program: r0 = socket$nl_rdma(0x10, 0x3, 0x14) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000), &(0x7f0000000100)=0x4) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0) sendmsg$inet(0xffffffffffffffff, 0x0, 0x4000) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="04000226", @ANYRES16=0x0, @ANYBLOB="00000000000000000004e800000008000317"], 0x1c}}, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r2 = dup(r1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x13, r2, 0x2000) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) write$binfmt_aout(r2, 0x0, 0xffffffdb) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x3200056, &(0x7f0000000480)={[{@usrjquota}, {@nodelalloc}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@noblock_validity}, {@nouid32}, {@stripe={'stripe', 0x3d, 0x7f}}, {@test_dummy_encryption}, {@noquota}, {@user_xattr}, {@stripe={'stripe', 0x3d, 0x6}}, {@noload}, {@sysvgroups}, {@mblk_io_submit}, {@nouid32}, {@noload}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ") r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.dequeue\x00', 0x275a, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r3, 0x8004587d, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffff65}) renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100), 0x40002, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0) r5 = dup(r4) r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x121003, 0x0) ioctl$FS_IOC_SETFLAGS(r6, 0x40081271, &(0x7f0000000980)=0x4000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r5, 0x2c93a000) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f80), r7) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), r8) sendmsg$NL802154_CMD_NEW_INTERFACE(r8, &(0x7f00000017c0)={0x0, 0x0, &(0x7f0000001780)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000014db7c211007a90b", @ANYRES16=r9, @ANYBLOB="010028bd7000fbdbdf25070000000a0004007770616e3300000008000500020000000c0006000100000001000000"], 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x4044884) [ 76.124988][ T47] Bluetooth: hci0: command tx timeout [ 76.374686][ T5337] loop0: detected capacity change from 0 to 1024 [ 76.397260][ T5337] ======================================================= [ 76.397260][ T5337] WARNING: The mand mount option has been deprecated and [ 76.397260][ T5337] and is ignored by this kernel. Remove the mand [ 76.397260][ T5337] option from the mount to silence this warning. [ 76.397260][ T5337] ======================================================= [ 76.432022][ T1312] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.435200][ T1312] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.513244][ T5337] EXT4-fs: Ignoring removed mblk_io_submit option [ 76.515845][ T5337] ext4: Unknown parameter 'nol' [ 76.677196][ T5339] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x3 pfn:0x119c8 [ 76.690893][ T5339] memcg:ffff88801be88d40 [ 76.692789][ T5339] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff) [ 76.696285][ T5339] raw: 00fff00000000001 0000000000000000 dead000000000122 0000000000000000 [ 76.699806][ T5339] raw: 0000000000000003 0000000000000000 00000001ffffffff ffff88801be88d40 [ 76.704184][ T5339] page dumped because: VM_BUG_ON_FOLIO(folio_order(folio) < mapping_min_folio_order(mapping)) [ 76.709607][ T5339] page_owner tracks the page as allocated [ 76.714011][ T5339] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5339, tgid 5336 (syz.0.0), ts 76677155281, free_ts 76676134003 [ 76.735605][ T5339] post_alloc_hook+0x234/0x290 [ 76.738005][ T5339] get_page_from_freelist+0x2365/0x2440 [ 76.740586][ T5339] __alloc_frozen_pages_noprof+0x181/0x370 [ 76.743555][ T5339] alloc_pages_mpol+0x232/0x4a0 [ 76.745885][ T5339] alloc_pages_noprof+0xa9/0x190 [ 76.748038][ T5339] folio_alloc_noprof+0x1e/0x30 [ 76.750283][ T5339] filemap_alloc_folio_noprof+0x112/0x490 [ 76.753299][ T5339] page_cache_ra_order+0x546/0xe50 [ 76.755895][ T5339] do_sync_mmap_readahead+0x66a/0x870 [ 76.758398][ T5339] filemap_fault+0x6ac/0x1290 [ 76.760254][ T5339] __do_fault+0x138/0x390 [ 76.763118][ T5339] do_pte_missing+0x2206/0x3330 [ 76.765462][ T5339] handle_mm_fault+0x1b26/0x32b0 [ 76.767849][ T5339] __get_user_pages+0x1650/0x29f0 [ 76.770317][ T5339] populate_vma_page_range+0x29f/0x3a0 [ 76.773478][ T5339] __mm_populate+0x24c/0x380 [ 76.776180][ T5339] page last free pid 5337 tgid 5336 stack trace: [ 76.780573][ T5339] free_unref_folios+0xdb3/0x14f0 [ 76.786343][ T5339] folios_put_refs+0x584/0x670 [ 76.788634][ T5339] truncate_inode_pages_range+0x346/0xd90 [ 76.791437][ T5339] set_blocksize+0x32a/0x500 [ 76.793460][ T5339] blkdev_bszset+0x1ac/0x220 [ 76.795477][ T5339] blkdev_ioctl+0x2ad/0x710 [ 76.797387][ T5339] __se_sys_ioctl+0xfc/0x170 [ 76.799309][ T5339] do_syscall_64+0xfa/0xf80 [ 76.802317][ T5339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.805036][ T5339] ------------[ cut here ]------------ [ 76.807275][ T5339] kernel BUG at mm/filemap.c:859! [ 76.809324][ T5339] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 76.811843][ T5339] CPU: 0 UID: 0 PID: 5339 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 76.815026][ T5339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.818728][ T5339] RIP: 0010:__filemap_add_folio+0x118b/0x12d0 [ 76.820786][ T5339] Code: 11 c6 ff 4c 89 e7 48 c7 c6 20 c2 94 8b e8 ed 59 2c ff 90 0f 0b e8 d5 11 c6 ff 4c 89 e7 48 c7 c6 00 b9 94 8b e8 d6 59 2c ff 90 <0f> 0b e8 be 11 c6 ff 4c 89 e7 48 c7 c6 20 c2 94 8b e8 bf 59 2c ff [ 76.827902][ T5339] RSP: 0018:ffffc9000e1e71e0 EFLAGS: 00010246 [ 76.830540][ T5339] RAX: 2bea78659c519300 RBX: 0000000000000000 RCX: 0000000000000000 [ 76.833972][ T5339] RDX: 0000000000000007 RSI: ffffffff8d996416 RDI: 00000000ffffffff [ 76.837503][ T5339] RBP: ffffc9000e1e7360 R08: ffffffff8fa21977 R09: 1ffffffff1f4432e [ 76.840997][ T5339] R10: dffffc0000000000 R11: fffffbfff1f4432f R12: ffffea0000467200 [ 76.844428][ T5339] R13: dffffc0000000000 R14: ffffea0000467208 R15: 0000000000000002 [ 76.847982][ T5339] FS: 00007fc574dba6c0(0000) GS:ffff88808d22f000(0000) knlGS:0000000000000000 [ 76.851832][ T5339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 76.854748][ T5339] CR2: 00002000000017c0 CR3: 00000000377d2000 CR4: 0000000000352ef0 [ 76.858385][ T5339] Call Trace: [ 76.859945][ T5339] [ 76.861280][ T5339] ? __pfx___filemap_add_folio+0x10/0x10 [ 76.863839][ T5339] ? percpu_ref_put+0x19/0x180 [ 76.865934][ T5339] ? percpu_ref_put+0xf9/0x180 [ 76.868086][ T5339] filemap_add_folio+0x26d/0x540 [ 76.870361][ T5339] page_cache_ra_order+0x6a7/0xe50 [ 76.872723][ T5339] do_sync_mmap_readahead+0x66a/0x870 [ 76.875174][ T5339] ? __pfx_do_sync_mmap_readahead+0x10/0x10 [ 76.877728][ T5339] ? count_memcg_event_mm+0x1d/0x250 [ 76.879982][ T5339] ? count_memcg_event_mm+0x1d/0x250 [ 76.882284][ T5339] filemap_fault+0x6ac/0x1290 [ 76.884279][ T5339] ? __pfx_filemap_fault+0x10/0x10 [ 76.886462][ T5339] ? __pfx_filemap_map_pages+0x10/0x10 [ 76.888734][ T5339] __do_fault+0x138/0x390 [ 76.890585][ T5339] do_pte_missing+0x2206/0x3330 [ 76.892752][ T5339] handle_mm_fault+0x1b26/0x32b0 [ 76.894976][ T5339] ? mt_find+0x15c/0x5e0 [ 76.896993][ T5339] ? handle_mm_fault+0xdb/0x32b0 [ 76.899342][ T5339] ? __pfx_handle_mm_fault+0x10/0x10 [ 76.901788][ T5339] ? __pfx_find_vma+0x10/0x10 [ 76.903922][ T5339] ? vma_is_secretmem+0xd/0x50 [ 76.906132][ T5339] __get_user_pages+0x1650/0x29f0 [ 76.908372][ T5339] populate_vma_page_range+0x29f/0x3a0 [ 76.910788][ T5339] ? __pfx_populate_vma_page_range+0x10/0x10 [ 76.913409][ T5339] ? down_read+0x274/0x2e0 [ 76.915430][ T5339] ? __mm_populate+0x160/0x380 [ 76.917611][ T5339] __mm_populate+0x24c/0x380 [ 76.919613][ T5339] ? __pfx___mm_populate+0x10/0x10 [ 76.921863][ T5339] vm_mmap_pgoff+0x387/0x4d0 [ 76.923897][ T5339] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 76.926356][ T5339] ? __fget_files+0x2a/0x420 [ 76.928414][ T5339] ? __fget_files+0x2a/0x420 [ 76.930611][ T5339] ? __fget_files+0x2a/0x420 [ 76.932753][ T5339] ksys_mmap_pgoff+0x51f/0x760 [ 76.935007][ T5339] do_syscall_64+0xfa/0xf80 [ 76.937243][ T5339] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.939984][ T5339] ? clear_bhb_loop+0x60/0xb0 [ 76.942135][ T5339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.944737][ T5339] RIP: 0033:0x7fc573f8f7c9 [ 76.946774][ T5339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.955190][ T5339] RSP: 002b:00007fc574dba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 76.958978][ T5339] RAX: ffffffffffffffda RBX: 00007fc5741e6180 RCX: 00007fc573f8f7c9 [ 76.962496][ T5339] RDX: 0000000001000002 RSI: 0000000000b36000 RDI: 0000200000000000 [ 76.965828][ T5339] RBP: 00007fc574013f91 R08: 000000000000000a R09: 000000002c93a000 [ 76.969662][ T5339] R10: 0000000000028011 R11: 0000000000000246 R12: 0000000000000000 [ 76.973033][ T5339] R13: 00007fc5741e6218 R14: 00007fc5741e6180 R15: 00007fffe1fe9bf8 [ 76.976256][ T5339] [ 76.977641][ T5339] Modules linked in: [ 76.979858][ T5339] ---[ end trace 0000000000000000 ]--- [ 76.991998][ T5339] RIP: 0010:__filemap_add_folio+0x118b/0x12d0 [ 76.999560][ T5339] Code: 11 c6 ff 4c 89 e7 48 c7 c6 20 c2 94 8b e8 ed 59 2c ff 90 0f 0b e8 d5 11 c6 ff 4c 89 e7 48 c7 c6 00 b9 94 8b e8 d6 59 2c ff 90 <0f> 0b e8 be 11 c6 ff 4c 89 e7 48 c7 c6 20 c2 94 8b e8 bf 59 2c ff [ 77.008895][ T5339] RSP: 0018:ffffc9000e1e71e0 EFLAGS: 00010246 [ 77.011958][ T5339] RAX: 2bea78659c519300 RBX: 0000000000000000 RCX: 0000000000000000 [ 77.015624][ T5339] RDX: 0000000000000007 RSI: ffffffff8d996416 RDI: 00000000ffffffff [ 77.019370][ T5339] RBP: ffffc9000e1e7360 R08: ffffffff8fa21977 R09: 1ffffffff1f4432e [ 77.024576][ T5339] R10: dffffc0000000000 R11: fffffbfff1f4432f R12: ffffea0000467200 [ 77.028096][ T5339] R13: dffffc0000000000 R14: ffffea0000467208 R15: 0000000000000002 [ 77.031981][ T5339] FS: 00007fc574dba6c0(0000) GS:ffff88808d22f000(0000) knlGS:0000000000000000 [ 77.035662][ T5339] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 77.038643][ T5339] CR2: 000055b80e1a3168 CR3: 00000000377d2000 CR4: 0000000000352ef0 [ 77.043346][ T5339] Kernel panic - not syncing: Fatal exception [ 77.046607][ T5339] Kernel Offset: disabled [ 77.048617][ T5339] Rebooting in 86400 seconds..