Warning: Permanently added '[localhost]:25744' (ED25519) to the list of known hosts.
2026/01/07 06:58:13 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[ 131.122563][ T5607] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 137.656736][ T5641] chnl_net:caif_netlink_parms(): no params data found
[ 137.797281][ T5641] bridge0: port 1(bridge_slave_0) entered blocking state
[ 137.800457][ T5641] bridge0: port 1(bridge_slave_0) entered disabled state
[ 137.804060][ T5641] bridge_slave_0: entered allmulticast mode
[ 137.821541][ T5641] bridge_slave_0: entered promiscuous mode
[ 137.828262][ T5641] bridge0: port 2(bridge_slave_1) entered blocking state
[ 137.831911][ T5641] bridge0: port 2(bridge_slave_1) entered disabled state
[ 137.835108][ T5641] bridge_slave_1: entered allmulticast mode
[ 137.851708][ T5641] bridge_slave_1: entered promiscuous mode
[ 137.896202][ T5641] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 137.912426][ T5641] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 137.953624][ T5641] team0: Port device team_slave_0 added
[ 137.958742][ T5641] team0: Port device team_slave_1 added
[ 137.978532][ T5641] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 137.984219][ T5641] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 137.995572][ T5641] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 138.002363][ T5641] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 138.005199][ T5641] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 138.016172][ T5641] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 138.054522][ T5641] hsr_slave_0: entered promiscuous mode
[ 138.057725][ T5641] hsr_slave_1: entered promiscuous mode
[ 138.474276][ T5641] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 138.497015][ T5641] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 138.523143][ T5641] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 138.529353][ T5641] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 138.569388][ T5641] bridge0: port 2(bridge_slave_1) entered blocking state
[ 138.572899][ T5641] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 138.576339][ T5641] bridge0: port 1(bridge_slave_0) entered blocking state
[ 138.579651][ T5641] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 138.622775][ T3064] bridge0: port 1(bridge_slave_0) entered disabled state
[ 138.626544][ T3064] bridge0: port 2(bridge_slave_1) entered disabled state
[ 138.707751][ T5641] 8021q: adding VLAN 0 to HW filter on device bond0
[ 138.735968][ T5641] 8021q: adding VLAN 0 to HW filter on device team0
[ 138.755286][ T3064] bridge0: port 1(bridge_slave_0) entered blocking state
[ 138.758575][ T3064] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 138.775990][ T3091] bridge0: port 2(bridge_slave_1) entered blocking state
[ 138.779232][ T3091] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 139.182164][ T5641] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 139.256795][ T5641] veth0_vlan: entered promiscuous mode
[ 139.279141][ T5641] veth1_vlan: entered promiscuous mode
[ 139.323580][ T5641] veth0_macvtap: entered promiscuous mode
[ 139.328622][ T5641] veth1_macvtap: entered promiscuous mode
[ 139.369534][ T5641] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 139.422396][ T5641] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 139.454561][ T3013] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.458208][ T3013] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.475322][ T3013] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.511828][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 139.794168][ T3091] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 139.922917][ T3091] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 140.824809][ T3091] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 141.959612][ T3091] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 142.395598][ T3091] bridge_slave_1: left allmulticast mode
[ 142.403131][ T3091] bridge_slave_1: left promiscuous mode
[ 142.417866][ T3091] bridge0: port 2(bridge_slave_1) entered disabled state
[ 142.466218][ T3091] bridge_slave_0: left allmulticast mode
[ 142.468547][ T3091] bridge_slave_0: left promiscuous mode
[ 142.500629][ T3091] bridge0: port 1(bridge_slave_0) entered disabled state
[ 143.030334][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[ 143.033797][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
[ 143.152057][ T3091] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 143.157541][ T3091] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 143.176195][ T3091] bond0 (unregistering): Released all slaves
[ 143.311834][ T3091] hsr_slave_0: left promiscuous mode
[ 143.323398][ T3091] hsr_slave_1: left promiscuous mode
[ 143.341274][ T3091] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 143.344657][ T3091] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 143.361774][ T3091] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 143.365035][ T3091] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 143.397992][ T3091] veth1_macvtap: left promiscuous mode
[ 143.400325][ T3091] veth0_macvtap: left promiscuous mode
[ 143.421286][ T3091] veth1_vlan: left promiscuous mode
[ 143.423839][ T3091] veth0_vlan: left promiscuous mode
[ 144.402066][ T3091] team0 (unregistering): Port device team_slave_1 removed
[ 144.445935][ T3091] team0 (unregistering): Port device team_slave_0 removed
[ 145.218857][ T47] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 145.223731][ T47] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 145.227100][ T47] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 145.235904][ T47] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 145.239071][ T47] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 146.428465][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 146.433115][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 146.513347][ T3091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 146.516659][ T3091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
2026/01/07 06:58:35 executed programs: 0
[ 148.613430][ T4682] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 148.617678][ T4682] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 148.621691][ T4682] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 148.625213][ T4682] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 148.628651][ T4682] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 148.914100][ T5808] chnl_net:caif_netlink_parms(): no params data found
[ 149.035915][ T5808] bridge0: port 1(bridge_slave_0) entered blocking state
[ 149.039206][ T5808] bridge0: port 1(bridge_slave_0) entered disabled state
[ 149.042799][ T5808] bridge_slave_0: entered allmulticast mode
[ 149.046603][ T5808] bridge_slave_0: entered promiscuous mode
[ 149.051934][ T5808] bridge0: port 2(bridge_slave_1) entered blocking state
[ 149.055332][ T5808] bridge0: port 2(bridge_slave_1) entered disabled state
[ 149.058526][ T5808] bridge_slave_1: entered allmulticast mode
[ 149.062651][ T5808] bridge_slave_1: entered promiscuous mode
[ 149.086158][ T5808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 149.092559][ T5808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 149.113699][ T5808] team0: Port device team_slave_0 added
[ 149.118178][ T5808] team0: Port device team_slave_1 added
[ 149.137995][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 149.141447][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 149.153058][ T5808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 149.160425][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 149.164047][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 149.175375][ T5808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 149.211393][ T5808] hsr_slave_0: entered promiscuous mode
[ 149.214614][ T5808] hsr_slave_1: entered promiscuous mode
[ 149.684402][ T5808] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 149.714156][ T5808] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 149.725083][ T5808] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 149.754509][ T5808] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 149.825252][ T5808] bridge0: port 2(bridge_slave_1) entered blocking state
[ 149.828490][ T5808] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 149.831899][ T5808] bridge0: port 1(bridge_slave_0) entered blocking state
[ 149.835020][ T5808] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 149.913866][ T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 149.917993][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 150.034482][ T5808] 8021q: adding VLAN 0 to HW filter on device bond0
[ 150.072148][ T5808] 8021q: adding VLAN 0 to HW filter on device team0
[ 150.093338][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 150.097029][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 150.148094][ T3091] bridge0: port 2(bridge_slave_1) entered blocking state
[ 150.151319][ T3091] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 150.567125][ T5808] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 150.659630][ T5808] veth0_vlan: entered promiscuous mode
[ 150.682711][ T5808] veth1_vlan: entered promiscuous mode
[ 150.701280][ T4682] Bluetooth: hci0: command tx timeout
[ 150.749165][ T5808] veth0_macvtap: entered promiscuous mode
[ 150.766975][ T5808] veth1_macvtap: entered promiscuous mode
[ 150.805847][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 150.832780][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 150.862460][ T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.881960][ T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.885730][ T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 150.889361][ T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 151.082166][ T3091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 151.085450][ T3091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 151.146960][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 151.150317][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 151.775994][ T5854] loop0: detected capacity change from 0 to 40427
[ 151.813333][ T5854] F2FS-fs (loop0): Image doesn't support compression
[ 151.831382][ T5854] F2FS-fs (loop0): invalid crc value
[ 151.968395][ T5854] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 151.992340][ T5854] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 152.004362][ T26] audit: type=1800 audit(1767769118.553:2): pid=5854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.17" name="file1" dev="loop0" ino=10 res=0 errno=0
[ 152.018113][ T5854] F2FS-fs (loop0): inconsistent node block, node_type:1, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0]
[ 152.040629][ T5854] syz.0.17: attempt to access beyond end of device
[ 152.040629][ T5854] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 152.049931][ T5854] CPU: 0 UID: 0 PID: 5854 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full)
[ 152.049949][ T5854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 152.049956][ T5854] Call Trace:
[ 152.049962][ T5854]
[ 152.049967][ T5854] dump_stack_lvl+0xe8/0x150
[ 152.050095][ T5854] f2fs_handle_critical_error+0x37c/0x540
[ 152.050143][ T5854] f2fs_write_end_io+0x886/0xb60
[ 152.050163][ T5854] __submit_merged_bio+0x256/0x660
[ 152.050182][ T5854] __submit_merged_write_cond+0x471/0x530
[ 152.050200][ T5854] f2fs_sync_node_pages+0x1479/0x15e0
[ 152.050227][ T5854] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 152.050267][ T5854] f2fs_write_checkpoint+0xdd5/0x2430
[ 152.050298][ T5854] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 152.050340][ T5854] kill_f2fs_super+0x2d2/0x6c0
[ 152.050354][ T5854] ? __pfx_kill_f2fs_super+0x10/0x10
[ 152.050378][ T5854] deactivate_locked_super+0xbc/0x130
[ 152.050393][ T5854] cleanup_mnt+0x425/0x4c0
[ 152.050405][ T5854] ? _raw_spin_unlock_irq+0x23/0x50
[ 152.050452][ T5854] task_work_run+0x1d4/0x260
[ 152.050465][ T5854] ? __pfx_task_work_run+0x10/0x10
[ 152.050474][ T5854] ? kmem_cache_free+0x197/0x620
[ 152.050483][ T5854] ? do_exit+0x68f/0x22f0
[ 152.050498][ T5854] do_exit+0x694/0x22f0
[ 152.050511][ T5854] ? try_to_wake_up+0x7f5/0x12b0
[ 152.050528][ T5854] ? __pfx_do_exit+0x10/0x10
[ 152.050550][ T5854] do_group_exit+0x21c/0x2d0
[ 152.050564][ T5854] ? _raw_spin_unlock_irq+0x23/0x50
[ 152.050579][ T5854] get_signal+0x1285/0x1340
[ 152.050601][ T5854] arch_do_signal_or_restart+0x9a/0x7a0
[ 152.050618][ T5854] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 152.050638][ T5854] ? __pfx___se_sys_futex+0x10/0x10
[ 152.050654][ T5854] exit_to_user_mode_loop+0x87/0x4e0
[ 152.050665][ T5854] ? rcu_is_watching+0x15/0xb0
[ 152.050679][ T5854] do_syscall_64+0x2c1/0xf80
[ 152.050689][ T5854] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 152.050698][ T5854] ? trace_irq_disable+0x37/0x100
[ 152.050711][ T5854] ? clear_bhb_loop+0x60/0xb0
[ 152.050723][ T5854] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 152.050732][ T5854] RIP: 0033:0x7f632538f7c9
[ 152.050743][ T5854] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 152.050748][ T5854] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 152.050760][ T5854] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 152.050767][ T5854] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 152.050773][ T5854] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 152.050779][ T5854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 152.050785][ T5854] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 152.050804][ T5854]
[ 152.050809][ T5854] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 152.176224][ T5854] CPU: 0 UID: 0 PID: 5854 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full)
[ 152.176242][ T5854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 152.176249][ T5854] Call Trace:
[ 152.176254][ T5854]
[ 152.176259][ T5854] dump_stack_lvl+0xe8/0x150
[ 152.176278][ T5854] f2fs_handle_critical_error+0x37c/0x540
[ 152.176298][ T5854] f2fs_write_end_io+0x886/0xb60
[ 152.176319][ T5854] __submit_merged_bio+0x256/0x660
[ 152.176337][ T5854] __submit_merged_write_cond+0x471/0x530
[ 152.176354][ T5854] f2fs_sync_node_pages+0x1479/0x15e0
[ 152.176379][ T5854] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 152.176416][ T5854] f2fs_write_checkpoint+0xdd5/0x2430
[ 152.176444][ T5854] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 152.176486][ T5854] kill_f2fs_super+0x2d2/0x6c0
[ 152.176500][ T5854] ? __pfx_kill_f2fs_super+0x10/0x10
[ 152.176522][ T5854] deactivate_locked_super+0xbc/0x130
[ 152.176538][ T5854] cleanup_mnt+0x425/0x4c0
[ 152.176550][ T5854] ? _raw_spin_unlock_irq+0x23/0x50
[ 152.176566][ T5854] task_work_run+0x1d4/0x260
[ 152.176582][ T5854] ? __pfx_task_work_run+0x10/0x10
[ 152.176604][ T5854] ? kmem_cache_free+0x197/0x620
[ 152.176618][ T5854] ? do_exit+0x68f/0x22f0
[ 152.176634][ T5854] do_exit+0x694/0x22f0
[ 152.176649][ T5854] ? try_to_wake_up+0x7f5/0x12b0
[ 152.176665][ T5854] ? __pfx_do_exit+0x10/0x10
[ 152.176686][ T5854] do_group_exit+0x21c/0x2d0
[ 152.176698][ T5854] ? _raw_spin_unlock_irq+0x23/0x50
[ 152.176712][ T5854] get_signal+0x1285/0x1340
[ 152.176736][ T5854] arch_do_signal_or_restart+0x9a/0x7a0
[ 152.176753][ T5854] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 152.176772][ T5854] ? __pfx___se_sys_futex+0x10/0x10
[ 152.176789][ T5854] exit_to_user_mode_loop+0x87/0x4e0
[ 152.176800][ T5854] ? rcu_is_watching+0x15/0xb0
[ 152.176813][ T5854] do_syscall_64+0x2c1/0xf80
[ 152.176823][ T5854] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 152.176833][ T5854] ? trace_irq_disable+0x37/0x100
[ 152.176845][ T5854] ? clear_bhb_loop+0x60/0xb0
[ 152.176858][ T5854] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 152.176868][ T5854] RIP: 0033:0x7f632538f7c9
[ 152.176879][ T5854] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 152.176884][ T5854] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 152.176896][ T5854] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 152.176904][ T5854] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 152.176909][ T5854] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 152.176915][ T5854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 152.176920][ T5854] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 152.176938][ T5854]
[ 152.176943][ T5854] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 152.782790][ T4682] Bluetooth: hci0: command tx timeout
[ 153.019328][ T5874] loop0: detected capacity change from 0 to 40427
[ 153.039261][ T5874] F2FS-fs (loop0): Image doesn't support compression
[ 153.047734][ T5874] F2FS-fs (loop0): invalid crc value
[ 153.166232][ T5874] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 153.176428][ T5874] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 153.189574][ T26] audit: type=1800 audit(1767769119.733:3): pid=5874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.18" name="file1" dev="loop0" ino=10 res=0 errno=0
[ 153.202980][ T5874] F2FS-fs (loop0): inconsistent node block, node_type:1, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0]
[ 153.224661][ T5874] syz.0.18: attempt to access beyond end of device
[ 153.224661][ T5874] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 153.230377][ T5874] CPU: 0 UID: 0 PID: 5874 Comm: syz.0.18 Not tainted syzkaller #0 PREEMPT(full)
[ 153.230396][ T5874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 153.230402][ T5874] Call Trace:
[ 153.230408][ T5874]
[ 153.230412][ T5874] dump_stack_lvl+0xe8/0x150
[ 153.230532][ T5874] f2fs_handle_critical_error+0x37c/0x540
[ 153.230582][ T5874] f2fs_write_end_io+0x886/0xb60
[ 153.230604][ T5874] __submit_merged_bio+0x256/0x660
[ 153.230627][ T5874] __submit_merged_write_cond+0x471/0x530
[ 153.230646][ T5874] f2fs_sync_node_pages+0x1479/0x15e0
[ 153.230676][ T5874] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 153.230715][ T5874] f2fs_write_checkpoint+0xdd5/0x2430
[ 153.230745][ T5874] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 153.230788][ T5874] kill_f2fs_super+0x2d2/0x6c0
[ 153.230804][ T5874] ? __pfx_kill_f2fs_super+0x10/0x10
[ 153.230829][ T5874] deactivate_locked_super+0xbc/0x130
[ 153.230843][ T5874] cleanup_mnt+0x425/0x4c0
[ 153.230856][ T5874] ? _raw_spin_unlock_irq+0x23/0x50
[ 153.230927][ T5874] task_work_run+0x1d4/0x260
[ 153.230945][ T5874] ? __pfx_task_work_run+0x10/0x10
[ 153.230959][ T5874] ? kmem_cache_free+0x197/0x620
[ 153.230973][ T5874] ? do_exit+0x68f/0x22f0
[ 153.230990][ T5874] do_exit+0x694/0x22f0
[ 153.231005][ T5874] ? try_to_wake_up+0x7f5/0x12b0
[ 153.231019][ T5874] ? __pfx_do_exit+0x10/0x10
[ 153.231042][ T5874] do_group_exit+0x21c/0x2d0
[ 153.231054][ T5874] ? _raw_spin_unlock_irq+0x23/0x50
[ 153.231071][ T5874] get_signal+0x1285/0x1340
[ 153.231093][ T5874] arch_do_signal_or_restart+0x9a/0x7a0
[ 153.231109][ T5874] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 153.231128][ T5874] ? __pfx___se_sys_futex+0x10/0x10
[ 153.231144][ T5874] exit_to_user_mode_loop+0x87/0x4e0
[ 153.231155][ T5874] ? rcu_is_watching+0x15/0xb0
[ 153.231169][ T5874] do_syscall_64+0x2c1/0xf80
[ 153.231180][ T5874] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 153.231187][ T5874] ? trace_irq_disable+0x37/0x100
[ 153.231196][ T5874] ? clear_bhb_loop+0x60/0xb0
[ 153.231204][ T5874] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 153.231210][ T5874] RIP: 0033:0x7f632538f7c9
[ 153.231217][ T5874] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 153.231220][ T5874] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 153.231228][ T5874] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 153.231233][ T5874] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 153.231237][ T5874] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 153.231241][ T5874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 153.231245][ T5874] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 153.231256][ T5874]
[ 153.342490][ T5874] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 153.345310][ T5874] CPU: 0 UID: 0 PID: 5874 Comm: syz.0.18 Not tainted syzkaller #0 PREEMPT(full)
[ 153.345327][ T5874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 153.345333][ T5874] Call Trace:
[ 153.345340][ T5874]
[ 153.345346][ T5874] dump_stack_lvl+0xe8/0x150
[ 153.345360][ T5874] f2fs_handle_critical_error+0x37c/0x540
[ 153.345374][ T5874] f2fs_write_end_io+0x886/0xb60
[ 153.345388][ T5874] __submit_merged_bio+0x256/0x660
[ 153.345401][ T5874] __submit_merged_write_cond+0x471/0x530
[ 153.345413][ T5874] f2fs_sync_node_pages+0x1479/0x15e0
[ 153.345429][ T5874] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 153.345453][ T5874] f2fs_write_checkpoint+0xdd5/0x2430
[ 153.345479][ T5874] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 153.345524][ T5874] kill_f2fs_super+0x2d2/0x6c0
[ 153.345539][ T5874] ? __pfx_kill_f2fs_super+0x10/0x10
[ 153.345563][ T5874] deactivate_locked_super+0xbc/0x130
[ 153.345579][ T5874] cleanup_mnt+0x425/0x4c0
[ 153.345592][ T5874] ? _raw_spin_unlock_irq+0x23/0x50
[ 153.345610][ T5874] task_work_run+0x1d4/0x260
[ 153.345622][ T5874] ? __pfx_task_work_run+0x10/0x10
[ 153.345635][ T5874] ? kmem_cache_free+0x197/0x620
[ 153.345649][ T5874] ? do_exit+0x68f/0x22f0
[ 153.345665][ T5874] do_exit+0x694/0x22f0
[ 153.345680][ T5874] ? try_to_wake_up+0x7f5/0x12b0
[ 153.345696][ T5874] ? __pfx_do_exit+0x10/0x10
[ 153.345718][ T5874] do_group_exit+0x21c/0x2d0
[ 153.345731][ T5874] ? _raw_spin_unlock_irq+0x23/0x50
[ 153.345747][ T5874] get_signal+0x1285/0x1340
[ 153.345772][ T5874] arch_do_signal_or_restart+0x9a/0x7a0
[ 153.345790][ T5874] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 153.345805][ T5874] ? __pfx___se_sys_futex+0x10/0x10
[ 153.345819][ T5874] exit_to_user_mode_loop+0x87/0x4e0
[ 153.345831][ T5874] ? rcu_is_watching+0x15/0xb0
[ 153.345845][ T5874] do_syscall_64+0x2c1/0xf80
[ 153.345855][ T5874] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 153.345865][ T5874] ? trace_irq_disable+0x37/0x100
[ 153.345886][ T5874] ? clear_bhb_loop+0x60/0xb0
[ 153.345917][ T5874] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 153.345932][ T5874] RIP: 0033:0x7f632538f7c9
[ 153.345942][ T5874] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 153.345946][ T5874] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 153.345959][ T5874] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 153.345967][ T5874] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 153.345973][ T5874] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 153.345979][ T5874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 153.345985][ T5874] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 153.346004][ T5874]
[ 153.346008][ T5874] F2FS-fs (loop0): Stopped filesystem due to reason: 3
2026/01/07 06:58:40 executed programs: 4
[ 153.891156][ T5884] loop0: detected capacity change from 0 to 40427
[ 153.905777][ T5884] F2FS-fs (loop0): Image doesn't support compression
[ 153.913888][ T5884] F2FS-fs (loop0): invalid crc value
[ 153.997252][ T5884] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 154.002436][ T5884] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 154.008233][ T26] audit: type=1800 audit(1767769120.553:4): pid=5884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.19" name="file1" dev="loop0" ino=10 res=0 errno=0
[ 154.017349][ T5884] F2FS-fs (loop0): inconsistent node block, node_type:1, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0]
[ 154.024565][ T5884] syz.0.19: attempt to access beyond end of device
[ 154.024565][ T5884] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 154.030130][ T5884] CPU: 0 UID: 0 PID: 5884 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT(full)
[ 154.030145][ T5884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 154.030150][ T5884] Call Trace:
[ 154.030155][ T5884]
[ 154.030160][ T5884] dump_stack_lvl+0xe8/0x150
[ 154.030209][ T5884] f2fs_handle_critical_error+0x37c/0x540
[ 154.030236][ T5884] f2fs_write_end_io+0x886/0xb60
[ 154.030258][ T5884] __submit_merged_bio+0x256/0x660
[ 154.030277][ T5884] __submit_merged_write_cond+0x471/0x530
[ 154.030296][ T5884] f2fs_sync_node_pages+0x1479/0x15e0
[ 154.030322][ T5884] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 154.030359][ T5884] f2fs_write_checkpoint+0xdd5/0x2430
[ 154.030388][ T5884] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 154.030433][ T5884] kill_f2fs_super+0x2d2/0x6c0
[ 154.030449][ T5884] ? __pfx_kill_f2fs_super+0x10/0x10
[ 154.030474][ T5884] deactivate_locked_super+0xbc/0x130
[ 154.030488][ T5884] cleanup_mnt+0x425/0x4c0
[ 154.030501][ T5884] ? _raw_spin_unlock_irq+0x23/0x50
[ 154.030525][ T5884] task_work_run+0x1d4/0x260
[ 154.030543][ T5884] ? __pfx_task_work_run+0x10/0x10
[ 154.030556][ T5884] ? kmem_cache_free+0x197/0x620
[ 154.030570][ T5884] ? do_exit+0x68f/0x22f0
[ 154.030594][ T5884] do_exit+0x694/0x22f0
[ 154.030608][ T5884] ? try_to_wake_up+0x7f5/0x12b0
[ 154.030624][ T5884] ? __pfx_do_exit+0x10/0x10
[ 154.030647][ T5884] do_group_exit+0x21c/0x2d0
[ 154.030659][ T5884] ? _raw_spin_unlock_irq+0x23/0x50
[ 154.030674][ T5884] get_signal+0x1285/0x1340
[ 154.030697][ T5884] arch_do_signal_or_restart+0x9a/0x7a0
[ 154.030715][ T5884] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 154.030736][ T5884] ? __pfx___se_sys_futex+0x10/0x10
[ 154.030750][ T5884] exit_to_user_mode_loop+0x87/0x4e0
[ 154.030758][ T5884] ? rcu_is_watching+0x15/0xb0
[ 154.030767][ T5884] do_syscall_64+0x2c1/0xf80
[ 154.030774][ T5884] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.030780][ T5884] ? trace_irq_disable+0x37/0x100
[ 154.030789][ T5884] ? clear_bhb_loop+0x60/0xb0
[ 154.030797][ T5884] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.030803][ T5884] RIP: 0033:0x7f632538f7c9
[ 154.030810][ T5884] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 154.030814][ T5884] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 154.030822][ T5884] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 154.030827][ T5884] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 154.030831][ T5884] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 154.030836][ T5884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 154.030841][ T5884] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 154.030852][ T5884]
[ 154.030855][ T5884] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 154.147572][ T5884] CPU: 0 UID: 0 PID: 5884 Comm: syz.0.19 Not tainted syzkaller #0 PREEMPT(full)
[ 154.147591][ T5884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 154.147598][ T5884] Call Trace:
[ 154.147605][ T5884]
[ 154.147610][ T5884] dump_stack_lvl+0xe8/0x150
[ 154.147631][ T5884] f2fs_handle_critical_error+0x37c/0x540
[ 154.147654][ T5884] f2fs_write_end_io+0x886/0xb60
[ 154.147674][ T5884] __submit_merged_bio+0x256/0x660
[ 154.147692][ T5884] __submit_merged_write_cond+0x471/0x530
[ 154.147710][ T5884] f2fs_sync_node_pages+0x1479/0x15e0
[ 154.147739][ T5884] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 154.147779][ T5884] f2fs_write_checkpoint+0xdd5/0x2430
[ 154.147809][ T5884] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 154.147852][ T5884] kill_f2fs_super+0x2d2/0x6c0
[ 154.147868][ T5884] ? __pfx_kill_f2fs_super+0x10/0x10
[ 154.147893][ T5884] deactivate_locked_super+0xbc/0x130
[ 154.147910][ T5884] cleanup_mnt+0x425/0x4c0
[ 154.147922][ T5884] ? _raw_spin_unlock_irq+0x23/0x50
[ 154.147938][ T5884] task_work_run+0x1d4/0x260
[ 154.147956][ T5884] ? __pfx_task_work_run+0x10/0x10
[ 154.147969][ T5884] ? kmem_cache_free+0x197/0x620
[ 154.147985][ T5884] ? do_exit+0x68f/0x22f0
[ 154.148001][ T5884] do_exit+0x694/0x22f0
[ 154.148017][ T5884] ? try_to_wake_up+0x7f5/0x12b0
[ 154.148032][ T5884] ? __pfx_do_exit+0x10/0x10
[ 154.148056][ T5884] do_group_exit+0x21c/0x2d0
[ 154.148069][ T5884] ? _raw_spin_unlock_irq+0x23/0x50
[ 154.148085][ T5884] get_signal+0x1285/0x1340
[ 154.148109][ T5884] arch_do_signal_or_restart+0x9a/0x7a0
[ 154.148127][ T5884] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 154.148148][ T5884] ? __pfx___se_sys_futex+0x10/0x10
[ 154.148164][ T5884] exit_to_user_mode_loop+0x87/0x4e0
[ 154.148176][ T5884] ? rcu_is_watching+0x15/0xb0
[ 154.148189][ T5884] do_syscall_64+0x2c1/0xf80
[ 154.148201][ T5884] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.148210][ T5884] ? trace_irq_disable+0x37/0x100
[ 154.148222][ T5884] ? clear_bhb_loop+0x60/0xb0
[ 154.148236][ T5884] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.148245][ T5884] RIP: 0033:0x7f632538f7c9
[ 154.148256][ T5884] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 154.148262][ T5884] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 154.148274][ T5884] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 154.148281][ T5884] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 154.148288][ T5884] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 154.148294][ T5884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 154.148300][ T5884] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 154.148318][ T5884]
[ 154.148323][ T5884] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 154.638361][ T5889] loop0: detected capacity change from 0 to 40427
[ 154.656449][ T5889] F2FS-fs (loop0): Image doesn't support compression
[ 154.665960][ T5889] F2FS-fs (loop0): invalid crc value
[ 154.737037][ T5889] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 154.742636][ T5889] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 154.747829][ T26] audit: type=1800 audit(1767769121.293:5): pid=5889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.20" name="file1" dev="loop0" ino=10 res=0 errno=0
[ 154.757108][ T5889] F2FS-fs (loop0): inconsistent node block, node_type:1, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0]
[ 154.764126][ T5889] syz.0.20: attempt to access beyond end of device
[ 154.764126][ T5889] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 154.769485][ T5889] CPU: 0 UID: 0 PID: 5889 Comm: syz.0.20 Not tainted syzkaller #0 PREEMPT(full)
[ 154.769498][ T5889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 154.769504][ T5889] Call Trace:
[ 154.769509][ T5889]
[ 154.769513][ T5889] dump_stack_lvl+0xe8/0x150
[ 154.769559][ T5889] f2fs_handle_critical_error+0x37c/0x540
[ 154.769584][ T5889] f2fs_write_end_io+0x886/0xb60
[ 154.769605][ T5889] __submit_merged_bio+0x256/0x660
[ 154.769630][ T5889] __submit_merged_write_cond+0x471/0x530
[ 154.769650][ T5889] f2fs_sync_node_pages+0x1479/0x15e0
[ 154.769671][ T5889] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 154.769696][ T5889] f2fs_write_checkpoint+0xdd5/0x2430
[ 154.769714][ T5889] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 154.769755][ T5889] kill_f2fs_super+0x2d2/0x6c0
[ 154.769771][ T5889] ? __pfx_kill_f2fs_super+0x10/0x10
[ 154.769797][ T5889] deactivate_locked_super+0xbc/0x130
[ 154.769809][ T5889] cleanup_mnt+0x425/0x4c0
[ 154.769818][ T5889] ? _raw_spin_unlock_irq+0x23/0x50
[ 154.769840][ T5889] task_work_run+0x1d4/0x260
[ 154.769856][ T5889] ? __pfx_task_work_run+0x10/0x10
[ 154.769870][ T5889] ? kmem_cache_free+0x197/0x620
[ 154.769883][ T5889] ? do_exit+0x68f/0x22f0
[ 154.769900][ T5889] do_exit+0x694/0x22f0
[ 154.769914][ T5889] ? try_to_wake_up+0x7f5/0x12b0
[ 154.769929][ T5889] ? __pfx_do_exit+0x10/0x10
[ 154.769952][ T5889] do_group_exit+0x21c/0x2d0
[ 154.769964][ T5889] ? _raw_spin_unlock_irq+0x23/0x50
[ 154.769981][ T5889] get_signal+0x1285/0x1340
[ 154.770004][ T5889] arch_do_signal_or_restart+0x9a/0x7a0
[ 154.770015][ T5889] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 154.770033][ T5889] ? __pfx___se_sys_futex+0x10/0x10
[ 154.770049][ T5889] exit_to_user_mode_loop+0x87/0x4e0
[ 154.770060][ T5889] ? rcu_is_watching+0x15/0xb0
[ 154.770074][ T5889] do_syscall_64+0x2c1/0xf80
[ 154.770084][ T5889] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.770093][ T5889] ? trace_irq_disable+0x37/0x100
[ 154.770106][ T5889] ? clear_bhb_loop+0x60/0xb0
[ 154.770115][ T5889] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.770121][ T5889] RIP: 0033:0x7f632538f7c9
[ 154.770128][ T5889] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 154.770132][ T5889] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 154.770140][ T5889] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 154.770146][ T5889] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 154.770152][ T5889] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 154.770157][ T5889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 154.770162][ T5889] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 154.770179][ T5889]
[ 154.770183][ T5889] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 154.882196][ T5889] CPU: 0 UID: 0 PID: 5889 Comm: syz.0.20 Not tainted syzkaller #0 PREEMPT(full)
[ 154.882211][ T5889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 154.882217][ T5889] Call Trace:
[ 154.882224][ T5889]
[ 154.882229][ T5889] dump_stack_lvl+0xe8/0x150
[ 154.882242][ T5889] f2fs_handle_critical_error+0x37c/0x540
[ 154.882256][ T5889] f2fs_write_end_io+0x886/0xb60
[ 154.882270][ T5889] __submit_merged_bio+0x256/0x660
[ 154.882285][ T5889] __submit_merged_write_cond+0x471/0x530
[ 154.882304][ T5889] f2fs_sync_node_pages+0x1479/0x15e0
[ 154.882329][ T5889] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 154.882370][ T5889] f2fs_write_checkpoint+0xdd5/0x2430
[ 154.882391][ T5889] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 154.882433][ T5889] kill_f2fs_super+0x2d2/0x6c0
[ 154.882449][ T5889] ? __pfx_kill_f2fs_super+0x10/0x10
[ 154.882473][ T5889] deactivate_locked_super+0xbc/0x130
[ 154.882488][ T5889] cleanup_mnt+0x425/0x4c0
[ 154.882501][ T5889] ? _raw_spin_unlock_irq+0x23/0x50
[ 154.882518][ T5889] task_work_run+0x1d4/0x260
[ 154.882535][ T5889] ? __pfx_task_work_run+0x10/0x10
[ 154.882549][ T5889] ? kmem_cache_free+0x197/0x620
[ 154.882578][ T5889] ? do_exit+0x68f/0x22f0
[ 154.882591][ T5889] do_exit+0x694/0x22f0
[ 154.882601][ T5889] ? try_to_wake_up+0x7f5/0x12b0
[ 154.882611][ T5889] ? __pfx_do_exit+0x10/0x10
[ 154.882625][ T5889] do_group_exit+0x21c/0x2d0
[ 154.882634][ T5889] ? _raw_spin_unlock_irq+0x23/0x50
[ 154.882644][ T5889] get_signal+0x1285/0x1340
[ 154.882659][ T5889] arch_do_signal_or_restart+0x9a/0x7a0
[ 154.882670][ T5889] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 154.882682][ T5889] ? __pfx___se_sys_futex+0x10/0x10
[ 154.882693][ T5889] exit_to_user_mode_loop+0x87/0x4e0
[ 154.882700][ T5889] ? rcu_is_watching+0x15/0xb0
[ 154.882709][ T5889] do_syscall_64+0x2c1/0xf80
[ 154.882716][ T5889] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.882722][ T5889] ? trace_irq_disable+0x37/0x100
[ 154.882730][ T5889] ? clear_bhb_loop+0x60/0xb0
[ 154.882738][ T5889] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 154.882745][ T5889] RIP: 0033:0x7f632538f7c9
[ 154.882756][ T5889] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 154.882760][ T5889] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 154.882772][ T5889] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 154.882779][ T5889] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 154.882785][ T5889] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 154.882790][ T5889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 154.882794][ T5889] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 154.882805][ T5889]
[ 154.882808][ T5889] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 154.994400][ T4682] Bluetooth: hci0: command tx timeout
[ 155.356779][ T5894] loop0: detected capacity change from 0 to 40427
[ 155.369869][ T5894] F2FS-fs (loop0): Image doesn't support compression
[ 155.380111][ T5894] F2FS-fs (loop0): invalid crc value
[ 155.458983][ T5894] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 155.466815][ T5894] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 155.472393][ T26] audit: type=1800 audit(1767769122.023:6): pid=5894 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.21" name="file1" dev="loop0" ino=10 res=0 errno=0
[ 155.481768][ T5894] F2FS-fs (loop0): inconsistent node block, node_type:1, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0]
[ 155.492227][ T5894] syz.0.21: attempt to access beyond end of device
[ 155.492227][ T5894] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 155.497923][ T5894] CPU: 0 UID: 0 PID: 5894 Comm: syz.0.21 Not tainted syzkaller #0 PREEMPT(full)
[ 155.497939][ T5894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 155.497946][ T5894] Call Trace:
[ 155.497951][ T5894]
[ 155.497956][ T5894] dump_stack_lvl+0xe8/0x150
[ 155.497973][ T5894] f2fs_handle_critical_error+0x37c/0x540
[ 155.497993][ T5894] f2fs_write_end_io+0x886/0xb60
[ 155.498008][ T5894] __submit_merged_bio+0x256/0x660
[ 155.498020][ T5894] __submit_merged_write_cond+0x471/0x530
[ 155.498037][ T5894] f2fs_sync_node_pages+0x1479/0x15e0
[ 155.498064][ T5894] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 155.498106][ T5894] f2fs_write_checkpoint+0xdd5/0x2430
[ 155.498133][ T5894] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 155.498173][ T5894] kill_f2fs_super+0x2d2/0x6c0
[ 155.498189][ T5894] ? __pfx_kill_f2fs_super+0x10/0x10
[ 155.498213][ T5894] deactivate_locked_super+0xbc/0x130
[ 155.498228][ T5894] cleanup_mnt+0x425/0x4c0
[ 155.498240][ T5894] ? _raw_spin_unlock_irq+0x23/0x50
[ 155.498257][ T5894] task_work_run+0x1d4/0x260
[ 155.498272][ T5894] ? __pfx_task_work_run+0x10/0x10
[ 155.498286][ T5894] ? kmem_cache_free+0x197/0x620
[ 155.498300][ T5894] ? do_exit+0x68f/0x22f0
[ 155.498318][ T5894] do_exit+0x694/0x22f0
[ 155.498332][ T5894] ? try_to_wake_up+0x7f5/0x12b0
[ 155.498346][ T5894] ? __pfx_do_exit+0x10/0x10
[ 155.498367][ T5894] do_group_exit+0x21c/0x2d0
[ 155.498379][ T5894] ? _raw_spin_unlock_irq+0x23/0x50
[ 155.498394][ T5894] get_signal+0x1285/0x1340
[ 155.498416][ T5894] arch_do_signal_or_restart+0x9a/0x7a0
[ 155.498434][ T5894] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 155.498454][ T5894] ? __pfx___se_sys_futex+0x10/0x10
[ 155.498470][ T5894] exit_to_user_mode_loop+0x87/0x4e0
[ 155.498481][ T5894] ? rcu_is_watching+0x15/0xb0
[ 155.498495][ T5894] do_syscall_64+0x2c1/0xf80
[ 155.498505][ T5894] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 155.498514][ T5894] ? trace_irq_disable+0x37/0x100
[ 155.498526][ T5894] ? clear_bhb_loop+0x60/0xb0
[ 155.498539][ T5894] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 155.498547][ T5894] RIP: 0033:0x7f632538f7c9
[ 155.498554][ T5894] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 155.498557][ T5894] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 155.498567][ T5894] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 155.498572][ T5894] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 155.498579][ T5894] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 155.498584][ T5894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 155.498589][ T5894] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 155.498606][ T5894]
[ 155.498611][ T5894] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 155.618683][ T5894] CPU: 0 UID: 0 PID: 5894 Comm: syz.0.21 Not tainted syzkaller #0 PREEMPT(full)
[ 155.618700][ T5894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 155.618706][ T5894] Call Trace:
[ 155.618713][ T5894]
[ 155.618719][ T5894] dump_stack_lvl+0xe8/0x150
[ 155.618737][ T5894] f2fs_handle_critical_error+0x37c/0x540
[ 155.618760][ T5894] f2fs_write_end_io+0x886/0xb60
[ 155.618782][ T5894] __submit_merged_bio+0x256/0x660
[ 155.618802][ T5894] __submit_merged_write_cond+0x471/0x530
[ 155.618821][ T5894] f2fs_sync_node_pages+0x1479/0x15e0
[ 155.618849][ T5894] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 155.618889][ T5894] f2fs_write_checkpoint+0xdd5/0x2430
[ 155.618918][ T5894] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 155.618959][ T5894] kill_f2fs_super+0x2d2/0x6c0
[ 155.618975][ T5894] ? __pfx_kill_f2fs_super+0x10/0x10
[ 155.618999][ T5894] deactivate_locked_super+0xbc/0x130
[ 155.619014][ T5894] cleanup_mnt+0x425/0x4c0
[ 155.619029][ T5894] ? _raw_spin_unlock_irq+0x23/0x50
[ 155.619047][ T5894] task_work_run+0x1d4/0x260
[ 155.619064][ T5894] ? __pfx_task_work_run+0x10/0x10
[ 155.619078][ T5894] ? kmem_cache_free+0x197/0x620
[ 155.619091][ T5894] ? do_exit+0x68f/0x22f0
[ 155.619109][ T5894] do_exit+0x694/0x22f0
[ 155.619123][ T5894] ? try_to_wake_up+0x7f5/0x12b0
[ 155.619139][ T5894] ? __pfx_do_exit+0x10/0x10
[ 155.619162][ T5894] do_group_exit+0x21c/0x2d0
[ 155.619174][ T5894] ? _raw_spin_unlock_irq+0x23/0x50
[ 155.619190][ T5894] get_signal+0x1285/0x1340
[ 155.619214][ T5894] arch_do_signal_or_restart+0x9a/0x7a0
[ 155.619230][ T5894] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 155.619248][ T5894] ? __pfx___se_sys_futex+0x10/0x10
[ 155.619265][ T5894] exit_to_user_mode_loop+0x87/0x4e0
[ 155.619277][ T5894] ? rcu_is_watching+0x15/0xb0
[ 155.619293][ T5894] do_syscall_64+0x2c1/0xf80
[ 155.619303][ T5894] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 155.619312][ T5894] ? trace_irq_disable+0x37/0x100
[ 155.619324][ T5894] ? clear_bhb_loop+0x60/0xb0
[ 155.619338][ T5894] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 155.619348][ T5894] RIP: 0033:0x7f632538f7c9
[ 155.619358][ T5894] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 155.619363][ T5894] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 155.619374][ T5894] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 155.619381][ T5894] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 155.619387][ T5894] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 155.619393][ T5894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 155.619398][ T5894] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 155.619423][ T5894]
[ 155.619428][ T5894] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 156.118269][ T5899] loop0: detected capacity change from 0 to 40427
[ 156.137485][ T5899] F2FS-fs (loop0): Image doesn't support compression
[ 156.149247][ T5899] F2FS-fs (loop0): invalid crc value
[ 156.218135][ T5899] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 156.223820][ T5899] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 156.228413][ T26] audit: type=1800 audit(1767769122.773:7): pid=5899 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.22" name="file1" dev="loop0" ino=10 res=0 errno=0
[ 156.237382][ T5899] F2FS-fs (loop0): inconsistent node block, node_type:1, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0]
[ 156.245809][ T5899] syz.0.22: attempt to access beyond end of device
[ 156.245809][ T5899] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 156.251825][ T5899] CPU: 0 UID: 0 PID: 5899 Comm: syz.0.22 Not tainted syzkaller #0 PREEMPT(full)
[ 156.251843][ T5899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 156.251849][ T5899] Call Trace:
[ 156.251854][ T5899]
[ 156.251859][ T5899] dump_stack_lvl+0xe8/0x150
[ 156.251879][ T5899] f2fs_handle_critical_error+0x37c/0x540
[ 156.251900][ T5899] f2fs_write_end_io+0x886/0xb60
[ 156.251922][ T5899] __submit_merged_bio+0x256/0x660
[ 156.251942][ T5899] __submit_merged_write_cond+0x471/0x530
[ 156.251960][ T5899] f2fs_sync_node_pages+0x1479/0x15e0
[ 156.251985][ T5899] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 156.252026][ T5899] f2fs_write_checkpoint+0xdd5/0x2430
[ 156.252056][ T5899] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 156.252099][ T5899] kill_f2fs_super+0x2d2/0x6c0
[ 156.252116][ T5899] ? __pfx_kill_f2fs_super+0x10/0x10
[ 156.252141][ T5899] deactivate_locked_super+0xbc/0x130
[ 156.252155][ T5899] cleanup_mnt+0x425/0x4c0
[ 156.252168][ T5899] ? _raw_spin_unlock_irq+0x23/0x50
[ 156.252189][ T5899] task_work_run+0x1d4/0x260
[ 156.252204][ T5899] ? __pfx_task_work_run+0x10/0x10
[ 156.252217][ T5899] ? kmem_cache_free+0x197/0x620
[ 156.252231][ T5899] ? do_exit+0x68f/0x22f0
[ 156.252246][ T5899] do_exit+0x694/0x22f0
[ 156.252259][ T5899] ? try_to_wake_up+0x7f5/0x12b0
[ 156.252273][ T5899] ? __pfx_do_exit+0x10/0x10
[ 156.252294][ T5899] do_group_exit+0x21c/0x2d0
[ 156.252306][ T5899] ? _raw_spin_unlock_irq+0x23/0x50
[ 156.252320][ T5899] get_signal+0x1285/0x1340
[ 156.252342][ T5899] arch_do_signal_or_restart+0x9a/0x7a0
[ 156.252358][ T5899] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 156.252376][ T5899] ? __pfx___se_sys_futex+0x10/0x10
[ 156.252392][ T5899] exit_to_user_mode_loop+0x87/0x4e0
[ 156.252403][ T5899] ? rcu_is_watching+0x15/0xb0
[ 156.252417][ T5899] do_syscall_64+0x2c1/0xf80
[ 156.252428][ T5899] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 156.252437][ T5899] ? trace_irq_disable+0x37/0x100
[ 156.252449][ T5899] ? clear_bhb_loop+0x60/0xb0
[ 156.252461][ T5899] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 156.252471][ T5899] RIP: 0033:0x7f632538f7c9
[ 156.252481][ T5899] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 156.252486][ T5899] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 156.252497][ T5899] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 156.252505][ T5899] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 156.252511][ T5899] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 156.252517][ T5899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 156.252522][ T5899] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 156.252540][ T5899]
[ 156.252544][ T5899] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 156.371733][ T5899] CPU: 0 UID: 0 PID: 5899 Comm: syz.0.22 Not tainted syzkaller #0 PREEMPT(full)
[ 156.371748][ T5899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 156.371755][ T5899] Call Trace:
[ 156.371762][ T5899]
[ 156.371768][ T5899] dump_stack_lvl+0xe8/0x150
[ 156.371787][ T5899] f2fs_handle_critical_error+0x37c/0x540
[ 156.371805][ T5899] f2fs_write_end_io+0x886/0xb60
[ 156.371824][ T5899] __submit_merged_bio+0x256/0x660
[ 156.371841][ T5899] __submit_merged_write_cond+0x471/0x530
[ 156.371857][ T5899] f2fs_sync_node_pages+0x1479/0x15e0
[ 156.371886][ T5899] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 156.371928][ T5899] f2fs_write_checkpoint+0xdd5/0x2430
[ 156.371958][ T5899] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 156.372001][ T5899] kill_f2fs_super+0x2d2/0x6c0
[ 156.372019][ T5899] ? __pfx_kill_f2fs_super+0x10/0x10
[ 156.372045][ T5899] deactivate_locked_super+0xbc/0x130
[ 156.372061][ T5899] cleanup_mnt+0x425/0x4c0
[ 156.372074][ T5899] ? _raw_spin_unlock_irq+0x23/0x50
[ 156.372091][ T5899] task_work_run+0x1d4/0x260
[ 156.372105][ T5899] ? __pfx_task_work_run+0x10/0x10
[ 156.372119][ T5899] ? kmem_cache_free+0x197/0x620
[ 156.372132][ T5899] ? do_exit+0x68f/0x22f0
[ 156.372149][ T5899] do_exit+0x694/0x22f0
[ 156.372164][ T5899] ? try_to_wake_up+0x7f5/0x12b0
[ 156.372181][ T5899] ? __pfx_do_exit+0x10/0x10
[ 156.372205][ T5899] do_group_exit+0x21c/0x2d0
[ 156.372218][ T5899] ? _raw_spin_unlock_irq+0x23/0x50
[ 156.372233][ T5899] get_signal+0x1285/0x1340
[ 156.372255][ T5899] arch_do_signal_or_restart+0x9a/0x7a0
[ 156.372272][ T5899] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 156.372290][ T5899] ? __pfx___se_sys_futex+0x10/0x10
[ 156.372306][ T5899] exit_to_user_mode_loop+0x87/0x4e0
[ 156.372318][ T5899] ? rcu_is_watching+0x15/0xb0
[ 156.372332][ T5899] do_syscall_64+0x2c1/0xf80
[ 156.372342][ T5899] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 156.372351][ T5899] ? trace_irq_disable+0x37/0x100
[ 156.372363][ T5899] ? clear_bhb_loop+0x60/0xb0
[ 156.372377][ T5899] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 156.372387][ T5899] RIP: 0033:0x7f632538f7c9
[ 156.372397][ T5899] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 156.372402][ T5899] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 156.372414][ T5899] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 156.372421][ T5899] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 156.372426][ T5899] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 156.372432][ T5899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 156.372437][ T5899] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 156.372455][ T5899]
[ 156.372460][ T5899] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 156.855636][ T5904] loop0: detected capacity change from 0 to 40427
[ 156.867016][ T5904] F2FS-fs (loop0): Image doesn't support compression
[ 156.879048][ T5904] F2FS-fs (loop0): invalid crc value
[ 156.949364][ T5904] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 156.954370][ T5904] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 156.959154][ T26] audit: type=1800 audit(1767769123.503:8): pid=5904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.23" name="file1" dev="loop0" ino=10 res=0 errno=0
[ 156.968061][ T5904] F2FS-fs (loop0): inconsistent node block, node_type:1, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0]
[ 156.977402][ T5904] syz.0.23: attempt to access beyond end of device
[ 156.977402][ T5904] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 156.983273][ T5904] CPU: 0 UID: 0 PID: 5904 Comm: syz.0.23 Not tainted syzkaller #0 PREEMPT(full)
[ 156.983292][ T5904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 156.983299][ T5904] Call Trace:
[ 156.983305][ T5904]
[ 156.983310][ T5904] dump_stack_lvl+0xe8/0x150
[ 156.983331][ T5904] f2fs_handle_critical_error+0x37c/0x540
[ 156.983353][ T5904] f2fs_write_end_io+0x886/0xb60
[ 156.983372][ T5904] __submit_merged_bio+0x256/0x660
[ 156.983391][ T5904] __submit_merged_write_cond+0x471/0x530
[ 156.983411][ T5904] f2fs_sync_node_pages+0x1479/0x15e0
[ 156.983438][ T5904] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 156.983478][ T5904] f2fs_write_checkpoint+0xdd5/0x2430
[ 156.983507][ T5904] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 156.983555][ T5904] kill_f2fs_super+0x2d2/0x6c0
[ 156.983572][ T5904] ? __pfx_kill_f2fs_super+0x10/0x10
[ 156.983599][ T5904] deactivate_locked_super+0xbc/0x130
[ 156.983614][ T5904] cleanup_mnt+0x425/0x4c0
[ 156.983626][ T5904] ? _raw_spin_unlock_irq+0x23/0x50
[ 156.983643][ T5904] task_work_run+0x1d4/0x260
[ 156.983659][ T5904] ? __pfx_task_work_run+0x10/0x10
[ 156.983672][ T5904] ? kmem_cache_free+0x197/0x620
[ 156.983688][ T5904] ? do_exit+0x68f/0x22f0
[ 156.983706][ T5904] do_exit+0x694/0x22f0
[ 156.983722][ T5904] ? try_to_wake_up+0x7f5/0x12b0
[ 156.983740][ T5904] ? __pfx_do_exit+0x10/0x10
[ 156.983765][ T5904] do_group_exit+0x21c/0x2d0
[ 156.983778][ T5904] ? _raw_spin_unlock_irq+0x23/0x50
[ 156.983793][ T5904] get_signal+0x1285/0x1340
[ 156.983817][ T5904] arch_do_signal_or_restart+0x9a/0x7a0
[ 156.983835][ T5904] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 156.983862][ T5904] ? __pfx___se_sys_futex+0x10/0x10
[ 156.983880][ T5904] exit_to_user_mode_loop+0x87/0x4e0
[ 156.983892][ T5904] ? rcu_is_watching+0x15/0xb0
[ 156.983907][ T5904] do_syscall_64+0x2c1/0xf80
[ 156.983917][ T5904] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 156.983928][ T5904] ? trace_irq_disable+0x37/0x100
[ 156.983943][ T5904] ? clear_bhb_loop+0x60/0xb0
[ 156.983958][ T5904] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 156.983968][ T5904] RIP: 0033:0x7f632538f7c9
[ 156.983978][ T5904] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 156.983984][ T5904] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 156.983997][ T5904] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 156.984005][ T5904] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 156.984012][ T5904] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 156.984019][ T5904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 156.984025][ T5904] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 156.984045][ T5904]
[ 156.984050][ T5904] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 157.102350][ T5904] CPU: 0 UID: 0 PID: 5904 Comm: syz.0.23 Not tainted syzkaller #0 PREEMPT(full)
[ 157.102374][ T5904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 157.102381][ T5904] Call Trace:
[ 157.102387][ T5904]
[ 157.102392][ T5904] dump_stack_lvl+0xe8/0x150
[ 157.102433][ T5904] f2fs_handle_critical_error+0x37c/0x540
[ 157.102463][ T5904] f2fs_write_end_io+0x886/0xb60
[ 157.102487][ T5904] __submit_merged_bio+0x256/0x660
[ 157.102509][ T5904] __submit_merged_write_cond+0x471/0x530
[ 157.102530][ T5904] f2fs_sync_node_pages+0x1479/0x15e0
[ 157.102573][ T5904] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 157.102617][ T5904] f2fs_write_checkpoint+0xdd5/0x2430
[ 157.102652][ T5904] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 157.102700][ T5904] kill_f2fs_super+0x2d2/0x6c0
[ 157.102717][ T5904] ? __pfx_kill_f2fs_super+0x10/0x10
[ 157.102743][ T5904] deactivate_locked_super+0xbc/0x130
[ 157.102760][ T5904] cleanup_mnt+0x425/0x4c0
[ 157.102774][ T5904] ? _raw_spin_unlock_irq+0x23/0x50
[ 157.102800][ T5904] task_work_run+0x1d4/0x260
[ 157.102819][ T5904] ? __pfx_task_work_run+0x10/0x10
[ 157.102834][ T5904] ? kmem_cache_free+0x197/0x620
[ 157.102855][ T5904] ? do_exit+0x68f/0x22f0
[ 157.102883][ T5904] do_exit+0x694/0x22f0
[ 157.102898][ T5904] ? try_to_wake_up+0x7f5/0x12b0
[ 157.102916][ T5904] ? __pfx_do_exit+0x10/0x10
[ 157.102940][ T5904] do_group_exit+0x21c/0x2d0
[ 157.102954][ T5904] ? _raw_spin_unlock_irq+0x23/0x50
[ 157.102972][ T5904] get_signal+0x1285/0x1340
[ 157.102996][ T5904] arch_do_signal_or_restart+0x9a/0x7a0
[ 157.103015][ T5904] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 157.103037][ T5904] ? __pfx___se_sys_futex+0x10/0x10
[ 157.103055][ T5904] exit_to_user_mode_loop+0x87/0x4e0
[ 157.103067][ T5904] ? rcu_is_watching+0x15/0xb0
[ 157.103084][ T5904] do_syscall_64+0x2c1/0xf80
[ 157.103095][ T5904] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 157.103106][ T5904] ? trace_irq_disable+0x37/0x100
[ 157.103119][ T5904] ? clear_bhb_loop+0x60/0xb0
[ 157.103132][ T5904] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 157.103142][ T5904] RIP: 0033:0x7f632538f7c9
[ 157.103152][ T5904] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 157.103157][ T5904] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 157.103170][ T5904] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 157.103177][ T5904] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 157.103183][ T5904] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 157.103189][ T5904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 157.103194][ T5904] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 157.103212][ T5904]
[ 157.103216][ T5904] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 157.221716][ T4682] Bluetooth: hci0: command tx timeout
[ 157.623909][ T5909] loop0: detected capacity change from 0 to 40427
[ 157.636483][ T5909] F2FS-fs (loop0): Image doesn't support compression
[ 157.648313][ T5909] F2FS-fs (loop0): invalid crc value
[ 157.723872][ T5909] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 157.729024][ T5909] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 157.734169][ T26] audit: type=1800 audit(1767769124.283:9): pid=5909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.24" name="file1" dev="loop0" ino=10 res=0 errno=0
[ 157.742844][ T5909] F2FS-fs (loop0): inconsistent node block, node_type:1, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0]
[ 157.750610][ T5909] syz.0.24: attempt to access beyond end of device
[ 157.750610][ T5909] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 157.756411][ T5909] CPU: 0 UID: 0 PID: 5909 Comm: syz.0.24 Not tainted syzkaller #0 PREEMPT(full)
[ 157.756427][ T5909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 157.756433][ T5909] Call Trace:
[ 157.756437][ T5909]
[ 157.756442][ T5909] dump_stack_lvl+0xe8/0x150
[ 157.756461][ T5909] f2fs_handle_critical_error+0x37c/0x540
[ 157.756481][ T5909] f2fs_write_end_io+0x886/0xb60
[ 157.756497][ T5909] __submit_merged_bio+0x256/0x660
[ 157.756515][ T5909] __submit_merged_write_cond+0x471/0x530
[ 157.756533][ T5909] f2fs_sync_node_pages+0x1479/0x15e0
[ 157.756557][ T5909] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 157.756606][ T5909] f2fs_write_checkpoint+0xdd5/0x2430
[ 157.756629][ T5909] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 157.756669][ T5909] kill_f2fs_super+0x2d2/0x6c0
[ 157.756686][ T5909] ? __pfx_kill_f2fs_super+0x10/0x10
[ 157.756709][ T5909] deactivate_locked_super+0xbc/0x130
[ 157.756724][ T5909] cleanup_mnt+0x425/0x4c0
[ 157.756737][ T5909] ? _raw_spin_unlock_irq+0x23/0x50
[ 157.756753][ T5909] task_work_run+0x1d4/0x260
[ 157.756770][ T5909] ? __pfx_task_work_run+0x10/0x10
[ 157.756783][ T5909] ? kmem_cache_free+0x197/0x620
[ 157.756797][ T5909] ? do_exit+0x68f/0x22f0
[ 157.756813][ T5909] do_exit+0x694/0x22f0
[ 157.756829][ T5909] ? try_to_wake_up+0x7f5/0x12b0
[ 157.756844][ T5909] ? __pfx_do_exit+0x10/0x10
[ 157.756864][ T5909] do_group_exit+0x21c/0x2d0
[ 157.756877][ T5909] ? _raw_spin_unlock_irq+0x23/0x50
[ 157.756893][ T5909] get_signal+0x1285/0x1340
[ 157.756915][ T5909] arch_do_signal_or_restart+0x9a/0x7a0
[ 157.756932][ T5909] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 157.756949][ T5909] ? __pfx___se_sys_futex+0x10/0x10
[ 157.756965][ T5909] exit_to_user_mode_loop+0x87/0x4e0
[ 157.756976][ T5909] ? rcu_is_watching+0x15/0xb0
[ 157.756990][ T5909] do_syscall_64+0x2c1/0xf80
[ 157.757000][ T5909] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 157.757008][ T5909] ? trace_irq_disable+0x37/0x100
[ 157.757021][ T5909] ? clear_bhb_loop+0x60/0xb0
[ 157.757032][ T5909] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 157.757042][ T5909] RIP: 0033:0x7f632538f7c9
[ 157.757052][ T5909] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 157.757057][ T5909] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 157.757069][ T5909] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 157.757076][ T5909] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 157.757082][ T5909] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 157.757088][ T5909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 157.757094][ T5909] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 157.757106][ T5909]
[ 157.757136][ T5909] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 157.876118][ T5909] CPU: 0 UID: 0 PID: 5909 Comm: syz.0.24 Not tainted syzkaller #0 PREEMPT(full)
[ 157.876135][ T5909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 157.876143][ T5909] Call Trace:
[ 157.876150][ T5909]
[ 157.876154][ T5909] dump_stack_lvl+0xe8/0x150
[ 157.876172][ T5909] f2fs_handle_critical_error+0x37c/0x540
[ 157.876192][ T5909] f2fs_write_end_io+0x886/0xb60
[ 157.876216][ T5909] __submit_merged_bio+0x256/0x660
[ 157.876237][ T5909] __submit_merged_write_cond+0x471/0x530
[ 157.876256][ T5909] f2fs_sync_node_pages+0x1479/0x15e0
[ 157.876285][ T5909] ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 157.876327][ T5909] f2fs_write_checkpoint+0xdd5/0x2430
[ 157.876359][ T5909] ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 157.876394][ T5909] kill_f2fs_super+0x2d2/0x6c0
[ 157.876409][ T5909] ? __pfx_kill_f2fs_super+0x10/0x10
[ 157.876434][ T5909] deactivate_locked_super+0xbc/0x130
[ 157.876449][ T5909] cleanup_mnt+0x425/0x4c0
[ 157.876463][ T5909] ? _raw_spin_unlock_irq+0x23/0x50
[ 157.876481][ T5909] task_work_run+0x1d4/0x260
[ 157.876497][ T5909] ? __pfx_task_work_run+0x10/0x10
[ 157.876510][ T5909] ? kmem_cache_free+0x197/0x620
[ 157.876523][ T5909] ? do_exit+0x68f/0x22f0
[ 157.876539][ T5909] do_exit+0x694/0x22f0
[ 157.876552][ T5909] ? try_to_wake_up+0x7f5/0x12b0
[ 157.876568][ T5909] ? __pfx_do_exit+0x10/0x10
[ 157.876590][ T5909] do_group_exit+0x21c/0x2d0
[ 157.876603][ T5909] ? _raw_spin_unlock_irq+0x23/0x50
[ 157.876619][ T5909] get_signal+0x1285/0x1340
[ 157.876644][ T5909] arch_do_signal_or_restart+0x9a/0x7a0
[ 157.876662][ T5909] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 157.876683][ T5909] ? __pfx___se_sys_futex+0x10/0x10
[ 157.876700][ T5909] exit_to_user_mode_loop+0x87/0x4e0
[ 157.876712][ T5909] ? rcu_is_watching+0x15/0xb0
[ 157.876728][ T5909] do_syscall_64+0x2c1/0xf80
[ 157.876740][ T5909] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 157.876750][ T5909] ? trace_irq_disable+0x37/0x100
[ 157.876763][ T5909] ? clear_bhb_loop+0x60/0xb0
[ 157.876777][ T5909] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 157.876788][ T5909] RIP: 0033:0x7f632538f7c9
[ 157.876799][ T5909] Code: Unable to access opcode bytes at 0x7f632538f79f.
[ 157.876804][ T5909] RSP: 002b:00007f63261730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 157.876815][ T5909] RAX: fffffffffffffe00 RBX: 00007f63255e5fa8 RCX: 00007f632538f7c9
[ 157.876822][ T5909] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f63255e5fa8
[ 157.876829][ T5909] RBP: 00007f63255e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 157.876835][ T5909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 157.876848][ T5909] R13: 00007f63255e6038 R14: 00007ffe793adaf0 R15: 00007ffe793adbd8
[ 157.876867][ T5909]
[ 157.876872][ T5909] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 158.057407][ T1826] ==================================================================
[ 158.061720][ T1826] BUG: KASAN: slab-use-after-free in f2fs_write_end_io+0x9b9/0xb60
[ 158.065808][ T1826] Read of size 4 at addr ffff888012609170 by task kworker/u4:12/1826
[ 158.070584][ T1826]
[ 158.071663][ T1826] CPU: 0 UID: 0 PID: 1826 Comm: kworker/u4:12 Not tainted syzkaller #0 PREEMPT(full)
[ 158.071678][ T1826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 158.071688][ T1826] Workqueue: loop0 loop_workfn
[ 158.071707][ T1826] Call Trace:
[ 158.071715][ T1826]
[ 158.071721][ T1826] dump_stack_lvl+0xe8/0x150
[ 158.071737][ T1826] print_report+0xca/0x240
[ 158.071749][ T1826] ? f2fs_write_end_io+0x9b9/0xb60
[ 158.071762][ T1826] kasan_report+0x118/0x150
[ 158.071774][ T1826] ? f2fs_write_end_io+0x9b9/0xb60
[ 158.071786][ T1826] kasan_check_range+0x2b0/0x2c0
[ 158.071796][ T1826] f2fs_write_end_io+0x9b9/0xb60
[ 158.071810][ T1826] blk_update_request+0x57e/0xe60
[ 158.071830][ T1826] blk_mq_end_request+0x3e/0x70
[ 158.071839][ T1826] lo_rw_aio+0xcd1/0xef0
[ 158.071853][ T1826] ? __pfx_lo_rw_aio+0x10/0x10
[ 158.071864][ T1826] ? kthread_associate_blkcg+0x491/0x600
[ 158.071878][ T1826] ? _raw_spin_unlock_irq+0x23/0x50
[ 158.072697][ T1826] loop_process_work+0x8fe/0x10b0
[ 158.072710][ T1826] ? trace_sched_exit_tp+0x36/0xf0
[ 158.072722][ T1826] ? __pfx_loop_process_work+0x10/0x10
[ 158.072728][ T1826] ? look_up_lock_class+0x57/0x110
[ 158.072735][ T1826] ? register_lock_class+0x31/0x2e0
[ 158.072744][ T1826] ? __lock_acquire+0x6b6/0x2cf0
[ 158.072756][ T1826] ? __pfx___schedule+0x10/0x10
[ 158.072767][ T1826] ? do_raw_spin_unlock+0x4d/0x240
[ 158.072782][ T1826] ? process_scheduled_works+0x9ef/0x1770
[ 158.072792][ T1826] ? process_scheduled_works+0x9ef/0x1770
[ 158.072803][ T1826] ? preempt_schedule_thunk+0x16/0x30
[ 158.072813][ T1826] ? process_scheduled_works+0x9ef/0x1770
[ 158.072821][ T1826] ? process_scheduled_works+0x9ef/0x1770
[ 158.072831][ T1826] process_scheduled_works+0xad1/0x1770
[ 158.072847][ T1826] ? __pfx_process_scheduled_works+0x10/0x10
[ 158.072856][ T1826] ? do_raw_spin_lock+0x121/0x290
[ 158.072872][ T1826] worker_thread+0x8a0/0xda0
[ 158.072886][ T1826] ? __kthread_parkme+0x7b/0x200
[ 158.072898][ T1826] kthread+0x711/0x8a0
[ 158.072910][ T1826] ? __pfx_worker_thread+0x10/0x10
[ 158.072920][ T1826] ? __pfx_kthread+0x10/0x10
[ 158.072933][ T1826] ? _raw_spin_unlock_irq+0x23/0x50
[ 158.072944][ T1826] ? __pfx_kthread+0x10/0x10
[ 158.072962][ T1826] ret_from_fork+0x510/0xa50
[ 158.072973][ T1826] ? __pfx_ret_from_fork+0x10/0x10
[ 158.072981][ T1826] ? __switch_to+0xc9e/0x1480
[ 158.072994][ T1826] ? __pfx_kthread+0x10/0x10
[ 158.073005][ T1826] ret_from_fork_asm+0x1a/0x30
[ 158.073023][ T1826]
[ 158.073028][ T1826]
[ 158.178106][ T1826] Allocated by task 5909:
[ 158.179927][ T1826] kasan_save_track+0x3e/0x80
[ 158.181970][ T1826] __kasan_kmalloc+0x93/0xb0
[ 158.183927][ T1826] __kmalloc_cache_noprof+0x3e2/0x700
[ 158.186181][ T1826] f2fs_fill_super+0x8c/0x6ec0
[ 158.188222][ T1826] get_tree_bdev_flags+0x40e/0x4d0
[ 158.190376][ T1826] vfs_get_tree+0x92/0x2a0
[ 158.192330][ T1826] do_new_mount+0x302/0xa10
[ 158.194444][ T1826] __se_sys_mount+0x313/0x410
[ 158.197095][ T1826] do_syscall_64+0xec/0xf80
[ 158.199254][ T1826] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 158.201556][ T1826]
[ 158.202630][ T1826] Freed by task 5909:
[ 158.204331][ T1826] kasan_save_track+0x3e/0x80
[ 158.206305][ T1826] kasan_save_free_info+0x46/0x50
[ 158.208638][ T1826] __kasan_slab_free+0x5c/0x80
[ 158.210877][ T1826] kfree+0x1c0/0x660
[ 158.212602][ T1826] kill_f2fs_super+0x5bb/0x6c0
[ 158.214795][ T1826] deactivate_locked_super+0xbc/0x130
[ 158.217270][ T1826] cleanup_mnt+0x425/0x4c0
[ 158.219255][ T1826] task_work_run+0x1d4/0x260
[ 158.221275][ T1826] do_exit+0x694/0x22f0
[ 158.223054][ T1826] do_group_exit+0x21c/0x2d0
[ 158.225033][ T1826] get_signal+0x1285/0x1340
[ 158.227047][ T1826] arch_do_signal_or_restart+0x9a/0x7a0
[ 158.229483][ T1826] exit_to_user_mode_loop+0x87/0x4e0
[ 158.231704][ T1826] do_syscall_64+0x2c1/0xf80
[ 158.233680][ T1826] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 158.236248][ T1826]
[ 158.237443][ T1826] Last potentially related work creation:
[ 158.239866][ T1826] kasan_save_stack+0x3e/0x60
[ 158.241950][ T1826] kasan_record_aux_stack+0xbd/0xd0
[ 158.244197][ T1826] insert_work+0x3d/0x330
[ 158.246092][ T1826] __queue_work+0xcd0/0xf90
[ 158.248085][ T1826] queue_work_on+0x106/0x1c0
[ 158.250135][ T1826] f2fs_handle_critical_error+0x255/0x540
[ 158.252619][ T1826] f2fs_write_end_io+0x886/0xb60
[ 158.254809][ T1826] __submit_merged_bio+0x256/0x660
[ 158.257151][ T1826] __submit_merged_write_cond+0x471/0x530
[ 158.259545][ T1826] f2fs_sync_node_pages+0x1479/0x15e0
[ 158.261942][ T1826] f2fs_write_checkpoint+0xdd5/0x2430
[ 158.264249][ T1826] kill_f2fs_super+0x2d2/0x6c0
[ 158.266373][ T1826] deactivate_locked_super+0xbc/0x130
[ 158.268744][ T1826] cleanup_mnt+0x425/0x4c0
[ 158.270691][ T1826] task_work_run+0x1d4/0x260
[ 158.272665][ T1826] do_exit+0x694/0x22f0
[ 158.274497][ T1826] do_group_exit+0x21c/0x2d0
[ 158.276514][ T1826] get_signal+0x1285/0x1340
[ 158.278605][ T1826] arch_do_signal_or_restart+0x9a/0x7a0
[ 158.281000][ T1826] exit_to_user_mode_loop+0x87/0x4e0
[ 158.283290][ T1826] do_syscall_64+0x2c1/0xf80
[ 158.285273][ T1826] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 158.287916][ T1826]
[ 158.288980][ T1826] Second to last potentially related work creation:
[ 158.291919][ T1826] kasan_save_stack+0x3e/0x60
[ 158.294474][ T1826] kasan_record_aux_stack+0xbd/0xd0
[ 158.296945][ T1826] insert_work+0x3d/0x330
[ 158.298856][ T1826] __queue_work+0xcd0/0xf90
[ 158.300883][ T1826] queue_work_on+0x106/0x1c0
[ 158.302893][ T1826] __get_node_folio+0xcaf/0x14f0
[ 158.304974][ T1826] f2fs_iget+0x77c/0x5640
[ 158.306958][ T1826] f2fs_nfs_get_inode+0x76/0x110
[ 158.309052][ T1826] generic_fh_to_dentry+0x9f/0xf0
[ 158.311284][ T1826] exportfs_decode_fh_raw+0x178/0x6e0
[ 158.313690][ T1826] do_handle_to_path+0xa4/0x1a0
[ 158.315769][ T1826] do_handle_open+0x6a1/0x930
[ 158.317881][ T1826] do_syscall_64+0xec/0xf80
[ 158.319843][ T1826] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 158.322459][ T1826]
[ 158.323504][ T1826] The buggy address belongs to the object at ffff888012608000
[ 158.323504][ T1826] which belongs to the cache kmalloc-8k of size 8192
[ 158.329616][ T1826] The buggy address is located 4464 bytes inside of
[ 158.329616][ T1826] freed 8192-byte region [ffff888012608000, ffff88801260a000)
[ 158.335579][ T1826]
[ 158.336612][ T1826] The buggy address belongs to the physical page:
[ 158.339435][ T1826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12608
[ 158.343138][ T1826] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 158.346674][ T1826] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 158.350039][ T1826] page_type: f5(slab)
[ 158.351772][ T1826] raw: 00fff00000000040 ffff88801a442280 0000000000000000 dead000000000001
[ 158.355473][ T1826] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[ 158.359100][ T1826] head: 00fff00000000040 ffff88801a442280 0000000000000000 dead000000000001
[ 158.362692][ T1826] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[ 158.366270][ T1826] head: 00fff00000000003 ffffea0000498201 00000000ffffffff 00000000ffffffff
[ 158.369964][ T1826] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 158.373613][ T1826] page dumped because: kasan: bad access detected
[ 158.376333][ T1826] page_owner tracks the page as allocated
[ 158.378753][ T1826] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x528c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP), pid 5641, tgid 5641 (syz-executor), ts 138685806163, free_ts 108015343563
[ 158.386867][ T1826] post_alloc_hook+0x234/0x290
[ 158.388860][ T1826] get_page_from_freelist+0x24e0/0x2580
[ 158.391202][ T1826] __alloc_frozen_pages_noprof+0x181/0x370
[ 158.393668][ T1826] alloc_pages_mpol+0x232/0x4a0
[ 158.395724][ T1826] allocate_slab+0x86/0x3b0
[ 158.397683][ T1826] ___slab_alloc+0xe53/0x1820
[ 158.399668][ T1826] __slab_alloc+0x65/0x100
[ 158.401590][ T1826] __kvmalloc_node_noprof+0x6b6/0x920
[ 158.403846][ T1826] pfifo_fast_init+0x112/0x6c0
[ 158.405911][ T1826] qdisc_create_dflt+0x13b/0x4c0
[ 158.408129][ T1826] mq_init+0x2dc/0x660
[ 158.409878][ T1826] qdisc_create_dflt+0x13b/0x4c0
[ 158.411974][ T1826] dev_activate+0x1ce/0x1150
[ 158.413942][ T1826] __dev_open+0x647/0x800
[ 158.415816][ T1826] __dev_change_flags+0x1f7/0x680
[ 158.418088][ T1826] netif_change_flags+0x88/0x1a0
[ 158.420188][ T1826] page last free pid 43 tgid 43 stack trace:
[ 158.423413][ T1826] __free_pages_ok+0xa83/0xbe0
[ 158.425831][ T1826] wg_destruct+0x25f/0x310
[ 158.427976][ T1826] netdev_run_todo+0xcd5/0xea0
[ 158.430095][ T1826] default_device_exit_batch+0x969/0x9e0
[ 158.432531][ T1826] ops_undo_list+0x525/0x990
[ 158.434731][ T1826] cleanup_net+0x4d8/0x7a0
[ 158.436749][ T1826] process_scheduled_works+0xad1/0x1770
[ 158.439147][ T1826] worker_thread+0x8a0/0xda0
[ 158.441138][ T1826] kthread+0x711/0x8a0
[ 158.443103][ T1826] ret_from_fork+0x510/0xa50
[ 158.445139][ T1826] ret_from_fork_asm+0x1a/0x30
[ 158.447159][ T1826]
[ 158.448228][ T1826] Memory state around the buggy address:
[ 158.450656][ T1826] ffff888012609000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 158.454241][ T1826] ffff888012609080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 158.457943][ T1826] >ffff888012609100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 158.462256][ T1826] ^
[ 158.466379][ T1826] ffff888012609180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 158.470322][ T1826] ffff888012609200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 158.473744][ T1826] ==================================================================
2026/01/07 06:58:45 executed programs: 10
[ 158.792655][ T5914] loop0: detected capacity change from 0 to 40427
[ 158.813587][ T1826] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 158.816826][ T1826] CPU: 0 UID: 0 PID: 1826 Comm: kworker/u4:12 Not tainted syzkaller #0 PREEMPT(full)
[ 158.821032][ T1826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 158.825660][ T1826] Workqueue: loop0 loop_workfn
[ 158.827901][ T1826] Call Trace:
[ 158.829406][ T1826]
[ 158.830705][ T1826] vpanic+0x1e0/0x670
[ 158.832469][ T1826] panic+0xb9/0xc0
[ 158.834128][ T1826] ? __pfx_panic+0x10/0x10
[ 158.836078][ T1826] ? preempt_schedule_thunk+0x16/0x30
[ 158.838480][ T1826] ? f2fs_write_end_io+0x9b9/0xb60
[ 158.840684][ T1826] ? preempt_schedule_thunk+0x16/0x30
[ 158.843023][ T1826] ? f2fs_write_end_io+0x9b9/0xb60
[ 158.845227][ T1826] check_panic_on_warn+0x89/0xb0
[ 158.847444][ T1826] ? f2fs_write_end_io+0x9b9/0xb60
[ 158.849644][ T1826] end_report+0x6f/0x140
[ 158.851465][ T1826] kasan_report+0x129/0x150
[ 158.853448][ T1826] ? f2fs_write_end_io+0x9b9/0xb60
[ 158.855660][ T1826] kasan_check_range+0x2b0/0x2c0
[ 158.857816][ T1826] f2fs_write_end_io+0x9b9/0xb60
[ 158.860055][ T1826] blk_update_request+0x57e/0xe60
[ 158.862244][ T1826] blk_mq_end_request+0x3e/0x70
[ 158.864297][ T1826] lo_rw_aio+0xcd1/0xef0
[ 158.866068][ T1826] ? __pfx_lo_rw_aio+0x10/0x10
[ 158.868000][ T1826] ? kthread_associate_blkcg+0x491/0x600
[ 158.870396][ T1826] ? _raw_spin_unlock_irq+0x23/0x50
[ 158.872659][ T1826] loop_process_work+0x8fe/0x10b0
[ 158.874870][ T1826] ? trace_sched_exit_tp+0x36/0xf0
[ 158.877067][ T1826] ? __pfx_loop_process_work+0x10/0x10
[ 158.879380][ T1826] ? look_up_lock_class+0x57/0x110
[ 158.881517][ T1826] ? register_lock_class+0x31/0x2e0
[ 158.883752][ T1826] ? __lock_acquire+0x6b6/0x2cf0
[ 158.885766][ T1826] ? __pfx___schedule+0x10/0x10
[ 158.887882][ T1826] ? do_raw_spin_unlock+0x4d/0x240
[ 158.890011][ T1826] ? process_scheduled_works+0x9ef/0x1770
[ 158.892397][ T1826] ? process_scheduled_works+0x9ef/0x1770
[ 158.894888][ T1826] ? preempt_schedule_thunk+0x16/0x30
[ 158.897235][ T1826] ? process_scheduled_works+0x9ef/0x1770
[ 158.899597][ T1826] ? process_scheduled_works+0x9ef/0x1770
[ 158.902062][ T1826] process_scheduled_works+0xad1/0x1770
[ 158.904383][ T1826] ? __pfx_process_scheduled_works+0x10/0x10
[ 158.906927][ T1826] ? do_raw_spin_lock+0x121/0x290
[ 158.909074][ T1826] worker_thread+0x8a0/0xda0
[ 158.911072][ T1826] ? __kthread_parkme+0x7b/0x200
[ 158.913213][ T1826] kthread+0x711/0x8a0
[ 158.915001][ T1826] ? __pfx_worker_thread+0x10/0x10
[ 158.917263][ T1826] ? __pfx_kthread+0x10/0x10
[ 158.919325][ T1826] ? _raw_spin_unlock_irq+0x23/0x50
[ 158.921620][ T1826] ? __pfx_kthread+0x10/0x10
[ 158.923624][ T1826] ret_from_fork+0x510/0xa50
[ 158.925663][ T1826] ? __pfx_ret_from_fork+0x10/0x10
[ 158.927925][ T1826] ? __switch_to+0xc9e/0x1480
[ 158.930020][ T1826] ? __pfx_kthread+0x10/0x10
[ 158.931959][ T1826] ret_from_fork_asm+0x1a/0x30
[ 158.934093][ T1826]
[ 158.935772][ T1826] Kernel Offset: disabled
[ 158.937680][ T1826] Rebooting in 86400 seconds..