faultin_page mm/gup.c:1144 [inline] __get_user_pages+0x551/0x34a0 mm/gup.c:1446 __get_user_pages_locked mm/gup.c:1712 [inline] faultin_page_range+0x338/0x940 mm/gup.c:1932 madvise_populate mm/madvise.c:979 [inline] madvise_do_behavior+0x34c/0x530 mm/madvise.c:1883 page last free pid 6439 tgid 6438 stack trace: reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1395 [inline] free_unref_folios+0xa61/0x16b0 mm/page_alloc.c:2952 folios_put_refs+0x56f/0x740 mm/swap.c:997 folio_batch_release include/linux/pagevec.h:101 [inline] truncate_inode_pages_range+0x311/0xe50 mm/truncate.c:383 kill_bdev block/bdev.c:91 [inline] set_blocksize+0x2b8/0x500 block/bdev.c:207 blkdev_bszset+0x19b/0x240 block/ioctl.c:554 blkdev_ioctl+0x44e/0x6d0 block/ioctl.c:688 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:598 [inline] __se_sys_ioctl fs/ioctl.c:584 [inline] __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:584 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f ------------[ cut here ]------------ kernel BUG at mm/filemap.c:867! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI CPU: 0 UID: 0 PID: 6423 Comm: syz.2.125 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 RIP: 0010:__filemap_add_folio+0xf5b/0x11e0 mm/filemap.c:867 Code: 7a c8 ff 48 c7 c6 20 24 b9 8b 4c 89 ef e8 9d 28 11 00 90 0f 0b e8 95 7a c8 ff 48 c7 c6 80 24 b9 8b 4c 89 ef e8 86 28 11 00 90 <0f> 0b e8 7e 7a c8 ff 90 0f 0b 90 e9 f2 fb ff ff e8 70 7a c8 ff 48 RSP: 0018:ffffc9000b3bf3b8 EFLAGS: 00010246 RAX: 0000000000080000 RBX: 0000000000000002 RCX: ffffc9000fad6000 RDX: 0000000000080000 RSI: ffffffff81f3175a RDI: ffff888028188444 RBP: 0000000000112cc0 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffff90ab3f97 R11: 0000000000000001 R12: 0000000000000004 R13: ffffea00016b2a00 R14: 0000000000000002 R15: 0000000000000002 FS: 00007f42887c66c0(0000) GS:ffff8881246bc000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f93ccfb7dac CR3: 000000004f9eb000 CR4: 00000000003526f0 Call Trace: filemap_add_folio+0x10e/0x220 mm/filemap.c:969 ra_alloc_folio mm/readahead.c:448 [inline] page_cache_ra_order+0x5a7/0xd70 mm/readahead.c:506 page_cache_async_ra+0x69c/0xa00 mm/readahead.c:689 do_async_mmap_readahead mm/filemap.c:3332 [inline] filemap_fault+0xd42/0x2930 mm/filemap.c:3431 __do_fault+0x10a/0x490 mm/memory.c:5152 do_shared_fault mm/memory.c:5637 [inline] do_fault mm/memory.c:5711 [inline] do_pte_missing+0x1a6/0x3ba0 mm/memory.c:4234 handle_pte_fault mm/memory.c:6052 [inline] __handle_mm_fault+0x152a/0x2a50 mm/memory.c:6195 handle_mm_fault+0x589/0xd10 mm/memory.c:6364 faultin_page mm/gup.c:1144 [inline] __get_user_pages+0x551/0x34a0 mm/gup.c:1446 __get_user_pages_locked mm/gup.c:1712 [inline] faultin_page_range+0x338/0x940 mm/gup.c:1932 madvise_populate mm/madvise.c:979 [inline] madvise_do_behavior+0x34c/0x530 mm/madvise.c:1883 do_madvise+0x176/0x240 mm/madvise.c:1978 __do_sys_madvise mm/madvise.c:1987 [inline] __se_sys_madvise mm/madvise.c:1985 [inline] __x64_sys_madvise+0xa9/0x110 mm/madvise.c:1985 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f428798ebe9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f42887c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c RAX: ffffffffffffffda RBX: 00007f4287bb6180 RCX: 00007f428798ebe9 RDX: 0000000000000017 RSI: 0000000000c00000 RDI: 0000200000000000 RBP: 00007f4287a11e19 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007f4287bb6218 R14: 00007f4287bb6180 R15: 00007ffcdca5bd98 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:__filemap_add_folio+0xf5b/0x11e0 mm/filemap.c:867 Code: 7a c8 ff 48 c7 c6 20 24 b9 8b 4c 89 ef e8 9d 28 11 00 90 0f 0b e8 95 7a c8 ff 48 c7 c6 80 24 b9 8b 4c 89 ef e8 86 28 11 00 90 <0f> 0b e8 7e 7a c8 ff 90 0f 0b 90 e9 f2 fb ff ff e8 70 7a c8 ff 48 RSP: 0018:ffffc9000b3bf3b8 EFLAGS: 00010246 RAX: 0000000000080000 RBX: 0000000000000002 RCX: ffffc9000fad6000 RDX: 0000000000080000 RSI: ffffffff81f3175a RDI: ffff888028188444 RBP: 0000000000112cc0 R08: 0000000000000000 R09: 0000000000000000 R10: ffffffff90ab3f97 R11: 0000000000000001 R12: 0000000000000004 R13: ffffea00016b2a00 R14: 0000000000000002 R15: 0000000000000002 FS: 00007f42887c66c0(0000) GS:ffff8881246bc000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f93cdc74d58 CR3: 000000004f9eb000 CR4: 00000000003526f0