Warning: Permanently added '10.128.0.165' (ED25519) to the list of known hosts.
2025/05/06 19:26:11 ignoring optional flag "sandboxArg"="0"
2025/05/06 19:26:12 parsed 1 programs
[ 53.719634][ T28] audit: type=1400 audit(1746559573.841:128): avc: denied { unlink } for pid=372 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 53.750945][ T372] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 54.413693][ T28] audit: type=1400 audit(1746559574.531:129): avc: denied { create } for pid=376 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 54.985220][ T28] audit: type=1401 audit(1746559575.101:130): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 55.208944][ T418] bridge0: port 1(bridge_slave_0) entered blocking state
[ 55.215993][ T418] bridge0: port 1(bridge_slave_0) entered disabled state
[ 55.223688][ T418] device bridge_slave_0 entered promiscuous mode
[ 55.230691][ T418] bridge0: port 2(bridge_slave_1) entered blocking state
[ 55.237913][ T418] bridge0: port 2(bridge_slave_1) entered disabled state
[ 55.245523][ T418] device bridge_slave_1 entered promiscuous mode
[ 55.299830][ T418] bridge0: port 2(bridge_slave_1) entered blocking state
[ 55.306993][ T418] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 55.314351][ T418] bridge0: port 1(bridge_slave_0) entered blocking state
[ 55.321413][ T418] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 55.345261][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 55.352954][ T298] bridge0: port 1(bridge_slave_0) entered disabled state
[ 55.360394][ T298] bridge0: port 2(bridge_slave_1) entered disabled state
[ 55.376298][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 55.384607][ T298] bridge0: port 1(bridge_slave_0) entered blocking state
[ 55.391670][ T298] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 55.400945][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 55.409456][ T298] bridge0: port 2(bridge_slave_1) entered blocking state
[ 55.416590][ T298] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 55.434897][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 55.444528][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 55.459850][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 55.471802][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 55.480586][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 55.488054][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 55.501910][ T418] device veth0_vlan entered promiscuous mode
[ 55.512816][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 55.522476][ T418] device veth1_macvtap entered promiscuous mode
[ 55.532815][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 55.549549][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 55.588251][ T418] syz-executor (418) used greatest stack depth: 21760 bytes left
2025/05/06 19:26:16 executed programs: 0
[ 55.920830][ T432] bridge0: port 1(bridge_slave_0) entered blocking state
[ 55.927877][ T432] bridge0: port 1(bridge_slave_0) entered disabled state
[ 55.935916][ T432] device bridge_slave_0 entered promiscuous mode
[ 55.943155][ T432] bridge0: port 2(bridge_slave_1) entered blocking state
[ 55.950370][ T432] bridge0: port 2(bridge_slave_1) entered disabled state
[ 55.957789][ T432] device bridge_slave_1 entered promiscuous mode
[ 56.010295][ T432] bridge0: port 2(bridge_slave_1) entered blocking state
[ 56.017425][ T432] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 56.024757][ T432] bridge0: port 1(bridge_slave_0) entered blocking state
[ 56.031810][ T432] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 56.050666][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 56.057962][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 56.070466][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 56.078006][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 56.087164][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 56.095826][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 56.104257][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 56.111494][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 56.120698][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 56.129171][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 56.137442][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 56.144580][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 56.162973][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 56.171173][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 56.180981][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 56.189796][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 56.207333][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 56.215808][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 56.227977][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 56.236162][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 56.244927][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 56.253399][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 56.265917][ T432] device veth0_vlan entered promiscuous mode
[ 56.276841][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 56.285307][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 56.294902][ T432] device veth1_macvtap entered promiscuous mode
[ 56.304344][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 56.312219][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 56.320865][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 56.330679][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 56.339270][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 56.670000][ T295] device bridge_slave_1 left promiscuous mode
[ 56.676323][ T295] bridge0: port 2(bridge_slave_1) entered disabled state
[ 56.684364][ T295] device bridge_slave_0 left promiscuous mode
[ 56.690795][ T295] bridge0: port 1(bridge_slave_0) entered disabled state
[ 56.699592][ T295] device veth1_macvtap left promiscuous mode
[ 56.705724][ T295] device veth0_vlan left promiscuous mode
[ 56.739319][ T437] loop2: detected capacity change from 0 to 131072
[ 56.747354][ T437] F2FS-fs (loop2): Wrong CP boundary, start(512) end(198144) blocks(1024)
[ 56.759945][ T437] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[ 56.769318][ T437] F2FS-fs (loop2): invalid crc value
[ 56.782099][ T437] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 56.813435][ T437] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[ 56.820722][ T437] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[ 56.828539][ T28] audit: type=1400 audit(1746559576.951:131): avc: denied { mount } for pid=436 comm="syz.2.16" name="/" dev="loop2" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 56.850404][ T28] audit: type=1400 audit(1746559576.971:132): avc: denied { write } for pid=436 comm="syz.2.16" name="/" dev="loop2" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 56.855554][ T432] F2FS-fs (loop2): dec_valid_node_count: inconsistent i_blocks, ino:7, iblocks:0
[ 56.872244][ T28] audit: type=1400 audit(1746559576.971:133): avc: denied { remove_name } for pid=436 comm="syz.2.16" name="file0" dev="loop2" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 56.884194][ T432] ------------[ cut here ]------------
[ 56.907348][ T28] audit: type=1400 audit(1746559576.971:134): avc: denied { rename } for pid=436 comm="syz.2.16" name="file0" dev="loop2" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 56.909373][ T432] WARNING: CPU: 0 PID: 432 at fs/f2fs/inode.c:847 f2fs_evict_inode+0x1235/0x14f0
[ 56.931149][ T28] audit: type=1400 audit(1746559576.971:135): avc: denied { add_name } for pid=436 comm="syz.2.16" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 56.940015][ T432] Modules linked in:
[ 56.961162][ T28] audit: type=1400 audit(1746559576.971:136): avc: denied { unlink } for pid=432 comm="syz-executor" name="file1" dev="loop2" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 56.964125][ T432] CPU: 0 PID: 432 Comm: syz-executor Not tainted 6.1.134-syzkaller-1169249-gca2f65da73b1 #0
[ 56.996375][ T432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 57.006480][ T432] RIP: 0010:f2fs_evict_inode+0x1235/0x14f0
[ 57.012337][ T432] Code: 4c 8b 74 24 38 4c 8b 7c 24 30 48 8b 7c 24 20 e8 b1 15 03 00 43 80 7c 25 00 00 0f 85 98 fc ff ff e9 9b fc ff ff e8 1b ca 56 ff <0f> 0b 4c 89 f7 be 08 00 00 00 e8 5c 1e 9b ff f0 41 80 0e 04 e9 63
[ 57.032025][ T432] RSP: 0018:ffffc900007cfae0 EFLAGS: 00010293
[ 57.038104][ T432] RAX: ffffffff82191c55 RBX: 1ffff920000f9f70 RCX: ffff88811a8f8000
[ 57.046176][ T432] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[ 57.054221][ T432] RBP: ffffc900007cfc50 R08: dffffc0000000000 R09: ffffed10200b6e2b
[ 57.062234][ T432] R10: ffffed10200b6e2b R11: 1ffff110200b6e2a R12: dffffc0000000000
[ 57.070247][ T432] R13: 1ffff110200b6dd6 R14: ffff88811baa8078 R15: 0000000000000002
[ 57.078217][ T432] FS: 000055558bae2500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 57.087193][ T432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 57.093902][ T432] CR2: 000055558bb054e8 CR3: 000000012dda8000 CR4: 00000000003506b0
[ 57.101944][ T432] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 57.110085][ T432] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 57.118053][ T432] Call Trace:
[ 57.121393][ T432]
[ 57.124422][ T432] ? __cfi_f2fs_evict_inode+0x10/0x10
[ 57.129979][ T432] ? __cfi_wake_bit_function+0x10/0x10
[ 57.135456][ T432] ? _raw_spin_unlock+0x4c/0x70
[ 57.140377][ T432] ? inode_io_list_del+0x19b/0x1b0
[ 57.145567][ T432] ? __cfi_f2fs_evict_inode+0x10/0x10
[ 57.151075][ T432] evict+0x493/0x890
[ 57.154990][ T432] ? __kasan_check_write+0x14/0x20
[ 57.160160][ T432] ? proc_nr_inodes+0x2f0/0x2f0
[ 57.165023][ T432] ? lockref_put_return+0x152/0x1c0
[ 57.170265][ T432] ? __kasan_check_read+0x11/0x20
[ 57.175302][ T432] ? f2fs_drop_inode+0x174/0x9b0
[ 57.180276][ T432] ? __kasan_check_write+0x14/0x20
[ 57.185408][ T432] iput+0x620/0x670
[ 57.189306][ T432] do_unlinkat+0x375/0x6b0
[ 57.193742][ T432] ? __cfi_do_unlinkat+0x10/0x10
[ 57.198671][ T432] ? getname_flags+0x206/0x500
[ 57.203523][ T432] __x64_sys_unlink+0x49/0x50
[ 57.208215][ T432] x64_sys_call+0x958/0x9a0
[ 57.212839][ T432] do_syscall_64+0x4c/0xa0
[ 57.217297][ T432] ? clear_bhb_loop+0x15/0x70
[ 57.222029][ T432] ? clear_bhb_loop+0x15/0x70
[ 57.226739][ T432] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 57.232686][ T432] RIP: 0033:0x7f01b818d717
[ 57.237123][ T432] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 57.256898][ T432] RSP: 002b:00007ffe8e6c9a58 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
[ 57.265388][ T432] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f01b818d717
[ 57.273467][ T432] RDX: 00007ffe8e6c9a80 RSI: 00007ffe8e6c9b10 RDI: 00007ffe8e6c9b10
[ 57.281484][ T432] RBP: 00007ffe8e6c9b10 R08: 0000000000000000 R09: 0000000000000000
[ 57.289535][ T432] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe8e6cac00
[ 57.297517][ T432] R13: 00007f01b8210854 R14: 000000000000ddf5 R15: 00007ffe8e6cbcd0
[ 57.305660][ T432]
[ 57.308814][ T432] ---[ end trace 0000000000000000 ]---
[ 57.314783][ T432] ------------[ cut here ]------------
[ 57.320310][ T432] WARNING: CPU: 1 PID: 432 at fs/inode.c:332 drop_nlink+0xc5/0x110
[ 57.328220][ T432] Modules linked in:
[ 57.332215][ T432] CPU: 1 PID: 432 Comm: syz-executor Tainted: G W 6.1.134-syzkaller-1169249-gca2f65da73b1 #0
[ 57.343784][ T432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 57.354050][ T432] RIP: 0010:drop_nlink+0xc5/0x110
[ 57.359144][ T432] Code: 1b 48 8d bb b8 04 00 00 be 08 00 00 00 e8 73 ee f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 0b 9a ac ff <0f> 0b eb 86 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 5e ff ff ff 4c
[ 57.378979][ T432] RSP: 0018:ffffc900007cfb38 EFLAGS: 00010293
[ 57.385068][ T432] RAX: ffffffff81c34c65 RBX: ffff88812350fa10 RCX: ffff88811a8f8000
[ 57.393100][ T432] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 57.401365][ T432] RBP: ffffc900007cfb60 R08: dffffc0000000000 R09: ffffc900007cfae0
[ 57.409462][ T432] R10: fffff520000f9f5e R11: 1ffff920000f9f5c R12: dffffc0000000000
[ 57.417448][ T432] R13: 1ffff110246a1f4b R14: ffff88812350fa58 R15: 0000000000000000
[ 57.425464][ T432] FS: 000055558bae2500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 57.434458][ T432] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 57.441175][ T432] CR2: 00007f37f817e018 CR3: 000000012dda8000 CR4: 00000000003506a0
[ 57.449187][ T432] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 57.457160][ T432] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 57.465193][ T432] Call Trace:
[ 57.468574][ T432]
[ 57.471539][ T432] f2fs_drop_nlink+0x13f/0x3d0
[ 57.476344][ T432] ? f2fs_mark_inode_dirty_sync+0x13e/0x1c0
[ 57.482633][ T432] f2fs_delete_entry+0xf0d/0x1080
[ 57.487767][ T432] f2fs_unlink+0x41f/0x7d0
[ 57.492221][ T432] ? __cfi_f2fs_unlink+0x10/0x10
[ 57.497210][ T432] ? HAS_UNMAPPED_ID+0x1fc/0x250
[ 57.502200][ T432] ? selinux_inode_unlink+0x22/0x30
[ 57.507471][ T432] ? security_inode_unlink+0xe5/0x130
[ 57.512926][ T432] vfs_unlink+0x39f/0x630
[ 57.517268][ T432] do_unlinkat+0x31f/0x6b0
[ 57.521712][ T432] ? __cfi_do_unlinkat+0x10/0x10
[ 57.526661][ T432] ? getname_flags+0x206/0x500
[ 57.531495][ T432] __x64_sys_unlink+0x49/0x50
[ 57.536197][ T432] x64_sys_call+0x958/0x9a0
[ 57.540758][ T432] do_syscall_64+0x4c/0xa0
[ 57.545198][ T432] ? clear_bhb_loop+0x15/0x70
[ 57.549930][ T432] ? clear_bhb_loop+0x15/0x70
[ 57.554619][ T432] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 57.560645][ T432] RIP: 0033:0x7f01b818d717
[ 57.565076][ T432] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 57.584720][ T432] RSP: 002b:00007ffe8e6c9a58 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
[ 57.593195][ T432] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f01b818d717
[ 57.601306][ T432] RDX: 00007ffe8e6c9a80 RSI: 00007ffe8e6c9b10 RDI: 00007ffe8e6c9b10
[ 57.609334][ T432] RBP: 00007ffe8e6c9b10 R08: 0000000000000000 R09: 0000000000000000
[ 57.617324][ T432] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe8e6cac00
[ 57.625456][ T432] R13: 00007f01b8210854 R14: 000000000000ddf5 R15: 00007ffe8e6cbcd0
[ 57.633523][ T432]
[ 57.636542][ T432] ---[ end trace 0000000000000000 ]---
[ 57.730539][ T432] ==================================================================
[ 57.738644][ T432] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x130
[ 57.746460][ T432] Read of size 8 at addr ffff8881005b7228 by task syz-executor/432
[ 57.754341][ T432]
[ 57.756666][ T432] CPU: 0 PID: 432 Comm: syz-executor Tainted: G W 6.1.134-syzkaller-1169249-gca2f65da73b1 #0
[ 57.768287][ T432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 57.778608][ T432] Call Trace:
[ 57.781901][ T432]
[ 57.784848][ T432] __dump_stack+0x21/0x24
[ 57.789194][ T432] dump_stack_lvl+0xee/0x150
[ 57.793793][ T432] ? __cfi_dump_stack_lvl+0x8/0x8
[ 57.798918][ T432] ? folio_mark_accessed+0x1b8/0x3f0
[ 57.804224][ T432] ? __list_del_entry_valid+0xa6/0x130
[ 57.809687][ T432] print_address_description+0x71/0x210
[ 57.815332][ T432] print_report+0x4a/0x60
[ 57.819674][ T432] kasan_report+0x122/0x150
[ 57.824444][ T432] ? __list_del_entry_valid+0xa6/0x130
[ 57.829923][ T432] __asan_report_load8_noabort+0x14/0x20
[ 57.835590][ T432] __list_del_entry_valid+0xa6/0x130
[ 57.841073][ T432] f2fs_inode_synced+0xf7/0x2e0
[ 57.845929][ T432] f2fs_update_inode+0x74/0x1c30
[ 57.850883][ T432] ? __get_node_page+0x466/0xb00
[ 57.855846][ T432] f2fs_update_inode_page+0x137/0x170
[ 57.861223][ T432] ? f2fs_write_inode+0x407/0x780
[ 57.866255][ T432] f2fs_write_inode+0x40f/0x780
[ 57.871113][ T432] __writeback_single_inode+0x4b1/0xad0
[ 57.876918][ T432] writeback_single_inode+0x221/0x8b0
[ 57.882376][ T432] ? write_inode_now+0x1c0/0x1c0
[ 57.887316][ T432] ? __kasan_check_write+0x14/0x20
[ 57.892429][ T432] ? _raw_spin_lock_irqsave+0xb0/0x110
[ 57.897893][ T432] ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[ 57.903966][ T432] sync_inode_metadata+0xb6/0x110
[ 57.909596][ T432] ? __cfi_sync_inode_metadata+0x10/0x10
[ 57.915230][ T432] ? __wake_up+0x11b/0x190
[ 57.919652][ T432] ? __cfi__raw_spin_lock+0x10/0x10
[ 57.924852][ T432] ? iput+0x289/0x670
[ 57.928948][ T432] ? _raw_spin_unlock+0x4c/0x70
[ 57.933799][ T432] f2fs_write_checkpoint+0xec3/0x25c0
[ 57.939208][ T432] ? __cfi_f2fs_write_checkpoint+0x10/0x10
[ 57.945012][ T432] ? __kasan_check_write+0x14/0x20
[ 57.950124][ T432] ? kthread_stop+0x189/0x3f0
[ 57.954801][ T432] ? memcpy+0x56/0x70
[ 57.958788][ T432] kill_f2fs_super+0x231/0x390
[ 57.963560][ T432] ? __cfi_kill_f2fs_super+0x10/0x10
[ 57.968843][ T432] ? up_write+0x7b/0x290
[ 57.973088][ T432] ? unregister_shrinker+0x208/0x290
[ 57.978379][ T432] deactivate_locked_super+0xb5/0x120
[ 57.983746][ T432] deactivate_super+0xaf/0xe0
[ 57.988418][ T432] cleanup_mnt+0x45f/0x4e0
[ 57.992863][ T432] __cleanup_mnt+0x19/0x20
[ 57.997290][ T432] task_work_run+0x1db/0x240
[ 58.002054][ T432] ? __cfi_task_work_run+0x10/0x10
[ 58.007164][ T432] ? free_nsproxy+0x21f/0x270
[ 58.011844][ T432] do_exit+0xa1d/0x2650
[ 58.016003][ T432] ? __cfi_do_exit+0x10/0x10
[ 58.020595][ T432] ? __kasan_check_write+0x14/0x20
[ 58.025802][ T432] ? _raw_spin_lock_irq+0x8f/0xe0
[ 58.030825][ T432] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 58.036371][ T432] ? ksys_write+0x1da/0x240
[ 58.040874][ T432] ? zap_other_threads+0x2c1/0x2f0
[ 58.045987][ T432] do_group_exit+0x210/0x2d0
[ 58.050585][ T432] __x64_sys_exit_group+0x3f/0x40
[ 58.055697][ T432] x64_sys_call+0x7b4/0x9a0
[ 58.060201][ T432] do_syscall_64+0x4c/0xa0
[ 58.064636][ T432] ? clear_bhb_loop+0x15/0x70
[ 58.069307][ T432] ? clear_bhb_loop+0x15/0x70
[ 58.073974][ T432] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 58.079872][ T432] RIP: 0033:0x7f01b818e169
[ 58.084287][ T432] Code: Unable to access opcode bytes at 0x7f01b818e13f.
[ 58.091303][ T432] RSP: 002b:00007ffe8e6c8858 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 58.099709][ T432] RAX: ffffffffffffffda RBX: 00007f01b8210879 RCX: 00007f01b818e169
[ 58.107678][ T432] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 58.115728][ T432] RBP: 0000000000000002 R08: 00007ffe8e6c65f7 R09: 00007ffe8e6c9b10
[ 58.123869][ T432] R10: 0000000000000009 R11: 0000000000000246 R12: 00007ffe8e6c9b10
[ 58.131832][ T432] R13: 00007f01b8210854 R14: 000000000000ddf5 R15: 00007ffe8e6cbcd0
[ 58.139803][ T432]
[ 58.142831][ T432]
[ 58.145234][ T432] Allocated by task 437:
[ 58.149467][ T432] kasan_set_track+0x4b/0x70
[ 58.154057][ T432] kasan_save_alloc_info+0x25/0x30
[ 58.159166][ T432] __kasan_slab_alloc+0x72/0x80
[ 58.164028][ T432] slab_post_alloc_hook+0x4f/0x2d0
[ 58.169228][ T432] kmem_cache_alloc_lru+0x104/0x280
[ 58.174423][ T432] f2fs_alloc_inode+0x2d/0x340
[ 58.179196][ T432] iget_locked+0x198/0x8b0
[ 58.183604][ T432] f2fs_iget+0x55/0x4cb0
[ 58.187846][ T432] f2fs_lookup+0x366/0xab0
[ 58.192252][ T432] __lookup_slow+0x2c7/0x3f0
[ 58.196850][ T432] lookup_slow+0x57/0x70
[ 58.201092][ T432] walk_component+0x2f4/0x420
[ 58.205780][ T432] path_lookupat+0x180/0x490
[ 58.210399][ T432] filename_lookup+0x1f0/0x500
[ 58.215182][ T432] vfs_statx+0x10b/0x660
[ 58.219453][ T432] __se_sys_newlstat+0xd5/0x350
[ 58.224405][ T432] __x64_sys_newlstat+0x5b/0x70
[ 58.229451][ T432] x64_sys_call+0x393/0x9a0
[ 58.234049][ T432] do_syscall_64+0x4c/0xa0
[ 58.238584][ T432] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 58.244512][ T432]
[ 58.247018][ T432] Freed by task 0:
[ 58.250745][ T432] kasan_set_track+0x4b/0x70
[ 58.255345][ T432] kasan_save_free_info+0x31/0x50
[ 58.260388][ T432] ____kasan_slab_free+0x132/0x180
[ 58.265529][ T432] __kasan_slab_free+0x11/0x20
[ 58.270285][ T432] slab_free_freelist_hook+0xc2/0x190
[ 58.275657][ T432] kmem_cache_free+0x12d/0x300
[ 58.280421][ T432] f2fs_free_inode+0x24/0x30
[ 58.285013][ T432] i_callback+0x5a/0x80
[ 58.289165][ T432] rcu_do_batch+0x515/0xb90
[ 58.293673][ T432] rcu_core+0x5a5/0xe70
[ 58.297826][ T432] rcu_core_si+0x9/0x10
[ 58.301978][ T432] handle_softirqs+0x1d7/0x600
[ 58.306736][ T432] __irq_exit_rcu+0x52/0xf0
[ 58.311233][ T432] irq_exit_rcu+0x9/0x10
[ 58.315470][ T432] sysvec_apic_timer_interrupt+0xa9/0xc0
[ 58.321097][ T432] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 58.327083][ T432]
[ 58.329399][ T432] Last potentially related work creation:
[ 58.335103][ T432] kasan_save_stack+0x3a/0x60
[ 58.339771][ T432] __kasan_record_aux_stack+0xb6/0xc0
[ 58.345143][ T432] kasan_record_aux_stack_noalloc+0xb/0x10
[ 58.350947][ T432] call_rcu+0xd4/0xf90
[ 58.355012][ T432] evict+0x7f6/0x890
[ 58.358992][ T432] iput+0x620/0x670
[ 58.362791][ T432] do_unlinkat+0x375/0x6b0
[ 58.367200][ T432] __x64_sys_unlink+0x49/0x50
[ 58.371894][ T432] x64_sys_call+0x958/0x9a0
[ 58.376402][ T432] do_syscall_64+0x4c/0xa0
[ 58.380857][ T432] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 58.386762][ T432]
[ 58.389167][ T432] The buggy address belongs to the object at ffff8881005b6e70
[ 58.389167][ T432] which belongs to the cache f2fs_inode_cache of size 1360
[ 58.403829][ T432] The buggy address is located 952 bytes inside of
[ 58.403829][ T432] 1360-byte region [ffff8881005b6e70, ffff8881005b73c0)
[ 58.417186][ T432]
[ 58.419504][ T432] The buggy address belongs to the physical page:
[ 58.425905][ T432] page:ffffea0004016c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1005b0
[ 58.436144][ T432] head:ffffea0004016c00 order:3 compound_mapcount:0 compound_pincount:0
[ 58.444460][ T432] flags: 0x4000000000010200(slab|head|zone=1)
[ 58.450559][ T432] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100bbaa80
[ 58.459226][ T432] raw: 0000000000000000 0000000080160016 00000001ffffffff 0000000000000000
[ 58.467794][ T432] page dumped because: kasan: bad access detected
[ 58.474229][ T432] page_owner tracks the page as allocated
[ 58.479933][ T432] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 437, tgid 436 (syz.2.16), ts 56846903291, free_ts 0
[ 58.502505][ T432] post_alloc_hook+0x1f5/0x210
[ 58.507301][ T432] prep_new_page+0x1c/0x110
[ 58.511804][ T432] get_page_from_freelist+0x2c6e/0x2ce0
[ 58.517354][ T432] __alloc_pages+0x19e/0x3a0
[ 58.521955][ T432] alloc_slab_page+0x6e/0xf0
[ 58.526558][ T432] new_slab+0x98/0x3d0
[ 58.530622][ T432] ___slab_alloc+0x6f6/0xb50
[ 58.535206][ T432] __slab_alloc+0x5e/0xa0
[ 58.539551][ T432] kmem_cache_alloc_lru+0x144/0x280
[ 58.544747][ T432] f2fs_alloc_inode+0x2d/0x340
[ 58.549513][ T432] iget_locked+0x198/0x8b0
[ 58.553923][ T432] f2fs_iget+0x55/0x4cb0
[ 58.558167][ T432] f2fs_lookup+0x366/0xab0
[ 58.562577][ T432] __lookup_slow+0x2c7/0x3f0
[ 58.567170][ T432] lookup_slow+0x57/0x70
[ 58.571503][ T432] walk_component+0x2f4/0x420
[ 58.576185][ T432] page_owner free stack trace missing
[ 58.581554][ T432]
[ 58.583891][ T432] Memory state around the buggy address:
[ 58.589513][ T432] ffff8881005b7100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.597585][ T432] ffff8881005b7180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.605670][ T432] >ffff8881005b7200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.613823][ T432] ^
[ 58.619203][ T432] ffff8881005b7280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.627263][ T432] ffff8881005b7300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 58.635326][ T432] ==================================================================
[ 58.643680][ T432] Disabling lock debugging due to kernel taint
[ 59.409543][ T295] device bridge_slave_1 left promiscuous mode
[ 59.415938][ T295] bridge0: port 2(bridge_slave_1) entered disabled state
[ 59.423952][ T295] device bridge_slave_0 left promiscuous mode
[ 59.430198][ T295] bridge0: port 1(bridge_slave_0) entered disabled state
[ 59.438527][ T295] device veth1_macvtap left promiscuous mode
[ 59.444875][ T295] device veth0_vlan left promiscuous mode