Warning: Permanently added '10.128.0.193' (ED25519) to the list of known hosts.
2026/02/15 10:04:05 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[ 107.672634][ T4608] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 110.200277][ T4645] chnl_net:caif_netlink_parms(): no params data found
[ 110.263599][ T4645] bridge0: port 1(bridge_slave_0) entered blocking state
[ 110.272022][ T4645] bridge0: port 1(bridge_slave_0) entered disabled state
[ 110.280613][ T4645] device bridge_slave_0 entered promiscuous mode
[ 110.291279][ T4645] bridge0: port 2(bridge_slave_1) entered blocking state
[ 110.300465][ T4645] bridge0: port 2(bridge_slave_1) entered disabled state
[ 110.310289][ T4645] device bridge_slave_1 entered promiscuous mode
[ 110.337991][ T4645] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 110.350057][ T4645] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 110.382352][ T4645] team0: Port device team_slave_0 added
[ 110.391059][ T4645] team0: Port device team_slave_1 added
[ 110.415577][ T4645] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 110.422590][ T4645] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 110.448704][ T4645] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 110.461404][ T4645] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 110.468666][ T4645] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 110.494931][ T4645] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 110.535013][ T4645] device hsr_slave_0 entered promiscuous mode
[ 110.542126][ T4645] device hsr_slave_1 entered promiscuous mode
[ 111.311454][ T4645] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 111.322714][ T4645] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 111.332943][ T4645] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 111.343043][ T4645] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 111.420490][ T4645] 8021q: adding VLAN 0 to HW filter on device bond0
[ 111.436631][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 111.446241][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 111.458529][ T4645] 8021q: adding VLAN 0 to HW filter on device team0
[ 111.495168][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 111.506679][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 111.517128][ T154] bridge0: port 1(bridge_slave_0) entered blocking state
[ 111.524285][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 111.532712][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 111.544769][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 111.553283][ T154] bridge0: port 2(bridge_slave_1) entered blocking state
[ 111.560432][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 111.569798][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 111.578838][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 111.613752][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 111.626926][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 111.637476][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 111.648031][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 111.657779][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 111.668288][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 111.685528][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 111.694892][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 111.706579][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 111.716988][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 111.729571][ T4645] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 111.937837][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 111.947518][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 111.964852][ T4645] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 111.987337][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 111.997902][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 112.039688][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 112.049631][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 112.062065][ T4645] device veth0_vlan entered promiscuous mode
[ 112.069477][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 112.078595][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 112.107346][ T4645] device veth1_vlan entered promiscuous mode
[ 112.135900][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 112.146133][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 112.157385][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 112.167253][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 112.180343][ T4645] device veth0_macvtap entered promiscuous mode
[ 112.207236][ T4645] device veth1_macvtap entered promiscuous mode
[ 112.228501][ T4645] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 112.238150][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 112.247919][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 112.257797][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 112.266983][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 112.281993][ T4645] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 112.291281][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 112.302802][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 112.326119][ T4645] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.336058][ T4645] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.345495][ T4645] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 112.354605][ T4645] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 113.346970][ T1548] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.376366][ T1548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.400575][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 113.433144][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 113.446202][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 113.466708][ T1548] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2026/02/15 10:04:16 executed programs: 0
[ 114.670512][ T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 114.885848][ T4824] chnl_net:caif_netlink_parms(): no params data found
[ 114.944627][ T4824] bridge0: port 1(bridge_slave_0) entered blocking state
[ 114.951834][ T4824] bridge0: port 1(bridge_slave_0) entered disabled state
[ 114.960055][ T4824] device bridge_slave_0 entered promiscuous mode
[ 114.968831][ T4824] bridge0: port 2(bridge_slave_1) entered blocking state
[ 114.976183][ T4824] bridge0: port 2(bridge_slave_1) entered disabled state
[ 114.984595][ T4824] device bridge_slave_1 entered promiscuous mode
[ 115.013175][ T4824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 115.027428][ T4824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 115.058119][ T4824] team0: Port device team_slave_0 added
[ 115.067029][ T4824] team0: Port device team_slave_1 added
[ 115.092585][ T4824] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 115.099656][ T4824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 115.126342][ T4824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 115.139814][ T4824] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 115.146896][ T4824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 115.173043][ T4824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 115.214913][ T4824] device hsr_slave_0 entered promiscuous mode
[ 115.222111][ T4824] device hsr_slave_1 entered promiscuous mode
[ 115.231591][ T4824] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 115.239621][ T4824] Cannot create hsr debugfs directory
[ 116.794312][ T4682] Bluetooth: hci0: command 0x0409 tx timeout
[ 117.932419][ T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 118.001140][ T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 118.063207][ T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 118.864726][ T5036] Bluetooth: hci0: command 0x041b tx timeout
[ 119.017271][ T4824] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 119.026539][ T4824] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 119.036764][ T4824] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 119.045946][ T4824] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 119.119763][ T4824] 8021q: adding VLAN 0 to HW filter on device bond0
[ 119.153227][ T4824] 8021q: adding VLAN 0 to HW filter on device team0
[ 119.161331][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 119.169663][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 119.180407][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 119.189488][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 119.199020][ T144] bridge0: port 1(bridge_slave_0) entered blocking state
[ 119.206210][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 119.233304][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 119.241628][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 119.250882][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 119.260268][ T144] bridge0: port 2(bridge_slave_1) entered blocking state
[ 119.267432][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 119.277951][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 119.298587][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 119.310403][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 119.322016][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 119.349805][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 119.358539][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 119.367326][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 119.387993][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 119.396747][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 119.412019][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 119.423545][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 119.435377][ T4824] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 119.448938][ T9] device hsr_slave_0 left promiscuous mode
[ 119.455490][ T9] device hsr_slave_1 left promiscuous mode
[ 119.463282][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 119.471454][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 119.479645][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 119.487399][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 119.495432][ T9] device bridge_slave_1 left promiscuous mode
[ 119.501698][ T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 119.510808][ T9] device bridge_slave_0 left promiscuous mode
[ 119.517391][ T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 119.529785][ T9] device veth1_macvtap left promiscuous mode
[ 119.536106][ T9] device veth0_macvtap left promiscuous mode
[ 119.542191][ T9] device veth1_vlan left promiscuous mode
[ 119.548370][ T9] device veth0_vlan left promiscuous mode
[ 119.716636][ T9] team0 (unregistering): Port device team_slave_1 removed
[ 119.731158][ T9] team0 (unregistering): Port device team_slave_0 removed
[ 119.744407][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 119.757965][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 119.820838][ T9] bond0 (unregistering): Released all slaves
[ 119.960815][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 119.968359][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 119.981685][ T4824] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 120.005773][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 120.016166][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 120.035572][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 120.046430][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 120.055846][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 120.063649][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 120.074451][ T4824] device veth0_vlan entered promiscuous mode
[ 120.086445][ T4824] device veth1_vlan entered promiscuous mode
[ 120.111564][ T4824] device veth0_macvtap entered promiscuous mode
[ 120.122508][ T4824] device veth1_macvtap entered promiscuous mode
[ 120.131479][ T5055] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 120.140101][ T5055] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 120.149649][ T5055] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 120.158786][ T5055] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 120.167724][ T5055] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 120.183081][ T4824] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 120.195061][ T4824] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 120.204819][ T5055] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 120.213130][ T5055] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 120.223378][ T5055] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 120.232747][ T5055] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 120.241799][ T5055] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 120.252647][ T4824] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.262461][ T4824] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.271437][ T4824] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.280322][ T4824] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 120.361403][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.373684][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.382100][ T5055] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
2026/02/15 10:04:22 executed programs: 2
[ 120.409777][ T5055] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.419383][ T5055] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 120.428026][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 120.767526][ T5061] loop0: detected capacity change from 0 to 40427
[ 120.787834][ T5061] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 120.809621][ T5061] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 120.840494][ T5061] F2FS-fs (loop0): invalid crc value
[ 120.865134][ T5061] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 120.915091][ T5061] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 120.922490][ T5061] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 120.945000][ T4272] Bluetooth: hci0: command 0x040f tx timeout
[ 120.967108][ T5061] F2FS-fs (loop0): access invalid blkaddr:0
[ 120.973103][ T5061] CPU: 1 PID: 5061 Comm: syz.0.17 Not tainted syzkaller #0
[ 120.980429][ T5061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 120.990528][ T5061] Call Trace:
[ 120.993846][ T5061]
[ 120.996802][ T5061] dump_stack_lvl+0x188/0x250
[ 121.001530][ T5061] ? show_regs_print_info+0x20/0x20
[ 121.006780][ T5061] ? __rwlock_init+0x140/0x140
[ 121.011587][ T5061] f2fs_is_valid_blkaddr+0xc7e/0x1250
[ 121.016999][ T5061] f2fs_iget+0x1cae/0x4a50
[ 121.021476][ T5061] f2fs_nfs_get_inode+0x72/0x100
[ 121.026445][ T5061] ? f2fs_fh_to_parent+0x40/0x40
[ 121.031505][ T5061] generic_fh_to_dentry+0x8f/0xe0
[ 121.036738][ T5061] exportfs_decode_fh_raw+0x173/0x630
[ 121.042291][ T5061] ? do_handle_open+0x840/0x840
[ 121.047188][ T5061] ? exportfs_encode_fh+0x480/0x480
[ 121.052506][ T5061] ? __lock_acquire+0x7d10/0x7d10
[ 121.057652][ T5061] ? do_raw_spin_lock+0x128/0x2f0
[ 121.062695][ T5061] ? __rwlock_init+0x140/0x140
[ 121.067478][ T5061] ? do_handle_open+0x840/0x840
[ 121.072340][ T5061] exportfs_decode_fh+0x36/0x70
[ 121.077212][ T5061] do_handle_open+0x401/0x840
[ 121.081933][ T5061] ? __ia32_compat_sys_open_by_handle_at+0x80/0x80
[ 121.088557][ T5061] ? vtime_user_exit+0x2c8/0x3e0
[ 121.093539][ T5061] ? lockdep_hardirqs_on+0x94/0x140
[ 121.098769][ T5061] do_syscall_64+0x4c/0xa0
[ 121.103219][ T5061] ? clear_bhb_loop+0x30/0x80
[ 121.107929][ T5061] ? clear_bhb_loop+0x30/0x80
[ 121.112640][ T5061] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 121.118575][ T5061] RIP: 0033:0x7f65c330fef9
[ 121.123023][ T5061] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 121.142847][ T5061] RSP: 002b:00007f65c2973028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[ 121.151297][ T5061] RAX: ffffffffffffffda RBX: 00007f65c357afa0 RCX: 00007f65c330fef9
[ 121.159309][ T5061] RDX: 0000000002000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 121.167308][ T5061] RBP: 00007f65c33a4ee0 R08: 0000000000000000 R09: 0000000000000000
[ 121.175306][ T5061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 121.183312][ T5061] R13: 00007f65c357b038 R14: 00007f65c357afa0 R15: 00007fff7e4b6e38
[ 121.191337][ T5061]
[ 121.202925][ T5061] F2FS-fs (loop0): sanity_check_inode: inode (ino=5) extent info [0, 0, 65536] is incorrect, run fsck to fix
[ 121.217401][ T5066] F2FS-fs (loop0): access invalid blkaddr:0
[ 121.223445][ T5066] CPU: 0 PID: 5066 Comm: syz.0.17 Not tainted syzkaller #0
[ 121.230855][ T5066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 121.241036][ T5066] Call Trace:
[ 121.244345][ T5066]
[ 121.247327][ T5066] dump_stack_lvl+0x188/0x250
[ 121.252036][ T5066] ? show_regs_print_info+0x20/0x20
[ 121.257273][ T5066] ? __rwlock_init+0x140/0x140
[ 121.262085][ T5066] f2fs_is_valid_blkaddr+0xc7e/0x1250
[ 121.267510][ T5066] f2fs_iget+0x1cae/0x4a50
[ 121.271984][ T5066] f2fs_nfs_get_inode+0x72/0x100
[ 121.276960][ T5066] ? f2fs_fh_to_parent+0x40/0x40
[ 121.281938][ T5066] generic_fh_to_dentry+0x8f/0xe0
[ 121.287064][ T5066] exportfs_decode_fh_raw+0x173/0x630
[ 121.292485][ T5066] ? do_handle_open+0x840/0x840
[ 121.297369][ T5066] ? exportfs_encode_fh+0x480/0x480
[ 121.302624][ T5066] ? __lock_acquire+0x7d10/0x7d10
[ 121.307719][ T5066] ? do_raw_spin_lock+0x128/0x2f0
[ 121.312798][ T5066] ? __rwlock_init+0x140/0x140
[ 121.317601][ T5066] ? do_handle_open+0x840/0x840
[ 121.322923][ T5066] exportfs_decode_fh+0x36/0x70
[ 121.327811][ T5066] do_handle_open+0x401/0x840
[ 121.332529][ T5066] ? __ia32_compat_sys_open_by_handle_at+0x80/0x80
[ 121.339241][ T5066] ? vtime_user_exit+0x2c8/0x3e0
[ 121.344254][ T5066] ? lockdep_hardirqs_on+0x94/0x140
[ 121.349505][ T5066] do_syscall_64+0x4c/0xa0
[ 121.353969][ T5066] ? clear_bhb_loop+0x30/0x80
[ 121.358865][ T5066] ? clear_bhb_loop+0x30/0x80
[ 121.363585][ T5066] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 121.369625][ T5066] RIP: 0033:0x7f65c330fef9
[ 121.374103][ T5066] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 121.393742][ T5066] RSP: 002b:00007f65c2952028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[ 121.402457][ T5066] RAX: ffffffffffffffda RBX: 00007f65c357b090 RCX: 00007f65c330fef9
[ 121.410465][ T5066] RDX: 0000000002000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 121.418472][ T5066] RBP: 00007f65c33a4ee0 R08: 0000000000000000 R09: 0000000000000000
[ 121.426483][ T5066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 121.434499][ T5066] R13: 00007f65c357b128 R14: 00007f65c357b090 R15: 00007fff7e4b6e38
[ 121.442894][ T5066]
[ 121.456571][ T5066] F2FS-fs (loop0): sanity_check_inode: inode (ino=5) extent info [0, 0, 65536] is incorrect, run fsck to fix
[ 122.013377][ T5068] loop0: detected capacity change from 0 to 40427
[ 122.126158][ T5068] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 122.136816][ T5068] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 122.148560][ T5068] F2FS-fs (loop0): invalid crc value
[ 122.178406][ T5068] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 122.228687][ T5068] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 122.236358][ T5068] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 122.248733][ T5068] F2FS-fs (loop0): access invalid blkaddr:0
[ 122.255695][ T5068] CPU: 0 PID: 5068 Comm: syz.0.18 Not tainted syzkaller #0
[ 122.263570][ T5068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 122.273764][ T5068] Call Trace:
[ 122.277079][ T5068]
[ 122.280046][ T5068] dump_stack_lvl+0x188/0x250
[ 122.284767][ T5068] ? show_regs_print_info+0x20/0x20
[ 122.290016][ T5068] ? __rwlock_init+0x140/0x140
[ 122.294845][ T5068] f2fs_is_valid_blkaddr+0xc7e/0x1250
[ 122.300285][ T5068] f2fs_iget+0x1cae/0x4a50
[ 122.304791][ T5068] f2fs_nfs_get_inode+0x72/0x100
[ 122.309808][ T5068] ? f2fs_fh_to_parent+0x40/0x40
[ 122.314788][ T5068] generic_fh_to_dentry+0x8f/0xe0
[ 122.319822][ T5068] exportfs_decode_fh_raw+0x173/0x630
[ 122.325212][ T5068] ? do_handle_open+0x840/0x840
[ 122.330072][ T5068] ? exportfs_encode_fh+0x480/0x480
[ 122.335309][ T5068] ? __lock_acquire+0x7d10/0x7d10
[ 122.340344][ T5068] ? do_raw_spin_lock+0x128/0x2f0
[ 122.345376][ T5068] ? __rwlock_init+0x140/0x140
[ 122.350179][ T5068] ? do_handle_open+0x840/0x840
[ 122.355055][ T5068] exportfs_decode_fh+0x36/0x70
[ 122.359920][ T5068] do_handle_open+0x401/0x840
[ 122.364625][ T5068] ? __ia32_compat_sys_open_by_handle_at+0x80/0x80
[ 122.371342][ T5068] ? vtime_user_exit+0x2c8/0x3e0
[ 122.376396][ T5068] ? lockdep_hardirqs_on+0x94/0x140
[ 122.381623][ T5068] do_syscall_64+0x4c/0xa0
[ 122.386084][ T5068] ? clear_bhb_loop+0x30/0x80
[ 122.390794][ T5068] ? clear_bhb_loop+0x30/0x80
[ 122.395494][ T5068] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 122.401414][ T5068] RIP: 0033:0x7f65c330fef9
[ 122.405960][ T5068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 122.425609][ T5068] RSP: 002b:00007f65c2973028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[ 122.434046][ T5068] RAX: ffffffffffffffda RBX: 00007f65c357afa0 RCX: 00007f65c330fef9
[ 122.442050][ T5068] RDX: 0000000002000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 122.450295][ T5068] RBP: 00007f65c33a4ee0 R08: 0000000000000000 R09: 0000000000000000
[ 122.458279][ T5068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 122.466349][ T5068] R13: 00007f65c357b038 R14: 00007f65c357afa0 R15: 00007fff7e4b6e38
[ 122.474430][ T5068]
[ 122.482871][ T5068] F2FS-fs (loop0): sanity_check_inode: inode (ino=5) extent info [0, 0, 65536] is incorrect, run fsck to fix
[ 122.496615][ T5073] F2FS-fs (loop0): access invalid blkaddr:0
[ 122.502728][ T5073] CPU: 0 PID: 5073 Comm: syz.0.18 Not tainted syzkaller #0
[ 122.510160][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 122.520476][ T5073] Call Trace:
[ 122.523787][ T5073]
[ 122.526762][ T5073] dump_stack_lvl+0x188/0x250
[ 122.531655][ T5073] ? show_regs_print_info+0x20/0x20
[ 122.536882][ T5073] ? __rwlock_init+0x140/0x140
[ 122.541679][ T5073] f2fs_is_valid_blkaddr+0xc7e/0x1250
[ 122.547080][ T5073] f2fs_iget+0x1cae/0x4a50
[ 122.551532][ T5073] f2fs_nfs_get_inode+0x72/0x100
[ 122.556495][ T5073] ? f2fs_fh_to_parent+0x40/0x40
[ 122.561537][ T5073] generic_fh_to_dentry+0x8f/0xe0
[ 122.566579][ T5073] exportfs_decode_fh_raw+0x173/0x630
[ 122.571989][ T5073] ? do_handle_open+0x840/0x840
[ 122.576860][ T5073] ? exportfs_encode_fh+0x480/0x480
[ 122.582128][ T5073] ? __lock_acquire+0x7d10/0x7d10
[ 122.587175][ T5073] ? do_raw_spin_lock+0x128/0x2f0
[ 122.592478][ T5073] ? __rwlock_init+0x140/0x140
[ 122.597263][ T5073] ? do_handle_open+0x840/0x840
[ 122.602131][ T5073] exportfs_decode_fh+0x36/0x70
[ 122.607004][ T5073] do_handle_open+0x401/0x840
[ 122.611704][ T5073] ? __ia32_compat_sys_open_by_handle_at+0x80/0x80
[ 122.618229][ T5073] ? vtime_user_exit+0x2c8/0x3e0
[ 122.623279][ T5073] ? lockdep_hardirqs_on+0x94/0x140
[ 122.628497][ T5073] do_syscall_64+0x4c/0xa0
[ 122.632943][ T5073] ? clear_bhb_loop+0x30/0x80
[ 122.637645][ T5073] ? clear_bhb_loop+0x30/0x80
[ 122.642337][ T5073] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 122.648253][ T5073] RIP: 0033:0x7f65c330fef9
[ 122.652708][ T5073] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 122.672327][ T5073] RSP: 002b:00007f65c2952028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[ 122.680766][ T5073] RAX: ffffffffffffffda RBX: 00007f65c357b090 RCX: 00007f65c330fef9
[ 122.688762][ T5073] RDX: 0000000002000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 122.696755][ T5073] RBP: 00007f65c33a4ee0 R08: 0000000000000000 R09: 0000000000000000
[ 122.704914][ T5073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 122.712914][ T5073] R13: 00007f65c357b128 R14: 00007f65c357b090 R15: 00007fff7e4b6e38
[ 122.720922][ T5073]
[ 122.725162][ T5073] F2FS-fs (loop0): sanity_check_inode: inode (ino=5) extent info [0, 0, 65536] is incorrect, run fsck to fix
[ 123.024106][ T4271] Bluetooth: hci0: command 0x0419 tx timeout
[ 123.175326][ T5075] loop0: detected capacity change from 0 to 40427
[ 123.265229][ T5075] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[ 123.333881][ T5075] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 123.355429][ T5075] F2FS-fs (loop0): invalid crc value
[ 123.378721][ T5075] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 123.422308][ T5075] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[ 123.429773][ T5075] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 123.440231][ T5075] F2FS-fs (loop0): access invalid blkaddr:0
[ 123.446541][ T5075] CPU: 1 PID: 5075 Comm: syz.0.19 Not tainted syzkaller #0
[ 123.453773][ T5075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 123.463864][ T5075] Call Trace:
[ 123.467330][ T5075]
[ 123.470302][ T5075] dump_stack_lvl+0x188/0x250
[ 123.475024][ T5075] ? show_regs_print_info+0x20/0x20
[ 123.480264][ T5075] ? __rwlock_init+0x140/0x140
[ 123.485328][ T5075] f2fs_is_valid_blkaddr+0xc7e/0x1250
[ 123.490742][ T5075] f2fs_iget+0x1cae/0x4a50
[ 123.495226][ T5075] f2fs_nfs_get_inode+0x72/0x100
[ 123.500279][ T5075] ? f2fs_fh_to_parent+0x40/0x40
[ 123.505245][ T5075] generic_fh_to_dentry+0x8f/0xe0
[ 123.510298][ T5075] exportfs_decode_fh_raw+0x173/0x630
[ 123.515722][ T5075] ? do_handle_open+0x840/0x840
[ 123.520609][ T5075] ? exportfs_encode_fh+0x480/0x480
[ 123.525875][ T5075] ? __lock_acquire+0x7d10/0x7d10
[ 123.530942][ T5075] ? do_raw_spin_lock+0x128/0x2f0
[ 123.536000][ T5075] ? __rwlock_init+0x140/0x140
[ 123.540795][ T5075] ? do_handle_open+0x840/0x840
[ 123.545684][ T5075] exportfs_decode_fh+0x36/0x70
[ 123.550615][ T5075] do_handle_open+0x401/0x840
[ 123.555700][ T5075] ? __ia32_compat_sys_open_by_handle_at+0x80/0x80
[ 123.562355][ T5075] ? vtime_user_exit+0x2c8/0x3e0
[ 123.567334][ T5075] ? lockdep_hardirqs_on+0x94/0x140
[ 123.572564][ T5075] do_syscall_64+0x4c/0xa0
[ 123.577011][ T5075] ? clear_bhb_loop+0x30/0x80
[ 123.581730][ T5075] ? clear_bhb_loop+0x30/0x80
[ 123.586434][ T5075] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 123.592538][ T5075] RIP: 0033:0x7f65c330fef9
[ 123.597090][ T5075] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 123.616733][ T5075] RSP: 002b:00007f65c2973028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[ 123.625191][ T5075] RAX: ffffffffffffffda RBX: 00007f65c357afa0 RCX: 00007f65c330fef9
[ 123.633199][ T5075] RDX: 0000000002000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 123.641218][ T5075] RBP: 00007f65c33a4ee0 R08: 0000000000000000 R09: 0000000000000000
[ 123.649264][ T5075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 123.657277][ T5075] R13: 00007f65c357b038 R14: 00007f65c357afa0 R15: 00007fff7e4b6e38
[ 123.665391][ T5075]
[ 123.674001][ T5075] F2FS-fs (loop0): sanity_check_inode: inode (ino=5) extent info [0, 0, 65536] is incorrect, run fsck to fix
[ 123.686188][ T5080] F2FS-fs (loop0): access invalid blkaddr:0
[ 123.692120][ T5080] CPU: 1 PID: 5080 Comm: syz.0.19 Not tainted syzkaller #0
[ 123.699347][ T5080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 123.709536][ T5080] Call Trace:
[ 123.712863][ T5080]
[ 123.715832][ T5080] dump_stack_lvl+0x188/0x250
[ 123.720646][ T5080] ? show_regs_print_info+0x20/0x20
[ 123.725880][ T5080] ? do_raw_read_unlock+0x70/0x70
[ 123.730930][ T5080] ? bpf_lsm_inode_alloc_security+0x5/0x10
[ 123.736864][ T5080] ? make_kgid+0x1c4/0x660
[ 123.741316][ T5080] f2fs_is_valid_blkaddr+0xc7e/0x1250
[ 123.746719][ T5080] f2fs_iget+0x1cae/0x4a50
[ 123.751188][ T5080] f2fs_nfs_get_inode+0x72/0x100
[ 123.756163][ T5080] ? f2fs_fh_to_parent+0x40/0x40
[ 123.761130][ T5080] generic_fh_to_dentry+0x8f/0xe0
[ 123.766186][ T5080] exportfs_decode_fh_raw+0x173/0x630
[ 123.771591][ T5080] ? do_handle_open+0x840/0x840
[ 123.776488][ T5080] ? exportfs_encode_fh+0x480/0x480
[ 123.781746][ T5080] ? __lock_acquire+0x7d10/0x7d10
[ 123.786816][ T5080] ? do_raw_spin_lock+0x128/0x2f0
[ 123.791873][ T5080] ? __rwlock_init+0x140/0x140
[ 123.796682][ T5080] ? do_handle_open+0x840/0x840
[ 123.801652][ T5080] exportfs_decode_fh+0x36/0x70
[ 123.806539][ T5080] do_handle_open+0x401/0x840
[ 123.811244][ T5080] ? __ia32_compat_sys_open_by_handle_at+0x80/0x80
[ 123.817774][ T5080] ? vtime_user_exit+0x2c8/0x3e0
[ 123.822808][ T5080] ? lockdep_hardirqs_on+0x94/0x140
[ 123.828048][ T5080] do_syscall_64+0x4c/0xa0
[ 123.832493][ T5080] ? clear_bhb_loop+0x30/0x80
[ 123.837192][ T5080] ? clear_bhb_loop+0x30/0x80
[ 123.841895][ T5080] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 123.847838][ T5080] RIP: 0033:0x7f65c330fef9
[ 123.852279][ T5080] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 123.871909][ T5080] RSP: 002b:00007f65c2952028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[ 123.880366][ T5080] RAX: ffffffffffffffda RBX: 00007f65c357b090 RCX: 00007f65c330fef9
[ 123.888384][ T5080] RDX: 0000000002000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 123.896390][ T5080] RBP: 00007f65c33a4ee0 R08: 0000000000000000 R09: 0000000000000000
[ 123.904866][ T5080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 123.912864][ T5080] R13: 00007f65c357b128 R14: 00007f65c357b090 R15: 00007fff7e4b6e38
[ 123.920879][ T5080]
[ 123.928754][ T5080] ==================================================================
[ 123.937109][ T5080] BUG: KASAN: use-after-free in f2fs_iget+0x4240/0x4a50
[ 123.944085][ T5080] Read of size 4 at addr ffff888071c2a0f0 by task syz.0.19/5080
[ 123.951739][ T5080]
[ 123.954178][ T5080] CPU: 1 PID: 5080 Comm: syz.0.19 Not tainted syzkaller #0
[ 123.961623][ T5080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 123.971699][ T5080] Call Trace:
[ 123.975096][ T5080]
[ 123.978056][ T5080] dump_stack_lvl+0x188/0x250
[ 123.982862][ T5080] ? show_regs_print_info+0x20/0x20
[ 123.988104][ T5080] ? load_image+0x400/0x400
[ 123.992657][ T5080] ? _raw_spin_lock_irqsave+0xbc/0x100
[ 123.998259][ T5080] ? bpf_lsm_inode_alloc_security+0x5/0x10
[ 124.004098][ T5080] print_address_description+0x60/0x2d0
[ 124.009799][ T5080] ? f2fs_iget+0x4240/0x4a50
[ 124.014438][ T5080] kasan_report+0xdf/0x130
[ 124.018888][ T5080] ? f2fs_iget+0x4240/0x4a50
[ 124.023505][ T5080] f2fs_iget+0x4240/0x4a50
[ 124.027976][ T5080] f2fs_nfs_get_inode+0x72/0x100
[ 124.032946][ T5080] ? f2fs_fh_to_parent+0x40/0x40
[ 124.037927][ T5080] generic_fh_to_dentry+0x8f/0xe0
[ 124.042989][ T5080] exportfs_decode_fh_raw+0x173/0x630
[ 124.048942][ T5080] ? do_handle_open+0x840/0x840
[ 124.053834][ T5080] ? exportfs_encode_fh+0x480/0x480
[ 124.059095][ T5080] ? __lock_acquire+0x7d10/0x7d10
[ 124.064153][ T5080] ? do_raw_spin_lock+0x128/0x2f0
[ 124.069212][ T5080] ? __rwlock_init+0x140/0x140
[ 124.074004][ T5080] ? do_handle_open+0x840/0x840
[ 124.078882][ T5080] exportfs_decode_fh+0x36/0x70
[ 124.083778][ T5080] do_handle_open+0x401/0x840
[ 124.088508][ T5080] ? __ia32_compat_sys_open_by_handle_at+0x80/0x80
[ 124.095045][ T5080] ? vtime_user_exit+0x2c8/0x3e0
[ 124.100035][ T5080] ? lockdep_hardirqs_on+0x94/0x140
[ 124.105271][ T5080] do_syscall_64+0x4c/0xa0
[ 124.109800][ T5080] ? clear_bhb_loop+0x30/0x80
[ 124.114502][ T5080] ? clear_bhb_loop+0x30/0x80
[ 124.119210][ T5080] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 124.125135][ T5080] RIP: 0033:0x7f65c330fef9
[ 124.129607][ T5080] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 124.149345][ T5080] RSP: 002b:00007f65c2952028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[ 124.157793][ T5080] RAX: ffffffffffffffda RBX: 00007f65c357b090 RCX: 00007f65c330fef9
[ 124.165797][ T5080] RDX: 0000000002000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 124.173802][ T5080] RBP: 00007f65c33a4ee0 R08: 0000000000000000 R09: 0000000000000000
[ 124.181803][ T5080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 124.189800][ T5080] R13: 00007f65c357b128 R14: 00007f65c357b090 R15: 00007fff7e4b6e38
[ 124.197823][ T5080]
[ 124.200893][ T5080]
[ 124.203235][ T5080] Allocated by task 5075:
[ 124.207592][ T5080] __kasan_slab_alloc+0x9c/0xd0
[ 124.212468][ T5080] slab_post_alloc_hook+0x4c/0x380
[ 124.217633][ T5080] kmem_cache_alloc+0x100/0x290
[ 124.222508][ T5080] f2fs_init_extent_tree+0x542/0xb50
[ 124.227818][ T5080] f2fs_iget+0xfe4/0x4a50
[ 124.232183][ T5080] f2fs_nfs_get_inode+0x72/0x100
[ 124.237163][ T5080] generic_fh_to_dentry+0x8f/0xe0
[ 124.242315][ T5080] exportfs_decode_fh_raw+0x173/0x630
[ 124.247727][ T5080] exportfs_decode_fh+0x36/0x70
[ 124.252616][ T5080] do_handle_open+0x401/0x840
[ 124.257324][ T5080] do_syscall_64+0x4c/0xa0
[ 124.261797][ T5080] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 124.267895][ T5080]
[ 124.270236][ T5080] Freed by task 5075:
[ 124.274235][ T5080] kasan_set_track+0x4b/0x70
[ 124.278851][ T5080] kasan_set_free_info+0x1f/0x40
[ 124.283818][ T5080] ____kasan_slab_free+0xd5/0x110
[ 124.288955][ T5080] slab_free_freelist_hook+0xea/0x170
[ 124.294473][ T5080] kmem_cache_free+0x8f/0x210
[ 124.299178][ T5080] f2fs_destroy_extent_tree+0x3b3/0x670
[ 124.304754][ T5080] f2fs_evict_inode+0x3c4/0x15b0
[ 124.309720][ T5080] evict+0x4c9/0x8d0
[ 124.313676][ T5080] f2fs_iget+0x16ad/0x4a50
[ 124.318117][ T5080] f2fs_nfs_get_inode+0x72/0x100
[ 124.323099][ T5080] generic_fh_to_dentry+0x8f/0xe0
[ 124.328173][ T5080] exportfs_decode_fh_raw+0x173/0x630
[ 124.333663][ T5080] exportfs_decode_fh+0x36/0x70
[ 124.338640][ T5080] do_handle_open+0x401/0x840
[ 124.343346][ T5080] do_syscall_64+0x4c/0xa0
[ 124.347788][ T5080] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 124.353706][ T5080]
[ 124.356144][ T5080] The buggy address belongs to the object at ffff888071c2a0c8
[ 124.356144][ T5080] which belongs to the cache f2fs_extent_tree of size 136
[ 124.370658][ T5080] The buggy address is located 40 bytes inside of
[ 124.370658][ T5080] 136-byte region [ffff888071c2a0c8, ffff888071c2a150)
[ 124.384108][ T5080] The buggy address belongs to the page:
[ 124.389783][ T5080] page:ffffea0001c70a80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x71c2a
[ 124.399967][ T5080] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[ 124.407554][ T5080] raw: 00fff00000000200 0000000000000000 dead000000000122 ffff88801e454b40
[ 124.416165][ T5080] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000
[ 124.424763][ T5080] page dumped because: kasan: bad access detected
[ 124.431291][ T5080] page_owner tracks the page as allocated
[ 124.437032][ T5080] page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x112c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 5061, ts 120966595779, free_ts 86725794161
[ 124.456253][ T5080] get_page_from_freelist+0x1bbd/0x1ca0
[ 124.461923][ T5080] __alloc_pages+0x1ee/0x480
[ 124.466813][ T5080] new_slab+0xc0/0x4b0
[ 124.470904][ T5080] ___slab_alloc+0x80a/0xdd0
[ 124.475521][ T5080] kmem_cache_alloc+0x195/0x290
[ 124.480477][ T5080] f2fs_init_extent_tree+0x542/0xb50
[ 124.485799][ T5080] f2fs_iget+0xfe4/0x4a50
[ 124.490735][ T5080] f2fs_nfs_get_inode+0x72/0x100
[ 124.495801][ T5080] generic_fh_to_dentry+0x8f/0xe0
[ 124.500857][ T5080] exportfs_decode_fh_raw+0x173/0x630
[ 124.506353][ T5080] exportfs_decode_fh+0x36/0x70
[ 124.511247][ T5080] do_handle_open+0x401/0x840
[ 124.515958][ T5080] do_syscall_64+0x4c/0xa0
[ 124.520457][ T5080] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 124.526381][ T5080] page last free stack trace:
[ 124.531068][ T5080] free_unref_page_prepare+0x637/0x6c0
[ 124.536554][ T5080] free_unref_page+0x8f/0x2a0
[ 124.541269][ T5080] __unfreeze_partials+0x1a5/0x200
[ 124.546423][ T5080] put_cpu_partial+0x12d/0x190
[ 124.551216][ T5080] qlist_free_all+0x35/0x90
[ 124.555940][ T5080] kasan_quarantine_reduce+0x150/0x160
[ 124.561423][ T5080] __kasan_slab_alloc+0x2f/0xd0
[ 124.566297][ T5080] slab_post_alloc_hook+0x4c/0x380
[ 124.571533][ T5080] kmem_cache_alloc+0x100/0x290
[ 124.576518][ T5080] getname_flags+0xb5/0x500
[ 124.581131][ T5080] do_sys_openat2+0xdd/0x4b0
[ 124.585754][ T5080] __x64_sys_openat+0x135/0x160
[ 124.590633][ T5080] do_syscall_64+0x4c/0xa0
[ 124.595162][ T5080] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 124.601078][ T5080]
[ 124.603421][ T5080] Memory state around the buggy address:
[ 124.609072][ T5080] ffff888071c29f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 124.617154][ T5080] ffff888071c2a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 124.625236][ T5080] >ffff888071c2a080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb
[ 124.633333][ T5080] ^
[ 124.641190][ T5080] ffff888071c2a100: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc
[ 124.649467][ T5080] ffff888071c2a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 124.657630][ T5080] ==================================================================
[ 124.665704][ T5080] Disabling lock debugging due to kernel taint
[ 124.683580][ T5080] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 124.690840][ T5080] CPU: 1 PID: 5080 Comm: syz.0.19 Tainted: G B syzkaller #0
[ 124.699460][ T5080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 124.709533][ T5080] Call Trace:
[ 124.712832][ T5080]
[ 124.715781][ T5080] dump_stack_lvl+0x188/0x250
[ 124.720499][ T5080] ? show_regs_print_info+0x20/0x20
[ 124.725725][ T5080] ? load_image+0x400/0x400
[ 124.730261][ T5080] panic+0x2e5/0x810
[ 124.734785][ T5080] ? bpf_jit_dump+0xd0/0xd0
[ 124.739410][ T5080] ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 124.745421][ T5080] ? _raw_spin_unlock+0x40/0x40
[ 124.750296][ T5080] ? f2fs_iget+0x4240/0x4a50
[ 124.754909][ T5080] check_panic_on_warn+0x80/0xa0
[ 124.759893][ T5080] ? f2fs_iget+0x4240/0x4a50
[ 124.764530][ T5080] end_report+0x6d/0xf0
[ 124.768972][ T5080] kasan_report+0x102/0x130
[ 124.773522][ T5080] ? f2fs_iget+0x4240/0x4a50
[ 124.778141][ T5080] f2fs_iget+0x4240/0x4a50
[ 124.782597][ T5080] f2fs_nfs_get_inode+0x72/0x100
[ 124.787563][ T5080] ? f2fs_fh_to_parent+0x40/0x40
[ 124.792524][ T5080] generic_fh_to_dentry+0x8f/0xe0
[ 124.797574][ T5080] exportfs_decode_fh_raw+0x173/0x630
[ 124.802978][ T5080] ? do_handle_open+0x840/0x840
[ 124.807855][ T5080] ? exportfs_encode_fh+0x480/0x480
[ 124.813115][ T5080] ? __lock_acquire+0x7d10/0x7d10
[ 124.818164][ T5080] ? do_raw_spin_lock+0x128/0x2f0
[ 124.823209][ T5080] ? __rwlock_init+0x140/0x140
[ 124.827996][ T5080] ? do_handle_open+0x840/0x840
[ 124.832872][ T5080] exportfs_decode_fh+0x36/0x70
[ 124.837758][ T5080] do_handle_open+0x401/0x840
[ 124.842527][ T5080] ? __ia32_compat_sys_open_by_handle_at+0x80/0x80
[ 124.849067][ T5080] ? vtime_user_exit+0x2c8/0x3e0
[ 124.854039][ T5080] ? lockdep_hardirqs_on+0x94/0x140
[ 124.859263][ T5080] do_syscall_64+0x4c/0xa0
[ 124.863804][ T5080] ? clear_bhb_loop+0x30/0x80
[ 124.868510][ T5080] ? clear_bhb_loop+0x30/0x80
[ 124.873293][ T5080] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 124.879214][ T5080] RIP: 0033:0x7f65c330fef9
[ 124.883660][ T5080] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 124.903300][ T5080] RSP: 002b:00007f65c2952028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[ 124.911743][ T5080] RAX: ffffffffffffffda RBX: 00007f65c357b090 RCX: 00007f65c330fef9
[ 124.919742][ T5080] RDX: 0000000002000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 124.927745][ T5080] RBP: 00007f65c33a4ee0 R08: 0000000000000000 R09: 0000000000000000
[ 124.935945][ T5080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 124.943938][ T5080] R13: 00007f65c357b128 R14: 00007f65c357b090 R15: 00007fff7e4b6e38
[ 124.951945][ T5080]
[ 124.955325][ T5080] Kernel Offset: disabled
[ 124.959702][ T5080] Rebooting in 86400 seconds..