[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.134' (ECDSA) to the list of known hosts. syzkaller login: [ 57.448741] IPVS: ftp: loaded support on port[0] = 21 executing program [ 57.751373] ====================================================== [ 57.751373] WARNING: the mand mount option is being deprecated and [ 57.751373] will be removed in v5.15! [ 57.751373] ====================================================== [ 57.776136] F2FS-fs (loop0): Corrupted extension count (4278190117 + 1 > 64) [ 57.784674] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 57.793710] F2FS-fs (loop0): invalid crc value [ 57.800819] F2FS-fs (loop0): Found nat_bits in checkpoint [ 57.823463] F2FS-fs (loop0): recover fsync data on readonly fs [ 57.830626] F2FS-fs (loop0): Try to recover 2th superblock, ret: -30 [ 57.837928] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 57.845722] F2FS-fs (loop0): Corrupted max_depth of 3: 2049 [ 57.854746] syz-executor360[8114]: segfault at 0 ip 00007f1e2a338ac0 sp 00007ffe6067cee8 error 4 in syz-executor3603873955[7f1e2a2d2000+88000] [ 57.867934] Code: 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 74 48 83 e0 f0 <66> 0f 74 00 66 0f 74 48 10 66 0f 74 50 20 66 0f 74 58 30 66 0f d7 [ 57.893466] ------------[ cut here ]------------ [ 57.898750] kernel BUG at fs/f2fs/inode.c:706! [ 57.904293] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 57.909667] CPU: 0 PID: 8114 Comm: syz-executor360 Not tainted 4.19.211-syzkaller #0 [ 57.917525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 57.926868] RIP: 0010:f2fs_evict_inode+0x1054/0x1330 [ 57.931952] Code: de e8 60 27 52 fe 85 db 0f 84 1a ff ff ff e9 08 ff ff ff e8 de 25 52 fe 48 89 ef e8 26 58 03 00 e9 29 f4 ff ff e8 cc 25 52 fe <0f> 0b 4c 89 f7 e8 b2 02 88 fe e9 61 f6 ff ff e8 a8 02 88 fe e9 38 [ 57.950836] RSP: 0018:ffff8880b15af6d0 EFLAGS: 00010293 [ 57.956180] RAX: ffff8880b162e080 RBX: 0000000000000001 RCX: ffffffff831053bf [ 57.963431] RDX: 0000000000000000 RSI: ffffffff83105fa4 RDI: 0000000000000007 [ 57.970680] RBP: ffff88808b0970c0 R08: 0000000000000000 R09: 0000000000000000 [ 57.977931] R10: 0000000000000007 R11: 0000000000074071 R12: ffff8880b00ac0c0 [ 57.985188] R13: ffff88808b097490 R14: ffff88808b097518 R15: ffff8880b25f0978 [ 57.992440] FS: 0000555555c30300(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 [ 58.000645] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.006505] CR2: 00007f8ae5245000 CR3: 00000000a0e10000 CR4: 00000000003406f0 [ 58.013757] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.021008] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.028255] Call Trace: [ 58.030830] ? f2fs_write_inode+0x600/0x600 [ 58.035133] evict+0x2ed/0x760 [ 58.038308] dispose_list+0x124/0x1f0 [ 58.042095] evict_inodes+0x341/0x430 [ 58.045879] ? dispose_list+0x1f0/0x1f0 [ 58.049838] ? shrink_dcache_for_umount+0x165/0x330 [ 58.054839] generic_shutdown_super+0xb3/0x370 [ 58.059405] kill_block_super+0x97/0xf0 [ 58.064047] kill_f2fs_super+0x241/0x330 [ 58.068092] ? __f2fs_commit_super+0x110/0x110 [ 58.072657] ? unregister_shrinker+0x1cb/0x300 [ 58.077221] ? unregister_shrinker+0x1cb/0x300 [ 58.081789] deactivate_locked_super+0x94/0x160 [ 58.086439] deactivate_super+0x174/0x1a0 [ 58.090568] ? deactivate_locked_super+0x160/0x160 [ 58.095481] ? dput+0x31/0x640 [ 58.098659] cleanup_mnt+0x1a8/0x290 [ 58.102360] task_work_run+0x148/0x1c0 [ 58.106232] do_exit+0xbf3/0x2be0 [ 58.109671] ? mm_update_next_owner+0x650/0x650 [ 58.114326] do_group_exit+0x125/0x310 [ 58.118201] get_signal+0x3f2/0x1f70 [ 58.121909] do_signal+0x8f/0x1670 [ 58.125434] ? setup_sigcontext+0x820/0x820 [ 58.129747] ? show_opcodes.cold+0x46/0x48 [ 58.133970] ? __do_page_fault+0x180/0xd60 [ 58.138190] ? exit_to_usermode_loop+0x36/0x2a0 [ 58.142843] exit_to_usermode_loop+0x204/0x2a0 [ 58.147408] prepare_exit_to_usermode+0x277/0x2d0 [ 58.152233] ? page_fault+0x8/0x30 [ 58.155753] retint_user+0x8/0x18 [ 58.159187] RIP: 0033:0x7f1e2a338ac0 [ 58.162881] Code: Bad RIP value. [ 58.166223] RSP: 002b:00007ffe6067cee8 EFLAGS: 00010246 [ 58.171564] RAX: 0000000000000000 RBX: 00000000000000e0 RCX: 0000000000000000 [ 58.178813] RDX: 00000000000000e0 RSI: 00000000000000e0 RDI: 0000000000000000 [ 58.186152] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 58.193421] R10: 00000000000000c0 R11: 00000000000000e0 R12: 0000000020000100 [ 58.200680] R13: 00007ffe6067cfb0 R14: 0000000000000000 R15: 00007ffe6067cfb0 [ 58.207935] Modules linked in: [ 58.212062] ---[ end trace d3a5ba92d399075f ]--- [ 58.217334] RIP: 0010:f2fs_evict_inode+0x1054/0x1330 [ 58.222436] Code: de e8 60 27 52 fe 85 db 0f 84 1a ff ff ff e9 08 ff ff ff e8 de 25 52 fe 48 89 ef e8 26 58 03 00 e9 29 f4 ff ff e8 cc 25 52 fe <0f> 0b 4c 89 f7 e8 b2 02 88 fe e9 61 f6 ff ff e8 a8 02 88 fe e9 38 [ 58.242078] RSP: 0018:ffff8880b15af6d0 EFLAGS: 00010293 [ 58.248285] RAX: ffff8880b162e080 RBX: 0000000000000001 RCX: ffffffff831053bf [ 58.255770] RDX: 0000000000000000 RSI: ffffffff83105fa4 RDI: 0000000000000007 [ 58.263241] RBP: ffff88808b0970c0 R08: 0000000000000000 R09: 0000000000000000 [ 58.270583] R10: 0000000000000007 R11: 0000000000074071 R12: ffff8880b00ac0c0 [ 58.278081] R13: ffff88808b097490 R14: ffff88808b097518 R15: ffff8880b25f0978 [ 58.285515] FS: 0000555555c30300(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 [ 58.293919] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 58.299826] CR2: 000055bf7005c2e8 CR3: 0000000094248000 CR4: 00000000003406e0 [ 58.307318] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.314778] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.322037] Kernel panic - not syncing: Fatal exception [ 58.327534] Kernel Offset: disabled [ 58.331141] Rebooting in 86400 seconds..