program:
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x5a3080, 0x0) (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000001040)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_POLL(r0, &(0x7f0000000040)={0x18, 0x0, r1, {0x8000}}, 0x18) (async, rerun: 64)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0) (rerun: 64)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r3, 0x0) (async)
ioctl$BLKBSZSET(r2, 0x40081271, &(0x7f0000000100)=0x10000) (async)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) (async, rerun: 32)
munlockall() (rerun: 32)

[  114.856269][ T5321] Bluetooth: hci0: command tx timeout
[  114.936072][ T5341] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x1c pfn:0x531b8
[  114.939823][ T5341] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  114.946055][ T5341] memcg:ffff88801bee8d00
[  114.947934][ T5341] flags: 0x4fff00000000041(locked|head|node=1|zone=1|lastcpupid=0x7ff)
[  114.951737][ T5341] raw: 04fff00000000041 0000000000000000 dead000000000122 0000000000000000
[  114.954951][ T5341] raw: 000000000000001c 0000000000000000 00000001ffffffff ffff88801bee8d00
[  114.958803][ T5341] head: 04fff00000000041 0000000000000000 dead000000000122 0000000000000000
[  114.962987][ T5341] head: 000000000000001c 0000000000000000 00000001ffffffff ffff88801bee8d00
[  114.966534][ T5341] head: 04fff00000000202 ffffea00014c6e01 00000000ffffffff 00000000ffffffff
[  114.969999][ T5341] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  114.975614][ T5341] page dumped because: VM_BUG_ON_FOLIO(folio_order(folio) < mapping_min_folio_order(mapping))
[  114.980019][ T5341] page_owner tracks the page as allocated
[  114.984517][ T5341] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5341, tgid 5341 (syz.0.0), ts 114936041944, free_ts 114935781018
[  114.994938][ T5341]  post_alloc_hook+0x240/0x2a0
[  114.997105][ T5341]  get_page_from_freelist+0x21e4/0x22c0
[  114.999434][ T5341]  __alloc_frozen_pages_noprof+0x181/0x370
[  115.002959][ T5341]  alloc_pages_mpol+0x232/0x4a0
[  115.005218][ T5341]  alloc_pages_noprof+0xa9/0x190
[  115.007285][ T5341]  folio_alloc_noprof+0x1e/0x30
[  115.009386][ T5341]  filemap_alloc_folio_noprof+0xdf/0x470
[  115.012757][ T5341]  page_cache_ra_order+0x5e5/0xc70
[  115.015668][ T5341]  do_sync_mmap_readahead+0x4b5/0x5f0
[  115.017837][ T5341]  filemap_fault+0x62a/0x1200
[  115.019793][ T5341]  __do_fault+0x138/0x390
[  115.022173][ T5341]  __handle_mm_fault+0x198b/0x5620
[  115.024340][ T5341]  handle_mm_fault+0x40a/0x8e0
[  115.026621][ T5341]  do_user_addr_fault+0xa81/0x1390
[  115.028909][ T5341]  exc_page_fault+0x76/0xf0
[  115.031989][ T5341]  asm_exc_page_fault+0x26/0x30
[  115.034101][ T5341] page last free pid 5342 tgid 5341 stack trace:
[  115.036917][ T5341]  free_unref_folios+0xc66/0x14d0
[  115.039047][ T5341]  folios_put_refs+0x559/0x640
[  115.041750][ T5341]  truncate_inode_pages_range+0x346/0xda0
[  115.044199][ T5341]  set_blocksize+0x32a/0x500
[  115.045894][ T5341]  blkdev_bszset+0x1ac/0x220
[  115.047742][ T5341]  blkdev_ioctl+0x430/0x6d0
[  115.049606][ T5341]  __se_sys_ioctl+0xf9/0x170
[  115.052925][ T5341]  do_syscall_64+0xfa/0x3b0
[  115.054706][ T5341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.058013][ T5341] ------------[ cut here ]------------
[  115.060303][ T5341] kernel BUG at mm/filemap.c:868!
[  115.063750][ T5341] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[  115.066647][ T5341] CPU: 0 UID: 0 PID: 5341 Comm: syz.0.0 Not tainted 6.16.0-rc3-syzkaller-00057-g92ca6c498a5e #0 PREEMPT(full) 
[  115.071063][ T5341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  115.075369][ T5341] RIP: 0010:__filemap_add_folio+0x11ad/0x12f0
[  115.077921][ T5341] Code: fe c8 ff 4c 89 e7 48 c7 c6 e0 37 94 8b e8 fb a3 10 00 90 0f 0b e8 53 fe c8 ff 4c 89 e7 48 c7 c6 c0 2e 94 8b e8 e4 a3 10 00 90 <0f> 0b e8 3c fe c8 ff 4c 89 e7 48 c7 c6 e0 37 94 8b e8 cd a3 10 00
[  115.085750][ T5341] RSP: 0018:ffffc9000d3a7680 EFLAGS: 00010246
[  115.088325][ T5341] RAX: fe606237b7bca400 RBX: 0000000000000002 RCX: 0000000000000000
[  115.091603][ T5341] RDX: 0000000000000007 RSI: ffffffff8d98234b RDI: 00000000ffffffff
[  115.095083][ T5341] RBP: ffffc9000d3a77e8 R08: ffffffff8fa10bf7 R09: 1ffffffff1f4217e
[  115.098104][ T5341] R10: dffffc0000000000 R11: fffffbfff1f4217f R12: ffffea00014c6e00
[  115.101060][ T5341] R13: dffffc0000000000 R14: ffffea00014c6e08 R15: 0000000000000004
[  115.104074][ T5341] FS:  0000555565d80500(0000) GS:ffff88808d251000(0000) knlGS:0000000000000000
[  115.107865][ T5341] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  115.110628][ T5341] CR2: 000020000057eff8 CR3: 000000003279f000 CR4: 0000000000352ef0
[  115.113823][ T5341] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  115.117054][ T5341] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  115.119993][ T5341] Call Trace:
[  115.121490][ T5341]  <TASK>
[  115.122769][ T5341]  ? percpu_ref_put+0x19/0x180
[  115.124809][ T5341]  ? __pfx___filemap_add_folio+0x10/0x10
[  115.127156][ T5341]  ? percpu_ref_put+0xf9/0x180
[  115.129146][ T5341]  filemap_add_folio+0xd5/0x270
[  115.131102][ T5341]  page_cache_ra_order+0x74c/0xc70
[  115.133117][ T5341]  do_sync_mmap_readahead+0x4b5/0x5f0
[  115.135073][ T5341]  ? __pfx_do_sync_mmap_readahead+0x10/0x10
[  115.137135][ T5341]  ? count_memcg_event_mm+0x1d/0x250
[  115.138987][ T5341]  ? count_memcg_event_mm+0x1d/0x250
[  115.140802][ T5341]  filemap_fault+0x62a/0x1200
[  115.142404][ T5341]  ? __pagetable_ctor+0x253/0x340
[  115.144078][ T5341]  ? __pfx_filemap_fault+0x10/0x10
[  115.145866][ T5341]  ? rcu_is_watching+0x15/0xb0
[  115.147618][ T5341]  ? __raw_spin_lock_init+0x45/0x100
[  115.149583][ T5341]  __do_fault+0x138/0x390
[  115.151318][ T5341]  __handle_mm_fault+0x198b/0x5620
[  115.153417][ T5341]  ? __lock_acquire+0xab9/0xd20
[  115.155360][ T5341]  ? __pfx___handle_mm_fault+0x10/0x10
[  115.157337][ T5341]  ? lock_vma_under_rcu+0xf8/0x710
[  115.159558][ T5341]  ? lock_vma_under_rcu+0xf8/0x710
[  115.161842][ T5341]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  115.164184][ T5341]  ? rcu_is_watching+0x15/0xb0
[  115.165943][ T5341]  handle_mm_fault+0x40a/0x8e0
[  115.167684][ T5341]  do_user_addr_fault+0xa81/0x1390
[  115.169765][ T5341]  ? rcu_is_watching+0x15/0xb0
[  115.171887][ T5341]  ? trace_page_fault_user+0x84/0x1e0
[  115.174257][ T5341]  exc_page_fault+0x76/0xf0
[  115.176149][ T5341]  asm_exc_page_fault+0x26/0x30
[  115.178249][ T5341] RIP: 0033:0x7fe306054e53
[  115.180121][ T5341] Code: 48 85 c0 74 1b 48 83 f8 01 0f 85 3b 03 00 00 0f b7 44 24 18 66 c1 c0 08 0f b7 c0 48 89 44 24 18 48 8b 44 24 10 0f b7 54 24 18 <66> 89 10 e9 82 fe ff ff 48 83 3c 24 08 0f 85 a1 02 00 00 48 8b 44
[  115.188191][ T5341] RSP: 002b:00007fff7e930540 EFLAGS: 00010246
[  115.191248][ T5341] RAX: 000020000057eff8 RBX: 0000000000000002 RCX: 0000000000000000
[  115.194955][ T5341] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555565d803c8
[  115.198115][ T5341] RBP: 00007fff7e930648 R08: 0000000000000000 R09: 0000000000000000
[  115.201443][ T5341] R10: 0000000000000000 R11: 0000000000000000 R12: 00007fe3063b5fac
[  115.204501][ T5341] R13: 00007fe3063b5fa0 R14: fffffffffffffffe R15: 0000000000000003
[  115.207582][ T5341]  </TASK>
[  115.208791][ T5341] Modules linked in:
[  115.211124][ T5341] ---[ end trace 0000000000000000 ]---
[  115.218596][ T5341] RIP: 0010:__filemap_add_folio+0x11ad/0x12f0
[  115.222497][ T5341] Code: fe c8 ff 4c 89 e7 48 c7 c6 e0 37 94 8b e8 fb a3 10 00 90 0f 0b e8 53 fe c8 ff 4c 89 e7 48 c7 c6 c0 2e 94 8b e8 e4 a3 10 00 90 <0f> 0b e8 3c fe c8 ff 4c 89 e7 48 c7 c6 e0 37 94 8b e8 cd a3 10 00
[  115.230291][ T5341] RSP: 0018:ffffc9000d3a7680 EFLAGS: 00010246
[  115.233509][ T5341] RAX: fe606237b7bca400 RBX: 0000000000000002 RCX: 0000000000000000
[  115.236650][ T5341] RDX: 0000000000000007 RSI: ffffffff8d98234b RDI: 00000000ffffffff
[  115.239805][ T5341] RBP: ffffc9000d3a77e8 R08: ffffffff8fa10bf7 R09: 1ffffffff1f4217e
[  115.243497][ T5341] R10: dffffc0000000000 R11: fffffbfff1f4217f R12: ffffea00014c6e00
[  115.246582][ T5341] R13: dffffc0000000000 R14: ffffea00014c6e08 R15: 0000000000000004
[  115.249556][ T5341] FS:  0000555565d80500(0000) GS:ffff88808d251000(0000) knlGS:0000000000000000
[  115.253758][ T5341] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  115.256473][ T5341] CR2: 000020000057eff8 CR3: 000000003279f000 CR4: 0000000000352ef0
[  115.259585][ T5341] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  115.263607][ T5341] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  115.267217][ T5341] Kernel panic - not syncing: Fatal exception
[  115.270030][ T5341] Kernel Offset: disabled
[  115.271840][ T5341] Rebooting in 86400 seconds..