.189422][ T6578] ? __pfx_bad_page+0x10/0x10
[ 90.189437][ T6578] ? page_bad_reason+0x9d/0x1f0
[ 90.189452][ T6578] __free_frozen_pages+0x7f7/0x10f0
[ 90.189473][ T6578] __folio_put+0x329/0x450
[ 90.189486][ T6578] ? __pfx___folio_put+0x10/0x10
[ 90.189500][ T6578] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 90.189514][ T6578] ? rcu_is_watching+0x12/0xc0
[ 90.189531][ T6578] ? lock_release+0x201/0x2f0
[ 90.189552][ T6578] filemap_free_folio+0x132/0x170
[ 90.189565][ T6578] delete_from_page_cache_batch+0x741/0x9b0
[ 90.189581][ T6578] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 90.189597][ T6578] ? __pfx_workingset_update_node+0x10/0x10
[ 90.189611][ T6578] ? xas_move_index+0xb0/0x110
[ 90.189631][ T6578] truncate_inode_pages_range+0x279/0xe50
[ 90.189668][ T6578] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 90.189691][ T6578] ? rcu_is_watching+0x12/0xc0
[ 90.189707][ T6578] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 90.189722][ T6578] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.189739][ T6578] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.189754][ T6578] ? smp_call_function_many_cond+0x457/0x1600
[ 90.189781][ T6578] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.189799][ T6578] ? __pfx_has_bh_in_lru+0x10/0x10
[ 90.189818][ T6578] blkdev_flush_mapping+0xfb/0x290
[ 90.189834][ T6578] ? filemap_check_errors+0xa9/0x160
[ 90.189849][ T6578] blkdev_put_whole+0xc4/0xf0
[ 90.189860][ T6578] bdev_release+0x47e/0x6d0
[ 90.189873][ T6578] ? __pfx_blkdev_release+0x10/0x10
[ 90.189887][ T6578] blkdev_release+0x15/0x20
[ 90.189899][ T6578] __fput+0x3ff/0xb70
[ 90.189913][ T6578] task_work_run+0x14d/0x240
[ 90.189925][ T6578] ? __pfx_task_work_run+0x10/0x10
[ 90.189936][ T6578] ? do_raw_spin_unlock+0x172/0x230
[ 90.189948][ T6578] do_exit+0x86f/0x2bf0
[ 90.189964][ T6578] ? __pfx_do_exit+0x10/0x10
[ 90.189979][ T6578] ? do_raw_spin_lock+0x12c/0x2b0
[ 90.189989][ T6578] ? get_signal+0x8f5/0x26d0
[ 90.190001][ T6578] ? rcu_is_watching+0x12/0xc0
[ 90.190014][ T6578] do_group_exit+0xd3/0x2a0
[ 90.190030][ T6578] get_signal+0x2673/0x26d0
[ 90.190045][ T6578] ? __pfx_get_signal+0x10/0x10
[ 90.190057][ T6578] ? do_futex+0x122/0x350
[ 90.190073][ T6578] ? __pfx_do_futex+0x10/0x10
[ 90.190089][ T6578] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.190103][ T6578] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 90.190120][ T6578] exit_to_user_mode_loop+0x84/0x110
[ 90.190131][ T6578] do_syscall_64+0x3f6/0x4c0
[ 90.190146][ T6578] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.190166][ T6578] RIP: 0033:0x7fabb898e969
[ 90.190174][ T6578] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 90.190179][ T6578] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 90.190192][ T6578] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 90.190199][ T6578] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 90.190206][ T6578] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 90.190212][ T6578] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 90.190218][ T6578] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 90.190227][ T6578]
[ 90.333580][ T6580] BUG: Bad page state in process syz.0.36 pfn:54a01
[ 90.335616][ T6580] page does not match folio
[ 90.337004][ T6580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x54a01
[ 90.340023][ T6580] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 90.342576][ T6580] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 90.346080][ T6580] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 90.349365][ T6580] page dumped because: nonzero pincount
[ 90.351561][ T6580] page_owner tracks the page as allocated
[ 90.353942][ T6580] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6579, tgid 6579 (syz.0.36), ts 90301846401, free_ts 90190253144
[ 90.361659][ T6580] post_alloc_hook+0x1c0/0x230
[ 90.363273][ T6580] get_page_from_freelist+0x132b/0x38e0
[ 90.365408][ T6580] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 90.367848][ T6580] alloc_pages_mpol+0x1fb/0x550
[ 90.369908][ T6580] folio_alloc_noprof+0x20/0x2d0
[ 90.371935][ T6580] filemap_alloc_folio_noprof+0x3a1/0x470
[ 90.374376][ T6580] page_cache_ra_order+0x4e1/0xd70
[ 90.376475][ T6580] filemap_fault+0x1b4b/0x2930
[ 90.378441][ T6580] __do_fault+0x10a/0x490
[ 90.380213][ T6580] do_pte_missing+0x1a6/0x3ba0
[ 90.382158][ T6580] __handle_mm_fault+0x152a/0x2a50
[ 90.384302][ T6580] handle_mm_fault+0x589/0xd10
[ 90.386254][ T6580] do_user_addr_fault+0x60c/0x1370
[ 90.388263][ T6580] exc_page_fault+0x5c/0xb0
[ 90.390102][ T6580] asm_exc_page_fault+0x26/0x30
[ 90.392057][ T6580] page last free pid 6578 tgid 6577 stack trace:
[ 90.394679][ T6580] free_unref_folios+0xa61/0x16b0
[ 90.396804][ T6580] folios_put_refs+0x56f/0x740
[ 90.398821][ T6580] truncate_inode_pages_range+0x311/0xe50
[ 90.401050][ T6580] blkdev_flush_mapping+0xfb/0x290
[ 90.403206][ T6580] blkdev_put_whole+0xc4/0xf0
[ 90.405159][ T6580] bdev_release+0x47e/0x6d0
[ 90.407064][ T6580] blkdev_release+0x15/0x20
[ 90.408690][ T6580] __fput+0x3ff/0xb70
[ 90.410836][ T6580] task_work_run+0x14d/0x240
[ 90.412755][ T6580] do_exit+0x86f/0x2bf0
[ 90.414551][ T6580] do_group_exit+0xd3/0x2a0
[ 90.416788][ T6580] get_signal+0x2673/0x26d0
[ 90.419029][ T6580] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.421875][ T6580] exit_to_user_mode_loop+0x84/0x110
[ 90.424099][ T6580] do_syscall_64+0x3f6/0x4c0
[ 90.426082][ T6580] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.428945][ T6580] Modules linked in:
[ 90.430769][ T6580] CPU: 1 UID: 0 PID: 6580 Comm: syz.0.36 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 90.430797][ T6580] Tainted: [B]=BAD_PAGE
[ 90.430803][ T6580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 90.430814][ T6580] Call Trace:
[ 90.430820][ T6580]
[ 90.430826][ T6580] dump_stack_lvl+0x16c/0x1f0
[ 90.430852][ T6580] bad_page+0xcf/0x220
[ 90.430875][ T6580] ? __pfx_bad_page+0x10/0x10
[ 90.430895][ T6580] free_tail_page_prepare+0x44f/0x5b0
[ 90.430917][ T6580] __free_frozen_pages+0xbae/0x10f0
[ 90.430943][ T6580] __folio_put+0x329/0x450
[ 90.430960][ T6580] ? __pfx___folio_put+0x10/0x10
[ 90.430977][ T6580] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 90.430995][ T6580] ? rcu_is_watching+0x12/0xc0
[ 90.431016][ T6580] ? lock_release+0x201/0x2f0
[ 90.431041][ T6580] filemap_free_folio+0x132/0x170
[ 90.431058][ T6580] delete_from_page_cache_batch+0x741/0x9b0
[ 90.431077][ T6580] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 90.431097][ T6580] ? __pfx_workingset_update_node+0x10/0x10
[ 90.431114][ T6580] ? xas_move_index+0xb0/0x110
[ 90.431139][ T6580] truncate_inode_pages_range+0x279/0xe50
[ 90.431163][ T6580] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 90.431191][ T6580] ? rcu_is_watching+0x12/0xc0
[ 90.431211][ T6580] ? has_bh_in_lru+0x9d/0x100
[ 90.431228][ T6580] ? smp_call_function_many_cond+0x457/0x1600
[ 90.431259][ T6580] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.431279][ T6580] ? __pfx_has_bh_in_lru+0x10/0x10
[ 90.431297][ T6580] blkdev_flush_mapping+0xfb/0x290
[ 90.431316][ T6580] ? filemap_check_errors+0xa9/0x160
[ 90.431340][ T6580] blkdev_put_whole+0xc4/0xf0
[ 90.431358][ T6580] bdev_release+0x47e/0x6d0
[ 90.431380][ T6580] ? __pfx_blkdev_release+0x10/0x10
[ 90.431401][ T6580] blkdev_release+0x15/0x20
[ 90.431421][ T6580] __fput+0x3ff/0xb70
[ 90.431444][ T6580] task_work_run+0x14d/0x240
[ 90.431462][ T6580] ? __pfx_task_work_run+0x10/0x10
[ 90.431480][ T6580] ? do_raw_spin_unlock+0x172/0x230
[ 90.431500][ T6580] do_exit+0x86f/0x2bf0
[ 90.431526][ T6580] ? __pfx_do_exit+0x10/0x10
[ 90.431549][ T6580] ? do_raw_spin_lock+0x12c/0x2b0
[ 90.431567][ T6580] ? get_signal+0x8f5/0x26d0
[ 90.431586][ T6580] ? rcu_is_watching+0x12/0xc0
[ 90.431607][ T6580] do_group_exit+0xd3/0x2a0
[ 90.431632][ T6580] get_signal+0x2673/0x26d0
[ 90.431656][ T6580] ? __pfx_get_signal+0x10/0x10
[ 90.431676][ T6580] ? do_futex+0x122/0x350
[ 90.431701][ T6580] ? __pfx_do_futex+0x10/0x10
[ 90.431726][ T6580] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.431748][ T6580] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 90.431775][ T6580] exit_to_user_mode_loop+0x84/0x110
[ 90.431793][ T6580] do_syscall_64+0x3f6/0x4c0
[ 90.431817][ T6580] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.431835][ T6580] RIP: 0033:0x7fabb898e969
[ 90.431848][ T6580] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 90.431855][ T6580] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 90.431877][ T6580] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 90.431888][ T6580] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 90.431900][ T6580] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 90.431909][ T6580] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 90.431920][ T6580] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 90.431936][ T6580]
[ 90.431967][ T6580] BUG: Bad page state in process syz.0.36 pfn:54a00
[ 90.538905][ T6580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54a00
[ 90.542455][ T6580] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 90.545880][ T6580] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 90.549789][ T6580] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 90.553371][ T6580] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.556820][ T6580] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 90.560283][ T6580] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.563799][ T6580] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 90.567251][ T6580] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 90.570658][ T6580] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 90.573661][ T6580] page_owner tracks the page as allocated
[ 90.576469][ T6580] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6579, tgid 6579 (syz.0.36), ts 90301846401, free_ts 90190253144
[ 90.584394][ T6580] post_alloc_hook+0x1c0/0x230
[ 90.586346][ T6580] get_page_from_freelist+0x132b/0x38e0
[ 90.588561][ T6580] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 90.590928][ T6580] alloc_pages_mpol+0x1fb/0x550
[ 90.592949][ T6580] folio_alloc_noprof+0x20/0x2d0
[ 90.594956][ T6580] filemap_alloc_folio_noprof+0x3a1/0x470
[ 90.597225][ T6580] page_cache_ra_order+0x4e1/0xd70
[ 90.599308][ T6580] filemap_fault+0x1b4b/0x2930
[ 90.601234][ T6580] __do_fault+0x10a/0x490
[ 90.603081][ T6580] do_pte_missing+0x1a6/0x3ba0
[ 90.605025][ T6580] __handle_mm_fault+0x152a/0x2a50
[ 90.607108][ T6580] handle_mm_fault+0x589/0xd10
[ 90.609034][ T6580] do_user_addr_fault+0x60c/0x1370
[ 90.611136][ T6580] exc_page_fault+0x5c/0xb0
[ 90.613049][ T6580] asm_exc_page_fault+0x26/0x30
[ 90.615021][ T6580] page last free pid 6578 tgid 6577 stack trace:
[ 90.617550][ T6580] free_unref_folios+0xa61/0x16b0
[ 90.619585][ T6580] folios_put_refs+0x56f/0x740
[ 90.621510][ T6580] truncate_inode_pages_range+0x311/0xe50
[ 90.624413][ T6580] blkdev_flush_mapping+0xfb/0x290
[ 90.626489][ T6580] blkdev_put_whole+0xc4/0xf0
[ 90.628402][ T6580] bdev_release+0x47e/0x6d0
[ 90.630258][ T6580] blkdev_release+0x15/0x20
[ 90.632098][ T6580] __fput+0x3ff/0xb70
[ 90.633844][ T6580] task_work_run+0x14d/0x240
[ 90.635790][ T6580] do_exit+0x86f/0x2bf0
[ 90.637491][ T6580] do_group_exit+0xd3/0x2a0
[ 90.639333][ T6580] get_signal+0x2673/0x26d0
[ 90.641185][ T6580] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.643539][ T6580] exit_to_user_mode_loop+0x84/0x110
[ 90.645219][ T6580] do_syscall_64+0x3f6/0x4c0
[ 90.646694][ T6580] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.648543][ T6580] Modules linked in:
[ 90.649764][ T6580] CPU: 1 UID: 0 PID: 6580 Comm: syz.0.36 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 90.649780][ T6580] Tainted: [B]=BAD_PAGE
[ 90.649784][ T6580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 90.649791][ T6580] Call Trace:
[ 90.649794][ T6580]
[ 90.649798][ T6580] dump_stack_lvl+0x16c/0x1f0
[ 90.649814][ T6580] bad_page+0xcf/0x220
[ 90.649826][ T6580] ? __pfx_bad_page+0x10/0x10
[ 90.649837][ T6580] ? page_bad_reason+0x9d/0x1f0
[ 90.649848][ T6580] __free_frozen_pages+0x7f7/0x10f0
[ 90.649865][ T6580] __folio_put+0x329/0x450
[ 90.649879][ T6580] ? __pfx___folio_put+0x10/0x10
[ 90.649889][ T6580] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 90.649901][ T6580] ? rcu_is_watching+0x12/0xc0
[ 90.649913][ T6580] ? lock_release+0x201/0x2f0
[ 90.649930][ T6580] filemap_free_folio+0x132/0x170
[ 90.649940][ T6580] delete_from_page_cache_batch+0x741/0x9b0
[ 90.649952][ T6580] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 90.649963][ T6580] ? __pfx_workingset_update_node+0x10/0x10
[ 90.649974][ T6580] ? xas_move_index+0xb0/0x110
[ 90.649989][ T6580] truncate_inode_pages_range+0x279/0xe50
[ 90.650004][ T6580] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 90.650021][ T6580] ? rcu_is_watching+0x12/0xc0
[ 90.650033][ T6580] ? has_bh_in_lru+0x9d/0x100
[ 90.650044][ T6580] ? smp_call_function_many_cond+0x457/0x1600
[ 90.650063][ T6580] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.650075][ T6580] ? __pfx_has_bh_in_lru+0x10/0x10
[ 90.650086][ T6580] blkdev_flush_mapping+0xfb/0x290
[ 90.650098][ T6580] ? filemap_check_errors+0xa9/0x160
[ 90.650113][ T6580] blkdev_put_whole+0xc4/0xf0
[ 90.650124][ T6580] bdev_release+0x47e/0x6d0
[ 90.650137][ T6580] ? __pfx_blkdev_release+0x10/0x10
[ 90.650150][ T6580] blkdev_release+0x15/0x20
[ 90.650162][ T6580] __fput+0x3ff/0xb70
[ 90.650176][ T6580] task_work_run+0x14d/0x240
[ 90.650187][ T6580] ? __pfx_task_work_run+0x10/0x10
[ 90.650198][ T6580] ? do_raw_spin_unlock+0x172/0x230
[ 90.650210][ T6580] do_exit+0x86f/0x2bf0
[ 90.650226][ T6580] ? __pfx_do_exit+0x10/0x10
[ 90.650241][ T6580] ? do_raw_spin_lock+0x12c/0x2b0
[ 90.650251][ T6580] ? get_signal+0x8f5/0x26d0
[ 90.650264][ T6580] ? rcu_is_watching+0x12/0xc0
[ 90.650277][ T6580] do_group_exit+0xd3/0x2a0
[ 90.650292][ T6580] get_signal+0x2673/0x26d0
[ 90.650307][ T6580] ? __pfx_get_signal+0x10/0x10
[ 90.650319][ T6580] ? do_futex+0x122/0x350
[ 90.650334][ T6580] ? __pfx_do_futex+0x10/0x10
[ 90.650350][ T6580] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.650364][ T6580] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 90.650381][ T6580] exit_to_user_mode_loop+0x84/0x110
[ 90.650392][ T6580] do_syscall_64+0x3f6/0x4c0
[ 90.650406][ T6580] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.650417][ T6580] RIP: 0033:0x7fabb898e969
[ 90.650425][ T6580] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 90.650430][ T6580] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 90.650440][ T6580] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 90.650447][ T6580] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 90.650453][ T6580] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 90.650459][ T6580] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 90.650466][ T6580] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 90.650475][ T6580]
[ 90.773037][ T6583] BUG: Bad page state in process syz.0.37 pfn:54c01
[ 90.775144][ T6583] page does not match folio
[ 90.776581][ T6583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x54c01
[ 90.779641][ T6583] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 90.781917][ T6583] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 90.784685][ T6583] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 90.787309][ T6583] page dumped because: nonzero pincount
[ 90.789008][ T6583] page_owner tracks the page as allocated
[ 90.790778][ T6583] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6582, tgid 6582 (syz.0.37), ts 90757400482, free_ts 90650500648
[ 90.796900][ T6583] post_alloc_hook+0x1c0/0x230
[ 90.798386][ T6583] get_page_from_freelist+0x132b/0x38e0
[ 90.800096][ T6583] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 90.801922][ T6583] alloc_pages_mpol+0x1fb/0x550
[ 90.803543][ T6583] folio_alloc_noprof+0x20/0x2d0
[ 90.805129][ T6583] filemap_alloc_folio_noprof+0x3a1/0x470
[ 90.806949][ T6583] page_cache_ra_order+0x4e1/0xd70
[ 90.808543][ T6583] filemap_fault+0x1b4b/0x2930
[ 90.810039][ T6583] __do_fault+0x10a/0x490
[ 90.811382][ T6583] do_pte_missing+0x1a6/0x3ba0
[ 90.812957][ T6583] __handle_mm_fault+0x152a/0x2a50
[ 90.814612][ T6583] handle_mm_fault+0x589/0xd10
[ 90.816575][ T6583] do_user_addr_fault+0x60c/0x1370
[ 90.818655][ T6583] exc_page_fault+0x5c/0xb0
[ 90.820498][ T6583] asm_exc_page_fault+0x26/0x30
[ 90.822464][ T6583] page last free pid 6580 tgid 6579 stack trace:
[ 90.825077][ T6583] free_unref_folios+0xa61/0x16b0
[ 90.827178][ T6583] folios_put_refs+0x56f/0x740
[ 90.828837][ T6583] truncate_inode_pages_range+0x311/0xe50
[ 90.830661][ T6583] blkdev_flush_mapping+0xfb/0x290
[ 90.832555][ T6583] blkdev_put_whole+0xc4/0xf0
[ 90.834723][ T6583] bdev_release+0x47e/0x6d0
[ 90.836566][ T6583] blkdev_release+0x15/0x20
[ 90.838432][ T6583] __fput+0x3ff/0xb70
[ 90.840062][ T6583] task_work_run+0x14d/0x240
[ 90.841928][ T6583] do_exit+0x86f/0x2bf0
[ 90.843739][ T6583] do_group_exit+0xd3/0x2a0
[ 90.845597][ T6583] get_signal+0x2673/0x26d0
[ 90.847444][ T6583] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.849690][ T6583] exit_to_user_mode_loop+0x84/0x110
[ 90.851817][ T6583] do_syscall_64+0x3f6/0x4c0
[ 90.853820][ T6583] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.856226][ T6583] Modules linked in:
[ 90.857849][ T6583] CPU: 0 UID: 0 PID: 6583 Comm: syz.0.37 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 90.857875][ T6583] Tainted: [B]=BAD_PAGE
[ 90.857880][ T6583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 90.857891][ T6583] Call Trace:
[ 90.857897][ T6583]
[ 90.857902][ T6583] dump_stack_lvl+0x16c/0x1f0
[ 90.857925][ T6583] bad_page+0xcf/0x220
[ 90.857942][ T6583] ? __pfx_bad_page+0x10/0x10
[ 90.857961][ T6583] free_tail_page_prepare+0x44f/0x5b0
[ 90.857983][ T6583] __free_frozen_pages+0xbae/0x10f0
[ 90.858008][ T6583] __folio_put+0x329/0x450
[ 90.858025][ T6583] ? __pfx___folio_put+0x10/0x10
[ 90.858040][ T6583] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 90.858058][ T6583] ? rcu_is_watching+0x12/0xc0
[ 90.858083][ T6583] ? lock_release+0x201/0x2f0
[ 90.858107][ T6583] filemap_free_folio+0x132/0x170
[ 90.858124][ T6583] delete_from_page_cache_batch+0x741/0x9b0
[ 90.858143][ T6583] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 90.858161][ T6583] ? __pfx_workingset_update_node+0x10/0x10
[ 90.858178][ T6583] ? xas_move_index+0xb0/0x110
[ 90.858201][ T6583] truncate_inode_pages_range+0x279/0xe50
[ 90.858224][ T6583] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 90.858244][ T6583] ? rcu_is_watching+0x12/0xc0
[ 90.858262][ T6583] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 90.858287][ T6583] ? rcu_is_watching+0x12/0xc0
[ 90.858306][ T6583] ? on_each_cpu_cond_mask+0x40/0x90
[ 90.858324][ T6583] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 90.858342][ T6583] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.858360][ T6583] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.858380][ T6583] ? on_each_cpu_cond_mask+0x40/0x90
[ 90.858398][ T6583] ? smp_call_function_many_cond+0x457/0x1600
[ 90.858426][ T6583] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 90.858446][ T6583] ? __pfx_has_bh_in_lru+0x10/0x10
[ 90.858461][ T6583] blkdev_flush_mapping+0xfb/0x290
[ 90.858480][ T6583] ? filemap_check_errors+0xa9/0x160
[ 90.858502][ T6583] blkdev_put_whole+0xc4/0xf0
[ 90.858519][ T6583] bdev_release+0x47e/0x6d0
[ 90.858540][ T6583] ? __pfx_blkdev_release+0x10/0x10
[ 90.858560][ T6583] blkdev_release+0x15/0x20
[ 90.858578][ T6583] __fput+0x3ff/0xb70
[ 90.858600][ T6583] task_work_run+0x14d/0x240
[ 90.858615][ T6583] ? __pfx_task_work_run+0x10/0x10
[ 90.858633][ T6583] ? do_raw_spin_unlock+0x172/0x230
[ 90.858652][ T6583] do_exit+0x86f/0x2bf0
[ 90.858676][ T6583] ? __pfx_do_exit+0x10/0x10
[ 90.858698][ T6583] ? do_raw_spin_lock+0x12c/0x2b0
[ 90.858715][ T6583] ? get_signal+0x8f5/0x26d0
[ 90.858733][ T6583] ? rcu_is_watching+0x12/0xc0
[ 90.858753][ T6583] do_group_exit+0xd3/0x2a0
[ 90.858778][ T6583] get_signal+0x2673/0x26d0
[ 90.858801][ T6583] ? __pfx_get_signal+0x10/0x10
[ 90.858819][ T6583] ? do_futex+0x122/0x350
[ 90.858844][ T6583] ? __pfx_do_futex+0x10/0x10
[ 90.858869][ T6583] arch_do_signal_or_restart+0x8f/0x7d0
[ 90.858889][ T6583] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 90.858916][ T6583] exit_to_user_mode_loop+0x84/0x110
[ 90.858933][ T6583] do_syscall_64+0x3f6/0x4c0
[ 90.858956][ T6583] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 90.858972][ T6583] RIP: 0033:0x7fabb898e969
[ 90.858984][ T6583] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 90.858992][ T6583] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 90.859007][ T6583] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 90.859019][ T6583] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 90.859029][ T6583] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 90.859038][ T6583] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 90.859049][ T6583] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 90.859064][ T6583]
[ 90.859094][ T6583] BUG: Bad page state in process syz.0.37 pfn:54c00
[ 91.006580][ T6583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54c00
[ 91.009317][ T6583] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 91.011935][ T6583] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 91.015204][ T6583] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 91.017861][ T6583] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.020643][ T6583] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 91.023560][ T6583] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.026423][ T6583] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.029280][ T6583] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 91.032222][ T6583] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 91.034667][ T6583] page_owner tracks the page as allocated
[ 91.036615][ T6583] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6582, tgid 6582 (syz.0.37), ts 90757400482, free_ts 90650500648
[ 91.043524][ T6583] post_alloc_hook+0x1c0/0x230
[ 91.045073][ T6583] get_page_from_freelist+0x132b/0x38e0
[ 91.046772][ T6583] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 91.048944][ T6583] alloc_pages_mpol+0x1fb/0x550
[ 91.050457][ T6583] folio_alloc_noprof+0x20/0x2d0
[ 91.051997][ T6583] filemap_alloc_folio_noprof+0x3a1/0x470
[ 91.053977][ T6583] page_cache_ra_order+0x4e1/0xd70
[ 91.055787][ T6583] filemap_fault+0x1b4b/0x2930
[ 91.057272][ T6583] __do_fault+0x10a/0x490
[ 91.058636][ T6583] do_pte_missing+0x1a6/0x3ba0
[ 91.060107][ T6583] __handle_mm_fault+0x152a/0x2a50
[ 91.061699][ T6583] handle_mm_fault+0x589/0xd10
[ 91.063417][ T6583] do_user_addr_fault+0x60c/0x1370
[ 91.065324][ T6583] exc_page_fault+0x5c/0xb0
[ 91.066750][ T6583] asm_exc_page_fault+0x26/0x30
[ 91.068249][ T6583] page last free pid 6580 tgid 6579 stack trace:
[ 91.070187][ T6583] free_unref_folios+0xa61/0x16b0
[ 91.071743][ T6583] folios_put_refs+0x56f/0x740
[ 91.073313][ T6583] truncate_inode_pages_range+0x311/0xe50
[ 91.075065][ T6583] blkdev_flush_mapping+0xfb/0x290
[ 91.076678][ T6583] blkdev_put_whole+0xc4/0xf0
[ 91.078148][ T6583] bdev_release+0x47e/0x6d0
[ 91.079554][ T6583] blkdev_release+0x15/0x20
[ 91.080966][ T6583] __fput+0x3ff/0xb70
[ 91.082242][ T6583] task_work_run+0x14d/0x240
[ 91.083752][ T6583] do_exit+0x86f/0x2bf0
[ 91.085064][ T6583] do_group_exit+0xd3/0x2a0
[ 91.086495][ T6583] get_signal+0x2673/0x26d0
[ 91.087954][ T6583] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.089674][ T6583] exit_to_user_mode_loop+0x84/0x110
[ 91.091310][ T6583] do_syscall_64+0x3f6/0x4c0
[ 91.092761][ T6583] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.094660][ T6583] Modules linked in:
[ 91.095881][ T6583] CPU: 2 UID: 0 PID: 6583 Comm: syz.0.37 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 91.095901][ T6583] Tainted: [B]=BAD_PAGE
[ 91.095905][ T6583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.095911][ T6583] Call Trace:
[ 91.095925][ T6583]
[ 91.095931][ T6583] dump_stack_lvl+0x16c/0x1f0
[ 91.095947][ T6583] bad_page+0xcf/0x220
[ 91.095958][ T6583] ? __pfx_bad_page+0x10/0x10
[ 91.095969][ T6583] ? page_bad_reason+0x9d/0x1f0
[ 91.095980][ T6583] __free_frozen_pages+0x7f7/0x10f0
[ 91.095997][ T6583] __folio_put+0x329/0x450
[ 91.096007][ T6583] ? __pfx___folio_put+0x10/0x10
[ 91.096017][ T6583] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 91.096029][ T6583] ? rcu_is_watching+0x12/0xc0
[ 91.096042][ T6583] ? lock_release+0x201/0x2f0
[ 91.096058][ T6583] filemap_free_folio+0x132/0x170
[ 91.096068][ T6583] delete_from_page_cache_batch+0x741/0x9b0
[ 91.096080][ T6583] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 91.096091][ T6583] ? __pfx_workingset_update_node+0x10/0x10
[ 91.096102][ T6583] ? xas_move_index+0xb0/0x110
[ 91.096117][ T6583] truncate_inode_pages_range+0x279/0xe50
[ 91.096132][ T6583] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 91.096145][ T6583] ? rcu_is_watching+0x12/0xc0
[ 91.096157][ T6583] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 91.096173][ T6583] ? rcu_is_watching+0x12/0xc0
[ 91.096185][ T6583] ? on_each_cpu_cond_mask+0x40/0x90
[ 91.096198][ T6583] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 91.096210][ T6583] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.096222][ T6583] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.096234][ T6583] ? on_each_cpu_cond_mask+0x40/0x90
[ 91.096247][ T6583] ? smp_call_function_many_cond+0x457/0x1600
[ 91.096264][ T6583] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.096276][ T6583] ? __pfx_has_bh_in_lru+0x10/0x10
[ 91.096287][ T6583] blkdev_flush_mapping+0xfb/0x290
[ 91.096299][ T6583] ? filemap_check_errors+0xa9/0x160
[ 91.096314][ T6583] blkdev_put_whole+0xc4/0xf0
[ 91.096325][ T6583] bdev_release+0x47e/0x6d0
[ 91.096338][ T6583] ? __pfx_blkdev_release+0x10/0x10
[ 91.096352][ T6583] blkdev_release+0x15/0x20
[ 91.096364][ T6583] __fput+0x3ff/0xb70
[ 91.096378][ T6583] task_work_run+0x14d/0x240
[ 91.096389][ T6583] ? __pfx_task_work_run+0x10/0x10
[ 91.096400][ T6583] ? do_raw_spin_unlock+0x172/0x230
[ 91.096412][ T6583] do_exit+0x86f/0x2bf0
[ 91.096428][ T6583] ? __pfx_do_exit+0x10/0x10
[ 91.096443][ T6583] ? do_raw_spin_lock+0x12c/0x2b0
[ 91.096453][ T6583] ? get_signal+0x8f5/0x26d0
[ 91.096465][ T6583] ? rcu_is_watching+0x12/0xc0
[ 91.096478][ T6583] do_group_exit+0xd3/0x2a0
[ 91.096493][ T6583] get_signal+0x2673/0x26d0
[ 91.096508][ T6583] ? __pfx_get_signal+0x10/0x10
[ 91.096520][ T6583] ? do_futex+0x122/0x350
[ 91.096536][ T6583] ? __pfx_do_futex+0x10/0x10
[ 91.096551][ T6583] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.096565][ T6583] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 91.096582][ T6583] exit_to_user_mode_loop+0x84/0x110
[ 91.096593][ T6583] do_syscall_64+0x3f6/0x4c0
[ 91.096608][ T6583] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.096618][ T6583] RIP: 0033:0x7fabb898e969
[ 91.096626][ T6583] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 91.096631][ T6583] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 91.096641][ T6583] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 91.096648][ T6583] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 91.096654][ T6583] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 91.096660][ T6583] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 91.096667][ T6583] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 91.096676][ T6583]
[ 91.256390][ T6588] BUG: Bad page state in process syz.0.39 pfn:55001
[ 91.258443][ T6588] page does not match folio
[ 91.259845][ T6588] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55001
[ 91.262994][ T6588] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 91.265258][ T6588] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 91.267879][ T6588] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 91.270480][ T6588] page dumped because: nonzero pincount
[ 91.272134][ T6588] page_owner tracks the page as allocated
[ 91.274427][ T6588] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6588, tgid 6588 (syz.0.39), ts 91239023485, free_ts 91233712123
[ 91.280932][ T6588] post_alloc_hook+0x1c0/0x230
[ 91.282551][ T6588] get_page_from_freelist+0x132b/0x38e0
[ 91.284880][ T6588] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 91.287258][ T6588] alloc_pages_mpol+0x1fb/0x550
[ 91.289227][ T6588] folio_alloc_noprof+0x20/0x2d0
[ 91.291218][ T6588] filemap_alloc_folio_noprof+0x3a1/0x470
[ 91.293557][ T6588] page_cache_ra_order+0x4e1/0xd70
[ 91.295668][ T6588] filemap_fault+0x1b4b/0x2930
[ 91.297595][ T6588] __do_fault+0x10a/0x490
[ 91.299339][ T6588] do_pte_missing+0x1a6/0x3ba0
[ 91.301041][ T6588] __handle_mm_fault+0x152a/0x2a50
[ 91.302613][ T6588] handle_mm_fault+0x589/0xd10
[ 91.304086][ T6588] do_user_addr_fault+0x60c/0x1370
[ 91.305663][ T6588] exc_page_fault+0x5c/0xb0
[ 91.307064][ T6588] asm_exc_page_fault+0x26/0x30
[ 91.308555][ T6588] page last free pid 6586 tgid 6584 stack trace:
[ 91.310471][ T6588] free_unref_folios+0xa61/0x16b0
[ 91.312028][ T6588] folios_put_refs+0x56f/0x740
[ 91.313592][ T6588] truncate_inode_pages_range+0x311/0xe50
[ 91.315353][ T6588] blkdev_flush_mapping+0xfb/0x290
[ 91.316933][ T6588] blkdev_put_whole+0xc4/0xf0
[ 91.318374][ T6588] bdev_release+0x47e/0x6d0
[ 91.319774][ T6588] blkdev_release+0x15/0x20
[ 91.321132][ T6588] __fput+0x3ff/0xb70
[ 91.322366][ T6588] task_work_run+0x14d/0x240
[ 91.323894][ T6588] do_exit+0x86f/0x2bf0
[ 91.325170][ T6588] do_group_exit+0xd3/0x2a0
[ 91.326596][ T6588] get_signal+0x2673/0x26d0
[ 91.327967][ T6588] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.329597][ T6588] exit_to_user_mode_loop+0x84/0x110
[ 91.331130][ T6588] do_syscall_64+0x3f6/0x4c0
[ 91.332584][ T6588] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.334738][ T6588] Modules linked in:
[ 91.335966][ T6588] CPU: 3 UID: 0 PID: 6588 Comm: syz.0.39 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 91.335983][ T6588] Tainted: [B]=BAD_PAGE
[ 91.335987][ T6588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.335993][ T6588] Call Trace:
[ 91.335997][ T6588]
[ 91.336001][ T6588] dump_stack_lvl+0x16c/0x1f0
[ 91.336017][ T6588] bad_page+0xcf/0x220
[ 91.336029][ T6588] ? __pfx_bad_page+0x10/0x10
[ 91.336041][ T6588] free_tail_page_prepare+0x44f/0x5b0
[ 91.336055][ T6588] __free_frozen_pages+0xbae/0x10f0
[ 91.336071][ T6588] __folio_put+0x329/0x450
[ 91.336081][ T6588] ? __pfx___folio_put+0x10/0x10
[ 91.336092][ T6588] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 91.336103][ T6588] ? rcu_is_watching+0x12/0xc0
[ 91.336116][ T6588] ? lock_release+0x201/0x2f0
[ 91.336132][ T6588] filemap_free_folio+0x132/0x170
[ 91.336143][ T6588] delete_from_page_cache_batch+0x741/0x9b0
[ 91.336155][ T6588] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 91.336170][ T6588] ? __pfx_workingset_update_node+0x10/0x10
[ 91.336181][ T6588] ? xas_move_index+0xb0/0x110
[ 91.336197][ T6588] truncate_inode_pages_range+0x279/0xe50
[ 91.336211][ T6588] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 91.336229][ T6588] ? rcu_is_watching+0x12/0xc0
[ 91.336241][ T6588] ? has_bh_in_lru+0x9d/0x100
[ 91.336251][ T6588] ? smp_call_function_many_cond+0x457/0x1600
[ 91.336270][ T6588] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.336282][ T6588] ? __pfx_has_bh_in_lru+0x10/0x10
[ 91.336293][ T6588] blkdev_flush_mapping+0xfb/0x290
[ 91.336306][ T6588] blkdev_put_whole+0xc4/0xf0
[ 91.336317][ T6588] bdev_release+0x47e/0x6d0
[ 91.336330][ T6588] ? __pfx_blkdev_release+0x10/0x10
[ 91.336343][ T6588] blkdev_release+0x15/0x20
[ 91.336356][ T6588] __fput+0x3ff/0xb70
[ 91.336369][ T6588] task_work_run+0x14d/0x240
[ 91.336380][ T6588] ? __pfx_task_work_run+0x10/0x10
[ 91.336391][ T6588] ? do_raw_spin_unlock+0x172/0x230
[ 91.336403][ T6588] do_exit+0x86f/0x2bf0
[ 91.336419][ T6588] ? __pfx_do_exit+0x10/0x10
[ 91.336434][ T6588] ? preempt_schedule_thunk+0x16/0x30
[ 91.336450][ T6588] do_group_exit+0xd3/0x2a0
[ 91.336465][ T6588] __x64_sys_exit_group+0x3e/0x50
[ 91.336481][ T6588] x64_sys_call+0x14fa/0x1720
[ 91.336493][ T6588] do_syscall_64+0xcd/0x4c0
[ 91.336508][ T6588] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.336519][ T6588] RIP: 0033:0x7fabb898e969
[ 91.336526][ T6588] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 91.336531][ T6588] RSP: 002b:00007fff6fc31168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 91.336541][ T6588] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fabb898e969
[ 91.336548][ T6588] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 91.336554][ T6588] RBP: 00007fff6fc311cc R08: 000000066fc3125f R09: 00000000000927c0
[ 91.336561][ T6588] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000017
[ 91.336567][ T6588] R13: 00000000000927c0 R14: 00000000000163e1 R15: 00007fff6fc31220
[ 91.336576][ T6588]
[ 91.336591][ T6588] BUG: Bad page state in process syz.0.39 pfn:55000
[ 91.428443][ T6588] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55000
[ 91.431106][ T6588] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 91.433955][ T6588] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 91.436840][ T6588] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 91.439414][ T6588] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.442014][ T6588] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 91.445181][ T6588] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.447819][ T6588] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.450465][ T6588] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 91.453214][ T6588] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 91.456167][ T6588] page_owner tracks the page as allocated
[ 91.457923][ T6588] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6588, tgid 6588 (syz.0.39), ts 91239023485, free_ts 91233712123
[ 91.463882][ T6588] post_alloc_hook+0x1c0/0x230
[ 91.465361][ T6588] get_page_from_freelist+0x132b/0x38e0
[ 91.467074][ T6588] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 91.468883][ T6588] alloc_pages_mpol+0x1fb/0x550
[ 91.470410][ T6588] folio_alloc_noprof+0x20/0x2d0
[ 91.471925][ T6588] filemap_alloc_folio_noprof+0x3a1/0x470
[ 91.473800][ T6588] page_cache_ra_order+0x4e1/0xd70
[ 91.475378][ T6588] filemap_fault+0x1b4b/0x2930
[ 91.476830][ T6588] __do_fault+0x10a/0x490
[ 91.478141][ T6588] do_pte_missing+0x1a6/0x3ba0
[ 91.479607][ T6588] __handle_mm_fault+0x152a/0x2a50
[ 91.481163][ T6588] handle_mm_fault+0x589/0xd10
[ 91.482681][ T6588] do_user_addr_fault+0x60c/0x1370
[ 91.484322][ T6588] exc_page_fault+0x5c/0xb0
[ 91.485805][ T6588] asm_exc_page_fault+0x26/0x30
[ 91.487332][ T6588] page last free pid 6586 tgid 6584 stack trace:
[ 91.489259][ T6588] free_unref_folios+0xa61/0x16b0
[ 91.490827][ T6588] folios_put_refs+0x56f/0x740
[ 91.492330][ T6588] truncate_inode_pages_range+0x311/0xe50
[ 91.494203][ T6588] blkdev_flush_mapping+0xfb/0x290
[ 91.495780][ T6588] blkdev_put_whole+0xc4/0xf0
[ 91.497223][ T6588] bdev_release+0x47e/0x6d0
[ 91.498632][ T6588] blkdev_release+0x15/0x20
[ 91.500042][ T6588] __fput+0x3ff/0xb70
[ 91.501293][ T6588] task_work_run+0x14d/0x240
[ 91.502793][ T6588] do_exit+0x86f/0x2bf0
[ 91.504191][ T6588] do_group_exit+0xd3/0x2a0
[ 91.505595][ T6588] get_signal+0x2673/0x26d0
[ 91.506998][ T6588] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.508677][ T6588] exit_to_user_mode_loop+0x84/0x110
[ 91.510320][ T6588] do_syscall_64+0x3f6/0x4c0
[ 91.511755][ T6588] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.513679][ T6588] Modules linked in:
[ 91.514907][ T6588] CPU: 3 UID: 0 PID: 6588 Comm: syz.0.39 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 91.514924][ T6588] Tainted: [B]=BAD_PAGE
[ 91.514927][ T6588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.514934][ T6588] Call Trace:
[ 91.514938][ T6588]
[ 91.514942][ T6588] dump_stack_lvl+0x16c/0x1f0
[ 91.514959][ T6588] bad_page+0xcf/0x220
[ 91.514970][ T6588] ? __pfx_bad_page+0x10/0x10
[ 91.514981][ T6588] ? page_bad_reason+0x9d/0x1f0
[ 91.514993][ T6588] __free_frozen_pages+0x7f7/0x10f0
[ 91.515009][ T6588] __folio_put+0x329/0x450
[ 91.515020][ T6588] ? __pfx___folio_put+0x10/0x10
[ 91.515030][ T6588] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 91.515042][ T6588] ? rcu_is_watching+0x12/0xc0
[ 91.515055][ T6588] ? lock_release+0x201/0x2f0
[ 91.515071][ T6588] filemap_free_folio+0x132/0x170
[ 91.515081][ T6588] delete_from_page_cache_batch+0x741/0x9b0
[ 91.515093][ T6588] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 91.515105][ T6588] ? __pfx_workingset_update_node+0x10/0x10
[ 91.515115][ T6588] ? xas_move_index+0xb0/0x110
[ 91.515131][ T6588] truncate_inode_pages_range+0x279/0xe50
[ 91.515146][ T6588] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 91.515168][ T6588] ? rcu_is_watching+0x12/0xc0
[ 91.515180][ T6588] ? has_bh_in_lru+0x9d/0x100
[ 91.515192][ T6588] ? smp_call_function_many_cond+0x457/0x1600
[ 91.515210][ T6588] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.515222][ T6588] ? __pfx_has_bh_in_lru+0x10/0x10
[ 91.515233][ T6588] blkdev_flush_mapping+0xfb/0x290
[ 91.515246][ T6588] blkdev_put_whole+0xc4/0xf0
[ 91.515257][ T6588] bdev_release+0x47e/0x6d0
[ 91.515270][ T6588] ? __pfx_blkdev_release+0x10/0x10
[ 91.515284][ T6588] blkdev_release+0x15/0x20
[ 91.515296][ T6588] __fput+0x3ff/0xb70
[ 91.515310][ T6588] task_work_run+0x14d/0x240
[ 91.515322][ T6588] ? __pfx_task_work_run+0x10/0x10
[ 91.515333][ T6588] ? do_raw_spin_unlock+0x172/0x230
[ 91.515344][ T6588] do_exit+0x86f/0x2bf0
[ 91.515360][ T6588] ? __pfx_do_exit+0x10/0x10
[ 91.515375][ T6588] ? preempt_schedule_thunk+0x16/0x30
[ 91.515393][ T6588] do_group_exit+0xd3/0x2a0
[ 91.515408][ T6588] __x64_sys_exit_group+0x3e/0x50
[ 91.515424][ T6588] x64_sys_call+0x14fa/0x1720
[ 91.515436][ T6588] do_syscall_64+0xcd/0x4c0
[ 91.515451][ T6588] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.515462][ T6588] RIP: 0033:0x7fabb898e969
[ 91.515470][ T6588] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 91.515475][ T6588] RSP: 002b:00007fff6fc31168 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 91.515485][ T6588] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fabb898e969
[ 91.515492][ T6588] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 91.515498][ T6588] RBP: 00007fff6fc311cc R08: 000000066fc3125f R09: 00000000000927c0
[ 91.515505][ T6588] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000017
[ 91.515511][ T6588] R13: 00000000000927c0 R14: 00000000000163e1 R15: 00007fff6fc31220
[ 91.515520][ T6588]
[ 91.651902][ T6594] BUG: Bad page state in process syz.0.41 pfn:55201
[ 91.654241][ T6594] page does not match folio
[ 91.655795][ T6594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55201
[ 91.658931][ T6594] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 91.661257][ T6594] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 91.664105][ T6594] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 91.667037][ T6594] page dumped because: nonzero pincount
[ 91.668902][ T6594] page_owner tracks the page as allocated
[ 91.670808][ T6594] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6593, tgid 6593 (syz.0.41), ts 91636662195, free_ts 91630790220
[ 91.677961][ T6594] post_alloc_hook+0x1c0/0x230
[ 91.679505][ T6594] get_page_from_freelist+0x132b/0x38e0
[ 91.681322][ T6594] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 91.683495][ T6594] alloc_pages_mpol+0x1fb/0x550
[ 91.685075][ T6594] folio_alloc_noprof+0x20/0x2d0
[ 91.686853][ T6594] filemap_alloc_folio_noprof+0x3a1/0x470
[ 91.688688][ T6594] page_cache_ra_order+0x4e1/0xd70
[ 91.690456][ T6594] filemap_fault+0x1b4b/0x2930
[ 91.692053][ T6594] __do_fault+0x10a/0x490
[ 91.693601][ T6594] do_pte_missing+0x1a6/0x3ba0
[ 91.695173][ T6594] __handle_mm_fault+0x152a/0x2a50
[ 91.696768][ T6594] handle_mm_fault+0x589/0xd10
[ 91.698274][ T6594] do_user_addr_fault+0x60c/0x1370
[ 91.699867][ T6594] exc_page_fault+0x5c/0xb0
[ 91.701697][ T6594] asm_exc_page_fault+0x26/0x30
[ 91.703368][ T6594] page last free pid 6591 tgid 6590 stack trace:
[ 91.705549][ T6594] free_unref_folios+0xa61/0x16b0
[ 91.707307][ T6594] folios_put_refs+0x56f/0x740
[ 91.709019][ T6594] truncate_inode_pages_range+0x311/0xe50
[ 91.710969][ T6594] blkdev_flush_mapping+0xfb/0x290
[ 91.712734][ T6594] blkdev_put_whole+0xc4/0xf0
[ 91.714408][ T6594] bdev_release+0x47e/0x6d0
[ 91.715908][ T6594] blkdev_release+0x15/0x20
[ 91.717433][ T6594] __fput+0x3ff/0xb70
[ 91.718764][ T6594] task_work_run+0x14d/0x240
[ 91.720241][ T6594] do_exit+0x86f/0x2bf0
[ 91.721680][ T6594] do_group_exit+0xd3/0x2a0
[ 91.723293][ T6594] get_signal+0x2673/0x26d0
[ 91.724933][ T6594] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.726843][ T6594] exit_to_user_mode_loop+0x84/0x110
[ 91.728730][ T6594] do_syscall_64+0x3f6/0x4c0
[ 91.730371][ T6594] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.732310][ T6594] Modules linked in:
[ 91.736217][ T6594] CPU: 0 UID: 0 PID: 6594 Comm: syz.0.41 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 91.736235][ T6594] Tainted: [B]=BAD_PAGE
[ 91.736238][ T6594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.736245][ T6594] Call Trace:
[ 91.736248][ T6594]
[ 91.736252][ T6594] dump_stack_lvl+0x16c/0x1f0
[ 91.736268][ T6594] bad_page+0xcf/0x220
[ 91.736279][ T6594] ? __pfx_bad_page+0x10/0x10
[ 91.736291][ T6594] free_tail_page_prepare+0x44f/0x5b0
[ 91.736305][ T6594] __free_frozen_pages+0xbae/0x10f0
[ 91.736321][ T6594] __folio_put+0x329/0x450
[ 91.736331][ T6594] ? __pfx___folio_put+0x10/0x10
[ 91.736342][ T6594] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 91.736353][ T6594] ? rcu_is_watching+0x12/0xc0
[ 91.736366][ T6594] ? lock_release+0x201/0x2f0
[ 91.736382][ T6594] filemap_free_folio+0x132/0x170
[ 91.736392][ T6594] delete_from_page_cache_batch+0x741/0x9b0
[ 91.736404][ T6594] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 91.736416][ T6594] ? __pfx_workingset_update_node+0x10/0x10
[ 91.736427][ T6594] ? xas_move_index+0xb0/0x110
[ 91.736443][ T6594] truncate_inode_pages_range+0x279/0xe50
[ 91.736457][ T6594] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 91.736475][ T6594] ? rcu_is_watching+0x12/0xc0
[ 91.736487][ T6594] ? has_bh_in_lru+0x9d/0x100
[ 91.736498][ T6594] ? smp_call_function_many_cond+0x457/0x1600
[ 91.736516][ T6594] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.736528][ T6594] ? __pfx_has_bh_in_lru+0x10/0x10
[ 91.736539][ T6594] blkdev_flush_mapping+0xfb/0x290
[ 91.736550][ T6594] ? filemap_check_errors+0xa9/0x160
[ 91.736565][ T6594] blkdev_put_whole+0xc4/0xf0
[ 91.736576][ T6594] bdev_release+0x47e/0x6d0
[ 91.736589][ T6594] ? __pfx_blkdev_release+0x10/0x10
[ 91.736602][ T6594] blkdev_release+0x15/0x20
[ 91.736615][ T6594] __fput+0x3ff/0xb70
[ 91.736629][ T6594] task_work_run+0x14d/0x240
[ 91.736640][ T6594] ? __pfx_task_work_run+0x10/0x10
[ 91.736651][ T6594] ? do_raw_spin_unlock+0x172/0x230
[ 91.736663][ T6594] do_exit+0x86f/0x2bf0
[ 91.736679][ T6594] ? __pfx_do_exit+0x10/0x10
[ 91.736694][ T6594] ? do_raw_spin_lock+0x12c/0x2b0
[ 91.736704][ T6594] ? get_signal+0x8f5/0x26d0
[ 91.736717][ T6594] ? rcu_is_watching+0x12/0xc0
[ 91.736729][ T6594] do_group_exit+0xd3/0x2a0
[ 91.736745][ T6594] get_signal+0x2673/0x26d0
[ 91.736759][ T6594] ? __pfx_get_signal+0x10/0x10
[ 91.736772][ T6594] ? do_futex+0x122/0x350
[ 91.736787][ T6594] ? __pfx_do_futex+0x10/0x10
[ 91.736803][ T6594] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.736817][ T6594] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 91.736833][ T6594] exit_to_user_mode_loop+0x84/0x110
[ 91.736844][ T6594] do_syscall_64+0x3f6/0x4c0
[ 91.736863][ T6594] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.736873][ T6594] RIP: 0033:0x7fabb898e969
[ 91.736881][ T6594] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 91.736886][ T6594] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 91.736896][ T6594] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 91.736903][ T6594] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 91.736909][ T6594] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 91.736915][ T6594] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 91.736922][ T6594] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 91.736931][ T6594]
[ 91.736945][ T6594] BUG: Bad page state in process syz.0.41 pfn:55200
[ 91.851119][ T6594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55200
[ 91.853945][ T6594] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 91.856475][ T6594] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 91.859443][ T6594] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 91.862457][ T6594] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.865252][ T6594] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 91.868429][ T6594] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.871402][ T6594] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 91.874329][ T6594] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 91.877168][ T6594] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 91.879519][ T6594] page_owner tracks the page as allocated
[ 91.881339][ T6594] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6593, tgid 6593 (syz.0.41), ts 91636662195, free_ts 91630790220
[ 91.887586][ T6594] post_alloc_hook+0x1c0/0x230
[ 91.889080][ T6594] get_page_from_freelist+0x132b/0x38e0
[ 91.891138][ T6594] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 91.893444][ T6594] alloc_pages_mpol+0x1fb/0x550
[ 91.895280][ T6594] folio_alloc_noprof+0x20/0x2d0
[ 91.897140][ T6594] filemap_alloc_folio_noprof+0x3a1/0x470
[ 91.899015][ T6594] page_cache_ra_order+0x4e1/0xd70
[ 91.900976][ T6594] filemap_fault+0x1b4b/0x2930
[ 91.902712][ T6594] __do_fault+0x10a/0x490
[ 91.904241][ T6594] do_pte_missing+0x1a6/0x3ba0
[ 91.906340][ T6594] __handle_mm_fault+0x152a/0x2a50
[ 91.908252][ T6594] handle_mm_fault+0x589/0xd10
[ 91.909805][ T6594] do_user_addr_fault+0x60c/0x1370
[ 91.911569][ T6594] exc_page_fault+0x5c/0xb0
[ 91.913251][ T6594] asm_exc_page_fault+0x26/0x30
[ 91.915018][ T6594] page last free pid 6591 tgid 6590 stack trace:
[ 91.917154][ T6594] free_unref_folios+0xa61/0x16b0
[ 91.918872][ T6594] folios_put_refs+0x56f/0x740
[ 91.920650][ T6594] truncate_inode_pages_range+0x311/0xe50
[ 91.922798][ T6594] blkdev_flush_mapping+0xfb/0x290
[ 91.924634][ T6594] blkdev_put_whole+0xc4/0xf0
[ 91.926238][ T6594] bdev_release+0x47e/0x6d0
[ 91.927645][ T6594] blkdev_release+0x15/0x20
[ 91.929059][ T6594] __fput+0x3ff/0xb70
[ 91.930296][ T6594] task_work_run+0x14d/0x240
[ 91.931726][ T6594] do_exit+0x86f/0x2bf0
[ 91.933054][ T6594] do_group_exit+0xd3/0x2a0
[ 91.934447][ T6594] get_signal+0x2673/0x26d0
[ 91.935857][ T6594] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.937571][ T6594] exit_to_user_mode_loop+0x84/0x110
[ 91.939180][ T6594] do_syscall_64+0x3f6/0x4c0
[ 91.940597][ T6594] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.942386][ T6594] Modules linked in:
[ 91.943673][ T6594] CPU: 0 UID: 0 PID: 6594 Comm: syz.0.41 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 91.943690][ T6594] Tainted: [B]=BAD_PAGE
[ 91.943694][ T6594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 91.943701][ T6594] Call Trace:
[ 91.943704][ T6594]
[ 91.943708][ T6594] dump_stack_lvl+0x16c/0x1f0
[ 91.943724][ T6594] bad_page+0xcf/0x220
[ 91.943736][ T6594] ? __pfx_bad_page+0x10/0x10
[ 91.943747][ T6594] ? page_bad_reason+0x9d/0x1f0
[ 91.943758][ T6594] __free_frozen_pages+0x7f7/0x10f0
[ 91.943775][ T6594] __folio_put+0x329/0x450
[ 91.943785][ T6594] ? __pfx___folio_put+0x10/0x10
[ 91.943796][ T6594] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 91.943807][ T6594] ? rcu_is_watching+0x12/0xc0
[ 91.943820][ T6594] ? lock_release+0x201/0x2f0
[ 91.943837][ T6594] filemap_free_folio+0x132/0x170
[ 91.943851][ T6594] delete_from_page_cache_batch+0x741/0x9b0
[ 91.943863][ T6594] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 91.943875][ T6594] ? __pfx_workingset_update_node+0x10/0x10
[ 91.943885][ T6594] ? xas_move_index+0xb0/0x110
[ 91.943901][ T6594] truncate_inode_pages_range+0x279/0xe50
[ 91.943915][ T6594] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 91.943933][ T6594] ? rcu_is_watching+0x12/0xc0
[ 91.943945][ T6594] ? has_bh_in_lru+0x9d/0x100
[ 91.943955][ T6594] ? smp_call_function_many_cond+0x457/0x1600
[ 91.943973][ T6594] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 91.943985][ T6594] ? __pfx_has_bh_in_lru+0x10/0x10
[ 91.943996][ T6594] blkdev_flush_mapping+0xfb/0x290
[ 91.944008][ T6594] ? filemap_check_errors+0xa9/0x160
[ 91.944022][ T6594] blkdev_put_whole+0xc4/0xf0
[ 91.944033][ T6594] bdev_release+0x47e/0x6d0
[ 91.944046][ T6594] ? __pfx_blkdev_release+0x10/0x10
[ 91.944059][ T6594] blkdev_release+0x15/0x20
[ 91.944071][ T6594] __fput+0x3ff/0xb70
[ 91.944085][ T6594] task_work_run+0x14d/0x240
[ 91.944096][ T6594] ? __pfx_task_work_run+0x10/0x10
[ 91.944107][ T6594] ? do_raw_spin_unlock+0x172/0x230
[ 91.944119][ T6594] do_exit+0x86f/0x2bf0
[ 91.944135][ T6594] ? __pfx_do_exit+0x10/0x10
[ 91.944149][ T6594] ? do_raw_spin_lock+0x12c/0x2b0
[ 91.944159][ T6594] ? get_signal+0x8f5/0x26d0
[ 91.944172][ T6594] ? rcu_is_watching+0x12/0xc0
[ 91.944184][ T6594] do_group_exit+0xd3/0x2a0
[ 91.944200][ T6594] get_signal+0x2673/0x26d0
[ 91.944214][ T6594] ? __pfx_get_signal+0x10/0x10
[ 91.944226][ T6594] ? do_futex+0x122/0x350
[ 91.944242][ T6594] ? __pfx_do_futex+0x10/0x10
[ 91.944257][ T6594] arch_do_signal_or_restart+0x8f/0x7d0
[ 91.944271][ T6594] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 91.944288][ T6594] exit_to_user_mode_loop+0x84/0x110
[ 91.944298][ T6594] do_syscall_64+0x3f6/0x4c0
[ 91.944313][ T6594] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 91.944323][ T6594] RIP: 0033:0x7fabb898e969
[ 91.944331][ T6594] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 91.944335][ T6594] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 91.944345][ T6594] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 91.944352][ T6594] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 91.944358][ T6594] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 91.944364][ T6594] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 91.944370][ T6594] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 91.944379][ T6594]
[ 91.965248][ T6596] BUG: Bad page state in process syz.0.42 pfn:55401
[ 92.057984][ T6596] page does not match folio
[ 92.059855][ T6596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55401
[ 92.063247][ T6596] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 92.065523][ T6596] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 92.068098][ T6596] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 92.070709][ T6596] page dumped because: nonzero pincount
[ 92.072433][ T6596] page_owner tracks the page as allocated
[ 92.074240][ T6596] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6595, tgid 6595 (syz.0.42), ts 91949416600, free_ts 0
[ 92.079962][ T6596] post_alloc_hook+0x1c0/0x230
[ 92.081477][ T6596] get_page_from_freelist+0x132b/0x38e0
[ 92.083274][ T6596] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 92.085061][ T6596] alloc_pages_mpol+0x1fb/0x550
[ 92.086569][ T6596] folio_alloc_noprof+0x20/0x2d0
[ 92.088090][ T6596] filemap_alloc_folio_noprof+0x3a1/0x470
[ 92.089847][ T6596] page_cache_ra_order+0x4e1/0xd70
[ 92.091408][ T6596] filemap_fault+0x1b4b/0x2930
[ 92.092944][ T6596] __do_fault+0x10a/0x490
[ 92.094299][ T6596] do_pte_missing+0x1a6/0x3ba0
[ 92.095784][ T6596] __handle_mm_fault+0x152a/0x2a50
[ 92.097358][ T6596] handle_mm_fault+0x589/0xd10
[ 92.098846][ T6596] do_user_addr_fault+0x60c/0x1370
[ 92.100412][ T6596] exc_page_fault+0x5c/0xb0
[ 92.101847][ T6596] asm_exc_page_fault+0x26/0x30
[ 92.103453][ T6596] page_owner free stack trace missing
[ 92.105120][ T6596] Modules linked in:
[ 92.106374][ T6596] CPU: 3 UID: 0 PID: 6596 Comm: syz.0.42 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 92.106401][ T6596] Tainted: [B]=BAD_PAGE
[ 92.106406][ T6596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.106412][ T6596] Call Trace:
[ 92.106416][ T6596]
[ 92.106420][ T6596] dump_stack_lvl+0x16c/0x1f0
[ 92.106436][ T6596] bad_page+0xcf/0x220
[ 92.106447][ T6596] ? __pfx_bad_page+0x10/0x10
[ 92.106459][ T6596] free_tail_page_prepare+0x44f/0x5b0
[ 92.106473][ T6596] __free_frozen_pages+0xbae/0x10f0
[ 92.106490][ T6596] __folio_put+0x329/0x450
[ 92.106500][ T6596] ? __pfx___folio_put+0x10/0x10
[ 92.106511][ T6596] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 92.106522][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.106535][ T6596] ? lock_release+0x201/0x2f0
[ 92.106551][ T6596] filemap_free_folio+0x132/0x170
[ 92.106561][ T6596] delete_from_page_cache_batch+0x741/0x9b0
[ 92.106573][ T6596] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 92.106584][ T6596] ? __pfx_workingset_update_node+0x10/0x10
[ 92.106595][ T6596] ? xas_move_index+0xb0/0x110
[ 92.106610][ T6596] truncate_inode_pages_range+0x279/0xe50
[ 92.106625][ T6596] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 92.106642][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.106654][ T6596] ? has_bh_in_lru+0x9d/0x100
[ 92.106665][ T6596] ? smp_call_function_many_cond+0x457/0x1600
[ 92.106684][ T6596] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.106696][ T6596] ? __pfx_has_bh_in_lru+0x10/0x10
[ 92.106707][ T6596] blkdev_flush_mapping+0xfb/0x290
[ 92.106719][ T6596] ? filemap_check_errors+0xa9/0x160
[ 92.106734][ T6596] blkdev_put_whole+0xc4/0xf0
[ 92.106745][ T6596] bdev_release+0x47e/0x6d0
[ 92.106758][ T6596] ? __pfx_blkdev_release+0x10/0x10
[ 92.106771][ T6596] blkdev_release+0x15/0x20
[ 92.106784][ T6596] __fput+0x3ff/0xb70
[ 92.106798][ T6596] task_work_run+0x14d/0x240
[ 92.106810][ T6596] ? __pfx_task_work_run+0x10/0x10
[ 92.106821][ T6596] ? do_raw_spin_unlock+0x172/0x230
[ 92.106833][ T6596] do_exit+0x86f/0x2bf0
[ 92.106849][ T6596] ? __pfx_do_exit+0x10/0x10
[ 92.106864][ T6596] ? do_raw_spin_lock+0x12c/0x2b0
[ 92.106875][ T6596] ? get_signal+0x8f5/0x26d0
[ 92.106887][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.106900][ T6596] do_group_exit+0xd3/0x2a0
[ 92.106915][ T6596] get_signal+0x2673/0x26d0
[ 92.106930][ T6596] ? __pfx_get_signal+0x10/0x10
[ 92.106943][ T6596] ? do_futex+0x122/0x350
[ 92.106958][ T6596] ? __pfx_do_futex+0x10/0x10
[ 92.106974][ T6596] arch_do_signal_or_restart+0x8f/0x7d0
[ 92.106989][ T6596] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 92.107005][ T6596] exit_to_user_mode_loop+0x84/0x110
[ 92.107016][ T6596] do_syscall_64+0x3f6/0x4c0
[ 92.107031][ T6596] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.107042][ T6596] RIP: 0033:0x7fabb898e969
[ 92.107050][ T6596] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 92.107054][ T6596] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 92.107064][ T6596] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 92.107071][ T6596] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 92.107077][ T6596] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 92.107083][ T6596] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 92.107089][ T6596] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 92.107098][ T6596]
[ 92.107122][ T6596] BUG: Bad page state in process syz.0.42 pfn:55400
[ 92.212640][ T6596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55400
[ 92.215351][ T6596] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 92.217832][ T6596] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 92.220809][ T6596] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 92.223534][ T6596] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.226130][ T6596] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 92.228792][ T6596] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.231472][ T6596] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.236694][ T6596] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 92.239385][ T6596] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 92.241595][ T6596] page_owner tracks the page as allocated
[ 92.243437][ T6596] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6595, tgid 6595 (syz.0.42), ts 91949416600, free_ts 0
[ 92.249150][ T6596] post_alloc_hook+0x1c0/0x230
[ 92.250635][ T6596] get_page_from_freelist+0x132b/0x38e0
[ 92.252360][ T6596] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 92.254240][ T6596] alloc_pages_mpol+0x1fb/0x550
[ 92.255733][ T6596] folio_alloc_noprof+0x20/0x2d0
[ 92.257247][ T6596] filemap_alloc_folio_noprof+0x3a1/0x470
[ 92.258983][ T6596] page_cache_ra_order+0x4e1/0xd70
[ 92.260558][ T6596] filemap_fault+0x1b4b/0x2930
[ 92.262033][ T6596] __do_fault+0x10a/0x490
[ 92.263448][ T6596] do_pte_missing+0x1a6/0x3ba0
[ 92.264961][ T6596] __handle_mm_fault+0x152a/0x2a50
[ 92.266536][ T6596] handle_mm_fault+0x589/0xd10
[ 92.268022][ T6596] do_user_addr_fault+0x60c/0x1370
[ 92.269599][ T6596] exc_page_fault+0x5c/0xb0
[ 92.271030][ T6596] asm_exc_page_fault+0x26/0x30
[ 92.272624][ T6596] page_owner free stack trace missing
[ 92.274382][ T6596] Modules linked in:
[ 92.275636][ T6596] CPU: 3 UID: 0 PID: 6596 Comm: syz.0.42 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 92.275653][ T6596] Tainted: [B]=BAD_PAGE
[ 92.275657][ T6596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.275663][ T6596] Call Trace:
[ 92.275667][ T6596]
[ 92.275671][ T6596] dump_stack_lvl+0x16c/0x1f0
[ 92.275687][ T6596] bad_page+0xcf/0x220
[ 92.275699][ T6596] ? __pfx_bad_page+0x10/0x10
[ 92.275710][ T6596] ? page_bad_reason+0x9d/0x1f0
[ 92.275721][ T6596] __free_frozen_pages+0x7f7/0x10f0
[ 92.275738][ T6596] __folio_put+0x329/0x450
[ 92.275749][ T6596] ? __pfx___folio_put+0x10/0x10
[ 92.275759][ T6596] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 92.275770][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.275783][ T6596] ? lock_release+0x201/0x2f0
[ 92.275799][ T6596] filemap_free_folio+0x132/0x170
[ 92.275809][ T6596] delete_from_page_cache_batch+0x741/0x9b0
[ 92.275822][ T6596] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 92.275833][ T6596] ? __pfx_workingset_update_node+0x10/0x10
[ 92.275844][ T6596] ? xas_move_index+0xb0/0x110
[ 92.275859][ T6596] truncate_inode_pages_range+0x279/0xe50
[ 92.275874][ T6596] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 92.275891][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.275903][ T6596] ? has_bh_in_lru+0x9d/0x100
[ 92.275914][ T6596] ? smp_call_function_many_cond+0x457/0x1600
[ 92.275933][ T6596] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.275944][ T6596] ? __pfx_has_bh_in_lru+0x10/0x10
[ 92.275955][ T6596] blkdev_flush_mapping+0xfb/0x290
[ 92.275968][ T6596] ? filemap_check_errors+0xa9/0x160
[ 92.275982][ T6596] blkdev_put_whole+0xc4/0xf0
[ 92.275993][ T6596] bdev_release+0x47e/0x6d0
[ 92.276006][ T6596] ? __pfx_blkdev_release+0x10/0x10
[ 92.276019][ T6596] blkdev_release+0x15/0x20
[ 92.276032][ T6596] __fput+0x3ff/0xb70
[ 92.276047][ T6596] task_work_run+0x14d/0x240
[ 92.276058][ T6596] ? __pfx_task_work_run+0x10/0x10
[ 92.276069][ T6596] ? do_raw_spin_unlock+0x172/0x230
[ 92.276081][ T6596] do_exit+0x86f/0x2bf0
[ 92.276098][ T6596] ? __pfx_do_exit+0x10/0x10
[ 92.276112][ T6596] ? do_raw_spin_lock+0x12c/0x2b0
[ 92.276123][ T6596] ? get_signal+0x8f5/0x26d0
[ 92.276135][ T6596] ? rcu_is_watching+0x12/0xc0
[ 92.276148][ T6596] do_group_exit+0xd3/0x2a0
[ 92.276167][ T6596] get_signal+0x2673/0x26d0
[ 92.276181][ T6596] ? __pfx_get_signal+0x10/0x10
[ 92.276194][ T6596] ? do_futex+0x122/0x350
[ 92.276210][ T6596] ? __pfx_do_futex+0x10/0x10
[ 92.276225][ T6596] arch_do_signal_or_restart+0x8f/0x7d0
[ 92.276240][ T6596] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 92.276256][ T6596] exit_to_user_mode_loop+0x84/0x110
[ 92.276268][ T6596] do_syscall_64+0x3f6/0x4c0
[ 92.276283][ T6596] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.276293][ T6596] RIP: 0033:0x7fabb898e969
[ 92.276301][ T6596] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 92.276305][ T6596] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 92.276315][ T6596] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 92.276322][ T6596] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 92.276328][ T6596] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 92.276334][ T6596] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 92.276341][ T6596] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 92.276349][ T6596]
[ 92.402069][ T6600] BUG: Bad page state in process syz.0.43 pfn:55801
[ 92.404536][ T6600] page does not match folio
[ 92.406202][ T6600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55801
[ 92.409579][ T6600] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 92.412119][ T6600] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 92.415127][ T6600] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 92.418092][ T6600] page dumped because: nonzero pincount
[ 92.420320][ T6600] page_owner tracks the page as allocated
[ 92.422577][ T6600] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6599, tgid 6599 (syz.0.43), ts 92281922365, free_ts 0
[ 92.430956][ T6600] post_alloc_hook+0x1c0/0x230
[ 92.432840][ T6600] get_page_from_freelist+0x132b/0x38e0
[ 92.434702][ T6600] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 92.436531][ T6600] alloc_pages_mpol+0x1fb/0x550
[ 92.438056][ T6600] folio_alloc_noprof+0x20/0x2d0
[ 92.439603][ T6600] filemap_alloc_folio_noprof+0x3a1/0x470
[ 92.441926][ T6600] page_cache_ra_order+0x4e1/0xd70
[ 92.443673][ T6600] filemap_fault+0x1b4b/0x2930
[ 92.445160][ T6600] __do_fault+0x10a/0x490
[ 92.446519][ T6600] do_pte_missing+0x1a6/0x3ba0
[ 92.448007][ T6600] __handle_mm_fault+0x152a/0x2a50
[ 92.449597][ T6600] handle_mm_fault+0x589/0xd10
[ 92.451514][ T6600] do_user_addr_fault+0x60c/0x1370
[ 92.453699][ T6600] exc_page_fault+0x5c/0xb0
[ 92.455573][ T6600] asm_exc_page_fault+0x26/0x30
[ 92.457575][ T6600] page_owner free stack trace missing
[ 92.459771][ T6600] Modules linked in:
[ 92.461385][ T6600] CPU: 0 UID: 0 PID: 6600 Comm: syz.0.43 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 92.461412][ T6600] Tainted: [B]=BAD_PAGE
[ 92.461418][ T6600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.461429][ T6600] Call Trace:
[ 92.461435][ T6600]
[ 92.461441][ T6600] dump_stack_lvl+0x16c/0x1f0
[ 92.461467][ T6600] bad_page+0xcf/0x220
[ 92.461485][ T6600] ? __pfx_bad_page+0x10/0x10
[ 92.461504][ T6600] free_tail_page_prepare+0x44f/0x5b0
[ 92.461526][ T6600] __free_frozen_pages+0xbae/0x10f0
[ 92.461552][ T6600] __folio_put+0x329/0x450
[ 92.461569][ T6600] ? __pfx___folio_put+0x10/0x10
[ 92.461587][ T6600] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 92.461604][ T6600] ? rcu_is_watching+0x12/0xc0
[ 92.461646][ T6600] ? lock_release+0x201/0x2f0
[ 92.461672][ T6600] filemap_free_folio+0x132/0x170
[ 92.461688][ T6600] delete_from_page_cache_batch+0x741/0x9b0
[ 92.461708][ T6600] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 92.461727][ T6600] ? __pfx_workingset_update_node+0x10/0x10
[ 92.461744][ T6600] ? xas_move_index+0xb0/0x110
[ 92.461770][ T6600] truncate_inode_pages_range+0x279/0xe50
[ 92.461794][ T6600] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 92.461822][ T6600] ? rcu_is_watching+0x12/0xc0
[ 92.461843][ T6600] ? has_bh_in_lru+0x9d/0x100
[ 92.461860][ T6600] ? smp_call_function_many_cond+0x457/0x1600
[ 92.461891][ T6600] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.461910][ T6600] ? __pfx_has_bh_in_lru+0x10/0x10
[ 92.461928][ T6600] blkdev_flush_mapping+0xfb/0x290
[ 92.461947][ T6600] ? filemap_check_errors+0xa9/0x160
[ 92.461969][ T6600] blkdev_put_whole+0xc4/0xf0
[ 92.461987][ T6600] bdev_release+0x47e/0x6d0
[ 92.462009][ T6600] ? __pfx_blkdev_release+0x10/0x10
[ 92.462030][ T6600] blkdev_release+0x15/0x20
[ 92.462049][ T6600] __fput+0x3ff/0xb70
[ 92.462080][ T6600] task_work_run+0x14d/0x240
[ 92.462098][ T6600] ? __pfx_task_work_run+0x10/0x10
[ 92.462116][ T6600] ? do_raw_spin_unlock+0x172/0x230
[ 92.462136][ T6600] do_exit+0x86f/0x2bf0
[ 92.462163][ T6600] ? __pfx_do_exit+0x10/0x10
[ 92.462186][ T6600] ? do_raw_spin_lock+0x12c/0x2b0
[ 92.462203][ T6600] ? get_signal+0x8f5/0x26d0
[ 92.462223][ T6600] ? rcu_is_watching+0x12/0xc0
[ 92.462244][ T6600] do_group_exit+0xd3/0x2a0
[ 92.462269][ T6600] get_signal+0x2673/0x26d0
[ 92.462292][ T6600] ? __pfx_get_signal+0x10/0x10
[ 92.462312][ T6600] ? do_futex+0x122/0x350
[ 92.462336][ T6600] ? __pfx_do_futex+0x10/0x10
[ 92.462361][ T6600] arch_do_signal_or_restart+0x8f/0x7d0
[ 92.462384][ T6600] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 92.462411][ T6600] exit_to_user_mode_loop+0x84/0x110
[ 92.462428][ T6600] do_syscall_64+0x3f6/0x4c0
[ 92.462452][ T6600] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.462469][ T6600] RIP: 0033:0x7fabb898e969
[ 92.462482][ T6600] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 92.462490][ T6600] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 92.462506][ T6600] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 92.462518][ T6600] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 92.462529][ T6600] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 92.462539][ T6600] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 92.462549][ T6600] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 92.462565][ T6600]
[ 92.462596][ T6600] BUG: Bad page state in process syz.0.43 pfn:55800
[ 92.577418][ T6600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55800
[ 92.580089][ T6600] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 92.582677][ T6600] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 92.585725][ T6600] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 92.588319][ T6600] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.590923][ T6600] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 92.593645][ T6600] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.596281][ T6600] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.598941][ T6600] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 92.601560][ T6600] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 92.603844][ T6600] page_owner tracks the page as allocated
[ 92.605563][ T6600] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6599, tgid 6599 (syz.0.43), ts 92281922365, free_ts 0
[ 92.611271][ T6600] post_alloc_hook+0x1c0/0x230
[ 92.612752][ T6600] get_page_from_freelist+0x132b/0x38e0
[ 92.614560][ T6600] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 92.616363][ T6600] alloc_pages_mpol+0x1fb/0x550
[ 92.617860][ T6600] folio_alloc_noprof+0x20/0x2d0
[ 92.619388][ T6600] filemap_alloc_folio_noprof+0x3a1/0x470
[ 92.621142][ T6600] page_cache_ra_order+0x4e1/0xd70
[ 92.623046][ T6600] filemap_fault+0x1b4b/0x2930
[ 92.624566][ T6600] __do_fault+0x10a/0x490
[ 92.625918][ T6600] do_pte_missing+0x1a6/0x3ba0
[ 92.627415][ T6600] __handle_mm_fault+0x152a/0x2a50
[ 92.628998][ T6600] handle_mm_fault+0x589/0xd10
[ 92.630482][ T6600] do_user_addr_fault+0x60c/0x1370
[ 92.632056][ T6600] exc_page_fault+0x5c/0xb0
[ 92.633588][ T6600] asm_exc_page_fault+0x26/0x30
[ 92.635120][ T6600] page_owner free stack trace missing
[ 92.636776][ T6600] Modules linked in:
[ 92.638016][ T6600] CPU: 0 UID: 0 PID: 6600 Comm: syz.0.43 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 92.638033][ T6600] Tainted: [B]=BAD_PAGE
[ 92.638036][ T6600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.638043][ T6600] Call Trace:
[ 92.638047][ T6600]
[ 92.638051][ T6600] dump_stack_lvl+0x16c/0x1f0
[ 92.638066][ T6600] bad_page+0xcf/0x220
[ 92.638078][ T6600] ? __pfx_bad_page+0x10/0x10
[ 92.638089][ T6600] ? page_bad_reason+0x9d/0x1f0
[ 92.638100][ T6600] __free_frozen_pages+0x7f7/0x10f0
[ 92.638116][ T6600] __folio_put+0x329/0x450
[ 92.638126][ T6600] ? __pfx___folio_put+0x10/0x10
[ 92.638136][ T6600] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 92.638148][ T6600] ? rcu_is_watching+0x12/0xc0
[ 92.638166][ T6600] ? lock_release+0x201/0x2f0
[ 92.638182][ T6600] filemap_free_folio+0x132/0x170
[ 92.638192][ T6600] delete_from_page_cache_batch+0x741/0x9b0
[ 92.638204][ T6600] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 92.638215][ T6600] ? __pfx_workingset_update_node+0x10/0x10
[ 92.638226][ T6600] ? xas_move_index+0xb0/0x110
[ 92.638241][ T6600] truncate_inode_pages_range+0x279/0xe50
[ 92.638255][ T6600] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 92.638273][ T6600] ? rcu_is_watching+0x12/0xc0
[ 92.638285][ T6600] ? has_bh_in_lru+0x9d/0x100
[ 92.638296][ T6600] ? smp_call_function_many_cond+0x457/0x1600
[ 92.638314][ T6600] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.638327][ T6600] ? __pfx_has_bh_in_lru+0x10/0x10
[ 92.638337][ T6600] blkdev_flush_mapping+0xfb/0x290
[ 92.638350][ T6600] ? filemap_check_errors+0xa9/0x160
[ 92.638364][ T6600] blkdev_put_whole+0xc4/0xf0
[ 92.638375][ T6600] bdev_release+0x47e/0x6d0
[ 92.638389][ T6600] ? __pfx_blkdev_release+0x10/0x10
[ 92.638402][ T6600] blkdev_release+0x15/0x20
[ 92.638415][ T6600] __fput+0x3ff/0xb70
[ 92.638430][ T6600] task_work_run+0x14d/0x240
[ 92.638441][ T6600] ? __pfx_task_work_run+0x10/0x10
[ 92.638452][ T6600] ? do_raw_spin_unlock+0x172/0x230
[ 92.638464][ T6600] do_exit+0x86f/0x2bf0
[ 92.638480][ T6600] ? __pfx_do_exit+0x10/0x10
[ 92.638495][ T6600] ? do_raw_spin_lock+0x12c/0x2b0
[ 92.638505][ T6600] ? get_signal+0x8f5/0x26d0
[ 92.638518][ T6600] ? rcu_is_watching+0x12/0xc0
[ 92.638530][ T6600] do_group_exit+0xd3/0x2a0
[ 92.638546][ T6600] get_signal+0x2673/0x26d0
[ 92.638561][ T6600] ? __pfx_get_signal+0x10/0x10
[ 92.638573][ T6600] ? do_futex+0x122/0x350
[ 92.638589][ T6600] ? __pfx_do_futex+0x10/0x10
[ 92.638604][ T6600] arch_do_signal_or_restart+0x8f/0x7d0
[ 92.638619][ T6600] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 92.638636][ T6600] exit_to_user_mode_loop+0x84/0x110
[ 92.638647][ T6600] do_syscall_64+0x3f6/0x4c0
[ 92.638662][ T6600] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.638673][ T6600] RIP: 0033:0x7fabb898e969
[ 92.638680][ T6600] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 92.638685][ T6600] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 92.638695][ T6600] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 92.638702][ T6600] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 92.638708][ T6600] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 92.638715][ T6600] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 92.638721][ T6600] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 92.638730][ T6600]
[ 92.662496][ T6602] BUG: Bad page state in process syz.0.44 pfn:55601
[ 92.746388][ T6602] page does not match folio
[ 92.747692][ T6602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55601
[ 92.750426][ T6602] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 92.752509][ T6602] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 92.754946][ T6602] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 92.757303][ T6602] page dumped because: nonzero pincount
[ 92.759058][ T6602] page_owner tracks the page as allocated
[ 92.760876][ T6602] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6601, tgid 6601 (syz.0.44), ts 92646998579, free_ts 92276372305
[ 92.766433][ T6602] post_alloc_hook+0x1c0/0x230
[ 92.767919][ T6602] get_page_from_freelist+0x132b/0x38e0
[ 92.769660][ T6602] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 92.771563][ T6602] alloc_pages_mpol+0x1fb/0x550
[ 92.773222][ T6602] folio_alloc_noprof+0x20/0x2d0
[ 92.774761][ T6602] filemap_alloc_folio_noprof+0x3a1/0x470
[ 92.776593][ T6602] page_cache_ra_order+0x4e1/0xd70
[ 92.778262][ T6602] filemap_fault+0x1b4b/0x2930
[ 92.779759][ T6602] __do_fault+0x10a/0x490
[ 92.781128][ T6602] do_pte_missing+0x1a6/0x3ba0
[ 92.782650][ T6602] __handle_mm_fault+0x152a/0x2a50
[ 92.784112][ T6602] handle_mm_fault+0x589/0xd10
[ 92.785423][ T6602] do_user_addr_fault+0x60c/0x1370
[ 92.786831][ T6602] exc_page_fault+0x5c/0xb0
[ 92.788084][ T6602] asm_exc_page_fault+0x26/0x30
[ 92.789548][ T6602] page last free pid 6596 tgid 6595 stack trace:
[ 92.791552][ T6602] free_unref_folios+0xa61/0x16b0
[ 92.793205][ T6602] folios_put_refs+0x56f/0x740
[ 92.794867][ T6602] truncate_inode_pages_range+0x311/0xe50
[ 92.796893][ T6602] blkdev_flush_mapping+0xfb/0x290
[ 92.798551][ T6602] blkdev_put_whole+0xc4/0xf0
[ 92.800034][ T6602] bdev_release+0x47e/0x6d0
[ 92.801452][ T6602] blkdev_release+0x15/0x20
[ 92.802964][ T6602] __fput+0x3ff/0xb70
[ 92.804228][ T6602] task_work_run+0x14d/0x240
[ 92.805524][ T6602] do_exit+0x86f/0x2bf0
[ 92.806685][ T6602] do_group_exit+0xd3/0x2a0
[ 92.807949][ T6602] get_signal+0x2673/0x26d0
[ 92.809238][ T6602] arch_do_signal_or_restart+0x8f/0x7d0
[ 92.811019][ T6602] exit_to_user_mode_loop+0x84/0x110
[ 92.812681][ T6602] do_syscall_64+0x3f6/0x4c0
[ 92.814152][ T6602] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.816012][ T6602] Modules linked in:
[ 92.817264][ T6602] CPU: 1 UID: 0 PID: 6602 Comm: syz.0.44 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 92.817288][ T6602] Tainted: [B]=BAD_PAGE
[ 92.817294][ T6602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 92.817304][ T6602] Call Trace:
[ 92.817310][ T6602]
[ 92.817316][ T6602] dump_stack_lvl+0x16c/0x1f0
[ 92.817338][ T6602] bad_page+0xcf/0x220
[ 92.817355][ T6602] ? __pfx_bad_page+0x10/0x10
[ 92.817373][ T6602] free_tail_page_prepare+0x44f/0x5b0
[ 92.817394][ T6602] __free_frozen_pages+0xbae/0x10f0
[ 92.817417][ T6602] __folio_put+0x329/0x450
[ 92.817433][ T6602] ? __pfx___folio_put+0x10/0x10
[ 92.817449][ T6602] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 92.817465][ T6602] ? rcu_is_watching+0x12/0xc0
[ 92.817484][ T6602] ? lock_release+0x201/0x2f0
[ 92.817507][ T6602] filemap_free_folio+0x132/0x170
[ 92.817522][ T6602] delete_from_page_cache_batch+0x741/0x9b0
[ 92.817540][ T6602] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 92.817558][ T6602] ? __pfx_workingset_update_node+0x10/0x10
[ 92.817574][ T6602] ? xas_move_index+0xb0/0x110
[ 92.817596][ T6602] truncate_inode_pages_range+0x279/0xe50
[ 92.817635][ T6602] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 92.817662][ T6602] ? rcu_is_watching+0x12/0xc0
[ 92.817678][ T6602] ? has_bh_in_lru+0x9d/0x100
[ 92.817689][ T6602] ? smp_call_function_many_cond+0x457/0x1600
[ 92.817708][ T6602] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 92.817720][ T6602] ? __pfx_has_bh_in_lru+0x10/0x10
[ 92.817731][ T6602] blkdev_flush_mapping+0xfb/0x290
[ 92.817742][ T6602] ? filemap_check_errors+0xa9/0x160
[ 92.817761][ T6602] blkdev_put_whole+0xc4/0xf0
[ 92.817778][ T6602] bdev_release+0x47e/0x6d0
[ 92.817797][ T6602] ? __pfx_blkdev_release+0x10/0x10
[ 92.817816][ T6602] blkdev_release+0x15/0x20
[ 92.817835][ T6602] __fput+0x3ff/0xb70
[ 92.817856][ T6602] task_work_run+0x14d/0x240
[ 92.817872][ T6602] ? __pfx_task_work_run+0x10/0x10
[ 92.817889][ T6602] ? do_raw_spin_unlock+0x172/0x230
[ 92.817907][ T6602] do_exit+0x86f/0x2bf0
[ 92.817930][ T6602] ? __pfx_do_exit+0x10/0x10
[ 92.817952][ T6602] ? do_raw_spin_lock+0x12c/0x2b0
[ 92.817967][ T6602] ? get_signal+0x8f5/0x26d0
[ 92.817986][ T6602] ? rcu_is_watching+0x12/0xc0
[ 92.818005][ T6602] do_group_exit+0xd3/0x2a0
[ 92.818028][ T6602] get_signal+0x2673/0x26d0
[ 92.818049][ T6602] ? __pfx_get_signal+0x10/0x10
[ 92.818068][ T6602] ? do_futex+0x122/0x350
[ 92.818089][ T6602] ? __pfx_do_futex+0x10/0x10
[ 92.818117][ T6602] arch_do_signal_or_restart+0x8f/0x7d0
[ 92.818138][ T6602] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 92.818162][ T6602] exit_to_user_mode_loop+0x84/0x110
[ 92.818178][ T6602] do_syscall_64+0x3f6/0x4c0
[ 92.818200][ T6602] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 92.818215][ T6602] RIP: 0033:0x7fabb898e969
[ 92.818227][ T6602] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 92.818234][ T6602] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 92.818249][ T6602] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 92.818260][ T6602] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 92.818270][ T6602] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 92.818279][ T6602] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 92.818288][ T6602] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 92.818303][ T6602]
[ 92.818329][ T6602] BUG: Bad page state in process syz.0.44 pfn:55600
[ 92.923453][ T6602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55600
[ 92.925855][ T6602] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 92.928141][ T6602] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 92.930830][ T6602] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 92.933232][ T6602] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.935599][ T6602] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 92.937996][ T6602] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.940352][ T6602] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 92.942708][ T6602] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 92.947953][ T6602] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 92.949966][ T6602] page_owner tracks the page as allocated
[ 92.951531][ T6602] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6601, tgid 6601 (syz.0.44), ts 92646998579, free_ts 92276372305
[ 92.957016][ T6602] post_alloc_hook+0x1c0/0x230
[ 92.958365][ T6602] get_page_from_freelist+0x132b/0x38e0
[ 92.959878][ T6602] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 92.961506][ T6602] alloc_pages_mpol+0x1fb/0x550
[ 92.962916][ T6602] folio_alloc_noprof+0x20/0x2d0
[ 92.964309][ T6602] filemap_alloc_folio_noprof+0x3a1/0x470
[ 92.965865][ T6602] page_cache_ra_order+0x4e1/0xd70
[ 92.967275][ T6602] filemap_fault+0x1b4b/0x2930
[ 92.968612][ T6602] __do_fault+0x10a/0x490
[ 92.969805][ T6602] do_pte_missing+0x1a6/0x3ba0
[ 92.971138][ T6602] __handle_mm_fault+0x152a/0x2a50
[ 92.972563][ T6602] handle_mm_fault+0x589/0xd10
[ 92.973959][ T6602] do_user_addr_fault+0x60c/0x1370
[ 92.975383][ T6602] exc_page_fault+0x5c/0xb0
[ 92.976621][ T6602] asm_exc_page_fault+0x26/0x30
[ 92.977960][ T6602] page last free pid 6596 tgid 6595 stack trace:
[ 92.979686][ T6602] free_unref_folios+0xa61/0x16b0
[ 92.981077][ T6602] folios_put_refs+0x56f/0x740
[ 92.982388][ T6602] truncate_inode_pages_range+0x311/0xe50
[ 92.984016][ T6602] blkdev_flush_mapping+0xfb/0x290
[ 92.985439][ T6602] blkdev_put_whole+0xc4/0xf0
[ 92.986727][ T6602] bdev_release+0x47e/0x6d0
[ 92.987974][ T6602] blkdev_release+0x15/0x20
[ 92.989264][ T6602] __fput+0x3ff/0xb70
[ 92.990377][ T6602] task_work_run+0x14d/0x240
[ 92.991652][ T6602] do_exit+0x86f/0x2bf0
[ 92.992820][ T6602] do_group_exit+0xd3/0x2a0
[ 92.994139][ T6602] get_signal+0x2673/0x26d0
[ 92.995402][ T6602] arch_do_signal_or_restart+0x8f/0x7d0
[ 92.996920][ T6602] exit_to_user_mode_loop+0x84/0x110
[ 92.998368][ T6602] do_syscall_64+0x3f6/0x4c0
[ 92.999641][ T6602] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.001259][ T6602] Modules linked in:
[ 93.002354][ T6602] CPU: 1 UID: 0 PID: 6602 Comm: syz.0.44 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 93.002371][ T6602] Tainted: [B]=BAD_PAGE
[ 93.002374][ T6602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.002381][ T6602] Call Trace:
[ 93.002385][ T6602]
[ 93.002388][ T6602] dump_stack_lvl+0x16c/0x1f0
[ 93.002404][ T6602] bad_page+0xcf/0x220
[ 93.002415][ T6602] ? __pfx_bad_page+0x10/0x10
[ 93.002426][ T6602] ? page_bad_reason+0x9d/0x1f0
[ 93.002437][ T6602] __free_frozen_pages+0x7f7/0x10f0
[ 93.002454][ T6602] __folio_put+0x329/0x450
[ 93.002464][ T6602] ? __pfx___folio_put+0x10/0x10
[ 93.002475][ T6602] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 93.002486][ T6602] ? rcu_is_watching+0x12/0xc0
[ 93.002499][ T6602] ? lock_release+0x201/0x2f0
[ 93.002515][ T6602] filemap_free_folio+0x132/0x170
[ 93.002525][ T6602] delete_from_page_cache_batch+0x741/0x9b0
[ 93.002537][ T6602] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 93.002549][ T6602] ? __pfx_workingset_update_node+0x10/0x10
[ 93.002560][ T6602] ? xas_move_index+0xb0/0x110
[ 93.002575][ T6602] truncate_inode_pages_range+0x279/0xe50
[ 93.002589][ T6602] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 93.002607][ T6602] ? rcu_is_watching+0x12/0xc0
[ 93.002619][ T6602] ? has_bh_in_lru+0x9d/0x100
[ 93.002630][ T6602] ? smp_call_function_many_cond+0x457/0x1600
[ 93.002648][ T6602] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 93.002660][ T6602] ? __pfx_has_bh_in_lru+0x10/0x10
[ 93.002671][ T6602] blkdev_flush_mapping+0xfb/0x290
[ 93.002683][ T6602] ? filemap_check_errors+0xa9/0x160
[ 93.002698][ T6602] blkdev_put_whole+0xc4/0xf0
[ 93.002709][ T6602] bdev_release+0x47e/0x6d0
[ 93.002722][ T6602] ? __pfx_blkdev_release+0x10/0x10
[ 93.002735][ T6602] blkdev_release+0x15/0x20
[ 93.002748][ T6602] __fput+0x3ff/0xb70
[ 93.002762][ T6602] task_work_run+0x14d/0x240
[ 93.002773][ T6602] ? __pfx_task_work_run+0x10/0x10
[ 93.002784][ T6602] ? do_raw_spin_unlock+0x172/0x230
[ 93.002796][ T6602] do_exit+0x86f/0x2bf0
[ 93.002811][ T6602] ? __pfx_do_exit+0x10/0x10
[ 93.002826][ T6602] ? do_raw_spin_lock+0x12c/0x2b0
[ 93.002837][ T6602] ? get_signal+0x8f5/0x26d0
[ 93.002849][ T6602] ? rcu_is_watching+0x12/0xc0
[ 93.002873][ T6602] do_group_exit+0xd3/0x2a0
[ 93.002890][ T6602] get_signal+0x2673/0x26d0
[ 93.002904][ T6602] ? __pfx_get_signal+0x10/0x10
[ 93.002917][ T6602] ? do_futex+0x122/0x350
[ 93.002932][ T6602] ? __pfx_do_futex+0x10/0x10
[ 93.002948][ T6602] arch_do_signal_or_restart+0x8f/0x7d0
[ 93.002961][ T6602] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 93.002978][ T6602] exit_to_user_mode_loop+0x84/0x110
[ 93.002989][ T6602] do_syscall_64+0x3f6/0x4c0
[ 93.003003][ T6602] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.003014][ T6602] RIP: 0033:0x7fabb898e969
[ 93.003022][ T6602] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 93.003026][ T6602] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 93.003036][ T6602] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 93.003043][ T6602] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 93.003049][ T6602] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 93.003055][ T6602] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 93.003062][ T6602] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 93.003070][ T6602]
[ 93.115211][ T6604] BUG: Bad page state in process syz.0.45 pfn:55e01
[ 93.117055][ T6604] page does not match folio
[ 93.118323][ T6604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x55e01
[ 93.121037][ T6604] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 93.123294][ T6604] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 93.125631][ T6604] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 93.127982][ T6604] page dumped because: nonzero pincount
[ 93.129598][ T6604] page_owner tracks the page as allocated
[ 93.131779][ T6604] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6603, tgid 6603 (syz.0.45), ts 93099884483, free_ts 0
[ 93.139601][ T6604] post_alloc_hook+0x1c0/0x230
[ 93.141329][ T6604] get_page_from_freelist+0x132b/0x38e0
[ 93.143379][ T6604] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 93.145370][ T6604] alloc_pages_mpol+0x1fb/0x550
[ 93.147112][ T6604] folio_alloc_noprof+0x20/0x2d0
[ 93.148843][ T6604] filemap_alloc_folio_noprof+0x3a1/0x470
[ 93.150838][ T6604] page_cache_ra_order+0x4e1/0xd70
[ 93.152551][ T6604] filemap_fault+0x1b4b/0x2930
[ 93.154204][ T6604] __do_fault+0x10a/0x490
[ 93.155659][ T6604] do_pte_missing+0x1a6/0x3ba0
[ 93.157266][ T6604] __handle_mm_fault+0x152a/0x2a50
[ 93.158991][ T6604] handle_mm_fault+0x589/0xd10
[ 93.160552][ T6604] do_user_addr_fault+0x60c/0x1370
[ 93.162324][ T6604] exc_page_fault+0x5c/0xb0
[ 93.164015][ T6604] asm_exc_page_fault+0x26/0x30
[ 93.165682][ T6604] page_owner free stack trace missing
[ 93.167428][ T6604] Modules linked in:
[ 93.168718][ T6604] CPU: 3 UID: 0 PID: 6604 Comm: syz.0.45 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 93.168735][ T6604] Tainted: [B]=BAD_PAGE
[ 93.168738][ T6604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.168745][ T6604] Call Trace:
[ 93.168749][ T6604]
[ 93.168753][ T6604] dump_stack_lvl+0x16c/0x1f0
[ 93.168769][ T6604] bad_page+0xcf/0x220
[ 93.168781][ T6604] ? __pfx_bad_page+0x10/0x10
[ 93.168793][ T6604] free_tail_page_prepare+0x44f/0x5b0
[ 93.168807][ T6604] __free_frozen_pages+0xbae/0x10f0
[ 93.168823][ T6604] __folio_put+0x329/0x450
[ 93.168833][ T6604] ? __pfx___folio_put+0x10/0x10
[ 93.168844][ T6604] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 93.168855][ T6604] ? rcu_is_watching+0x12/0xc0
[ 93.168868][ T6604] ? lock_release+0x201/0x2f0
[ 93.168885][ T6604] filemap_free_folio+0x132/0x170
[ 93.168896][ T6604] delete_from_page_cache_batch+0x741/0x9b0
[ 93.168908][ T6604] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 93.168920][ T6604] ? __pfx_workingset_update_node+0x10/0x10
[ 93.168930][ T6604] ? xas_move_index+0xb0/0x110
[ 93.168946][ T6604] truncate_inode_pages_range+0x279/0xe50
[ 93.168960][ T6604] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 93.168978][ T6604] ? rcu_is_watching+0x12/0xc0
[ 93.168990][ T6604] ? has_bh_in_lru+0x9d/0x100
[ 93.169001][ T6604] ? smp_call_function_many_cond+0x457/0x1600
[ 93.169019][ T6604] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 93.169031][ T6604] ? __pfx_has_bh_in_lru+0x10/0x10
[ 93.169042][ T6604] blkdev_flush_mapping+0xfb/0x290
[ 93.169055][ T6604] ? filemap_check_errors+0xa9/0x160
[ 93.169069][ T6604] blkdev_put_whole+0xc4/0xf0
[ 93.169081][ T6604] bdev_release+0x47e/0x6d0
[ 93.169094][ T6604] ? __pfx_blkdev_release+0x10/0x10
[ 93.169107][ T6604] blkdev_release+0x15/0x20
[ 93.169119][ T6604] __fput+0x3ff/0xb70
[ 93.169138][ T6604] task_work_run+0x14d/0x240
[ 93.169150][ T6604] ? __pfx_task_work_run+0x10/0x10
[ 93.169161][ T6604] ? do_raw_spin_unlock+0x172/0x230
[ 93.169173][ T6604] do_exit+0x86f/0x2bf0
[ 93.169190][ T6604] ? __pfx_do_exit+0x10/0x10
[ 93.169204][ T6604] ? do_raw_spin_lock+0x12c/0x2b0
[ 93.169215][ T6604] ? get_signal+0x8f5/0x26d0
[ 93.169227][ T6604] ? rcu_is_watching+0x12/0xc0
[ 93.169240][ T6604] do_group_exit+0xd3/0x2a0
[ 93.169256][ T6604] get_signal+0x2673/0x26d0
[ 93.169271][ T6604] ? __pfx_get_signal+0x10/0x10
[ 93.169283][ T6604] ? do_futex+0x122/0x350
[ 93.169299][ T6604] ? __pfx_do_futex+0x10/0x10
[ 93.169314][ T6604] arch_do_signal_or_restart+0x8f/0x7d0
[ 93.169329][ T6604] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 93.169346][ T6604] exit_to_user_mode_loop+0x84/0x110
[ 93.169356][ T6604] do_syscall_64+0x3f6/0x4c0
[ 93.169372][ T6604] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 93.169382][ T6604] RIP: 0033:0x7fabb898e969
[ 93.169390][ T6604] Code: Unable to access opcode bytes at 0x7fabb898e93f.
[ 93.169395][ T6604] RSP: 002b:00007fabb97f80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 93.169405][ T6604] RAX: fffffffffffffe00 RBX: 00007fabb8bb5fa8 RCX: 00007fabb898e969
[ 93.169411][ T6604] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabb8bb5fa8
[ 93.169417][ T6604] RBP: 00007fabb8bb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 93.169424][ T6604] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fabb8bb5fac
[ 93.169430][ T6604] R13: 0000000000000000 R14: 00007fff6fc30d20 R15: 00007fff6fc30e08
[ 93.169438][ T6604]
[ 93.169453][ T6604] BUG: Bad page state in process syz.0.45 pfn:55e00
[ 93.281347][ T6604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x55e00
[ 93.284490][ T6604] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 93.287627][ T6604] flags: 0xfff0000000004d(locked|referenced|uptodate|head|node=0|zone=1|lastcpupid=0x7ff)
[ 93.291189][ T6604] raw: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 93.294372][ T6604] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 93.297561][ T6604] head: 00fff0000000004d dead000000000100 dead000000000122 0000000000000000
[ 93.300438][ T6604] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 93.303435][ T6604] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 93.306449][ T6604] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 93.309011][ T6604] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 93.311273][ T6604] page_owner tracks the page as allocated
[ 93.313107][ T6604] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6603, tgid 6603 (syz.0.45), ts 93099884483, free_ts 0
[ 93.319633][ T6604] post_alloc_hook+0x1c0/0x230
[ 93.321175][ T6604] get_page_from_freelist+0x132b/0x38e0
[ 93.322957][ T6604] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 93.324780][ T6604] alloc_pages_mpol+0x1fb/0x550
[ 93.326291][ T6604] folio_alloc_noprof+0x20/0x2d0
[ 93.327828][ T6604] filemap_alloc_folio_noprof+0x3a1/0x470
[ 93.329603][ T6604] page_cache_ra_order+0x4e1/0xd70
[ 93.331212][ T6604] filemap_fault+0x1b4b/0x2930
[ 93.332713][ T6604] __do_fault+0x10a/0x490
[ 93.334123][ T6604] do_pte_missing+0x1a6/0x3ba0
[ 93.335626][ T6604] __handle_mm_fault+0x152a/0x2a50
[ 93.337229][ T6604] handle_mm_fault+0x589/0xd10
[ 93.338725][ T6604] do_user_addr_fault+0x60c/0x1370
[ 93.340308][ T6604] exc_page_fault+0x5c/0xb0
[ 93.341723][ T6604] asm_exc_page_fault+0x26/0x30
[ 93.343291][ T6604] page_owner free stack trace missing
[ 93.344951][ T6604] Modules linked in:
[ 93.346197][ T6604] CPU: 3 UID: 0 PID: 6604 Comm: syz.0.45 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 93.346214][ T6604] Tainted: [B]=BAD_PAGE
[ 93.346218][ T6604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 93.346224][ T6604] Call Trace:
[ 93.346228][ T6604]
[ 93.346232][ T6604] dump_stack_lvl+0x16c/0x1f0
[ 93.346248][ T6604] bad_page+0xcf/0x220
[ 93.346259][ T6604] ? __pfx_bad_page+0x10/0x10