program: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0) r1 = dup(r0) (async) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x121003, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40081271, &(0x7f0000000980)=0x4000) (async, rerun: 64) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r1, 0x2c93a000) (rerun: 64) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15) (async) syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./file3\x00', 0x5, &(0x7f0000000ac0), 0x1, 0xa0d, &(0x7f0000002080)="$eJzs3U2MG1cdAPA33vWm+ShxSkJDGtqEQls+uttsQviIoKmaC1FTcatUcYnStESkAZFK0KqHJCdutKrClQ9x6qUChEQvKOqJSyUaiUtPhQMHoiBV4gCFZNHuvue1/7EZe5Os4/XvJ80+z/yf/d54x+PxzLz3EjCxGot/NqSUqpQuvv3Gkb8/9LeNi4seb+doLf2d7phrLmfvWl58MLWcXvvw1RO90irNL/0t8+npq+3nbk4pnUt70qXUSrsuXn793fmnjp0/emHve28eunKbVh8AACbKty4dOrDjL3+6b9tHb91/eOmHwLJyfN7K81vycf/hfOBfjv8bqXu+6pg6zYR803lqhHxTPfJ1ltMM+ab7lD8TXrfZJ9+GmvKnOpb1Wm8YZ2U7bqWqMds132jMzi7/Jk9Lv+tnqtkzp04/f3ZEFQVuuX8+kFLaYzKZJnFa2DrqPRDAsni98Abn4pmFm9N+tenByr/6RKP38+EWWOvtf1l1brTlr1D+/y//V+ftcbh11uvWVNarfI625Pl4HSHevzTs57+8Xrwe0Rywnv2uI4zL9YV+9Zxa43qsVr/6x+1ivfp6Tsv78I0Q7/z8xP/puPyPgd7+5fy/yTSx08Kod0DAHSveN7eQlXi8ry/GN9TE76qJb6yJb6qJb66JwyT77Us/Sa9VK7/z42/6Yc+HlfNsd+f0Y0PWJ56PHLb8eN/vsG62/Hg/MdzJfn/8mZNfee7Zy8v3/1ft7f963t735PlW/mxdyhnK+cJ4Xr1973+ru5xGn3z3hPrc3SP/0uPt3fmq7Suvkzr2MzfUY2f387b2y7e7O18r5NuYp7tCfePxyabwvHL8Ufar5f2aDuvbDOsxE+pR9ivbchrrAatRtsd+9/+X7XNnalbPnzp98rE8X7bTP041Nywu37fG9QZu3qDtf3am7vY/W9rLm43O/cLWleVV536hFZbP91m+P8+X77nvTG1cWj574nunn7vVKw8T7uzLr3z3+OnTJ3/ggQceeNB+MOo9E3C7zb304vfnzr78yqOnXjz+wskXTp7Zf/Dg/vn5g1/df2Bu6bh+rvPoHlhPVr70R10TAAAAAAAAAAAAYFA/PHrk8p/f+fL7y+3/V9r/lfb/5c7f0v7/x6H9f2wnX9rBl3aA23rEl/KEDlZnQr5mnj4e6rs9lLMjPO8TOW2P45fb/5fiYr+upT73huWx/96SL3QncEN/KTOhD5I4XuCnc3ohp79MMELVxt6Lc1rXv3XZ1kv/FPqlGE/l/1a2htKPSWn/3a9fp7L/37YGdeTWW4vmhKNeR6C3f+j/22Sa2GlhYSqdG/VOCOAOGP+znPcs6Zk/fPOuxalku/pE9xm/2H8p3Iw7ffxJ5a+v8T/b498NvP8LI+a1Vlfuv3925f2OYtOuQcuP61/6gd4+XPkf5fLL2jycBit/4Reh/HhBaED/CeVvGrD8G9Z/9+rK/28uv7xtjzw4aPnLNa4a3fWI543L9b943ri4Fta/9O059PqvcqDG67l8mGTjMs7ssMZl/N9+4n0YX8rzZUdY7nOI450MW/9yf0X5HtgRXr+q+X4z/u94+1pO6z4PZfzfsj22esw3OuabPd7b9bqvgXH1get/JtPETgsLC7f3hFaNkRbOyN//Uf9OGHX5o37/68Txf+MxfBz/N8bj+L8xHsf/jfE4vl6Mx/F/4/sZx/+N8XvD68bxgXfWxD9ZE99VE7+vJr67Jv6pmvjemvj9NfEHauL31MQfrIl/pib+2Zr4QzXxR2rin6uJr3elPcqkrj9Mstg+z+cfJke5/tPv87+9Jg6Mr5++te/JZ3/z7dZy+/+Z9vmQch3vcJ5v5t/OP8rz8bp36phfjL2T5/8a4nf6+Q6YJLH/jPj9/nBNHBhf5T4vn2+YQFXvHnsG7beq33E+4+XzOf1CTr+Y00dzOpvTuZzuy+n8GtWP2+PJX//u0GvVyu/9rSE+6P3ksT1Q7Cdq/4D1iecHhr2fPfbjN6ybLX+VzcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGprH098CBnVVKF99+48gzx07NLS55vJ2jtfR3umOu2X5eSo/ldCqnP88Prn346onO9HpOqzSfqlS1l6enr7ZL2pxSOpf2pEuplXZdvPz6u/NPHTt/9MLe9948dOX2vQMAAACw/v0vAAD//7QcDiU=") mount(0x0, &(0x7f00000001c0)='.\x00', 0x0, 0x10f4c2a, 0x0) [ 83.359804][ T4649] Bluetooth: hci0: command tx timeout [ 83.571615][ T5321] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x2c949 pfn:0x44222 [ 83.588010][ T5321] memcg:ffff888034473100 [ 83.590561][ T5321] flags: 0x4fff00000000001(locked|node=1|zone=1|lastcpupid=0x7ff) [ 83.598279][ T5321] raw: 04fff00000000001 0000000000000000 dead000000000122 0000000000000000 [ 83.603827][ T5321] raw: 000000000002c949 0000000000000000 00000001ffffffff ffff888034473100 [ 83.612479][ T5321] page dumped because: VM_BUG_ON_FOLIO(folio_order(folio) < mapping_min_folio_order(mapping)) [ 83.687233][ T5321] page_owner tracks the page as allocated [ 83.706983][ T5321] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152c40(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 5321, tgid 5319 (syz.0.0), ts 83571592354, free_ts 83570510794 [ 83.719258][ T5327] loop0: detected capacity change from 0 to 2048 [ 83.727335][ T5321] post_alloc_hook+0x1f9/0x250 [ 83.729810][ T5321] get_page_from_freelist+0x21fa/0x2270 [ 83.748622][ T5321] __alloc_frozen_pages_noprof+0x18d/0x380 [ 83.760581][ T5321] alloc_pages_mpol+0x212/0x380 [ 83.770471][ T5327] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 83.791819][ T5321] alloc_pages_noprof+0xac/0x2a0 [ 83.808737][ T5321] folio_alloc_noprof+0x1e/0x30 [ 83.821477][ T5321] filemap_alloc_folio_noprof+0x111/0x470 [ 83.856580][ T5321] page_cache_ra_order+0x569/0xee0 [ 83.898830][ T5321] do_sync_mmap_readahead+0x75e/0x990 [ 83.910939][ T5321] filemap_fault+0x7d9/0x13b0 [ 83.919509][ T5321] __do_fault+0x138/0x2a0 [ 83.945760][ T5321] do_pte_missing+0x2215/0x34b0 [ 83.955026][ T5321] handle_mm_fault+0x1b36/0x3080 [ 83.968533][ T5321] __get_user_pages+0x1678/0x2720 [ 83.978466][ T5321] populate_vma_page_range+0x2be/0x3c0 [ 83.995272][ T5329] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 84.006788][ T5321] __mm_populate+0x25f/0x390 [ 84.013087][ T5321] page last free pid 5320 tgid 5319 stack trace: [ 84.022966][ T5321] free_unref_folios+0xd84/0x14a0 [ 84.027796][ T5321] folios_put_refs+0x9e9/0xb30 [ 84.030865][ T5321] truncate_inode_pages_range+0x3ca/0xd80 [ 84.033577][ T5321] set_blocksize+0x2ce/0x440 [ 84.036263][ T5321] blkdev_bszset+0x1b2/0x230 [ 84.038581][ T5321] blkdev_ioctl+0x2c7/0x740 [ 84.040824][ T5321] __se_sys_ioctl+0xfc/0x170 [ 84.043185][ T5321] do_syscall_64+0x174/0x580 [ 84.046495][ T5321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.063571][ T5321] ------------[ cut here ]------------ [ 84.066240][ T5321] kernel BUG at mm/filemap.c:859! [ 84.068752][ T5321] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 84.071600][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 84.075856][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 84.080677][ T5321] RIP: 0010:__filemap_add_folio+0x11ee/0x1360 [ 84.083302][ T5321] Code: ff 4c 89 f7 48 c7 c6 80 f9 d7 8b e8 4c 79 21 ff 90 0f 0b e8 54 ab bf ff 48 8b 7c 24 08 48 c7 c6 40 ee d7 8b e8 33 79 21 ff 90 <0f> 0b e8 3b ab bf ff 4c 89 f7 48 c7 c6 80 f9 d7 8b e8 1c 79 21 ff [ 84.092154][ T5321] RSP: 0018:ffffc90007e0f1c0 EFLAGS: 00010246 [ 84.095361][ T5321] RAX: fc74fcf297b7ad00 RBX: 0000000000000000 RCX: 0000000000000000 [ 84.098867][ T5321] RDX: 0000000000000007 RSI: ffffffff8dfe333e RDI: 00000000ffffffff [ 84.102356][ T5321] RBP: ffffc90007e0f340 R08: ffffffff9032e3f7 R09: 1ffffffff2065c7e [ 84.105919][ T5321] R10: dffffc0000000000 R11: fffffbfff2065c7f R12: dffffc0000000000 [ 84.109858][ T5321] R13: ffff88801f0a88c0 R14: 0000000000000002 R15: ffff88801f0a89d8 [ 84.113854][ T5321] FS: 00007f381ea586c0(0000) GS:ffff88808c81e000(0000) knlGS:0000000000000000 [ 84.117540][ T5321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.120351][ T5321] CR2: 0000564d034ed168 CR3: 0000000011e00000 CR4: 0000000000352ef0 [ 84.123824][ T5321] Call Trace: [ 84.125386][ T5321] [ 84.126810][ T5321] ? percpu_ref_put+0x19/0x180 [ 84.129130][ T5321] ? __pfx___filemap_add_folio+0x10/0x10 [ 84.131632][ T5321] ? percpu_ref_put+0x19/0x180 [ 84.133713][ T5321] ? percpu_ref_put+0xf9/0x180 [ 84.135842][ T5321] filemap_add_folio+0x25e/0x530 [ 84.138009][ T5321] page_cache_ra_order+0x6d1/0xee0 [ 84.140288][ T5321] do_sync_mmap_readahead+0x75e/0x990 [ 84.142690][ T5321] ? __pfx_do_sync_mmap_readahead+0x10/0x10 [ 84.145729][ T5321] ? count_memcg_event_mm+0x1d/0x250 [ 84.148230][ T5321] ? count_memcg_event_mm+0x1d/0x250 [ 84.150297][ T5321] filemap_fault+0x7d9/0x13b0 [ 84.152494][ T5321] ? __pfx_filemap_fault+0x10/0x10 [ 84.154739][ T5321] ? __pfx_filemap_map_pages+0x10/0x10 [ 84.157020][ T5321] __do_fault+0x138/0x2a0 [ 84.158931][ T5321] ? do_pte_missing+0x140c/0x34b0 [ 84.161110][ T5321] do_pte_missing+0x2215/0x34b0 [ 84.163299][ T5321] ? __pfx___thp_vma_allowable_orders+0x10/0x10 [ 84.166160][ T5321] ? mtree_range_walk+0x707/0x8b0 [ 84.168619][ T5321] handle_mm_fault+0x1b36/0x3080 [ 84.171063][ T5321] ? mt_find+0x186/0x630 [ 84.173220][ T5321] ? handle_mm_fault+0xec/0x3080 [ 84.175476][ T5321] ? __pfx_handle_mm_fault+0x10/0x10 [ 84.177700][ T5321] ? clockevents_program_event+0x491/0x630 [ 84.182341][ T5321] __get_user_pages+0x1678/0x2720 [ 84.184835][ T5321] populate_vma_page_range+0x2be/0x3c0 [ 84.187375][ T5321] ? __pfx_populate_vma_page_range+0x10/0x10 [ 84.189924][ T5321] ? down_read+0x2be/0x330 [ 84.191904][ T5321] __mm_populate+0x25f/0x390 [ 84.193898][ T5321] ? __pfx___mm_populate+0x10/0x10 [ 84.196001][ T5321] vm_mmap_pgoff+0x353/0x4e0 [ 84.197979][ T5321] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 84.200180][ T5321] ? __fget_files+0x2a/0x420 [ 84.203150][ T5321] ? __fget_files+0x3a2/0x420 [ 84.206016][ T5321] ? __fget_files+0x2a/0x420 [ 84.208323][ T5321] ksys_mmap_pgoff+0x4dc/0x760 [ 84.210416][ T5321] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.213062][ T5321] do_syscall_64+0x174/0x580 [ 84.215102][ T5321] ? trace_irq_disable+0x3b/0x140 [ 84.217643][ T5321] ? clear_bhb_loop+0x40/0x90 [ 84.220454][ T5321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.223329][ T5321] RIP: 0033:0x7f381db9ce59 [ 84.225572][ T5321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 84.233967][ T5321] RSP: 002b:00007f381ea57fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 84.238427][ T5321] RAX: ffffffffffffffda RBX: 00007f381de16090 RCX: 00007f381db9ce59 [ 84.242452][ T5321] RDX: 0000000001000002 RSI: 0000000000b36000 RDI: 0000200000000000 [ 84.245894][ T5321] RBP: 00007f381dc32e6f R08: 0000000000000004 R09: 000000002c93a000 [ 84.249197][ T5321] R10: 0000000000028011 R11: 0000000000000246 R12: 0000000000000000 [ 84.252502][ T5321] R13: 00007f381de16128 R14: 00007f381de16090 R15: 00007ffc8b90f3e8 [ 84.256895][ T5321] [ 84.258710][ T5321] Modules linked in: [ 84.261893][ T5321] ---[ end trace 0000000000000000 ]--- [ 84.276926][ T5321] RIP: 0010:__filemap_add_folio+0x11ee/0x1360 [ 84.280716][ T5321] Code: ff 4c 89 f7 48 c7 c6 80 f9 d7 8b e8 4c 79 21 ff 90 0f 0b e8 54 ab bf ff 48 8b 7c 24 08 48 c7 c6 40 ee d7 8b e8 33 79 21 ff 90 <0f> 0b e8 3b ab bf ff 4c 89 f7 48 c7 c6 80 f9 d7 8b e8 1c 79 21 ff [ 84.290177][ T5321] RSP: 0018:ffffc90007e0f1c0 EFLAGS: 00010246 [ 84.293395][ T5321] RAX: fc74fcf297b7ad00 RBX: 0000000000000000 RCX: 0000000000000000 [ 84.298182][ T5321] RDX: 0000000000000007 RSI: ffffffff8dfe333e RDI: 00000000ffffffff [ 84.301867][ T5321] RBP: ffffc90007e0f340 R08: ffffffff9032e3f7 R09: 1ffffffff2065c7e [ 84.305703][ T5321] R10: dffffc0000000000 R11: fffffbfff2065c7f R12: dffffc0000000000 [ 84.309984][ T5321] R13: ffff88801f0a88c0 R14: 0000000000000002 R15: ffff88801f0a89d8 [ 84.314209][ T5321] FS: 00007f381ea586c0(0000) GS:ffff88808c81e000(0000) knlGS:0000000000000000 [ 84.319068][ T5321] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.322331][ T5321] CR2: 0000564d034ed168 CR3: 0000000011e00000 CR4: 0000000000352ef0 [ 84.327635][ T5321] Kernel panic - not syncing: Fatal exception [ 84.330806][ T5321] Kernel Offset: disabled [ 84.332814][ T5321] Rebooting in 86400 seconds..