Warning: Permanently added '[localhost]:62842' (ED25519) to the list of known hosts.
2025/08/01 08:24:56 ignoring optional flag "sandboxArg"="0"
2025/08/01 08:24:57 parsed 1 programs
[ 69.074372][ T40] audit: type=1400 audit(1754036699.527:118): avc: denied { unlink } for pid=6271 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 70.008558][ T6271] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 71.075004][ T1426] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.077076][ T1426] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.497991][ T5311] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 71.502207][ T5311] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 71.506154][ T5311] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 71.509566][ T5311] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 71.513255][ T5311] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 71.835275][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 71.837749][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 71.843790][ T40] audit: type=1401 audit(1754036702.297:119): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 72.006375][ T846] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 72.009304][ T846] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 72.057468][ T6402] chnl_net:caif_netlink_parms(): no params data found
[ 72.191491][ T6402] bridge0: port 1(bridge_slave_0) entered blocking state
[ 72.193817][ T6402] bridge0: port 1(bridge_slave_0) entered disabled state
[ 72.196077][ T6402] bridge_slave_0: entered allmulticast mode
[ 72.198611][ T6402] bridge_slave_0: entered promiscuous mode
[ 72.218358][ T6402] bridge0: port 2(bridge_slave_1) entered blocking state
[ 72.220610][ T6402] bridge0: port 2(bridge_slave_1) entered disabled state
[ 72.222937][ T6402] bridge_slave_1: entered allmulticast mode
[ 72.225494][ T6402] bridge_slave_1: entered promiscuous mode
[ 72.270215][ T6402] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 72.291180][ T6402] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 72.353794][ T6402] team0: Port device team_slave_0 added
[ 72.361201][ T6402] team0: Port device team_slave_1 added
[ 72.403508][ T6402] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 72.405698][ T6402] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 72.414599][ T6402] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 72.424745][ T6402] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 72.427352][ T6402] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 72.436469][ T6402] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 72.518100][ T6402] hsr_slave_0: entered promiscuous mode
[ 72.520328][ T6402] hsr_slave_1: entered promiscuous mode
[ 73.248008][ T6402] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 73.256484][ T6402] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 73.260817][ T6402] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 73.264792][ T6402] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 73.301812][ T6402] 8021q: adding VLAN 0 to HW filter on device bond0
[ 73.309939][ T6402] 8021q: adding VLAN 0 to HW filter on device team0
[ 73.323294][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 73.325630][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 73.330403][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 73.333462][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 73.345524][ T6402] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 73.348948][ T6402] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 73.430065][ T6402] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 73.456696][ T6402] veth0_vlan: entered promiscuous mode
[ 73.461507][ T6402] veth1_vlan: entered promiscuous mode
[ 73.475266][ T6402] veth0_macvtap: entered promiscuous mode
[ 73.479531][ T6402] veth1_macvtap: entered promiscuous mode
[ 73.488717][ T6402] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 73.494687][ T6402] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 73.500580][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 73.504661][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 73.508949][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 73.512915][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2025/08/01 08:25:04 executed programs: 0
[ 73.584862][ T6024] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 73.590160][ T6024] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 73.597347][ T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 73.600271][ T63] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 73.610315][ T6502] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 73.611551][ T6507] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 73.616448][ T6507] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 73.616976][ T6502] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 73.619797][ T6508] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 73.619995][ T6503] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 73.620516][ T6503] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 73.624786][ T1151] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 73.626045][ T6502] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 73.629970][ T6024] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 73.637964][ T6502] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 73.640111][ T6024] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 73.643338][ T6024] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 73.646137][ T6503] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 73.647394][ T6024] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 73.649491][ T6503] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 73.651414][ T6024] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 73.741473][ T1151] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 73.816237][ T1151] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 73.866785][ T6496] chnl_net:caif_netlink_parms(): no params data found
[ 73.900007][ T1151] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 73.948707][ T6499] chnl_net:caif_netlink_parms(): no params data found
[ 74.019774][ T6496] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.023443][ T6496] bridge0: port 1(bridge_slave_0) entered disabled state
[ 74.025773][ T6496] bridge_slave_0: entered allmulticast mode
[ 74.028737][ T6496] bridge_slave_0: entered promiscuous mode
[ 74.046936][ T6509] chnl_net:caif_netlink_parms(): no params data found
[ 74.060371][ T6496] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.062465][ T6496] bridge0: port 2(bridge_slave_1) entered disabled state
[ 74.064476][ T6496] bridge_slave_1: entered allmulticast mode
[ 74.066827][ T6496] bridge_slave_1: entered promiscuous mode
[ 74.123429][ T6504] chnl_net:caif_netlink_parms(): no params data found
[ 74.131023][ T6496] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 74.169442][ T6496] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 74.231537][ T6509] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.234715][ T6509] bridge0: port 1(bridge_slave_0) entered disabled state
[ 74.237013][ T6509] bridge_slave_0: entered allmulticast mode
[ 74.239549][ T6509] bridge_slave_0: entered promiscuous mode
[ 74.255614][ T6499] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.257861][ T6499] bridge0: port 1(bridge_slave_0) entered disabled state
[ 74.260130][ T6499] bridge_slave_0: entered allmulticast mode
[ 74.262939][ T6499] bridge_slave_0: entered promiscuous mode
[ 74.278375][ T6509] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.280633][ T6509] bridge0: port 2(bridge_slave_1) entered disabled state
[ 74.283972][ T6509] bridge_slave_1: entered allmulticast mode
[ 74.286635][ T6509] bridge_slave_1: entered promiscuous mode
[ 74.303394][ T6496] team0: Port device team_slave_0 added
[ 74.305356][ T6499] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.307582][ T6499] bridge0: port 2(bridge_slave_1) entered disabled state
[ 74.309835][ T6499] bridge_slave_1: entered allmulticast mode
[ 74.312636][ T6499] bridge_slave_1: entered promiscuous mode
[ 74.349036][ T6509] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 74.353636][ T6496] team0: Port device team_slave_1 added
[ 74.405140][ T6509] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 74.426079][ T6496] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 74.428273][ T6496] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.437044][ T6496] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 74.441777][ T6499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 74.474732][ T6509] team0: Port device team_slave_0 added
[ 74.477179][ T6496] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 74.479646][ T6496] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.488934][ T6496] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 74.510369][ T6499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 74.545468][ T6504] bridge0: port 1(bridge_slave_0) entered blocking state
[ 74.547714][ T6504] bridge0: port 1(bridge_slave_0) entered disabled state
[ 74.550349][ T6504] bridge_slave_0: entered allmulticast mode
[ 74.553423][ T6504] bridge_slave_0: entered promiscuous mode
[ 74.556570][ T6504] bridge0: port 2(bridge_slave_1) entered blocking state
[ 74.558797][ T6504] bridge0: port 2(bridge_slave_1) entered disabled state
[ 74.561175][ T6504] bridge_slave_1: entered allmulticast mode
[ 74.566172][ T6504] bridge_slave_1: entered promiscuous mode
[ 74.569406][ T6509] team0: Port device team_slave_1 added
[ 74.653387][ T6496] hsr_slave_0: entered promiscuous mode
[ 74.655567][ T6496] hsr_slave_1: entered promiscuous mode
[ 74.657655][ T6496] debugfs: 'hsr0' already exists in 'hsr'
[ 74.659471][ T6496] Cannot create hsr debugfs directory
[ 74.662500][ T6499] team0: Port device team_slave_0 added
[ 74.665811][ T6499] team0: Port device team_slave_1 added
[ 74.668915][ T6504] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 74.672109][ T6509] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 74.674276][ T6509] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.682505][ T6509] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 74.686558][ T6509] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 74.688714][ T6509] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.697898][ T6509] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 74.718127][ T6504] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 74.752514][ T6504] team0: Port device team_slave_0 added
[ 74.768230][ T6499] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 74.770421][ T6499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.779087][ T6499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 74.813089][ T6504] team0: Port device team_slave_1 added
[ 74.815566][ T6499] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 74.817767][ T6499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.825751][ T6499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 74.863351][ T6509] hsr_slave_0: entered promiscuous mode
[ 74.865538][ T6509] hsr_slave_1: entered promiscuous mode
[ 74.867574][ T6509] debugfs: 'hsr0' already exists in 'hsr'
[ 74.869377][ T6509] Cannot create hsr debugfs directory
[ 74.898845][ T6504] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 74.901532][ T6504] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.911598][ T6504] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 74.919360][ T6504] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 74.921627][ T6504] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 74.930328][ T6504] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 75.096253][ T6499] hsr_slave_0: entered promiscuous mode
[ 75.098289][ T6499] hsr_slave_1: entered promiscuous mode
[ 75.100206][ T6499] debugfs: 'hsr0' already exists in 'hsr'
[ 75.102470][ T6499] Cannot create hsr debugfs directory
[ 75.121481][ T6504] hsr_slave_0: entered promiscuous mode
[ 75.123763][ T6504] hsr_slave_1: entered promiscuous mode
[ 75.125782][ T6504] debugfs: 'hsr0' already exists in 'hsr'
[ 75.127622][ T6504] Cannot create hsr debugfs directory
[ 75.632574][ T6024] Bluetooth: hci1: command tx timeout
[ 75.711916][ T6024] Bluetooth: hci0: command tx timeout
[ 75.712011][ T63] Bluetooth: hci2: command tx timeout
[ 75.722107][ T63] Bluetooth: hci3: command tx timeout
[ 76.689206][ T1151] bridge_slave_1: left allmulticast mode
[ 76.691055][ T1151] bridge_slave_1: left promiscuous mode
[ 76.693340][ T1151] bridge0: port 2(bridge_slave_1) entered disabled state
[ 76.696871][ T1151] bridge_slave_0: left allmulticast mode
[ 76.698637][ T1151] bridge_slave_0: left promiscuous mode
[ 76.700451][ T1151] bridge0: port 1(bridge_slave_0) entered disabled state
[ 76.897736][ T1151] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 76.901610][ T1151] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 76.905308][ T1151] bond0 (unregistering): Released all slaves
[ 77.049032][ T1151] hsr_slave_0: left promiscuous mode
[ 77.051346][ T1151] hsr_slave_1: left promiscuous mode
[ 77.053998][ T1151] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 77.056439][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 77.061770][ T1151] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 77.066023][ T1151] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 77.080441][ T1151] veth1_macvtap: left promiscuous mode
[ 77.082286][ T1151] veth0_macvtap: left promiscuous mode
[ 77.084079][ T1151] veth1_vlan: left promiscuous mode
[ 77.085759][ T1151] veth0_vlan: left promiscuous mode
[ 77.440541][ T1151] team0 (unregistering): Port device team_slave_1 removed
[ 77.477068][ T1151] team0 (unregistering): Port device team_slave_0 removed
[ 77.711983][ T63] Bluetooth: hci1: command tx timeout
[ 77.792343][ T63] Bluetooth: hci3: command tx timeout
[ 77.792622][ T6024] Bluetooth: hci0: command tx timeout
[ 77.802030][ T6024] Bluetooth: hci2: command tx timeout
[ 78.065929][ T6496] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 78.102567][ T6496] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 78.106603][ T6496] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 78.114799][ T6496] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 78.185081][ T6496] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.194266][ T6496] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.198802][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.201086][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.208702][ T81] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.210964][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.324432][ T6496] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 78.345735][ T6496] veth0_vlan: entered promiscuous mode
[ 78.354418][ T6496] veth1_vlan: entered promiscuous mode
[ 78.367687][ T6496] veth0_macvtap: entered promiscuous mode
[ 78.371078][ T6496] veth1_macvtap: entered promiscuous mode
[ 78.380718][ T6496] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 78.411779][ T6496] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 78.420584][ T81] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.427124][ T81] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.430382][ T81] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.472095][ T81] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 78.522925][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.525387][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.576419][ T6509] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 78.580858][ T6509] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 78.586723][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 78.592660][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 78.594216][ T6509] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 78.605190][ T6509] netdevsim netdevsim3 netdevsim3: renamed from eth3
2025/08/01 08:25:09 executed programs: 8
[ 78.628712][ T40] audit: type=1400 audit(1754036709.077:120): avc: denied { read write } for pid=6686 comm="syz.0.16" name="nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 78.637746][ T6499] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 78.638394][ T40] audit: type=1400 audit(1754036709.077:121): avc: denied { open } for pid=6686 comm="syz.0.16" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 78.648716][ T40] audit: type=1400 audit(1754036709.077:122): avc: denied { map } for pid=6686 comm="syz.0.16" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 78.653760][ T6499] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 78.658081][ T40] audit: type=1400 audit(1754036709.077:123): avc: denied { execute } for pid=6686 comm="syz.0.16" path="/dev/nullb0" dev="devtmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 78.668757][ T40] audit: type=1400 audit(1754036709.077:124): avc: denied { create } for pid=6686 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 78.674897][ T40] audit: type=1400 audit(1754036709.087:125): avc: denied { bind } for pid=6686 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 78.680957][ T40] audit: type=1400 audit(1754036709.087:126): avc: denied { write } for pid=6686 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 78.683461][ T6499] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 78.689470][ T40] audit: type=1400 audit(1754036709.087:127): avc: denied { create } for pid=6686 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 78.707661][ T6499] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 78.758397][ T6504] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 78.775205][ T6504] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 78.784797][ T6504] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 78.790514][ T6504] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 78.819023][ T6509] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.837928][ T6509] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.847987][ T6499] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.854198][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.856496][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.866086][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.868329][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.886805][ T6499] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.916527][ T1146] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.918825][ T1146] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 78.922505][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state
[ 78.924757][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 78.941495][ T6504] 8021q: adding VLAN 0 to HW filter on device bond0
[ 78.961527][ T6499] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 78.966462][ T6499] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 78.980004][ T6504] 8021q: adding VLAN 0 to HW filter on device team0
[ 78.995791][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state
[ 78.998049][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 79.007655][ T81] bridge0: port 2(bridge_slave_1) entered blocking state
[ 79.010649][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 79.080457][ T6509] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 79.108707][ T6509] veth0_vlan: entered promiscuous mode
[ 79.117295][ T6509] veth1_vlan: entered promiscuous mode
[ 79.132753][ T6499] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 79.145878][ T6509] veth0_macvtap: entered promiscuous mode
[ 79.151343][ T6509] veth1_macvtap: entered promiscuous mode
[ 79.166149][ T6509] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 79.173920][ T6509] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 79.180835][ T1151] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.186186][ T1151] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.188924][ T1151] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.197886][ T1151] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.218549][ T6499] veth0_vlan: entered promiscuous mode
[ 79.229872][ T6504] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 79.237345][ T6499] veth1_vlan: entered promiscuous mode
[ 79.256063][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.258501][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.287315][ T6499] veth0_macvtap: entered promiscuous mode
[ 79.291589][ T6499] veth1_macvtap: entered promiscuous mode
[ 79.295019][ T846] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.295758][ T6504] veth0_vlan: entered promiscuous mode
[ 79.297463][ T846] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.307897][ T6504] veth1_vlan: entered promiscuous mode
[ 79.320193][ T6499] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 79.329749][ T6499] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 79.334323][ T6504] veth0_macvtap: entered promiscuous mode
[ 79.341351][ T6504] veth1_macvtap: entered promiscuous mode
[ 79.346318][ T61] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.349257][ T61] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.360935][ T6504] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 79.365277][ T81] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.371359][ T81] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.388940][ T6504] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 79.410754][ T81] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.410832][ T846] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.413548][ T81] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.417488][ T846] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.423729][ T81] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.448518][ T81] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 79.468702][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.471221][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.516769][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.525633][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.555448][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 79.557889][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 79.798185][ T6024] Bluetooth: hci1: command tx timeout
[ 79.872331][ T6024] Bluetooth: hci3: command tx timeout
[ 79.882562][ T6024] Bluetooth: hci0: command tx timeout
[ 79.883208][ T63] Bluetooth: hci2: command tx timeout
[ 81.313369][ T59] cfg80211: failed to load regulatory.db
[ 81.461080][ T7252] BUG: Bad page state in process syz.0.240 pfn:54001
[ 81.466789][ T7252] page does not match folio
[ 81.468902][ T7252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x54001
[ 81.472137][ T7252] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 81.473913][ T40] audit: type=1400 audit(1754036711.927:128): avc: denied { read } for pid=5342 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 81.474709][ T7252] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 81.481599][ T40] audit: type=1400 audit(1754036711.927:129): avc: denied { search } for pid=5342 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 81.484884][ T7252] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 81.484893][ T7252] page dumped because: nonzero pincount
[ 81.484899][ T7252] page_owner tracks the page as allocated
[ 81.484910][ T7252] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 7256, tgid 7256 (syz.2.242), ts 81365365431, free_ts 81364209659
[ 81.484930][ T7252] post_alloc_hook+0x1c0/0x230
[ 81.484958][ T7252] get_page_from_freelist+0x132b/0x38e0
[ 81.484975][ T7252] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 81.484985][ T7252] alloc_pages_mpol+0x1fb/0x550
[ 81.484996][ T7252] folio_alloc_noprof+0x20/0x2d0
[ 81.485008][ T7252] filemap_alloc_folio_noprof+0x3a1/0x470
[ 81.485023][ T7252] page_cache_ra_order+0x4e1/0xd70
[ 81.485039][ T7252] filemap_fault+0x1b4b/0x2930
[ 81.485050][ T7252] __do_fault+0x10a/0x490
[ 81.485060][ T7252] do_pte_missing+0x1a6/0x3ba0
[ 81.485074][ T7252] __handle_mm_fault+0x152a/0x2a50
[ 81.485088][ T7252] handle_mm_fault+0x589/0xd10
[ 81.485103][ T7252] do_user_addr_fault+0x60c/0x1370
[ 81.485113][ T7252] exc_page_fault+0x5c/0xb0
[ 81.485127][ T7252] asm_exc_page_fault+0x26/0x30
[ 81.485137][ T7252] page last free pid 7227 tgid 7226 stack trace:
[ 81.485143][ T7252] free_unref_folios+0xa61/0x16b0
[ 81.485159][ T7252] folios_put_refs+0x56f/0x740
[ 81.485168][ T7252] truncate_inode_pages_range+0x311/0xe50
[ 81.485181][ T7252] blkdev_flush_mapping+0xfb/0x290
[ 81.485193][ T7252] blkdev_put_whole+0xc4/0xf0
[ 81.485204][ T7252] bdev_release+0x47e/0x6d0
[ 81.485215][ T7252] blkdev_release+0x15/0x20
[ 81.485228][ T7252] __fput+0x3ff/0xb70
[ 81.485240][ T7252] task_work_run+0x14d/0x240
[ 81.485251][ T7252] do_exit+0x86f/0x2bf0
[ 81.485265][ T7252] do_group_exit+0xd3/0x2a0
[ 81.485280][ T7252] get_signal+0x2673/0x26d0
[ 81.485292][ T7252] arch_do_signal_or_restart+0x8f/0x7d0
[ 81.485305][ T7252] exit_to_user_mode_loop+0x84/0x110
[ 81.485316][ T7252] do_syscall_64+0x3f6/0x4c0
[ 81.539769][ T7288] atomic_op ffff88802e51a998 conn xmit_atomic 0000000000000000
[ 81.539863][ T7252] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.548654][ T7290] atomic_op ffff88802e51f998 conn xmit_atomic 0000000000000000
[ 81.549444][ T7291] atomic_op ffff88802e51f198 conn xmit_atomic 0000000000000000
[ 81.550349][ T7252] Modules linked in:
[ 81.562714][ T7252] CPU: 1 UID: 0 PID: 7252 Comm: syz.0.240 Not tainted 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 81.562728][ T7252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 81.562735][ T7252] Call Trace:
[ 81.562739][ T7252]
[ 81.562759][ T7252] dump_stack_lvl+0x16c/0x1f0
[ 81.562778][ T7252] bad_page+0xcf/0x220
[ 81.562791][ T7252] ? __pfx_bad_page+0x10/0x10
[ 81.562804][ T7252] free_tail_page_prepare+0x44f/0x5b0
[ 81.562819][ T7252] __free_frozen_pages+0xbae/0x10f0
[ 81.562838][ T7252] __folio_put+0x329/0x450
[ 81.562849][ T7252] ? __pfx___folio_put+0x10/0x10
[ 81.562861][ T7252] ? find_held_lock+0x2b/0x80
[ 81.562874][ T7252] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 81.562886][ T7252] ? mark_held_locks+0x49/0x80
[ 81.562902][ T7252] filemap_free_folio+0x132/0x170
[ 81.562913][ T7252] delete_from_page_cache_batch+0x741/0x9b0
[ 81.562927][ T7252] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 81.562940][ T7252] ? __pfx_workingset_update_node+0x10/0x10
[ 81.562956][ T7252] truncate_inode_pages_range+0x279/0xe50
[ 81.562973][ T7252] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 81.563002][ T7252] ? smp_call_function_many_cond+0x1239/0x1600
[ 81.563016][ T7252] ? lockdep_hardirqs_on+0x7c/0x110
[ 81.563030][ T7252] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 81.563043][ T7252] ? on_each_cpu_cond_mask+0x40/0x90
[ 81.563055][ T7252] ? smp_call_function_many_cond+0x457/0x1600
[ 81.563081][ T7252] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 81.563093][ T7252] ? __pfx_has_bh_in_lru+0x10/0x10
[ 81.563106][ T7252] blkdev_flush_mapping+0xfb/0x290
[ 81.563118][ T7252] ? filemap_check_errors+0xa9/0x160
[ 81.563133][ T7252] blkdev_put_whole+0xc4/0xf0
[ 81.563145][ T7252] bdev_release+0x47e/0x6d0
[ 81.563160][ T7252] ? __pfx_blkdev_release+0x10/0x10
[ 81.563173][ T7252] blkdev_release+0x15/0x20
[ 81.563186][ T7252] __fput+0x3ff/0xb70
[ 81.563203][ T7252] task_work_run+0x14d/0x240
[ 81.563216][ T7252] ? __pfx_task_work_run+0x10/0x10
[ 81.563227][ T7252] ? do_raw_spin_unlock+0x172/0x230
[ 81.563241][ T7252] do_exit+0x86f/0x2bf0
[ 81.563260][ T7252] ? __pfx_do_exit+0x10/0x10
[ 81.563275][ T7252] ? do_raw_spin_lock+0x12c/0x2b0
[ 81.563285][ T7252] ? find_held_lock+0x2b/0x80
[ 81.563300][ T7252] do_group_exit+0xd3/0x2a0
[ 81.563316][ T7252] get_signal+0x2673/0x26d0
[ 81.563331][ T7252] ? __lock_acquire+0x622/0x1c90
[ 81.563349][ T7252] ? __pfx_get_signal+0x10/0x10
[ 81.563362][ T7252] ? do_futex+0x122/0x350
[ 81.563378][ T7252] ? __pfx_do_futex+0x10/0x10
[ 81.563395][ T7252] arch_do_signal_or_restart+0x8f/0x7d0
[ 81.563411][ T7252] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 81.563432][ T7252] exit_to_user_mode_loop+0x84/0x110
[ 81.563444][ T7252] do_syscall_64+0x3f6/0x4c0
[ 81.563461][ T7252] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.563471][ T7252] RIP: 0033:0x7fe3e1d8e969
[ 81.563480][ T7252] Code: Unable to access opcode bytes at 0x7fe3e1d8e93f.
[ 81.563484][ T7252] RSP: 002b:00007fe3e2b9c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 81.563494][ T7252] RAX: fffffffffffffe00 RBX: 00007fe3e1fb5fa8 RCX: 00007fe3e1d8e969
[ 81.563500][ T7252] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe3e1fb5fa8
[ 81.563507][ T7252] RBP: 00007fe3e1fb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 81.563513][ T7252] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3e1fb5fac
[ 81.563519][ T7252] R13: 0000000000000000 R14: 00007fffbd90ce80 R15: 00007fffbd90cf68
[ 81.563531][ T7252]
[ 81.563535][ T7252] Disabling lock debugging due to kernel taint
[ 81.670177][ T7252] BUG: Bad page state in process syz.0.240 pfn:54000
[ 81.673619][ T7252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54000
[ 81.676476][ T7252] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 81.679185][ T7252] flags: 0xfff1800000024d(locked|referenced|uptodate|workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 81.682839][ T7252] raw: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 81.685561][ T7252] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 81.688307][ T7252] head: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 81.691091][ T7252] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 81.694062][ T7252] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 81.696856][ T7252] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 81.699612][ T7252] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 81.702092][ T7252] page_owner tracks the page as allocated
[ 81.703917][ T7252] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 7256, tgid 7256 (syz.2.242), ts 81365365431, free_ts 81364209659
[ 81.710048][ T7252] post_alloc_hook+0x1c0/0x230
[ 81.711568][ T7252] get_page_from_freelist+0x132b/0x38e0
[ 81.713760][ T7252] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 81.715678][ T7252] alloc_pages_mpol+0x1fb/0x550
[ 81.717235][ T7252] folio_alloc_noprof+0x20/0x2d0
[ 81.718795][ T7252] filemap_alloc_folio_noprof+0x3a1/0x470
[ 81.720578][ T7252] page_cache_ra_order+0x4e1/0xd70
[ 81.723015][ T7252] filemap_fault+0x1b4b/0x2930
[ 81.724613][ T7252] __do_fault+0x10a/0x490
[ 81.726044][ T7252] do_pte_missing+0x1a6/0x3ba0
[ 81.727637][ T7252] __handle_mm_fault+0x152a/0x2a50
[ 81.729315][ T7252] handle_mm_fault+0x589/0xd10
[ 81.730872][ T7252] do_user_addr_fault+0x60c/0x1370
[ 81.732938][ T7252] exc_page_fault+0x5c/0xb0
[ 81.734381][ T7252] asm_exc_page_fault+0x26/0x30
[ 81.735924][ T7252] page last free pid 7227 tgid 7226 stack trace:
[ 81.737894][ T7252] free_unref_folios+0xa61/0x16b0
[ 81.739480][ T7252] folios_put_refs+0x56f/0x740
[ 81.740980][ T7252] truncate_inode_pages_range+0x311/0xe50
[ 81.743212][ T7252] blkdev_flush_mapping+0xfb/0x290
[ 81.744818][ T7252] blkdev_put_whole+0xc4/0xf0
[ 81.746306][ T7252] bdev_release+0x47e/0x6d0
[ 81.747738][ T7252] blkdev_release+0x15/0x20
[ 81.749165][ T7252] __fput+0x3ff/0xb70
[ 81.750425][ T7252] task_work_run+0x14d/0x240
[ 81.752009][ T7252] do_exit+0x86f/0x2bf0
[ 81.753325][ T7252] do_group_exit+0xd3/0x2a0
[ 81.754757][ T7252] get_signal+0x2673/0x26d0
[ 81.756204][ T7252] arch_do_signal_or_restart+0x8f/0x7d0
[ 81.757925][ T7252] exit_to_user_mode_loop+0x84/0x110
[ 81.759584][ T7252] do_syscall_64+0x3f6/0x4c0
[ 81.761035][ T7252] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.762994][ T7252] Modules linked in:
[ 81.764237][ T7252] CPU: 3 UID: 0 PID: 7252 Comm: syz.0.240 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 81.764254][ T7252] Tainted: [B]=BAD_PAGE
[ 81.764258][ T7252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 81.764264][ T7252] Call Trace:
[ 81.764267][ T7252]
[ 81.764271][ T7252] dump_stack_lvl+0x16c/0x1f0
[ 81.764286][ T7252] bad_page+0xcf/0x220
[ 81.764297][ T7252] ? __pfx_bad_page+0x10/0x10
[ 81.764308][ T7252] ? page_bad_reason+0x9d/0x1f0
[ 81.764320][ T7252] __free_frozen_pages+0x7f7/0x10f0
[ 81.764336][ T7252] __folio_put+0x329/0x450
[ 81.764346][ T7252] ? __pfx___folio_put+0x10/0x10
[ 81.764356][ T7252] ? find_held_lock+0x2b/0x80
[ 81.764368][ T7252] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 81.764379][ T7252] ? mark_held_locks+0x49/0x80
[ 81.764395][ T7252] filemap_free_folio+0x132/0x170
[ 81.764405][ T7252] delete_from_page_cache_batch+0x741/0x9b0
[ 81.764417][ T7252] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 81.764428][ T7252] ? __pfx_workingset_update_node+0x10/0x10
[ 81.764441][ T7252] truncate_inode_pages_range+0x279/0xe50
[ 81.764456][ T7252] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 81.764475][ T7252] ? smp_call_function_many_cond+0x1239/0x1600
[ 81.764489][ T7252] ? lockdep_hardirqs_on+0x7c/0x110
[ 81.764502][ T7252] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 81.764515][ T7252] ? on_each_cpu_cond_mask+0x40/0x90
[ 81.764527][ T7252] ? smp_call_function_many_cond+0x457/0x1600
[ 81.764545][ T7252] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 81.764556][ T7252] ? __pfx_has_bh_in_lru+0x10/0x10
[ 81.764567][ T7252] blkdev_flush_mapping+0xfb/0x290
[ 81.764579][ T7252] ? filemap_check_errors+0xa9/0x160
[ 81.764593][ T7252] blkdev_put_whole+0xc4/0xf0
[ 81.764604][ T7252] bdev_release+0x47e/0x6d0
[ 81.764617][ T7252] ? __pfx_blkdev_release+0x10/0x10
[ 81.764630][ T7252] blkdev_release+0x15/0x20
[ 81.764642][ T7252] __fput+0x3ff/0xb70
[ 81.764656][ T7252] task_work_run+0x14d/0x240
[ 81.764667][ T7252] ? __pfx_task_work_run+0x10/0x10
[ 81.764678][ T7252] ? do_raw_spin_unlock+0x172/0x230
[ 81.764689][ T7252] do_exit+0x86f/0x2bf0
[ 81.764705][ T7252] ? __pfx_do_exit+0x10/0x10
[ 81.764720][ T7252] ? do_raw_spin_lock+0x12c/0x2b0
[ 81.764730][ T7252] ? find_held_lock+0x2b/0x80
[ 81.764742][ T7252] do_group_exit+0xd3/0x2a0
[ 81.764758][ T7252] get_signal+0x2673/0x26d0
[ 81.764771][ T7252] ? __lock_acquire+0x622/0x1c90
[ 81.764787][ T7252] ? __pfx_get_signal+0x10/0x10
[ 81.764800][ T7252] ? do_futex+0x122/0x350
[ 81.764815][ T7252] ? __pfx_do_futex+0x10/0x10
[ 81.764830][ T7252] arch_do_signal_or_restart+0x8f/0x7d0
[ 81.764844][ T7252] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 81.764860][ T7252] exit_to_user_mode_loop+0x84/0x110
[ 81.764871][ T7252] do_syscall_64+0x3f6/0x4c0
[ 81.764885][ T7252] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.764895][ T7252] RIP: 0033:0x7fe3e1d8e969
[ 81.764903][ T7252] Code: Unable to access opcode bytes at 0x7fe3e1d8e93f.
[ 81.764908][ T7252] RSP: 002b:00007fe3e2b9c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 81.764917][ T7252] RAX: fffffffffffffe00 RBX: 00007fe3e1fb5fa8 RCX: 00007fe3e1d8e969
[ 81.764924][ T7252] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe3e1fb5fa8
[ 81.764930][ T7252] RBP: 00007fe3e1fb5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 81.764936][ T7252] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3e1fb5fac
[ 81.764942][ T7252] R13: 0000000000000000 R14: 00007fffbd90ce80 R15: 00007fffbd90cf68
[ 81.764951][ T7252]
[ 81.878950][ T63] Bluetooth: hci1: command tx timeout
[ 81.952303][ T63] Bluetooth: hci2: command tx timeout
[ 81.961960][ T63] Bluetooth: hci0: command tx timeout
[ 81.961988][ T6024] Bluetooth: hci3: command tx timeout
[ 82.757097][ T7640] BUG: Bad page state in process syz.2.423 pfn:34201
[ 82.759242][ T7640] page does not match folio
[ 82.760672][ T7640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x34201
[ 82.763939][ T7640] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 82.767462][ T7640] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 82.770138][ T7640] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 82.773078][ T7640] page dumped because: nonzero pincount
[ 82.774845][ T7640] page_owner tracks the page as allocated
[ 82.776620][ T7640] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 7629, tgid 7629 (syz.1.418), ts 82720041232, free_ts 82638417603
[ 82.783731][ T7640] post_alloc_hook+0x1c0/0x230
[ 82.785733][ T7640] get_page_from_freelist+0x132b/0x38e0
[ 82.787917][ T7640] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 82.790243][ T7640] alloc_pages_mpol+0x1fb/0x550
[ 82.792380][ T7640] folio_alloc_noprof+0x20/0x2d0
[ 82.794312][ T7640] filemap_alloc_folio_noprof+0x3a1/0x470
[ 82.796641][ T7640] page_cache_ra_order+0x4e1/0xd70
[ 82.798651][ T7640] filemap_fault+0x1b4b/0x2930
[ 82.800559][ T7640] __do_fault+0x10a/0x490
[ 82.802393][ T7640] do_pte_missing+0x1a6/0x3ba0
[ 82.804286][ T7640] __handle_mm_fault+0x152a/0x2a50
[ 82.806008][ T7640] handle_mm_fault+0x589/0xd10
[ 82.807564][ T7640] do_user_addr_fault+0x60c/0x1370
[ 82.809555][ T7640] exc_page_fault+0x5c/0xb0
[ 82.811063][ T7640] asm_exc_page_fault+0x26/0x30
[ 82.812697][ T7640] page last free pid 7598 tgid 7598 stack trace:
[ 82.814673][ T7640] __free_frozen_pages+0x7d5/0x10f0
[ 82.816371][ T7640] __folio_put+0x329/0x450
[ 82.817777][ T7640] page_cache_ra_order+0x8f9/0xd70
[ 82.819399][ T7640] filemap_fault+0x1b4b/0x2930
[ 82.820905][ T7640] __do_fault+0x10a/0x490
[ 82.822359][ T7640] do_pte_missing+0x1a6/0x3ba0
[ 82.823878][ T7640] __handle_mm_fault+0x152a/0x2a50
[ 82.825485][ T7640] handle_mm_fault+0x589/0xd10
[ 82.827049][ T7640] do_user_addr_fault+0x60c/0x1370
[ 82.828653][ T7640] exc_page_fault+0x5c/0xb0
[ 82.830104][ T7640] asm_exc_page_fault+0x26/0x30
[ 82.832212][ T7640] Modules linked in:
[ 82.833819][ T7640] CPU: 0 UID: 0 PID: 7640 Comm: syz.2.423 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 82.833843][ T7640] Tainted: [B]=BAD_PAGE
[ 82.833848][ T7640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 82.833858][ T7640] Call Trace:
[ 82.833863][ T7640]
[ 82.833869][ T7640] dump_stack_lvl+0x16c/0x1f0
[ 82.833892][ T7640] bad_page+0xcf/0x220
[ 82.833911][ T7640] ? __pfx_bad_page+0x10/0x10
[ 82.833928][ T7640] free_tail_page_prepare+0x44f/0x5b0
[ 82.833953][ T7640] __free_frozen_pages+0xbae/0x10f0
[ 82.833973][ T7640] __folio_put+0x329/0x450
[ 82.833983][ T7640] ? __pfx___folio_put+0x10/0x10
[ 82.833994][ T7640] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 82.834005][ T7640] ? rcu_is_watching+0x12/0xc0
[ 82.834017][ T7640] ? lock_release+0x201/0x2f0
[ 82.834034][ T7640] filemap_free_folio+0x132/0x170
[ 82.834044][ T7640] delete_from_page_cache_batch+0x741/0x9b0
[ 82.834056][ T7640] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 82.834067][ T7640] ? __pfx_workingset_update_node+0x10/0x10
[ 82.834078][ T7640] ? xas_move_index+0xb0/0x110
[ 82.834093][ T7640] truncate_inode_pages_range+0x279/0xe50
[ 82.834108][ T7640] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 82.834125][ T7640] ? rcu_is_watching+0x12/0xc0
[ 82.834137][ T7640] ? on_each_cpu_cond_mask+0x40/0x90
[ 82.834150][ T7640] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 82.834162][ T7640] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 82.834174][ T7640] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 82.834187][ T7640] ? on_each_cpu_cond_mask+0x40/0x90
[ 82.834200][ T7640] ? smp_call_function_many_cond+0x457/0x1600
[ 82.834218][ T7640] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 82.834230][ T7640] ? __pfx_has_bh_in_lru+0x10/0x10
[ 82.834241][ T7640] blkdev_flush_mapping+0xfb/0x290
[ 82.834253][ T7640] ? filemap_check_errors+0xa9/0x160
[ 82.834267][ T7640] blkdev_put_whole+0xc4/0xf0
[ 82.834278][ T7640] bdev_release+0x47e/0x6d0
[ 82.834291][ T7640] ? __pfx_blkdev_release+0x10/0x10
[ 82.834304][ T7640] blkdev_release+0x15/0x20
[ 82.834317][ T7640] __fput+0x3ff/0xb70
[ 82.834331][ T7640] task_work_run+0x14d/0x240
[ 82.834342][ T7640] ? __pfx_task_work_run+0x10/0x10
[ 82.834353][ T7640] ? do_raw_spin_unlock+0x172/0x230
[ 82.834364][ T7640] do_exit+0x86f/0x2bf0
[ 82.834380][ T7640] ? futex_private_hash_put+0x112/0x300
[ 82.834394][ T7640] ? rcu_is_watching+0x12/0xc0
[ 82.834406][ T7640] ? __pfx_do_exit+0x10/0x10
[ 82.834421][ T7640] ? do_raw_spin_lock+0x12c/0x2b0
[ 82.834431][ T7640] ? get_signal+0x8f5/0x26d0
[ 82.834443][ T7640] ? rcu_is_watching+0x12/0xc0
[ 82.834456][ T7640] do_group_exit+0xd3/0x2a0
[ 82.834471][ T7640] get_signal+0x2673/0x26d0
[ 82.834486][ T7640] ? __pfx_get_signal+0x10/0x10
[ 82.834498][ T7640] ? do_futex+0x122/0x350
[ 82.834513][ T7640] ? __pfx_do_futex+0x10/0x10
[ 82.834529][ T7640] arch_do_signal_or_restart+0x8f/0x7d0
[ 82.834543][ T7640] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 82.834560][ T7640] exit_to_user_mode_loop+0x84/0x110
[ 82.834571][ T7640] do_syscall_64+0x3f6/0x4c0
[ 82.834586][ T7640] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 82.834596][ T7640] RIP: 0033:0x7fc48bf8e969
[ 82.834604][ T7640] Code: Unable to access opcode bytes at 0x7fc48bf8e93f.
[ 82.834609][ T7640] RSP: 002b:00007fc48ce120e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 82.834618][ T7640] RAX: 0000000000000001 RBX: 00007fc48c1b5fa8 RCX: 00007fc48bf8e969
[ 82.834625][ T7640] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc48c1b5fac
[ 82.834631][ T7640] RBP: 00007fc48c1b5fa0 R08: 00007fc48ce13000 R09: 0000000000000000
[ 82.834637][ T7640] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fc48c1b5fac
[ 82.834643][ T7640] R13: 0000000000000000 R14: 00007ffea7a6a3c0 R15: 00007ffea7a6a4a8
[ 82.834652][ T7640]
[ 82.834667][ T7640] BUG: Bad page state in process syz.2.423 pfn:34200
[ 82.853973][ T7652] atomic_op ffff88802d5a2198 conn xmit_atomic 0000000000000000
[ 82.854315][ T7640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x34200
[ 82.854327][ T7640] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 82.854335][ T7640] flags: 0xfff1800000024d(locked|referenced|uptodate|workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 82.854413][ T7653] atomic_op ffff88802c291998 conn xmit_atomic 0000000000000000
[ 82.855519][ T7654] atomic_op ffff88804f1fb998 conn xmit_atomic 0000000000000000
[ 82.967878][ T7640] raw: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 82.970693][ T7640] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 82.973497][ T7640] head: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 82.976225][ T7640] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 82.978944][ T7640] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 82.981714][ T7640] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 82.984496][ T7640] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 82.986795][ T7640] page_owner tracks the page as allocated
[ 82.988591][ T7640] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 7629, tgid 7629 (syz.1.418), ts 82720041232, free_ts 82638417603
[ 82.995020][ T7640] post_alloc_hook+0x1c0/0x230
[ 82.996573][ T7640] get_page_from_freelist+0x132b/0x38e0
[ 82.998335][ T7640] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 83.000207][ T7640] alloc_pages_mpol+0x1fb/0x550
[ 83.001762][ T7640] folio_alloc_noprof+0x20/0x2d0
[ 83.003687][ T7640] filemap_alloc_folio_noprof+0x3a1/0x470
[ 83.005555][ T7640] page_cache_ra_order+0x4e1/0xd70
[ 83.007191][ T7640] filemap_fault+0x1b4b/0x2930
[ 83.008718][ T7640] __do_fault+0x10a/0x490
[ 83.010261][ T7640] do_pte_missing+0x1a6/0x3ba0
[ 83.011924][ T7640] __handle_mm_fault+0x152a/0x2a50
[ 83.013834][ T7640] handle_mm_fault+0x589/0xd10
[ 83.015381][ T7640] do_user_addr_fault+0x60c/0x1370
[ 83.017067][ T7640] exc_page_fault+0x5c/0xb0
[ 83.018526][ T7640] asm_exc_page_fault+0x26/0x30
[ 83.020092][ T7640] page last free pid 7598 tgid 7598 stack trace:
[ 83.022138][ T7640] __free_frozen_pages+0x7d5/0x10f0
[ 83.023805][ T7640] __folio_put+0x329/0x450
[ 83.025232][ T7640] page_cache_ra_order+0x8f9/0xd70
[ 83.026884][ T7640] filemap_fault+0x1b4b/0x2930
[ 83.028453][ T7640] __do_fault+0x10a/0x490
[ 83.029843][ T7640] do_pte_missing+0x1a6/0x3ba0
[ 83.031375][ T7640] __handle_mm_fault+0x152a/0x2a50
[ 83.033059][ T7640] handle_mm_fault+0x589/0xd10
[ 83.034589][ T7640] do_user_addr_fault+0x60c/0x1370
[ 83.036219][ T7640] exc_page_fault+0x5c/0xb0
[ 83.037669][ T7640] asm_exc_page_fault+0x26/0x30
[ 83.039302][ T7640] Modules linked in:
[ 83.040555][ T7640] CPU: 1 UID: 0 PID: 7640 Comm: syz.2.423 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 83.040572][ T7640] Tainted: [B]=BAD_PAGE
[ 83.040575][ T7640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 83.040582][ T7640] Call Trace:
[ 83.040585][ T7640]
[ 83.040589][ T7640] dump_stack_lvl+0x16c/0x1f0
[ 83.040605][ T7640] bad_page+0xcf/0x220
[ 83.040616][ T7640] ? __pfx_bad_page+0x10/0x10
[ 83.040627][ T7640] ? page_bad_reason+0x9d/0x1f0
[ 83.040638][ T7640] __free_frozen_pages+0x7f7/0x10f0
[ 83.040655][ T7640] __folio_put+0x329/0x450
[ 83.040665][ T7640] ? __pfx___folio_put+0x10/0x10
[ 83.040675][ T7640] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 83.040686][ T7640] ? rcu_is_watching+0x12/0xc0
[ 83.040699][ T7640] ? lock_release+0x201/0x2f0
[ 83.040715][ T7640] filemap_free_folio+0x132/0x170
[ 83.040725][ T7640] delete_from_page_cache_batch+0x741/0x9b0
[ 83.040737][ T7640] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 83.040748][ T7640] ? __pfx_workingset_update_node+0x10/0x10
[ 83.040759][ T7640] ? xas_move_index+0xb0/0x110
[ 83.040774][ T7640] truncate_inode_pages_range+0x279/0xe50
[ 83.040788][ T7640] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 83.040806][ T7640] ? rcu_is_watching+0x12/0xc0
[ 83.040818][ T7640] ? on_each_cpu_cond_mask+0x40/0x90
[ 83.040830][ T7640] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 83.040843][ T7640] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.040855][ T7640] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.040867][ T7640] ? on_each_cpu_cond_mask+0x40/0x90
[ 83.040879][ T7640] ? smp_call_function_many_cond+0x457/0x1600
[ 83.040897][ T7640] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.040909][ T7640] ? __pfx_has_bh_in_lru+0x10/0x10
[ 83.040919][ T7640] blkdev_flush_mapping+0xfb/0x290
[ 83.040931][ T7640] ? filemap_check_errors+0xa9/0x160
[ 83.040946][ T7640] blkdev_put_whole+0xc4/0xf0
[ 83.040957][ T7640] bdev_release+0x47e/0x6d0
[ 83.040970][ T7640] ? __pfx_blkdev_release+0x10/0x10
[ 83.040984][ T7640] blkdev_release+0x15/0x20
[ 83.040996][ T7640] __fput+0x3ff/0xb70
[ 83.041011][ T7640] task_work_run+0x14d/0x240
[ 83.041022][ T7640] ? __pfx_task_work_run+0x10/0x10
[ 83.041033][ T7640] ? do_raw_spin_unlock+0x172/0x230
[ 83.041045][ T7640] do_exit+0x86f/0x2bf0
[ 83.041060][ T7640] ? futex_private_hash_put+0x112/0x300
[ 83.041074][ T7640] ? rcu_is_watching+0x12/0xc0
[ 83.041087][ T7640] ? __pfx_do_exit+0x10/0x10
[ 83.041101][ T7640] ? do_raw_spin_lock+0x12c/0x2b0
[ 83.041112][ T7640] ? get_signal+0x8f5/0x26d0
[ 83.041124][ T7640] ? rcu_is_watching+0x12/0xc0
[ 83.041136][ T7640] do_group_exit+0xd3/0x2a0
[ 83.041152][ T7640] get_signal+0x2673/0x26d0
[ 83.041166][ T7640] ? __pfx_get_signal+0x10/0x10
[ 83.041179][ T7640] ? do_futex+0x122/0x350
[ 83.041194][ T7640] ? __pfx_do_futex+0x10/0x10
[ 83.041209][ T7640] arch_do_signal_or_restart+0x8f/0x7d0
[ 83.041223][ T7640] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 83.041239][ T7640] exit_to_user_mode_loop+0x84/0x110
[ 83.041254][ T7640] do_syscall_64+0x3f6/0x4c0
[ 83.041269][ T7640] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 83.041279][ T7640] RIP: 0033:0x7fc48bf8e969
[ 83.041287][ T7640] Code: Unable to access opcode bytes at 0x7fc48bf8e93f.
[ 83.041291][ T7640] RSP: 002b:00007fc48ce120e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 83.041301][ T7640] RAX: 0000000000000001 RBX: 00007fc48c1b5fa8 RCX: 00007fc48bf8e969
[ 83.041307][ T7640] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc48c1b5fac
[ 83.041314][ T7640] RBP: 00007fc48c1b5fa0 R08: 00007fc48ce13000 R09: 0000000000000000
[ 83.041320][ T7640] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fc48c1b5fac
[ 83.041326][ T7640] R13: 0000000000000000 R14: 00007ffea7a6a3c0 R15: 00007ffea7a6a4a8
[ 83.041335][ T7640]
[ 83.433923][ T7746] BUG: Bad page state in process syz.1.473 pfn:44c01
[ 83.436084][ T7746] page does not match folio
[ 83.437514][ T7746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x44c01
[ 83.440614][ T7746] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 83.443147][ T7746] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 83.445830][ T7746] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 83.448480][ T7746] page dumped because: nonzero pincount
[ 83.450194][ T7746] page_owner tracks the page as allocated
[ 83.452408][ T7746] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 7743, tgid 7743 (syz.0.472), ts 83387564019, free_ts 70225056965
[ 83.458536][ T7746] post_alloc_hook+0x1c0/0x230
[ 83.460048][ T7746] get_page_from_freelist+0x132b/0x38e0
[ 83.461787][ T7746] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 83.463767][ T7746] alloc_pages_mpol+0x1fb/0x550
[ 83.465315][ T7746] folio_alloc_noprof+0x20/0x2d0
[ 83.466881][ T7746] filemap_alloc_folio_noprof+0x3a1/0x470
[ 83.468662][ T7746] page_cache_ra_order+0x4e1/0xd70
[ 83.470262][ T7746] filemap_fault+0x1b4b/0x2930
[ 83.471777][ T7746] __do_fault+0x10a/0x490
[ 83.473346][ T7746] do_pte_missing+0x1a6/0x3ba0
[ 83.474864][ T7746] __handle_mm_fault+0x152a/0x2a50
[ 83.476470][ T7746] handle_mm_fault+0x589/0xd10
[ 83.477983][ T7746] do_user_addr_fault+0x60c/0x1370
[ 83.479618][ T7746] exc_page_fault+0x5c/0xb0
[ 83.481049][ T7746] asm_exc_page_fault+0x26/0x30
[ 83.482667][ T7746] page last free pid 6271 tgid 6271 stack trace:
[ 83.484635][ T7746] free_unref_folios+0xa61/0x16b0
[ 83.486229][ T7746] folios_put_refs+0x56f/0x740
[ 83.487732][ T7746] free_pages_and_swap_cache+0x245/0x4a0
[ 83.489498][ T7746] __tlb_batch_free_encoded_pages+0xf9/0x290
[ 83.491375][ T7746] tlb_finish_mmu+0x168/0x7c0
[ 83.492940][ T7746] vms_clear_ptes+0x55e/0x770
[ 83.494425][ T7746] vms_complete_munmap_vmas+0x1ca/0x970
[ 83.496167][ T7746] do_vmi_align_munmap+0x43b/0x7d0
[ 83.497768][ T7746] do_vmi_munmap+0x204/0x3e0
[ 83.499239][ T7746] __vm_munmap+0x19a/0x390
[ 83.500631][ T7746] __x64_sys_munmap+0x59/0x80
[ 83.502222][ T7746] do_syscall_64+0xcd/0x4c0
[ 83.503694][ T7746] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 83.505559][ T7746] Modules linked in:
[ 83.506814][ T7746] CPU: 0 UID: 0 PID: 7746 Comm: syz.1.473 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 83.506830][ T7746] Tainted: [B]=BAD_PAGE
[ 83.506834][ T7746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 83.506840][ T7746] Call Trace:
[ 83.506844][ T7746]
[ 83.506848][ T7746] dump_stack_lvl+0x16c/0x1f0
[ 83.506863][ T7746] bad_page+0xcf/0x220
[ 83.506874][ T7746] ? __pfx_bad_page+0x10/0x10
[ 83.506886][ T7746] free_tail_page_prepare+0x44f/0x5b0
[ 83.506899][ T7746] __free_frozen_pages+0xbae/0x10f0
[ 83.506915][ T7746] __folio_put+0x329/0x450
[ 83.506925][ T7746] ? __pfx___folio_put+0x10/0x10
[ 83.506936][ T7746] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 83.506947][ T7746] ? rcu_is_watching+0x12/0xc0
[ 83.506960][ T7746] ? lock_release+0x201/0x2f0
[ 83.506976][ T7746] filemap_free_folio+0x132/0x170
[ 83.506986][ T7746] delete_from_page_cache_batch+0x741/0x9b0
[ 83.506999][ T7746] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 83.507010][ T7746] ? __pfx_workingset_update_node+0x10/0x10
[ 83.507021][ T7746] ? xas_move_index+0xb0/0x110
[ 83.507036][ T7746] truncate_inode_pages_range+0x279/0xe50
[ 83.507050][ T7746] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 83.507067][ T7746] ? rcu_is_watching+0x12/0xc0
[ 83.507079][ T7746] ? on_each_cpu_cond_mask+0x40/0x90
[ 83.507092][ T7746] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 83.507104][ T7746] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.507116][ T7746] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.507128][ T7746] ? on_each_cpu_cond_mask+0x40/0x90
[ 83.507140][ T7746] ? smp_call_function_many_cond+0x457/0x1600
[ 83.507158][ T7746] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.507170][ T7746] ? __pfx_has_bh_in_lru+0x10/0x10
[ 83.507181][ T7746] blkdev_flush_mapping+0xfb/0x290
[ 83.507194][ T7746] blkdev_put_whole+0xc4/0xf0
[ 83.507205][ T7746] bdev_release+0x47e/0x6d0
[ 83.507221][ T7746] ? __pfx_blkdev_release+0x10/0x10
[ 83.507234][ T7746] blkdev_release+0x15/0x20
[ 83.507247][ T7746] __fput+0x3ff/0xb70
[ 83.507261][ T7746] task_work_run+0x14d/0x240
[ 83.507272][ T7746] ? __pfx_task_work_run+0x10/0x10
[ 83.507283][ T7746] ? do_raw_spin_unlock+0x172/0x230
[ 83.507294][ T7746] do_exit+0x86f/0x2bf0
[ 83.507311][ T7746] ? __pfx_do_exit+0x10/0x10
[ 83.507325][ T7746] ? preempt_schedule_thunk+0x16/0x30
[ 83.507341][ T7746] do_group_exit+0xd3/0x2a0
[ 83.507357][ T7746] __x64_sys_exit_group+0x3e/0x50
[ 83.507372][ T7746] x64_sys_call+0x14fa/0x1720
[ 83.507384][ T7746] do_syscall_64+0xcd/0x4c0
[ 83.507399][ T7746] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 83.507409][ T7746] RIP: 0033:0x7f6b4d18e969
[ 83.507417][ T7746] Code: Unable to access opcode bytes at 0x7f6b4d18e93f.
[ 83.507421][ T7746] RSP: 002b:00007ffec0d92688 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 83.507431][ T7746] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6b4d18e969
[ 83.507438][ T7746] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 83.507443][ T7746] RBP: 00007ffec0d926ec R08: 00000018c0d9277f R09: 00000000000927c0
[ 83.507450][ T7746] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000071
[ 83.507456][ T7746] R13: 00000000000927c0 R14: 0000000000014526 R15: 00007ffec0d92740
[ 83.507465][ T7746]
[ 83.507479][ T7746] BUG: Bad page state in process syz.1.473 pfn:44c00
[ 83.526614][ T7770] atomic_op ffff888036379198 conn xmit_atomic 0000000000000000
[ 83.527125][ T7746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x44c00
[ 83.534632][ T7771] atomic_op ffff88802a849198 conn xmit_atomic 0000000000000000
[ 83.535360][ T7746] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 83.541582][ T7772] atomic_op ffff88805232b198 conn xmit_atomic 0000000000000000
[ 83.542609][ T7746] flags: 0xfff1800000024d(locked|referenced|uptodate|workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 83.542627][ T7746] raw: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 83.542637][ T7746] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 83.542646][ T7746] head: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 83.542655][ T7746] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 83.542665][ T7746] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 83.542674][ T7746] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 83.542680][ T7746] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 83.542685][ T7746] page_owner tracks the page as allocated
[ 83.542689][ T7746] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 7743, tgid 7743 (syz.0.472), ts 83387564019, free_ts 70225051397
[ 83.542707][ T7746] post_alloc_hook+0x1c0/0x230
[ 83.542723][ T7746] get_page_from_freelist+0x132b/0x38e0
[ 83.542755][ T7746] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 83.542765][ T7746] alloc_pages_mpol+0x1fb/0x550
[ 83.542775][ T7746] folio_alloc_noprof+0x20/0x2d0
[ 83.542788][ T7746] filemap_alloc_folio_noprof+0x3a1/0x470
[ 83.542803][ T7746] page_cache_ra_order+0x4e1/0xd70
[ 83.542818][ T7746] filemap_fault+0x1b4b/0x2930
[ 83.664697][ T7746] __do_fault+0x10a/0x490
[ 83.666116][ T7746] do_pte_missing+0x1a6/0x3ba0
[ 83.667683][ T7746] __handle_mm_fault+0x152a/0x2a50
[ 83.669294][ T7746] handle_mm_fault+0x589/0xd10
[ 83.670803][ T7746] do_user_addr_fault+0x60c/0x1370
[ 83.672921][ T7746] exc_page_fault+0x5c/0xb0
[ 83.674366][ T7746] asm_exc_page_fault+0x26/0x30
[ 83.675920][ T7746] page last free pid 6271 tgid 6271 stack trace:
[ 83.677874][ T7746] free_unref_folios+0xa61/0x16b0
[ 83.679472][ T7746] folios_put_refs+0x56f/0x740
[ 83.680960][ T7746] free_pages_and_swap_cache+0x245/0x4a0
[ 83.682883][ T7746] __tlb_batch_free_encoded_pages+0xf9/0x290
[ 83.684759][ T7746] tlb_finish_mmu+0x168/0x7c0
[ 83.686238][ T7746] vms_clear_ptes+0x55e/0x770
[ 83.687723][ T7746] vms_complete_munmap_vmas+0x1ca/0x970
[ 83.689442][ T7746] do_vmi_align_munmap+0x43b/0x7d0
[ 83.691136][ T7746] do_vmi_munmap+0x204/0x3e0
[ 83.692756][ T7746] __vm_munmap+0x19a/0x390
[ 83.694164][ T7746] __x64_sys_munmap+0x59/0x80
[ 83.695723][ T7746] do_syscall_64+0xcd/0x4c0
[ 83.697154][ T7746] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 83.699034][ T7746] Modules linked in:
[ 83.700318][ T7746] CPU: 1 UID: 0 PID: 7746 Comm: syz.1.473 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 83.700335][ T7746] Tainted: [B]=BAD_PAGE
[ 83.700338][ T7746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 83.700344][ T7746] Call Trace:
[ 83.700348][ T7746]
[ 83.700352][ T7746] dump_stack_lvl+0x16c/0x1f0
[ 83.700368][ T7746] bad_page+0xcf/0x220
[ 83.700379][ T7746] ? __pfx_bad_page+0x10/0x10
[ 83.700390][ T7746] ? page_bad_reason+0x9d/0x1f0
[ 83.700401][ T7746] __free_frozen_pages+0x7f7/0x10f0
[ 83.700418][ T7746] __folio_put+0x329/0x450
[ 83.700428][ T7746] ? __pfx___folio_put+0x10/0x10
[ 83.700438][ T7746] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 83.700449][ T7746] ? rcu_is_watching+0x12/0xc0
[ 83.700462][ T7746] ? lock_release+0x201/0x2f0
[ 83.700478][ T7746] filemap_free_folio+0x132/0x170
[ 83.700488][ T7746] delete_from_page_cache_batch+0x741/0x9b0
[ 83.700500][ T7746] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 83.700512][ T7746] ? __pfx_workingset_update_node+0x10/0x10
[ 83.700522][ T7746] ? xas_move_index+0xb0/0x110
[ 83.700537][ T7746] truncate_inode_pages_range+0x279/0xe50
[ 83.700552][ T7746] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 83.700570][ T7746] ? rcu_is_watching+0x12/0xc0
[ 83.700581][ T7746] ? on_each_cpu_cond_mask+0x40/0x90
[ 83.700594][ T7746] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 83.700606][ T7746] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.700618][ T7746] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.700630][ T7746] ? on_each_cpu_cond_mask+0x40/0x90
[ 83.700642][ T7746] ? smp_call_function_many_cond+0x457/0x1600
[ 83.700660][ T7746] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 83.700672][ T7746] ? __pfx_has_bh_in_lru+0x10/0x10
[ 83.700683][ T7746] blkdev_flush_mapping+0xfb/0x290
[ 83.700696][ T7746] blkdev_put_whole+0xc4/0xf0
[ 83.700707][ T7746] bdev_release+0x47e/0x6d0
[ 83.700720][ T7746] ? __pfx_blkdev_release+0x10/0x10
[ 83.700733][ T7746] blkdev_release+0x15/0x20
[ 83.700746][ T7746] __fput+0x3ff/0xb70
[ 83.700760][ T7746] task_work_run+0x14d/0x240
[ 83.700772][ T7746] ? __pfx_task_work_run+0x10/0x10
[ 83.700783][ T7746] ? do_raw_spin_unlock+0x172/0x230
[ 83.700794][ T7746] do_exit+0x86f/0x2bf0
[ 83.700811][ T7746] ? __pfx_do_exit+0x10/0x10
[ 83.700826][ T7746] ? preempt_schedule_thunk+0x16/0x30
[ 83.700841][ T7746] do_group_exit+0xd3/0x2a0
[ 83.700857][ T7746] __x64_sys_exit_group+0x3e/0x50
[ 83.700873][ T7746] x64_sys_call+0x14fa/0x1720
[ 83.700884][ T7746] do_syscall_64+0xcd/0x4c0
[ 83.700899][ T7746] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 83.700909][ T7746] RIP: 0033:0x7f6b4d18e969
[ 83.700917][ T7746] Code: Unable to access opcode bytes at 0x7f6b4d18e93f.
[ 83.700922][ T7746] RSP: 002b:00007ffec0d92688 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 83.700931][ T7746] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6b4d18e969
[ 83.700938][ T7746] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 83.700944][ T7746] RBP: 00007ffec0d926ec R08: 00000018c0d9277f R09: 00000000000927c0
[ 83.700952][ T7746] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000071
[ 83.700958][ T7746] R13: 00000000000927c0 R14: 0000000000014526 R15: 00007ffec0d92740
[ 83.700967][ T7746]
2025/08/01 08:25:14 executed programs: 476
[ 84.512691][ T8050] BUG: Bad page state in process syz.0.622 pfn:54201
[ 84.514949][ T8050] page does not match folio
[ 84.516455][ T8050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x54201
[ 84.519592][ T8050] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 84.522103][ T8050] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 84.524795][ T8050] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 84.528439][ T8050] page dumped because: nonzero pincount
[ 84.530245][ T8050] page_owner tracks the page as allocated
[ 84.532149][ T8050] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 8041, tgid 8041 (syz.0.618), ts 84476647728, free_ts 83383301511
[ 84.538281][ T8050] post_alloc_hook+0x1c0/0x230
[ 84.539792][ T8050] get_page_from_freelist+0x132b/0x38e0
[ 84.541525][ T8050] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 84.543689][ T8050] alloc_pages_mpol+0x1fb/0x550
[ 84.545228][ T8050] folio_alloc_noprof+0x20/0x2d0
[ 84.546793][ T8050] filemap_alloc_folio_noprof+0x3a1/0x470
[ 84.548573][ T8050] page_cache_ra_order+0x4e1/0xd70
[ 84.550496][ T8050] filemap_fault+0x1b4b/0x2930
[ 84.552084][ T8050] __do_fault+0x10a/0x490
[ 84.553447][ T8050] do_pte_missing+0x1a6/0x3ba0
[ 84.554963][ T8050] __handle_mm_fault+0x152a/0x2a50
[ 84.556575][ T8050] handle_mm_fault+0x589/0xd10
[ 84.558083][ T8050] do_user_addr_fault+0x60c/0x1370
[ 84.559725][ T8050] exc_page_fault+0x5c/0xb0
[ 84.561160][ T8050] asm_exc_page_fault+0x26/0x30
[ 84.564290][ T8050] page last free pid 7738 tgid 7737 stack trace:
[ 84.566260][ T8050] free_unref_folios+0xa61/0x16b0
[ 84.567843][ T8050] folios_put_refs+0x56f/0x740
[ 84.569341][ T8050] truncate_inode_pages_range+0x311/0xe50
[ 84.571125][ T8050] blkdev_flush_mapping+0xfb/0x290
[ 84.572789][ T8050] blkdev_put_whole+0xc4/0xf0
[ 84.574271][ T8050] bdev_release+0x47e/0x6d0
[ 84.575705][ T8050] blkdev_release+0x15/0x20
[ 84.577142][ T8050] __fput+0x3ff/0xb70
[ 84.578410][ T8050] task_work_run+0x14d/0x240
[ 84.579886][ T8050] do_exit+0x86f/0x2bf0
[ 84.581205][ T8050] do_group_exit+0xd3/0x2a0
[ 84.582697][ T8050] get_signal+0x2673/0x26d0
[ 84.584141][ T8050] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.585868][ T8050] exit_to_user_mode_loop+0x84/0x110
[ 84.587518][ T8050] do_syscall_64+0x3f6/0x4c0
[ 84.588975][ T8050] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.590841][ T8050] Modules linked in:
[ 84.593164][ T8050] CPU: 0 UID: 0 PID: 8050 Comm: syz.0.622 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 84.593181][ T8050] Tainted: [B]=BAD_PAGE
[ 84.593185][ T8050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.593191][ T8050] Call Trace:
[ 84.593195][ T8050]
[ 84.593199][ T8050] dump_stack_lvl+0x16c/0x1f0
[ 84.593214][ T8050] bad_page+0xcf/0x220
[ 84.593240][ T8050] ? __pfx_bad_page+0x10/0x10
[ 84.593252][ T8050] free_tail_page_prepare+0x44f/0x5b0
[ 84.593266][ T8050] __free_frozen_pages+0xbae/0x10f0
[ 84.593282][ T8050] __folio_put+0x329/0x450
[ 84.593292][ T8050] ? __pfx___folio_put+0x10/0x10
[ 84.593302][ T8050] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 84.593313][ T8050] ? rcu_is_watching+0x12/0xc0
[ 84.593326][ T8050] ? lock_release+0x201/0x2f0
[ 84.593342][ T8050] filemap_free_folio+0x132/0x170
[ 84.593352][ T8050] delete_from_page_cache_batch+0x741/0x9b0
[ 84.593364][ T8050] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 84.593376][ T8050] ? __pfx_workingset_update_node+0x10/0x10
[ 84.593387][ T8050] ? xas_move_index+0xb0/0x110
[ 84.593402][ T8050] truncate_inode_pages_range+0x279/0xe50
[ 84.593416][ T8050] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.593433][ T8050] ? rcu_is_watching+0x12/0xc0
[ 84.593445][ T8050] ? on_each_cpu_cond_mask+0x40/0x90
[ 84.593458][ T8050] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 84.593470][ T8050] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.593482][ T8050] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.593494][ T8050] ? on_each_cpu_cond_mask+0x40/0x90
[ 84.593506][ T8050] ? smp_call_function_many_cond+0x457/0x1600
[ 84.593524][ T8050] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.593536][ T8050] ? __pfx_has_bh_in_lru+0x10/0x10
[ 84.593547][ T8050] blkdev_flush_mapping+0xfb/0x290
[ 84.593558][ T8050] ? filemap_check_errors+0xa9/0x160
[ 84.593573][ T8050] blkdev_put_whole+0xc4/0xf0
[ 84.593584][ T8050] bdev_release+0x47e/0x6d0
[ 84.593597][ T8050] ? __pfx_blkdev_release+0x10/0x10
[ 84.593609][ T8050] blkdev_release+0x15/0x20
[ 84.593622][ T8050] __fput+0x3ff/0xb70
[ 84.593636][ T8050] task_work_run+0x14d/0x240
[ 84.593646][ T8050] ? __pfx_task_work_run+0x10/0x10
[ 84.593657][ T8050] ? do_raw_spin_unlock+0x172/0x230
[ 84.593669][ T8050] do_exit+0x86f/0x2bf0
[ 84.593684][ T8050] ? futex_private_hash_put+0x112/0x300
[ 84.593697][ T8050] ? rcu_is_watching+0x12/0xc0
[ 84.593710][ T8050] ? __pfx_do_exit+0x10/0x10
[ 84.593725][ T8050] ? do_raw_spin_lock+0x12c/0x2b0
[ 84.593735][ T8050] ? get_signal+0x8f5/0x26d0
[ 84.593747][ T8050] ? rcu_is_watching+0x12/0xc0
[ 84.593759][ T8050] do_group_exit+0xd3/0x2a0
[ 84.593775][ T8050] get_signal+0x2673/0x26d0
[ 84.593789][ T8050] ? __pfx_get_signal+0x10/0x10
[ 84.593801][ T8050] ? do_futex+0x122/0x350
[ 84.593816][ T8050] ? __pfx_do_futex+0x10/0x10
[ 84.593832][ T8050] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.593845][ T8050] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 84.593862][ T8050] exit_to_user_mode_loop+0x84/0x110
[ 84.593872][ T8050] do_syscall_64+0x3f6/0x4c0
[ 84.593887][ T8050] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.593897][ T8050] RIP: 0033:0x7fe3e1d8e969
[ 84.593906][ T8050] Code: Unable to access opcode bytes at 0x7fe3e1d8e93f.
[ 84.593911][ T8050] RSP: 002b:00007fe3e2b9c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 84.593920][ T8050] RAX: 0000000000000001 RBX: 00007fe3e1fb5fa8 RCX: 00007fe3e1d8e969
[ 84.593926][ T8050] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe3e1fb5fac
[ 84.593937][ T8050] RBP: 00007fe3e1fb5fa0 R08: 00007fe3e2b9d000 R09: 0000000000000000
[ 84.593943][ T8050] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fe3e1fb5fac
[ 84.593950][ T8050] R13: 0000000000000000 R14: 00007fffbd90ce80 R15: 00007fffbd90cf68
[ 84.593958][ T8050]
[ 84.594016][ T8050] BUG: Bad page state in process syz.0.622 pfn:54200
[ 84.608267][ T8066] atomic_op ffff888032627998 conn xmit_atomic 0000000000000000
[ 84.608808][ T8050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x54200
[ 84.716416][ T8050] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 84.719242][ T8050] flags: 0xfff1800000024d(locked|referenced|uptodate|workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 84.722732][ T8050] raw: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 84.725406][ T8050] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.728448][ T8050] head: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 84.732173][ T8050] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.735699][ T8050] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 84.739218][ T8050] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 84.742907][ T8050] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 84.745192][ T8050] page_owner tracks the page as allocated
[ 84.746981][ T8050] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 8041, tgid 8041 (syz.0.618), ts 84476647728, free_ts 83383301511
[ 84.755735][ T8050] post_alloc_hook+0x1c0/0x230
[ 84.757745][ T8050] get_page_from_freelist+0x132b/0x38e0
[ 84.760043][ T8050] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 84.762567][ T8050] alloc_pages_mpol+0x1fb/0x550
[ 84.764597][ T8050] folio_alloc_noprof+0x20/0x2d0
[ 84.766641][ T8050] filemap_alloc_folio_noprof+0x3a1/0x470
[ 84.768983][ T8050] page_cache_ra_order+0x4e1/0xd70
[ 84.771076][ T8050] filemap_fault+0x1b4b/0x2930
[ 84.772666][ T8050] __do_fault+0x10a/0x490
[ 84.774028][ T8050] do_pte_missing+0x1a6/0x3ba0
[ 84.775549][ T8050] __handle_mm_fault+0x152a/0x2a50
[ 84.777179][ T8050] handle_mm_fault+0x589/0xd10
[ 84.778686][ T8050] do_user_addr_fault+0x60c/0x1370
[ 84.780320][ T8050] exc_page_fault+0x5c/0xb0
[ 84.781757][ T8050] asm_exc_page_fault+0x26/0x30
[ 84.784063][ T8050] page last free pid 7738 tgid 7737 stack trace:
[ 84.786114][ T8050] free_unref_folios+0xa61/0x16b0
[ 84.787737][ T8050] folios_put_refs+0x56f/0x740
[ 84.789253][ T8050] truncate_inode_pages_range+0x311/0xe50
[ 84.791048][ T8050] blkdev_flush_mapping+0xfb/0x290
[ 84.792766][ T8050] blkdev_put_whole+0xc4/0xf0
[ 84.794302][ T8050] bdev_release+0x47e/0x6d0
[ 84.795750][ T8050] blkdev_release+0x15/0x20
[ 84.797199][ T8050] __fput+0x3ff/0xb70
[ 84.798476][ T8050] task_work_run+0x14d/0x240
[ 84.799948][ T8050] do_exit+0x86f/0x2bf0
[ 84.801275][ T8050] do_group_exit+0xd3/0x2a0
[ 84.802794][ T8050] get_signal+0x2673/0x26d0
[ 84.804242][ T8050] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.805981][ T8050] exit_to_user_mode_loop+0x84/0x110
[ 84.807652][ T8050] do_syscall_64+0x3f6/0x4c0
[ 84.809118][ T8050] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.810999][ T8050] Modules linked in:
[ 84.812372][ T8050] CPU: 0 UID: 0 PID: 8050 Comm: syz.0.622 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 84.812389][ T8050] Tainted: [B]=BAD_PAGE
[ 84.812393][ T8050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 84.812399][ T8050] Call Trace:
[ 84.812403][ T8050]
[ 84.812407][ T8050] dump_stack_lvl+0x16c/0x1f0
[ 84.812423][ T8050] bad_page+0xcf/0x220
[ 84.812434][ T8050] ? __pfx_bad_page+0x10/0x10
[ 84.812445][ T8050] ? page_bad_reason+0x9d/0x1f0
[ 84.812456][ T8050] __free_frozen_pages+0x7f7/0x10f0
[ 84.812473][ T8050] __folio_put+0x329/0x450
[ 84.812483][ T8050] ? __pfx___folio_put+0x10/0x10
[ 84.812493][ T8050] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 84.812504][ T8050] ? rcu_is_watching+0x12/0xc0
[ 84.812517][ T8050] ? lock_release+0x201/0x2f0
[ 84.812533][ T8050] filemap_free_folio+0x132/0x170
[ 84.812543][ T8050] delete_from_page_cache_batch+0x741/0x9b0
[ 84.812555][ T8050] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 84.812566][ T8050] ? __pfx_workingset_update_node+0x10/0x10
[ 84.812577][ T8050] ? xas_move_index+0xb0/0x110
[ 84.812592][ T8050] truncate_inode_pages_range+0x279/0xe50
[ 84.812606][ T8050] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 84.812624][ T8050] ? rcu_is_watching+0x12/0xc0
[ 84.812635][ T8050] ? on_each_cpu_cond_mask+0x40/0x90
[ 84.812648][ T8050] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 84.812660][ T8050] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.812672][ T8050] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.812684][ T8050] ? on_each_cpu_cond_mask+0x40/0x90
[ 84.812696][ T8050] ? smp_call_function_many_cond+0x457/0x1600
[ 84.812714][ T8050] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 84.812726][ T8050] ? __pfx_has_bh_in_lru+0x10/0x10
[ 84.812737][ T8050] blkdev_flush_mapping+0xfb/0x290
[ 84.812748][ T8050] ? filemap_check_errors+0xa9/0x160
[ 84.812763][ T8050] blkdev_put_whole+0xc4/0xf0
[ 84.812774][ T8050] bdev_release+0x47e/0x6d0
[ 84.812787][ T8050] ? __pfx_blkdev_release+0x10/0x10
[ 84.812800][ T8050] blkdev_release+0x15/0x20
[ 84.812812][ T8050] __fput+0x3ff/0xb70
[ 84.812826][ T8050] task_work_run+0x14d/0x240
[ 84.812837][ T8050] ? __pfx_task_work_run+0x10/0x10
[ 84.812847][ T8050] ? do_raw_spin_unlock+0x172/0x230
[ 84.812859][ T8050] do_exit+0x86f/0x2bf0
[ 84.812874][ T8050] ? futex_private_hash_put+0x112/0x300
[ 84.812888][ T8050] ? rcu_is_watching+0x12/0xc0
[ 84.812901][ T8050] ? __pfx_do_exit+0x10/0x10
[ 84.812915][ T8050] ? do_raw_spin_lock+0x12c/0x2b0
[ 84.812925][ T8050] ? get_signal+0x8f5/0x26d0
[ 84.812937][ T8050] ? rcu_is_watching+0x12/0xc0
[ 84.812950][ T8050] do_group_exit+0xd3/0x2a0
[ 84.812966][ T8050] get_signal+0x2673/0x26d0
[ 84.812980][ T8050] ? __pfx_get_signal+0x10/0x10
[ 84.812992][ T8050] ? do_futex+0x122/0x350
[ 84.813008][ T8050] ? __pfx_do_futex+0x10/0x10
[ 84.813023][ T8050] arch_do_signal_or_restart+0x8f/0x7d0
[ 84.813037][ T8050] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 84.813053][ T8050] exit_to_user_mode_loop+0x84/0x110
[ 84.813064][ T8050] do_syscall_64+0x3f6/0x4c0
[ 84.813079][ T8050] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.813089][ T8050] RIP: 0033:0x7fe3e1d8e969
[ 84.813097][ T8050] Code: Unable to access opcode bytes at 0x7fe3e1d8e93f.
[ 84.813101][ T8050] RSP: 002b:00007fe3e2b9c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 84.813111][ T8050] RAX: 0000000000000001 RBX: 00007fe3e1fb5fa8 RCX: 00007fe3e1d8e969
[ 84.813117][ T8050] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe3e1fb5fac
[ 84.813123][ T8050] RBP: 00007fe3e1fb5fa0 R08: 00007fe3e2b9d000 R09: 0000000000000000
[ 84.813130][ T8050] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fe3e1fb5fac
[ 84.813136][ T8050] R13: 0000000000000000 R14: 00007fffbd90ce80 R15: 00007fffbd90cf68
[ 84.813145][ T8050]
[ 85.215340][ T8190] BUG: Bad page state in process syz.3.689 pfn:45201
[ 85.218006][ T8190] page does not match folio
[ 85.219704][ T8190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x45201
[ 85.222921][ T8190] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 85.225276][ T8190] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 85.227947][ T8190] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 85.230666][ T8190] page dumped because: nonzero pincount
[ 85.232659][ T8190] page_owner tracks the page as allocated
[ 85.234891][ T8190] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 8182, tgid 8182 (syz.1.685), ts 85165485623, free_ts 85164509959
[ 85.243492][ T8190] post_alloc_hook+0x1c0/0x230
[ 85.245377][ T8190] get_page_from_freelist+0x132b/0x38e0
[ 85.247588][ T8190] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 85.249948][ T8190] alloc_pages_mpol+0x1fb/0x550
[ 85.251949][ T8190] folio_alloc_noprof+0x20/0x2d0
[ 85.253866][ T8190] filemap_alloc_folio_noprof+0x3a1/0x470
[ 85.256109][ T8190] page_cache_ra_order+0x4e1/0xd70
[ 85.258140][ T8190] filemap_fault+0x1b4b/0x2930
[ 85.260044][ T8190] __do_fault+0x10a/0x490
[ 85.261761][ T8190] do_pte_missing+0x1a6/0x3ba0
[ 85.263782][ T8190] __handle_mm_fault+0x152a/0x2a50
[ 85.265786][ T8190] handle_mm_fault+0x589/0xd10
[ 85.267983][ T8190] do_user_addr_fault+0x60c/0x1370
[ 85.269967][ T8190] exc_page_fault+0x5c/0xb0
[ 85.271787][ T8190] asm_exc_page_fault+0x26/0x30
[ 85.273785][ T8190] page last free pid 8168 tgid 8168 stack trace:
[ 85.276269][ T8190] free_unref_folios+0xa61/0x16b0
[ 85.278263][ T8190] folios_put_refs+0x56f/0x740
[ 85.280166][ T8190] truncate_inode_pages_range+0x311/0xe50
[ 85.282464][ T8190] blkdev_flush_mapping+0xfb/0x290
[ 85.284469][ T8190] blkdev_put_whole+0xc4/0xf0
[ 85.286321][ T8190] bdev_release+0x47e/0x6d0
[ 85.288127][ T8190] blkdev_release+0x15/0x20
[ 85.289924][ T8190] __fput+0x3ff/0xb70
[ 85.291526][ T8190] task_work_run+0x14d/0x240
[ 85.293398][ T8190] do_exit+0x86f/0x2bf0
[ 85.295058][ T8190] do_group_exit+0xd3/0x2a0
[ 85.296873][ T8190] __x64_sys_exit_group+0x3e/0x50
[ 85.298869][ T8190] x64_sys_call+0x14fa/0x1720
[ 85.300744][ T8190] do_syscall_64+0xcd/0x4c0
[ 85.302624][ T8190] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.304991][ T8190] Modules linked in:
[ 85.306541][ T8190] CPU: 3 UID: 0 PID: 8190 Comm: syz.3.689 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 85.306557][ T8190] Tainted: [B]=BAD_PAGE
[ 85.306561][ T8190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.306568][ T8190] Call Trace:
[ 85.306572][ T8190]
[ 85.306576][ T8190] dump_stack_lvl+0x16c/0x1f0
[ 85.306591][ T8190] bad_page+0xcf/0x220
[ 85.306602][ T8190] ? __pfx_bad_page+0x10/0x10
[ 85.306614][ T8190] free_tail_page_prepare+0x44f/0x5b0
[ 85.306628][ T8190] __free_frozen_pages+0xbae/0x10f0
[ 85.306644][ T8190] __folio_put+0x329/0x450
[ 85.306655][ T8190] ? __pfx___folio_put+0x10/0x10
[ 85.306665][ T8190] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 85.306677][ T8190] ? rcu_is_watching+0x12/0xc0
[ 85.306690][ T8190] ? lock_release+0x201/0x2f0
[ 85.306706][ T8190] filemap_free_folio+0x132/0x170
[ 85.306739][ T8190] delete_from_page_cache_batch+0x741/0x9b0
[ 85.306751][ T8190] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 85.306763][ T8190] ? __pfx_workingset_update_node+0x10/0x10
[ 85.306773][ T8190] ? xas_move_index+0xb0/0x110
[ 85.306789][ T8190] truncate_inode_pages_range+0x279/0xe50
[ 85.306804][ T8190] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 85.306817][ T8190] ? rcu_is_watching+0x12/0xc0
[ 85.306829][ T8190] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 85.306845][ T8190] ? rcu_is_watching+0x12/0xc0
[ 85.306857][ T8190] ? on_each_cpu_cond_mask+0x40/0x90
[ 85.306870][ T8190] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 85.306882][ T8190] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.306894][ T8190] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.306906][ T8190] ? on_each_cpu_cond_mask+0x40/0x90
[ 85.306922][ T8190] ? smp_call_function_many_cond+0x457/0x1600
[ 85.306940][ T8190] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.306952][ T8190] ? __pfx_has_bh_in_lru+0x10/0x10
[ 85.306963][ T8190] blkdev_flush_mapping+0xfb/0x290
[ 85.306974][ T8190] ? filemap_check_errors+0xa9/0x160
[ 85.306989][ T8190] blkdev_put_whole+0xc4/0xf0
[ 85.307000][ T8190] bdev_release+0x47e/0x6d0
[ 85.307013][ T8190] ? __pfx_blkdev_release+0x10/0x10
[ 85.307026][ T8190] blkdev_release+0x15/0x20
[ 85.307039][ T8190] __fput+0x3ff/0xb70
[ 85.307052][ T8190] task_work_run+0x14d/0x240
[ 85.307063][ T8190] ? __pfx_task_work_run+0x10/0x10
[ 85.307074][ T8190] ? do_raw_spin_unlock+0x172/0x230
[ 85.307086][ T8190] do_exit+0x86f/0x2bf0
[ 85.307101][ T8190] ? futex_private_hash_put+0x112/0x300
[ 85.307115][ T8190] ? rcu_is_watching+0x12/0xc0
[ 85.307128][ T8190] ? __pfx_do_exit+0x10/0x10
[ 85.307142][ T8190] ? do_raw_spin_lock+0x12c/0x2b0
[ 85.307153][ T8190] ? get_signal+0x8f5/0x26d0
[ 85.307165][ T8190] ? rcu_is_watching+0x12/0xc0
[ 85.307180][ T8190] do_group_exit+0xd3/0x2a0
[ 85.307195][ T8190] get_signal+0x2673/0x26d0
[ 85.307210][ T8190] ? __pfx_get_signal+0x10/0x10
[ 85.307222][ T8190] ? do_futex+0x122/0x350
[ 85.307237][ T8190] ? __pfx_do_futex+0x10/0x10
[ 85.307253][ T8190] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.307267][ T8190] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 85.307284][ T8190] exit_to_user_mode_loop+0x84/0x110
[ 85.307295][ T8190] do_syscall_64+0x3f6/0x4c0
[ 85.307310][ T8190] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.307320][ T8190] RIP: 0033:0x7f7d9ef8e969
[ 85.307329][ T8190] Code: Unable to access opcode bytes at 0x7f7d9ef8e93f.
[ 85.307334][ T8190] RSP: 002b:00007f7d9fe000e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 85.307344][ T8190] RAX: 0000000000000001 RBX: 00007f7d9f1b5fa8 RCX: 00007f7d9ef8e969
[ 85.307350][ T8190] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7d9f1b5fac
[ 85.307356][ T8190] RBP: 00007f7d9f1b5fa0 R08: 00007f7d9fe01000 R09: 0000000000000000
[ 85.307363][ T8190] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f7d9f1b5fac
[ 85.307369][ T8190] R13: 0000000000000000 R14: 00007fff3b14afb0 R15: 00007fff3b14b098
[ 85.307378][ T8190]
[ 85.307393][ T8190] BUG: Bad page state in process syz.3.689 pfn:45200
[ 85.458726][ T8190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x45200
[ 85.461542][ T8190] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 85.464408][ T8190] flags: 0xfff1800000024d(locked|referenced|uptodate|workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 85.467824][ T8190] raw: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 85.470588][ T8190] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.473701][ T8190] head: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 85.476494][ T8190] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.479206][ T8190] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 85.481945][ T8190] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 85.484653][ T8190] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 85.486992][ T8190] page_owner tracks the page as allocated
[ 85.488775][ T8190] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 8182, tgid 8182 (syz.1.685), ts 85165485623, free_ts 85164509959
[ 85.495095][ T8190] post_alloc_hook+0x1c0/0x230
[ 85.496648][ T8190] get_page_from_freelist+0x132b/0x38e0
[ 85.498481][ T8190] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 85.500374][ T8190] alloc_pages_mpol+0x1fb/0x550
[ 85.501991][ T8190] folio_alloc_noprof+0x20/0x2d0
[ 85.503573][ T8190] filemap_alloc_folio_noprof+0x3a1/0x470
[ 85.505377][ T8190] page_cache_ra_order+0x4e1/0xd70
[ 85.507004][ T8190] filemap_fault+0x1b4b/0x2930
[ 85.508520][ T8190] __do_fault+0x10a/0x490
[ 85.509958][ T8190] do_pte_missing+0x1a6/0x3ba0
[ 85.511486][ T8190] __handle_mm_fault+0x152a/0x2a50
[ 85.513640][ T8190] handle_mm_fault+0x589/0xd10
[ 85.515544][ T8190] do_user_addr_fault+0x60c/0x1370
[ 85.517551][ T8190] exc_page_fault+0x5c/0xb0
[ 85.519358][ T8190] asm_exc_page_fault+0x26/0x30
[ 85.521275][ T8190] page last free pid 8168 tgid 8168 stack trace:
[ 85.523836][ T8190] free_unref_folios+0xa61/0x16b0
[ 85.525934][ T8190] folios_put_refs+0x56f/0x740
[ 85.527835][ T8190] truncate_inode_pages_range+0x311/0xe50
[ 85.530069][ T8190] blkdev_flush_mapping+0xfb/0x290
[ 85.532166][ T8190] blkdev_put_whole+0xc4/0xf0
[ 85.533999][ T8190] bdev_release+0x47e/0x6d0
[ 85.535818][ T8190] blkdev_release+0x15/0x20
[ 85.537627][ T8190] __fput+0x3ff/0xb70
[ 85.539247][ T8190] task_work_run+0x14d/0x240
[ 85.541081][ T8190] do_exit+0x86f/0x2bf0
[ 85.542818][ T8190] do_group_exit+0xd3/0x2a0
[ 85.544591][ T8190] __x64_sys_exit_group+0x3e/0x50
[ 85.546587][ T8190] x64_sys_call+0x14fa/0x1720
[ 85.548457][ T8190] do_syscall_64+0xcd/0x4c0
[ 85.550265][ T8190] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.552691][ T8190] Modules linked in:
[ 85.554243][ T8190] CPU: 3 UID: 0 PID: 8190 Comm: syz.3.689 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 85.554267][ T8190] Tainted: [B]=BAD_PAGE
[ 85.554271][ T8190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 85.554277][ T8190] Call Trace:
[ 85.554281][ T8190]
[ 85.554285][ T8190] dump_stack_lvl+0x16c/0x1f0
[ 85.554301][ T8190] bad_page+0xcf/0x220
[ 85.554312][ T8190] ? __pfx_bad_page+0x10/0x10
[ 85.554323][ T8190] ? page_bad_reason+0x9d/0x1f0
[ 85.554335][ T8190] __free_frozen_pages+0x7f7/0x10f0
[ 85.554351][ T8190] __folio_put+0x329/0x450
[ 85.554361][ T8190] ? __pfx___folio_put+0x10/0x10
[ 85.554372][ T8190] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 85.554383][ T8190] ? rcu_is_watching+0x12/0xc0
[ 85.554396][ T8190] ? lock_release+0x201/0x2f0
[ 85.554412][ T8190] filemap_free_folio+0x132/0x170
[ 85.554422][ T8190] delete_from_page_cache_batch+0x741/0x9b0
[ 85.554434][ T8190] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 85.554446][ T8190] ? __pfx_workingset_update_node+0x10/0x10
[ 85.554457][ T8190] ? xas_move_index+0xb0/0x110
[ 85.554472][ T8190] truncate_inode_pages_range+0x279/0xe50
[ 85.554487][ T8190] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 85.554500][ T8190] ? rcu_is_watching+0x12/0xc0
[ 85.554512][ T8190] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 85.554528][ T8190] ? rcu_is_watching+0x12/0xc0
[ 85.554540][ T8190] ? on_each_cpu_cond_mask+0x40/0x90
[ 85.554553][ T8190] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 85.554564][ T8190] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.554576][ T8190] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.554588][ T8190] ? on_each_cpu_cond_mask+0x40/0x90
[ 85.554600][ T8190] ? smp_call_function_many_cond+0x457/0x1600
[ 85.554618][ T8190] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 85.554630][ T8190] ? __pfx_has_bh_in_lru+0x10/0x10
[ 85.554641][ T8190] blkdev_flush_mapping+0xfb/0x290
[ 85.554653][ T8190] ? filemap_check_errors+0xa9/0x160
[ 85.554667][ T8190] blkdev_put_whole+0xc4/0xf0
[ 85.554678][ T8190] bdev_release+0x47e/0x6d0
[ 85.554691][ T8190] ? __pfx_blkdev_release+0x10/0x10
[ 85.554704][ T8190] blkdev_release+0x15/0x20
[ 85.554738][ T8190] __fput+0x3ff/0xb70
[ 85.554752][ T8190] task_work_run+0x14d/0x240
[ 85.554763][ T8190] ? __pfx_task_work_run+0x10/0x10
[ 85.554774][ T8190] ? do_raw_spin_unlock+0x172/0x230
[ 85.554786][ T8190] do_exit+0x86f/0x2bf0
[ 85.554801][ T8190] ? futex_private_hash_put+0x112/0x300
[ 85.554815][ T8190] ? rcu_is_watching+0x12/0xc0
[ 85.554828][ T8190] ? __pfx_do_exit+0x10/0x10
[ 85.554842][ T8190] ? do_raw_spin_lock+0x12c/0x2b0
[ 85.554853][ T8190] ? get_signal+0x8f5/0x26d0
[ 85.554865][ T8190] ? rcu_is_watching+0x12/0xc0
[ 85.554877][ T8190] do_group_exit+0xd3/0x2a0
[ 85.554901][ T8190] get_signal+0x2673/0x26d0
[ 85.554916][ T8190] ? __pfx_get_signal+0x10/0x10
[ 85.554928][ T8190] ? do_futex+0x122/0x350
[ 85.554944][ T8190] ? __pfx_do_futex+0x10/0x10
[ 85.554959][ T8190] arch_do_signal_or_restart+0x8f/0x7d0
[ 85.554973][ T8190] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 85.554990][ T8190] exit_to_user_mode_loop+0x84/0x110
[ 85.555000][ T8190] do_syscall_64+0x3f6/0x4c0
[ 85.555015][ T8190] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.555025][ T8190] RIP: 0033:0x7f7d9ef8e969
[ 85.555033][ T8190] Code: Unable to access opcode bytes at 0x7f7d9ef8e93f.
[ 85.555038][ T8190] RSP: 002b:00007f7d9fe000e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 85.555047][ T8190] RAX: 0000000000000001 RBX: 00007f7d9f1b5fa8 RCX: 00007f7d9ef8e969
[ 85.555054][ T8190] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7d9f1b5fac
[ 85.555060][ T8190] RBP: 00007f7d9f1b5fa0 R08: 00007f7d9fe01000 R09: 0000000000000000
[ 85.555066][ T8190] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f7d9f1b5fac
[ 85.555073][ T8190] R13: 0000000000000000 R14: 00007fff3b14afb0 R15: 00007fff3b14b098
[ 85.555082][ T8190]
[ 86.612726][ T8554] BUG: Bad page state in process syz.3.868 pfn:42401
[ 86.615369][ T8554] page does not match folio
[ 86.617171][ T8554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x42401
[ 86.621072][ T8554] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 86.624369][ T8554] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 86.627035][ T8554] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.629685][ T8554] page dumped because: nonzero pincount
[ 86.631402][ T8554] page_owner tracks the page as allocated
[ 86.633847][ T8554] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 8537, tgid 8537 (syz.3.863), ts 86569854405, free_ts 86455901307
[ 86.640014][ T8554] post_alloc_hook+0x1c0/0x230
[ 86.641521][ T8554] get_page_from_freelist+0x132b/0x38e0
[ 86.643373][ T8554] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.645228][ T8554] alloc_pages_mpol+0x1fb/0x550
[ 86.646753][ T8554] folio_alloc_noprof+0x20/0x2d0
[ 86.648300][ T8554] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.650084][ T8554] page_cache_ra_order+0x4e1/0xd70
[ 86.651696][ T8554] filemap_fault+0x1b4b/0x2930
[ 86.653275][ T8554] __do_fault+0x10a/0x490
[ 86.654643][ T8554] do_pte_missing+0x1a6/0x3ba0
[ 86.656160][ T8554] __handle_mm_fault+0x152a/0x2a50
[ 86.657753][ T8554] handle_mm_fault+0x589/0xd10
[ 86.659264][ T8554] do_user_addr_fault+0x60c/0x1370
[ 86.660857][ T8554] exc_page_fault+0x5c/0xb0
[ 86.662348][ T8554] asm_exc_page_fault+0x26/0x30
[ 86.663893][ T8554] page last free pid 8492 tgid 8491 stack trace:
[ 86.665857][ T8554] free_unref_folios+0xa61/0x16b0
[ 86.667439][ T8554] folios_put_refs+0x56f/0x740
[ 86.668930][ T8554] truncate_inode_pages_range+0x311/0xe50
[ 86.670710][ T8554] blkdev_flush_mapping+0xfb/0x290
[ 86.672404][ T8554] blkdev_put_whole+0xc4/0xf0
[ 86.673891][ T8554] bdev_release+0x47e/0x6d0
[ 86.675340][ T8554] blkdev_release+0x15/0x20
[ 86.676769][ T8554] __fput+0x3ff/0xb70
[ 86.678021][ T8554] task_work_run+0x14d/0x240
[ 86.679469][ T8554] do_exit+0x86f/0x2bf0
[ 86.680775][ T8554] do_group_exit+0xd3/0x2a0
[ 86.682244][ T8554] get_signal+0x2673/0x26d0
[ 86.683711][ T8554] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.685443][ T8554] exit_to_user_mode_loop+0x84/0x110
[ 86.687085][ T8554] do_syscall_64+0x3f6/0x4c0
[ 86.688528][ T8554] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.690384][ T8554] Modules linked in:
[ 86.691619][ T8554] CPU: 2 UID: 0 PID: 8554 Comm: syz.3.868 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 86.691636][ T8554] Tainted: [B]=BAD_PAGE
[ 86.691640][ T8554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.691647][ T8554] Call Trace:
[ 86.691652][ T8554]
[ 86.691655][ T8554] dump_stack_lvl+0x16c/0x1f0
[ 86.691671][ T8554] bad_page+0xcf/0x220
[ 86.691683][ T8554] ? __pfx_bad_page+0x10/0x10
[ 86.691695][ T8554] free_tail_page_prepare+0x44f/0x5b0
[ 86.691709][ T8554] __free_frozen_pages+0xbae/0x10f0
[ 86.691725][ T8554] __folio_put+0x329/0x450
[ 86.691735][ T8554] ? __pfx___folio_put+0x10/0x10
[ 86.691746][ T8554] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 86.691758][ T8554] ? rcu_is_watching+0x12/0xc0
[ 86.691770][ T8554] ? lock_release+0x201/0x2f0
[ 86.691786][ T8554] filemap_free_folio+0x132/0x170
[ 86.691797][ T8554] delete_from_page_cache_batch+0x741/0x9b0
[ 86.691809][ T8554] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 86.691832][ T8554] ? __pfx_workingset_update_node+0x10/0x10
[ 86.691844][ T8554] ? xas_move_index+0xb0/0x110
[ 86.691859][ T8554] truncate_inode_pages_range+0x279/0xe50
[ 86.691874][ T8554] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 86.691887][ T8554] ? rcu_is_watching+0x12/0xc0
[ 86.691899][ T8554] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 86.691915][ T8554] ? rcu_is_watching+0x12/0xc0
[ 86.691927][ T8554] ? on_each_cpu_cond_mask+0x40/0x90
[ 86.691940][ T8554] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 86.691951][ T8554] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.691963][ T8554] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.691976][ T8554] ? on_each_cpu_cond_mask+0x40/0x90
[ 86.691988][ T8554] ? smp_call_function_many_cond+0x457/0x1600
[ 86.692006][ T8554] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.692018][ T8554] ? __pfx_has_bh_in_lru+0x10/0x10
[ 86.692029][ T8554] blkdev_flush_mapping+0xfb/0x290
[ 86.692041][ T8554] ? filemap_check_errors+0xa9/0x160
[ 86.692055][ T8554] blkdev_put_whole+0xc4/0xf0
[ 86.692067][ T8554] bdev_release+0x47e/0x6d0
[ 86.692080][ T8554] ? __pfx_blkdev_release+0x10/0x10
[ 86.692093][ T8554] blkdev_release+0x15/0x20
[ 86.692105][ T8554] __fput+0x3ff/0xb70
[ 86.692120][ T8554] task_work_run+0x14d/0x240
[ 86.692131][ T8554] ? __pfx_task_work_run+0x10/0x10
[ 86.692142][ T8554] ? do_raw_spin_unlock+0x172/0x230
[ 86.692157][ T8554] do_exit+0x86f/0x2bf0
[ 86.692172][ T8554] ? futex_private_hash_put+0x112/0x300
[ 86.692186][ T8554] ? rcu_is_watching+0x12/0xc0
[ 86.692199][ T8554] ? __pfx_do_exit+0x10/0x10
[ 86.692213][ T8554] ? do_raw_spin_lock+0x12c/0x2b0
[ 86.692224][ T8554] ? get_signal+0x8f5/0x26d0
[ 86.692236][ T8554] ? rcu_is_watching+0x12/0xc0
[ 86.692248][ T8554] do_group_exit+0xd3/0x2a0
[ 86.692264][ T8554] get_signal+0x2673/0x26d0
[ 86.692278][ T8554] ? __pfx_get_signal+0x10/0x10
[ 86.692293][ T8554] ? do_futex+0x122/0x350
[ 86.692316][ T8554] ? __pfx_do_futex+0x10/0x10
[ 86.692336][ T8554] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.692349][ T8554] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.692365][ T8554] exit_to_user_mode_loop+0x84/0x110
[ 86.692376][ T8554] do_syscall_64+0x3f6/0x4c0
[ 86.692391][ T8554] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.692402][ T8554] RIP: 0033:0x7f7d9ef8e969
[ 86.692410][ T8554] Code: Unable to access opcode bytes at 0x7f7d9ef8e93f.
[ 86.692414][ T8554] RSP: 002b:00007f7d9fe000e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.692424][ T8554] RAX: 0000000000000001 RBX: 00007f7d9f1b5fa8 RCX: 00007f7d9ef8e969
[ 86.692431][ T8554] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7d9f1b5fac
[ 86.692437][ T8554] RBP: 00007f7d9f1b5fa0 R08: 00007f7d9fe01000 R09: 0000000000000000
[ 86.692443][ T8554] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f7d9f1b5fac
[ 86.692450][ T8554] R13: 0000000000000000 R14: 00007fff3b14afb0 R15: 00007fff3b14b098
[ 86.692459][ T8554]
[ 86.732635][ T8571] rds_sendmsg: 5 callbacks suppressed
[ 86.732645][ T8571] atomic_op ffff888032620198 conn xmit_atomic 0000000000000000
[ 86.732774][ T8570] atomic_op ffff888052763198 conn xmit_atomic 0000000000000000
[ 86.734305][ T8572] atomic_op ffff888032a41998 conn xmit_atomic 0000000000000000
[ 86.735347][ T8554] BUG: Bad page state in process syz.3.868 pfn:42400
[ 86.735356][ T8554] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x42400
[ 86.823361][ T8554] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 86.826045][ T8554] flags: 0xfff1800000024d(locked|referenced|uptodate|workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 86.829391][ T8554] raw: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 86.832396][ T8554] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.835206][ T8554] head: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 86.837903][ T8554] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.840598][ T8554] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 86.843550][ T8554] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 86.846242][ T8554] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 86.848497][ T8554] page_owner tracks the page as allocated
[ 86.850273][ T8554] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 8537, tgid 8537 (syz.3.863), ts 86569854405, free_ts 86455901307
[ 86.856649][ T8554] post_alloc_hook+0x1c0/0x230
[ 86.858169][ T8554] get_page_from_freelist+0x132b/0x38e0
[ 86.859916][ T8554] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 86.861761][ T8554] alloc_pages_mpol+0x1fb/0x550
[ 86.863695][ T8554] folio_alloc_noprof+0x20/0x2d0
[ 86.865275][ T8554] filemap_alloc_folio_noprof+0x3a1/0x470
[ 86.867049][ T8554] page_cache_ra_order+0x4e1/0xd70
[ 86.868639][ T8554] filemap_fault+0x1b4b/0x2930
[ 86.870147][ T8554] __do_fault+0x10a/0x490
[ 86.871510][ T8554] do_pte_missing+0x1a6/0x3ba0
[ 86.873089][ T8554] __handle_mm_fault+0x152a/0x2a50
[ 86.874716][ T8554] handle_mm_fault+0x589/0xd10
[ 86.876225][ T8554] do_user_addr_fault+0x60c/0x1370
[ 86.877807][ T8554] exc_page_fault+0x5c/0xb0
[ 86.879262][ T8554] asm_exc_page_fault+0x26/0x30
[ 86.880780][ T8554] page last free pid 8492 tgid 8491 stack trace:
[ 86.882807][ T8554] free_unref_folios+0xa61/0x16b0
[ 86.884402][ T8554] folios_put_refs+0x56f/0x740
[ 86.885892][ T8554] truncate_inode_pages_range+0x311/0xe50
[ 86.887658][ T8554] blkdev_flush_mapping+0xfb/0x290
[ 86.889299][ T8554] blkdev_put_whole+0xc4/0xf0
[ 86.890777][ T8554] bdev_release+0x47e/0x6d0
[ 86.892296][ T8554] blkdev_release+0x15/0x20
[ 86.893753][ T8554] __fput+0x3ff/0xb70
[ 86.895039][ T8554] task_work_run+0x14d/0x240
[ 86.896493][ T8554] do_exit+0x86f/0x2bf0
[ 86.897799][ T8554] do_group_exit+0xd3/0x2a0
[ 86.899234][ T8554] get_signal+0x2673/0x26d0
[ 86.900652][ T8554] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.902435][ T8554] exit_to_user_mode_loop+0x84/0x110
[ 86.904118][ T8554] do_syscall_64+0x3f6/0x4c0
[ 86.905570][ T8554] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.907442][ T8554] Modules linked in:
[ 86.908677][ T8554] CPU: 2 UID: 0 PID: 8554 Comm: syz.3.868 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 86.908693][ T8554] Tainted: [B]=BAD_PAGE
[ 86.908697][ T8554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 86.908703][ T8554] Call Trace:
[ 86.908707][ T8554]
[ 86.908711][ T8554] dump_stack_lvl+0x16c/0x1f0
[ 86.908727][ T8554] bad_page+0xcf/0x220
[ 86.908738][ T8554] ? __pfx_bad_page+0x10/0x10
[ 86.908749][ T8554] ? page_bad_reason+0x9d/0x1f0
[ 86.908760][ T8554] __free_frozen_pages+0x7f7/0x10f0
[ 86.908777][ T8554] __folio_put+0x329/0x450
[ 86.908787][ T8554] ? __pfx___folio_put+0x10/0x10
[ 86.908798][ T8554] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 86.908809][ T8554] ? rcu_is_watching+0x12/0xc0
[ 86.908822][ T8554] ? lock_release+0x201/0x2f0
[ 86.908838][ T8554] filemap_free_folio+0x132/0x170
[ 86.908848][ T8554] delete_from_page_cache_batch+0x741/0x9b0
[ 86.908860][ T8554] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 86.908872][ T8554] ? __pfx_workingset_update_node+0x10/0x10
[ 86.908883][ T8554] ? xas_move_index+0xb0/0x110
[ 86.908898][ T8554] truncate_inode_pages_range+0x279/0xe50
[ 86.908913][ T8554] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 86.908926][ T8554] ? rcu_is_watching+0x12/0xc0
[ 86.908938][ T8554] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 86.908954][ T8554] ? rcu_is_watching+0x12/0xc0
[ 86.908966][ T8554] ? on_each_cpu_cond_mask+0x40/0x90
[ 86.908979][ T8554] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 86.908990][ T8554] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.909002][ T8554] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.909014][ T8554] ? on_each_cpu_cond_mask+0x40/0x90
[ 86.909027][ T8554] ? smp_call_function_many_cond+0x457/0x1600
[ 86.909045][ T8554] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 86.909057][ T8554] ? __pfx_has_bh_in_lru+0x10/0x10
[ 86.909068][ T8554] blkdev_flush_mapping+0xfb/0x290
[ 86.909080][ T8554] ? filemap_check_errors+0xa9/0x160
[ 86.909095][ T8554] blkdev_put_whole+0xc4/0xf0
[ 86.909106][ T8554] bdev_release+0x47e/0x6d0
[ 86.909119][ T8554] ? __pfx_blkdev_release+0x10/0x10
[ 86.909132][ T8554] blkdev_release+0x15/0x20
[ 86.909144][ T8554] __fput+0x3ff/0xb70
[ 86.909162][ T8554] task_work_run+0x14d/0x240
[ 86.909174][ T8554] ? __pfx_task_work_run+0x10/0x10
[ 86.909185][ T8554] ? do_raw_spin_unlock+0x172/0x230
[ 86.909196][ T8554] do_exit+0x86f/0x2bf0
[ 86.909211][ T8554] ? futex_private_hash_put+0x112/0x300
[ 86.909225][ T8554] ? rcu_is_watching+0x12/0xc0
[ 86.909238][ T8554] ? __pfx_do_exit+0x10/0x10
[ 86.909253][ T8554] ? do_raw_spin_lock+0x12c/0x2b0
[ 86.909263][ T8554] ? get_signal+0x8f5/0x26d0
[ 86.909275][ T8554] ? rcu_is_watching+0x12/0xc0
[ 86.909288][ T8554] do_group_exit+0xd3/0x2a0
[ 86.909303][ T8554] get_signal+0x2673/0x26d0
[ 86.909318][ T8554] ? __pfx_get_signal+0x10/0x10
[ 86.909330][ T8554] ? do_futex+0x122/0x350
[ 86.909346][ T8554] ? __pfx_do_futex+0x10/0x10
[ 86.909362][ T8554] arch_do_signal_or_restart+0x8f/0x7d0
[ 86.909376][ T8554] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 86.909392][ T8554] exit_to_user_mode_loop+0x84/0x110
[ 86.909403][ T8554] do_syscall_64+0x3f6/0x4c0
[ 86.909418][ T8554] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 86.909428][ T8554] RIP: 0033:0x7f7d9ef8e969
[ 86.909436][ T8554] Code: Unable to access opcode bytes at 0x7f7d9ef8e93f.
[ 86.909441][ T8554] RSP: 002b:00007f7d9fe000e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 86.909451][ T8554] RAX: 0000000000000001 RBX: 00007f7d9f1b5fa8 RCX: 00007f7d9ef8e969
[ 86.909457][ T8554] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7d9f1b5fac
[ 86.909464][ T8554] RBP: 00007f7d9f1b5fa0 R08: 00007f7d9fe01000 R09: 0000000000000000
[ 86.909470][ T8554] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f7d9f1b5fac
[ 86.909476][ T8554] R13: 0000000000000000 R14: 00007fff3b14afb0 R15: 00007fff3b14b098
[ 86.909485][ T8554]
[ 87.968248][ T8942] BUG: Bad page state in process syz.0.1059 pfn:50401
[ 87.970427][ T8942] page does not match folio
[ 87.977562][ T8942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x50401
[ 87.980730][ T8942] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 87.984025][ T8942] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 87.986680][ T8942] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 87.989732][ T8942] page dumped because: nonzero pincount
[ 87.991480][ T8942] page_owner tracks the page as allocated
[ 87.996495][ T8942] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 8919, tgid 8919 (syz.0.1048), ts 87923177803, free_ts 87879417657
[ 88.003713][ T8942] post_alloc_hook+0x1c0/0x230
[ 88.005624][ T8942] get_page_from_freelist+0x132b/0x38e0
[ 88.007778][ T8942] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.010112][ T8942] alloc_pages_mpol+0x1fb/0x550
[ 88.012116][ T8942] folio_alloc_noprof+0x20/0x2d0
[ 88.014178][ T8942] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.016462][ T8942] page_cache_ra_order+0x4e1/0xd70
[ 88.018482][ T8942] filemap_fault+0x1b4b/0x2930
[ 88.020526][ T8942] __do_fault+0x10a/0x490
[ 88.024263][ T8942] do_pte_missing+0x1a6/0x3ba0
[ 88.025839][ T8942] __handle_mm_fault+0x152a/0x2a50
[ 88.027534][ T8942] handle_mm_fault+0x589/0xd10
[ 88.029053][ T8942] do_user_addr_fault+0x60c/0x1370
[ 88.030681][ T8942] exc_page_fault+0x5c/0xb0
[ 88.032652][ T8942] asm_exc_page_fault+0x26/0x30
[ 88.034209][ T8942] page last free pid 8898 tgid 8897 stack trace:
[ 88.036265][ T8942] free_unref_folios+0xa61/0x16b0
[ 88.037854][ T8942] folios_put_refs+0x56f/0x740
[ 88.039394][ T8942] truncate_inode_pages_range+0x311/0xe50
[ 88.041190][ T8942] blkdev_flush_mapping+0xfb/0x290
[ 88.042859][ T8942] blkdev_put_whole+0xc4/0xf0
[ 88.044344][ T8942] bdev_release+0x47e/0x6d0
[ 88.045776][ T8942] blkdev_release+0x15/0x20
[ 88.047446][ T8942] __fput+0x3ff/0xb70
[ 88.048896][ T8942] task_work_run+0x14d/0x240
[ 88.050703][ T8942] do_exit+0x86f/0x2bf0
[ 88.052107][ T8942] do_group_exit+0xd3/0x2a0
[ 88.053553][ T8942] get_signal+0x2673/0x26d0
[ 88.055010][ T8942] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.056762][ T8942] exit_to_user_mode_loop+0x84/0x110
[ 88.058476][ T8942] do_syscall_64+0x3f6/0x4c0
[ 88.059957][ T8942] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.061925][ T8942] Modules linked in:
[ 88.063183][ T8942] CPU: 3 UID: 0 PID: 8942 Comm: syz.0.1059 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.063201][ T8942] Tainted: [B]=BAD_PAGE
[ 88.063204][ T8942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.063211][ T8942] Call Trace:
[ 88.063215][ T8942]
[ 88.063219][ T8942] dump_stack_lvl+0x16c/0x1f0
[ 88.063235][ T8942] bad_page+0xcf/0x220
[ 88.063247][ T8942] ? __pfx_bad_page+0x10/0x10
[ 88.063258][ T8942] free_tail_page_prepare+0x44f/0x5b0
[ 88.063273][ T8942] __free_frozen_pages+0xbae/0x10f0
[ 88.063289][ T8942] __folio_put+0x329/0x450
[ 88.063299][ T8942] ? __pfx___folio_put+0x10/0x10
[ 88.063310][ T8942] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.063321][ T8942] ? rcu_is_watching+0x12/0xc0
[ 88.063334][ T8942] ? lock_release+0x201/0x2f0
[ 88.063350][ T8942] filemap_free_folio+0x132/0x170
[ 88.063360][ T8942] delete_from_page_cache_batch+0x741/0x9b0
[ 88.063373][ T8942] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.063385][ T8942] ? __pfx_workingset_update_node+0x10/0x10
[ 88.063395][ T8942] ? xas_move_index+0xb0/0x110
[ 88.063411][ T8942] truncate_inode_pages_range+0x279/0xe50
[ 88.063426][ T8942] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.063439][ T8942] ? rcu_is_watching+0x12/0xc0
[ 88.063451][ T8942] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 88.063467][ T8942] ? rcu_is_watching+0x12/0xc0
[ 88.063479][ T8942] ? on_each_cpu_cond_mask+0x40/0x90
[ 88.063492][ T8942] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 88.063503][ T8942] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.063516][ T8942] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.063527][ T8942] ? on_each_cpu_cond_mask+0x40/0x90
[ 88.063540][ T8942] ? smp_call_function_many_cond+0x457/0x1600
[ 88.063558][ T8942] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.063570][ T8942] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.063581][ T8942] blkdev_flush_mapping+0xfb/0x290
[ 88.063593][ T8942] ? filemap_check_errors+0xa9/0x160
[ 88.063608][ T8942] blkdev_put_whole+0xc4/0xf0
[ 88.063619][ T8942] bdev_release+0x47e/0x6d0
[ 88.063632][ T8942] ? __pfx_blkdev_release+0x10/0x10
[ 88.063645][ T8942] blkdev_release+0x15/0x20
[ 88.063658][ T8942] __fput+0x3ff/0xb70
[ 88.063672][ T8942] task_work_run+0x14d/0x240
[ 88.063684][ T8942] ? __pfx_task_work_run+0x10/0x10
[ 88.063696][ T8942] ? do_raw_spin_unlock+0x172/0x230
[ 88.063708][ T8942] do_exit+0x86f/0x2bf0
[ 88.063723][ T8942] ? futex_private_hash_put+0x112/0x300
[ 88.063738][ T8942] ? rcu_is_watching+0x12/0xc0
[ 88.063750][ T8942] ? __pfx_do_exit+0x10/0x10
[ 88.063765][ T8942] ? do_raw_spin_lock+0x12c/0x2b0
[ 88.063776][ T8942] ? get_signal+0x8f5/0x26d0
[ 88.063788][ T8942] ? rcu_is_watching+0x12/0xc0
[ 88.063800][ T8942] do_group_exit+0xd3/0x2a0
[ 88.063816][ T8942] get_signal+0x2673/0x26d0
[ 88.063831][ T8942] ? __pfx_get_signal+0x10/0x10
[ 88.063843][ T8942] ? do_futex+0x122/0x350
[ 88.063858][ T8942] ? __pfx_do_futex+0x10/0x10
[ 88.063876][ T8942] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.063890][ T8942] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 88.063906][ T8942] exit_to_user_mode_loop+0x84/0x110
[ 88.063917][ T8942] do_syscall_64+0x3f6/0x4c0
[ 88.063933][ T8942] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.063943][ T8942] RIP: 0033:0x7fe3e1d8e969
[ 88.063951][ T8942] Code: Unable to access opcode bytes at 0x7fe3e1d8e93f.
[ 88.063956][ T8942] RSP: 002b:00007fe3e2b9c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 88.063965][ T8942] RAX: 0000000000000001 RBX: 00007fe3e1fb5fa8 RCX: 00007fe3e1d8e969
[ 88.063972][ T8942] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe3e1fb5fac
[ 88.063979][ T8942] RBP: 00007fe3e1fb5fa0 R08: 00007fe3e2b9d000 R09: 0000000000000000
[ 88.063985][ T8942] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fe3e1fb5fac
[ 88.063991][ T8942] R13: 0000000000000000 R14: 00007fffbd90ce80 R15: 00007fffbd90cf68
[ 88.064000][ T8942]
[ 88.064015][ T8942] BUG: Bad page state in process syz.0.1059 pfn:50400
[ 88.081629][ T8952] atomic_op ffff888052f56198 conn xmit_atomic 0000000000000000
[ 88.082470][ T8942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x50400
[ 88.082638][ T8954] atomic_op ffff88804f8ae998 conn xmit_atomic 0000000000000000
[ 88.082788][ T8953] atomic_op ffff88804f8a4998 conn xmit_atomic 0000000000000000
[ 88.207856][ T8942] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 88.210565][ T8942] flags: 0xfff1800000024d(locked|referenced|uptodate|workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 88.214088][ T8942] raw: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 88.216815][ T8942] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.219551][ T8942] head: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 88.222323][ T8942] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.225080][ T8942] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 88.227934][ T8942] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 88.230680][ T8942] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 88.233236][ T8942] page_owner tracks the page as allocated
[ 88.235091][ T8942] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 8919, tgid 8919 (syz.0.1048), ts 87923177803, free_ts 87879417657
[ 88.241291][ T8942] post_alloc_hook+0x1c0/0x230
[ 88.242947][ T8942] get_page_from_freelist+0x132b/0x38e0
[ 88.244990][ T8942] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.246859][ T8942] alloc_pages_mpol+0x1fb/0x550
[ 88.248393][ T8942] folio_alloc_noprof+0x20/0x2d0
[ 88.249953][ T8942] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.251777][ T8942] page_cache_ra_order+0x4e1/0xd70
[ 88.253477][ T8942] filemap_fault+0x1b4b/0x2930
[ 88.255016][ T8942] __do_fault+0x10a/0x490
[ 88.256404][ T8942] do_pte_missing+0x1a6/0x3ba0
[ 88.257958][ T8942] __handle_mm_fault+0x152a/0x2a50
[ 88.259600][ T8942] handle_mm_fault+0x589/0xd10
[ 88.261133][ T8942] do_user_addr_fault+0x60c/0x1370
[ 88.262858][ T8942] exc_page_fault+0x5c/0xb0
[ 88.264302][ T8942] asm_exc_page_fault+0x26/0x30
[ 88.265832][ T8942] page last free pid 8898 tgid 8897 stack trace:
[ 88.267804][ T8942] free_unref_folios+0xa61/0x16b0
[ 88.269398][ T8942] folios_put_refs+0x56f/0x740
[ 88.270937][ T8942] truncate_inode_pages_range+0x311/0xe50
[ 88.272820][ T8942] blkdev_flush_mapping+0xfb/0x290
[ 88.274426][ T8942] blkdev_put_whole+0xc4/0xf0
[ 88.275930][ T8942] bdev_release+0x47e/0x6d0
[ 88.277357][ T8942] blkdev_release+0x15/0x20
[ 88.278788][ T8942] __fput+0x3ff/0xb70
[ 88.280055][ T8942] task_work_run+0x14d/0x240
[ 88.281527][ T8942] do_exit+0x86f/0x2bf0
[ 88.282919][ T8942] do_group_exit+0xd3/0x2a0
[ 88.284351][ T8942] get_signal+0x2673/0x26d0
[ 88.285804][ T8942] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.287549][ T8942] exit_to_user_mode_loop+0x84/0x110
[ 88.289202][ T8942] do_syscall_64+0x3f6/0x4c0
[ 88.290671][ T8942] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.292662][ T8942] Modules linked in:
[ 88.294039][ T8942] CPU: 3 UID: 0 PID: 8942 Comm: syz.0.1059 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.294060][ T8942] Tainted: [B]=BAD_PAGE
[ 88.294065][ T8942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.294075][ T8942] Call Trace:
[ 88.294080][ T8942]
[ 88.294087][ T8942] dump_stack_lvl+0x16c/0x1f0
[ 88.294109][ T8942] bad_page+0xcf/0x220
[ 88.294126][ T8942] ? __pfx_bad_page+0x10/0x10
[ 88.294139][ T8942] ? page_bad_reason+0x9d/0x1f0
[ 88.294155][ T8942] __free_frozen_pages+0x7f7/0x10f0
[ 88.294179][ T8942] __folio_put+0x329/0x450
[ 88.294194][ T8942] ? __pfx___folio_put+0x10/0x10
[ 88.294210][ T8942] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.294224][ T8942] ? rcu_is_watching+0x12/0xc0
[ 88.294241][ T8942] ? lock_release+0x201/0x2f0
[ 88.294264][ T8942] filemap_free_folio+0x132/0x170
[ 88.294280][ T8942] delete_from_page_cache_batch+0x741/0x9b0
[ 88.294298][ T8942] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.294312][ T8942] ? __pfx_workingset_update_node+0x10/0x10
[ 88.294327][ T8942] ? xas_move_index+0xb0/0x110
[ 88.294350][ T8942] truncate_inode_pages_range+0x279/0xe50
[ 88.294372][ T8942] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.294390][ T8942] ? rcu_is_watching+0x12/0xc0
[ 88.294404][ T8942] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 88.294428][ T8942] ? rcu_is_watching+0x12/0xc0
[ 88.294445][ T8942] ? on_each_cpu_cond_mask+0x40/0x90
[ 88.294464][ T8942] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 88.294478][ T8942] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.294495][ T8942] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.294512][ T8942] ? on_each_cpu_cond_mask+0x40/0x90
[ 88.294530][ T8942] ? smp_call_function_many_cond+0x457/0x1600
[ 88.294557][ T8942] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.294571][ T8942] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.294587][ T8942] blkdev_flush_mapping+0xfb/0x290
[ 88.294604][ T8942] ? filemap_check_errors+0xa9/0x160
[ 88.294625][ T8942] blkdev_put_whole+0xc4/0xf0
[ 88.294641][ T8942] bdev_release+0x47e/0x6d0
[ 88.294657][ T8942] ? __pfx_blkdev_release+0x10/0x10
[ 88.294675][ T8942] blkdev_release+0x15/0x20
[ 88.294712][ T8942] __fput+0x3ff/0xb70
[ 88.294733][ T8942] task_work_run+0x14d/0x240
[ 88.294749][ T8942] ? __pfx_task_work_run+0x10/0x10
[ 88.294763][ T8942] ? do_raw_spin_unlock+0x172/0x230
[ 88.294780][ T8942] do_exit+0x86f/0x2bf0
[ 88.294802][ T8942] ? futex_private_hash_put+0x112/0x300
[ 88.294822][ T8942] ? rcu_is_watching+0x12/0xc0
[ 88.294840][ T8942] ? __pfx_do_exit+0x10/0x10
[ 88.294858][ T8942] ? do_raw_spin_lock+0x12c/0x2b0
[ 88.294874][ T8942] ? get_signal+0x8f5/0x26d0
[ 88.294892][ T8942] ? rcu_is_watching+0x12/0xc0
[ 88.294915][ T8942] do_group_exit+0xd3/0x2a0
[ 88.294934][ T8942] get_signal+0x2673/0x26d0
[ 88.294956][ T8942] ? __pfx_get_signal+0x10/0x10
[ 88.294974][ T8942] ? do_futex+0x122/0x350
[ 88.294996][ T8942] ? __pfx_do_futex+0x10/0x10
[ 88.295016][ T8942] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.295034][ T8942] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 88.295059][ T8942] exit_to_user_mode_loop+0x84/0x110
[ 88.295074][ T8942] do_syscall_64+0x3f6/0x4c0
[ 88.295095][ T8942] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.295105][ T8942] RIP: 0033:0x7fe3e1d8e969
[ 88.295113][ T8942] Code: Unable to access opcode bytes at 0x7fe3e1d8e93f.
[ 88.295118][ T8942] RSP: 002b:00007fe3e2b9c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 88.295127][ T8942] RAX: 0000000000000001 RBX: 00007fe3e1fb5fa8 RCX: 00007fe3e1d8e969
[ 88.295134][ T8942] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe3e1fb5fac
[ 88.295140][ T8942] RBP: 00007fe3e1fb5fa0 R08: 00007fe3e2b9d000 R09: 0000000000000000
[ 88.295148][ T8942] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fe3e1fb5fac
[ 88.295155][ T8942] R13: 0000000000000000 R14: 00007fffbd90ce80 R15: 00007fffbd90cf68
[ 88.295168][ T8942]
2025/08/01 08:25:19 executed programs: 1144
[ 88.907580][ T9170] BUG: Bad page state in process syz.3.1169 pfn:49e01
[ 88.909741][ T9170] page does not match folio
[ 88.911200][ T9170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x49e01
[ 88.914698][ T9170] ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 88.917073][ T9170] raw: 00fff00000000000 0000000000000000 00000000ffffffff ffffffffffffffff
[ 88.919734][ T9170] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 88.925019][ T9170] page dumped because: nonzero pincount
[ 88.926853][ T9170] page_owner tracks the page as allocated
[ 88.928633][ T9170] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 9152, tgid 9152 (syz.3.1162), ts 88845792708, free_ts 87746710766
[ 88.934860][ T9170] post_alloc_hook+0x1c0/0x230
[ 88.936420][ T9170] get_page_from_freelist+0x132b/0x38e0
[ 88.938225][ T9170] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 88.940083][ T9170] alloc_pages_mpol+0x1fb/0x550
[ 88.941623][ T9170] folio_alloc_noprof+0x20/0x2d0
[ 88.943247][ T9170] filemap_alloc_folio_noprof+0x3a1/0x470
[ 88.945028][ T9170] page_cache_ra_order+0x4e1/0xd70
[ 88.946632][ T9170] filemap_fault+0x1b4b/0x2930
[ 88.948147][ T9170] __do_fault+0x10a/0x490
[ 88.949589][ T9170] do_pte_missing+0x1a6/0x3ba0
[ 88.951109][ T9170] __handle_mm_fault+0x152a/0x2a50
[ 88.953045][ T9170] handle_mm_fault+0x589/0xd10
[ 88.954579][ T9170] do_user_addr_fault+0x60c/0x1370
[ 88.956203][ T9170] exc_page_fault+0x5c/0xb0
[ 88.957640][ T9170] asm_exc_page_fault+0x26/0x30
[ 88.959229][ T9170] page last free pid 8855 tgid 8855 stack trace:
[ 88.961267][ T9170] free_unref_folios+0xa61/0x16b0
[ 88.963312][ T9170] folios_put_refs+0x56f/0x740
[ 88.964826][ T9170] truncate_inode_pages_range+0x311/0xe50
[ 88.966612][ T9170] blkdev_flush_mapping+0xfb/0x290
[ 88.968222][ T9170] blkdev_put_whole+0xc4/0xf0
[ 88.969739][ T9170] bdev_release+0x47e/0x6d0
[ 88.971190][ T9170] blkdev_release+0x15/0x20
[ 88.972807][ T9170] __fput+0x3ff/0xb70
[ 88.974465][ T9170] task_work_run+0x14d/0x240
[ 88.976349][ T9170] do_exit+0x86f/0x2bf0
[ 88.978034][ T9170] do_group_exit+0xd3/0x2a0
[ 88.979880][ T9170] __x64_sys_exit_group+0x3e/0x50
[ 88.982588][ T9170] x64_sys_call+0x14fa/0x1720
[ 88.984560][ T9170] do_syscall_64+0xcd/0x4c0
[ 88.986412][ T9170] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.988802][ T9170] Modules linked in:
[ 88.990423][ T9170] CPU: 0 UID: 0 PID: 9170 Comm: syz.3.1169 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 88.990448][ T9170] Tainted: [B]=BAD_PAGE
[ 88.990454][ T9170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 88.990464][ T9170] Call Trace:
[ 88.990470][ T9170]
[ 88.990476][ T9170] dump_stack_lvl+0x16c/0x1f0
[ 88.990499][ T9170] bad_page+0xcf/0x220
[ 88.990515][ T9170] ? __pfx_bad_page+0x10/0x10
[ 88.990533][ T9170] free_tail_page_prepare+0x44f/0x5b0
[ 88.990555][ T9170] __free_frozen_pages+0xbae/0x10f0
[ 88.990579][ T9170] __folio_put+0x329/0x450
[ 88.990594][ T9170] ? __pfx___folio_put+0x10/0x10
[ 88.990610][ T9170] ? xas_store+0x9dc/0x1910
[ 88.990633][ T9170] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 88.990650][ T9170] ? rcu_is_watching+0x12/0xc0
[ 88.990669][ T9170] ? lock_release+0x201/0x2f0
[ 88.990712][ T9170] filemap_free_folio+0x132/0x170
[ 88.990727][ T9170] delete_from_page_cache_batch+0x741/0x9b0
[ 88.990746][ T9170] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 88.990764][ T9170] ? __pfx_workingset_update_node+0x10/0x10
[ 88.990779][ T9170] ? xas_move_index+0xb0/0x110
[ 88.990803][ T9170] truncate_inode_pages_range+0x279/0xe50
[ 88.990825][ T9170] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 88.990853][ T9170] ? rcu_is_watching+0x12/0xc0
[ 88.990871][ T9170] ? on_each_cpu_cond_mask+0x40/0x90
[ 88.990891][ T9170] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 88.990909][ T9170] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.990927][ T9170] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.990945][ T9170] ? on_each_cpu_cond_mask+0x40/0x90
[ 88.990970][ T9170] ? smp_call_function_many_cond+0x457/0x1600
[ 88.990999][ T9170] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 88.991017][ T9170] ? __pfx_has_bh_in_lru+0x10/0x10
[ 88.991034][ T9170] blkdev_flush_mapping+0xfb/0x290
[ 88.991051][ T9170] ? filemap_check_errors+0xa9/0x160
[ 88.991073][ T9170] blkdev_put_whole+0xc4/0xf0
[ 88.991090][ T9170] bdev_release+0x47e/0x6d0
[ 88.991110][ T9170] ? __pfx_blkdev_release+0x10/0x10
[ 88.991129][ T9170] blkdev_release+0x15/0x20
[ 88.991148][ T9170] __fput+0x3ff/0xb70
[ 88.991171][ T9170] task_work_run+0x14d/0x240
[ 88.991188][ T9170] ? __pfx_task_work_run+0x10/0x10
[ 88.991204][ T9170] ? do_raw_spin_unlock+0x172/0x230
[ 88.991222][ T9170] do_exit+0x86f/0x2bf0
[ 88.991244][ T9170] ? futex_private_hash_put+0x112/0x300
[ 88.991265][ T9170] ? rcu_is_watching+0x12/0xc0
[ 88.991285][ T9170] ? __pfx_do_exit+0x10/0x10
[ 88.991307][ T9170] ? do_raw_spin_lock+0x12c/0x2b0
[ 88.991323][ T9170] ? get_signal+0x8f5/0x26d0
[ 88.991341][ T9170] ? rcu_is_watching+0x12/0xc0
[ 88.991360][ T9170] do_group_exit+0xd3/0x2a0
[ 88.991384][ T9170] get_signal+0x2673/0x26d0
[ 88.991406][ T9170] ? __pfx_get_signal+0x10/0x10
[ 88.991425][ T9170] ? do_futex+0x122/0x350
[ 88.991448][ T9170] ? __pfx_do_futex+0x10/0x10
[ 88.991471][ T9170] arch_do_signal_or_restart+0x8f/0x7d0
[ 88.991492][ T9170] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 88.991518][ T9170] exit_to_user_mode_loop+0x84/0x110
[ 88.991534][ T9170] do_syscall_64+0x3f6/0x4c0
[ 88.991556][ T9170] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 88.991571][ T9170] RIP: 0033:0x7f7d9ef8e969
[ 88.991583][ T9170] Code: Unable to access opcode bytes at 0x7f7d9ef8e93f.
[ 88.991590][ T9170] RSP: 002b:00007f7d9fe000e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 88.991604][ T9170] RAX: 0000000000000001 RBX: 00007f7d9f1b5fa8 RCX: 00007f7d9ef8e969
[ 88.991614][ T9170] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7d9f1b5fac
[ 88.991624][ T9170] RBP: 00007f7d9f1b5fa0 R08: 00007f7d9fe01000 R09: 0000000000000000
[ 88.991634][ T9170] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f7d9f1b5fac
[ 88.991645][ T9170] R13: 0000000000000000 R14: 00007fff3b14afb0 R15: 00007fff3b14b098
[ 88.991659][ T9170]
[ 88.991689][ T9170] BUG: Bad page state in process syz.3.1169 pfn:49e00
[ 89.010529][ T9180] atomic_op ffff888030c28998 conn xmit_atomic 0000000000000000
[ 89.011231][ T9170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x49e00
[ 89.011704][ T9182] atomic_op ffff88802a849198 conn xmit_atomic 0000000000000000
[ 89.011712][ T9181] atomic_op ffff88804f8a0198 conn xmit_atomic 0000000000000000
[ 89.124843][ T9170] head: order:0 mapcount:0 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 89.127608][ T9170] flags: 0xfff1800000024d(locked|referenced|uptodate|workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 89.131064][ T9170] raw: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 89.133884][ T9170] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.136680][ T9170] head: 00fff1800000024d dead000000000100 dead000000000122 0000000000000000
[ 89.139463][ T9170] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.142362][ T9170] head: 00fff00000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 89.145057][ T9170] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000000
[ 89.147811][ T9170] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[ 89.150079][ T9170] page_owner tracks the page as allocated
[ 89.151954][ T9170] page last allocated via order 9, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 9152, tgid 9152 (syz.3.1162), ts 88845792708, free_ts 87746710766
[ 89.158624][ T9170] post_alloc_hook+0x1c0/0x230
[ 89.160157][ T9170] get_page_from_freelist+0x132b/0x38e0
[ 89.161968][ T9170] __alloc_frozen_pages_noprof+0x261/0x23f0
[ 89.163880][ T9170] alloc_pages_mpol+0x1fb/0x550
[ 89.165421][ T9170] folio_alloc_noprof+0x20/0x2d0
[ 89.167009][ T9170] filemap_alloc_folio_noprof+0x3a1/0x470
[ 89.168840][ T9170] page_cache_ra_order+0x4e1/0xd70
[ 89.170454][ T9170] filemap_fault+0x1b4b/0x2930
[ 89.172052][ T9170] __do_fault+0x10a/0x490
[ 89.173460][ T9170] do_pte_missing+0x1a6/0x3ba0
[ 89.174989][ T9170] __handle_mm_fault+0x152a/0x2a50
[ 89.176640][ T9170] handle_mm_fault+0x589/0xd10
[ 89.178511][ T9170] do_user_addr_fault+0x60c/0x1370
[ 89.180392][ T9170] exc_page_fault+0x5c/0xb0
[ 89.182312][ T9170] asm_exc_page_fault+0x26/0x30
[ 89.184014][ T9170] page last free pid 8855 tgid 8855 stack trace:
[ 89.185978][ T9170] free_unref_folios+0xa61/0x16b0
[ 89.187808][ T9170] folios_put_refs+0x56f/0x740
[ 89.189314][ T9170] truncate_inode_pages_range+0x311/0xe50
[ 89.191101][ T9170] blkdev_flush_mapping+0xfb/0x290
[ 89.192781][ T9170] blkdev_put_whole+0xc4/0xf0
[ 89.194307][ T9170] bdev_release+0x47e/0x6d0
[ 89.195772][ T9170] blkdev_release+0x15/0x20
[ 89.197329][ T9170] __fput+0x3ff/0xb70
[ 89.198715][ T9170] task_work_run+0x14d/0x240
[ 89.200180][ T9170] do_exit+0x86f/0x2bf0
[ 89.201512][ T9170] do_group_exit+0xd3/0x2a0
[ 89.203037][ T9170] __x64_sys_exit_group+0x3e/0x50
[ 89.204661][ T9170] x64_sys_call+0x14fa/0x1720
[ 89.206162][ T9170] do_syscall_64+0xcd/0x4c0
[ 89.207711][ T9170] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.209586][ T9170] Modules linked in:
[ 89.210838][ T9170] CPU: 0 UID: 0 PID: 9170 Comm: syz.3.1169 Tainted: G B 6.16.0-syzkaller-g89748acdf226 #0 PREEMPT(full)
[ 89.210855][ T9170] Tainted: [B]=BAD_PAGE
[ 89.210859][ T9170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 89.210865][ T9170] Call Trace:
[ 89.210869][ T9170]
[ 89.210873][ T9170] dump_stack_lvl+0x16c/0x1f0
[ 89.210889][ T9170] bad_page+0xcf/0x220
[ 89.210901][ T9170] ? __pfx_bad_page+0x10/0x10
[ 89.210912][ T9170] ? page_bad_reason+0x9d/0x1f0
[ 89.210923][ T9170] __free_frozen_pages+0x7f7/0x10f0
[ 89.210939][ T9170] __folio_put+0x329/0x450
[ 89.210950][ T9170] ? __pfx___folio_put+0x10/0x10
[ 89.210960][ T9170] ? xas_store+0x9dc/0x1910
[ 89.210975][ T9170] ? delete_from_page_cache_batch+0x6c9/0x9b0
[ 89.210987][ T9170] ? rcu_is_watching+0x12/0xc0
[ 89.211000][ T9170] ? lock_release+0x201/0x2f0
[ 89.211015][ T9170] filemap_free_folio+0x132/0x170
[ 89.211026][ T9170] delete_from_page_cache_batch+0x741/0x9b0
[ 89.211038][ T9170] ? __pfx_delete_from_page_cache_batch+0x10/0x10
[ 89.211050][ T9170] ? __pfx_workingset_update_node+0x10/0x10
[ 89.211060][ T9170] ? xas_move_index+0xb0/0x110
[ 89.211076][ T9170] truncate_inode_pages_range+0x279/0xe50
[ 89.211090][ T9170] ? __pfx_truncate_inode_pages_range+0x10/0x10
[ 89.211108][ T9170] ? rcu_is_watching+0x12/0xc0
[ 89.211120][ T9170] ? on_each_cpu_cond_mask+0x40/0x90
[ 89.211133][ T9170] ? trace_irq_enable.constprop.0+0xd4/0x120
[ 89.211145][ T9170] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.211157][ T9170] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.211169][ T9170] ? on_each_cpu_cond_mask+0x40/0x90
[ 89.211181][ T9170] ? smp_call_function_many_cond+0x457/0x1600
[ 89.211204][ T9170] ? __pfx_invalidate_bh_lru+0x10/0x10
[ 89.211216][ T9170] ? __pfx_has_bh_in_lru+0x10/0x10
[ 89.211227][ T9170] blkdev_flush_mapping+0xfb/0x290
[ 89.211239][ T9170] ? filemap_check_errors+0xa9/0x160
[ 89.211254][ T9170] blkdev_put_whole+0xc4/0xf0
[ 89.211265][ T9170] bdev_release+0x47e/0x6d0
[ 89.211278][ T9170] ? __pfx_blkdev_release+0x10/0x10
[ 89.211292][ T9170] blkdev_release+0x15/0x20
[ 89.211304][ T9170] __fput+0x3ff/0xb70
[ 89.211319][ T9170] task_work_run+0x14d/0x240
[ 89.211330][ T9170] ? __pfx_task_work_run+0x10/0x10
[ 89.211341][ T9170] ? do_raw_spin_unlock+0x172/0x230
[ 89.211353][ T9170] do_exit+0x86f/0x2bf0
[ 89.211368][ T9170] ? futex_private_hash_put+0x112/0x300
[ 89.211382][ T9170] ? rcu_is_watching+0x12/0xc0
[ 89.211395][ T9170] ? __pfx_do_exit+0x10/0x10
[ 89.211409][ T9170] ? do_raw_spin_lock+0x12c/0x2b0
[ 89.211420][ T9170] ? get_signal+0x8f5/0x26d0
[ 89.211432][ T9170] ? rcu_is_watching+0x12/0xc0
[ 89.211445][ T9170] do_group_exit+0xd3/0x2a0
[ 89.211460][ T9170] get_signal+0x2673/0x26d0
[ 89.211475][ T9170] ? __pfx_get_signal+0x10/0x10
[ 89.211489][ T9170] ? do_futex+0x122/0x350
[ 89.211504][ T9170] ? __pfx_do_futex+0x10/0x10
[ 89.211520][ T9170] arch_do_signal_or_restart+0x8f/0x7d0
[ 89.211535][ T9170] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 89.211551][ T9170] exit_to_user_mode_loop+0x84/0x110
[ 89.211562][ T9170] do_syscall_64+0x3f6/0x4c0
[ 89.211577][ T9170] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 89.211588][ T9170] RIP: 0033:0x7f7d9ef8e969
[ 89.211595][ T9170] Code: Unable to access opcode bytes at 0x7f7d9ef8e93f.
[ 89.211600][ T9170] RSP: 002b:00007f7d9fe000e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 89.211610][ T9170] RAX: 0000000000000001 RBX: 00007f7d9f1b5fa8 RCX: 00007f7d9ef8e969
[ 89.211617][ T9170] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7d9f1b5fac
[ 89.211623][ T9170] RBP: 00007f7d9f1b5fa0 R08: 00007f7d9fe01000 R09: 0000000000000000
[ 89.211629][ T9170] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f7d9f1b5fac
[ 89.211636][ T9170] R13: 0000000000000000 R14: 00007fff3b14afb0 R15: 00007fff3b14b098
[ 89.211645][ T9170]