Warning: Permanently added '10.128.1.46' (ED25519) to the list of known hosts. executing program [ 25.453689][ T24] audit: type=1400 audit(1748332295.640:64): avc: denied { execmem } for pid=275 comm="syz-executor299" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 25.544871][ T24] audit: type=1400 audit(1748332295.740:65): avc: denied { read write } for pid=275 comm="syz-executor299" name="loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 25.570274][ T24] audit: type=1400 audit(1748332295.740:66): avc: denied { open } for pid=275 comm="syz-executor299" path="/dev/loop0" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 25.595568][ T24] audit: type=1400 audit(1748332295.740:67): avc: denied { ioctl } for pid=275 comm="syz-executor299" path="/dev/loop0" dev="devtmpfs" ino=115 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 25.623340][ T24] audit: type=1400 audit(1748332295.820:68): avc: denied { mounton } for pid=275 comm="syz-executor299" path="/root/syzkaller.PvKmq3/file0" dev="sda1" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 25.717915][ T275] F2FS-fs (loop0): fault_injection options not supported [ 25.726430][ T275] F2FS-fs (loop0): invalid crc value [ 25.733014][ T275] F2FS-fs (loop0): Found nat_bits in checkpoint [ 25.753104][ T275] F2FS-fs (loop0): Start checkpoint disabled! [ 25.760542][ T275] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 25.768872][ T24] audit: type=1400 audit(1748332295.960:69): avc: denied { mount } for pid=275 comm="syz-executor299" name="/" dev="loop0" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 25.791375][ T24] audit: type=1400 audit(1748332295.980:70): avc: denied { write } for pid=275 comm="syz-executor299" name="/" dev="loop0" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 25.813615][ T24] audit: type=1400 audit(1748332295.980:71): avc: denied { add_name } for pid=275 comm="syz-executor299" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 25.832323][ T275] ------------[ cut here ]------------ [ 25.834957][ T24] audit: type=1400 audit(1748332295.980:72): avc: denied { create } for pid=275 comm="syz-executor299" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 25.840648][ T275] WARNING: CPU: 0 PID: 275 at fs/f2fs/segment.c:2582 new_curseg+0xe5d/0x18a0 [ 25.861532][ T24] audit: type=1400 audit(1748332295.980:73): avc: denied { write open } for pid=275 comm="syz-executor299" path="/root/syzkaller.PvKmq3/file0/file0" dev="loop0" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 25.896184][ T275] Modules linked in: [ 25.900708][ T275] CPU: 0 PID: 275 Comm: syz-executor299 Not tainted 5.10.237-syzkaller #0 [ 25.909583][ T275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 25.920560][ T275] RIP: 0010:new_curseg+0xe5d/0x18a0 [ 25.925819][ T275] Code: 0b 4c 8b bd 30 ff ff ff 4c 89 ff be 08 00 00 00 e8 88 d5 93 ff f0 41 80 0f 04 41 b5 01 45 89 f7 e9 4d fb ff ff e8 b3 e3 59 ff <0f> 0b 4c 8b a5 30 ff ff ff 4c 89 e7 be 08 00 00 00 e8 5d d5 93 ff [ 25.945839][ T275] RSP: 0018:ffffc90000b27738 EFLAGS: 00010293 [ 25.952240][ T275] RAX: ffffffff8209af4d RBX: ffff8881083f0d58 RCX: ffff88811b630000 [ 25.960930][ T275] RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000000000000018 [ 25.969661][ T275] RBP: ffffc90000b27828 R08: 0000000000000004 R09: 0000000000000003 [ 25.977938][ T275] R10: fffff52000164ed8 R11: 1ffff92000164ed8 R12: 0000000000000018 [ 25.986437][ T275] R13: 1ffff1102107e1ab R14: 0000000000000018 R15: 0000000000000017 [ 25.994570][ T275] FS: 000055558de5c480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 26.003620][ T275] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 26.010617][ T275] CR2: 00007f97043bb100 CR3: 00000001085ac000 CR4: 00000000003506b0 [ 26.018629][ T275] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 26.026983][ T275] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 26.035275][ T275] Call Trace: [ 26.038680][ T275] __allocate_new_segment+0x13d/0x810 [ 26.044394][ T275] f2fs_allocate_new_section+0x1d5/0x280 [ 26.050028][ T275] ? new_curseg+0x18a0/0x18a0 [ 26.054769][ T275] ? __kasan_check_write+0x14/0x20 [ 26.059892][ T275] ? down_read_trylock+0x100/0x150 [ 26.065120][ T275] ? __init_rwsem+0x1c0/0x1c0 [ 26.069919][ T275] ? has_not_enough_free_secs+0x3d7/0x8a0 [ 26.075688][ T275] expand_inode_data+0x5a8/0x930 [ 26.087045][ T275] ? f2fs_insert_range+0x5b0/0x5b0 [ 26.092349][ T275] ? inode_dio_wait+0x226/0x290 [ 26.097528][ T275] ? file_update_time+0x3a2/0x400 [ 26.102590][ T275] ? inode_owner_or_capable+0x140/0x140 [ 26.108234][ T275] f2fs_fallocate+0x42b/0x7e0 [ 26.112949][ T275] vfs_fallocate+0x4b4/0x590 [ 26.117575][ T275] do_vfs_ioctl+0x12e3/0x1510 [ 26.122816][ T275] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 26.128490][ T275] ? has_cap_mac_admin+0x330/0x330 [ 26.133683][ T275] ? __kasan_slab_free+0x11/0x20 [ 26.138911][ T275] ? slab_free_freelist_hook+0xc5/0x190 [ 26.144682][ T275] ? putname+0xfe/0x150 [ 26.148909][ T275] ? selinux_file_ioctl+0x377/0x480 [ 26.154678][ T275] ? selinux_file_alloc_security+0x120/0x120 [ 26.160653][ T275] ? do_sys_openat2+0x207/0x6d0 [ 26.165573][ T275] ? __kasan_check_read+0x11/0x20 [ 26.171363][ T275] ? security_file_ioctl+0x84/0xa0 [ 26.177007][ T275] __se_sys_ioctl+0x9f/0x1a0 [ 26.181604][ T275] __x64_sys_ioctl+0x7b/0x90 [ 26.187298][ T275] do_syscall_64+0x31/0x40 [ 26.192244][ T275] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.198494][ T275] RIP: 0033:0x7f970433dcf9 [ 26.202974][ T275] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 26.222809][ T275] RSP: 002b:00007ffddb15dba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 26.231425][ T275] RAX: ffffffffffffffda RBX: 6c3d79726f6d656d RCX: 00007f970433dcf9 [ 26.239750][ T275] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000005 [ 26.247874][ T275] RBP: 00007ffddb15dc78 R08: 00007f9704387168 R09: 00007f9704387168 [ 26.255983][ T275] R10: 00007f9704387168 R11: 0000000000000246 R12: 0000000000000000 [ 26.263962][ T275] R13: 00007ffddb15df18 R14: 0000000000000001 R15: 0000000000000001 [ 26.272006][ T275] ---[ end trace 2672346cf0dcb306 ]--- [ 26.277562][ T275] ------------[ cut here ]------------ [ 26.283227][ T275] WARNING: CPU: 0 PID: 275 at fs/f2fs/segment.c:2636 new_curseg+0x14c0/0x18a0 [ 26.292271][ T275] Modules linked in: [ 26.296442][ T275] CPU: 0 PID: 275 Comm: syz-executor299 Tainted: G W 5.10.237-syzkaller #0 [ 26.306617][ T275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 26.316724][ T275] RIP: 0010:new_curseg+0x14c0/0x18a0 [ 26.322127][ T275] Code: ff e8 74 dd 59 ff 0f 0b 4c 8b 75 d0 49 8d 7e 78 be 08 00 00 00 e8 20 cf 93 ff f0 41 80 4e 78 04 e9 ba ed ff ff e8 50 dd 59 ff <0f> 0b 48 8b 5d d0 48 8d 7b 78 be 08 00 00 00 e8 fc ce 93 ff f0 80 [ 26.342466][ T275] RSP: 0018:ffffc90000b27738 EFLAGS: 00010293 [ 26.348655][ T275] RAX: ffffffff8209b5b0 RBX: ffff88811a290301 RCX: ffff88811b630000 [ 26.356747][ T275] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002 [ 26.364837][ T275] RBP: ffffc90000b27828 R08: dffffc0000000000 R09: ffffed102345206f [ 26.372836][ T275] R10: ffffed102345206f R11: 1ffff1102345206e R12: 0000000000000000 [ 26.381000][ T275] R13: 0000000000000018 R14: 0000000000000001 R15: 0000000000000018 [ 26.389084][ T275] FS: 000055558de5c480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 26.398114][ T275] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 26.405539][ T275] CR2: 00007f97043bb100 CR3: 00000001085ac000 CR4: 00000000003506b0 [ 26.413523][ T275] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 26.421539][ T275] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 26.429847][ T275] Call Trace: [ 26.433377][ T275] __allocate_new_segment+0x13d/0x810 [ 26.439877][ T275] f2fs_allocate_new_section+0x1d5/0x280 [ 26.445795][ T275] ? new_curseg+0x18a0/0x18a0 [ 26.450481][ T275] ? __kasan_check_write+0x14/0x20 [ 26.455732][ T275] ? down_read_trylock+0x100/0x150 [ 26.461121][ T275] ? __init_rwsem+0x1c0/0x1c0 [ 26.466107][ T275] ? has_not_enough_free_secs+0x3d7/0x8a0 [ 26.471886][ T275] expand_inode_data+0x5a8/0x930 [ 26.476922][ T275] ? f2fs_insert_range+0x5b0/0x5b0 [ 26.482356][ T275] ? inode_dio_wait+0x226/0x290 [ 26.487302][ T275] ? file_update_time+0x3a2/0x400 [ 26.492329][ T275] ? inode_owner_or_capable+0x140/0x140 [ 26.498210][ T275] f2fs_fallocate+0x42b/0x7e0 [ 26.503026][ T275] vfs_fallocate+0x4b4/0x590 [ 26.507694][ T275] do_vfs_ioctl+0x12e3/0x1510 [ 26.512538][ T275] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 26.518322][ T275] ? has_cap_mac_admin+0x330/0x330 [ 26.523548][ T275] ? __kasan_slab_free+0x11/0x20 [ 26.528640][ T275] ? slab_free_freelist_hook+0xc5/0x190 [ 26.534555][ T275] ? putname+0xfe/0x150 [ 26.539092][ T275] ? selinux_file_ioctl+0x377/0x480 [ 26.544895][ T275] ? selinux_file_alloc_security+0x120/0x120 [ 26.550889][ T275] ? do_sys_openat2+0x207/0x6d0 [ 26.555816][ T275] ? __kasan_check_read+0x11/0x20 [ 26.560970][ T275] ? security_file_ioctl+0x84/0xa0 [ 26.566232][ T275] __se_sys_ioctl+0x9f/0x1a0 [ 26.570912][ T275] __x64_sys_ioctl+0x7b/0x90 [ 26.575552][ T275] do_syscall_64+0x31/0x40 [ 26.580110][ T275] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.586411][ T275] RIP: 0033:0x7f970433dcf9 [ 26.591016][ T275] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 26.611275][ T275] RSP: 002b:00007ffddb15dba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 26.620249][ T275] RAX: ffffffffffffffda RBX: 6c3d79726f6d656d RCX: 00007f970433dcf9 [ 26.628266][ T275] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000005 [ 26.636370][ T275] RBP: 00007ffddb15dc78 R08: 00007f9704387168 R09: 00007f9704387168 [ 26.645232][ T275] R10: 00007f9704387168 R11: 0000000000000246 R12: 0000000000000000 [ 26.653202][ T275] R13: 00007ffddb15df18 R14: 0000000000000001 R15: 0000000000000001 [ 26.662033][ T275] ---[ end trace 2672346cf0dcb307 ]--- [ 26.667881][ T275] ================================================================== [ 26.676679][ T275] BUG: KASAN: slab-out-of-bounds in reset_curseg+0x4dd/0x560 [ 26.684141][ T275] Read of size 4 at addr ffff88812085abc0 by task syz-executor299/275 [ 26.692629][ T275] [ 26.694966][ T275] CPU: 1 PID: 275 Comm: syz-executor299 Tainted: G W 5.10.237-syzkaller #0 [ 26.704901][ T275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 26.715040][ T275] Call Trace: [ 26.718329][ T275] __dump_stack+0x21/0x24 [ 26.722645][ T275] dump_stack_lvl+0x169/0x1d8 [ 26.727614][ T275] ? show_regs_print_info+0x18/0x18 [ 26.732819][ T275] ? thaw_kernel_threads+0x220/0x220 [ 26.738116][ T275] print_address_description+0x7f/0x2c0 [ 26.743992][ T275] ? reset_curseg+0x4dd/0x560 [ 26.748661][ T275] kasan_report+0xe2/0x130 [ 26.753065][ T275] ? reset_curseg+0x4dd/0x560 [ 26.757780][ T275] __asan_report_load4_noabort+0x14/0x20 [ 26.764050][ T275] reset_curseg+0x4dd/0x560 [ 26.768548][ T275] new_curseg+0x12f6/0x18a0 [ 26.773048][ T275] __allocate_new_segment+0x13d/0x810 [ 26.778932][ T275] f2fs_allocate_new_section+0x1d5/0x280 [ 26.784554][ T275] ? new_curseg+0x18a0/0x18a0 [ 26.789220][ T275] ? __kasan_check_write+0x14/0x20 [ 26.794317][ T275] ? down_read_trylock+0x100/0x150 [ 26.799410][ T275] ? __init_rwsem+0x1c0/0x1c0 [ 26.804097][ T275] ? has_not_enough_free_secs+0x3d7/0x8a0 [ 26.809798][ T275] expand_inode_data+0x5a8/0x930 [ 26.814870][ T275] ? f2fs_insert_range+0x5b0/0x5b0 [ 26.819987][ T275] ? inode_dio_wait+0x226/0x290 [ 26.825021][ T275] ? file_update_time+0x3a2/0x400 [ 26.830204][ T275] ? inode_owner_or_capable+0x140/0x140 [ 26.835844][ T275] f2fs_fallocate+0x42b/0x7e0 [ 26.840533][ T275] vfs_fallocate+0x4b4/0x590 [ 26.845136][ T275] do_vfs_ioctl+0x12e3/0x1510 [ 26.849932][ T275] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 26.856124][ T275] ? has_cap_mac_admin+0x330/0x330 [ 26.861230][ T275] ? __kasan_slab_free+0x11/0x20 [ 26.866169][ T275] ? slab_free_freelist_hook+0xc5/0x190 [ 26.871821][ T275] ? putname+0xfe/0x150 [ 26.875962][ T275] ? selinux_file_ioctl+0x377/0x480 [ 26.881144][ T275] ? selinux_file_alloc_security+0x120/0x120 [ 26.887535][ T275] ? do_sys_openat2+0x207/0x6d0 [ 26.892784][ T275] ? __kasan_check_read+0x11/0x20 [ 26.898082][ T275] ? security_file_ioctl+0x84/0xa0 [ 26.903291][ T275] __se_sys_ioctl+0x9f/0x1a0 [ 26.907979][ T275] __x64_sys_ioctl+0x7b/0x90 [ 26.912656][ T275] do_syscall_64+0x31/0x40 [ 26.917055][ T275] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 26.922926][ T275] RIP: 0033:0x7f970433dcf9 [ 26.927345][ T275] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 26.947795][ T275] RSP: 002b:00007ffddb15dba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 26.956332][ T275] RAX: ffffffffffffffda RBX: 6c3d79726f6d656d RCX: 00007f970433dcf9 [ 26.964903][ T275] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000005 [ 26.973082][ T275] RBP: 00007ffddb15dc78 R08: 00007f9704387168 R09: 00007f9704387168 [ 26.981431][ T275] R10: 00007f9704387168 R11: 0000000000000246 R12: 0000000000000000 [ 26.989406][ T275] R13: 00007ffddb15df18 R14: 0000000000000001 R15: 0000000000000001 [ 26.997598][ T275] [ 27.000030][ T275] Allocated by task 275: [ 27.004308][ T275] __kasan_kmalloc+0xda/0x110 [ 27.009067][ T275] __kmalloc+0x1a7/0x330 [ 27.013424][ T275] kvmalloc_node+0x88/0x130 [ 27.018136][ T275] f2fs_build_segment_manager+0xdba/0x48f0 [ 27.024045][ T275] f2fs_fill_super+0x42d1/0x6c70 [ 27.029594][ T275] mount_bdev+0x28b/0x3a0 [ 27.034234][ T275] f2fs_mount+0x34/0x40 [ 27.038470][ T275] legacy_get_tree+0xed/0x190 [ 27.044069][ T275] vfs_get_tree+0x89/0x260 [ 27.049129][ T275] do_new_mount+0x25a/0xa20 [ 27.053627][ T275] path_mount+0x572/0xc80 [ 27.058059][ T275] __se_sys_mount+0x318/0x380 [ 27.062844][ T275] __x64_sys_mount+0xbf/0xd0 [ 27.067420][ T275] do_syscall_64+0x31/0x40 [ 27.071842][ T275] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.077985][ T275] [ 27.080440][ T275] The buggy address belongs to the object at ffff88812085a800 [ 27.080440][ T275] which belongs to the cache kmalloc-1k of size 1024 [ 27.094611][ T275] The buggy address is located 960 bytes inside of [ 27.094611][ T275] 1024-byte region [ffff88812085a800, ffff88812085ac00) [ 27.108444][ T275] The buggy address belongs to the page: [ 27.114079][ T275] page:ffffea0004821600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x120858 [ 27.124512][ T275] head:ffffea0004821600 order:3 compound_mapcount:0 compound_pincount:0 [ 27.132999][ T275] flags: 0x4000000000010200(slab|head) [ 27.138665][ T275] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100042f00 [ 27.147694][ T275] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 27.156440][ T275] page dumped because: kasan: bad access detected [ 27.163338][ T275] page_owner tracks the page as allocated [ 27.169144][ T275] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 274, ts 25442773686, free_ts 0 [ 27.187633][ T275] prep_new_page+0x179/0x180 [ 27.192454][ T275] get_page_from_freelist+0x2235/0x23d0 [ 27.198383][ T275] __alloc_pages_nodemask+0x268/0x5f0 [ 27.204013][ T275] new_slab+0x84/0x3f0 [ 27.208577][ T275] ___slab_alloc+0x2a6/0x450 [ 27.213669][ T275] __slab_alloc+0x63/0xa0 [ 27.218139][ T275] __kmalloc+0x201/0x330 [ 27.222819][ T275] alloc_pipe_info+0x1fc/0x4b0 [ 27.227721][ T275] create_pipe_files+0x8d/0x6c0 [ 27.232897][ T275] __do_pipe_flags+0x4f/0x200 [ 27.237897][ T275] do_pipe2+0x99/0x170 [ 27.242011][ T275] __x64_sys_pipe2+0x5a/0x70 [ 27.246724][ T275] do_syscall_64+0x31/0x40 [ 27.251154][ T275] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.257335][ T275] page_owner free stack trace missing [ 27.263000][ T275] [ 27.265556][ T275] Memory state around the buggy address: [ 27.271523][ T275] ffff88812085aa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.280060][ T275] ffff88812085ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 27.288342][ T275] >ffff88812085ab80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 27.296998][ T275] ^ [ 27.303510][ T275] ffff88812085ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.311966][ T275] ffff88812085ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.320032][ T275] ================================================================== [ 27.328623][ T275] Disabling lock debugging due to kernel taint [ 27.335611][ T275] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 27.348146][ T275] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 27.356672][ T275] CPU: 1 PID: 275 Comm: syz-executor299 Tainted: G B W 5.10.237-syzkaller #0 [ 27.367201][ T275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 27.377767][ T275] RIP: 0010:update_sit_entry+0x3eb/0xf50 [ 27.383623][ T275] Code: 89 45 a8 49 01 c5 41 f6 d7 41 80 e7 07 44 89 f9 41 bf 01 00 00 00 41 d3 e7 4d 89 ee 49 c1 ee 03 48 b8 00 00 00 00 00 fc ff df <41> 0f b6 04 06 84 c0 0f 85 a5 08 00 00 41 0f b6 5d 00 44 89 f8 41 [ 27.403662][ T275] RSP: 0018:ffffc90000b27350 EFLAGS: 00010246 [ 27.409807][ T275] RAX: dffffc0000000000 RBX: ffff88812085abc8 RCX: 0000000000000007 [ 27.418202][ T275] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88812085abc8 [ 27.426356][ T275] RBP: ffffc90000b273d0 R08: ffff88811b630000 R09: 0000000000000003 [ 27.434340][ T275] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000004000 [ 27.442479][ T275] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000080 [ 27.450773][ T275] FS: 000055558de5c480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 27.459699][ T275] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 27.466554][ T275] CR2: 00007f37af8c5000 CR3: 00000001085ac000 CR4: 00000000003506a0 [ 27.474987][ T275] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 27.483229][ T275] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 27.491222][ T275] Call Trace: [ 27.494519][ T275] ? __asan_report_store8_noabort+0x17/0x20 [ 27.500458][ T275] f2fs_allocate_data_block+0x156b/0x3a10 [ 27.506516][ T275] ? _raw_spin_unlock+0x4d/0x70 [ 27.511525][ T275] ? f2fs_inode_dirtied+0x26b/0x2a0 [ 27.516712][ T275] ? f2fs_io_type_to_rw_hint+0x1e0/0x1e0 [ 27.522354][ T275] ? f2fs_mark_inode_dirty_sync+0x110/0x140 [ 27.528700][ T275] ? inc_valid_block_count+0x562/0xa90 [ 27.534143][ T275] __allocate_data_block+0x52a/0x980 [ 27.539642][ T275] ? f2fs_map_blocks+0x35c0/0x35c0 [ 27.544744][ T275] f2fs_map_blocks+0xdc8/0x35c0 [ 27.549595][ T275] ? __kasan_check_write+0x14/0x20 [ 27.554928][ T275] ? f2fs_do_map_lock+0x290/0x290 [ 27.560005][ T275] ? __kasan_check_write+0x14/0x20 [ 27.565110][ T275] ? down_read_trylock+0x100/0x150 [ 27.570295][ T275] expand_inode_data+0x5d7/0x930 [ 27.575520][ T275] ? f2fs_insert_range+0x5b0/0x5b0 [ 27.580878][ T275] ? inode_dio_wait+0x226/0x290 [ 27.585715][ T275] ? file_update_time+0x3a2/0x400 [ 27.590728][ T275] ? inode_owner_or_capable+0x140/0x140 [ 27.596459][ T275] f2fs_fallocate+0x42b/0x7e0 [ 27.601139][ T275] vfs_fallocate+0x4b4/0x590 [ 27.605938][ T275] do_vfs_ioctl+0x12e3/0x1510 [ 27.610595][ T275] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 27.616681][ T275] ? has_cap_mac_admin+0x330/0x330 [ 27.621967][ T275] ? __kasan_slab_free+0x11/0x20 [ 27.627017][ T275] ? slab_free_freelist_hook+0xc5/0x190 [ 27.632713][ T275] ? putname+0xfe/0x150 [ 27.636878][ T275] ? selinux_file_ioctl+0x377/0x480 [ 27.642483][ T275] ? selinux_file_alloc_security+0x120/0x120 [ 27.648456][ T275] ? do_sys_openat2+0x207/0x6d0 [ 27.653300][ T275] ? __kasan_check_read+0x11/0x20 [ 27.658450][ T275] ? security_file_ioctl+0x84/0xa0 [ 27.663555][ T275] __se_sys_ioctl+0x9f/0x1a0 [ 27.668139][ T275] __x64_sys_ioctl+0x7b/0x90 [ 27.672741][ T275] do_syscall_64+0x31/0x40 [ 27.677394][ T275] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.683626][ T275] RIP: 0033:0x7f970433dcf9 [ 27.688037][ T275] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 27.708283][ T275] RSP: 002b:00007ffddb15dba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 27.716720][ T275] RAX: ffffffffffffffda RBX: 6c3d79726f6d656d RCX: 00007f970433dcf9 [ 27.725111][ T275] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000005 [ 27.733805][ T275] RBP: 00007ffddb15dc78 R08: 00007f9704387168 R09: 00007f9704387168 [ 27.742251][ T275] R10: 00007f9704387168 R11: 0000000000000246 R12: 0000000000000000 [ 27.750988][ T275] R13: 00007ffddb15df18 R14: 0000000000000001 R15: 0000000000000001 [ 27.759168][ T275] Modules linked in: [ 27.763218][ T275] ---[ end trace 2672346cf0dcb308 ]--- [ 27.769184][ T275] RIP: 0010:update_sit_entry+0x3eb/0xf50 [ 27.775192][ T275] Code: 89 45 a8 49 01 c5 41 f6 d7 41 80 e7 07 44 89 f9 41 bf 01 00 00 00 41 d3 e7 4d 89 ee 49 c1 ee 03 48 b8 00 00 00 00 00 fc ff df <41> 0f b6 04 06 84 c0 0f 85 a5 08 00 00 41 0f b6 5d 00 44 89 f8 41 [ 27.794858][ T275] RSP: 0018:ffffc90000b27350 EFLAGS: 00010246 [ 27.801075][ T275] RAX: dffffc0000000000 RBX: ffff88812085abc8 RCX: 0000000000000007 [ 27.809159][ T275] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88812085abc8 [ 27.817391][ T275] RBP: ffffc90000b273d0 R08: ffff88811b630000 R09: 0000000000000003 [ 27.825419][ T275] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000004000 [ 27.833590][ T275] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000080 [ 27.841858][ T275] FS: 000055558de5c480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 27.850967][ T275] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 27.857870][ T275] CR2: 00007f37af8c5000 CR3: 00000001085ac000 CR4: 00000000003506a0 [ 27.866309][ T275] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 27.874523][ T275] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 27.882946][ T275] Kernel panic - not syncing: Fatal exception [ 27.889119][ T275] Kernel Offset: disabled [ 27.893520][ T275] Rebooting in 86400 seconds..