Warning: Permanently added '10.128.10.36' (ED25519) to the list of known hosts.
2025/05/06 19:22:11 ignoring optional flag "sandboxArg"="0"
2025/05/06 19:22:12 parsed 1 programs
[ 52.648411][ T28] audit: type=1400 audit(1746559334.136:128): avc: denied { unlink } for pid=370 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 52.725559][ T370] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 53.576139][ T28] audit: type=1401 audit(1746559335.056:129): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 53.637693][ T386] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.644780][ T386] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.652480][ T386] device bridge_slave_0 entered promiscuous mode
[ 53.659659][ T386] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.666702][ T386] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.674259][ T386] device bridge_slave_1 entered promiscuous mode
[ 53.726027][ T386] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.733289][ T386] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 53.740638][ T386] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.747705][ T386] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 53.770165][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.777804][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.785345][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 53.793125][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 53.802314][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 53.810649][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.817776][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 53.827462][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 53.835775][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.843107][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 53.855863][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 53.865125][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 53.880694][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 53.892233][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 53.900805][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 53.908524][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 53.917749][ T386] device veth0_vlan entered promiscuous mode
[ 53.928549][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 53.937696][ T386] device veth1_macvtap entered promiscuous mode
[ 53.947389][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 53.957472][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 53.990454][ T386] syz-executor (386) used greatest stack depth: 21760 bytes left
[ 54.508922][ T43] device bridge_slave_1 left promiscuous mode
[ 54.515378][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 54.523365][ T43] device bridge_slave_0 left promiscuous mode
[ 54.531463][ T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 54.542751][ T43] device veth1_macvtap left promiscuous mode
[ 54.549090][ T43] device veth0_vlan left promiscuous mode
2025/05/06 19:22:16 executed programs: 0
[ 54.841430][ T430] bridge0: port 1(bridge_slave_0) entered blocking state
[ 54.848525][ T430] bridge0: port 1(bridge_slave_0) entered disabled state
[ 54.856090][ T430] device bridge_slave_0 entered promiscuous mode
[ 54.863706][ T430] bridge0: port 2(bridge_slave_1) entered blocking state
[ 54.870934][ T430] bridge0: port 2(bridge_slave_1) entered disabled state
[ 54.878958][ T430] device bridge_slave_1 entered promiscuous mode
[ 54.931707][ T430] bridge0: port 2(bridge_slave_1) entered blocking state
[ 54.938800][ T430] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 54.946161][ T430] bridge0: port 1(bridge_slave_0) entered blocking state
[ 54.953587][ T430] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 54.975942][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 54.983576][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 54.990914][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 55.000234][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 55.008860][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 55.016083][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 55.024824][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 55.033136][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 55.040214][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 55.052525][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 55.061985][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 55.076514][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 55.088617][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 55.096715][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 55.104563][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 55.113846][ T430] device veth0_vlan entered promiscuous mode
[ 55.124741][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 55.134124][ T430] device veth1_macvtap entered promiscuous mode
[ 55.144005][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 55.154205][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 55.519492][ T435] loop2: detected capacity change from 0 to 131072
[ 55.527641][ T435] F2FS-fs (loop2): Wrong CP boundary, start(512) end(198144) blocks(1024)
[ 55.536236][ T435] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[ 55.547870][ T435] F2FS-fs (loop2): invalid crc value
[ 55.556624][ T435] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 55.586205][ T435] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[ 55.593350][ T435] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[ 55.601448][ T28] audit: type=1400 audit(1746559337.086:130): avc: denied { mount } for pid=434 comm="syz.2.16" name="/" dev="loop2" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 55.623154][ T28] audit: type=1400 audit(1746559337.096:131): avc: denied { write } for pid=434 comm="syz.2.16" name="/" dev="loop2" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 55.633663][ T430] F2FS-fs (loop2): dec_valid_node_count: inconsistent i_blocks, ino:7, iblocks:0
[ 55.646161][ T28] audit: type=1400 audit(1746559337.096:132): avc: denied { remove_name } for pid=434 comm="syz.2.16" name="file0" dev="loop2" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 55.654689][ T430] ------------[ cut here ]------------
[ 55.676549][ T28] audit: type=1400 audit(1746559337.096:133): avc: denied { rename } for pid=434 comm="syz.2.16" name="file0" dev="loop2" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 55.682194][ T430] WARNING: CPU: 0 PID: 430 at fs/f2fs/inode.c:847 f2fs_evict_inode+0x1235/0x14f0
[ 55.704232][ T28] audit: type=1400 audit(1746559337.096:134): avc: denied { add_name } for pid=434 comm="syz.2.16" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 55.704328][ T28] audit: type=1400 audit(1746559337.116:135): avc: denied { unlink } for pid=430 comm="syz-executor" name="file1" dev="loop2" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 55.756345][ T430] Modules linked in:
[ 55.760280][ T430] CPU: 0 PID: 430 Comm: syz-executor Not tainted 6.1.134-syzkaller-1169249-gca2f65da73b1 #0
[ 55.770597][ T430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 55.780741][ T430] RIP: 0010:f2fs_evict_inode+0x1235/0x14f0
[ 55.786680][ T430] Code: 4c 8b 74 24 38 4c 8b 7c 24 30 48 8b 7c 24 20 e8 b1 15 03 00 43 80 7c 25 00 00 0f 85 98 fc ff ff e9 9b fc ff ff e8 1b ca 56 ff <0f> 0b 4c 89 f7 be 08 00 00 00 e8 5c 1e 9b ff f0 41 80 0e 04 e9 63
[ 55.807257][ T430] RSP: 0018:ffffc9000077fae0 EFLAGS: 00010293
[ 55.813466][ T430] RAX: ffffffff82191c55 RBX: 1ffff920000eff70 RCX: ffff88811add2880
[ 55.821585][ T430] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[ 55.829770][ T430] RBP: ffffc9000077fc50 R08: dffffc0000000000 R09: ffffed10248ca9cf
[ 55.838040][ T430] R10: ffffed10248ca9cf R11: 1ffff110248ca9ce R12: dffffc0000000000
[ 55.846146][ T430] R13: 1ffff110248ca97a R14: ffff88811bd18078 R15: 0000000000000002
[ 55.854276][ T430] FS: 000055558079d500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 55.863303][ T430] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 55.870219][ T430] CR2: 00007fcfa03499c8 CR3: 000000012c57b000 CR4: 00000000003506b0
[ 55.878568][ T430] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 55.886641][ T430] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 55.895104][ T430] Call Trace:
[ 55.898595][ T430]
[ 55.901530][ T430] ? __cfi_f2fs_evict_inode+0x10/0x10
[ 55.906923][ T430] ? __cfi_wake_bit_function+0x10/0x10
[ 55.912628][ T430] ? _raw_spin_unlock+0x4c/0x70
[ 55.917629][ T430] ? inode_io_list_del+0x19b/0x1b0
[ 55.922924][ T430] ? __cfi_f2fs_evict_inode+0x10/0x10
[ 55.928486][ T430] evict+0x493/0x890
[ 55.932576][ T430] ? __kasan_check_write+0x14/0x20
[ 55.937748][ T430] ? proc_nr_inodes+0x2f0/0x2f0
[ 55.942667][ T430] ? lockref_put_return+0x152/0x1c0
[ 55.948011][ T430] ? __kasan_check_read+0x11/0x20
[ 55.953230][ T430] ? f2fs_drop_inode+0x174/0x9b0
[ 55.958436][ T430] ? __kasan_check_write+0x14/0x20
[ 55.963561][ T430] iput+0x620/0x670
[ 55.967448][ T430] do_unlinkat+0x375/0x6b0
[ 55.971955][ T430] ? __cfi_do_unlinkat+0x10/0x10
[ 55.976989][ T430] ? getname_flags+0x206/0x500
[ 55.981963][ T430] __x64_sys_unlink+0x49/0x50
[ 55.986652][ T430] x64_sys_call+0x958/0x9a0
[ 55.991454][ T430] do_syscall_64+0x4c/0xa0
[ 55.995975][ T430] ? clear_bhb_loop+0x15/0x70
[ 56.000952][ T430] ? clear_bhb_loop+0x15/0x70
[ 56.005725][ T430] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 56.011833][ T430] RIP: 0033:0x7fcf9f58d717
[ 56.016269][ T430] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 56.036111][ T430] RSP: 002b:00007ffc59f085c8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
[ 56.044588][ T430] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcf9f58d717
[ 56.052589][ T430] RDX: 00007ffc59f085f0 RSI: 00007ffc59f08680 RDI: 00007ffc59f08680
[ 56.060791][ T430] RBP: 00007ffc59f08680 R08: 0000000000000000 R09: 0000000000000000
[ 56.068898][ T430] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffc59f09770
[ 56.076992][ T430] R13: 00007fcf9f610854 R14: 000000000000d930 R15: 00007ffc59f0a840
[ 56.084995][ T430]
[ 56.088031][ T430] ---[ end trace 0000000000000000 ]---
[ 56.094700][ T430] ------------[ cut here ]------------
[ 56.100331][ T430] WARNING: CPU: 0 PID: 430 at fs/inode.c:332 drop_nlink+0xc5/0x110
[ 56.108427][ T430] Modules linked in:
[ 56.112371][ T430] CPU: 0 PID: 430 Comm: syz-executor Tainted: G W 6.1.134-syzkaller-1169249-gca2f65da73b1 #0
[ 56.124219][ T430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 56.134312][ T430] RIP: 0010:drop_nlink+0xc5/0x110
[ 56.139402][ T430] Code: 1b 48 8d bb b8 04 00 00 be 08 00 00 00 e8 73 ee f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 0b 9a ac ff <0f> 0b eb 86 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 5e ff ff ff 4c
[ 56.159402][ T430] RSP: 0018:ffffc9000077fb38 EFLAGS: 00010293
[ 56.165566][ T430] RAX: ffffffff81c34c65 RBX: ffff888124651740 RCX: ffff88811add2880
[ 56.173737][ T430] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 56.181752][ T430] RBP: ffffc9000077fb60 R08: dffffc0000000000 R09: ffffc9000077fae0
[ 56.189756][ T430] R10: fffff520000eff5e R11: 1ffff920000eff5c R12: dffffc0000000000
[ 56.197880][ T430] R13: 1ffff110248ca2f1 R14: ffff888124651788 R15: 0000000000000000
[ 56.205852][ T430] FS: 000055558079d500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 56.214894][ T430] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 56.221536][ T430] CR2: 00007fcfa03499c8 CR3: 000000012c57b000 CR4: 00000000003506b0
[ 56.229551][ T430] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 56.237689][ T430] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 56.245933][ T430] Call Trace:
[ 56.249257][ T430]
[ 56.252197][ T430] f2fs_drop_nlink+0x13f/0x3d0
[ 56.256958][ T430] ? f2fs_mark_inode_dirty_sync+0x13e/0x1c0
[ 56.262895][ T430] f2fs_delete_entry+0xf0d/0x1080
[ 56.267963][ T430] f2fs_unlink+0x41f/0x7d0
[ 56.272501][ T430] ? __cfi_f2fs_unlink+0x10/0x10
[ 56.277456][ T430] ? HAS_UNMAPPED_ID+0x1fc/0x250
[ 56.282598][ T430] ? selinux_inode_unlink+0x22/0x30
[ 56.287957][ T430] ? security_inode_unlink+0xe5/0x130
[ 56.293375][ T430] vfs_unlink+0x39f/0x630
[ 56.297867][ T430] do_unlinkat+0x31f/0x6b0
[ 56.302567][ T430] ? __cfi_do_unlinkat+0x10/0x10
[ 56.307508][ T430] ? getname_flags+0x206/0x500
[ 56.312336][ T430] __x64_sys_unlink+0x49/0x50
[ 56.317289][ T430] x64_sys_call+0x958/0x9a0
[ 56.321832][ T430] do_syscall_64+0x4c/0xa0
[ 56.326350][ T430] ? clear_bhb_loop+0x15/0x70
[ 56.331057][ T430] ? clear_bhb_loop+0x15/0x70
[ 56.335743][ T430] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 56.341694][ T430] RIP: 0033:0x7fcf9f58d717
[ 56.346125][ T430] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 56.365934][ T430] RSP: 002b:00007ffc59f085c8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
[ 56.374453][ T430] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcf9f58d717
[ 56.382582][ T430] RDX: 00007ffc59f085f0 RSI: 00007ffc59f08680 RDI: 00007ffc59f08680
[ 56.390714][ T430] RBP: 00007ffc59f08680 R08: 0000000000000000 R09: 0000000000000000
[ 56.398739][ T430] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffc59f09770
[ 56.406808][ T430] R13: 00007fcf9f610854 R14: 000000000000d930 R15: 00007ffc59f0a840
[ 56.415087][ T430]
[ 56.418286][ T430] ---[ end trace 0000000000000000 ]---
[ 56.539100][ T430] ==================================================================
[ 56.547210][ T430] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x130
[ 56.555118][ T430] Read of size 8 at addr ffff888124654f48 by task syz-executor/430
[ 56.563008][ T430]
[ 56.565800][ T430] CPU: 1 PID: 430 Comm: syz-executor Tainted: G W 6.1.134-syzkaller-1169249-gca2f65da73b1 #0
[ 56.577418][ T430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[ 56.587591][ T430] Call Trace:
[ 56.591032][ T430]
[ 56.594057][ T430] __dump_stack+0x21/0x24
[ 56.598483][ T430] dump_stack_lvl+0xee/0x150
[ 56.607470][ T430] ? __cfi_dump_stack_lvl+0x8/0x8
[ 56.612630][ T430] ? folio_mark_accessed+0x1b8/0x3f0
[ 56.618012][ T430] ? __list_del_entry_valid+0xa6/0x130
[ 56.623594][ T430] print_address_description+0x71/0x210
[ 56.629232][ T430] print_report+0x4a/0x60
[ 56.633560][ T430] kasan_report+0x122/0x150
[ 56.638058][ T430] ? __list_del_entry_valid+0xa6/0x130
[ 56.643601][ T430] __asan_report_load8_noabort+0x14/0x20
[ 56.649322][ T430] __list_del_entry_valid+0xa6/0x130
[ 56.654619][ T430] f2fs_inode_synced+0xf7/0x2e0
[ 56.659741][ T430] f2fs_update_inode+0x74/0x1c30
[ 56.664701][ T430] ? __get_node_page+0x466/0xb00
[ 56.669696][ T430] f2fs_update_inode_page+0x137/0x170
[ 56.675082][ T430] ? f2fs_write_inode+0x407/0x780
[ 56.680158][ T430] f2fs_write_inode+0x40f/0x780
[ 56.685099][ T430] __writeback_single_inode+0x4b1/0xad0
[ 56.690649][ T430] writeback_single_inode+0x221/0x8b0
[ 56.696012][ T430] ? write_inode_now+0x1c0/0x1c0
[ 56.701029][ T430] ? __kasan_check_write+0x14/0x20
[ 56.706140][ T430] ? _raw_spin_lock_irqsave+0xb0/0x110
[ 56.711682][ T430] ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[ 56.717744][ T430] sync_inode_metadata+0xb6/0x110
[ 56.722756][ T430] ? __cfi_sync_inode_metadata+0x10/0x10
[ 56.728472][ T430] ? __wake_up+0x11b/0x190
[ 56.733331][ T430] ? __cfi__raw_spin_lock+0x10/0x10
[ 56.738538][ T430] ? iput+0x289/0x670
[ 56.742522][ T430] ? _raw_spin_unlock+0x4c/0x70
[ 56.747398][ T430] f2fs_write_checkpoint+0xec3/0x25c0
[ 56.752804][ T430] ? __cfi_f2fs_write_checkpoint+0x10/0x10
[ 56.758659][ T430] ? __kasan_check_write+0x14/0x20
[ 56.763802][ T430] ? kthread_stop+0x189/0x3f0
[ 56.768567][ T430] ? memcpy+0x56/0x70
[ 56.772637][ T430] kill_f2fs_super+0x231/0x390
[ 56.777536][ T430] ? __cfi_kill_f2fs_super+0x10/0x10
[ 56.782944][ T430] ? up_write+0x7b/0x290
[ 56.787190][ T430] ? unregister_shrinker+0x208/0x290
[ 56.792474][ T430] deactivate_locked_super+0xb5/0x120
[ 56.797851][ T430] deactivate_super+0xaf/0xe0
[ 56.802555][ T430] cleanup_mnt+0x45f/0x4e0
[ 56.807069][ T430] __cleanup_mnt+0x19/0x20
[ 56.811634][ T430] task_work_run+0x1db/0x240
[ 56.816247][ T430] ? __cfi_task_work_run+0x10/0x10
[ 56.821447][ T430] ? free_nsproxy+0x21f/0x270
[ 56.826141][ T430] do_exit+0xa1d/0x2650
[ 56.830328][ T430] ? __cfi_do_exit+0x10/0x10
[ 56.835118][ T430] ? __kasan_check_write+0x14/0x20
[ 56.840278][ T430] ? _raw_spin_lock_irq+0x8f/0xe0
[ 56.845319][ T430] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 56.851013][ T430] ? ksys_write+0x1da/0x240
[ 56.855645][ T430] ? zap_other_threads+0x2c1/0x2f0
[ 56.860778][ T430] do_group_exit+0x210/0x2d0
[ 56.865416][ T430] __x64_sys_exit_group+0x3f/0x40
[ 56.870454][ T430] x64_sys_call+0x7b4/0x9a0
[ 56.875045][ T430] do_syscall_64+0x4c/0xa0
[ 56.879481][ T430] ? clear_bhb_loop+0x15/0x70
[ 56.884255][ T430] ? clear_bhb_loop+0x15/0x70
[ 56.888940][ T430] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 56.894839][ T430] RIP: 0033:0x7fcf9f58e169
[ 56.899260][ T430] Code: Unable to access opcode bytes at 0x7fcf9f58e13f.
[ 56.906273][ T430] RSP: 002b:00007ffc59f073c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 56.914889][ T430] RAX: ffffffffffffffda RBX: 00007fcf9f610879 RCX: 00007fcf9f58e169
[ 56.922974][ T430] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 56.931165][ T430] RBP: 0000000000000002 R08: 00007ffc59f05167 R09: 00007ffc59f08680
[ 56.939146][ T430] R10: 0000000000000009 R11: 0000000000000246 R12: 00007ffc59f08680
[ 56.947237][ T430] R13: 00007fcf9f610854 R14: 000000000000d930 R15: 00007ffc59f0a840
[ 56.955312][ T430]
[ 56.958368][ T430]
[ 56.960823][ T430] Allocated by task 435:
[ 56.965158][ T430] kasan_set_track+0x4b/0x70
[ 56.969771][ T430] kasan_save_alloc_info+0x25/0x30
[ 56.975059][ T430] __kasan_slab_alloc+0x72/0x80
[ 56.979986][ T430] slab_post_alloc_hook+0x4f/0x2d0
[ 56.985105][ T430] kmem_cache_alloc_lru+0x104/0x280
[ 56.990292][ T430] f2fs_alloc_inode+0x2d/0x340
[ 56.995060][ T430] iget_locked+0x198/0x8b0
[ 56.999476][ T430] f2fs_iget+0x55/0x4cb0
[ 57.003728][ T430] f2fs_lookup+0x366/0xab0
[ 57.008127][ T430] __lookup_slow+0x2c7/0x3f0
[ 57.012731][ T430] lookup_slow+0x57/0x70
[ 57.017066][ T430] walk_component+0x2f4/0x420
[ 57.021765][ T430] path_lookupat+0x180/0x490
[ 57.026356][ T430] filename_lookup+0x1f0/0x500
[ 57.031120][ T430] vfs_statx+0x10b/0x660
[ 57.035366][ T430] __se_sys_newlstat+0xd5/0x350
[ 57.040216][ T430] __x64_sys_newlstat+0x5b/0x70
[ 57.045069][ T430] x64_sys_call+0x393/0x9a0
[ 57.049666][ T430] do_syscall_64+0x4c/0xa0
[ 57.054089][ T430] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 57.059993][ T430]
[ 57.062307][ T430] Freed by task 13:
[ 57.066187][ T430] kasan_set_track+0x4b/0x70
[ 57.070766][ T430] kasan_save_free_info+0x31/0x50
[ 57.075876][ T430] ____kasan_slab_free+0x132/0x180
[ 57.081061][ T430] __kasan_slab_free+0x11/0x20
[ 57.085822][ T430] slab_free_freelist_hook+0xc2/0x190
[ 57.091318][ T430] kmem_cache_free+0x12d/0x300
[ 57.096099][ T430] f2fs_free_inode+0x24/0x30
[ 57.100771][ T430] i_callback+0x5a/0x80
[ 57.104918][ T430] rcu_do_batch+0x515/0xb90
[ 57.109520][ T430] rcu_core+0x5a5/0xe70
[ 57.113951][ T430] rcu_core_si+0x9/0x10
[ 57.118114][ T430] handle_softirqs+0x1d7/0x600
[ 57.122961][ T430] run_ksoftirqd+0x28/0x30
[ 57.127369][ T430] smpboot_thread_fn+0x4a0/0x910
[ 57.132403][ T430] kthread+0x281/0x320
[ 57.136491][ T430] ret_from_fork+0x1f/0x30
[ 57.141095][ T430]
[ 57.143406][ T430] Last potentially related work creation:
[ 57.149124][ T430] kasan_save_stack+0x3a/0x60
[ 57.153876][ T430] __kasan_record_aux_stack+0xb6/0xc0
[ 57.159249][ T430] kasan_record_aux_stack_noalloc+0xb/0x10
[ 57.165148][ T430] call_rcu+0xd4/0xf90
[ 57.169416][ T430] evict+0x7f6/0x890
[ 57.173348][ T430] iput+0x620/0x670
[ 57.177140][ T430] do_unlinkat+0x375/0x6b0
[ 57.181651][ T430] __x64_sys_unlink+0x49/0x50
[ 57.186344][ T430] x64_sys_call+0x958/0x9a0
[ 57.190850][ T430] do_syscall_64+0x4c/0xa0
[ 57.195367][ T430] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 57.201357][ T430]
[ 57.203688][ T430] The buggy address belongs to the object at ffff888124654b90
[ 57.203688][ T430] which belongs to the cache f2fs_inode_cache of size 1360
[ 57.218268][ T430] The buggy address is located 952 bytes inside of
[ 57.218268][ T430] 1360-byte region [ffff888124654b90, ffff8881246550e0)
[ 57.232051][ T430]
[ 57.234498][ T430] The buggy address belongs to the physical page:
[ 57.240901][ T430] page:ffffea0004919400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x124650
[ 57.251345][ T430] head:ffffea0004919400 order:3 compound_mapcount:0 compound_pincount:0
[ 57.259748][ T430] flags: 0x4000000000010200(slab|head|zone=1)
[ 57.265914][ T430] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100bc9b00
[ 57.274590][ T430] raw: 0000000000000000 0000000080160016 00000001ffffffff 0000000000000000
[ 57.283167][ T430] page dumped because: kasan: bad access detected
[ 57.289589][ T430] page_owner tracks the page as allocated
[ 57.295292][ T430] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 435, tgid 434 (syz.2.16), ts 55544949754, free_ts 0
[ 57.317603][ T430] post_alloc_hook+0x1f5/0x210
[ 57.322366][ T430] prep_new_page+0x1c/0x110
[ 57.326891][ T430] get_page_from_freelist+0x2c6e/0x2ce0
[ 57.332424][ T430] __alloc_pages+0x19e/0x3a0
[ 57.337108][ T430] alloc_slab_page+0x6e/0xf0
[ 57.341700][ T430] new_slab+0x98/0x3d0
[ 57.345762][ T430] ___slab_alloc+0x6f6/0xb50
[ 57.350342][ T430] __slab_alloc+0x5e/0xa0
[ 57.354676][ T430] kmem_cache_alloc_lru+0x144/0x280
[ 57.359960][ T430] f2fs_alloc_inode+0x2d/0x340
[ 57.364774][ T430] iget_locked+0x198/0x8b0
[ 57.369188][ T430] f2fs_iget+0x55/0x4cb0
[ 57.373430][ T430] f2fs_fill_super+0x3ab8/0x6c70
[ 57.378453][ T430] mount_bdev+0x2bc/0x3f0
[ 57.382788][ T430] f2fs_mount+0x34/0x40
[ 57.387106][ T430] legacy_get_tree+0xfe/0x1a0
[ 57.391798][ T430] page_owner free stack trace missing
[ 57.397153][ T430]
[ 57.399638][ T430] Memory state around the buggy address:
[ 57.405250][ T430] ffff888124654e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 57.413298][ T430] ffff888124654e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 57.421372][ T430] >ffff888124654f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 57.429628][ T430] ^
[ 57.436029][ T430] ffff888124654f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 57.444599][ T430] ffff888124655000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 57.452643][ T430] ==================================================================
[ 57.460882][ T430] Disabling lock debugging due to kernel taint
[ 58.268400][ T43] device bridge_slave_1 left promiscuous mode
[ 58.274583][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 58.282686][ T43] device bridge_slave_0 left promiscuous mode
[ 58.289055][ T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 58.297821][ T43] device veth1_macvtap left promiscuous mode
[ 58.303892][ T43] device veth0_vlan left promiscuous mode