Warning: Permanently added '10.128.10.45' (ED25519) to the list of known hosts.
executing program
[   35.731184][ T6410] loop0: detected capacity change from 0 to 131072
[   35.742112][ T6410] F2FS-fs (loop0): inline encryption not supported
[   35.743572][ T6410] F2FS-fs (loop0): heap/no_heap options were deprecated
[   35.744958][ T6410] F2FS-fs (loop0): QUOTA feature is enabled, so ignore jquota_fmt
[   35.748920][ T6410] F2FS-fs (loop0): invalid crc value
[   35.752842][ T6410] F2FS-fs (loop0): Found nat_bits in checkpoint
[   35.764186][ T6410] F2FS-fs (loop0): Mounted with checkpoint version = 1b41e954
[   35.767465][ T6410] ==================================================================
[   35.769069][ T6410] BUG: KASAN: slab-out-of-bounds in f2fs_getxattr+0xf5c/0x1064
[   35.770548][ T6410] Read of size 4 at addr ffff0000cd53e618 by task syz-executor151/6410
[   35.772131][ T6410] 
[   35.772576][ T6410] CPU: 0 UID: 0 PID: 6410 Comm: syz-executor151 Not tainted 6.13.0-rc3-syzkaller-g573067a5a685 #0
[   35.774835][ T6410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   35.776854][ T6410] Call trace:
[   35.777550][ T6410]  show_stack+0x2c/0x3c (C)
[   35.778477][ T6410]  dump_stack_lvl+0xe4/0x150
[   35.779405][ T6410]  print_report+0x198/0x538
[   35.780307][ T6410]  kasan_report+0xd8/0x138
[   35.781206][ T6410]  __asan_report_load4_noabort+0x20/0x2c
[   35.782306][ T6410]  f2fs_getxattr+0xf5c/0x1064
[   35.783315][ T6410]  f2fs_xattr_generic_get+0x130/0x174
[   35.784472][ T6410]  __vfs_getxattr+0x394/0x3c0
[   35.785385][ T6410]  smk_fetch+0xc8/0x150
[   35.786388][ T6410]  smack_d_instantiate+0x594/0x880
[   35.787518][ T6410]  security_d_instantiate+0x100/0x204
[   35.788600][ T6410]  d_splice_alias+0x70/0x310
[   35.789533][ T6410]  f2fs_lookup+0x4c8/0x948
[   35.790450][ T6410]  path_openat+0xf7c/0x2b14
[   35.791368][ T6410]  do_filp_open+0x1e8/0x404
[   35.792314][ T6410]  do_sys_openat2+0x124/0x1b8
[   35.793298][ T6410]  __arm64_sys_openat+0x1f0/0x240
[   35.794314][ T6410]  invoke_syscall+0x98/0x2b8
[   35.795209][ T6410]  el0_svc_common+0x130/0x23c
[   35.796230][ T6410]  do_el0_svc+0x48/0x58
[   35.797114][ T6410]  el0_svc+0x54/0x168
[   35.797875][ T6410]  el0t_64_sync_handler+0x84/0x108
[   35.799072][ T6410]  el0t_64_sync+0x198/0x19c
[   35.799962][ T6410] 
[   35.800466][ T6410] Allocated by task 6410:
[   35.801349][ T6410]  kasan_save_track+0x40/0x78
[   35.802431][ T6410]  kasan_save_alloc_info+0x40/0x50
[   35.803508][ T6410]  __kasan_kmalloc+0xac/0xc4
[   35.804575][ T6410]  __kmalloc_noprof+0x32c/0x54c
[   35.805661][ T6410]  f2fs_kzalloc+0x124/0x254
[   35.806674][ T6410]  f2fs_getxattr+0xc60/0x1064
[   35.807687][ T6410]  f2fs_xattr_generic_get+0x130/0x174
[   35.808858][ T6410]  __vfs_getxattr+0x394/0x3c0
[   35.809886][ T6410]  smk_fetch+0xc8/0x150
[   35.810842][ T6410]  smack_d_instantiate+0x594/0x880
[   35.811967][ T6410]  security_d_instantiate+0x100/0x204
[   35.813094][ T6410]  d_splice_alias+0x70/0x310
[   35.814136][ T6410]  f2fs_lookup+0x4c8/0x948
[   35.815086][ T6410]  path_openat+0xf7c/0x2b14
[   35.816125][ T6410]  do_filp_open+0x1e8/0x404
[   35.817113][ T6410]  do_sys_openat2+0x124/0x1b8
[   35.818154][ T6410]  __arm64_sys_openat+0x1f0/0x240
[   35.819155][ T6410]  invoke_syscall+0x98/0x2b8
[   35.820159][ T6410]  el0_svc_common+0x130/0x23c
[   35.821158][ T6410]  do_el0_svc+0x48/0x58
[   35.822042][ T6410]  el0_svc+0x54/0x168
[   35.822882][ T6410]  el0t_64_sync_handler+0x84/0x108
[   35.823904][ T6410]  el0t_64_sync+0x198/0x19c
[   35.824868][ T6410] 
[   35.825355][ T6410] The buggy address belongs to the object at ffff0000cd53e600
[   35.825355][ T6410]  which belongs to the cache kmalloc-16 of size 16
[   35.828394][ T6410] The buggy address is located 12 bytes to the right of
[   35.828394][ T6410]  allocated 12-byte region [ffff0000cd53e600, ffff0000cd53e60c)
[   35.831602][ T6410] 
[   35.832112][ T6410] The buggy address belongs to the physical page:
[   35.833509][ T6410] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d53e
[   35.835401][ T6410] anon flags: 0x5ffc00000000000(node=0|zone=2|lastcpupid=0x7ff)
[   35.836962][ T6410] page_type: f5(slab)
[   35.837814][ T6410] raw: 05ffc00000000000 ffff0000c0001640 0000000000000000 dead000000000001
[   35.839690][ T6410] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000
[   35.841412][ T6410] page dumped because: kasan: bad access detected
[   35.842774][ T6410] 
[   35.843272][ T6410] Memory state around the buggy address:
[   35.844501][ T6410]  ffff0000cd53e500: fa fb fc fc 00 03 fc fc 00 01 fc fc fa fb fc fc
[   35.846239][ T6410]  ffff0000cd53e580: fa fb fc fc fa fb fc fc 00 07 fc fc fa fb fc fc
[   35.847994][ T6410] >ffff0000cd53e600: 00 04 fc fc 00 06 fc fc 00 03 fc fc 00 03 fc fc
[   35.849688][ T6410]                             ^
[   35.850752][ T6410]  ffff0000cd53e680: 00 03 fc fc 00 03 fc fc 00 03 fc fc 00 03 fc fc
[   35.852425][ T6410]  ffff0000cd53e700: 00 03 fc fc 00 03 fc fc 00 03 fc fc 00 03 fc fc
[   35.854124][ T6410] ==================================================================
[   35.856037][ T6410] Disabling lock debugging due to kernel taint