Extracting prog: 2m59.713684784s
Minimizing prog: 9m58.363409606s
Simplifying prog options: 3m42.140123031s
Extracting C: 30.829879469s
Simplifying C: 0s


extracting reproducer from 24 programs
testing a last program of every proc
single: executing 4 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$ext4-openat-pwritev2-openat-read
detailed listing:
executing program 0:
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r0, &(0x7f0000001a00)=[{&(0x7f0000001940)='\"', 0x1}], 0x1, 0xe7b, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
read(r1, &(0x7f0000000400)=""/4096, 0x1000)

program did not crash
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$erofs-openat$cgroup_ro-openat$cgroup_subtree-openat-fadvise64
detailed listing:
executing program 0:
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x201, &(0x7f0000000d00)="$eJzsmbGLE0EUxr+Z3eydhyg2CjYWHniit9ndqFxzxQmWgnCKWgazHqd7F9lb4e5ASEhjY2kh2NpYWljYaOFfYKuFCoKFKe2UkZmd3Z0km5hIMMW9H2T229037828DV9gA4IgDixfv/z8/OTyyvXzAA5jEXP6+ncrPYqjvfGfnj0893T1yvNXH1+83z7y6E1/PibniPHrOwDerVlIwGxdsWf2YpE207gBjrNa3wSDm8pfQiFlCyEYbuuYe4ZuHtIiCt07zahxdzMKPTn4cgjkUDPry0V12wwNAPNqdUIw4/7O3v79ehSFcb+oiKzOwK1Jxaj+qfWtcawi654QHMCtx522PNe9gQee988Hh691DQzrWq9gDq7rFi0x9n/SLvJb4+x/tuKlEseW/1dR8LQdYwWz6XwtJhLx2xONWT8UU/wWQkw+qzKV6qz/inwg+ZXj3cwDzZhvM+/YvwtlXAAGbn1YiKKr5bP43zLLjjkljcpF4U/S2c8Y/mTDzv2jmmw9qO7s7S9vbtU3wo1wOwhql7wLnncxqCojSscR/jev/GnByF8ZEuswB7v1JIn9XSCJ/fw8SEfDcddfN3+oOVz5H8fS6TQH079ZnSE1mP5wdZRqySqPbA3dE0EQBEEQBEEQBEEQBEEQRDmnwJD+EyaYfiFaRnBNvaH8EwAA///zPWcb")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x275a, 0x0)
openat$cgroup_subtree(r0, 0x0, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
fadvise64(r1, 0xe0ffff, 0x4101, 0x3)

program crashed: BUG: Bad page state in page_cache_ra_unbounded
single: successfully extracted reproducer
found reproducer with 5 syscalls
minimizing guilty program
testing program (duration=54.956682885s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$erofs-openat$cgroup_ro-openat$cgroup_subtree-openat
detailed listing:
executing program 0:
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x201, &(0x7f0000000d00)="$eJzsmbGLE0EUxr+Z3eydhyg2CjYWHniit9ndqFxzxQmWgnCKWgazHqd7F9lb4e5ASEhjY2kh2NpYWljYaOFfYKuFCoKFKe2UkZmd3Z0km5hIMMW9H2T229037828DV9gA4IgDixfv/z8/OTyyvXzAA5jEXP6+ncrPYqjvfGfnj0893T1yvNXH1+83z7y6E1/PibniPHrOwDerVlIwGxdsWf2YpE207gBjrNa3wSDm8pfQiFlCyEYbuuYe4ZuHtIiCt07zahxdzMKPTn4cgjkUDPry0V12wwNAPNqdUIw4/7O3v79ehSFcb+oiKzOwK1Jxaj+qfWtcawi654QHMCtx522PNe9gQee988Hh691DQzrWq9gDq7rFi0x9n/SLvJb4+x/tuKlEseW/1dR8LQdYwWz6XwtJhLx2xONWT8UU/wWQkw+qzKV6qz/inwg+ZXj3cwDzZhvM+/YvwtlXAAGbn1YiKKr5bP43zLLjjkljcpF4U/S2c8Y/mTDzv2jmmw9qO7s7S9vbtU3wo1wOwhql7wLnncxqCojSscR/jev/GnByF8ZEuswB7v1JIn9XSCJ/fw8SEfDcddfN3+oOVz5H8fS6TQH079ZnSE1mP5wdZRqySqPbA3dE0EQBEEQBEEQBEEQBEEQRDmnwJD+EyaYfiFaRnBNvaH8EwAA///zPWcb")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x275a, 0x0)
openat$cgroup_subtree(r0, 0x0, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)

program did not crash
testing program (duration=54.956682885s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$erofs-openat$cgroup_ro-openat$cgroup_subtree-fadvise64
detailed listing:
executing program 0:
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x201, &(0x7f0000000d00)="$eJzsmbGLE0EUxr+Z3eydhyg2CjYWHniit9ndqFxzxQmWgnCKWgazHqd7F9lb4e5ASEhjY2kh2NpYWljYaOFfYKuFCoKFKe2UkZmd3Z0km5hIMMW9H2T229037828DV9gA4IgDixfv/z8/OTyyvXzAA5jEXP6+ncrPYqjvfGfnj0893T1yvNXH1+83z7y6E1/PibniPHrOwDerVlIwGxdsWf2YpE207gBjrNa3wSDm8pfQiFlCyEYbuuYe4ZuHtIiCt07zahxdzMKPTn4cgjkUDPry0V12wwNAPNqdUIw4/7O3v79ehSFcb+oiKzOwK1Jxaj+qfWtcawi654QHMCtx522PNe9gQee988Hh691DQzrWq9gDq7rFi0x9n/SLvJb4+x/tuKlEseW/1dR8LQdYwWz6XwtJhLx2xONWT8UU/wWQkw+qzKV6qz/inwg+ZXj3cwDzZhvM+/YvwtlXAAGbn1YiKKr5bP43zLLjjkljcpF4U/S2c8Y/mTDzv2jmmw9qO7s7S9vbtU3wo1wOwhql7wLnncxqCojSscR/jev/GnByF8ZEuswB7v1JIn9XSCJ/fw8SEfDcddfN3+oOVz5H8fS6TQH079ZnSE1mP5wdZRqySqPbA3dE0EQBEEQBEEQBEEQBEEQRDmnwJD+EyaYfiFaRnBNvaH8EwAA///zPWcb")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x275a, 0x0)
openat$cgroup_subtree(r0, 0x0, 0x2, 0x0)
fadvise64(0xffffffffffffffff, 0xe0ffff, 0x4101, 0x3)

program did not crash
testing program (duration=54.956682885s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$erofs-openat$cgroup_ro-openat-fadvise64
detailed listing:
executing program 0:
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x201, &(0x7f0000000d00)="$eJzsmbGLE0EUxr+Z3eydhyg2CjYWHniit9ndqFxzxQmWgnCKWgazHqd7F9lb4e5ASEhjY2kh2NpYWljYaOFfYKuFCoKFKe2UkZmd3Z0km5hIMMW9H2T229037828DV9gA4IgDixfv/z8/OTyyvXzAA5jEXP6+ncrPYqjvfGfnj0893T1yvNXH1+83z7y6E1/PibniPHrOwDerVlIwGxdsWf2YpE207gBjrNa3wSDm8pfQiFlCyEYbuuYe4ZuHtIiCt07zahxdzMKPTn4cgjkUDPry0V12wwNAPNqdUIw4/7O3v79ehSFcb+oiKzOwK1Jxaj+qfWtcawi654QHMCtx522PNe9gQee988Hh691DQzrWq9gDq7rFi0x9n/SLvJb4+x/tuKlEseW/1dR8LQdYwWz6XwtJhLx2xONWT8UU/wWQkw+qzKV6qz/inwg+ZXj3cwDzZhvM+/YvwtlXAAGbn1YiKKr5bP43zLLjjkljcpF4U/S2c8Y/mTDzv2jmmw9qO7s7S9vbtU3wo1wOwhql7wLnncxqCojSscR/jev/GnByF8ZEuswB7v1JIn9XSCJ/fw8SEfDcddfN3+oOVz5H8fS6TQH079ZnSE1mP5wdZRqySqPbA3dE0EQBEEQBEEQBEEQBEEQRDmnwJD+EyaYfiFaRnBNvaH8EwAA///zPWcb")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
fadvise64(r0, 0xe0ffff, 0x4101, 0x3)

program crashed: kernel BUG in folio_memcg
testing program (duration=54.956682885s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$erofs-openat-fadvise64
detailed listing:
executing program 0:
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x201, &(0x7f0000000d00)="$eJzsmbGLE0EUxr+Z3eydhyg2CjYWHniit9ndqFxzxQmWgnCKWgazHqd7F9lb4e5ASEhjY2kh2NpYWljYaOFfYKuFCoKFKe2UkZmd3Z0km5hIMMW9H2T229037828DV9gA4IgDixfv/z8/OTyyvXzAA5jEXP6+ncrPYqjvfGfnj0893T1yvNXH1+83z7y6E1/PibniPHrOwDerVlIwGxdsWf2YpE207gBjrNa3wSDm8pfQiFlCyEYbuuYe4ZuHtIiCt07zahxdzMKPTn4cgjkUDPry0V12wwNAPNqdUIw4/7O3v79ehSFcb+oiKzOwK1Jxaj+qfWtcawi654QHMCtx522PNe9gQee988Hh691DQzrWq9gDq7rFi0x9n/SLvJb4+x/tuKlEseW/1dR8LQdYwWz6XwtJhLx2xONWT8UU/wWQkw+qzKV6qz/inwg+ZXj3cwDzZhvM+/YvwtlXAAGbn1YiKKr5bP43zLLjjkljcpF4U/S2c8Y/mTDzv2jmmw9qO7s7S9vbtU3wo1wOwhql7wLnncxqCojSscR/jev/GnByF8ZEuswB7v1JIn9XSCJ/fw8SEfDcddfN3+oOVz5H8fS6TQH079ZnSE1mP5wdZRqySqPbA3dE0EQBEEQBEEQBEEQBEEQRDmnwJD+EyaYfiFaRnBNvaH8EwAA///zPWcb")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
fadvise64(r0, 0xe0ffff, 0x4101, 0x3)

program did not crash
testing program (duration=54.956682885s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$cgroup_ro-openat-fadvise64
detailed listing:
executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
fadvise64(r0, 0xe0ffff, 0x4101, 0x3)

program did not crash
testing program (duration=54.956682885s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$erofs-openat$cgroup_ro-openat-fadvise64
detailed listing:
executing program 0:
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x201, &(0x7f0000000d00)="$eJzsmbGLE0EUxr+Z3eydhyg2CjYWHniit9ndqFxzxQmWgnCKWgazHqd7F9lb4e5ASEhjY2kh2NpYWljYaOFfYKuFCoKFKe2UkZmd3Z0km5hIMMW9H2T229037828DV9gA4IgDixfv/z8/OTyyvXzAA5jEXP6+ncrPYqjvfGfnj0893T1yvNXH1+83z7y6E1/PibniPHrOwDerVlIwGxdsWf2YpE207gBjrNa3wSDm8pfQiFlCyEYbuuYe4ZuHtIiCt07zahxdzMKPTn4cgjkUDPry0V12wwNAPNqdUIw4/7O3v79ehSFcb+oiKzOwK1Jxaj+qfWtcawi654QHMCtx522PNe9gQee988Hh691DQzrWq9gDq7rFi0x9n/SLvJb4+x/tuKlEseW/1dR8LQdYwWz6XwtJhLx2xONWT8UU/wWQkw+qzKV6qz/inwg+ZXj3cwDzZhvM+/YvwtlXAAGbn1YiKKr5bP43zLLjjkljcpF4U/S2c8Y/mTDzv2jmmw9qO7s7S9vbtU3wo1wOwhql7wLnncxqCojSscR/jev/GnByF8ZEuswB7v1JIn9XSCJ/fw8SEfDcddfN3+oOVz5H8fS6TQH079ZnSE1mP5wdZRqySqPbA3dE0EQBEEQBEEQBEEQBEEQRDmnwJD+EyaYfiFaRnBNvaH8EwAA///zPWcb")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
fadvise64(r0, 0xe0ffff, 0x4101, 0x3)

program did not crash
testing program (duration=54.956682885s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$erofs-openat$cgroup_ro-openat-fadvise64
detailed listing:
executing program 0:
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x201, &(0x7f0000000d00)="$eJzsmbGLE0EUxr+Z3eydhyg2CjYWHniit9ndqFxzxQmWgnCKWgazHqd7F9lb4e5ASEhjY2kh2NpYWljYaOFfYKuFCoKFKe2UkZmd3Z0km5hIMMW9H2T229037828DV9gA4IgDixfv/z8/OTyyvXzAA5jEXP6+ncrPYqjvfGfnj0893T1yvNXH1+83z7y6E1/PibniPHrOwDerVlIwGxdsWf2YpE207gBjrNa3wSDm8pfQiFlCyEYbuuYe4ZuHtIiCt07zahxdzMKPTn4cgjkUDPry0V12wwNAPNqdUIw4/7O3v79ehSFcb+oiKzOwK1Jxaj+qfWtcawi654QHMCtx522PNe9gQee988Hh691DQzrWq9gDq7rFi0x9n/SLvJb4+x/tuKlEseW/1dR8LQdYwWz6XwtJhLx2xONWT8UU/wWQkw+qzKV6qz/inwg+ZXj3cwDzZhvM+/YvwtlXAAGbn1YiKKr5bP43zLLjjkljcpF4U/S2c8Y/mTDzv2jmmw9qO7s7S9vbtU3wo1wOwhql7wLnncxqCojSscR/jev/GnByF8ZEuswB7v1JIn9XSCJ/fw8SEfDcddfN3+oOVz5H8fS6TQH079ZnSE1mP5wdZRqySqPbA3dE0EQBEEQBEEQBEEQBEEQRDmnwJD+EyaYfiFaRnBNvaH8EwAA///zPWcb")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x400, 0x0)
fadvise64(r0, 0xe0ffff, 0x4101, 0x3)

program did not crash
extracting C reproducer
testing compiled C program (duration=54.956682885s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$erofs-openat$cgroup_ro-openat-fadvise64
program crashed: BUG: Bad page state in z_erofs_do_read_page
a never seen crash title: BUG: Bad page state in z_erofs_do_read_page, ignore
simplifying guilty program options
testing program (duration=54.956682885s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$erofs-openat$cgroup_ro-openat-fadvise64
detailed listing:
executing program 0:
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x201, &(0x7f0000000d00)="$eJzsmbGLE0EUxr+Z3eydhyg2CjYWHniit9ndqFxzxQmWgnCKWgazHqd7F9lb4e5ASEhjY2kh2NpYWljYaOFfYKuFCoKFKe2UkZmd3Z0km5hIMMW9H2T229037828DV9gA4IgDixfv/z8/OTyyvXzAA5jEXP6+ncrPYqjvfGfnj0893T1yvNXH1+83z7y6E1/PibniPHrOwDerVlIwGxdsWf2YpE207gBjrNa3wSDm8pfQiFlCyEYbuuYe4ZuHtIiCt07zahxdzMKPTn4cgjkUDPry0V12wwNAPNqdUIw4/7O3v79ehSFcb+oiKzOwK1Jxaj+qfWtcawi654QHMCtx522PNe9gQee988Hh691DQzrWq9gDq7rFi0x9n/SLvJb4+x/tuKlEseW/1dR8LQdYwWz6XwtJhLx2xONWT8UU/wWQkw+qzKV6qz/inwg+ZXj3cwDzZhvM+/YvwtlXAAGbn1YiKKr5bP43zLLjjkljcpF4U/S2c8Y/mTDzv2jmmw9qO7s7S9vbtU3wo1wOwhql7wLnncxqCojSscR/jev/GnByF8ZEuswB7v1JIn9XSCJ/fw8SEfDcddfN3+oOVz5H8fS6TQH079ZnSE1mP5wdZRqySqPbA3dE0EQBEEQBEEQBEEQBEEQRDmnwJD+EyaYfiFaRnBNvaH8EwAA///zPWcb")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
fadvise64(r0, 0xe0ffff, 0x4101, 0x3)

program crashed: BUG: Bad page state in z_erofs_do_read_page
a never seen crash title: BUG: Bad page state in z_erofs_do_read_page, ignore
testing program (duration=54.956682885s, {Threaded:true Repeat:false RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:false Cgroups:false BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$erofs-openat$cgroup_ro-openat-fadvise64
detailed listing:
executing program 0:
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x201, &(0x7f0000000d00)="$eJzsmbGLE0EUxr+Z3eydhyg2CjYWHniit9ndqFxzxQmWgnCKWgazHqd7F9lb4e5ASEhjY2kh2NpYWljYaOFfYKuFCoKFKe2UkZmd3Z0km5hIMMW9H2T229037828DV9gA4IgDixfv/z8/OTyyvXzAA5jEXP6+ncrPYqjvfGfnj0893T1yvNXH1+83z7y6E1/PibniPHrOwDerVlIwGxdsWf2YpE207gBjrNa3wSDm8pfQiFlCyEYbuuYe4ZuHtIiCt07zahxdzMKPTn4cgjkUDPry0V12wwNAPNqdUIw4/7O3v79ehSFcb+oiKzOwK1Jxaj+qfWtcawi654QHMCtx522PNe9gQee988Hh691DQzrWq9gDq7rFi0x9n/SLvJb4+x/tuKlEseW/1dR8LQdYwWz6XwtJhLx2xONWT8UU/wWQkw+qzKV6qz/inwg+ZXj3cwDzZhvM+/YvwtlXAAGbn1YiKKr5bP43zLLjjkljcpF4U/S2c8Y/mTDzv2jmmw9qO7s7S9vbtU3wo1wOwhql7wLnncxqCojSscR/jev/GnByF8ZEuswB7v1JIn9XSCJ/fw8SEfDcddfN3+oOVz5H8fS6TQH079ZnSE1mP5wdZRqySqPbA3dE0EQBEEQBEEQBEEQBEEQRDmnwJD+EyaYfiFaRnBNvaH8EwAA///zPWcb")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
fadvise64(r0, 0xe0ffff, 0x4101, 0x3)

program crashed: BUG: Bad page state in z_erofs_do_read_page
a never seen crash title: BUG: Bad page state in z_erofs_do_read_page, ignore
testing program (duration=54.956682885s, {Threaded:true Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_mount_image$erofs-openat$cgroup_ro-openat-fadvise64
detailed listing:
executing program 0:
syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x201, &(0x7f0000000d00)="$eJzsmbGLE0EUxr+Z3eydhyg2CjYWHniit9ndqFxzxQmWgnCKWgazHqd7F9lb4e5ASEhjY2kh2NpYWljYaOFfYKuFCoKFKe2UkZmd3Z0km5hIMMW9H2T229037828DV9gA4IgDixfv/z8/OTyyvXzAA5jEXP6+ncrPYqjvfGfnj0893T1yvNXH1+83z7y6E1/PibniPHrOwDerVlIwGxdsWf2YpE207gBjrNa3wSDm8pfQiFlCyEYbuuYe4ZuHtIiCt07zahxdzMKPTn4cgjkUDPry0V12wwNAPNqdUIw4/7O3v79ehSFcb+oiKzOwK1Jxaj+qfWtcawi654QHMCtx522PNe9gQee988Hh691DQzrWq9gDq7rFi0x9n/SLvJb4+x/tuKlEseW/1dR8LQdYwWz6XwtJhLx2xONWT8UU/wWQkw+qzKV6qz/inwg+ZXj3cwDzZhvM+/YvwtlXAAGbn1YiKKr5bP43zLLjjkljcpF4U/S2c8Y/mTDzv2jmmw9qO7s7S9vbtU3wo1wOwhql7wLnncxqCojSscR/jev/GnByF8ZEuswB7v1JIn9XSCJ/fw8SEfDcddfN3+oOVz5H8fS6TQH079ZnSE1mP5wdZRqySqPbA3dE0EQBEEQBEEQBEEQBEEQRDmnwJD+EyaYfiFaRnBNvaH8EwAA///zPWcb")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
fadvise64(r0, 0xe0ffff, 0x4101, 0x3)

program crashed: BUG: Bad page state in z_erofs_do_read_page
a never seen crash title: BUG: Bad page state in z_erofs_do_read_page, ignore
reproducing took 17m11.04711923s
repro crashed as (corrupted=false):
 __folio_batch_release+0x71/0xe0 mm/swap.c:1042
 folio_batch_release include/linux/pagevec.h:83 [inline]
 truncate_inode_pages_range+0x358/0xf00 mm/truncate.c:371
 evict+0x499/0x870 fs/inode.c:707
 erofs_put_super+0x7b/0x150 fs/erofs/super.c:815
 generic_shutdown_super+0x134/0x2b0 fs/super.c:693
 kill_block_super+0x44/0x90 fs/super.c:1660
 erofs_kill_sb+0x4c/0x140 fs/erofs/super.c:794
 deactivate_locked_super+0x97/0x100 fs/super.c:481
 cleanup_mnt+0x429/0x4c0 fs/namespace.c:1250
 task_work_run+0x1ce/0x250 kernel/task_work.c:239
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0xe6/0x110 kernel/entry/common.c:177
 exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
 __syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
 syscall_exit_to_user_mode+0x1a/0x50 kernel/entry/common.c:302
------------[ cut here ]------------
kernel BUG at include/linux/memcontrol.h:387!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 5812 Comm: udevd Not tainted 6.6.94-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:__folio_memcg include/linux/memcontrol.h:387 [inline]
RIP: 0010:folio_memcg+0x266/0x480 include/linux/memcontrol.h:440
Code: 48 25 ff 0f 00 00 0f 84 07 01 00 00 e8 33 1b cb ff e9 8c fe ff ff e8 29 1b cb ff 48 89 df 48 c7 c6 40 6c b3 8a e8 da 40 0c 00 <0f> 0b e8 13 1b cb ff 48 89 df 48 c7 c6 40 64 b3 8a e8 c4 40 0c 00
RSP: 0018:ffffc9000490f888 EFLAGS: 00010046
RAX: b5f727d631f07200 RBX: ffffea0000938c40 RCX: b5f727d631f07200
RDX: 0000000000000004 RSI: ffffffff8aaac440 RDI: ffffffff8afc6900
RBP: 1ffffd4000127189 R08: ffffffff8e49ab2f R09: 1ffffffff1c93565
R10: dffffc0000000000 R11: fffffbfff1c93566 R12: 0000000000000000
R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000800
FS:  00007efd83b44880(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2c65ffff CR3: 0000000027a09000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 folio_matches_lruvec include/linux/memcontrol.h:1626 [inline]
 folio_lruvec_relock_irqsave include/linux/memcontrol.h:1648 [inline]
 folio_batch_move_lru+0x2aa/0x6b0 mm/swap.c:208
 folio_add_lru+0x434/0xd50 mm/swap.c:509
 shmem_get_folio_gfp+0xff7/0x2ac0 mm/shmem.c:2078
 shmem_get_folio mm/shmem.c:2165 [inline]
 shmem_write_begin+0xf2/0x420 mm/shmem.c:2707
 generic_perform_write+0x2fb/0x5b0 mm/filemap.c:4016
 shmem_file_write_iter+0xfb/0x120 mm/shmem.c:2884
 call_write_iter include/linux/fs.h:2018 [inline]
 new_sync_write fs/read_write.c:491 [inline]
 vfs_write+0x43b/0x940 fs/read_write.c:584
 ksys_write+0x147/0x250 fs/read_write.c:637
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x55/0xb0 arch/x86/entry/common.c:81
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7efd834a7407
Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
RSP: 002b:00007ffe86909630 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007efd83b44880 RCX: 00007efd834a7407
RDX: 0000000000000020 RSI: 0000560199c408f0 RDI: 0000000000000009
RBP: 0000560199c408f0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000020
R13: 0000560199c3c7a0 R14: 00007efd835efea0 R15: 000056016531a9dd
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__folio_memcg include/linux/memcontrol.h:387 [inline]
RIP: 0010:folio_memcg+0x266/0x480 include/linux/memcontrol.h:440
Code: 48 25 ff 0f 00 00 0f 84 07 01 00 00 e8 33 1b cb ff e9 8c fe ff ff e8 29 1b cb ff 48 89 df 48 c7 c6 40 6c b3 8a e8 da 40 0c 00 <0f> 0b e8 13 1b cb ff 48 89 df 48 c7 c6 40 64 b3 8a e8 c4 40 0c 00
RSP: 0018:ffffc9000490f888 EFLAGS: 00010046
RAX: b5f727d631f07200 RBX: ffffea0000938c40 RCX: b5f727d631f07200
RDX: 0000000000000004 RSI: ffffffff8aaac440 RDI: ffffffff8afc6900
RBP: 1ffffd4000127189 R08: ffffffff8e49ab2f R09: 1ffffffff1c93565
R10: dffffc0000000000 R11: fffffbfff1c93566 R12: 0000000000000000
R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000800
FS:  00007efd83b44880(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2c65ffff CR3: 0000000027a09000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

final repro crashed as (corrupted=false):
 __folio_batch_release+0x71/0xe0 mm/swap.c:1042
 folio_batch_release include/linux/pagevec.h:83 [inline]
 truncate_inode_pages_range+0x358/0xf00 mm/truncate.c:371
 evict+0x499/0x870 fs/inode.c:707
 erofs_put_super+0x7b/0x150 fs/erofs/super.c:815
 generic_shutdown_super+0x134/0x2b0 fs/super.c:693
 kill_block_super+0x44/0x90 fs/super.c:1660
 erofs_kill_sb+0x4c/0x140 fs/erofs/super.c:794
 deactivate_locked_super+0x97/0x100 fs/super.c:481
 cleanup_mnt+0x429/0x4c0 fs/namespace.c:1250
 task_work_run+0x1ce/0x250 kernel/task_work.c:239
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0xe6/0x110 kernel/entry/common.c:177
 exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
 __syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
 syscall_exit_to_user_mode+0x1a/0x50 kernel/entry/common.c:302
------------[ cut here ]------------
kernel BUG at include/linux/memcontrol.h:387!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 5812 Comm: udevd Not tainted 6.6.94-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:__folio_memcg include/linux/memcontrol.h:387 [inline]
RIP: 0010:folio_memcg+0x266/0x480 include/linux/memcontrol.h:440
Code: 48 25 ff 0f 00 00 0f 84 07 01 00 00 e8 33 1b cb ff e9 8c fe ff ff e8 29 1b cb ff 48 89 df 48 c7 c6 40 6c b3 8a e8 da 40 0c 00 <0f> 0b e8 13 1b cb ff 48 89 df 48 c7 c6 40 64 b3 8a e8 c4 40 0c 00
RSP: 0018:ffffc9000490f888 EFLAGS: 00010046
RAX: b5f727d631f07200 RBX: ffffea0000938c40 RCX: b5f727d631f07200
RDX: 0000000000000004 RSI: ffffffff8aaac440 RDI: ffffffff8afc6900
RBP: 1ffffd4000127189 R08: ffffffff8e49ab2f R09: 1ffffffff1c93565
R10: dffffc0000000000 R11: fffffbfff1c93566 R12: 0000000000000000
R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000800
FS:  00007efd83b44880(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2c65ffff CR3: 0000000027a09000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 folio_matches_lruvec include/linux/memcontrol.h:1626 [inline]
 folio_lruvec_relock_irqsave include/linux/memcontrol.h:1648 [inline]
 folio_batch_move_lru+0x2aa/0x6b0 mm/swap.c:208
 folio_add_lru+0x434/0xd50 mm/swap.c:509
 shmem_get_folio_gfp+0xff7/0x2ac0 mm/shmem.c:2078
 shmem_get_folio mm/shmem.c:2165 [inline]
 shmem_write_begin+0xf2/0x420 mm/shmem.c:2707
 generic_perform_write+0x2fb/0x5b0 mm/filemap.c:4016
 shmem_file_write_iter+0xfb/0x120 mm/shmem.c:2884
 call_write_iter include/linux/fs.h:2018 [inline]
 new_sync_write fs/read_write.c:491 [inline]
 vfs_write+0x43b/0x940 fs/read_write.c:584
 ksys_write+0x147/0x250 fs/read_write.c:637
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x55/0xb0 arch/x86/entry/common.c:81
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7efd834a7407
Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
RSP: 002b:00007ffe86909630 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007efd83b44880 RCX: 00007efd834a7407
RDX: 0000000000000020 RSI: 0000560199c408f0 RDI: 0000000000000009
RBP: 0000560199c408f0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000020
R13: 0000560199c3c7a0 R14: 00007efd835efea0 R15: 000056016531a9dd
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__folio_memcg include/linux/memcontrol.h:387 [inline]
RIP: 0010:folio_memcg+0x266/0x480 include/linux/memcontrol.h:440
Code: 48 25 ff 0f 00 00 0f 84 07 01 00 00 e8 33 1b cb ff e9 8c fe ff ff e8 29 1b cb ff 48 89 df 48 c7 c6 40 6c b3 8a e8 da 40 0c 00 <0f> 0b e8 13 1b cb ff 48 89 df 48 c7 c6 40 64 b3 8a e8 c4 40 0c 00
RSP: 0018:ffffc9000490f888 EFLAGS: 00010046
RAX: b5f727d631f07200 RBX: ffffea0000938c40 RCX: b5f727d631f07200
RDX: 0000000000000004 RSI: ffffffff8aaac440 RDI: ffffffff8afc6900
RBP: 1ffffd4000127189 R08: ffffffff8e49ab2f R09: 1ffffffff1c93565
R10: dffffc0000000000 R11: fffffbfff1c93566 R12: 0000000000000000
R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000800
FS:  00007efd83b44880(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2c65ffff CR3: 0000000027a09000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400