Warning: Permanently added '10.128.1.193' (ED25519) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
[ 55.723849][ T3582] loop2: detected capacity change from 0 to 40427
[ 55.752867][ T3576] loop1: detected capacity change from 0 to 40427
[ 55.767064][ T3584] loop4: detected capacity change from 0 to 40427
[ 55.797131][ T3580] loop0: detected capacity change from 0 to 40427
[ 55.805697][ T3583] loop3: detected capacity change from 0 to 40427
[ 55.809009][ T3576] F2FS-fs (loop1): invalid crc value
[ 55.817834][ T3584] F2FS-fs (loop4): invalid crc value
[ 55.822482][ T3576] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 55.826826][ T3584] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 55.864741][ T3582] F2FS-fs (loop2): invalid crc value
[ 55.864784][ T3580] F2FS-fs (loop0): invalid crc value
[ 55.876484][ T3583] F2FS-fs (loop3): invalid crc value
[ 55.898556][ T3580] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 55.906931][ T3582] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 55.928017][ T3583] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 55.934352][ T3576] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 55.966514][ T3576] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=d000000, run fsck to fix.
[ 55.996182][ T3576] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) has corrupted i_xattr_nid: 218103808, run fsck to fix.
[ 55.996270][ T3584] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 56.039299][ T3604] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=d000000, run fsck to fix.
[ 56.060577][ T3604] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) has corrupted i_xattr_nid: 218103808, run fsck to fix.
[ 56.062122][ T3580] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 56.080314][ T3582] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 56.083315][ T3584] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=d000000, run fsck to fix.
[ 56.100165][ T3582] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=d000000, run fsck to fix.
[ 56.115195][ T3583] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 56.115729][ T3604] ==================================================================
[ 56.130963][ T3604] BUG: KASAN: use-after-free in f2fs_destroy_extent_tree+0x151/0x670
[ 56.132429][ T3584] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) has corrupted i_xattr_nid: 218103808, run fsck to fix.
[ 56.139078][ T3604] Read of size 4 at addr ffff88806e5ef080 by task syz-executor738/3604
[ 56.139097][ T3604]
[ 56.139111][ T3604] CPU: 1 PID: 3604 Comm: syz-executor738 Not tainted 5.15.167-syzkaller #0
[ 56.139132][ T3604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 56.139149][ T3604] Call Trace:
[ 56.139157][ T3604]
[ 56.139166][ T3604] dump_stack_lvl+0x1e3/0x2d0
[ 56.139195][ T3604] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 56.139216][ T3604] ? _printk+0xd1/0x120
[ 56.153339][ T3583] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=d000000, run fsck to fix.
[ 56.158904][ T3604] ? __wake_up_klogd+0xcc/0x100
[ 56.158935][ T3604] ? panic+0x860/0x860
[ 56.158957][ T3604] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 56.159001][ T3604] print_address_description+0x63/0x3b0
[ 56.159027][ T3604] ? f2fs_destroy_extent_tree+0x151/0x670
[ 56.159051][ T3604] kasan_report+0x16b/0x1c0
[ 56.159074][ T3604] ? f2fs_destroy_extent_tree+0x151/0x670
[ 56.159101][ T3604] kasan_check_range+0x27e/0x290
[ 56.162779][ T3580] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=d000000, run fsck to fix.
[ 56.169989][ T3604] f2fs_destroy_extent_tree+0x151/0x670
[ 56.170027][ T3604] f2fs_evict_inode+0x3b1/0x1510
[ 56.170057][ T3604] ? do_raw_spin_unlock+0x137/0x8b0
[ 56.170084][ T3604] ? f2fs_write_inode+0x540/0x540
[ 56.170105][ T3604] evict+0x529/0x930
[ 56.182109][ T3583] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) has corrupted i_xattr_nid: 218103808, run fsck to fix.
[ 56.183527][ T3604] ? __lock_acquire+0x1ff0/0x1ff0
[ 56.187255][ T3583] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=d000000, run fsck to fix.
[ 56.191133][ T3604] ? mode_strip_sgid+0x210/0x210
[ 56.197500][ T3583] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) has corrupted i_xattr_nid: 218103808, run fsck to fix.
[ 56.200905][ T3604] ? _raw_spin_unlock+0x24/0x40
[ 56.210717][ T3580] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) has corrupted i_xattr_nid: 218103808, run fsck to fix.
[ 56.215107][ T3604] f2fs_iget+0x1ca5/0x4b90
[ 56.215166][ T3604] f2fs_nfs_get_inode+0x70/0x100
[ 56.220461][ T3582] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) has corrupted i_xattr_nid: 218103808, run fsck to fix.
[ 56.224768][ T3604] ? f2fs_fh_to_parent+0x40/0x40
[ 56.231129][ T3609] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=d000000, run fsck to fix.
[ 56.236282][ T3604] generic_fh_to_dentry+0x94/0xe0
[ 56.236322][ T3604] ? do_handle_open+0x960/0x960
[ 56.236348][ T3604] exportfs_decode_fh_raw+0x140/0x590
[ 56.242102][ T3609] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) has corrupted i_xattr_nid: 218103808, run fsck to fix.
[ 56.246791][ T3604] ? do_handle_open+0x960/0x960
[ 56.246826][ T3604] ? exportfs_encode_fh+0x430/0x430
[ 56.246873][ T3604] ? __fget_files+0x413/0x480
[ 56.421627][ T3604] ? do_handle_open+0x960/0x960
[ 56.426567][ T3604] exportfs_decode_fh+0x38/0x70
[ 56.431669][ T3604] do_handle_open+0x44c/0x960
[ 56.436366][ T3604] ? __x64_compat_sys_open_by_handle_at+0x80/0x80
[ 56.442789][ T3604] ? syscall_enter_from_user_mode+0x2e/0x240
[ 56.448788][ T3604] ? lockdep_hardirqs_on+0x94/0x130
[ 56.454001][ T3604] ? syscall_enter_from_user_mode+0x2e/0x240
[ 56.460019][ T3604] do_syscall_64+0x3b/0xb0
[ 56.464544][ T3604] ? clear_bhb_loop+0x15/0x70
[ 56.469317][ T3604] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 56.475215][ T3604] RIP: 0033:0x7fc2e8d66a39
[ 56.479628][ T3604] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 56.499246][ T3604] RSP: 002b:00007fc2e8d02168 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[ 56.507761][ T3604] RAX: ffffffffffffffda RBX: 00007fc2e8df2618 RCX: 00007fc2e8d66a39
[ 56.516161][ T3604] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[ 56.524122][ T3604] RBP: 00007fc2e8df2610 R08: 00007ffc73ab54b7 R09: 0000000000000000
[ 56.532079][ T3604] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc2e8df261c
[ 56.540046][ T3604] R13: 000000000000006e R14: 00007ffc73ab53d0 R15: 00007ffc73ab54b8
[ 56.548104][ T3604]
[ 56.551219][ T3604]
[ 56.553537][ T3604] Allocated by task 3576:
[ 56.557868][ T3604] __kasan_slab_alloc+0x8e/0xc0
[ 56.562713][ T3604] slab_post_alloc_hook+0x53/0x380
[ 56.567831][ T3604] kmem_cache_alloc+0xf3/0x280
[ 56.572587][ T3604] f2fs_init_extent_tree+0x58d/0xc50
[ 56.577877][ T3604] f2fs_iget+0xfb0/0x4b90
[ 56.582194][ T3604] f2fs_nfs_get_inode+0x70/0x100
[ 56.587140][ T3604] generic_fh_to_dentry+0x94/0xe0
[ 56.592159][ T3604] exportfs_decode_fh_raw+0x140/0x590
[ 56.597521][ T3604] exportfs_decode_fh+0x38/0x70
[ 56.602450][ T3604] do_handle_open+0x44c/0x960
[ 56.607123][ T3604] do_syscall_64+0x3b/0xb0
[ 56.611534][ T3604] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 56.617449][ T3604]
[ 56.619758][ T3604] Freed by task 3576:
[ 56.623719][ T3604] kasan_set_track+0x4b/0x80
[ 56.628301][ T3604] kasan_set_free_info+0x1f/0x40
[ 56.633236][ T3604] ____kasan_slab_free+0xd8/0x120
[ 56.638254][ T3604] slab_free_freelist_hook+0xdd/0x160
[ 56.643627][ T3604] kmem_cache_free+0x91/0x1f0
[ 56.648382][ T3604] f2fs_destroy_extent_tree+0x382/0x670
[ 56.653915][ T3604] f2fs_evict_inode+0x3b1/0x1510
[ 56.658866][ T3604] evict+0x529/0x930
[ 56.662751][ T3604] f2fs_iget+0x1ca5/0x4b90
[ 56.667153][ T3604] f2fs_nfs_get_inode+0x70/0x100
[ 56.672083][ T3604] generic_fh_to_dentry+0x94/0xe0
[ 56.677094][ T3604] exportfs_decode_fh_raw+0x140/0x590
[ 56.682454][ T3604] exportfs_decode_fh+0x38/0x70
[ 56.687290][ T3604] do_handle_open+0x44c/0x960
[ 56.691956][ T3604] do_syscall_64+0x3b/0xb0
[ 56.696359][ T3604] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 56.702246][ T3604]
[ 56.704560][ T3604] The buggy address belongs to the object at ffff88806e5ef000
[ 56.704560][ T3604] which belongs to the cache f2fs_extent_tree of size 136
[ 56.719031][ T3604] The buggy address is located 128 bytes inside of
[ 56.719031][ T3604] 136-byte region [ffff88806e5ef000, ffff88806e5ef088)
[ 56.732378][ T3604] The buggy address belongs to the page:
[ 56.738003][ T3604] page:ffffea0001b97bc0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6e5ef
[ 56.748410][ T3604] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 56.755947][ T3604] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff88801e7963c0
[ 56.764518][ T3604] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000
[ 56.773082][ T3604] page dumped because: kasan: bad access detected
[ 56.779483][ T3604] page_owner tracks the page as allocated
[ 56.785197][ T3604] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x12c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_RECLAIMABLE), pid 3576, ts 55965798973, free_ts 15761265160
[ 56.803158][ T3604] get_page_from_freelist+0x322a/0x33c0
[ 56.808805][ T3604] __alloc_pages+0x272/0x700
[ 56.813381][ T3604] new_slab+0xbb/0x4b0
[ 56.817438][ T3604] ___slab_alloc+0x6f6/0xe10
[ 56.822111][ T3604] kmem_cache_alloc+0x18e/0x280
[ 56.827057][ T3604] f2fs_init_extent_tree+0x58d/0xc50
[ 56.832429][ T3604] f2fs_iget+0xfb0/0x4b90
[ 56.836773][ T3604] f2fs_nfs_get_inode+0x70/0x100
[ 56.841718][ T3604] generic_fh_to_dentry+0x94/0xe0
[ 56.846770][ T3604] exportfs_decode_fh_raw+0x140/0x590
[ 56.852570][ T3604] exportfs_decode_fh+0x38/0x70
[ 56.857413][ T3604] do_handle_open+0x44c/0x960
[ 56.862108][ T3604] do_syscall_64+0x3b/0xb0
[ 56.866521][ T3604] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 56.872438][ T3604] page last free stack trace:
[ 56.877183][ T3604] free_unref_page_prepare+0xc34/0xcf0
[ 56.882641][ T3604] free_unref_page+0x95/0x2d0
[ 56.887478][ T3604] free_contig_range+0x95/0xf0
[ 56.892350][ T3604] destroy_args+0xfe/0x980
[ 56.896780][ T3604] debug_vm_pgtable+0x40d/0x470
[ 56.901618][ T3604] do_one_initcall+0x22b/0x7a0
[ 56.906370][ T3604] do_initcall_level+0x157/0x210
[ 56.911521][ T3604] do_initcalls+0x49/0x90
[ 56.915886][ T3604] kernel_init_freeable+0x425/0x5c0
[ 56.921192][ T3604] kernel_init+0x19/0x290
[ 56.925526][ T3604] ret_from_fork+0x1f/0x30
[ 56.930149][ T3604]
[ 56.932507][ T3604] Memory state around the buggy address:
[ 56.938149][ T3604] ffff88806e5eef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 56.946321][ T3604] ffff88806e5ef000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 56.954515][ T3604] >ffff88806e5ef080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb
[ 56.962575][ T3604] ^
[ 56.966671][ T3604] ffff88806e5ef100: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc
[ 56.974738][ T3604] ffff88806e5ef180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 56.982803][ T3604] ==================================================================
[ 56.990855][ T3604] Disabling lock debugging due to kernel taint
[ 56.997057][ T3609] ==================================================================
[ 57.005133][ T3609] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0x91/0x1f0
[ 57.013567][ T3609]
[ 57.015906][ T3609] CPU: 0 PID: 3609 Comm: syz-executor738 Tainted: G B 5.15.167-syzkaller #0
[ 57.025895][ T3609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 57.031546][ T3604] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 57.035959][ T3609] Call Trace:
[ 57.035968][ T3609]
[ 57.049496][ T3609] dump_stack_lvl+0x1e3/0x2d0
[ 57.054193][ T3609] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 57.059824][ T3609] ? _printk+0xd1/0x120
[ 57.063981][ T3609] ? __wake_up_klogd+0xcc/0x100
[ 57.068918][ T3609] ? panic+0x860/0x860
[ 57.072986][ T3609] ? _raw_spin_lock_irqsave+0xdd/0x120
[ 57.078451][ T3609] ? kmem_cache_free+0x91/0x1f0
[ 57.083303][ T3609] print_address_description+0x63/0x3b0
[ 57.088850][ T3609] ? kmem_cache_free+0x91/0x1f0
[ 57.093734][ T3609] ? kmem_cache_free+0x91/0x1f0
[ 57.098586][ T3609] kasan_report_invalid_free+0x4e/0x80
[ 57.104042][ T3609] ____kasan_slab_free+0xf8/0x120
[ 57.109064][ T3609] slab_free_freelist_hook+0xdd/0x160
[ 57.114488][ T3609] ? f2fs_destroy_extent_tree+0x382/0x670
[ 57.120215][ T3609] kmem_cache_free+0x91/0x1f0
[ 57.124897][ T3609] f2fs_destroy_extent_tree+0x382/0x670
[ 57.130618][ T3609] f2fs_evict_inode+0x3b1/0x1510
[ 57.136003][ T3609] ? do_raw_spin_unlock+0x137/0x8b0
[ 57.141247][ T3609] ? f2fs_write_inode+0x540/0x540
[ 57.146300][ T3609] evict+0x529/0x930
[ 57.150196][ T3609] ? __lock_acquire+0x1ff0/0x1ff0
[ 57.155229][ T3609] ? mode_strip_sgid+0x210/0x210
[ 57.160195][ T3609] ? _raw_spin_unlock+0x24/0x40
[ 57.165071][ T3609] f2fs_iget+0x1ca5/0x4b90
[ 57.169936][ T3609] f2fs_nfs_get_inode+0x70/0x100
[ 57.174873][ T3609] ? f2fs_fh_to_parent+0x40/0x40
[ 57.179808][ T3609] generic_fh_to_dentry+0x94/0xe0
[ 57.184836][ T3609] ? do_handle_open+0x960/0x960
[ 57.189687][ T3609] exportfs_decode_fh_raw+0x140/0x590
[ 57.195064][ T3609] ? do_handle_open+0x960/0x960
[ 57.199931][ T3609] ? exportfs_encode_fh+0x430/0x430
[ 57.205137][ T3609] ? __fget_files+0x413/0x480
[ 57.209817][ T3609] ? do_handle_open+0x960/0x960
[ 57.214666][ T3609] exportfs_decode_fh+0x38/0x70
[ 57.219641][ T3609] do_handle_open+0x44c/0x960
[ 57.224527][ T3609] ? __x64_compat_sys_open_by_handle_at+0x80/0x80
[ 57.230983][ T3609] ? syscall_enter_from_user_mode+0x2e/0x240
[ 57.236985][ T3609] ? lockdep_hardirqs_on+0x94/0x130
[ 57.242276][ T3609] ? syscall_enter_from_user_mode+0x2e/0x240
[ 57.248444][ T3609] do_syscall_64+0x3b/0xb0
[ 57.252882][ T3609] ? clear_bhb_loop+0x15/0x70
[ 57.257567][ T3609] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 57.263572][ T3609] RIP: 0033:0x7fc2e8d66a39
[ 57.268001][ T3609] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 57.287653][ T3609] RSP: 002b:00007fc2e8d02168 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[ 57.296093][ T3609] RAX: ffffffffffffffda RBX: 00007fc2e8df2618 RCX: 00007fc2e8d66a39
[ 57.304085][ T3609] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[ 57.312611][ T3609] RBP: 00007fc2e8df2610 R08: 00007ffc73ab54b7 R09: 0000000000000000
[ 57.320599][ T3609] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc2e8df261c
[ 57.328678][ T3609] R13: 000000000000006e R14: 00007ffc73ab53d0 R15: 00007ffc73ab54b8
[ 57.336665][ T3609]
[ 57.339692][ T3609]
[ 57.339695][ T3604] CPU: 1 PID: 3604 Comm: syz-executor738 Tainted: G B 5.15.167-syzkaller #0
[ 57.342018][ T3609] Allocated by task 3580:
[ 57.352205][ T3604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 57.356518][ T3609] __kasan_slab_alloc+0x8e/0xc0
[ 57.366646][ T3604] Call Trace:
[ 57.366656][ T3604]
[ 57.371487][ T3609] slab_post_alloc_hook+0x53/0x380
[ 57.374755][ T3604] dump_stack_lvl+0x1e3/0x2d0
[ 57.377673][ T3609] kmem_cache_alloc+0xf3/0x280
[ 57.382768][ T3604] ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[ 57.387602][ T3609] f2fs_init_extent_tree+0x58d/0xc50
[ 57.392354][ T3604] ? panic+0x860/0x860
[ 57.397966][ T3609] f2fs_iget+0xfb0/0x4b90
[ 57.403234][ T3604] ? rcu_is_watching+0x11/0xa0
[ 57.407282][ T3609] f2fs_nfs_get_inode+0x70/0x100
[ 57.411637][ T3604] ? preempt_schedule_common+0xa6/0xd0
[ 57.416399][ T3609] generic_fh_to_dentry+0x94/0xe0
[ 57.421461][ T3604] panic+0x318/0x860
[ 57.426906][ T3609] exportfs_decode_fh_raw+0x140/0x590
[ 57.431942][ T3604] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 57.435998][ T3609] exportfs_decode_fh+0x38/0x70
[ 57.441362][ T3604] ? check_panic_on_warn+0x1d/0xa0
[ 57.447583][ T3609] do_handle_open+0x44c/0x960
[ 57.452566][ T3604] ? fb_is_primary_device+0xd0/0xd0
[ 57.457999][ T3609] do_syscall_64+0x3b/0xb0
[ 57.462673][ T3604] ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 57.467847][ T3609] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 57.472251][ T3604] ? _raw_spin_unlock+0x40/0x40
[ 57.478218][ T3609]
[ 57.478229][ T3609] Freed by task 3580:
[ 57.484112][ T3604] check_panic_on_warn+0x7e/0xa0
[ 57.488951][ T3609] kasan_set_track+0x4b/0x80
[ 57.491289][ T3604] ? f2fs_destroy_extent_tree+0x151/0x670
[ 57.495365][ T3609] kasan_set_free_info+0x1f/0x40
[ 57.500293][ T3604] end_report+0x6d/0xf0
[ 57.504966][ T3609] ____kasan_slab_free+0xd8/0x120
[ 57.510675][ T3604] kasan_report+0x18e/0x1c0
[ 57.515609][ T3609] slab_free_freelist_hook+0xdd/0x160
[ 57.519769][ T3604] ? f2fs_destroy_extent_tree+0x151/0x670
[ 57.524783][ T3609] kmem_cache_free+0x91/0x1f0
[ 57.529275][ T3604] kasan_check_range+0x27e/0x290
[ 57.534638][ T3609] f2fs_destroy_extent_tree+0x382/0x670
[ 57.540375][ T3604] f2fs_destroy_extent_tree+0x151/0x670
[ 57.545052][ T3609] f2fs_evict_inode+0x3b1/0x1510
[ 57.549978][ T3604] f2fs_evict_inode+0x3b1/0x1510
[ 57.555511][ T3609] evict+0x529/0x930
[ 57.561048][ T3604] ? do_raw_spin_unlock+0x137/0x8b0
[ 57.565970][ T3609] f2fs_iget+0x1ca5/0x4b90
[ 57.570903][ T3604] ? f2fs_write_inode+0x540/0x540
[ 57.574864][ T3609] f2fs_nfs_get_inode+0x70/0x100
[ 57.580158][ T3604] evict+0x529/0x930
[ 57.584678][ T3609] generic_fh_to_dentry+0x94/0xe0
[ 57.589718][ T3604] ? __lock_acquire+0x1ff0/0x1ff0
[ 57.594642][ T3609] exportfs_decode_fh_raw+0x140/0x590
[ 57.598541][ T3604] ? mode_strip_sgid+0x210/0x210
[ 57.603542][ T3609] exportfs_decode_fh+0x38/0x70
[ 57.608592][ T3604] ? _raw_spin_unlock+0x24/0x40
[ 57.613960][ T3609] do_handle_open+0x44c/0x960
[ 57.618936][ T3604] f2fs_iget+0x1ca5/0x4b90
[ 57.623772][ T3609] do_syscall_64+0x3b/0xb0
[ 57.629597][ T3604] f2fs_nfs_get_inode+0x70/0x100
[ 57.634371][ T3609] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 57.639033][ T3604] ? f2fs_fh_to_parent+0x40/0x40
[ 57.643439][ T3609]
[ 57.643446][ T3609] The buggy address belongs to the object at ffff88806e64f190
[ 57.643446][ T3609] which belongs to the cache f2fs_extent_tree of size 136
[ 57.648370][ T3604] generic_fh_to_dentry+0x94/0xe0
[ 57.654417][ T3609] The buggy address is located 0 bytes inside of
[ 57.654417][ T3609] 136-byte region [ffff88806e64f190, ffff88806e64f218)
[ 57.659669][ T3604] ? do_handle_open+0x960/0x960
[ 57.661988][ T3609] The buggy address belongs to the page:
[ 57.661999][ T3609] page:ffffea0001b993c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6e64f
[ 57.676464][ T3604] exportfs_decode_fh_raw+0x140/0x590
[ 57.681473][ T3609] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 57.694558][ T3604] ? do_handle_open+0x960/0x960
[ 57.699572][ T3609] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff88801e7963c0
[ 57.705195][ T3604] ? exportfs_encode_fh+0x430/0x430
[ 57.715560][ T3609] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000
[ 57.721010][ T3604] ? __fget_files+0x413/0x480
[ 57.728524][ T3609] page dumped because: kasan: bad access detected
[ 57.733359][ T3604] ? do_handle_open+0x960/0x960
[ 57.741926][ T3609] page_owner tracks the page as allocated
[ 57.747099][ T3604] exportfs_decode_fh+0x38/0x70
[ 57.755688][ T3609] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x12c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_RECLAIMABLE), pid 3584, ts 56083263430, free_ts 15761753055
[ 57.760441][ T3604] do_handle_open+0x44c/0x960
[ 57.766839][ T3609] get_page_from_freelist+0x322a/0x33c0
[ 57.771677][ T3604] ? __x64_compat_sys_open_by_handle_at+0x80/0x80
[ 57.777374][ T3609] __alloc_pages+0x272/0x700
[ 57.782216][ T3604] ? syscall_enter_from_user_mode+0x2e/0x240
[ 57.799839][ T3609] new_slab+0xbb/0x4b0
[ 57.804504][ T3604] ? lockdep_hardirqs_on+0x94/0x130
[ 57.810034][ T3609] ___slab_alloc+0x6f6/0xe10
[ 57.816431][ T3604] ? syscall_enter_from_user_mode+0x2e/0x240
[ 57.821000][ T3609] kmem_cache_alloc+0x18e/0x280
[ 57.826965][ T3604] do_syscall_64+0x3b/0xb0
[ 57.831017][ T3609] f2fs_init_extent_tree+0x58d/0xc50
[ 57.836283][ T3604] ? clear_bhb_loop+0x15/0x70
[ 57.840849][ T3609] f2fs_iget+0xfb0/0x4b90
[ 57.846896][ T3604] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 57.851726][ T3609] f2fs_nfs_get_inode+0x70/0x100
[ 57.856474][ T3604] RIP: 0033:0x7fc2e8d66a39
[ 57.861738][ T3609] generic_fh_to_dentry+0x94/0xe0
[ 57.866401][ T3604] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 81 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 57.870816][ T3609] exportfs_decode_fh_raw+0x140/0x590
[ 57.876778][ T3604] RSP: 002b:00007fc2e8d02168 EFLAGS: 00000246
[ 57.881703][ T3609] exportfs_decode_fh+0x38/0x70
[ 57.886193][ T3604] ORIG_RAX: 0000000000000130
[ 57.891283][ T3609] do_handle_open+0x44c/0x960
[ 57.910872][ T3604] RAX: ffffffffffffffda RBX: 00007fc2e8df2618 RCX: 00007fc2e8d66a39
[ 57.916231][ T3609] do_syscall_64+0x3b/0xb0
[ 57.922275][ T3604] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[ 57.927106][ T3609] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 57.932033][ T3604] RBP: 00007fc2e8df2610 R08: 00007ffc73ab54b7 R09: 0000000000000000
[ 57.936865][ T3609] page last free stack trace:
[ 57.936873][ T3609] free_unref_page_prepare+0xc34/0xcf0
[ 57.944820][ T3604] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc2e8df261c
[ 57.949227][ T3609] free_unref_page+0x95/0x2d0
[ 57.957192][ T3604] R13: 000000000000006e R14: 00007ffc73ab53d0 R15: 00007ffc73ab54b8
[ 57.963064][ T3609] free_contig_range+0x95/0xf0
[ 57.971040][ T3604]
[ 57.975691][ T3609] destroy_args+0xfe/0x980
[ 58.014081][ T3609] debug_vm_pgtable+0x40d/0x470
[ 58.018929][ T3609] do_one_initcall+0x22b/0x7a0
[ 58.023703][ T3609] do_initcall_level+0x157/0x210
[ 58.028632][ T3609] do_initcalls+0x49/0x90
[ 58.033041][ T3609] kernel_init_freeable+0x425/0x5c0
[ 58.038284][ T3609] kernel_init+0x19/0x290
[ 58.042630][ T3609] ret_from_fork+0x1f/0x30
[ 58.047106][ T3609]
[ 58.049423][ T3609] Memory state around the buggy address:
[ 58.055058][ T3609] ffff88806e64f080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb
[ 58.063126][ T3609] ffff88806e64f100: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc
[ 58.071297][ T3609] >ffff88806e64f180: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.079349][ T3609] ^
[ 58.083928][ T3609] ffff88806e64f200: fb fb fb fc fc fc fc fc fc fc fc fa fb fb fb fb
[ 58.091984][ T3609] ffff88806e64f280: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[ 58.100035][ T3609] ==================================================================
[ 58.108356][ T3604] Kernel Offset: disabled
[ 58.112694][ T3604] Rebooting in 86400 seconds..