Warning: Permanently added '10.128.0.239' (ED25519) to the list of known hosts.
2025/08/14 17:06:46 ignoring optional flag "sandboxArg"="0"
2025/08/14 17:06:47 parsed 1 programs
[   61.096979][   T24] kauditd_printk_skb: 27 callbacks suppressed
[   61.096991][   T24] audit: type=1400 audit(1755191208.380:101): avc:  denied  { create } for  pid=405 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   61.124584][   T24] audit: type=1400 audit(1755191208.380:102): avc:  denied  { write } for  pid=405 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   61.144979][   T24] audit: type=1400 audit(1755191208.380:103): avc:  denied  { read } for  pid=405 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   61.166202][   T24] audit: type=1400 audit(1755191208.410:104): avc:  denied  { unlink } for  pid=405 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   61.196611][  T405] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   61.693882][   T24] audit: type=1400 audit(1755191208.970:105): avc:  denied  { create } for  pid=422 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   62.137841][  T450] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.145923][  T450] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.153289][  T450] device bridge_slave_0 entered promiscuous mode
[   62.160301][  T450] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.167728][  T450] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.175880][  T450] device bridge_slave_1 entered promiscuous mode
[   62.209576][  T450] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.216815][  T450] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.224105][  T450] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.231467][  T450] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.248433][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.256898][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.264509][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.273855][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   62.282201][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.289737][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.299183][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   62.307557][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.314894][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.326827][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   62.336076][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   62.349382][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   62.360120][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   62.369507][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   62.377458][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   62.386545][  T450] device veth0_vlan entered promiscuous mode
[   62.396432][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.405422][  T450] device veth1_macvtap entered promiscuous mode
[   62.414546][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   62.424789][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   62.543900][   T24] audit: type=1401 audit(1755191209.820:106): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
2025/08/14 17:06:50 executed programs: 0
[   62.751532][  T467] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.758921][  T467] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.767185][  T467] device bridge_slave_0 entered promiscuous mode
[   62.780279][  T467] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.787466][  T467] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.795568][  T467] device bridge_slave_1 entered promiscuous mode
[   62.828993][  T467] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.836631][  T467] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.844055][  T467] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.851150][  T467] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.872546][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.880568][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.888240][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.905121][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   62.913393][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.920492][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.929549][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   62.938023][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.945197][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.960532][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   62.970233][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   62.983303][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   62.999656][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   63.008533][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   63.016906][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   63.032972][  T467] device veth0_vlan entered promiscuous mode
[   63.043179][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   63.052528][  T467] device veth1_macvtap entered promiscuous mode
[   63.062473][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   63.080892][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   63.311074][  T477] F2FS-fs (loop2): fault_injection options not supported
[   63.319757][  T477] F2FS-fs (loop2): invalid crc value
[   63.326675][  T477] F2FS-fs (loop2): Found nat_bits in checkpoint
[   63.348458][  T477] F2FS-fs (loop2): Start checkpoint disabled!
[   63.355876][  T477] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   63.363479][   T24] audit: type=1400 audit(1755191210.640:107): avc:  denied  { mount } for  pid=476 comm="syz.2.16" name="/" dev="loop2" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   63.385494][   T24] audit: type=1400 audit(1755191210.640:108): avc:  denied  { write } for  pid=476 comm="syz.2.16" name="/" dev="loop2" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   63.407657][   T24] audit: type=1400 audit(1755191210.640:109): avc:  denied  { add_name } for  pid=476 comm="syz.2.16" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   63.427173][  T477] ------------[ cut here ]------------
[   63.428369][   T24] audit: type=1400 audit(1755191210.640:110): avc:  denied  { create } for  pid=476 comm="syz.2.16" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   63.433794][  T477] WARNING: CPU: 0 PID: 477 at fs/f2fs/segment.c:2582 new_curseg+0xe5d/0x18a0
[   63.463229][  T477] Modules linked in:
[   63.467248][  T477] CPU: 0 PID: 477 Comm: syz.2.16 Not tainted 5.10.240-syzkaller-1008085-g1154f779f3f3 #0
[   63.477250][  T477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   63.487393][  T477] RIP: 0010:new_curseg+0xe5d/0x18a0
[   63.492657][  T477] Code: 0b 4c 8b bd 30 ff ff ff 4c 89 ff be 08 00 00 00 e8 78 c2 93 ff f0 41 80 0f 04 41 b5 01 45 89 f7 e9 4d fb ff ff e8 e3 d0 59 ff <0f> 0b 4c 8b a5 30 ff ff ff 4c 89 e7 be 08 00 00 00 e8 4d c2 93 ff
[   63.512359][  T477] RSP: 0018:ffffc90000d87738 EFLAGS: 00010293
[   63.518460][  T477] RAX: ffffffff8209cf8d RBX: ffff888116c173d8 RCX: ffff88812bdd2780
[   63.526698][  T477] RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000000000000018
[   63.534869][  T477] RBP: ffffc90000d87828 R08: 0000000000000004 R09: 0000000000000003
[   63.542866][  T477] R10: fffff520001b0ed8 R11: 1ffff920001b0ed8 R12: 0000000000000018
[   63.550916][  T477] R13: 1ffff11022d82e7b R14: 0000000000000018 R15: 0000000000000017
[   63.558965][  T477] FS:  00007f1c674c46c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   63.567942][  T477] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   63.574755][  T477] CR2: 0000001b30e5ffff CR3: 000000012ac5d000 CR4: 00000000003506b0
[   63.582823][  T477] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   63.591099][  T477] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   63.599108][  T477] Call Trace:
[   63.602425][  T477]  __allocate_new_segment+0x13d/0x810
[   63.607824][  T477]  f2fs_allocate_new_section+0x1d5/0x280
[   63.613698][  T477]  ? new_curseg+0x18a0/0x18a0
[   63.618420][  T477]  ? __kasan_check_write+0x14/0x20
[   63.623557][  T477]  ? down_read_trylock+0x100/0x150
[   63.628809][  T477]  ? __init_rwsem+0x1c0/0x1c0
[   63.633493][  T477]  ? has_not_enough_free_secs+0x3d7/0x8a0
[   63.639369][  T477]  expand_inode_data+0x5a8/0x930
[   63.644408][  T477]  ? f2fs_insert_range+0x5b0/0x5b0
[   63.649659][  T477]  ? inode_dio_wait+0x226/0x290
[   63.654597][  T477]  ? file_update_time+0x3a2/0x400
[   63.659729][  T477]  ? inode_owner_or_capable+0x140/0x140
[   63.665650][  T477]  f2fs_fallocate+0x42b/0x7e0
[   63.670631][  T477]  vfs_fallocate+0x4b4/0x590
[   63.675476][  T477]  do_vfs_ioctl+0x12e3/0x1510
[   63.680700][  T477]  ? __ia32_compat_sys_ioctl+0x7b0/0x7b0
[   63.686568][  T477]  ? has_cap_mac_admin+0x330/0x330
[   63.691714][  T477]  ? __kasan_slab_free+0x11/0x20
[   63.697001][  T477]  ? slab_free_freelist_hook+0xc5/0x190
[   63.702958][  T477]  ? putname+0xfe/0x150
[   63.707275][  T477]  ? selinux_file_ioctl+0x377/0x480
[   63.712981][  T477]  ? selinux_file_alloc_security+0x120/0x120
[   63.719536][  T477]  ? __fget_files+0x2c4/0x320
[   63.724498][  T477]  ? security_file_ioctl+0x84/0xa0
[   63.729768][  T477]  __se_sys_ioctl+0x9f/0x1a0
[   63.734661][  T477]  __x64_sys_ioctl+0x7b/0x90
[   63.739273][  T477]  do_syscall_64+0x31/0x40
[   63.743886][  T477]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   63.750164][  T477] RIP: 0033:0x7f1c67a52169
[   63.754737][  T477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.774424][  T477] RSP: 002b:00007f1c674c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   63.782939][  T477] RAX: ffffffffffffffda RBX: 00007f1c67c6afa0 RCX: 00007f1c67a52169
[   63.790935][  T477] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000005
[   63.799123][  T477] RBP: 00007f1c67ad32a0 R08: 0000000000000000 R09: 0000000000000000
[   63.807284][  T477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   63.815497][  T477] R13: 0000000000000000 R14: 00007f1c67c6afa0 R15: 00007ffef0652118
[   63.823645][  T477] ---[ end trace 90e3d6372a99dbac ]---
[   63.829306][  T477] ------------[ cut here ]------------
[   63.834842][  T477] WARNING: CPU: 0 PID: 477 at fs/f2fs/segment.c:2636 new_curseg+0x14c0/0x18a0
[   63.844706][  T477] Modules linked in:
[   63.848652][  T477] CPU: 0 PID: 477 Comm: syz.2.16 Tainted: G        W         5.10.240-syzkaller-1008085-g1154f779f3f3 #0
[   63.860183][  T477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   63.870354][  T477] RIP: 0010:new_curseg+0x14c0/0x18a0
[   63.875791][  T477] Code: ff e8 a4 ca 59 ff 0f 0b 4c 8b 75 d0 49 8d 7e 78 be 08 00 00 00 e8 10 bc 93 ff f0 41 80 4e 78 04 e9 ba ed ff ff e8 80 ca 59 ff <0f> 0b 48 8b 5d d0 48 8d 7b 78 be 08 00 00 00 e8 ec bb 93 ff f0 80
[   63.895987][  T477] RSP: 0018:ffffc90000d87738 EFLAGS: 00010293
[   63.902091][  T477] RAX: ffffffff8209d5f0 RBX: ffff88810c898101 RCX: ffff88812bdd2780
[   63.910206][  T477] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[   63.918399][  T477] RBP: ffffc90000d87828 R08: dffffc0000000000 R09: ffffed1021913029
[   63.926455][  T477] R10: ffffed1021913029 R11: 1ffff11021913028 R12: 0000000000000000
[   63.934572][  T477] R13: 0000000000000018 R14: 0000000000000001 R15: 0000000000000018
[   63.942998][  T477] FS:  00007f1c674c46c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   63.952482][  T477] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   63.959417][  T477] CR2: 0000001b30e5ffff CR3: 000000012ac5d000 CR4: 00000000003506b0
[   63.967920][  T477] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   63.976111][  T477] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   63.984401][  T477] Call Trace:
[   63.987701][  T477]  __allocate_new_segment+0x13d/0x810
[   63.993055][  T477]  f2fs_allocate_new_section+0x1d5/0x280
[   63.999101][  T477]  ? new_curseg+0x18a0/0x18a0
[   64.003938][  T477]  ? __kasan_check_write+0x14/0x20
[   64.009285][  T477]  ? down_read_trylock+0x100/0x150
[   64.014718][  T477]  ? __init_rwsem+0x1c0/0x1c0
[   64.019571][  T477]  ? has_not_enough_free_secs+0x3d7/0x8a0
[   64.025446][  T477]  expand_inode_data+0x5a8/0x930
[   64.030631][  T477]  ? f2fs_insert_range+0x5b0/0x5b0
[   64.035949][  T477]  ? inode_dio_wait+0x226/0x290
[   64.040808][  T477]  ? file_update_time+0x3a2/0x400
[   64.046000][  T477]  ? inode_owner_or_capable+0x140/0x140
[   64.051598][  T477]  f2fs_fallocate+0x42b/0x7e0
[   64.056300][  T477]  vfs_fallocate+0x4b4/0x590
[   64.060938][  T477]  do_vfs_ioctl+0x12e3/0x1510
[   64.065639][  T477]  ? __ia32_compat_sys_ioctl+0x7b0/0x7b0
[   64.071373][  T477]  ? has_cap_mac_admin+0x330/0x330
[   64.076892][  T477]  ? __kasan_slab_free+0x11/0x20
[   64.082210][  T477]  ? slab_free_freelist_hook+0xc5/0x190
[   64.087953][  T477]  ? putname+0xfe/0x150
[   64.092256][  T477]  ? selinux_file_ioctl+0x377/0x480
[   64.097657][  T477]  ? selinux_file_alloc_security+0x120/0x120
[   64.103843][  T477]  ? __fget_files+0x2c4/0x320
[   64.109203][  T477]  ? security_file_ioctl+0x84/0xa0
[   64.114659][  T477]  __se_sys_ioctl+0x9f/0x1a0
[   64.119663][  T477]  __x64_sys_ioctl+0x7b/0x90
[   64.124595][  T477]  do_syscall_64+0x31/0x40
[   64.129031][  T477]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   64.135049][  T477] RIP: 0033:0x7f1c67a52169
[   64.139476][  T477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.159711][  T477] RSP: 002b:00007f1c674c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   64.168713][  T477] RAX: ffffffffffffffda RBX: 00007f1c67c6afa0 RCX: 00007f1c67a52169
[   64.177091][  T477] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000005
[   64.185473][  T477] RBP: 00007f1c67ad32a0 R08: 0000000000000000 R09: 0000000000000000
[   64.193625][  T477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   64.202138][  T477] R13: 0000000000000000 R14: 00007f1c67c6afa0 R15: 00007ffef0652118
[   64.210407][  T477] ---[ end trace 90e3d6372a99dbad ]---
[   64.216063][  T477] ==================================================================
[   64.224164][  T477] BUG: KASAN: slab-out-of-bounds in reset_curseg+0x4dd/0x560
[   64.231994][  T477] Read of size 4 at addr ffff88811797dbc0 by task syz.2.16/477
[   64.239796][  T477] 
[   64.242158][  T477] CPU: 0 PID: 477 Comm: syz.2.16 Tainted: G        W         5.10.240-syzkaller-1008085-g1154f779f3f3 #0
[   64.253416][  T477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   64.263464][  T477] Call Trace:
[   64.266767][  T477]  __dump_stack+0x21/0x24
[   64.271467][  T477]  dump_stack_lvl+0x169/0x1d8
[   64.276151][  T477]  ? show_regs_print_info+0x18/0x18
[   64.281662][  T477]  ? thaw_kernel_threads+0x220/0x220
[   64.287545][  T477]  print_address_description+0x7f/0x2c0
[   64.293462][  T477]  ? reset_curseg+0x4dd/0x560
[   64.298822][  T477]  kasan_report+0xe2/0x130
[   64.303415][  T477]  ? reset_curseg+0x4dd/0x560
[   64.308471][  T477]  __asan_report_load4_noabort+0x14/0x20
[   64.314302][  T477]  reset_curseg+0x4dd/0x560
[   64.318801][  T477]  new_curseg+0x12f6/0x18a0
[   64.323297][  T477]  __allocate_new_segment+0x13d/0x810
[   64.328664][  T477]  f2fs_allocate_new_section+0x1d5/0x280
[   64.334282][  T477]  ? new_curseg+0x18a0/0x18a0
[   64.338949][  T477]  ? __kasan_check_write+0x14/0x20
[   64.344083][  T477]  ? down_read_trylock+0x100/0x150
[   64.349406][  T477]  ? __init_rwsem+0x1c0/0x1c0
[   64.354080][  T477]  ? has_not_enough_free_secs+0x3d7/0x8a0
[   64.359893][  T477]  expand_inode_data+0x5a8/0x930
[   64.364843][  T477]  ? f2fs_insert_range+0x5b0/0x5b0
[   64.369993][  T477]  ? inode_dio_wait+0x226/0x290
[   64.374947][  T477]  ? file_update_time+0x3a2/0x400
[   64.379969][  T477]  ? inode_owner_or_capable+0x140/0x140
[   64.385596][  T477]  f2fs_fallocate+0x42b/0x7e0
[   64.390445][  T477]  vfs_fallocate+0x4b4/0x590
[   64.395028][  T477]  do_vfs_ioctl+0x12e3/0x1510
[   64.399721][  T477]  ? __ia32_compat_sys_ioctl+0x7b0/0x7b0
[   64.405468][  T477]  ? has_cap_mac_admin+0x330/0x330
[   64.410837][  T477]  ? __kasan_slab_free+0x11/0x20
[   64.415790][  T477]  ? slab_free_freelist_hook+0xc5/0x190
[   64.421353][  T477]  ? putname+0xfe/0x150
[   64.425839][  T477]  ? selinux_file_ioctl+0x377/0x480
[   64.431051][  T477]  ? selinux_file_alloc_security+0x120/0x120
[   64.437203][  T477]  ? __fget_files+0x2c4/0x320
[   64.442023][  T477]  ? security_file_ioctl+0x84/0xa0
[   64.447234][  T477]  __se_sys_ioctl+0x9f/0x1a0
[   64.452022][  T477]  __x64_sys_ioctl+0x7b/0x90
[   64.456646][  T477]  do_syscall_64+0x31/0x40
[   64.461195][  T477]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   64.467856][  T477] RIP: 0033:0x7f1c67a52169
[   64.472269][  T477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.492235][  T477] RSP: 002b:00007f1c674c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   64.500643][  T477] RAX: ffffffffffffffda RBX: 00007f1c67c6afa0 RCX: 00007f1c67a52169
[   64.508664][  T477] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000005
[   64.516807][  T477] RBP: 00007f1c67ad32a0 R08: 0000000000000000 R09: 0000000000000000
[   64.524773][  T477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   64.533118][  T477] R13: 0000000000000000 R14: 00007f1c67c6afa0 R15: 00007ffef0652118
[   64.541085][  T477] 
[   64.543409][  T477] Allocated by task 477:
[   64.547649][  T477]  __kasan_kmalloc+0xda/0x110
[   64.552320][  T477]  __kmalloc+0x1a7/0x330
[   64.556999][  T477]  kvmalloc_node+0x88/0x130
[   64.561499][  T477]  f2fs_build_segment_manager+0xdba/0x48f0
[   64.567642][  T477]  f2fs_fill_super+0x42d1/0x6c70
[   64.572573][  T477]  mount_bdev+0x28b/0x3a0
[   64.576894][  T477]  f2fs_mount+0x34/0x40
[   64.581044][  T477]  legacy_get_tree+0xed/0x190
[   64.585749][  T477]  vfs_get_tree+0x89/0x260
[   64.590157][  T477]  do_new_mount+0x25a/0xa20
[   64.594655][  T477]  path_mount+0x572/0xc80
[   64.599059][  T477]  __se_sys_mount+0x318/0x380
[   64.603739][  T477]  __x64_sys_mount+0xbf/0xd0
[   64.608434][  T477]  do_syscall_64+0x31/0x40
[   64.613060][  T477]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   64.619024][  T477] 
[   64.621384][  T477] The buggy address belongs to the object at ffff88811797d800
[   64.621384][  T477]  which belongs to the cache kmalloc-1k of size 1024
[   64.636023][  T477] The buggy address is located 960 bytes inside of
[   64.636023][  T477]  1024-byte region [ffff88811797d800, ffff88811797dc00)
[   64.649668][  T477] The buggy address belongs to the page:
[   64.655305][  T477] page:ffffea00045e5e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x117978
[   64.665875][  T477] head:ffffea00045e5e00 order:3 compound_mapcount:0 compound_pincount:0
[   64.674292][  T477] flags: 0x4000000000010200(slab|head)
[   64.679753][  T477] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100042f00
[   64.688421][  T477] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   64.697015][  T477] page dumped because: kasan: bad access detected
[   64.703855][  T477] page_owner tracks the page as allocated
[   64.709721][  T477] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 398, ts 63129283203, free_ts 63110526183
[   64.730805][  T477]  prep_new_page+0x179/0x180
[   64.735604][  T477]  get_page_from_freelist+0x2235/0x23d0
[   64.741213][  T477]  __alloc_pages_nodemask+0x268/0x5f0
[   64.746663][  T477]  new_slab+0x84/0x3f0
[   64.750746][  T477]  ___slab_alloc+0x2a6/0x450
[   64.755366][  T477]  __slab_alloc+0x63/0xa0
[   64.759698][  T477]  __kmalloc_track_caller+0x1ef/0x320
[   64.765349][  T477]  __alloc_skb+0xdc/0x520
[   64.769809][  T477]  sk_stream_alloc_skb+0x21a/0xb70
[   64.774928][  T477]  tcp_sendmsg_locked+0xc43/0x3750
[   64.780146][  T477]  tcp_sendmsg+0x2f/0x50
[   64.784498][  T477]  inet6_sendmsg+0xa5/0xc0
[   64.789347][  T477]  sock_write_iter+0x29c/0x380
[   64.794284][  T477]  vfs_write+0x725/0xd60
[   64.798749][  T477]  ksys_write+0x140/0x240
[   64.803203][  T477]  __x64_sys_write+0x7b/0x90
[   64.807817][  T477] page last free stack trace:
[   64.812601][  T477]  __free_pages_ok+0x7fc/0x820
[   64.817450][  T477]  __free_pages+0xdd/0x380
[   64.822163][  T477]  __free_slab+0xcf/0x190
[   64.826507][  T477]  unfreeze_partials+0x15f/0x190
[   64.832092][  T477]  put_cpu_partial+0xc1/0x180
[   64.836844][  T477]  __slab_free+0x2c9/0x3a0
[   64.841260][  T477]  ___cache_free+0x111/0x130
[   64.845845][  T477]  qlink_free+0x50/0x90
[   64.850085][  T477]  qlist_free_all+0x5f/0xb0
[   64.854671][  T477]  kasan_quarantine_reduce+0x14a/0x160
[   64.860124][  T477]  __kasan_slab_alloc+0x2f/0xf0
[   64.865142][  T477]  slab_post_alloc_hook+0x5d/0x2f0
[   64.870416][  T477]  kmem_cache_alloc+0x165/0x2e0
[   64.875257][  T477]  getname_flags+0xb9/0x500
[   64.879927][  T477]  user_path_at_empty+0x2f/0x50
[   64.884810][  T477]  __se_sys_pivot_root+0x1dc/0xc40
[   64.889910][  T477] 
[   64.892378][  T477] Memory state around the buggy address:
[   64.898003][  T477]  ffff88811797da80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   64.906082][  T477]  ffff88811797db00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   64.914397][  T477] >ffff88811797db80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   64.922722][  T477]                                            ^
[   64.928986][  T477]  ffff88811797dc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   64.937381][  T477]  ffff88811797dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   64.945724][  T477] ==================================================================
[   64.953860][  T477] Disabling lock debugging due to kernel taint
[   64.961519][  T477] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[   64.973658][  T477] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[   64.982337][  T477] CPU: 0 PID: 477 Comm: syz.2.16 Tainted: G    B   W         5.10.240-syzkaller-1008085-g1154f779f3f3 #0
[   64.993840][  T477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   65.003934][  T477] RIP: 0010:update_sit_entry+0x3eb/0xf50
[   65.009592][  T477] Code: 89 45 a8 49 01 c5 41 f6 d7 41 80 e7 07 44 89 f9 41 bf 01 00 00 00 41 d3 e7 4d 89 ee 49 c1 ee 03 48 b8 00 00 00 00 00 fc ff df <41> 0f b6 04 06 84 c0 0f 85 a5 08 00 00 41 0f b6 5d 00 44 89 f8 41
[   65.029426][  T477] RSP: 0018:ffffc90000d87350 EFLAGS: 00010246
[   65.035780][  T477] RAX: dffffc0000000000 RBX: ffff88811797dbc8 RCX: 0000000000000007
[   65.044038][  T477] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88811797dbc8
[   65.052202][  T477] RBP: ffffc90000d873d0 R08: ffff88812bdd2780 R09: 0000000000000003
[   65.060555][  T477] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000004000
[   65.068611][  T477] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000080
[   65.076676][  T477] FS:  00007f1c674c46c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   65.086118][  T477] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   65.092717][  T477] CR2: 0000001b30e5ffff CR3: 000000012ac5d000 CR4: 00000000003506b0
[   65.100786][  T477] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   65.108844][  T477] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   65.116899][  T477] Call Trace:
[   65.120314][  T477]  ? __asan_report_store8_noabort+0x17/0x20
[   65.126427][  T477]  f2fs_allocate_data_block+0x156b/0x3a10
[   65.132619][  T477]  ? _raw_spin_unlock+0x4d/0x70
[   65.137591][  T477]  ? f2fs_inode_dirtied+0x26b/0x2a0
[   65.143086][  T477]  ? f2fs_io_type_to_rw_hint+0x1e0/0x1e0
[   65.148747][  T477]  ? f2fs_mark_inode_dirty_sync+0x110/0x140
[   65.154661][  T477]  ? inc_valid_block_count+0x562/0xa90
[   65.160205][  T477]  __allocate_data_block+0x52a/0x980
[   65.165590][  T477]  ? f2fs_map_blocks+0x35c0/0x35c0
[   65.170782][  T477]  f2fs_map_blocks+0xdc8/0x35c0
[   65.175803][  T477]  ? __kasan_check_write+0x14/0x20
[   65.181085][  T477]  ? f2fs_do_map_lock+0x290/0x290
[   65.186124][  T477]  ? __kasan_check_write+0x14/0x20
[   65.191247][  T477]  ? down_read_trylock+0x100/0x150
[   65.196354][  T477]  expand_inode_data+0x5d7/0x930
[   65.201391][  T477]  ? f2fs_insert_range+0x5b0/0x5b0
[   65.206719][  T477]  ? inode_dio_wait+0x226/0x290
[   65.211652][  T477]  ? file_update_time+0x3a2/0x400
[   65.216673][  T477]  ? inode_owner_or_capable+0x140/0x140
[   65.222310][  T477]  f2fs_fallocate+0x42b/0x7e0
[   65.227181][  T477]  vfs_fallocate+0x4b4/0x590
[   65.231903][  T477]  do_vfs_ioctl+0x12e3/0x1510
[   65.236606][  T477]  ? __ia32_compat_sys_ioctl+0x7b0/0x7b0
[   65.242321][  T477]  ? has_cap_mac_admin+0x330/0x330
[   65.247427][  T477]  ? __kasan_slab_free+0x11/0x20
[   65.252392][  T477]  ? slab_free_freelist_hook+0xc5/0x190
[   65.257939][  T477]  ? putname+0xfe/0x150
[   65.262111][  T477]  ? selinux_file_ioctl+0x377/0x480
[   65.267421][  T477]  ? selinux_file_alloc_security+0x120/0x120
[   65.273485][  T477]  ? __fget_files+0x2c4/0x320
[   65.278269][  T477]  ? security_file_ioctl+0x84/0xa0
[   65.283383][  T477]  __se_sys_ioctl+0x9f/0x1a0
[   65.287967][  T477]  __x64_sys_ioctl+0x7b/0x90
[   65.292776][  T477]  do_syscall_64+0x31/0x40
[   65.297369][  T477]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   65.303283][  T477] RIP: 0033:0x7f1c67a52169
[   65.307702][  T477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.327769][  T477] RSP: 002b:00007f1c674c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   65.336471][  T477] RAX: ffffffffffffffda RBX: 00007f1c67c6afa0 RCX: 00007f1c67a52169
[   65.344458][  T477] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000005
[   65.352568][  T477] RBP: 00007f1c67ad32a0 R08: 0000000000000000 R09: 0000000000000000
[   65.360668][  T477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   65.368649][  T477] R13: 0000000000000000 R14: 00007f1c67c6afa0 R15: 00007ffef0652118
[   65.376730][  T477] Modules linked in:
[   65.382452][  T477] ---[ end trace 90e3d6372a99dbae ]---
[   65.388086][  T477] RIP: 0010:update_sit_entry+0x3eb/0xf50
[   65.393936][  T477] Code: 89 45 a8 49 01 c5 41 f6 d7 41 80 e7 07 44 89 f9 41 bf 01 00 00 00 41 d3 e7 4d 89 ee 49 c1 ee 03 48 b8 00 00 00 00 00 fc ff df <41> 0f b6 04 06 84 c0 0f 85 a5 08 00 00 41 0f b6 5d 00 44 89 f8 41
[   65.414541][  T477] RSP: 0018:ffffc90000d87350 EFLAGS: 00010246
[   65.420795][  T477] RAX: dffffc0000000000 RBX: ffff88811797dbc8 RCX: 0000000000000007
[   65.429354][  T477] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88811797dbc8
[   65.437732][  T477] RBP: ffffc90000d873d0 R08: ffff88812bdd2780 R09: 0000000000000003
[   65.446242][  T477] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000004000
[   65.454675][  T477] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000080
[   65.463001][  T477] FS:  00007f1c674c46c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   65.472239][  T477] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   65.479032][  T477] CR2: 0000001b30e5ffff CR3: 000000012ac5d000 CR4: 00000000003506b0
[   65.487411][  T477] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   65.496141][  T477] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   65.504720][  T477] Kernel panic - not syncing: Fatal exception
[   65.511642][  T477] Kernel Offset: disabled
[   65.515992][  T477] Rebooting in 86400 seconds..