Warning: Permanently added '10.128.0.226' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program [ 43.064460][ T4034] loop1: detected capacity change from 0 to 40427 [ 43.095216][ T4034] ======================================================= [ 43.095216][ T4034] WARNING: The mand mount option has been deprecated and [ 43.095216][ T4034] and is ignored by this kernel. Remove the mand [ 43.095216][ T4034] option from the mount to silence this warning. [ 43.095216][ T4034] ======================================================= [ 43.145214][ T4031] loop4: detected capacity change from 0 to 40427 [ 43.152902][ T4037] loop2: detected capacity change from 0 to 40427 [ 43.164177][ T4033] loop3: detected capacity change from 0 to 40427 [ 43.169349][ T4034] F2FS-fs (loop1): Found nat_bits in checkpoint [ 43.186104][ T4036] loop0: detected capacity change from 0 to 40427 [ 43.203784][ T4034] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 43.206570][ T4037] F2FS-fs (loop2): Found nat_bits in checkpoint [ 43.210463][ T4034] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 43.212864][ T4034] CPU: 1 PID: 4034 Comm: syz-executor216 Not tainted 5.15.183-syzkaller #0 [ 43.215315][ T4034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 43.218137][ T4034] Call trace: [ 43.219031][ T4034] dump_backtrace+0x0/0x43c [ 43.220311][ T4034] show_stack+0x2c/0x3c [ 43.221433][ T4034] __dump_stack+0x30/0x40 [ 43.222791][ T4034] dump_stack_lvl+0xf8/0x160 [ 43.224112][ T4034] dump_stack+0x1c/0x5c [ 43.225392][ T4034] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 43.226912][ T4034] f2fs_iget+0x1a74/0x5170 [ 43.228146][ T4034] f2fs_nfs_get_inode+0x80/0x118 [ 43.229497][ T4034] generic_fh_to_dentry+0x9c/0x104 [ 43.230789][ T4037] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 43.230895][ T4034] f2fs_fh_to_dentry+0x44/0x58 [ 43.234333][ T4034] exportfs_decode_fh_raw+0x10c/0x49c [ 43.235845][ T4034] exportfs_decode_fh+0x50/0x80 [ 43.237224][ T4034] do_handle_open+0x514/0x8e8 [ 43.238536][ T4034] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.240117][ T4034] invoke_syscall+0x98/0x2b8 [ 43.241470][ T4034] el0_svc_common+0x138/0x258 [ 43.242814][ T4034] do_el0_svc+0x58/0x14c [ 43.244047][ T4034] el0_svc+0x78/0x1e0 [ 43.245224][ T4034] el0t_64_sync_handler+0xcc/0xe4 [ 43.246667][ T4034] el0t_64_sync+0x1a0/0x1a4 [ 43.257603][ T4037] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 43.259830][ T4037] CPU: 0 PID: 4037 Comm: syz-executor216 Not tainted 5.15.183-syzkaller #0 [ 43.261550][ T4034] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 43.262265][ T4037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 43.266346][ T4048] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 43.268540][ T4037] Call trace: [ 43.268549][ T4037] dump_backtrace+0x0/0x43c [ 43.268569][ T4037] show_stack+0x2c/0x3c [ 43.268579][ T4037] __dump_stack+0x30/0x40 [ 43.268589][ T4037] dump_stack_lvl+0xf8/0x160 [ 43.268597][ T4037] dump_stack+0x1c/0x5c [ 43.268605][ T4037] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 43.279146][ T4037] f2fs_iget+0x1a74/0x5170 [ 43.280392][ T4037] f2fs_nfs_get_inode+0x80/0x118 [ 43.281807][ T4037] generic_fh_to_dentry+0x9c/0x104 [ 43.283260][ T4037] f2fs_fh_to_dentry+0x44/0x58 [ 43.284653][ T4037] exportfs_decode_fh_raw+0x10c/0x49c [ 43.286174][ T4037] exportfs_decode_fh+0x50/0x80 [ 43.287545][ T4037] do_handle_open+0x514/0x8e8 [ 43.288881][ T4037] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.290554][ T4037] invoke_syscall+0x98/0x2b8 [ 43.291853][ T4037] el0_svc_common+0x138/0x258 [ 43.293151][ T4037] do_el0_svc+0x58/0x14c [ 43.294339][ T4037] el0_svc+0x78/0x1e0 [ 43.295435][ T4037] el0t_64_sync_handler+0xcc/0xe4 [ 43.296852][ T4037] el0t_64_sync+0x1a0/0x1a4 [ 43.298122][ T4048] CPU: 1 PID: 4048 Comm: syz-executor216 Not tainted 5.15.183-syzkaller #0 [ 43.300632][ T4048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 43.302314][ T4037] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 43.303450][ T4048] Call trace: [ 43.307550][ T4048] dump_backtrace+0x0/0x43c [ 43.308904][ T4048] show_stack+0x2c/0x3c [ 43.310079][ T4048] __dump_stack+0x30/0x40 [ 43.310894][ T4037] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 43.311269][ T4048] dump_stack_lvl+0xf8/0x160 [ 43.314911][ T4048] dump_stack+0x1c/0x5c [ 43.315369][ T4033] F2FS-fs (loop3): Found nat_bits in checkpoint [ 43.316113][ T4048] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 43.319340][ T4048] f2fs_iget+0x1a74/0x5170 [ 43.320564][ T4048] f2fs_nfs_get_inode+0x80/0x118 [ 43.322000][ T4048] generic_fh_to_dentry+0x9c/0x104 [ 43.323410][ T4048] f2fs_fh_to_dentry+0x44/0x58 [ 43.324308][ T4036] F2FS-fs (loop0): Found nat_bits in checkpoint [ 43.324733][ T4048] exportfs_decode_fh_raw+0x10c/0x49c [ 43.327975][ T4048] exportfs_decode_fh+0x50/0x80 [ 43.329330][ T4048] do_handle_open+0x514/0x8e8 [ 43.330635][ T4048] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.332313][ T4048] invoke_syscall+0x98/0x2b8 [ 43.333602][ T4048] el0_svc_common+0x138/0x258 [ 43.334927][ T4048] do_el0_svc+0x58/0x14c [ 43.336156][ T4048] el0_svc+0x78/0x1e0 [ 43.337332][ T4048] el0t_64_sync_handler+0xcc/0xe4 [ 43.338787][ T4048] el0t_64_sync+0x1a0/0x1a4 [ 43.340088][ T4037] CPU: 0 PID: 4037 Comm: syz-executor216 Not tainted 5.15.183-syzkaller #0 [ 43.342421][ T4048] ================================================================== [ 43.342505][ T4037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 43.342519][ T4037] Call trace: [ 43.344923][ T4048] BUG: KASAN: use-after-free in f2fs_iget+0x4188/0x5170 [ 43.347748][ T4037] dump_backtrace+0x0/0x43c [ 43.348615][ T4048] Read of size 4 at addr ffff0000dce99028 by task syz-executor216/4048 [ 43.350613][ T4037] show_stack+0x2c/0x3c [ 43.351886][ T4048] [ 43.354340][ T4037] __dump_stack+0x30/0x40 [ 43.357463][ T4037] dump_stack_lvl+0xf8/0x160 [ 43.358768][ T4037] dump_stack+0x1c/0x5c [ 43.359935][ T4037] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 43.361440][ T4037] f2fs_iget+0x1a74/0x5170 [ 43.362673][ T4037] f2fs_nfs_get_inode+0x80/0x118 [ 43.364051][ T4037] generic_fh_to_dentry+0x9c/0x104 [ 43.365494][ T4037] f2fs_fh_to_dentry+0x44/0x58 [ 43.366849][ T4037] exportfs_decode_fh_raw+0x10c/0x49c [ 43.368421][ T4037] exportfs_decode_fh+0x50/0x80 [ 43.369796][ T4037] do_handle_open+0x514/0x8e8 [ 43.371277][ T4037] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.372869][ T4037] invoke_syscall+0x98/0x2b8 [ 43.374205][ T4037] el0_svc_common+0x138/0x258 [ 43.375565][ T4037] do_el0_svc+0x58/0x14c [ 43.376728][ T4037] el0_svc+0x78/0x1e0 [ 43.377852][ T4037] el0t_64_sync_handler+0xcc/0xe4 [ 43.379256][ T4037] el0t_64_sync+0x1a0/0x1a4 [ 43.380594][ T4048] CPU: 1 PID: 4048 Comm: syz-executor216 Not tainted 5.15.183-syzkaller #0 [ 43.381618][ T4037] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 43.383047][ T4048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 43.383060][ T4048] Call trace: [ 43.383064][ T4048] dump_backtrace+0x0/0x43c [ 43.383082][ T4048] show_stack+0x2c/0x3c [ 43.392419][ T4048] __dump_stack+0x30/0x40 [ 43.393755][ T4048] dump_stack_lvl+0xf8/0x160 [ 43.395086][ T4048] print_address_description+0x78/0x30c [ 43.396660][ T4048] kasan_report+0xec/0x15c [ 43.398153][ T4048] __asan_report_load4_noabort+0x44/0x50 [ 43.399772][ T4048] f2fs_iget+0x4188/0x5170 [ 43.401067][ T4048] f2fs_nfs_get_inode+0x80/0x118 [ 43.402507][ T4048] generic_fh_to_dentry+0x9c/0x104 [ 43.403813][ T4033] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 43.403962][ T4048] f2fs_fh_to_dentry+0x44/0x58 [ 43.407001][ T4036] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 43.407402][ T4048] exportfs_decode_fh_raw+0x10c/0x49c [ 43.407421][ T4048] exportfs_decode_fh+0x50/0x80 [ 43.407430][ T4048] do_handle_open+0x514/0x8e8 [ 43.407454][ T4048] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.407464][ T4048] invoke_syscall+0x98/0x2b8 [ 43.407476][ T4048] el0_svc_common+0x138/0x258 [ 43.407486][ T4048] do_el0_svc+0x58/0x14c [ 43.412682][ T4036] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 43.413842][ T4048] el0_svc+0x78/0x1e0 [ 43.422697][ T4048] el0t_64_sync_handler+0xcc/0xe4 [ 43.424173][ T4048] el0t_64_sync+0x1a0/0x1a4 [ 43.425477][ T4048] [ 43.425479][ T4036] CPU: 0 PID: 4036 Comm: syz-executor216 Not tainted 5.15.183-syzkaller #0 [ 43.426087][ T4048] Allocated by task 4034: [ 43.428565][ T4036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 43.429789][ T4048] __kasan_slab_alloc+0x8c/0xcc [ 43.432852][ T4036] Call trace: [ 43.434335][ T4048] slab_post_alloc_hook+0x74/0x408 [ 43.435216][ T4036] dump_backtrace+0x0/0x43c [ 43.436643][ T4048] kmem_cache_alloc+0x1e0/0x3e4 [ 43.437895][ T4036] show_stack+0x2c/0x3c [ 43.439197][ T4048] f2fs_init_extent_tree+0x43c/0xaac [ 43.440331][ T4036] __dump_stack+0x30/0x40 [ 43.441835][ T4048] f2fs_iget+0x10c4/0x5170 [ 43.443135][ T4036] dump_stack_lvl+0xf8/0x160 [ 43.444359][ T4048] f2fs_nfs_get_inode+0x80/0x118 [ 43.445631][ T4036] dump_stack+0x1c/0x5c [ 43.447003][ T4048] generic_fh_to_dentry+0x9c/0x104 [ 43.448162][ T4036] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 43.449620][ T4048] f2fs_fh_to_dentry+0x44/0x58 [ 43.451100][ T4036] f2fs_iget+0x1a74/0x5170 [ 43.452462][ T4048] exportfs_decode_fh_raw+0x10c/0x49c [ 43.453697][ T4036] f2fs_nfs_get_inode+0x80/0x118 [ 43.455180][ T4048] exportfs_decode_fh+0x50/0x80 [ 43.456617][ T4036] generic_fh_to_dentry+0x9c/0x104 [ 43.457942][ T4048] do_handle_open+0x514/0x8e8 [ 43.459539][ T4036] f2fs_fh_to_dentry+0x44/0x58 [ 43.460890][ T4048] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.462247][ T4036] exportfs_decode_fh_raw+0x10c/0x49c [ 43.463857][ T4048] invoke_syscall+0x98/0x2b8 [ 43.465308][ T4036] exportfs_decode_fh+0x50/0x80 [ 43.466577][ T4048] el0_svc_common+0x138/0x258 [ 43.467876][ T4036] do_handle_open+0x514/0x8e8 [ 43.469251][ T4048] do_el0_svc+0x58/0x14c [ 43.470568][ T4036] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.471728][ T4048] el0_svc+0x78/0x1e0 [ 43.473341][ T4036] invoke_syscall+0x98/0x2b8 [ 43.474412][ T4048] el0t_64_sync_handler+0xcc/0xe4 [ 43.475659][ T4036] el0_svc_common+0x138/0x258 [ 43.477098][ T4048] el0t_64_sync+0x1a0/0x1a4 [ 43.478428][ T4036] do_el0_svc+0x58/0x14c [ 43.479696][ T4048] [ 43.480847][ T4036] el0_svc+0x78/0x1e0 [ 43.481515][ T4048] Freed by task 4034: [ 43.482565][ T4036] el0t_64_sync_handler+0xcc/0xe4 [ 43.483710][ T4048] kasan_set_track+0x4c/0x84 [ 43.485108][ T4036] el0t_64_sync+0x1a0/0x1a4 [ 43.486376][ T4048] kasan_set_free_info+0x28/0x4c [ 43.488998][ T4048] ____kasan_slab_free+0x118/0x164 [ 43.490453][ T4048] __kasan_slab_free+0x18/0x28 [ 43.491842][ T4048] slab_free_freelist_hook+0x128/0x1e8 [ 43.491931][ T4036] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 43.493409][ T4048] kmem_cache_free+0xdc/0x3b4 [ 43.497872][ T4048] f2fs_destroy_extent_tree+0x2d0/0x688 [ 43.497996][ T4033] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 43.499404][ T4048] f2fs_evict_inode+0x32c/0x1520 [ 43.501782][ T4033] CPU: 0 PID: 4033 Comm: syz-executor216 Not tainted 5.15.183-syzkaller #0 [ 43.503026][ T4048] evict+0x3c8/0x810 [ 43.505403][ T4033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 43.506507][ T4048] iput+0x6c4/0x77c [ 43.509419][ T4033] Call trace: [ 43.510432][ T4048] iget_failed+0x148/0x194 [ 43.511370][ T4033] dump_backtrace+0x0/0x43c [ 43.512577][ T4048] f2fs_iget+0x58c/0x5170 [ 43.513871][ T4033] show_stack+0x2c/0x3c [ 43.515119][ T4048] f2fs_nfs_get_inode+0x80/0x118 [ 43.516435][ T4033] __dump_stack+0x30/0x40 [ 43.517912][ T4048] generic_fh_to_dentry+0x9c/0x104 [ 43.519088][ T4033] dump_stack_lvl+0xf8/0x160 [ 43.520594][ T4048] f2fs_fh_to_dentry+0x44/0x58 [ 43.521826][ T4033] dump_stack+0x1c/0x5c [ 43.523269][ T4048] exportfs_decode_fh_raw+0x10c/0x49c [ 43.524440][ T4033] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 43.525933][ T4048] exportfs_decode_fh+0x50/0x80 [ 43.527404][ T4033] f2fs_iget+0x1a74/0x5170 [ 43.528722][ T4048] do_handle_open+0x514/0x8e8 [ 43.529936][ T4033] f2fs_nfs_get_inode+0x80/0x118 [ 43.531204][ T4048] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.532524][ T4033] generic_fh_to_dentry+0x9c/0x104 [ 43.534188][ T4048] invoke_syscall+0x98/0x2b8 [ 43.535571][ T4033] f2fs_fh_to_dentry+0x44/0x58 [ 43.536828][ T4048] el0_svc_common+0x138/0x258 [ 43.538225][ T4033] exportfs_decode_fh_raw+0x10c/0x49c [ 43.539503][ T4048] do_el0_svc+0x58/0x14c [ 43.541036][ T4033] exportfs_decode_fh+0x50/0x80 [ 43.542287][ T4048] el0_svc+0x78/0x1e0 [ 43.543622][ T4033] do_handle_open+0x514/0x8e8 [ 43.544743][ T4048] el0t_64_sync_handler+0xcc/0xe4 [ 43.546161][ T4033] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.547580][ T4048] el0t_64_sync+0x1a0/0x1a4 [ 43.549375][ T4033] invoke_syscall+0x98/0x2b8 [ 43.550676][ T4048] [ 43.551958][ T4033] el0_svc_common+0x138/0x258 [ 43.552604][ T4048] The buggy address belongs to the object at ffff0000dce99000 [ 43.552604][ T4048] which belongs to the cache f2fs_extent_tree of size 136 [ 43.553958][ T4033] do_el0_svc+0x58/0x14c [ 43.558192][ T4048] The buggy address is located 40 bytes inside of [ 43.558192][ T4048] 136-byte region [ffff0000dce99000, ffff0000dce99088) [ 43.559425][ T4033] el0_svc+0x78/0x1e0 [ 43.563279][ T4048] The buggy address belongs to the page: [ 43.564418][ T4033] el0t_64_sync_handler+0xcc/0xe4 [ 43.565973][ T4048] page:00000000688289a2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11ce99 [ 43.567563][ T4033] el0t_64_sync+0x1a0/0x1a4 [ 43.570488][ T4048] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 43.573947][ T4048] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 43.576361][ T4048] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 43.576351][ T4033] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 43.578839][ T4048] page dumped because: kasan: bad access detected [ 43.578852][ T4048] [ 43.578856][ T4048] Memory state around the buggy address: [ 43.578865][ T4048] ffff0000dce98f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 43.578872][ T4048] ffff0000dce98f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 43.578880][ T4048] >ffff0000dce99000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 43.578885][ T4048] ^ [ 43.578891][ T4048] ffff0000dce99080: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 43.578898][ T4048] ffff0000dce99100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 43.578903][ T4048] ================================================================== [ 43.578909][ T4048] Disabling lock debugging due to kernel taint [ 43.582670][ T4058] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 43.585010][ T4057] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 43.608384][ T4057] CPU: 1 PID: 4057 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 43.611338][ T4057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 43.614257][ T4057] Call trace: [ 43.615157][ T4057] dump_backtrace+0x0/0x43c [ 43.616407][ T4057] show_stack+0x2c/0x3c [ 43.617594][ T4057] __dump_stack+0x30/0x40 [ 43.618801][ T4057] dump_stack_lvl+0xf8/0x160 [ 43.620144][ T4057] dump_stack+0x1c/0x5c [ 43.621492][ T4057] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 43.622991][ T4057] f2fs_iget+0x1a74/0x5170 [ 43.624248][ T4057] f2fs_nfs_get_inode+0x80/0x118 [ 43.625705][ T4057] generic_fh_to_dentry+0x9c/0x104 [ 43.627240][ T4057] f2fs_fh_to_dentry+0x44/0x58 [ 43.628596][ T4057] exportfs_decode_fh_raw+0x10c/0x49c [ 43.630170][ T4057] exportfs_decode_fh+0x50/0x80 [ 43.630536][ T4031] F2FS-fs (loop4): Found nat_bits in checkpoint [ 43.631515][ T4057] do_handle_open+0x514/0x8e8 [ 43.631533][ T4057] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.636530][ T4057] invoke_syscall+0x98/0x2b8 [ 43.637875][ T4057] el0_svc_common+0x138/0x258 [ 43.639284][ T4057] do_el0_svc+0x58/0x14c [ 43.640611][ T4057] el0_svc+0x78/0x1e0 [ 43.641726][ T4057] el0t_64_sync_handler+0xcc/0xe4 [ 43.643171][ T4057] el0t_64_sync+0x1a0/0x1a4 [ 43.646610][ T4057] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 43.651380][ T4058] CPU: 1 PID: 4058 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 43.654286][ T4058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 43.657110][ T4058] Call trace: [ 43.658017][ T4058] dump_backtrace+0x0/0x43c [ 43.659276][ T4058] show_stack+0x2c/0x3c [ 43.660511][ T4058] __dump_stack+0x30/0x40 [ 43.661737][ T4058] dump_stack_lvl+0xf8/0x160 [ 43.663014][ T4058] dump_stack+0x1c/0x5c [ 43.664204][ T4058] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 43.665854][ T4058] f2fs_iget+0x1a74/0x5170 [ 43.667089][ T4058] f2fs_nfs_get_inode+0x80/0x118 [ 43.668448][ T4058] generic_fh_to_dentry+0x9c/0x104 [ 43.669814][ T4058] f2fs_fh_to_dentry+0x44/0x58 [ 43.671134][ T4058] exportfs_decode_fh_raw+0x10c/0x49c [ 43.672794][ T4058] exportfs_decode_fh+0x50/0x80 [ 43.674097][ T4058] do_handle_open+0x514/0x8e8 [ 43.675472][ T4058] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.677055][ T4058] invoke_syscall+0x98/0x2b8 [ 43.678369][ T4058] el0_svc_common+0x138/0x258 [ 43.679659][ T4058] do_el0_svc+0x58/0x14c [ 43.680804][ T4058] el0_svc+0x78/0x1e0 [ 43.681947][ T4058] el0t_64_sync_handler+0xcc/0xe4 [ 43.683365][ T4058] el0t_64_sync+0x1a0/0x1a4 [ 43.692575][ T4058] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 43.697394][ T4048] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 43.700795][ T4048] ================================================================== [ 43.702970][ T4048] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 43.705260][ T4048] [ 43.705880][ T4048] CPU: 1 PID: 4048 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 43.708748][ T4048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 43.711517][ T4048] Call trace: [ 43.712427][ T4048] dump_backtrace+0x0/0x43c [ 43.713667][ T4048] show_stack+0x2c/0x3c [ 43.714858][ T4048] __dump_stack+0x30/0x40 [ 43.716071][ T4048] dump_stack_lvl+0xf8/0x160 [ 43.717351][ T4048] print_address_description+0x78/0x30c [ 43.718886][ T4048] kasan_report_invalid_free+0x4c/0x7c [ 43.720416][ T4048] ____kasan_slab_free+0x134/0x164 [ 43.721855][ T4048] __kasan_slab_free+0x18/0x28 [ 43.723165][ T4048] slab_free_freelist_hook+0x128/0x1e8 [ 43.724711][ T4048] kmem_cache_free+0xdc/0x3b4 [ 43.726069][ T4048] f2fs_destroy_extent_tree+0x2d0/0x688 [ 43.727604][ T4048] f2fs_evict_inode+0x32c/0x1520 [ 43.728958][ T4048] evict+0x3c8/0x810 [ 43.730012][ T4048] iput+0x6c4/0x77c [ 43.731091][ T4048] iget_failed+0x148/0x194 [ 43.732329][ T4048] f2fs_iget+0x58c/0x5170 [ 43.733609][ T4048] f2fs_nfs_get_inode+0x80/0x118 [ 43.735010][ T4048] generic_fh_to_dentry+0x9c/0x104 [ 43.736462][ T4048] f2fs_fh_to_dentry+0x44/0x58 [ 43.737821][ T4048] exportfs_decode_fh_raw+0x10c/0x49c [ 43.739347][ T4048] exportfs_decode_fh+0x50/0x80 [ 43.740668][ T4048] do_handle_open+0x514/0x8e8 [ 43.741985][ T4048] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.743674][ T4048] invoke_syscall+0x98/0x2b8 [ 43.744928][ T4048] el0_svc_common+0x138/0x258 [ 43.746385][ T4048] do_el0_svc+0x58/0x14c [ 43.747672][ T4048] el0_svc+0x78/0x1e0 [ 43.748819][ T4048] el0t_64_sync_handler+0xcc/0xe4 [ 43.750193][ T4048] el0t_64_sync+0x1a0/0x1a4 [ 43.751438][ T4048] [ 43.752118][ T4048] Allocated by task 4034: [ 43.753381][ T4048] __kasan_slab_alloc+0x8c/0xcc [ 43.754754][ T4048] slab_post_alloc_hook+0x74/0x408 [ 43.756177][ T4048] kmem_cache_alloc+0x1e0/0x3e4 [ 43.757575][ T4048] f2fs_init_extent_tree+0x43c/0xaac [ 43.759044][ T4048] f2fs_iget+0x10c4/0x5170 [ 43.760244][ T4048] f2fs_nfs_get_inode+0x80/0x118 [ 43.761539][ T4048] generic_fh_to_dentry+0x9c/0x104 [ 43.762927][ T4048] f2fs_fh_to_dentry+0x44/0x58 [ 43.764310][ T4048] exportfs_decode_fh_raw+0x10c/0x49c [ 43.765810][ T4048] exportfs_decode_fh+0x50/0x80 [ 43.767188][ T4048] do_handle_open+0x514/0x8e8 [ 43.768543][ T4048] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.770181][ T4048] invoke_syscall+0x98/0x2b8 [ 43.771477][ T4048] el0_svc_common+0x138/0x258 [ 43.772809][ T4048] do_el0_svc+0x58/0x14c [ 43.774033][ T4048] el0_svc+0x78/0x1e0 [ 43.775173][ T4048] el0t_64_sync_handler+0xcc/0xe4 [ 43.776577][ T4048] el0t_64_sync+0x1a0/0x1a4 [ 43.777856][ T4048] [ 43.778479][ T4048] Freed by task 4034: [ 43.779608][ T4048] kasan_set_track+0x4c/0x84 [ 43.780948][ T4048] kasan_set_free_info+0x28/0x4c [ 43.782310][ T4048] ____kasan_slab_free+0x118/0x164 [ 43.783729][ T4048] __kasan_slab_free+0x18/0x28 [ 43.785209][ T4048] slab_free_freelist_hook+0x128/0x1e8 [ 43.786747][ T4048] kmem_cache_free+0xdc/0x3b4 [ 43.788071][ T4048] f2fs_destroy_extent_tree+0x2d0/0x688 [ 43.789745][ T4048] f2fs_evict_inode+0x32c/0x1520 [ 43.791066][ T4048] evict+0x3c8/0x810 [ 43.792172][ T4048] iput+0x6c4/0x77c [ 43.793226][ T4048] iget_failed+0x148/0x194 [ 43.794460][ T4048] f2fs_iget+0x58c/0x5170 [ 43.795809][ T4048] f2fs_nfs_get_inode+0x80/0x118 [ 43.797274][ T4048] generic_fh_to_dentry+0x9c/0x104 [ 43.798872][ T4048] f2fs_fh_to_dentry+0x44/0x58 [ 43.800258][ T4048] exportfs_decode_fh_raw+0x10c/0x49c [ 43.801822][ T4048] exportfs_decode_fh+0x50/0x80 [ 43.803226][ T4048] do_handle_open+0x514/0x8e8 [ 43.804616][ T4048] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.806250][ T4048] invoke_syscall+0x98/0x2b8 [ 43.806913][ T4031] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 43.807547][ T4048] el0_svc_common+0x138/0x258 [ 43.807561][ T4048] do_el0_svc+0x58/0x14c [ 43.807569][ T4048] el0_svc+0x78/0x1e0 [ 43.807580][ T4048] el0t_64_sync_handler+0xcc/0xe4 [ 43.807588][ T4048] el0t_64_sync+0x1a0/0x1a4 [ 43.807598][ T4048] [ 43.807602][ T4048] The buggy address belongs to the object at ffff0000dce99000 [ 43.807602][ T4048] which belongs to the cache f2fs_extent_tree of size 136 [ 43.807612][ T4048] The buggy address is located 0 bytes inside of [ 43.807612][ T4048] 136-byte region [ffff0000dce99000, ffff0000dce99088) [ 43.807624][ T4048] The buggy address belongs to the page: [ 43.807630][ T4048] page:00000000688289a2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11ce99 [ 43.807642][ T4048] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 43.807659][ T4048] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 43.833554][ T4048] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 43.835893][ T4048] page dumped because: kasan: bad access detected [ 43.837700][ T4048] [ 43.838348][ T4048] Memory state around the buggy address: [ 43.839860][ T4048] ffff0000dce98f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 43.842118][ T4048] ffff0000dce98f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 43.844472][ T4048] >ffff0000dce99000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 43.846731][ T4048] ^ [ 43.847907][ T4048] ffff0000dce99080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 43.850245][ T4048] ffff0000dce99100: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 43.852442][ T4048] ================================================================== [ 43.859104][ T4031] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 43.861404][ T4031] CPU: 0 PID: 4031 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 43.864261][ T4031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 43.867145][ T4031] Call trace: [ 43.868214][ T4031] dump_backtrace+0x0/0x43c [ 43.869523][ T4031] show_stack+0x2c/0x3c [ 43.870668][ T4031] __dump_stack+0x30/0x40 [ 43.871852][ T4031] dump_stack_lvl+0xf8/0x160 [ 43.873149][ T4031] dump_stack+0x1c/0x5c [ 43.874262][ T4031] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 43.875752][ T4031] f2fs_iget+0x1a74/0x5170 [ 43.877006][ T4031] f2fs_nfs_get_inode+0x80/0x118 [ 43.878445][ T4031] generic_fh_to_dentry+0x9c/0x104 [ 43.879852][ T4031] f2fs_fh_to_dentry+0x44/0x58 [ 43.881181][ T4031] exportfs_decode_fh_raw+0x10c/0x49c [ 43.882686][ T4031] exportfs_decode_fh+0x50/0x80 [ 43.884052][ T4031] do_handle_open+0x514/0x8e8 [ 43.885487][ T4031] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.887186][ T4031] invoke_syscall+0x98/0x2b8 [ 43.888495][ T4031] el0_svc_common+0x138/0x258 [ 43.889948][ T4031] do_el0_svc+0x58/0x14c [ 43.891229][ T4031] el0_svc+0x78/0x1e0 [ 43.892418][ T4031] el0t_64_sync_handler+0xcc/0xe4 [ 43.893920][ T4031] el0t_64_sync+0x1a0/0x1a4 [ 43.936817][ T4031] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 43.950653][ T4064] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 43.953019][ T4064] CPU: 1 PID: 4064 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 43.955690][ T4064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 43.958472][ T4064] Call trace: [ 43.959366][ T4064] dump_backtrace+0x0/0x43c [ 43.960617][ T4064] show_stack+0x2c/0x3c [ 43.961915][ T4064] __dump_stack+0x30/0x40 [ 43.963250][ T4064] dump_stack_lvl+0xf8/0x160 [ 43.964525][ T4064] dump_stack+0x1c/0x5c [ 43.965677][ T4064] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 43.967166][ T4064] f2fs_iget+0x1a74/0x5170 [ 43.968363][ T4064] f2fs_nfs_get_inode+0x80/0x118 [ 43.969729][ T4064] generic_fh_to_dentry+0x9c/0x104 [ 43.971152][ T4064] f2fs_fh_to_dentry+0x44/0x58 [ 43.972556][ T4064] exportfs_decode_fh_raw+0x10c/0x49c [ 43.974072][ T4064] exportfs_decode_fh+0x50/0x80 [ 43.975412][ T4064] do_handle_open+0x514/0x8e8 [ 43.976712][ T4064] __arm64_sys_open_by_handle_at+0x80/0x94 [ 43.978408][ T4064] invoke_syscall+0x98/0x2b8 [ 43.979771][ T4064] el0_svc_common+0x138/0x258 [ 43.981088][ T4064] do_el0_svc+0x58/0x14c [ 43.982298][ T4064] el0_svc+0x78/0x1e0 [ 43.983486][ T4064] el0t_64_sync_handler+0xcc/0xe4 [ 43.984883][ T4064] el0t_64_sync+0x1a0/0x1a4 executing program executing program [ 44.089860][ T4064] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 44.103224][ T4064] ================================================================== [ 44.105464][ T4064] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 44.107683][ T4064] [ 44.108310][ T4064] CPU: 1 PID: 4064 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 44.111225][ T4064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 44.113921][ T4064] Call trace: [ 44.114799][ T4064] dump_backtrace+0x0/0x43c [ 44.116097][ T4064] show_stack+0x2c/0x3c [ 44.117315][ T4064] __dump_stack+0x30/0x40 [ 44.118482][ T4064] dump_stack_lvl+0xf8/0x160 [ 44.119783][ T4064] print_address_description+0x78/0x30c [ 44.121305][ T4064] kasan_report_invalid_free+0x4c/0x7c [ 44.122802][ T4064] ____kasan_slab_free+0x134/0x164 [ 44.124188][ T4064] __kasan_slab_free+0x18/0x28 [ 44.125478][ T4064] slab_free_freelist_hook+0x128/0x1e8 [ 44.127026][ T4064] kmem_cache_free+0xdc/0x3b4 [ 44.128395][ T4064] f2fs_destroy_extent_tree+0x2d0/0x688 [ 44.129985][ T4064] f2fs_evict_inode+0x32c/0x1520 [ 44.131383][ T4064] evict+0x3c8/0x810 [ 44.132490][ T4064] iput+0x6c4/0x77c [ 44.133492][ T4064] iget_failed+0x148/0x194 [ 44.134673][ T4064] f2fs_iget+0x58c/0x5170 [ 44.135890][ T4064] f2fs_nfs_get_inode+0x80/0x118 [ 44.137233][ T4064] generic_fh_to_dentry+0x9c/0x104 [ 44.138663][ T4064] f2fs_fh_to_dentry+0x44/0x58 [ 44.139936][ T4064] exportfs_decode_fh_raw+0x10c/0x49c [ 44.141436][ T4064] exportfs_decode_fh+0x50/0x80 [ 44.142810][ T4064] do_handle_open+0x514/0x8e8 [ 44.144183][ T4064] __arm64_sys_open_by_handle_at+0x80/0x94 [ 44.145737][ T4064] invoke_syscall+0x98/0x2b8 [ 44.146923][ T4064] el0_svc_common+0x138/0x258 [ 44.148160][ T4064] do_el0_svc+0x58/0x14c [ 44.149293][ T4064] el0_svc+0x78/0x1e0 [ 44.150389][ T4064] el0t_64_sync_handler+0xcc/0xe4 [ 44.151747][ T4064] el0t_64_sync+0x1a0/0x1a4 [ 44.153041][ T4064] [ 44.153690][ T4064] Allocated by task 4031: [ 44.154874][ T4064] __kasan_slab_alloc+0x8c/0xcc [ 44.156249][ T4064] slab_post_alloc_hook+0x74/0x408 [ 44.157650][ T4064] kmem_cache_alloc+0x1e0/0x3e4 [ 44.159011][ T4064] f2fs_init_extent_tree+0x43c/0xaac [ 44.160533][ T4064] f2fs_iget+0x10c4/0x5170 [ 44.161745][ T4064] f2fs_nfs_get_inode+0x80/0x118 [ 44.163102][ T4064] generic_fh_to_dentry+0x9c/0x104 [ 44.164479][ T4064] f2fs_fh_to_dentry+0x44/0x58 [ 44.165834][ T4064] exportfs_decode_fh_raw+0x10c/0x49c [ 44.167491][ T4064] exportfs_decode_fh+0x50/0x80 [ 44.168869][ T4064] do_handle_open+0x514/0x8e8 [ 44.170190][ T4064] __arm64_sys_open_by_handle_at+0x80/0x94 [ 44.171827][ T4064] invoke_syscall+0x98/0x2b8 [ 44.173092][ T4064] el0_svc_common+0x138/0x258 [ 44.174432][ T4064] do_el0_svc+0x58/0x14c [ 44.175588][ T4064] el0_svc+0x78/0x1e0 [ 44.176683][ T4064] el0t_64_sync_handler+0xcc/0xe4 [ 44.178063][ T4064] el0t_64_sync+0x1a0/0x1a4 [ 44.179447][ T4064] [ 44.180110][ T4064] Freed by task 4031: [ 44.181222][ T4064] kasan_set_track+0x4c/0x84 [ 44.182539][ T4064] kasan_set_free_info+0x28/0x4c [ 44.183885][ T4064] ____kasan_slab_free+0x118/0x164 [ 44.185365][ T4064] __kasan_slab_free+0x18/0x28 [ 44.186642][ T4064] slab_free_freelist_hook+0x128/0x1e8 [ 44.188109][ T4064] kmem_cache_free+0xdc/0x3b4 [ 44.189379][ T4064] f2fs_destroy_extent_tree+0x2d0/0x688 [ 44.190885][ T4064] f2fs_evict_inode+0x32c/0x1520 [ 44.192173][ T4064] evict+0x3c8/0x810 [ 44.193374][ T4064] iput+0x6c4/0x77c [ 44.194427][ T4064] iget_failed+0x148/0x194 [ 44.195673][ T4064] f2fs_iget+0x58c/0x5170 [ 44.196855][ T4064] f2fs_nfs_get_inode+0x80/0x118 [ 44.198349][ T4064] generic_fh_to_dentry+0x9c/0x104 [ 44.199765][ T4064] f2fs_fh_to_dentry+0x44/0x58 [ 44.201135][ T4064] exportfs_decode_fh_raw+0x10c/0x49c [ 44.202566][ T4064] exportfs_decode_fh+0x50/0x80 [ 44.203943][ T4064] do_handle_open+0x514/0x8e8 [ 44.205220][ T4064] __arm64_sys_open_by_handle_at+0x80/0x94 [ 44.206766][ T4064] invoke_syscall+0x98/0x2b8 [ 44.208037][ T4064] el0_svc_common+0x138/0x258 [ 44.209259][ T4064] do_el0_svc+0x58/0x14c [ 44.210547][ T4064] el0_svc+0x78/0x1e0 [ 44.211666][ T4064] el0t_64_sync_handler+0xcc/0xe4 [ 44.213019][ T4064] el0t_64_sync+0x1a0/0x1a4 [ 44.214256][ T4064] [ 44.214918][ T4064] The buggy address belongs to the object at ffff0000dcfd13e8 [ 44.214918][ T4064] which belongs to the cache f2fs_extent_tree of size 136 [ 44.218998][ T4064] The buggy address is located 0 bytes inside of [ 44.218998][ T4064] 136-byte region [ffff0000dcfd13e8, ffff0000dcfd1470) [ 44.222872][ T4064] The buggy address belongs to the page: [ 44.224407][ T4064] page:00000000f15c583c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11cfd1 [ 44.227349][ T4064] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 44.229545][ T4064] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 44.232056][ T4064] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 44.234420][ T4064] page dumped because: kasan: bad access detected [ 44.236267][ T4064] [ 44.236903][ T4064] Memory state around the buggy address: [ 44.238485][ T4064] ffff0000dcfd1280: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 44.240703][ T4064] ffff0000dcfd1300: fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb fb [ 44.243071][ T4064] >ffff0000dcfd1380: fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb fb [ 44.245374][ T4064] ^ [ 44.247532][ T4064] ffff0000dcfd1400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 44.248100][ T4066] loop2: detected capacity change from 0 to 40427 [ 44.249877][ T4064] ffff0000dcfd1480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc executing program [ 44.253984][ T4064] ================================================================== executing program [ 44.326368][ T4066] F2FS-fs (loop2): Found nat_bits in checkpoint [ 44.354269][ T4066] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 44.407926][ T4066] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 44.410298][ T4066] CPU: 0 PID: 4066 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 44.413260][ T4066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 44.413906][ T4072] loop1: detected capacity change from 0 to 40427 [ 44.416054][ T4066] Call trace: [ 44.416061][ T4066] dump_backtrace+0x0/0x43c [ 44.416084][ T4066] show_stack+0x2c/0x3c [ 44.416094][ T4066] __dump_stack+0x30/0x40 [ 44.422678][ T4066] dump_stack_lvl+0xf8/0x160 [ 44.424031][ T4066] dump_stack+0x1c/0x5c [ 44.425243][ T4066] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 44.426832][ T4066] f2fs_iget+0x1a74/0x5170 [ 44.428212][ T4066] f2fs_nfs_get_inode+0x80/0x118 [ 44.429708][ T4066] generic_fh_to_dentry+0x9c/0x104 [ 44.431203][ T4066] f2fs_fh_to_dentry+0x44/0x58 [ 44.432636][ T4066] exportfs_decode_fh_raw+0x10c/0x49c [ 44.434227][ T4066] exportfs_decode_fh+0x50/0x80 [ 44.435673][ T4066] do_handle_open+0x514/0x8e8 [ 44.437012][ T4066] __arm64_sys_open_by_handle_at+0x80/0x94 [ 44.438724][ T4066] invoke_syscall+0x98/0x2b8 [ 44.440073][ T4066] el0_svc_common+0x138/0x258 [ 44.441546][ T4066] do_el0_svc+0x58/0x14c [ 44.442773][ T4066] el0_svc+0x78/0x1e0 [ 44.443984][ T4066] el0t_64_sync_handler+0xcc/0xe4 [ 44.445521][ T4066] el0t_64_sync+0x1a0/0x1a4 [ 44.448369][ T4066] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 44.452323][ T4066] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 44.457597][ T4066] CPU: 0 PID: 4066 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 44.460534][ T4066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 44.463492][ T4066] Call trace: [ 44.464414][ T4066] dump_backtrace+0x0/0x43c [ 44.465775][ T4066] show_stack+0x2c/0x3c [ 44.466943][ T4066] __dump_stack+0x30/0x40 [ 44.468207][ T4066] dump_stack_lvl+0xf8/0x160 [ 44.469501][ T4066] dump_stack+0x1c/0x5c [ 44.470675][ T4066] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 44.472193][ T4066] f2fs_iget+0x1a74/0x5170 [ 44.473496][ T4066] f2fs_nfs_get_inode+0x80/0x118 [ 44.474917][ T4066] generic_fh_to_dentry+0x9c/0x104 [ 44.476391][ T4066] f2fs_fh_to_dentry+0x44/0x58 [ 44.477792][ T4066] exportfs_decode_fh_raw+0x10c/0x49c [ 44.479396][ T4066] exportfs_decode_fh+0x50/0x80 [ 44.480861][ T4066] do_handle_open+0x514/0x8e8 [ 44.482408][ T4066] __arm64_sys_open_by_handle_at+0x80/0x94 [ 44.484084][ T4066] invoke_syscall+0x98/0x2b8 [ 44.485401][ T4066] el0_svc_common+0x138/0x258 [ 44.486776][ T4066] do_el0_svc+0x58/0x14c [ 44.488044][ T4066] el0_svc+0x78/0x1e0 [ 44.489190][ T4066] el0t_64_sync_handler+0xcc/0xe4 [ 44.490679][ T4066] el0t_64_sync+0x1a0/0x1a4 [ 44.508111][ T4072] F2FS-fs (loop1): Found nat_bits in checkpoint [ 44.544260][ T4066] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 44.557438][ T4072] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 44.567554][ T4072] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 44.569920][ T4072] CPU: 1 PID: 4072 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 44.572815][ T4072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 44.575840][ T4072] Call trace: [ 44.576781][ T4072] dump_backtrace+0x0/0x43c [ 44.578077][ T4072] show_stack+0x2c/0x3c [ 44.579276][ T4072] __dump_stack+0x30/0x40 [ 44.580645][ T4072] dump_stack_lvl+0xf8/0x160 [ 44.581979][ T4072] dump_stack+0x1c/0x5c [ 44.583122][ T4072] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 44.584647][ T4072] f2fs_iget+0x1a74/0x5170 [ 44.585921][ T4072] f2fs_nfs_get_inode+0x80/0x118 [ 44.587329][ T4072] generic_fh_to_dentry+0x9c/0x104 [ 44.588721][ T4072] f2fs_fh_to_dentry+0x44/0x58 [ 44.590101][ T4072] exportfs_decode_fh_raw+0x10c/0x49c [ 44.591619][ T4072] exportfs_decode_fh+0x50/0x80 [ 44.592950][ T4072] do_handle_open+0x514/0x8e8 [ 44.594280][ T4072] __arm64_sys_open_by_handle_at+0x80/0x94 [ 44.595940][ T4072] invoke_syscall+0x98/0x2b8 [ 44.597207][ T4072] el0_svc_common+0x138/0x258 [ 44.598668][ T4072] do_el0_svc+0x58/0x14c [ 44.599875][ T4072] el0_svc+0x78/0x1e0 [ 44.600984][ T4072] el0t_64_sync_handler+0xcc/0xe4 [ 44.602416][ T4072] el0t_64_sync+0x1a0/0x1a4 [ 44.646484][ T4072] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 44.650004][ T4081] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 44.652223][ T4081] CPU: 1 PID: 4081 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 44.655085][ T4081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 44.657932][ T4081] Call trace: [ 44.658856][ T4081] dump_backtrace+0x0/0x43c [ 44.660076][ T4081] show_stack+0x2c/0x3c [ 44.661217][ T4081] __dump_stack+0x30/0x40 [ 44.662443][ T4081] dump_stack_lvl+0xf8/0x160 [ 44.663691][ T4081] dump_stack+0x1c/0x5c [ 44.664776][ T4081] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 44.666366][ T4081] f2fs_iget+0x1a74/0x5170 [ 44.667620][ T4081] f2fs_nfs_get_inode+0x80/0x118 [ 44.668970][ T4081] generic_fh_to_dentry+0x9c/0x104 [ 44.670428][ T4081] f2fs_fh_to_dentry+0x44/0x58 [ 44.671755][ T4081] exportfs_decode_fh_raw+0x10c/0x49c [ 44.673235][ T4081] exportfs_decode_fh+0x50/0x80 [ 44.674622][ T4081] do_handle_open+0x514/0x8e8 [ 44.675970][ T4081] __arm64_sys_open_by_handle_at+0x80/0x94 [ 44.677634][ T4081] invoke_syscall+0x98/0x2b8 [ 44.678901][ T4081] el0_svc_common+0x138/0x258 [ 44.680236][ T4081] do_el0_svc+0x58/0x14c [ 44.681418][ T4081] el0_svc+0x78/0x1e0 [ 44.682487][ T4081] el0t_64_sync_handler+0xcc/0xe4 executing program [ 44.683875][ T4081] el0t_64_sync+0x1a0/0x1a4 [ 44.687767][ T4068] loop3: detected capacity change from 0 to 40427 [ 44.712452][ T4070] loop0: detected capacity change from 0 to 40427 [ 44.714580][ T4081] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 44.718471][ T4081] ================================================================== [ 44.720755][ T4081] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 44.723025][ T4081] [ 44.723645][ T4081] CPU: 1 PID: 4081 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 44.726412][ T4081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 44.729175][ T4081] Call trace: [ 44.730046][ T4081] dump_backtrace+0x0/0x43c [ 44.731391][ T4081] show_stack+0x2c/0x3c [ 44.732563][ T4081] __dump_stack+0x30/0x40 [ 44.733750][ T4081] dump_stack_lvl+0xf8/0x160 [ 44.734941][ T4081] print_address_description+0x78/0x30c [ 44.736482][ T4081] kasan_report_invalid_free+0x4c/0x7c [ 44.737991][ T4081] ____kasan_slab_free+0x134/0x164 [ 44.739412][ T4081] __kasan_slab_free+0x18/0x28 [ 44.740729][ T4081] slab_free_freelist_hook+0x128/0x1e8 [ 44.742281][ T4081] kmem_cache_free+0xdc/0x3b4 [ 44.743551][ T4081] f2fs_destroy_extent_tree+0x2d0/0x688 [ 44.745054][ T4081] f2fs_evict_inode+0x32c/0x1520 [ 44.746498][ T4081] evict+0x3c8/0x810 [ 44.747571][ T4081] iput+0x6c4/0x77c [ 44.748615][ T4081] iget_failed+0x148/0x194 [ 44.749781][ T4081] f2fs_iget+0x58c/0x5170 [ 44.751135][ T4081] f2fs_nfs_get_inode+0x80/0x118 [ 44.752508][ T4081] generic_fh_to_dentry+0x9c/0x104 [ 44.753906][ T4081] f2fs_fh_to_dentry+0x44/0x58 [ 44.755211][ T4081] exportfs_decode_fh_raw+0x10c/0x49c [ 44.756698][ T4081] exportfs_decode_fh+0x50/0x80 [ 44.758100][ T4081] do_handle_open+0x514/0x8e8 [ 44.759443][ T4081] __arm64_sys_open_by_handle_at+0x80/0x94 [ 44.761155][ T4081] invoke_syscall+0x98/0x2b8 [ 44.762488][ T4081] el0_svc_common+0x138/0x258 [ 44.763947][ T4081] do_el0_svc+0x58/0x14c [ 44.765119][ T4081] el0_svc+0x78/0x1e0 [ 44.766230][ T4081] el0t_64_sync_handler+0xcc/0xe4 [ 44.767661][ T4081] el0t_64_sync+0x1a0/0x1a4 [ 44.768898][ T4081] [ 44.769521][ T4081] Allocated by task 4072: [ 44.770739][ T4081] __kasan_slab_alloc+0x8c/0xcc [ 44.772256][ T4081] slab_post_alloc_hook+0x74/0x408 [ 44.773747][ T4081] kmem_cache_alloc+0x1e0/0x3e4 [ 44.775148][ T4081] f2fs_init_extent_tree+0x43c/0xaac [ 44.776727][ T4081] f2fs_iget+0x10c4/0x5170 [ 44.778009][ T4081] f2fs_nfs_get_inode+0x80/0x118 [ 44.779465][ T4081] generic_fh_to_dentry+0x9c/0x104 [ 44.780910][ T4081] f2fs_fh_to_dentry+0x44/0x58 [ 44.782305][ T4081] exportfs_decode_fh_raw+0x10c/0x49c [ 44.783832][ T4081] exportfs_decode_fh+0x50/0x80 [ 44.785256][ T4081] do_handle_open+0x514/0x8e8 [ 44.786562][ T4081] __arm64_sys_open_by_handle_at+0x80/0x94 [ 44.788377][ T4081] invoke_syscall+0x98/0x2b8 [ 44.789667][ T4081] el0_svc_common+0x138/0x258 [ 44.790952][ T4081] do_el0_svc+0x58/0x14c [ 44.792204][ T4081] el0_svc+0x78/0x1e0 [ 44.793333][ T4081] el0t_64_sync_handler+0xcc/0xe4 [ 44.794786][ T4081] el0t_64_sync+0x1a0/0x1a4 [ 44.796080][ T4081] [ 44.796730][ T4081] Freed by task 4072: [ 44.797831][ T4081] kasan_set_track+0x4c/0x84 [ 44.799182][ T4081] kasan_set_free_info+0x28/0x4c [ 44.800557][ T4081] ____kasan_slab_free+0x118/0x164 [ 44.801996][ T4081] __kasan_slab_free+0x18/0x28 [ 44.803378][ T4081] slab_free_freelist_hook+0x128/0x1e8 [ 44.804908][ T4081] kmem_cache_free+0xdc/0x3b4 [ 44.806347][ T4081] f2fs_destroy_extent_tree+0x2d0/0x688 [ 44.807849][ T4081] f2fs_evict_inode+0x32c/0x1520 [ 44.809300][ T4081] evict+0x3c8/0x810 [ 44.810387][ T4081] iput+0x6c4/0x77c [ 44.811485][ T4081] iget_failed+0x148/0x194 [ 44.812725][ T4081] f2fs_iget+0x58c/0x5170 [ 44.814032][ T4081] f2fs_nfs_get_inode+0x80/0x118 [ 44.815450][ T4081] generic_fh_to_dentry+0x9c/0x104 [ 44.816930][ T4081] f2fs_fh_to_dentry+0x44/0x58 [ 44.818286][ T4081] exportfs_decode_fh_raw+0x10c/0x49c [ 44.819787][ T4081] exportfs_decode_fh+0x50/0x80 [ 44.821095][ T4081] do_handle_open+0x514/0x8e8 [ 44.822460][ T4081] __arm64_sys_open_by_handle_at+0x80/0x94 [ 44.824062][ T4081] invoke_syscall+0x98/0x2b8 [ 44.825351][ T4081] el0_svc_common+0x138/0x258 [ 44.826691][ T4081] do_el0_svc+0x58/0x14c [ 44.827931][ T4081] el0_svc+0x78/0x1e0 [ 44.829014][ T4081] el0t_64_sync_handler+0xcc/0xe4 [ 44.830424][ T4081] el0t_64_sync+0x1a0/0x1a4 [ 44.831687][ T4081] [ 44.832465][ T4081] The buggy address belongs to the object at ffff0000dce99190 [ 44.832465][ T4081] which belongs to the cache f2fs_extent_tree of size 136 [ 44.836526][ T4081] The buggy address is located 0 bytes inside of [ 44.836526][ T4081] 136-byte region [ffff0000dce99190, ffff0000dce99218) [ 44.840244][ T4081] The buggy address belongs to the page: [ 44.841873][ T4081] page:00000000688289a2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11ce99 [ 44.844762][ T4081] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 44.846889][ T4081] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 44.849322][ T4081] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 44.851692][ T4081] page dumped because: kasan: bad access detected [ 44.853454][ T4081] [ 44.854075][ T4081] Memory state around the buggy address: [ 44.855686][ T4081] ffff0000dce99080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 44.857987][ T4081] ffff0000dce99100: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 44.860277][ T4081] >ffff0000dce99180: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb [ 44.862519][ T4081] ^ [ 44.863828][ T4081] ffff0000dce99200: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.866003][ T4081] ffff0000dce99280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc executing program [ 44.868244][ T4081] ================================================================== [ 44.902504][ T4083] loop4: detected capacity change from 0 to 40427 [ 44.906017][ T4070] F2FS-fs (loop0): Found nat_bits in checkpoint [ 44.937414][ T4070] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 44.945685][ T4070] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 44.948244][ T4070] CPU: 1 PID: 4070 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 44.951057][ T4070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 44.953894][ T4070] Call trace: [ 44.954837][ T4070] dump_backtrace+0x0/0x43c [ 44.956205][ T4070] show_stack+0x2c/0x3c [ 44.957366][ T4070] __dump_stack+0x30/0x40 [ 44.958575][ T4070] dump_stack_lvl+0xf8/0x160 [ 44.959846][ T4070] dump_stack+0x1c/0x5c [ 44.961052][ T4070] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 44.962556][ T4070] f2fs_iget+0x1a74/0x5170 [ 44.963849][ T4070] f2fs_nfs_get_inode+0x80/0x118 [ 44.965229][ T4070] generic_fh_to_dentry+0x9c/0x104 [ 44.966742][ T4070] f2fs_fh_to_dentry+0x44/0x58 [ 44.968061][ T4070] exportfs_decode_fh_raw+0x10c/0x49c [ 44.969619][ T4070] exportfs_decode_fh+0x50/0x80 [ 44.971003][ T4070] do_handle_open+0x514/0x8e8 [ 44.972319][ T4070] __arm64_sys_open_by_handle_at+0x80/0x94 [ 44.974004][ T4070] invoke_syscall+0x98/0x2b8 [ 44.975344][ T4070] el0_svc_common+0x138/0x258 [ 44.976694][ T4070] do_el0_svc+0x58/0x14c [ 44.978067][ T4070] el0_svc+0x78/0x1e0 [ 44.979294][ T4070] el0t_64_sync_handler+0xcc/0xe4 [ 44.980719][ T4070] el0t_64_sync+0x1a0/0x1a4 [ 44.983066][ T4070] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 44.988145][ T4070] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 44.988593][ T4068] F2FS-fs (loop3): Found nat_bits in checkpoint [ 44.990298][ T4070] CPU: 1 PID: 4070 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 44.994859][ T4070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 44.997616][ T4070] Call trace: [ 44.998553][ T4070] dump_backtrace+0x0/0x43c [ 44.999900][ T4070] show_stack+0x2c/0x3c [ 45.001080][ T4070] __dump_stack+0x30/0x40 [ 45.002311][ T4070] dump_stack_lvl+0xf8/0x160 [ 45.003597][ T4070] dump_stack+0x1c/0x5c [ 45.004812][ T4070] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 45.006392][ T4070] f2fs_iget+0x1a74/0x5170 [ 45.007634][ T4070] f2fs_nfs_get_inode+0x80/0x118 [ 45.009060][ T4070] generic_fh_to_dentry+0x9c/0x104 [ 45.010461][ T4070] f2fs_fh_to_dentry+0x44/0x58 [ 45.011787][ T4070] exportfs_decode_fh_raw+0x10c/0x49c [ 45.013235][ T4070] exportfs_decode_fh+0x50/0x80 [ 45.014599][ T4070] do_handle_open+0x514/0x8e8 [ 45.015869][ T4070] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.017503][ T4070] invoke_syscall+0x98/0x2b8 [ 45.018774][ T4070] el0_svc_common+0x138/0x258 [ 45.020064][ T4070] do_el0_svc+0x58/0x14c [ 45.021291][ T4070] el0_svc+0x78/0x1e0 [ 45.022383][ T4070] el0t_64_sync_handler+0xcc/0xe4 [ 45.023755][ T4070] el0t_64_sync+0x1a0/0x1a4 [ 45.025602][ T4070] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 45.029769][ T4083] F2FS-fs (loop4): Found nat_bits in checkpoint [ 45.064682][ T4068] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 45.067898][ T4083] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 45.076592][ T4068] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 45.076600][ T4083] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 45.076621][ T4083] CPU: 1 PID: 4083 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 45.084149][ T4083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 45.087484][ T4083] Call trace: [ 45.088402][ T4083] dump_backtrace+0x0/0x43c [ 45.089635][ T4083] show_stack+0x2c/0x3c [ 45.090800][ T4083] __dump_stack+0x30/0x40 [ 45.091998][ T4083] dump_stack_lvl+0xf8/0x160 [ 45.093396][ T4083] dump_stack+0x1c/0x5c [ 45.094546][ T4083] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 45.096000][ T4083] f2fs_iget+0x1a74/0x5170 [ 45.097246][ T4083] f2fs_nfs_get_inode+0x80/0x118 [ 45.098609][ T4083] generic_fh_to_dentry+0x9c/0x104 [ 45.100022][ T4083] f2fs_fh_to_dentry+0x44/0x58 [ 45.101570][ T4083] exportfs_decode_fh_raw+0x10c/0x49c [ 45.103114][ T4083] exportfs_decode_fh+0x50/0x80 [ 45.104534][ T4083] do_handle_open+0x514/0x8e8 [ 45.105831][ T4083] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.107527][ T4083] invoke_syscall+0x98/0x2b8 [ 45.108833][ T4083] el0_svc_common+0x138/0x258 [ 45.110184][ T4083] do_el0_svc+0x58/0x14c [ 45.111310][ T4083] el0_svc+0x78/0x1e0 [ 45.112439][ T4083] el0t_64_sync_handler+0xcc/0xe4 [ 45.113874][ T4083] el0t_64_sync+0x1a0/0x1a4 [ 45.117887][ T4068] CPU: 0 PID: 4068 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 45.120682][ T4068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 45.123504][ T4068] Call trace: [ 45.124393][ T4068] dump_backtrace+0x0/0x43c [ 45.125697][ T4068] show_stack+0x2c/0x3c executing program [ 45.126877][ T4068] __dump_stack+0x30/0x40 [ 45.128097][ T4068] dump_stack_lvl+0xf8/0x160 [ 45.129413][ T4068] dump_stack+0x1c/0x5c [ 45.130575][ T4068] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 45.132071][ T4068] f2fs_iget+0x1a74/0x5170 [ 45.133356][ T4068] f2fs_nfs_get_inode+0x80/0x118 [ 45.134762][ T4068] generic_fh_to_dentry+0x9c/0x104 [ 45.136247][ T4068] f2fs_fh_to_dentry+0x44/0x58 [ 45.137602][ T4068] exportfs_decode_fh_raw+0x10c/0x49c [ 45.139114][ T4068] exportfs_decode_fh+0x50/0x80 [ 45.140552][ T4068] do_handle_open+0x514/0x8e8 [ 45.141898][ T4068] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.143576][ T4068] invoke_syscall+0x98/0x2b8 [ 45.145038][ T4068] el0_svc_common+0x138/0x258 [ 45.146378][ T4068] do_el0_svc+0x58/0x14c [ 45.147673][ T4068] el0_svc+0x78/0x1e0 [ 45.148858][ T4068] el0t_64_sync_handler+0xcc/0xe4 executing program [ 45.150293][ T4068] el0t_64_sync+0x1a0/0x1a4 [ 45.192351][ T4083] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 45.199939][ T4068] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 45.203544][ T4104] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 45.206068][ T4101] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 45.206081][ T4104] CPU: 0 PID: 4104 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 45.206097][ T4104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 45.214189][ T4104] Call trace: [ 45.215093][ T4104] dump_backtrace+0x0/0x43c [ 45.216470][ T4104] show_stack+0x2c/0x3c [ 45.217656][ T4104] __dump_stack+0x30/0x40 [ 45.218860][ T4104] dump_stack_lvl+0xf8/0x160 [ 45.220119][ T4104] dump_stack+0x1c/0x5c [ 45.221266][ T4104] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 45.222751][ T4104] f2fs_iget+0x1a74/0x5170 [ 45.223960][ T4104] f2fs_nfs_get_inode+0x80/0x118 [ 45.225394][ T4104] generic_fh_to_dentry+0x9c/0x104 [ 45.226791][ T4104] f2fs_fh_to_dentry+0x44/0x58 [ 45.228174][ T4104] exportfs_decode_fh_raw+0x10c/0x49c [ 45.229655][ T4104] exportfs_decode_fh+0x50/0x80 [ 45.231068][ T4104] do_handle_open+0x514/0x8e8 [ 45.232545][ T4104] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.234242][ T4104] invoke_syscall+0x98/0x2b8 [ 45.235510][ T4104] el0_svc_common+0x138/0x258 [ 45.236838][ T4104] do_el0_svc+0x58/0x14c [ 45.238021][ T4104] el0_svc+0x78/0x1e0 [ 45.239117][ T4104] el0t_64_sync_handler+0xcc/0xe4 [ 45.240664][ T4104] el0t_64_sync+0x1a0/0x1a4 [ 45.241907][ T4101] CPU: 1 PID: 4101 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 45.244761][ T4101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 45.247665][ T4101] Call trace: [ 45.248521][ T4101] dump_backtrace+0x0/0x43c [ 45.249797][ T4101] show_stack+0x2c/0x3c [ 45.250910][ T4101] __dump_stack+0x30/0x40 [ 45.252082][ T4101] dump_stack_lvl+0xf8/0x160 [ 45.253391][ T4101] dump_stack+0x1c/0x5c [ 45.254799][ T4101] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 45.256629][ T4101] f2fs_iget+0x1a74/0x5170 [ 45.257911][ T4101] f2fs_nfs_get_inode+0x80/0x118 [ 45.259288][ T4101] generic_fh_to_dentry+0x9c/0x104 [ 45.260730][ T4101] f2fs_fh_to_dentry+0x44/0x58 [ 45.262045][ T4101] exportfs_decode_fh_raw+0x10c/0x49c [ 45.263539][ T4101] exportfs_decode_fh+0x50/0x80 [ 45.264867][ T4101] do_handle_open+0x514/0x8e8 [ 45.266249][ T4101] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.267912][ T4101] invoke_syscall+0x98/0x2b8 [ 45.269246][ T4101] el0_svc_common+0x138/0x258 [ 45.270605][ T4101] do_el0_svc+0x58/0x14c [ 45.271808][ T4101] el0_svc+0x78/0x1e0 [ 45.272907][ T4101] el0t_64_sync_handler+0xcc/0xe4 [ 45.274346][ T4101] el0t_64_sync+0x1a0/0x1a4 [ 45.307487][ T4104] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 45.315802][ T4104] ================================================================== [ 45.318149][ T4104] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 45.320645][ T4104] [ 45.321278][ T4104] CPU: 0 PID: 4104 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 45.324149][ T4104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 45.326954][ T4104] Call trace: [ 45.327858][ T4104] dump_backtrace+0x0/0x43c [ 45.329170][ T4104] show_stack+0x2c/0x3c [ 45.330417][ T4104] __dump_stack+0x30/0x40 [ 45.331675][ T4104] dump_stack_lvl+0xf8/0x160 [ 45.333025][ T4104] print_address_description+0x78/0x30c [ 45.334602][ T4104] kasan_report_invalid_free+0x4c/0x7c [ 45.336144][ T4104] ____kasan_slab_free+0x134/0x164 [ 45.337592][ T4104] __kasan_slab_free+0x18/0x28 [ 45.338937][ T4104] slab_free_freelist_hook+0x128/0x1e8 [ 45.340852][ T4104] kmem_cache_free+0xdc/0x3b4 [ 45.342165][ T4104] f2fs_destroy_extent_tree+0x2d0/0x688 [ 45.343807][ T4104] f2fs_evict_inode+0x32c/0x1520 [ 45.345222][ T4104] evict+0x3c8/0x810 [ 45.346301][ T4104] iput+0x6c4/0x77c [ 45.347514][ T4104] iget_failed+0x148/0x194 [ 45.348759][ T4104] f2fs_iget+0x58c/0x5170 [ 45.349996][ T4104] f2fs_nfs_get_inode+0x80/0x118 [ 45.351385][ T4104] generic_fh_to_dentry+0x9c/0x104 [ 45.352908][ T4104] f2fs_fh_to_dentry+0x44/0x58 [ 45.354246][ T4104] exportfs_decode_fh_raw+0x10c/0x49c [ 45.355761][ T4104] exportfs_decode_fh+0x50/0x80 [ 45.357089][ T4104] do_handle_open+0x514/0x8e8 [ 45.358439][ T4104] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.360075][ T4104] invoke_syscall+0x98/0x2b8 [ 45.361384][ T4104] el0_svc_common+0x138/0x258 [ 45.362741][ T4104] do_el0_svc+0x58/0x14c [ 45.364010][ T4104] el0_svc+0x78/0x1e0 [ 45.365185][ T4104] el0t_64_sync_handler+0xcc/0xe4 [ 45.366615][ T4104] el0t_64_sync+0x1a0/0x1a4 [ 45.367941][ T4104] [ 45.368570][ T4104] Allocated by task 4083: [ 45.369807][ T4104] __kasan_slab_alloc+0x8c/0xcc [ 45.371215][ T4104] slab_post_alloc_hook+0x74/0x408 [ 45.372712][ T4104] kmem_cache_alloc+0x1e0/0x3e4 [ 45.374332][ T4104] f2fs_init_extent_tree+0x43c/0xaac [ 45.375783][ T4104] f2fs_iget+0x10c4/0x5170 [ 45.377115][ T4104] f2fs_nfs_get_inode+0x80/0x118 [ 45.378515][ T4104] generic_fh_to_dentry+0x9c/0x104 [ 45.379926][ T4104] f2fs_fh_to_dentry+0x44/0x58 [ 45.381251][ T4104] exportfs_decode_fh_raw+0x10c/0x49c [ 45.382888][ T4104] exportfs_decode_fh+0x50/0x80 [ 45.384333][ T4104] do_handle_open+0x514/0x8e8 [ 45.385720][ T4104] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.387165][ T4101] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 45.387460][ T4104] invoke_syscall+0x98/0x2b8 [ 45.392062][ T4085] loop2: detected capacity change from 0 to 40427 [ 45.393979][ T4104] el0_svc_common+0x138/0x258 [ 45.395279][ T4104] do_el0_svc+0x58/0x14c [ 45.396534][ T4104] el0_svc+0x78/0x1e0 [ 45.397639][ T4104] el0t_64_sync_handler+0xcc/0xe4 [ 45.399064][ T4104] el0t_64_sync+0x1a0/0x1a4 [ 45.400377][ T4104] [ 45.401032][ T4104] Freed by task 4083: [ 45.402172][ T4104] kasan_set_track+0x4c/0x84 [ 45.403594][ T4104] kasan_set_free_info+0x28/0x4c [ 45.405161][ T4104] ____kasan_slab_free+0x118/0x164 [ 45.406711][ T4104] __kasan_slab_free+0x18/0x28 [ 45.408079][ T4104] slab_free_freelist_hook+0x128/0x1e8 [ 45.409678][ T4104] kmem_cache_free+0xdc/0x3b4 [ 45.411006][ T4104] f2fs_destroy_extent_tree+0x2d0/0x688 [ 45.412647][ T4104] f2fs_evict_inode+0x32c/0x1520 [ 45.414112][ T4104] evict+0x3c8/0x810 [ 45.415270][ T4104] iput+0x6c4/0x77c [ 45.416341][ T4104] iget_failed+0x148/0x194 [ 45.417574][ T4104] f2fs_iget+0x58c/0x5170 [ 45.418805][ T4104] f2fs_nfs_get_inode+0x80/0x118 [ 45.420254][ T4104] generic_fh_to_dentry+0x9c/0x104 [ 45.421689][ T4104] f2fs_fh_to_dentry+0x44/0x58 [ 45.423089][ T4104] exportfs_decode_fh_raw+0x10c/0x49c [ 45.424621][ T4104] exportfs_decode_fh+0x50/0x80 [ 45.425959][ T4104] do_handle_open+0x514/0x8e8 [ 45.427265][ T4104] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.428941][ T4104] invoke_syscall+0x98/0x2b8 [ 45.430325][ T4104] el0_svc_common+0x138/0x258 [ 45.431710][ T4104] do_el0_svc+0x58/0x14c [ 45.432952][ T4104] el0_svc+0x78/0x1e0 [ 45.434056][ T4104] el0t_64_sync_handler+0xcc/0xe4 [ 45.435528][ T4104] el0t_64_sync+0x1a0/0x1a4 [ 45.436864][ T4104] [ 45.437523][ T4104] The buggy address belongs to the object at ffff0000dce993e8 [ 45.437523][ T4104] which belongs to the cache f2fs_extent_tree of size 136 [ 45.441774][ T4104] The buggy address is located 0 bytes inside of [ 45.441774][ T4104] 136-byte region [ffff0000dce993e8, ffff0000dce99470) [ 45.445641][ T4104] The buggy address belongs to the page: [ 45.447246][ T4104] page:00000000688289a2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11ce99 [ 45.450138][ T4104] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 45.452325][ T4104] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 45.454712][ T4104] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 45.457066][ T4104] page dumped because: kasan: bad access detected [ 45.458904][ T4104] [ 45.459544][ T4104] Memory state around the buggy address: [ 45.461139][ T4104] ffff0000dce99280: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 45.463443][ T4104] ffff0000dce99300: fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb fb [ 45.465701][ T4104] >ffff0000dce99380: fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb fb [ 45.467987][ T4104] ^ [ 45.470151][ T4104] ffff0000dce99400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 45.472520][ T4104] ffff0000dce99480: fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb [ 45.474714][ T4104] ================================================================== [ 45.525470][ T4102] loop0: detected capacity change from 0 to 40427 [ 45.527840][ T4103] loop1: detected capacity change from 0 to 40427 [ 45.556515][ T4103] F2FS-fs (loop1): Found nat_bits in checkpoint [ 45.568842][ T4102] F2FS-fs (loop0): Found nat_bits in checkpoint [ 45.598895][ T4085] F2FS-fs (loop2): Found nat_bits in checkpoint [ 45.626748][ T4103] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 45.631380][ T4102] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 45.642203][ T4102] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 45.644279][ T4102] CPU: 0 PID: 4102 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 45.645818][ T4103] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 45.647022][ T4102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 45.652144][ T4102] Call trace: [ 45.653067][ T4102] dump_backtrace+0x0/0x43c [ 45.654494][ T4102] show_stack+0x2c/0x3c [ 45.655623][ T4102] __dump_stack+0x30/0x40 [ 45.656794][ T4102] dump_stack_lvl+0xf8/0x160 [ 45.658067][ T4102] dump_stack+0x1c/0x5c [ 45.659359][ T4102] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 45.660819][ T4102] f2fs_iget+0x1a74/0x5170 [ 45.662025][ T4085] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 45.664361][ T4102] f2fs_nfs_get_inode+0x80/0x118 [ 45.665947][ T4102] generic_fh_to_dentry+0x9c/0x104 [ 45.667412][ T4102] f2fs_fh_to_dentry+0x44/0x58 [ 45.668708][ T4102] exportfs_decode_fh_raw+0x10c/0x49c [ 45.670228][ T4102] exportfs_decode_fh+0x50/0x80 [ 45.671604][ T4102] do_handle_open+0x514/0x8e8 [ 45.672997][ T4102] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.674793][ T4102] invoke_syscall+0x98/0x2b8 [ 45.676081][ T4102] el0_svc_common+0x138/0x258 [ 45.677425][ T4102] do_el0_svc+0x58/0x14c [ 45.678587][ T4102] el0_svc+0x78/0x1e0 [ 45.679699][ T4102] el0t_64_sync_handler+0xcc/0xe4 [ 45.681096][ T4102] el0t_64_sync+0x1a0/0x1a4 [ 45.684051][ T4103] CPU: 1 PID: 4103 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 45.686921][ T4103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 45.689830][ T4103] Call trace: [ 45.690766][ T4103] dump_backtrace+0x0/0x43c [ 45.692020][ T4103] show_stack+0x2c/0x3c [ 45.693163][ T4103] __dump_stack+0x30/0x40 [ 45.694373][ T4103] dump_stack_lvl+0xf8/0x160 [ 45.695644][ T4103] dump_stack+0x1c/0x5c [ 45.696816][ T4103] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 45.698337][ T4103] f2fs_iget+0x1a74/0x5170 [ 45.699571][ T4103] f2fs_nfs_get_inode+0x80/0x118 [ 45.700934][ T4103] generic_fh_to_dentry+0x9c/0x104 [ 45.702411][ T4103] f2fs_fh_to_dentry+0x44/0x58 [ 45.703763][ T4103] exportfs_decode_fh_raw+0x10c/0x49c [ 45.705421][ T4103] exportfs_decode_fh+0x50/0x80 [ 45.706835][ T4103] do_handle_open+0x514/0x8e8 [ 45.708086][ T4103] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.709701][ T4103] invoke_syscall+0x98/0x2b8 [ 45.711071][ T4103] el0_svc_common+0x138/0x258 [ 45.712454][ T4103] do_el0_svc+0x58/0x14c [ 45.713626][ T4103] el0_svc+0x78/0x1e0 [ 45.714809][ T4103] el0t_64_sync_handler+0xcc/0xe4 [ 45.716263][ T4103] el0t_64_sync+0x1a0/0x1a4 [ 45.740817][ T4085] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 45.743004][ T4085] CPU: 1 PID: 4085 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 45.745817][ T4085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 45.748535][ T4085] Call trace: [ 45.749819][ T4085] dump_backtrace+0x0/0x43c [ 45.751137][ T4085] show_stack+0x2c/0x3c [ 45.752285][ T4085] __dump_stack+0x30/0x40 [ 45.753483][ T4085] dump_stack_lvl+0xf8/0x160 [ 45.754843][ T4085] dump_stack+0x1c/0x5c [ 45.755994][ T4085] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 45.757607][ T4085] f2fs_iget+0x1a74/0x5170 [ 45.758953][ T4085] f2fs_nfs_get_inode+0x80/0x118 [ 45.760361][ T4085] generic_fh_to_dentry+0x9c/0x104 [ 45.761788][ T4085] f2fs_fh_to_dentry+0x44/0x58 [ 45.763112][ T4085] exportfs_decode_fh_raw+0x10c/0x49c [ 45.764611][ T4085] exportfs_decode_fh+0x50/0x80 [ 45.766009][ T4085] do_handle_open+0x514/0x8e8 [ 45.767314][ T4085] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.768981][ T4085] invoke_syscall+0x98/0x2b8 [ 45.770245][ T4085] el0_svc_common+0x138/0x258 [ 45.771563][ T4085] do_el0_svc+0x58/0x14c [ 45.772809][ T4085] el0_svc+0x78/0x1e0 [ 45.773945][ T4085] el0t_64_sync_handler+0xcc/0xe4 [ 45.775395][ T4085] el0t_64_sync+0x1a0/0x1a4 executing program [ 45.790688][ T4102] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 45.798148][ T4103] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix executing program [ 45.804191][ T4119] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 45.806576][ T4119] CPU: 1 PID: 4119 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 45.809445][ T4119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 45.812315][ T4119] Call trace: [ 45.813268][ T4119] dump_backtrace+0x0/0x43c [ 45.814533][ T4119] show_stack+0x2c/0x3c [ 45.815690][ T4119] __dump_stack+0x30/0x40 [ 45.816879][ T4119] dump_stack_lvl+0xf8/0x160 [ 45.818181][ T4119] dump_stack+0x1c/0x5c [ 45.818969][ T4118] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 45.819372][ T4119] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 45.822942][ T4119] f2fs_iget+0x1a74/0x5170 [ 45.824219][ T4119] f2fs_nfs_get_inode+0x80/0x118 [ 45.825619][ T4119] generic_fh_to_dentry+0x9c/0x104 [ 45.827060][ T4119] f2fs_fh_to_dentry+0x44/0x58 [ 45.828443][ T4119] exportfs_decode_fh_raw+0x10c/0x49c [ 45.829933][ T4119] exportfs_decode_fh+0x50/0x80 [ 45.831264][ T4119] do_handle_open+0x514/0x8e8 [ 45.832666][ T4119] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.834327][ T4119] invoke_syscall+0x98/0x2b8 [ 45.835680][ T4119] el0_svc_common+0x138/0x258 [ 45.837053][ T4119] do_el0_svc+0x58/0x14c [ 45.838237][ T4119] el0_svc+0x78/0x1e0 [ 45.839324][ T4119] el0t_64_sync_handler+0xcc/0xe4 [ 45.840774][ T4119] el0t_64_sync+0x1a0/0x1a4 [ 45.843279][ T4118] CPU: 0 PID: 4118 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 45.846227][ T4118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 45.849314][ T4118] Call trace: [ 45.850245][ T4118] dump_backtrace+0x0/0x43c [ 45.851462][ T4085] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 45.851629][ T4118] show_stack+0x2c/0x3c [ 45.856008][ T4118] __dump_stack+0x30/0x40 [ 45.857211][ T4118] dump_stack_lvl+0xf8/0x160 [ 45.858549][ T4118] dump_stack+0x1c/0x5c [ 45.860966][ T4118] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 45.862417][ T4118] f2fs_iget+0x1a74/0x5170 [ 45.863691][ T4118] f2fs_nfs_get_inode+0x80/0x118 [ 45.865173][ T4118] generic_fh_to_dentry+0x9c/0x104 [ 45.866616][ T4118] f2fs_fh_to_dentry+0x44/0x58 [ 45.867964][ T4118] exportfs_decode_fh_raw+0x10c/0x49c [ 45.869589][ T4118] exportfs_decode_fh+0x50/0x80 [ 45.870923][ T4118] do_handle_open+0x514/0x8e8 [ 45.872210][ T4118] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.873826][ T4118] invoke_syscall+0x98/0x2b8 [ 45.875123][ T4118] el0_svc_common+0x138/0x258 [ 45.876550][ T4118] do_el0_svc+0x58/0x14c [ 45.877763][ T4118] el0_svc+0x78/0x1e0 [ 45.878961][ T4118] el0t_64_sync_handler+0xcc/0xe4 [ 45.880088][ T4119] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 45.880397][ T4118] el0t_64_sync+0x1a0/0x1a4 [ 45.886092][ T4122] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 45.888132][ T4119] ================================================================== [ 45.888454][ T4122] CPU: 0 PID: 4122 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 45.890676][ T4119] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 45.893548][ T4122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 45.895797][ T4119] [ 45.899283][ T4122] Call trace: [ 45.900168][ T4122] dump_backtrace+0x0/0x43c [ 45.901428][ T4122] show_stack+0x2c/0x3c [ 45.902685][ T4122] __dump_stack+0x30/0x40 [ 45.903835][ T4122] dump_stack_lvl+0xf8/0x160 [ 45.905140][ T4122] dump_stack+0x1c/0x5c [ 45.906426][ T4122] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 45.907877][ T4122] f2fs_iget+0x1a74/0x5170 [ 45.909092][ T4122] f2fs_nfs_get_inode+0x80/0x118 [ 45.910426][ T4122] generic_fh_to_dentry+0x9c/0x104 [ 45.911810][ T4122] f2fs_fh_to_dentry+0x44/0x58 [ 45.913101][ T4122] exportfs_decode_fh_raw+0x10c/0x49c [ 45.914643][ T4122] exportfs_decode_fh+0x50/0x80 [ 45.916102][ T4122] do_handle_open+0x514/0x8e8 [ 45.917378][ T4122] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.918963][ T4122] invoke_syscall+0x98/0x2b8 [ 45.920213][ T4122] el0_svc_common+0x138/0x258 [ 45.921492][ T4122] do_el0_svc+0x58/0x14c [ 45.922641][ T4122] el0_svc+0x78/0x1e0 [ 45.923718][ T4122] el0t_64_sync_handler+0xcc/0xe4 [ 45.925071][ T4122] el0t_64_sync+0x1a0/0x1a4 [ 45.926312][ T4119] CPU: 1 PID: 4119 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 45.929296][ T4119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 45.932257][ T4119] Call trace: [ 45.933146][ T4119] dump_backtrace+0x0/0x43c [ 45.934361][ T4119] show_stack+0x2c/0x3c [ 45.935485][ T4119] __dump_stack+0x30/0x40 [ 45.936719][ T4119] dump_stack_lvl+0xf8/0x160 [ 45.937931][ T4119] print_address_description+0x78/0x30c [ 45.939477][ T4119] kasan_report_invalid_free+0x4c/0x7c [ 45.941039][ T4119] ____kasan_slab_free+0x134/0x164 [ 45.942581][ T4119] __kasan_slab_free+0x18/0x28 [ 45.943945][ T4119] slab_free_freelist_hook+0x128/0x1e8 [ 45.945463][ T4119] kmem_cache_free+0xdc/0x3b4 [ 45.946780][ T4119] f2fs_destroy_extent_tree+0x2d0/0x688 [ 45.948462][ T4119] f2fs_evict_inode+0x32c/0x1520 [ 45.949837][ T4119] evict+0x3c8/0x810 [ 45.950922][ T4119] iput+0x6c4/0x77c [ 45.951998][ T4119] iget_failed+0x148/0x194 [ 45.953199][ T4119] f2fs_iget+0x58c/0x5170 [ 45.954576][ T4119] f2fs_nfs_get_inode+0x80/0x118 [ 45.956026][ T4119] generic_fh_to_dentry+0x9c/0x104 [ 45.957422][ T4119] f2fs_fh_to_dentry+0x44/0x58 [ 45.958795][ T4119] exportfs_decode_fh_raw+0x10c/0x49c [ 45.960343][ T4119] exportfs_decode_fh+0x50/0x80 [ 45.961794][ T4119] do_handle_open+0x514/0x8e8 [ 45.963122][ T4119] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.964740][ T4119] invoke_syscall+0x98/0x2b8 [ 45.966059][ T4119] el0_svc_common+0x138/0x258 [ 45.967348][ T4119] do_el0_svc+0x58/0x14c [ 45.968567][ T4119] el0_svc+0x78/0x1e0 [ 45.969881][ T4119] el0t_64_sync_handler+0xcc/0xe4 [ 45.971301][ T4119] el0t_64_sync+0x1a0/0x1a4 [ 45.972538][ T4119] [ 45.973160][ T4119] Allocated by task 4103: [ 45.974521][ T4119] __kasan_slab_alloc+0x8c/0xcc [ 45.975868][ T4119] slab_post_alloc_hook+0x74/0x408 [ 45.977315][ T4119] kmem_cache_alloc+0x1e0/0x3e4 [ 45.978828][ T4119] f2fs_init_extent_tree+0x43c/0xaac [ 45.980338][ T4119] f2fs_iget+0x10c4/0x5170 [ 45.981593][ T4119] f2fs_nfs_get_inode+0x80/0x118 [ 45.982930][ T4119] generic_fh_to_dentry+0x9c/0x104 [ 45.984388][ T4119] f2fs_fh_to_dentry+0x44/0x58 [ 45.985707][ T4119] exportfs_decode_fh_raw+0x10c/0x49c [ 45.987203][ T4119] exportfs_decode_fh+0x50/0x80 [ 45.988543][ T4119] do_handle_open+0x514/0x8e8 [ 45.989875][ T4119] __arm64_sys_open_by_handle_at+0x80/0x94 [ 45.990315][ T4122] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 45.991557][ T4119] invoke_syscall+0x98/0x2b8 [ 45.991574][ T4119] el0_svc_common+0x138/0x258 [ 45.997420][ T4119] do_el0_svc+0x58/0x14c [ 45.998644][ T4119] el0_svc+0x78/0x1e0 [ 45.999745][ T4119] el0t_64_sync_handler+0xcc/0xe4 [ 46.001142][ T4119] el0t_64_sync+0x1a0/0x1a4 [ 46.002481][ T4119] [ 46.003138][ T4119] Freed by task 4103: [ 46.004295][ T4119] kasan_set_track+0x4c/0x84 [ 46.005674][ T4119] kasan_set_free_info+0x28/0x4c [ 46.007161][ T4119] ____kasan_slab_free+0x118/0x164 [ 46.008732][ T4119] __kasan_slab_free+0x18/0x28 [ 46.010081][ T4119] slab_free_freelist_hook+0x128/0x1e8 [ 46.011640][ T4119] kmem_cache_free+0xdc/0x3b4 [ 46.012949][ T4119] f2fs_destroy_extent_tree+0x2d0/0x688 [ 46.014455][ T4119] f2fs_evict_inode+0x32c/0x1520 [ 46.015859][ T4119] evict+0x3c8/0x810 [ 46.016956][ T4119] iput+0x6c4/0x77c [ 46.017275][ T4118] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 46.018012][ T4119] iget_failed+0x148/0x194 [ 46.022635][ T4119] f2fs_iget+0x58c/0x5170 [ 46.023855][ T4119] f2fs_nfs_get_inode+0x80/0x118 [ 46.025247][ T4119] generic_fh_to_dentry+0x9c/0x104 [ 46.026687][ T4119] f2fs_fh_to_dentry+0x44/0x58 [ 46.028164][ T4119] exportfs_decode_fh_raw+0x10c/0x49c [ 46.029672][ T4119] exportfs_decode_fh+0x50/0x80 [ 46.031102][ T4119] do_handle_open+0x514/0x8e8 [ 46.032477][ T4119] __arm64_sys_open_by_handle_at+0x80/0x94 [ 46.034190][ T4119] invoke_syscall+0x98/0x2b8 [ 46.035521][ T4119] el0_svc_common+0x138/0x258 [ 46.036916][ T4119] do_el0_svc+0x58/0x14c [ 46.038063][ T4119] el0_svc+0x78/0x1e0 [ 46.039192][ T4119] el0t_64_sync_handler+0xcc/0xe4 [ 46.040606][ T4119] el0t_64_sync+0x1a0/0x1a4 [ 46.041818][ T4119] [ 46.042473][ T4119] The buggy address belongs to the object at ffff0000dce99578 [ 46.042473][ T4119] which belongs to the cache f2fs_extent_tree of size 136 [ 46.047670][ T4119] The buggy address is located 0 bytes inside of [ 46.047670][ T4119] 136-byte region [ffff0000dce99578, ffff0000dce99600) [ 46.051397][ T4119] The buggy address belongs to the page: [ 46.053020][ T4119] page:00000000688289a2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11ce99 [ 46.055930][ T4119] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 46.058178][ T4119] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 46.060796][ T4119] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 46.063276][ T4119] page dumped because: kasan: bad access detected [ 46.065076][ T4119] [ 46.065719][ T4119] Memory state around the buggy address: [ 46.067266][ T4119] ffff0000dce99400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 46.069553][ T4119] ffff0000dce99480: fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb [ 46.071788][ T4119] >ffff0000dce99500: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fa [ 46.074215][ T4119] ^ [ 46.076612][ T4119] ffff0000dce99580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.078967][ T4119] ffff0000dce99600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 46.081283][ T4119] ================================================================== [ 46.083617][ T4118] ================================================================== [ 46.086007][ T4118] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 46.088452][ T4118] [ 46.089093][ T4118] CPU: 0 PID: 4118 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 46.091906][ T4118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 46.094864][ T4118] Call trace: [ 46.095972][ T4118] dump_backtrace+0x0/0x43c [ 46.097305][ T4118] show_stack+0x2c/0x3c [ 46.098527][ T4118] __dump_stack+0x30/0x40 [ 46.099771][ T4118] dump_stack_lvl+0xf8/0x160 [ 46.101085][ T4118] print_address_description+0x78/0x30c [ 46.102640][ T4118] kasan_report_invalid_free+0x4c/0x7c [ 46.104197][ T4118] ____kasan_slab_free+0x134/0x164 [ 46.105653][ T4118] __kasan_slab_free+0x18/0x28 [ 46.107004][ T4118] slab_free_freelist_hook+0x128/0x1e8 [ 46.108611][ T4118] kmem_cache_free+0xdc/0x3b4 [ 46.109971][ T4118] f2fs_destroy_extent_tree+0x2d0/0x688 [ 46.111572][ T4118] f2fs_evict_inode+0x32c/0x1520 [ 46.112947][ T4118] evict+0x3c8/0x810 [ 46.113999][ T4118] iput+0x6c4/0x77c [ 46.115112][ T4118] iget_failed+0x148/0x194 [ 46.116346][ T4118] f2fs_iget+0x58c/0x5170 [ 46.117547][ T4118] f2fs_nfs_get_inode+0x80/0x118 [ 46.118905][ T4118] generic_fh_to_dentry+0x9c/0x104 [ 46.120356][ T4118] f2fs_fh_to_dentry+0x44/0x58 [ 46.121700][ T4118] exportfs_decode_fh_raw+0x10c/0x49c [ 46.123222][ T4118] exportfs_decode_fh+0x50/0x80 [ 46.124560][ T4118] do_handle_open+0x514/0x8e8 [ 46.125892][ T4118] __arm64_sys_open_by_handle_at+0x80/0x94 [ 46.127495][ T4118] invoke_syscall+0x98/0x2b8 [ 46.128807][ T4118] el0_svc_common+0x138/0x258 [ 46.130072][ T4118] do_el0_svc+0x58/0x14c [ 46.131292][ T4118] el0_svc+0x78/0x1e0 [ 46.132352][ T4118] el0t_64_sync_handler+0xcc/0xe4 [ 46.133732][ T4118] el0t_64_sync+0x1a0/0x1a4 [ 46.134976][ T4118] [ 46.135600][ T4118] Allocated by task 4102: [ 46.136968][ T4118] __kasan_slab_alloc+0x8c/0xcc [ 46.138289][ T4118] slab_post_alloc_hook+0x74/0x408 [ 46.139866][ T4118] kmem_cache_alloc+0x1e0/0x3e4 [ 46.141213][ T4118] f2fs_init_extent_tree+0x43c/0xaac [ 46.142675][ T4118] f2fs_iget+0x10c4/0x5170 [ 46.143936][ T4118] f2fs_nfs_get_inode+0x80/0x118 [ 46.145330][ T4118] generic_fh_to_dentry+0x9c/0x104 [ 46.146741][ T4118] f2fs_fh_to_dentry+0x44/0x58 [ 46.148103][ T4118] exportfs_decode_fh_raw+0x10c/0x49c [ 46.149651][ T4118] exportfs_decode_fh+0x50/0x80 [ 46.151053][ T4118] do_handle_open+0x514/0x8e8 [ 46.152952][ T4118] __arm64_sys_open_by_handle_at+0x80/0x94 [ 46.155051][ T4118] invoke_syscall+0x98/0x2b8 [ 46.156478][ T4118] el0_svc_common+0x138/0x258 [ 46.157736][ T4118] do_el0_svc+0x58/0x14c [ 46.158962][ T4118] el0_svc+0x78/0x1e0 [ 46.160077][ T4118] el0t_64_sync_handler+0xcc/0xe4 [ 46.161508][ T4118] el0t_64_sync+0x1a0/0x1a4 [ 46.162767][ T4118] [ 46.163407][ T4118] Freed by task 4102: [ 46.164513][ T4118] kasan_set_track+0x4c/0x84 [ 46.165844][ T4118] kasan_set_free_info+0x28/0x4c [ 46.167231][ T4118] ____kasan_slab_free+0x118/0x164 [ 46.168683][ T4118] __kasan_slab_free+0x18/0x28 [ 46.169055][ T4124] loop4: detected capacity change from 0 to 40427 [ 46.170109][ T4118] slab_free_freelist_hook+0x128/0x1e8 [ 46.173433][ T4118] kmem_cache_free+0xdc/0x3b4 [ 46.174729][ T4118] f2fs_destroy_extent_tree+0x2d0/0x688 [ 46.176355][ T4118] f2fs_evict_inode+0x32c/0x1520 [ 46.177740][ T4118] evict+0x3c8/0x810 [ 46.178842][ T4118] iput+0x6c4/0x77c [ 46.179920][ T4118] iget_failed+0x148/0x194 [ 46.181146][ T4118] f2fs_iget+0x58c/0x5170 [ 46.182430][ T4118] f2fs_nfs_get_inode+0x80/0x118 [ 46.183776][ T4118] generic_fh_to_dentry+0x9c/0x104 [ 46.185223][ T4118] f2fs_fh_to_dentry+0x44/0x58 [ 46.186580][ T4118] exportfs_decode_fh_raw+0x10c/0x49c [ 46.188142][ T4118] exportfs_decode_fh+0x50/0x80 [ 46.189543][ T4118] do_handle_open+0x514/0x8e8 [ 46.190814][ T4118] __arm64_sys_open_by_handle_at+0x80/0x94 [ 46.192487][ T4118] invoke_syscall+0x98/0x2b8 [ 46.193783][ T4118] el0_svc_common+0x138/0x258 [ 46.195137][ T4118] do_el0_svc+0x58/0x14c [ 46.196337][ T4118] el0_svc+0x78/0x1e0 [ 46.197431][ T4118] el0t_64_sync_handler+0xcc/0xe4 [ 46.198898][ T4118] el0t_64_sync+0x1a0/0x1a4 [ 46.200225][ T4118] [ 46.200982][ T4118] The buggy address belongs to the object at ffff0000dcfd1708 [ 46.200982][ T4118] which belongs to the cache f2fs_extent_tree of size 136 [ 46.205260][ T4118] The buggy address is located 0 bytes inside of [ 46.205260][ T4118] 136-byte region [ffff0000dcfd1708, ffff0000dcfd1790) [ 46.209009][ T4118] The buggy address belongs to the page: [ 46.210780][ T4118] page:00000000f15c583c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11cfd1 [ 46.213695][ T4118] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 46.215801][ T4118] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 46.218302][ T4118] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 46.220743][ T4118] page dumped because: kasan: bad access detected [ 46.222553][ T4118] [ 46.223178][ T4118] Memory state around the buggy address: [ 46.225028][ T4118] ffff0000dcfd1600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 46.227314][ T4118] ffff0000dcfd1680: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 46.229662][ T4118] >ffff0000dcfd1700: fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 46.231951][ T4118] ^ [ 46.233205][ T4118] ffff0000dcfd1780: fb fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb [ 46.235482][ T4118] ffff0000dcfd1800: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 46.237802][ T4118] ================================================================== [ 46.265258][ T4121] loop3: detected capacity change from 0 to 40427 [ 46.306519][ T4124] F2FS-fs (loop4): Found nat_bits in checkpoint executing program [ 46.399368][ T4121] F2FS-fs (loop3): Found nat_bits in checkpoint [ 46.420424][ T4124] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 46.427503][ T4121] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 46.443377][ T4124] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 46.445589][ T4124] CPU: 0 PID: 4124 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 46.446900][ T4121] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 46.448598][ T4124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 46.448609][ T4124] Call trace: [ 46.448612][ T4124] dump_backtrace+0x0/0x43c [ 46.448636][ T4124] show_stack+0x2c/0x3c [ 46.448645][ T4124] __dump_stack+0x30/0x40 [ 46.448656][ T4124] dump_stack_lvl+0xf8/0x160 [ 46.448663][ T4124] dump_stack+0x1c/0x5c [ 46.448671][ T4124] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 46.448682][ T4124] f2fs_iget+0x1a74/0x5170 [ 46.463712][ T4124] f2fs_nfs_get_inode+0x80/0x118 [ 46.465118][ T4124] generic_fh_to_dentry+0x9c/0x104 [ 46.466600][ T4124] f2fs_fh_to_dentry+0x44/0x58 [ 46.467937][ T4124] exportfs_decode_fh_raw+0x10c/0x49c [ 46.469493][ T4124] exportfs_decode_fh+0x50/0x80 [ 46.470910][ T4124] do_handle_open+0x514/0x8e8 [ 46.472337][ T4124] __arm64_sys_open_by_handle_at+0x80/0x94 [ 46.473995][ T4124] invoke_syscall+0x98/0x2b8 [ 46.475321][ T4124] el0_svc_common+0x138/0x258 [ 46.476652][ T4124] do_el0_svc+0x58/0x14c [ 46.477867][ T4124] el0_svc+0x78/0x1e0 [ 46.479055][ T4124] el0t_64_sync_handler+0xcc/0xe4 [ 46.480552][ T4124] el0t_64_sync+0x1a0/0x1a4 [ 46.481797][ T4121] CPU: 1 PID: 4121 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 46.484787][ T4121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 46.487867][ T4121] Call trace: [ 46.488794][ T4121] dump_backtrace+0x0/0x43c [ 46.490124][ T4121] show_stack+0x2c/0x3c [ 46.491423][ T4121] __dump_stack+0x30/0x40 [ 46.492741][ T4121] dump_stack_lvl+0xf8/0x160 [ 46.493973][ T4121] dump_stack+0x1c/0x5c [ 46.495412][ T4121] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 46.496850][ T4121] f2fs_iget+0x1a74/0x5170 [ 46.498089][ T4121] f2fs_nfs_get_inode+0x80/0x118 [ 46.499504][ T4121] generic_fh_to_dentry+0x9c/0x104 [ 46.500886][ T4121] f2fs_fh_to_dentry+0x44/0x58 [ 46.502208][ T4121] exportfs_decode_fh_raw+0x10c/0x49c [ 46.503705][ T4121] exportfs_decode_fh+0x50/0x80 [ 46.505042][ T4121] do_handle_open+0x514/0x8e8 [ 46.506456][ T4121] __arm64_sys_open_by_handle_at+0x80/0x94 [ 46.508038][ T4121] invoke_syscall+0x98/0x2b8 [ 46.509372][ T4121] el0_svc_common+0x138/0x258 [ 46.510682][ T4121] do_el0_svc+0x58/0x14c [ 46.511862][ T4121] el0_svc+0x78/0x1e0 [ 46.512992][ T4121] el0t_64_sync_handler+0xcc/0xe4 [ 46.514410][ T4121] el0t_64_sync+0x1a0/0x1a4 [ 46.557204][ T4121] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 46.567652][ T4136] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 46.569885][ T4136] CPU: 0 PID: 4136 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 46.572614][ T4136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 46.575440][ T4136] Call trace: [ 46.576360][ T4136] dump_backtrace+0x0/0x43c [ 46.577810][ T4136] show_stack+0x2c/0x3c [ 46.579014][ T4136] __dump_stack+0x30/0x40 [ 46.580318][ T4136] dump_stack_lvl+0xf8/0x160 [ 46.581699][ T4136] dump_stack+0x1c/0x5c [ 46.582887][ T4136] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 46.584391][ T4136] f2fs_iget+0x1a74/0x5170 [ 46.585670][ T4136] f2fs_nfs_get_inode+0x80/0x118 [ 46.587032][ T4136] generic_fh_to_dentry+0x9c/0x104 [ 46.588444][ T4136] f2fs_fh_to_dentry+0x44/0x58 [ 46.589763][ T4136] exportfs_decode_fh_raw+0x10c/0x49c [ 46.591232][ T4136] exportfs_decode_fh+0x50/0x80 [ 46.592664][ T4136] do_handle_open+0x514/0x8e8 [ 46.594064][ T4136] __arm64_sys_open_by_handle_at+0x80/0x94 [ 46.595747][ T4136] invoke_syscall+0x98/0x2b8 [ 46.597085][ T4136] el0_svc_common+0x138/0x258 [ 46.598401][ T4136] do_el0_svc+0x58/0x14c [ 46.599644][ T4136] el0_svc+0x78/0x1e0 [ 46.600859][ T4136] el0t_64_sync_handler+0xcc/0xe4 [ 46.601366][ T4129] loop0: detected capacity change from 0 to 40427 [ 46.602290][ T4136] el0t_64_sync+0x1a0/0x1a4 executing program executing program [ 46.635450][ T4124] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 46.639376][ T4136] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 46.644947][ T4129] F2FS-fs (loop0): Found nat_bits in checkpoint [ 46.647582][ T4135] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 46.649876][ T4135] CPU: 0 PID: 4135 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 46.652649][ T4135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 46.655432][ T4135] Call trace: [ 46.656360][ T4135] dump_backtrace+0x0/0x43c [ 46.657712][ T4135] show_stack+0x2c/0x3c [ 46.658459][ T4129] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 46.658898][ T4135] __dump_stack+0x30/0x40 [ 46.662221][ T4135] dump_stack_lvl+0xf8/0x160 [ 46.662269][ T4129] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 46.663508][ T4135] dump_stack+0x1c/0x5c [ 46.666826][ T4135] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 46.668267][ T4135] f2fs_iget+0x1a74/0x5170 [ 46.669561][ T4135] f2fs_nfs_get_inode+0x80/0x118 [ 46.671006][ T4135] generic_fh_to_dentry+0x9c/0x104 [ 46.672548][ T4135] f2fs_fh_to_dentry+0x44/0x58 [ 46.673911][ T4135] exportfs_decode_fh_raw+0x10c/0x49c [ 46.675484][ T4135] exportfs_decode_fh+0x50/0x80 [ 46.676952][ T4135] do_handle_open+0x514/0x8e8 [ 46.678272][ T4135] __arm64_sys_open_by_handle_at+0x80/0x94 [ 46.679903][ T4135] invoke_syscall+0x98/0x2b8 [ 46.681241][ T4135] el0_svc_common+0x138/0x258 [ 46.682600][ T4135] do_el0_svc+0x58/0x14c [ 46.683918][ T4135] el0_svc+0x78/0x1e0 [ 46.685042][ T4135] el0t_64_sync_handler+0xcc/0xe4 [ 46.686549][ T4135] el0t_64_sync+0x1a0/0x1a4 [ 46.687918][ T4129] CPU: 1 PID: 4129 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 46.690944][ T4129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 46.694084][ T4129] Call trace: [ 46.695033][ T4129] dump_backtrace+0x0/0x43c [ 46.696366][ T4129] show_stack+0x2c/0x3c [ 46.697559][ T4129] __dump_stack+0x30/0x40 [ 46.698856][ T4129] dump_stack_lvl+0xf8/0x160 [ 46.700106][ T4129] dump_stack+0x1c/0x5c [ 46.701285][ T4129] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 46.702792][ T4129] f2fs_iget+0x1a74/0x5170 [ 46.703974][ T4129] f2fs_nfs_get_inode+0x80/0x118 [ 46.705443][ T4129] generic_fh_to_dentry+0x9c/0x104 [ 46.706915][ T4129] f2fs_fh_to_dentry+0x44/0x58 [ 46.708244][ T4129] exportfs_decode_fh_raw+0x10c/0x49c [ 46.709809][ T4129] exportfs_decode_fh+0x50/0x80 [ 46.711320][ T4129] do_handle_open+0x514/0x8e8 [ 46.712654][ T4129] __arm64_sys_open_by_handle_at+0x80/0x94 [ 46.714431][ T4129] invoke_syscall+0x98/0x2b8 [ 46.715789][ T4129] el0_svc_common+0x138/0x258 [ 46.717140][ T4129] do_el0_svc+0x58/0x14c [ 46.718413][ T4129] el0_svc+0x78/0x1e0 [ 46.719567][ T4129] el0t_64_sync_handler+0xcc/0xe4 [ 46.720997][ T4129] el0t_64_sync+0x1a0/0x1a4 [ 46.732167][ T4129] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 46.736102][ T4135] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 46.741208][ T4145] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 46.744934][ T4145] CPU: 1 PID: 4145 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 46.747715][ T4145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 46.750699][ T4145] Call trace: [ 46.751597][ T4145] dump_backtrace+0x0/0x43c [ 46.753008][ T4145] show_stack+0x2c/0x3c [ 46.754184][ T4145] __dump_stack+0x30/0x40 [ 46.755410][ T4145] dump_stack_lvl+0xf8/0x160 [ 46.756732][ T4145] dump_stack+0x1c/0x5c [ 46.757832][ T4145] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 46.759323][ T4145] f2fs_iget+0x1a74/0x5170 [ 46.760600][ T4145] f2fs_nfs_get_inode+0x80/0x118 [ 46.761980][ T4145] generic_fh_to_dentry+0x9c/0x104 [ 46.763436][ T4145] f2fs_fh_to_dentry+0x44/0x58 [ 46.764784][ T4145] exportfs_decode_fh_raw+0x10c/0x49c [ 46.766222][ T4145] exportfs_decode_fh+0x50/0x80 [ 46.767581][ T4145] do_handle_open+0x514/0x8e8 [ 46.768987][ T4145] __arm64_sys_open_by_handle_at+0x80/0x94 [ 46.770646][ T4145] invoke_syscall+0x98/0x2b8 [ 46.771999][ T4145] el0_svc_common+0x138/0x258 [ 46.773293][ T4145] do_el0_svc+0x58/0x14c [ 46.774453][ T4145] el0_svc+0x78/0x1e0 [ 46.775528][ T4145] el0t_64_sync_handler+0xcc/0xe4 [ 46.776944][ T4145] el0t_64_sync+0x1a0/0x1a4 [ 46.781855][ T4145] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 47.054928][ T4141] loop2: detected capacity change from 0 to 40427 executing program executing program [ 47.106520][ T4141] F2FS-fs (loop2): Found nat_bits in checkpoint [ 47.143428][ T4141] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 47.146819][ T4141] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 47.149466][ T4141] CPU: 0 PID: 4141 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 47.152392][ T4141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 47.155346][ T4141] Call trace: [ 47.156250][ T4141] dump_backtrace+0x0/0x43c [ 47.157545][ T4141] show_stack+0x2c/0x3c [ 47.158705][ T4141] __dump_stack+0x30/0x40 [ 47.159907][ T4141] dump_stack_lvl+0xf8/0x160 [ 47.161256][ T4141] dump_stack+0x1c/0x5c [ 47.162464][ T4141] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 47.163982][ T4141] f2fs_iget+0x1a74/0x5170 [ 47.165220][ T4141] f2fs_nfs_get_inode+0x80/0x118 [ 47.166636][ T4141] generic_fh_to_dentry+0x9c/0x104 [ 47.168074][ T4141] f2fs_fh_to_dentry+0x44/0x58 [ 47.169502][ T4141] exportfs_decode_fh_raw+0x10c/0x49c [ 47.171035][ T4141] exportfs_decode_fh+0x50/0x80 [ 47.172431][ T4141] do_handle_open+0x514/0x8e8 [ 47.173793][ T4141] __arm64_sys_open_by_handle_at+0x80/0x94 [ 47.175456][ T4141] invoke_syscall+0x98/0x2b8 [ 47.176777][ T4141] el0_svc_common+0x138/0x258 [ 47.178144][ T4141] do_el0_svc+0x58/0x14c [ 47.179367][ T4141] el0_svc+0x78/0x1e0 [ 47.180628][ T4141] el0t_64_sync_handler+0xcc/0xe4 executing program [ 47.182082][ T4141] el0t_64_sync+0x1a0/0x1a4 [ 47.184607][ T4141] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 47.214841][ T4157] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 47.217441][ T4157] CPU: 1 PID: 4157 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 47.220234][ T4157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 47.223080][ T4157] Call trace: [ 47.223977][ T4157] dump_backtrace+0x0/0x43c [ 47.225329][ T4157] show_stack+0x2c/0x3c [ 47.226469][ T4157] __dump_stack+0x30/0x40 [ 47.227683][ T4157] dump_stack_lvl+0xf8/0x160 [ 47.228981][ T4157] dump_stack+0x1c/0x5c [ 47.230107][ T4157] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 47.231627][ T4157] f2fs_iget+0x1a74/0x5170 [ 47.232835][ T4157] f2fs_nfs_get_inode+0x80/0x118 [ 47.234225][ T4157] generic_fh_to_dentry+0x9c/0x104 [ 47.235664][ T4157] f2fs_fh_to_dentry+0x44/0x58 [ 47.237083][ T4157] exportfs_decode_fh_raw+0x10c/0x49c [ 47.238600][ T4157] exportfs_decode_fh+0x50/0x80 [ 47.239930][ T4157] do_handle_open+0x514/0x8e8 [ 47.241236][ T4157] __arm64_sys_open_by_handle_at+0x80/0x94 [ 47.242903][ T4157] invoke_syscall+0x98/0x2b8 [ 47.244243][ T4157] el0_svc_common+0x138/0x258 [ 47.245593][ T4157] do_el0_svc+0x58/0x14c [ 47.246777][ T4157] el0_svc+0x78/0x1e0 [ 47.247849][ T4157] el0t_64_sync_handler+0xcc/0xe4 [ 47.249245][ T4157] el0t_64_sync+0x1a0/0x1a4 [ 47.252017][ T4157] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 47.326912][ T4142] loop1: detected capacity change from 0 to 40427 [ 47.424920][ T4142] F2FS-fs (loop1): Found nat_bits in checkpoint [ 47.437898][ T4156] loop3: detected capacity change from 0 to 40427 [ 47.468258][ T4156] F2FS-fs (loop3): Found nat_bits in checkpoint [ 47.485823][ T4142] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 47.488680][ T4156] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 47.497839][ T4156] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 47.497843][ T4142] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 47.497865][ T4142] CPU: 0 PID: 4142 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 47.505090][ T4142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 47.507915][ T4142] Call trace: [ 47.508874][ T4142] dump_backtrace+0x0/0x43c [ 47.510217][ T4142] show_stack+0x2c/0x3c [ 47.511407][ T4142] __dump_stack+0x30/0x40 [ 47.512632][ T4142] dump_stack_lvl+0xf8/0x160 [ 47.513944][ T4142] dump_stack+0x1c/0x5c [ 47.515085][ T4142] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 47.516596][ T4142] f2fs_iget+0x1a74/0x5170 [ 47.517845][ T4142] f2fs_nfs_get_inode+0x80/0x118 [ 47.519267][ T4142] generic_fh_to_dentry+0x9c/0x104 [ 47.520689][ T4142] f2fs_fh_to_dentry+0x44/0x58 [ 47.522111][ T4142] exportfs_decode_fh_raw+0x10c/0x49c [ 47.523578][ T4142] exportfs_decode_fh+0x50/0x80 [ 47.524964][ T4142] do_handle_open+0x514/0x8e8 [ 47.526306][ T4142] __arm64_sys_open_by_handle_at+0x80/0x94 [ 47.528305][ T4142] invoke_syscall+0x98/0x2b8 [ 47.529590][ T4142] el0_svc_common+0x138/0x258 [ 47.530893][ T4142] do_el0_svc+0x58/0x14c [ 47.532052][ T4142] el0_svc+0x78/0x1e0 [ 47.533334][ T4142] el0t_64_sync_handler+0xcc/0xe4 [ 47.534747][ T4142] el0t_64_sync+0x1a0/0x1a4 [ 47.537422][ T4156] CPU: 1 PID: 4156 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 47.540232][ T4156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 47.543179][ T4156] Call trace: [ 47.544110][ T4156] dump_backtrace+0x0/0x43c [ 47.545361][ T4156] show_stack+0x2c/0x3c [ 47.546554][ T4156] __dump_stack+0x30/0x40 [ 47.547753][ T4156] dump_stack_lvl+0xf8/0x160 [ 47.549010][ T4156] dump_stack+0x1c/0x5c [ 47.550208][ T4156] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 47.551638][ T4156] f2fs_iget+0x1a74/0x5170 [ 47.552859][ T4156] f2fs_nfs_get_inode+0x80/0x118 [ 47.554270][ T4156] generic_fh_to_dentry+0x9c/0x104 [ 47.555664][ T4156] f2fs_fh_to_dentry+0x44/0x58 [ 47.557032][ T4156] exportfs_decode_fh_raw+0x10c/0x49c [ 47.558700][ T4156] exportfs_decode_fh+0x50/0x80 [ 47.560114][ T4156] do_handle_open+0x514/0x8e8 [ 47.561495][ T4156] __arm64_sys_open_by_handle_at+0x80/0x94 [ 47.563134][ T4156] invoke_syscall+0x98/0x2b8 [ 47.564443][ T4156] el0_svc_common+0x138/0x258 [ 47.565886][ T4156] do_el0_svc+0x58/0x14c [ 47.567071][ T4156] el0_svc+0x78/0x1e0 [ 47.568212][ T4156] el0t_64_sync_handler+0xcc/0xe4 [ 47.569672][ T4156] el0t_64_sync+0x1a0/0x1a4 [ 47.624538][ T4156] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix executing program [ 47.636507][ T4142] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 47.640512][ T4167] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 47.642664][ T4167] CPU: 1 PID: 4167 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 47.645761][ T4167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 47.648721][ T4167] Call trace: [ 47.649659][ T4167] dump_backtrace+0x0/0x43c [ 47.650971][ T4167] show_stack+0x2c/0x3c [ 47.652084][ T4167] __dump_stack+0x30/0x40 [ 47.653292][ T4167] dump_stack_lvl+0xf8/0x160 [ 47.654659][ T4167] dump_stack+0x1c/0x5c [ 47.655948][ T4167] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 47.657496][ T4167] f2fs_iget+0x1a74/0x5170 [ 47.658713][ T4167] f2fs_nfs_get_inode+0x80/0x118 [ 47.660165][ T4167] generic_fh_to_dentry+0x9c/0x104 [ 47.661591][ T4167] f2fs_fh_to_dentry+0x44/0x58 [ 47.662947][ T4167] exportfs_decode_fh_raw+0x10c/0x49c [ 47.664433][ T4167] exportfs_decode_fh+0x50/0x80 [ 47.665817][ T4167] do_handle_open+0x514/0x8e8 [ 47.667139][ T4167] __arm64_sys_open_by_handle_at+0x80/0x94 [ 47.668804][ T4167] invoke_syscall+0x98/0x2b8 [ 47.670075][ T4167] el0_svc_common+0x138/0x258 [ 47.671418][ T4167] do_el0_svc+0x58/0x14c [ 47.672649][ T4167] el0_svc+0x78/0x1e0 [ 47.673792][ T4167] el0t_64_sync_handler+0xcc/0xe4 [ 47.675198][ T4167] el0t_64_sync+0x1a0/0x1a4 [ 47.681109][ T4166] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 47.683407][ T4166] CPU: 0 PID: 4166 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 47.684874][ T4153] loop4: detected capacity change from 0 to 40427 [ 47.686178][ T4166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 47.686189][ T4166] Call trace: [ 47.686192][ T4166] dump_backtrace+0x0/0x43c [ 47.692932][ T4166] show_stack+0x2c/0x3c [ 47.694118][ T4166] __dump_stack+0x30/0x40 [ 47.695370][ T4166] dump_stack_lvl+0xf8/0x160 [ 47.696677][ T4166] dump_stack+0x1c/0x5c [ 47.697883][ T4166] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 47.699386][ T4166] f2fs_iget+0x1a74/0x5170 [ 47.700569][ T4166] f2fs_nfs_get_inode+0x80/0x118 [ 47.701953][ T4166] generic_fh_to_dentry+0x9c/0x104 [ 47.703299][ T4166] f2fs_fh_to_dentry+0x44/0x58 [ 47.704472][ T4166] exportfs_decode_fh_raw+0x10c/0x49c [ 47.706083][ T4166] exportfs_decode_fh+0x50/0x80 [ 47.707438][ T4166] do_handle_open+0x514/0x8e8 [ 47.708769][ T4166] __arm64_sys_open_by_handle_at+0x80/0x94 [ 47.710484][ T4166] invoke_syscall+0x98/0x2b8 [ 47.711836][ T4166] el0_svc_common+0x138/0x258 [ 47.713145][ T4166] do_el0_svc+0x58/0x14c [ 47.714329][ T4166] el0_svc+0x78/0x1e0 [ 47.715419][ T4166] el0t_64_sync_handler+0xcc/0xe4 [ 47.716032][ T4167] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 47.716845][ T4166] el0t_64_sync+0x1a0/0x1a4 [ 47.724573][ T4167] ================================================================== [ 47.726135][ T4150] loop0: detected capacity change from 0 to 40427 [ 47.726842][ T4167] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 47.726861][ T4167] [ 47.726867][ T4167] CPU: 1 PID: 4167 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 47.729012][ T4166] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 47.730920][ T4167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 47.730933][ T4167] Call trace: [ 47.730936][ T4167] dump_backtrace+0x0/0x43c [ 47.742741][ T4167] show_stack+0x2c/0x3c [ 47.743921][ T4167] __dump_stack+0x30/0x40 [ 47.745154][ T4167] dump_stack_lvl+0xf8/0x160 [ 47.746455][ T4167] print_address_description+0x78/0x30c [ 47.747964][ T4167] kasan_report_invalid_free+0x4c/0x7c [ 47.749460][ T4167] ____kasan_slab_free+0x134/0x164 [ 47.750892][ T4167] __kasan_slab_free+0x18/0x28 [ 47.752228][ T4167] slab_free_freelist_hook+0x128/0x1e8 [ 47.753716][ T4167] kmem_cache_free+0xdc/0x3b4 [ 47.754971][ T4167] f2fs_destroy_extent_tree+0x2d0/0x688 [ 47.756530][ T4167] f2fs_evict_inode+0x32c/0x1520 [ 47.757915][ T4167] evict+0x3c8/0x810 [ 47.759016][ T4167] iput+0x6c4/0x77c [ 47.760122][ T4167] iget_failed+0x148/0x194 [ 47.761354][ T4167] f2fs_iget+0x58c/0x5170 [ 47.762590][ T4167] f2fs_nfs_get_inode+0x80/0x118 [ 47.764021][ T4167] generic_fh_to_dentry+0x9c/0x104 [ 47.765540][ T4167] f2fs_fh_to_dentry+0x44/0x58 [ 47.766924][ T4167] exportfs_decode_fh_raw+0x10c/0x49c [ 47.768440][ T4167] exportfs_decode_fh+0x50/0x80 [ 47.769788][ T4167] do_handle_open+0x514/0x8e8 [ 47.771077][ T4167] __arm64_sys_open_by_handle_at+0x80/0x94 [ 47.772719][ T4167] invoke_syscall+0x98/0x2b8 [ 47.773995][ T4167] el0_svc_common+0x138/0x258 [ 47.775275][ T4167] do_el0_svc+0x58/0x14c [ 47.776443][ T4167] el0_svc+0x78/0x1e0 [ 47.777534][ T4167] el0t_64_sync_handler+0xcc/0xe4 [ 47.778954][ T4167] el0t_64_sync+0x1a0/0x1a4 [ 47.780195][ T4167] [ 47.780840][ T4167] Allocated by task 4156: [ 47.782029][ T4167] __kasan_slab_alloc+0x8c/0xcc [ 47.783378][ T4167] slab_post_alloc_hook+0x74/0x408 [ 47.784996][ T4167] kmem_cache_alloc+0x1e0/0x3e4 [ 47.786395][ T4167] f2fs_init_extent_tree+0x43c/0xaac [ 47.787915][ T4167] f2fs_iget+0x10c4/0x5170 [ 47.789192][ T4167] f2fs_nfs_get_inode+0x80/0x118 [ 47.790584][ T4167] generic_fh_to_dentry+0x9c/0x104 [ 47.792009][ T4167] f2fs_fh_to_dentry+0x44/0x58 [ 47.793365][ T4167] exportfs_decode_fh_raw+0x10c/0x49c [ 47.794888][ T4167] exportfs_decode_fh+0x50/0x80 [ 47.796243][ T4167] do_handle_open+0x514/0x8e8 [ 47.797553][ T4167] __arm64_sys_open_by_handle_at+0x80/0x94 [ 47.799237][ T4167] invoke_syscall+0x98/0x2b8 [ 47.800536][ T4167] el0_svc_common+0x138/0x258 [ 47.801872][ T4167] do_el0_svc+0x58/0x14c [ 47.803033][ T4167] el0_svc+0x78/0x1e0 [ 47.804163][ T4167] el0t_64_sync_handler+0xcc/0xe4 [ 47.805605][ T4167] el0t_64_sync+0x1a0/0x1a4 [ 47.806918][ T4167] [ 47.807605][ T4167] Freed by task 4156: [ 47.808718][ T4167] kasan_set_track+0x4c/0x84 [ 47.810068][ T4167] kasan_set_free_info+0x28/0x4c [ 47.811425][ T4167] ____kasan_slab_free+0x118/0x164 [ 47.812915][ T4167] __kasan_slab_free+0x18/0x28 [ 47.814308][ T4167] slab_free_freelist_hook+0x128/0x1e8 [ 47.815926][ T4167] kmem_cache_free+0xdc/0x3b4 [ 47.817258][ T4167] f2fs_destroy_extent_tree+0x2d0/0x688 [ 47.818927][ T4167] f2fs_evict_inode+0x32c/0x1520 [ 47.820410][ T4167] evict+0x3c8/0x810 [ 47.821524][ T4167] iput+0x6c4/0x77c [ 47.822625][ T4167] iget_failed+0x148/0x194 [ 47.823873][ T4167] f2fs_iget+0x58c/0x5170 [ 47.825103][ T4167] f2fs_nfs_get_inode+0x80/0x118 [ 47.826588][ T4167] generic_fh_to_dentry+0x9c/0x104 [ 47.827979][ T4167] f2fs_fh_to_dentry+0x44/0x58 [ 47.829378][ T4167] exportfs_decode_fh_raw+0x10c/0x49c [ 47.830903][ T4167] exportfs_decode_fh+0x50/0x80 [ 47.832420][ T4167] do_handle_open+0x514/0x8e8 [ 47.833742][ T4167] __arm64_sys_open_by_handle_at+0x80/0x94 [ 47.835411][ T4167] invoke_syscall+0x98/0x2b8 [ 47.836686][ T4167] el0_svc_common+0x138/0x258 [ 47.838004][ T4167] do_el0_svc+0x58/0x14c [ 47.839202][ T4167] el0_svc+0x78/0x1e0 [ 47.840281][ T4167] el0t_64_sync_handler+0xcc/0xe4 [ 47.841766][ T4167] el0t_64_sync+0x1a0/0x1a4 [ 47.843067][ T4167] [ 47.843707][ T4167] The buggy address belongs to the object at ffff0000dce99a28 [ 47.843707][ T4167] which belongs to the cache f2fs_extent_tree of size 136 [ 47.844488][ T4169] loop2: detected capacity change from 0 to 40427 [ 47.847846][ T4167] The buggy address is located 0 bytes inside of [ 47.847846][ T4167] 136-byte region [ffff0000dce99a28, ffff0000dce99ab0) [ 47.847862][ T4167] The buggy address belongs to the page: [ 47.847868][ T4167] page:00000000688289a2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11ce99 [ 47.847880][ T4167] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 47.847897][ T4167] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 47.847907][ T4167] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 47.847912][ T4167] page dumped because: kasan: bad access detected [ 47.847916][ T4167] [ 47.847919][ T4167] Memory state around the buggy address: [ 47.847924][ T4167] ffff0000dce99900: fb fb fb fb fc fc fc fc fc fc fc fc fa fb fb fb [ 47.847931][ T4167] ffff0000dce99980: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc [ 47.847938][ T4167] >ffff0000dce99a00: fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb [ 47.847943][ T4167] ^ [ 47.877801][ T4167] ffff0000dce99a80: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc [ 47.880154][ T4167] ffff0000dce99b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 47.882500][ T4167] ================================================================== [ 47.911427][ T4150] F2FS-fs (loop0): Found nat_bits in checkpoint [ 47.922994][ T4150] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 47.926271][ T4150] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 47.938657][ T4150] CPU: 1 PID: 4150 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 47.941495][ T4150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 47.944278][ T4150] Call trace: [ 47.945207][ T4150] dump_backtrace+0x0/0x43c [ 47.946451][ T4150] show_stack+0x2c/0x3c [ 47.947594][ T4150] __dump_stack+0x30/0x40 [ 47.948908][ T4150] dump_stack_lvl+0xf8/0x160 [ 47.950251][ T4150] dump_stack+0x1c/0x5c [ 47.951451][ T4150] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 47.952934][ T4150] f2fs_iget+0x1a74/0x5170 [ 47.954153][ T4150] f2fs_nfs_get_inode+0x80/0x118 [ 47.955564][ T4150] generic_fh_to_dentry+0x9c/0x104 [ 47.956931][ T4150] f2fs_fh_to_dentry+0x44/0x58 [ 47.958248][ T4150] exportfs_decode_fh_raw+0x10c/0x49c [ 47.959771][ T4150] exportfs_decode_fh+0x50/0x80 [ 47.961115][ T4150] do_handle_open+0x514/0x8e8 [ 47.962453][ T4150] __arm64_sys_open_by_handle_at+0x80/0x94 [ 47.964027][ T4150] invoke_syscall+0x98/0x2b8 [ 47.965674][ T4150] el0_svc_common+0x138/0x258 [ 47.966995][ T4150] do_el0_svc+0x58/0x14c [ 47.968173][ T4150] el0_svc+0x78/0x1e0 [ 47.969285][ T4150] el0t_64_sync_handler+0xcc/0xe4 [ 47.970695][ T4150] el0t_64_sync+0x1a0/0x1a4 [ 47.982517][ T4169] F2FS-fs (loop2): Found nat_bits in checkpoint [ 48.008386][ T4150] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 48.011826][ T4169] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 48.022718][ T4169] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 48.023110][ T4153] F2FS-fs (loop4): Found nat_bits in checkpoint [ 48.024848][ T4169] CPU: 0 PID: 4169 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 48.029573][ T4169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 48.032383][ T4177] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 48.032568][ T4169] Call trace: [ 48.035815][ T4169] dump_backtrace+0x0/0x43c [ 48.037078][ T4169] show_stack+0x2c/0x3c [ 48.038331][ T4169] __dump_stack+0x30/0x40 [ 48.039601][ T4169] dump_stack_lvl+0xf8/0x160 [ 48.040843][ T4169] dump_stack+0x1c/0x5c [ 48.042137][ T4169] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 48.043626][ T4169] f2fs_iget+0x1a74/0x5170 [ 48.044972][ T4169] f2fs_nfs_get_inode+0x80/0x118 [ 48.046462][ T4169] generic_fh_to_dentry+0x9c/0x104 [ 48.047944][ T4169] f2fs_fh_to_dentry+0x44/0x58 [ 48.049525][ T4169] exportfs_decode_fh_raw+0x10c/0x49c [ 48.051096][ T4169] exportfs_decode_fh+0x50/0x80 [ 48.052565][ T4169] do_handle_open+0x514/0x8e8 [ 48.053906][ T4169] __arm64_sys_open_by_handle_at+0x80/0x94 [ 48.055731][ T4169] invoke_syscall+0x98/0x2b8 [ 48.057091][ T4169] el0_svc_common+0x138/0x258 [ 48.058462][ T4169] do_el0_svc+0x58/0x14c [ 48.059675][ T4169] el0_svc+0x78/0x1e0 [ 48.060829][ T4169] el0t_64_sync_handler+0xcc/0xe4 [ 48.062271][ T4169] el0t_64_sync+0x1a0/0x1a4 [ 48.097450][ T4177] CPU: 1 PID: 4177 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 48.100436][ T4177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 48.103216][ T4177] Call trace: executing program [ 48.104246][ T4177] dump_backtrace+0x0/0x43c [ 48.105493][ T4177] show_stack+0x2c/0x3c [ 48.106605][ T4177] __dump_stack+0x30/0x40 [ 48.107291][ T4169] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 48.107826][ T4177] dump_stack_lvl+0xf8/0x160 [ 48.107842][ T4177] dump_stack+0x1c/0x5c [ 48.113633][ T4177] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 48.115172][ T4177] f2fs_iget+0x1a74/0x5170 [ 48.116460][ T4177] f2fs_nfs_get_inode+0x80/0x118 [ 48.117868][ T4177] generic_fh_to_dentry+0x9c/0x104 [ 48.119343][ T4177] f2fs_fh_to_dentry+0x44/0x58 [ 48.120722][ T4177] exportfs_decode_fh_raw+0x10c/0x49c [ 48.122316][ T4177] exportfs_decode_fh+0x50/0x80 [ 48.123699][ T4177] do_handle_open+0x514/0x8e8 [ 48.124974][ T4177] __arm64_sys_open_by_handle_at+0x80/0x94 [ 48.126632][ T4177] invoke_syscall+0x98/0x2b8 [ 48.127873][ T4177] el0_svc_common+0x138/0x258 [ 48.129255][ T4177] do_el0_svc+0x58/0x14c [ 48.130493][ T4177] el0_svc+0x78/0x1e0 [ 48.131682][ T4177] el0t_64_sync_handler+0xcc/0xe4 [ 48.133056][ T4177] el0t_64_sync+0x1a0/0x1a4 [ 48.167677][ T4153] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 48.197623][ T4177] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 48.197712][ T4182] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 48.197903][ T4153] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 48.205713][ T4153] CPU: 0 PID: 4153 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 48.208419][ T4153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 48.211348][ T4153] Call trace: [ 48.212246][ T4153] dump_backtrace+0x0/0x43c [ 48.213467][ T4153] show_stack+0x2c/0x3c [ 48.214649][ T4153] __dump_stack+0x30/0x40 [ 48.215786][ T4153] dump_stack_lvl+0xf8/0x160 [ 48.216927][ T4153] dump_stack+0x1c/0x5c [ 48.218140][ T4153] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 48.219571][ T4153] f2fs_iget+0x1a74/0x5170 [ 48.220824][ T4153] f2fs_nfs_get_inode+0x80/0x118 [ 48.222202][ T4153] generic_fh_to_dentry+0x9c/0x104 [ 48.223773][ T4153] f2fs_fh_to_dentry+0x44/0x58 [ 48.225062][ T4153] exportfs_decode_fh_raw+0x10c/0x49c [ 48.226652][ T4153] exportfs_decode_fh+0x50/0x80 [ 48.228604][ T4153] do_handle_open+0x514/0x8e8 [ 48.229891][ T4153] __arm64_sys_open_by_handle_at+0x80/0x94 [ 48.231665][ T4153] invoke_syscall+0x98/0x2b8 [ 48.232924][ T4153] el0_svc_common+0x138/0x258 [ 48.234199][ T4153] do_el0_svc+0x58/0x14c [ 48.235617][ T4153] el0_svc+0x78/0x1e0 [ 48.236703][ T4153] el0t_64_sync_handler+0xcc/0xe4 [ 48.238095][ T4153] el0t_64_sync+0x1a0/0x1a4 [ 48.239362][ T4182] CPU: 1 PID: 4182 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 48.242513][ T4182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 48.245463][ T4182] Call trace: [ 48.246355][ T4182] dump_backtrace+0x0/0x43c [ 48.247629][ T4182] show_stack+0x2c/0x3c [ 48.248819][ T4182] __dump_stack+0x30/0x40 [ 48.250059][ T4182] dump_stack_lvl+0xf8/0x160 [ 48.251363][ T4182] dump_stack+0x1c/0x5c [ 48.252502][ T4182] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 48.254023][ T4182] f2fs_iget+0x1a74/0x5170 [ 48.255282][ T4182] f2fs_nfs_get_inode+0x80/0x118 [ 48.256793][ T4182] generic_fh_to_dentry+0x9c/0x104 [ 48.258173][ T4182] f2fs_fh_to_dentry+0x44/0x58 [ 48.259571][ T4182] exportfs_decode_fh_raw+0x10c/0x49c [ 48.261062][ T4182] exportfs_decode_fh+0x50/0x80 [ 48.262506][ T4182] do_handle_open+0x514/0x8e8 [ 48.263821][ T4182] __arm64_sys_open_by_handle_at+0x80/0x94 [ 48.265480][ T4182] invoke_syscall+0x98/0x2b8 [ 48.266788][ T4182] el0_svc_common+0x138/0x258 [ 48.268160][ T4182] do_el0_svc+0x58/0x14c [ 48.269471][ T4182] el0_svc+0x78/0x1e0 [ 48.270620][ T4182] el0t_64_sync_handler+0xcc/0xe4 [ 48.272008][ T4182] el0t_64_sync+0x1a0/0x1a4 executing program [ 48.296775][ T4153] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 48.300385][ T4187] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 48.302568][ T4187] CPU: 0 PID: 4187 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 48.305463][ T4187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 48.307970][ T4182] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 48.308348][ T4187] Call trace: [ 48.312490][ T4187] dump_backtrace+0x0/0x43c [ 48.313804][ T4187] show_stack+0x2c/0x3c [ 48.314971][ T4187] __dump_stack+0x30/0x40 [ 48.316195][ T4187] dump_stack_lvl+0xf8/0x160 [ 48.317554][ T4187] dump_stack+0x1c/0x5c [ 48.318768][ T4187] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 48.320264][ T4187] f2fs_iget+0x1a74/0x5170 [ 48.321511][ T4187] f2fs_nfs_get_inode+0x80/0x118 [ 48.322928][ T4187] generic_fh_to_dentry+0x9c/0x104 [ 48.324346][ T4187] f2fs_fh_to_dentry+0x44/0x58 [ 48.325741][ T4187] exportfs_decode_fh_raw+0x10c/0x49c [ 48.327309][ T4187] exportfs_decode_fh+0x50/0x80 [ 48.328722][ T4187] do_handle_open+0x514/0x8e8 [ 48.330018][ T4187] __arm64_sys_open_by_handle_at+0x80/0x94 [ 48.331673][ T4187] invoke_syscall+0x98/0x2b8 [ 48.332967][ T4187] el0_svc_common+0x138/0x258 [ 48.334296][ T4187] do_el0_svc+0x58/0x14c [ 48.335516][ T4187] el0_svc+0x78/0x1e0 [ 48.336563][ T4187] el0t_64_sync_handler+0xcc/0xe4 [ 48.337960][ T4187] el0t_64_sync+0x1a0/0x1a4 [ 48.357755][ T4187] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 48.361104][ T4187] ================================================================== [ 48.363388][ T4187] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 48.365655][ T4187] [ 48.366325][ T4187] CPU: 0 PID: 4187 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 48.369146][ T4187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 48.372028][ T4187] Call trace: [ 48.372955][ T4187] dump_backtrace+0x0/0x43c [ 48.374191][ T4187] show_stack+0x2c/0x3c [ 48.375314][ T4187] __dump_stack+0x30/0x40 [ 48.376479][ T4187] dump_stack_lvl+0xf8/0x160 [ 48.377704][ T4187] print_address_description+0x78/0x30c [ 48.379275][ T4187] kasan_report_invalid_free+0x4c/0x7c [ 48.380843][ T4187] ____kasan_slab_free+0x134/0x164 [ 48.382220][ T4187] __kasan_slab_free+0x18/0x28 [ 48.383495][ T4187] slab_free_freelist_hook+0x128/0x1e8 [ 48.384986][ T4187] kmem_cache_free+0xdc/0x3b4 [ 48.386290][ T4187] f2fs_destroy_extent_tree+0x2d0/0x688 [ 48.387819][ T4187] f2fs_evict_inode+0x32c/0x1520 [ 48.389209][ T4187] evict+0x3c8/0x810 [ 48.390285][ T4187] iput+0x6c4/0x77c [ 48.391335][ T4187] iget_failed+0x148/0x194 [ 48.392645][ T4187] f2fs_iget+0x58c/0x5170 [ 48.393845][ T4187] f2fs_nfs_get_inode+0x80/0x118 [ 48.395230][ T4187] generic_fh_to_dentry+0x9c/0x104 [ 48.396716][ T4187] f2fs_fh_to_dentry+0x44/0x58 [ 48.398017][ T4187] exportfs_decode_fh_raw+0x10c/0x49c [ 48.399567][ T4187] exportfs_decode_fh+0x50/0x80 [ 48.400937][ T4187] do_handle_open+0x514/0x8e8 [ 48.402297][ T4187] __arm64_sys_open_by_handle_at+0x80/0x94 [ 48.404175][ T4187] invoke_syscall+0x98/0x2b8 [ 48.405443][ T4187] el0_svc_common+0x138/0x258 [ 48.407069][ T4187] do_el0_svc+0x58/0x14c [ 48.408286][ T4187] el0_svc+0x78/0x1e0 [ 48.409696][ T4187] el0t_64_sync_handler+0xcc/0xe4 [ 48.411103][ T4187] el0t_64_sync+0x1a0/0x1a4 [ 48.412383][ T4187] [ 48.413032][ T4187] Allocated by task 4153: [ 48.414238][ T4187] __kasan_slab_alloc+0x8c/0xcc [ 48.415600][ T4187] slab_post_alloc_hook+0x74/0x408 [ 48.416975][ T4187] kmem_cache_alloc+0x1e0/0x3e4 [ 48.418334][ T4187] f2fs_init_extent_tree+0x43c/0xaac [ 48.419811][ T4187] f2fs_iget+0x10c4/0x5170 [ 48.421024][ T4187] f2fs_nfs_get_inode+0x80/0x118 [ 48.422396][ T4187] generic_fh_to_dentry+0x9c/0x104 [ 48.423821][ T4187] f2fs_fh_to_dentry+0x44/0x58 [ 48.425144][ T4187] exportfs_decode_fh_raw+0x10c/0x49c [ 48.426653][ T4187] exportfs_decode_fh+0x50/0x80 [ 48.428048][ T4187] do_handle_open+0x514/0x8e8 [ 48.429305][ T4187] __arm64_sys_open_by_handle_at+0x80/0x94 [ 48.430936][ T4187] invoke_syscall+0x98/0x2b8 [ 48.432208][ T4187] el0_svc_common+0x138/0x258 [ 48.433512][ T4187] do_el0_svc+0x58/0x14c [ 48.434913][ T4187] el0_svc+0x78/0x1e0 [ 48.435993][ T4187] el0t_64_sync_handler+0xcc/0xe4 [ 48.437367][ T4187] el0t_64_sync+0x1a0/0x1a4 [ 48.438612][ T4187] [ 48.439283][ T4187] Freed by task 4153: [ 48.440382][ T4187] kasan_set_track+0x4c/0x84 [ 48.441702][ T4187] kasan_set_free_info+0x28/0x4c [ 48.443109][ T4187] ____kasan_slab_free+0x118/0x164 [ 48.444574][ T4187] __kasan_slab_free+0x18/0x28 [ 48.445930][ T4187] slab_free_freelist_hook+0x128/0x1e8 [ 48.447496][ T4187] kmem_cache_free+0xdc/0x3b4 [ 48.449034][ T4187] f2fs_destroy_extent_tree+0x2d0/0x688 [ 48.450613][ T4187] f2fs_evict_inode+0x32c/0x1520 [ 48.452091][ T4187] evict+0x3c8/0x810 [ 48.453174][ T4187] iput+0x6c4/0x77c [ 48.454246][ T4187] iget_failed+0x148/0x194 [ 48.455678][ T4187] f2fs_iget+0x58c/0x5170 [ 48.457164][ T4187] f2fs_nfs_get_inode+0x80/0x118 [ 48.458585][ T4187] generic_fh_to_dentry+0x9c/0x104 [ 48.460034][ T4187] f2fs_fh_to_dentry+0x44/0x58 [ 48.461423][ T4187] exportfs_decode_fh_raw+0x10c/0x49c [ 48.462985][ T4187] exportfs_decode_fh+0x50/0x80 [ 48.464409][ T4187] do_handle_open+0x514/0x8e8 [ 48.465764][ T4187] __arm64_sys_open_by_handle_at+0x80/0x94 [ 48.467623][ T4187] invoke_syscall+0x98/0x2b8 [ 48.468959][ T4187] el0_svc_common+0x138/0x258 [ 48.470446][ T4187] do_el0_svc+0x58/0x14c [ 48.471663][ T4187] el0_svc+0x78/0x1e0 [ 48.472829][ T4187] el0t_64_sync_handler+0xcc/0xe4 [ 48.474231][ T4187] el0t_64_sync+0x1a0/0x1a4 [ 48.475526][ T4187] [ 48.476175][ T4187] The buggy address belongs to the object at ffff0000dcfd1e10 [ 48.476175][ T4187] which belongs to the cache f2fs_extent_tree of size 136 [ 48.480281][ T4187] The buggy address is located 0 bytes inside of [ 48.480281][ T4187] 136-byte region [ffff0000dcfd1e10, ffff0000dcfd1e98) [ 48.484532][ T4187] The buggy address belongs to the page: [ 48.486267][ T4187] page:00000000f15c583c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11cfd1 [ 48.489506][ T4187] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 48.491828][ T4187] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 48.494325][ T4187] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 48.494687][ T4184] loop3: detected capacity change from 0 to 40427 [ 48.496802][ T4187] page dumped because: kasan: bad access detected [ 48.500689][ T4187] [ 48.501322][ T4187] Memory state around the buggy address: [ 48.502999][ T4187] ffff0000dcfd1d00: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 48.505396][ T4187] ffff0000dcfd1d80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 48.507664][ T4187] >ffff0000dcfd1e00: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb [ 48.510101][ T4187] ^ [ 48.511428][ T4187] ffff0000dcfd1e80: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.513771][ T4187] ffff0000dcfd1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 48.516340][ T4187] ================================================================== [ 48.518979][ T4188] loop1: detected capacity change from 0 to 40427 executing program [ 48.590744][ T4188] F2FS-fs (loop1): Found nat_bits in checkpoint [ 48.626975][ T4184] F2FS-fs (loop3): Found nat_bits in checkpoint [ 48.667321][ T4184] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 48.671922][ T4188] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 48.675159][ T4184] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 48.683876][ T4184] CPU: 1 PID: 4184 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 48.687207][ T4184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 48.690042][ T4184] Call trace: [ 48.690944][ T4184] dump_backtrace+0x0/0x43c [ 48.692215][ T4184] show_stack+0x2c/0x3c [ 48.693480][ T4184] __dump_stack+0x30/0x40 [ 48.694686][ T4184] dump_stack_lvl+0xf8/0x160 [ 48.696059][ T4184] dump_stack+0x1c/0x5c [ 48.697281][ T4184] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 48.698712][ T4184] f2fs_iget+0x1a74/0x5170 [ 48.699950][ T4184] f2fs_nfs_get_inode+0x80/0x118 [ 48.701342][ T4184] generic_fh_to_dentry+0x9c/0x104 [ 48.702743][ T4184] f2fs_fh_to_dentry+0x44/0x58 [ 48.704491][ T4184] exportfs_decode_fh_raw+0x10c/0x49c [ 48.705997][ T4184] exportfs_decode_fh+0x50/0x80 [ 48.707560][ T4184] do_handle_open+0x514/0x8e8 [ 48.708911][ T4184] __arm64_sys_open_by_handle_at+0x80/0x94 [ 48.710568][ T4184] invoke_syscall+0x98/0x2b8 [ 48.712156][ T4184] el0_svc_common+0x138/0x258 [ 48.713409][ T4184] do_el0_svc+0x58/0x14c [ 48.714633][ T4184] el0_svc+0x78/0x1e0 [ 48.715841][ T4184] el0t_64_sync_handler+0xcc/0xe4 [ 48.717298][ T4184] el0t_64_sync+0x1a0/0x1a4 [ 48.723237][ T4188] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 48.725640][ T4188] CPU: 1 PID: 4188 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 48.728841][ T4188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 48.731744][ T4188] Call trace: [ 48.732644][ T4188] dump_backtrace+0x0/0x43c [ 48.733978][ T4188] show_stack+0x2c/0x3c [ 48.735257][ T4188] __dump_stack+0x30/0x40 [ 48.736689][ T4188] dump_stack_lvl+0xf8/0x160 [ 48.737941][ T4188] dump_stack+0x1c/0x5c [ 48.739108][ T4188] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 48.740611][ T4188] f2fs_iget+0x1a74/0x5170 [ 48.741856][ T4188] f2fs_nfs_get_inode+0x80/0x118 [ 48.743262][ T4188] generic_fh_to_dentry+0x9c/0x104 [ 48.744805][ T4188] f2fs_fh_to_dentry+0x44/0x58 [ 48.746305][ T4188] exportfs_decode_fh_raw+0x10c/0x49c [ 48.747879][ T4188] exportfs_decode_fh+0x50/0x80 [ 48.749240][ T4188] do_handle_open+0x514/0x8e8 [ 48.750579][ T4188] __arm64_sys_open_by_handle_at+0x80/0x94 [ 48.752248][ T4188] invoke_syscall+0x98/0x2b8 [ 48.753605][ T4188] el0_svc_common+0x138/0x258 [ 48.754866][ T4188] do_el0_svc+0x58/0x14c [ 48.756092][ T4188] el0_svc+0x78/0x1e0 [ 48.757188][ T4188] el0t_64_sync_handler+0xcc/0xe4 [ 48.758624][ T4188] el0t_64_sync+0x1a0/0x1a4 executing program executing program [ 48.829735][ T4184] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 48.837189][ T4188] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 48.843950][ T4200] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 48.846227][ T4200] CPU: 1 PID: 4200 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 48.849165][ T4200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 48.851907][ T4200] Call trace: [ 48.852776][ T4200] dump_backtrace+0x0/0x43c [ 48.854020][ T4200] show_stack+0x2c/0x3c [ 48.855279][ T4200] __dump_stack+0x30/0x40 [ 48.856730][ T4200] dump_stack_lvl+0xf8/0x160 [ 48.858300][ T4200] dump_stack+0x1c/0x5c [ 48.859527][ T4200] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 48.861020][ T4200] f2fs_iget+0x1a74/0x5170 [ 48.862367][ T4200] f2fs_nfs_get_inode+0x80/0x118 [ 48.863859][ T4200] generic_fh_to_dentry+0x9c/0x104 [ 48.865297][ T4200] f2fs_fh_to_dentry+0x44/0x58 [ 48.866645][ T4200] exportfs_decode_fh_raw+0x10c/0x49c [ 48.868158][ T4200] exportfs_decode_fh+0x50/0x80 [ 48.869555][ T4200] do_handle_open+0x514/0x8e8 [ 48.870874][ T4200] __arm64_sys_open_by_handle_at+0x80/0x94 [ 48.872499][ T4200] invoke_syscall+0x98/0x2b8 [ 48.873805][ T4200] el0_svc_common+0x138/0x258 [ 48.875166][ T4200] do_el0_svc+0x58/0x14c [ 48.876422][ T4200] el0_svc+0x78/0x1e0 [ 48.877741][ T4200] el0t_64_sync_handler+0xcc/0xe4 [ 48.879175][ T4200] el0t_64_sync+0x1a0/0x1a4 [ 48.885328][ T4201] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 48.887714][ T4201] CPU: 1 PID: 4201 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 48.890517][ T4201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 48.893553][ T4201] Call trace: [ 48.894455][ T4201] dump_backtrace+0x0/0x43c [ 48.895744][ T4201] show_stack+0x2c/0x3c [ 48.896914][ T4201] __dump_stack+0x30/0x40 [ 48.898140][ T4201] dump_stack_lvl+0xf8/0x160 [ 48.899446][ T4201] dump_stack+0x1c/0x5c [ 48.900624][ T4201] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 48.902103][ T4201] f2fs_iget+0x1a74/0x5170 [ 48.903385][ T4201] f2fs_nfs_get_inode+0x80/0x118 [ 48.904756][ T4201] generic_fh_to_dentry+0x9c/0x104 [ 48.906180][ T4201] f2fs_fh_to_dentry+0x44/0x58 [ 48.907514][ T4201] exportfs_decode_fh_raw+0x10c/0x49c [ 48.909236][ T4201] exportfs_decode_fh+0x50/0x80 [ 48.910873][ T4201] do_handle_open+0x514/0x8e8 [ 48.912191][ T4201] __arm64_sys_open_by_handle_at+0x80/0x94 [ 48.914087][ T4201] invoke_syscall+0x98/0x2b8 [ 48.915424][ T4201] el0_svc_common+0x138/0x258 [ 48.916726][ T4201] do_el0_svc+0x58/0x14c [ 48.917943][ T4201] el0_svc+0x78/0x1e0 [ 48.919030][ T4201] el0t_64_sync_handler+0xcc/0xe4 [ 48.920524][ T4201] el0t_64_sync+0x1a0/0x1a4 [ 48.954873][ T4201] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 48.962790][ T4201] ================================================================== [ 48.965428][ T4201] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 48.967798][ T4201] [ 48.968465][ T4201] CPU: 1 PID: 4201 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 48.971228][ T4201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 48.974095][ T4201] Call trace: [ 48.975001][ T4201] dump_backtrace+0x0/0x43c [ 48.976333][ T4201] show_stack+0x2c/0x3c [ 48.977540][ T4201] __dump_stack+0x30/0x40 [ 48.978792][ T4201] dump_stack_lvl+0xf8/0x160 [ 48.980152][ T4201] print_address_description+0x78/0x30c [ 48.981741][ T4201] kasan_report_invalid_free+0x4c/0x7c [ 48.983265][ T4201] ____kasan_slab_free+0x134/0x164 [ 48.984188][ T4200] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 48.984716][ T4201] __kasan_slab_free+0x18/0x28 [ 48.989787][ T4201] slab_free_freelist_hook+0x128/0x1e8 [ 48.991316][ T4201] kmem_cache_free+0xdc/0x3b4 [ 48.992675][ T4201] f2fs_destroy_extent_tree+0x2d0/0x688 [ 48.994168][ T4201] f2fs_evict_inode+0x32c/0x1520 [ 48.995568][ T4201] evict+0x3c8/0x810 [ 48.996611][ T4201] iput+0x6c4/0x77c [ 48.997698][ T4201] iget_failed+0x148/0x194 [ 48.998915][ T4201] f2fs_iget+0x58c/0x5170 [ 49.000151][ T4201] f2fs_nfs_get_inode+0x80/0x118 [ 49.001530][ T4201] generic_fh_to_dentry+0x9c/0x104 [ 49.002989][ T4201] f2fs_fh_to_dentry+0x44/0x58 [ 49.004359][ T4201] exportfs_decode_fh_raw+0x10c/0x49c [ 49.005938][ T4201] exportfs_decode_fh+0x50/0x80 [ 49.007353][ T4201] do_handle_open+0x514/0x8e8 [ 49.008689][ T4201] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.010587][ T4201] invoke_syscall+0x98/0x2b8 [ 49.011842][ T4201] el0_svc_common+0x138/0x258 [ 49.013167][ T4201] do_el0_svc+0x58/0x14c [ 49.014293][ T4201] el0_svc+0x78/0x1e0 [ 49.015868][ T4201] el0t_64_sync_handler+0xcc/0xe4 [ 49.017356][ T4201] el0t_64_sync+0x1a0/0x1a4 [ 49.018638][ T4201] [ 49.019303][ T4201] Allocated by task 4188: [ 49.020664][ T4201] __kasan_slab_alloc+0x8c/0xcc [ 49.022033][ T4201] slab_post_alloc_hook+0x74/0x408 [ 49.023472][ T4201] kmem_cache_alloc+0x1e0/0x3e4 [ 49.024832][ T4201] f2fs_init_extent_tree+0x43c/0xaac [ 49.026278][ T4201] f2fs_iget+0x10c4/0x5170 [ 49.027491][ T4201] f2fs_nfs_get_inode+0x80/0x118 [ 49.028840][ T4201] generic_fh_to_dentry+0x9c/0x104 [ 49.030286][ T4201] f2fs_fh_to_dentry+0x44/0x58 [ 49.031658][ T4201] exportfs_decode_fh_raw+0x10c/0x49c [ 49.033144][ T4201] exportfs_decode_fh+0x50/0x80 [ 49.034492][ T4201] do_handle_open+0x514/0x8e8 [ 49.035796][ T4201] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.037462][ T4201] invoke_syscall+0x98/0x2b8 [ 49.038727][ T4201] el0_svc_common+0x138/0x258 [ 49.040062][ T4201] do_el0_svc+0x58/0x14c [ 49.041242][ T4201] el0_svc+0x78/0x1e0 [ 49.042344][ T4201] el0t_64_sync_handler+0xcc/0xe4 [ 49.043755][ T4201] el0t_64_sync+0x1a0/0x1a4 [ 49.045042][ T4201] [ 49.045646][ T4201] Freed by task 4188: [ 49.046769][ T4201] kasan_set_track+0x4c/0x84 [ 49.048038][ T4201] kasan_set_free_info+0x28/0x4c [ 49.049428][ T4201] ____kasan_slab_free+0x118/0x164 [ 49.050917][ T4201] __kasan_slab_free+0x18/0x28 [ 49.052221][ T4201] slab_free_freelist_hook+0x128/0x1e8 [ 49.053725][ T4201] kmem_cache_free+0xdc/0x3b4 [ 49.055192][ T4201] f2fs_destroy_extent_tree+0x2d0/0x688 [ 49.056785][ T4201] f2fs_evict_inode+0x32c/0x1520 [ 49.058288][ T4201] evict+0x3c8/0x810 [ 49.059324][ T4201] iput+0x6c4/0x77c [ 49.060421][ T4201] iget_failed+0x148/0x194 [ 49.061622][ T4201] f2fs_iget+0x58c/0x5170 [ 49.062796][ T4201] f2fs_nfs_get_inode+0x80/0x118 [ 49.064382][ T4201] generic_fh_to_dentry+0x9c/0x104 [ 49.065768][ T4201] f2fs_fh_to_dentry+0x44/0x58 [ 49.067083][ T4201] exportfs_decode_fh_raw+0x10c/0x49c [ 49.068580][ T4201] exportfs_decode_fh+0x50/0x80 [ 49.070174][ T4201] do_handle_open+0x514/0x8e8 [ 49.071529][ T4201] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.073288][ T4201] invoke_syscall+0x98/0x2b8 [ 49.074607][ T4201] el0_svc_common+0x138/0x258 [ 49.075931][ T4201] do_el0_svc+0x58/0x14c [ 49.077094][ T4201] el0_svc+0x78/0x1e0 [ 49.078339][ T4201] el0t_64_sync_handler+0xcc/0xe4 [ 49.079773][ T4201] el0t_64_sync+0x1a0/0x1a4 [ 49.081089][ T4201] [ 49.081766][ T4201] The buggy address belongs to the object at ffff0000dce99e10 [ 49.081766][ T4201] which belongs to the cache f2fs_extent_tree of size 136 [ 49.085879][ T4201] The buggy address is located 0 bytes inside of [ 49.085879][ T4201] 136-byte region [ffff0000dce99e10, ffff0000dce99e98) [ 49.089852][ T4201] The buggy address belongs to the page: [ 49.091631][ T4201] page:00000000688289a2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11ce99 [ 49.094713][ T4201] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 49.096935][ T4201] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 49.099471][ T4201] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 49.102051][ T4201] page dumped because: kasan: bad access detected [ 49.103876][ T4201] [ 49.104527][ T4201] Memory state around the buggy address: [ 49.106104][ T4201] ffff0000dce99d00: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 49.108754][ T4201] ffff0000dce99d80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 49.111111][ T4201] >ffff0000dce99e00: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.113504][ T4201] ^ [ 49.114817][ T4201] ffff0000dce99e80: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.117214][ T4201] ffff0000dce99f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.119519][ T4201] ================================================================== [ 49.121786][ T4200] ================================================================== [ 49.124013][ T4200] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 49.126427][ T4200] [ 49.127102][ T4200] CPU: 0 PID: 4200 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 49.129914][ T4200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 49.132610][ T4200] Call trace: [ 49.133590][ T4200] dump_backtrace+0x0/0x43c [ 49.135145][ T4200] show_stack+0x2c/0x3c [ 49.136312][ T4200] __dump_stack+0x30/0x40 [ 49.137514][ T4200] dump_stack_lvl+0xf8/0x160 [ 49.138803][ T4200] print_address_description+0x78/0x30c [ 49.140386][ T4200] kasan_report_invalid_free+0x4c/0x7c [ 49.141981][ T4200] ____kasan_slab_free+0x134/0x164 [ 49.143429][ T4200] __kasan_slab_free+0x18/0x28 [ 49.144801][ T4200] slab_free_freelist_hook+0x128/0x1e8 [ 49.146347][ T4200] kmem_cache_free+0xdc/0x3b4 [ 49.147612][ T4200] f2fs_destroy_extent_tree+0x2d0/0x688 [ 49.149224][ T4200] f2fs_evict_inode+0x32c/0x1520 [ 49.150587][ T4200] evict+0x3c8/0x810 [ 49.151687][ T4200] iput+0x6c4/0x77c [ 49.152739][ T4200] iget_failed+0x148/0x194 [ 49.154004][ T4200] f2fs_iget+0x58c/0x5170 [ 49.155255][ T4200] f2fs_nfs_get_inode+0x80/0x118 [ 49.156709][ T4200] generic_fh_to_dentry+0x9c/0x104 [ 49.158181][ T4200] f2fs_fh_to_dentry+0x44/0x58 [ 49.159629][ T4200] exportfs_decode_fh_raw+0x10c/0x49c [ 49.161379][ T4200] exportfs_decode_fh+0x50/0x80 [ 49.162779][ T4200] do_handle_open+0x514/0x8e8 [ 49.164040][ T4200] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.165716][ T4200] invoke_syscall+0x98/0x2b8 [ 49.167042][ T4200] el0_svc_common+0x138/0x258 [ 49.168770][ T4200] do_el0_svc+0x58/0x14c [ 49.169998][ T4200] el0_svc+0x78/0x1e0 [ 49.171094][ T4200] el0t_64_sync_handler+0xcc/0xe4 [ 49.172515][ T4200] el0t_64_sync+0x1a0/0x1a4 [ 49.173927][ T4200] [ 49.174566][ T4200] Allocated by task 4184: [ 49.175807][ T4200] __kasan_slab_alloc+0x8c/0xcc [ 49.177214][ T4200] slab_post_alloc_hook+0x74/0x408 [ 49.178659][ T4200] kmem_cache_alloc+0x1e0/0x3e4 [ 49.180350][ T4200] f2fs_init_extent_tree+0x43c/0xaac [ 49.181950][ T4200] f2fs_iget+0x10c4/0x5170 [ 49.183240][ T4200] f2fs_nfs_get_inode+0x80/0x118 [ 49.184648][ T4200] generic_fh_to_dentry+0x9c/0x104 [ 49.186096][ T4200] f2fs_fh_to_dentry+0x44/0x58 [ 49.187420][ T4200] exportfs_decode_fh_raw+0x10c/0x49c [ 49.188979][ T4200] exportfs_decode_fh+0x50/0x80 [ 49.190327][ T4200] do_handle_open+0x514/0x8e8 [ 49.191632][ T4200] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.193270][ T4200] invoke_syscall+0x98/0x2b8 [ 49.194498][ T4200] el0_svc_common+0x138/0x258 [ 49.196093][ T4200] do_el0_svc+0x58/0x14c [ 49.197574][ T4200] el0_svc+0x78/0x1e0 [ 49.198738][ T4200] el0t_64_sync_handler+0xcc/0xe4 [ 49.200162][ T4200] el0t_64_sync+0x1a0/0x1a4 [ 49.201409][ T4200] [ 49.202224][ T4200] Freed by task 4184: [ 49.203611][ T4200] kasan_set_track+0x4c/0x84 [ 49.204949][ T4200] kasan_set_free_info+0x28/0x4c [ 49.206337][ T4200] ____kasan_slab_free+0x118/0x164 [ 49.207800][ T4200] __kasan_slab_free+0x18/0x28 [ 49.209186][ T4200] slab_free_freelist_hook+0x128/0x1e8 [ 49.209797][ T4203] loop2: detected capacity change from 0 to 40427 [ 49.210700][ T4200] kmem_cache_free+0xdc/0x3b4 [ 49.213793][ T4200] f2fs_destroy_extent_tree+0x2d0/0x688 [ 49.215354][ T4200] f2fs_evict_inode+0x32c/0x1520 [ 49.216757][ T4200] evict+0x3c8/0x810 [ 49.217915][ T4200] iput+0x6c4/0x77c [ 49.219168][ T4200] iget_failed+0x148/0x194 [ 49.220486][ T4200] f2fs_iget+0x58c/0x5170 [ 49.221827][ T4200] f2fs_nfs_get_inode+0x80/0x118 [ 49.223296][ T4200] generic_fh_to_dentry+0x9c/0x104 [ 49.224696][ T4200] f2fs_fh_to_dentry+0x44/0x58 [ 49.226059][ T4200] exportfs_decode_fh_raw+0x10c/0x49c [ 49.227940][ T4200] exportfs_decode_fh+0x50/0x80 [ 49.229309][ T4200] do_handle_open+0x514/0x8e8 [ 49.230617][ T4200] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.232301][ T4200] invoke_syscall+0x98/0x2b8 [ 49.233591][ T4200] el0_svc_common+0x138/0x258 [ 49.234894][ T4200] do_el0_svc+0x58/0x14c [ 49.236151][ T4200] el0_svc+0x78/0x1e0 [ 49.237267][ T4200] el0t_64_sync_handler+0xcc/0xe4 [ 49.238639][ T4200] el0t_64_sync+0x1a0/0x1a4 [ 49.239987][ T4200] [ 49.240444][ T4193] loop0: detected capacity change from 0 to 40427 [ 49.240620][ T4200] The buggy address belongs to the object at ffff0000dce99d48 [ 49.240620][ T4200] which belongs to the cache f2fs_extent_tree of size 136 [ 49.246488][ T4200] The buggy address is located 0 bytes inside of [ 49.246488][ T4200] 136-byte region [ffff0000dce99d48, ffff0000dce99dd0) [ 49.250230][ T4200] The buggy address belongs to the page: [ 49.251805][ T4200] page:00000000688289a2 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11ce99 [ 49.254978][ T4200] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 49.257331][ T4200] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 49.259742][ T4200] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 49.262189][ T4200] page dumped because: kasan: bad access detected [ 49.264169][ T4200] [ 49.264928][ T4200] Memory state around the buggy address: [ 49.266527][ T4200] ffff0000dce99c00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 49.267872][ T4205] loop4: detected capacity change from 0 to 40427 [ 49.268871][ T4200] ffff0000dce99c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.273076][ T4200] >ffff0000dce99d00: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 49.275360][ T4200] ^ [ 49.277225][ T4200] ffff0000dce99d80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 49.279888][ T4200] ffff0000dce99e00: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.282223][ T4200] ================================================================== [ 49.359162][ T4205] F2FS-fs (loop4): Found nat_bits in checkpoint [ 49.362083][ T4193] F2FS-fs (loop0): Found nat_bits in checkpoint executing program [ 49.397485][ T4205] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 49.400543][ T4205] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 49.402809][ T4205] CPU: 0 PID: 4205 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 49.405768][ T4205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 49.408593][ T4205] Call trace: [ 49.409510][ T4205] dump_backtrace+0x0/0x43c [ 49.410820][ T4205] show_stack+0x2c/0x3c [ 49.411978][ T4205] __dump_stack+0x30/0x40 [ 49.413175][ T4205] dump_stack_lvl+0xf8/0x160 [ 49.414508][ T4205] dump_stack+0x1c/0x5c [ 49.415758][ T4205] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 49.417438][ T4205] f2fs_iget+0x1a74/0x5170 [ 49.418715][ T4205] f2fs_nfs_get_inode+0x80/0x118 [ 49.420215][ T4205] generic_fh_to_dentry+0x9c/0x104 [ 49.421747][ T4205] f2fs_fh_to_dentry+0x44/0x58 [ 49.423118][ T4205] exportfs_decode_fh_raw+0x10c/0x49c [ 49.424588][ T4205] exportfs_decode_fh+0x50/0x80 [ 49.425910][ T4205] do_handle_open+0x514/0x8e8 [ 49.427203][ T4205] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.428836][ T4205] invoke_syscall+0x98/0x2b8 [ 49.430105][ T4205] el0_svc_common+0x138/0x258 [ 49.431413][ T4205] do_el0_svc+0x58/0x14c [ 49.432694][ T4205] el0_svc+0x78/0x1e0 [ 49.433860][ T4205] el0t_64_sync_handler+0xcc/0xe4 [ 49.435514][ T4205] el0t_64_sync+0x1a0/0x1a4 [ 49.466831][ T4193] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 49.477924][ T4193] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 49.482290][ T4193] CPU: 0 PID: 4193 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 49.485373][ T4193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 49.488479][ T4193] Call trace: [ 49.489431][ T4193] dump_backtrace+0x0/0x43c [ 49.490697][ T4193] show_stack+0x2c/0x3c [ 49.491900][ T4193] __dump_stack+0x30/0x40 [ 49.493103][ T4193] dump_stack_lvl+0xf8/0x160 [ 49.494473][ T4193] dump_stack+0x1c/0x5c [ 49.495661][ T4193] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 49.497186][ T4193] f2fs_iget+0x1a74/0x5170 [ 49.498415][ T4193] f2fs_nfs_get_inode+0x80/0x118 [ 49.500297][ T4193] generic_fh_to_dentry+0x9c/0x104 [ 49.501691][ T4193] f2fs_fh_to_dentry+0x44/0x58 [ 49.503112][ T4193] exportfs_decode_fh_raw+0x10c/0x49c [ 49.504598][ T4193] exportfs_decode_fh+0x50/0x80 [ 49.506148][ T4193] do_handle_open+0x514/0x8e8 [ 49.507559][ T4193] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.509266][ T4193] invoke_syscall+0x98/0x2b8 [ 49.510572][ T4193] el0_svc_common+0x138/0x258 [ 49.512033][ T4193] do_el0_svc+0x58/0x14c [ 49.513593][ T4193] el0_svc+0x78/0x1e0 [ 49.514795][ T4193] el0t_64_sync_handler+0xcc/0xe4 [ 49.516220][ T4193] el0t_64_sync+0x1a0/0x1a4 executing program [ 49.568060][ T4205] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 49.575049][ T4216] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 49.582418][ T4216] CPU: 0 PID: 4216 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 49.585634][ T4216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 49.588539][ T4216] Call trace: [ 49.589438][ T4216] dump_backtrace+0x0/0x43c [ 49.590740][ T4216] show_stack+0x2c/0x3c [ 49.591919][ T4216] __dump_stack+0x30/0x40 [ 49.593202][ T4216] dump_stack_lvl+0xf8/0x160 [ 49.594449][ T4216] dump_stack+0x1c/0x5c [ 49.595736][ T4216] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 49.597228][ T4216] f2fs_iget+0x1a74/0x5170 [ 49.598503][ T4216] f2fs_nfs_get_inode+0x80/0x118 [ 49.599916][ T4216] generic_fh_to_dentry+0x9c/0x104 [ 49.601416][ T4216] f2fs_fh_to_dentry+0x44/0x58 [ 49.602905][ T4216] exportfs_decode_fh_raw+0x10c/0x49c [ 49.604489][ T4216] exportfs_decode_fh+0x50/0x80 [ 49.605927][ T4216] do_handle_open+0x514/0x8e8 [ 49.607329][ T4216] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.608991][ T4216] invoke_syscall+0x98/0x2b8 [ 49.610326][ T4216] el0_svc_common+0x138/0x258 [ 49.611757][ T4216] do_el0_svc+0x58/0x14c [ 49.612941][ T4216] el0_svc+0x78/0x1e0 [ 49.614085][ T4216] el0t_64_sync_handler+0xcc/0xe4 [ 49.615550][ T4216] el0t_64_sync+0x1a0/0x1a4 [ 49.619405][ T4203] F2FS-fs (loop2): Found nat_bits in checkpoint [ 49.634451][ T4193] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 49.643957][ T4216] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 49.649065][ T4216] ================================================================== [ 49.651497][ T4216] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 49.653899][ T4216] [ 49.654706][ T4216] CPU: 1 PID: 4216 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 49.657486][ T4216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 49.660375][ T4216] Call trace: [ 49.661315][ T4216] dump_backtrace+0x0/0x43c [ 49.662712][ T4216] show_stack+0x2c/0x3c [ 49.663903][ T4216] __dump_stack+0x30/0x40 [ 49.665215][ T4216] dump_stack_lvl+0xf8/0x160 [ 49.666472][ T4216] print_address_description+0x78/0x30c [ 49.668136][ T4216] kasan_report_invalid_free+0x4c/0x7c [ 49.669634][ T4216] ____kasan_slab_free+0x134/0x164 [ 49.671054][ T4216] __kasan_slab_free+0x18/0x28 [ 49.672534][ T4216] slab_free_freelist_hook+0x128/0x1e8 [ 49.674034][ T4216] kmem_cache_free+0xdc/0x3b4 [ 49.675368][ T4216] f2fs_destroy_extent_tree+0x2d0/0x688 [ 49.676893][ T4216] f2fs_evict_inode+0x32c/0x1520 [ 49.678283][ T4216] evict+0x3c8/0x810 [ 49.679496][ T4216] iput+0x6c4/0x77c [ 49.680559][ T4216] iget_failed+0x148/0x194 [ 49.681793][ T4216] f2fs_iget+0x58c/0x5170 [ 49.683021][ T4216] f2fs_nfs_get_inode+0x80/0x118 [ 49.684577][ T4216] generic_fh_to_dentry+0x9c/0x104 [ 49.685957][ T4216] f2fs_fh_to_dentry+0x44/0x58 [ 49.687215][ T4216] exportfs_decode_fh_raw+0x10c/0x49c [ 49.688747][ T4216] exportfs_decode_fh+0x50/0x80 [ 49.690144][ T4216] do_handle_open+0x514/0x8e8 [ 49.691475][ T4216] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.693257][ T4216] invoke_syscall+0x98/0x2b8 [ 49.694756][ T4216] el0_svc_common+0x138/0x258 [ 49.696072][ T4216] do_el0_svc+0x58/0x14c [ 49.697309][ T4216] el0_svc+0x78/0x1e0 [ 49.698488][ T4216] el0t_64_sync_handler+0xcc/0xe4 [ 49.699873][ T4216] el0t_64_sync+0x1a0/0x1a4 [ 49.701248][ T4216] [ 49.701877][ T4216] Allocated by task 4205: [ 49.703087][ T4216] __kasan_slab_alloc+0x8c/0xcc [ 49.704436][ T4216] slab_post_alloc_hook+0x74/0x408 [ 49.705828][ T4216] kmem_cache_alloc+0x1e0/0x3e4 [ 49.707253][ T4216] f2fs_init_extent_tree+0x43c/0xaac [ 49.708731][ T4216] f2fs_iget+0x10c4/0x5170 [ 49.709990][ T4216] f2fs_nfs_get_inode+0x80/0x118 [ 49.711427][ T4216] generic_fh_to_dentry+0x9c/0x104 [ 49.712922][ T4216] f2fs_fh_to_dentry+0x44/0x58 [ 49.714308][ T4216] exportfs_decode_fh_raw+0x10c/0x49c [ 49.715838][ T4216] exportfs_decode_fh+0x50/0x80 [ 49.717244][ T4216] do_handle_open+0x514/0x8e8 [ 49.718564][ T4216] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.720264][ T4216] invoke_syscall+0x98/0x2b8 [ 49.721536][ T4216] el0_svc_common+0x138/0x258 [ 49.722883][ T4216] do_el0_svc+0x58/0x14c [ 49.724118][ T4216] el0_svc+0x78/0x1e0 [ 49.725249][ T4216] el0t_64_sync_handler+0xcc/0xe4 [ 49.726726][ T4216] el0t_64_sync+0x1a0/0x1a4 [ 49.728006][ T4216] [ 49.728850][ T4216] Freed by task 4205: [ 49.729977][ T4216] kasan_set_track+0x4c/0x84 [ 49.731331][ T4216] kasan_set_free_info+0x28/0x4c [ 49.732733][ T4216] ____kasan_slab_free+0x118/0x164 [ 49.734199][ T4216] __kasan_slab_free+0x18/0x28 [ 49.735560][ T4216] slab_free_freelist_hook+0x128/0x1e8 [ 49.737100][ T4216] kmem_cache_free+0xdc/0x3b4 [ 49.738476][ T4216] f2fs_destroy_extent_tree+0x2d0/0x688 [ 49.740025][ T4216] f2fs_evict_inode+0x32c/0x1520 [ 49.741409][ T4216] evict+0x3c8/0x810 [ 49.742548][ T4216] iput+0x6c4/0x77c [ 49.743694][ T4216] iget_failed+0x148/0x194 [ 49.745061][ T4216] f2fs_iget+0x58c/0x5170 [ 49.746287][ T4216] f2fs_nfs_get_inode+0x80/0x118 [ 49.747695][ T4216] generic_fh_to_dentry+0x9c/0x104 [ 49.749156][ T4216] f2fs_fh_to_dentry+0x44/0x58 [ 49.750521][ T4216] exportfs_decode_fh_raw+0x10c/0x49c [ 49.752077][ T4216] exportfs_decode_fh+0x50/0x80 [ 49.753466][ T4216] do_handle_open+0x514/0x8e8 [ 49.754839][ T4216] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.756469][ T4216] invoke_syscall+0x98/0x2b8 [ 49.757723][ T4216] el0_svc_common+0x138/0x258 [ 49.759141][ T4216] do_el0_svc+0x58/0x14c [ 49.760361][ T4216] el0_svc+0x78/0x1e0 [ 49.761804][ T4216] el0t_64_sync_handler+0xcc/0xe4 [ 49.763516][ T4216] el0t_64_sync+0x1a0/0x1a4 [ 49.764873][ T4216] [ 49.765567][ T4216] The buggy address belongs to the object at ffff0000dcfd1ed8 [ 49.765567][ T4216] which belongs to the cache f2fs_extent_tree of size 136 [ 49.769814][ T4216] The buggy address is located 0 bytes inside of [ 49.769814][ T4216] 136-byte region [ffff0000dcfd1ed8, ffff0000dcfd1f60) [ 49.773554][ T4216] The buggy address belongs to the page: [ 49.775239][ T4216] page:00000000f15c583c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11cfd1 [ 49.778393][ T4216] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 49.780641][ T4216] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 49.783065][ T4216] raw: 0000000000000000 0000000000140014 00000001ffffffff 0000000000000000 [ 49.785593][ T4216] page dumped because: kasan: bad access detected [ 49.787472][ T4216] [ 49.788149][ T4216] Memory state around the buggy address: [ 49.789771][ T4216] ffff0000dcfd1d80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 49.792198][ T4216] ffff0000dcfd1e00: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb [ 49.794515][ T4216] >ffff0000dcfd1e80: fb fb fb fc fc fc fc fc fc fc fc fa fb fb fb fb [ 49.796881][ T4216] ^ [ 49.798960][ T4216] ffff0000dcfd1f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 49.801292][ T4216] ffff0000dcfd1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 49.803551][ T4216] ================================================================== [ 49.807317][ T4217] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 49.809815][ T4217] CPU: 1 PID: 4217 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 49.812547][ T4217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 49.815794][ T4217] Call trace: [ 49.816875][ T4217] dump_backtrace+0x0/0x43c [ 49.818212][ T4217] show_stack+0x2c/0x3c [ 49.819382][ T4217] __dump_stack+0x30/0x40 [ 49.820592][ T4217] dump_stack_lvl+0xf8/0x160 [ 49.822002][ T4217] dump_stack+0x1c/0x5c [ 49.823514][ T4217] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 49.825015][ T4217] f2fs_iget+0x1a74/0x5170 [ 49.826323][ T4217] f2fs_nfs_get_inode+0x80/0x118 [ 49.827812][ T4217] generic_fh_to_dentry+0x9c/0x104 [ 49.829739][ T4217] f2fs_fh_to_dentry+0x44/0x58 [ 49.831103][ T4217] exportfs_decode_fh_raw+0x10c/0x49c [ 49.832594][ T4217] exportfs_decode_fh+0x50/0x80 [ 49.834062][ T4217] do_handle_open+0x514/0x8e8 [ 49.835422][ T4217] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.837109][ T4217] invoke_syscall+0x98/0x2b8 [ 49.838599][ T4217] el0_svc_common+0x138/0x258 [ 49.840287][ T4217] do_el0_svc+0x58/0x14c [ 49.841492][ T4217] el0_svc+0x78/0x1e0 [ 49.842692][ T4217] el0t_64_sync_handler+0xcc/0xe4 [ 49.844165][ T4217] el0t_64_sync+0x1a0/0x1a4 [ 49.846794][ T4203] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 49.847133][ T4217] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 49.871432][ T4203] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 49.885286][ T4203] CPU: 0 PID: 4203 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 49.888268][ T4203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 49.891082][ T4203] Call trace: [ 49.892138][ T4203] dump_backtrace+0x0/0x43c [ 49.893612][ T4203] show_stack+0x2c/0x3c [ 49.895193][ T4203] __dump_stack+0x30/0x40 [ 49.896458][ T4203] dump_stack_lvl+0xf8/0x160 [ 49.897736][ T4203] dump_stack+0x1c/0x5c [ 49.898894][ T4203] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 49.900426][ T4203] f2fs_iget+0x1a74/0x5170 [ 49.901783][ T4203] f2fs_nfs_get_inode+0x80/0x118 [ 49.903170][ T4203] generic_fh_to_dentry+0x9c/0x104 [ 49.904632][ T4203] f2fs_fh_to_dentry+0x44/0x58 [ 49.905915][ T4203] exportfs_decode_fh_raw+0x10c/0x49c [ 49.907408][ T4203] exportfs_decode_fh+0x50/0x80 [ 49.908823][ T4203] do_handle_open+0x514/0x8e8 [ 49.910097][ T4203] __arm64_sys_open_by_handle_at+0x80/0x94 [ 49.911786][ T4203] invoke_syscall+0x98/0x2b8 [ 49.913082][ T4203] el0_svc_common+0x138/0x258 [ 49.914485][ T4203] do_el0_svc+0x58/0x14c [ 49.914937][ T4221] loop3: detected capacity change from 0 to 40427 [ 49.915660][ T4203] el0_svc+0x78/0x1e0 [ 49.918626][ T4203] el0t_64_sync_handler+0xcc/0xe4 [ 49.920125][ T4203] el0t_64_sync+0x1a0/0x1a4 [ 49.933014][ T4221] F2FS-fs (loop3): Found nat_bits in checkpoint [ 49.957263][ T4221] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 49.971623][ T4215] loop1: detected capacity change from 0 to 40427 [ 49.979994][ T4221] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 49.982403][ T4221] CPU: 1 PID: 4221 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 49.985348][ T4221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 49.988244][ T4221] Call trace: [ 49.989124][ T4221] dump_backtrace+0x0/0x43c [ 49.990508][ T4221] show_stack+0x2c/0x3c [ 49.991749][ T4221] __dump_stack+0x30/0x40 [ 49.993363][ T4221] dump_stack_lvl+0xf8/0x160 [ 49.994678][ T4221] dump_stack+0x1c/0x5c [ 49.995916][ T4221] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 49.997535][ T4221] f2fs_iget+0x1a74/0x5170 [ 49.998804][ T4221] f2fs_nfs_get_inode+0x80/0x118 [ 50.000253][ T4221] generic_fh_to_dentry+0x9c/0x104 [ 50.001774][ T4221] f2fs_fh_to_dentry+0x44/0x58 [ 50.003168][ T4221] exportfs_decode_fh_raw+0x10c/0x49c [ 50.004667][ T4221] exportfs_decode_fh+0x50/0x80 [ 50.006056][ T4221] do_handle_open+0x514/0x8e8 [ 50.007440][ T4221] __arm64_sys_open_by_handle_at+0x80/0x94 [ 50.009235][ T4221] invoke_syscall+0x98/0x2b8 [ 50.010540][ T4221] el0_svc_common+0x138/0x258 [ 50.011979][ T4221] do_el0_svc+0x58/0x14c [ 50.013184][ T4221] el0_svc+0x78/0x1e0 [ 50.014453][ T4221] el0t_64_sync_handler+0xcc/0xe4 [ 50.015896][ T4221] el0t_64_sync+0x1a0/0x1a4 [ 50.035354][ T4203] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 50.039400][ T4226] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 50.041923][ T4226] CPU: 1 PID: 4226 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 50.044794][ T4226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 50.047976][ T4226] Call trace: [ 50.048935][ T4226] dump_backtrace+0x0/0x43c [ 50.050243][ T4226] show_stack+0x2c/0x3c [ 50.051426][ T4226] __dump_stack+0x30/0x40 [ 50.052639][ T4226] dump_stack_lvl+0xf8/0x160 [ 50.052726][ T4221] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 50.054052][ T4226] dump_stack+0x1c/0x5c [ 50.058094][ T4231] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 50.058513][ T4226] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 50.062106][ T4226] f2fs_iget+0x1a74/0x5170 [ 50.063335][ T4226] f2fs_nfs_get_inode+0x80/0x118 [ 50.064719][ T4226] generic_fh_to_dentry+0x9c/0x104 [ 50.066165][ T4226] f2fs_fh_to_dentry+0x44/0x58 [ 50.067584][ T4226] exportfs_decode_fh_raw+0x10c/0x49c [ 50.069224][ T4226] exportfs_decode_fh+0x50/0x80 [ 50.070575][ T4226] do_handle_open+0x514/0x8e8 [ 50.071867][ T4226] __arm64_sys_open_by_handle_at+0x80/0x94 [ 50.073621][ T4226] invoke_syscall+0x98/0x2b8 [ 50.074885][ T4226] el0_svc_common+0x138/0x258 [ 50.076165][ T4226] do_el0_svc+0x58/0x14c [ 50.077371][ T4226] el0_svc+0x78/0x1e0 [ 50.078524][ T4226] el0t_64_sync_handler+0xcc/0xe4 [ 50.079924][ T4226] el0t_64_sync+0x1a0/0x1a4 [ 50.081265][ T4231] CPU: 0 PID: 4231 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 50.084108][ T4231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 50.087069][ T4231] Call trace: [ 50.087988][ T4231] dump_backtrace+0x0/0x43c [ 50.089238][ T4231] show_stack+0x2c/0x3c [ 50.090340][ T4231] __dump_stack+0x30/0x40 [ 50.091517][ T4231] dump_stack_lvl+0xf8/0x160 [ 50.092801][ T4231] dump_stack+0x1c/0x5c [ 50.093945][ T4231] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 50.095423][ T4231] f2fs_iget+0x1a74/0x5170 [ 50.096649][ T4231] f2fs_nfs_get_inode+0x80/0x118 [ 50.098104][ T4231] generic_fh_to_dentry+0x9c/0x104 [ 50.099651][ T4231] f2fs_fh_to_dentry+0x44/0x58 [ 50.101002][ T4231] exportfs_decode_fh_raw+0x10c/0x49c [ 50.102724][ T4231] exportfs_decode_fh+0x50/0x80 [ 50.104105][ T4231] do_handle_open+0x514/0x8e8 [ 50.105043][ T4226] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 50.105471][ T4231] __arm64_sys_open_by_handle_at+0x80/0x94 [ 50.109242][ T4226] ================================================================== [ 50.110353][ T4231] invoke_syscall+0x98/0x2b8 [ 50.112819][ T4226] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 50.114098][ T4231] el0_svc_common+0x138/0x258 [ 50.116486][ T4226] [ 50.117902][ T4231] do_el0_svc+0x58/0x14c [ 50.120188][ T4231] el0_svc+0x78/0x1e0 [ 50.121292][ T4231] el0t_64_sync_handler+0xcc/0xe4 [ 50.122762][ T4231] el0t_64_sync+0x1a0/0x1a4 [ 50.124040][ T4226] CPU: 1 PID: 4226 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 50.124990][ T4231] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 50.126988][ T4226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 50.127001][ T4226] Call trace: [ 50.127004][ T4226] dump_backtrace+0x0/0x43c [ 50.135759][ T4226] show_stack+0x2c/0x3c [ 50.136704][ T4215] F2FS-fs (loop1): Found nat_bits in checkpoint [ 50.136966][ T4226] __dump_stack+0x30/0x40 [ 50.140478][ T4226] dump_stack_lvl+0xf8/0x160 [ 50.141784][ T4226] print_address_description+0x78/0x30c [ 50.143337][ T4226] kasan_report_invalid_free+0x4c/0x7c [ 50.144877][ T4226] ____kasan_slab_free+0x134/0x164 [ 50.146384][ T4226] __kasan_slab_free+0x18/0x28 [ 50.147925][ T4226] slab_free_freelist_hook+0x128/0x1e8 [ 50.149432][ T4215] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 50.149559][ T4226] kmem_cache_free+0xdc/0x3b4 [ 50.153209][ T4226] f2fs_destroy_extent_tree+0x2d0/0x688 [ 50.154847][ T4226] f2fs_evict_inode+0x32c/0x1520 [ 50.156211][ T4226] evict+0x3c8/0x810 [ 50.157397][ T4226] iput+0x6c4/0x77c [ 50.158479][ T4226] iget_failed+0x148/0x194 [ 50.159722][ T4215] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 50.159762][ T4226] f2fs_iget+0x58c/0x5170 [ 50.163325][ T4226] f2fs_nfs_get_inode+0x80/0x118 [ 50.164731][ T4226] generic_fh_to_dentry+0x9c/0x104 [ 50.166255][ T4226] f2fs_fh_to_dentry+0x44/0x58 [ 50.167599][ T4226] exportfs_decode_fh_raw+0x10c/0x49c [ 50.169111][ T4226] exportfs_decode_fh+0x50/0x80 [ 50.170550][ T4226] do_handle_open+0x514/0x8e8 [ 50.172165][ T4226] __arm64_sys_open_by_handle_at+0x80/0x94 [ 50.173835][ T4226] invoke_syscall+0x98/0x2b8 [ 50.175350][ T4226] el0_svc_common+0x138/0x258 [ 50.176785][ T4226] do_el0_svc+0x58/0x14c [ 50.178001][ T4226] el0_svc+0x78/0x1e0 [ 50.179281][ T4226] el0t_64_sync_handler+0xcc/0xe4 [ 50.180835][ T4226] el0t_64_sync+0x1a0/0x1a4 [ 50.182168][ T4226] [ 50.182172][ T4215] CPU: 0 PID: 4215 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 50.182823][ T4226] Allocated by task 4203: [ 50.185738][ T4215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 50.186926][ T4226] __kasan_slab_alloc+0x8c/0xcc [ 50.189839][ T4215] Call trace: [ 50.191152][ T4226] slab_post_alloc_hook+0x74/0x408 [ 50.192052][ T4215] dump_backtrace+0x0/0x43c [ 50.193542][ T4226] kmem_cache_alloc+0x1e0/0x3e4 [ 50.194796][ T4215] show_stack+0x2c/0x3c [ 50.196240][ T4226] f2fs_init_extent_tree+0x43c/0xaac [ 50.197532][ T4215] __dump_stack+0x30/0x40 [ 50.199008][ T4226] f2fs_iget+0x10c4/0x5170 [ 50.200228][ T4215] dump_stack_lvl+0xf8/0x160 [ 50.201565][ T4226] f2fs_nfs_get_inode+0x80/0x118 [ 50.203002][ T4215] dump_stack+0x1c/0x5c [ 50.204494][ T4226] generic_fh_to_dentry+0x9c/0x104 [ 50.205765][ T4215] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 50.207191][ T4226] f2fs_fh_to_dentry+0x44/0x58 [ 50.208659][ T4215] f2fs_iget+0x1a74/0x5170 [ 50.210061][ T4226] exportfs_decode_fh_raw+0x10c/0x49c [ 50.211461][ T4215] f2fs_nfs_get_inode+0x80/0x118 [ 50.212971][ T4226] exportfs_decode_fh+0x50/0x80 [ 50.214352][ T4215] generic_fh_to_dentry+0x9c/0x104 [ 50.215748][ T4226] do_handle_open+0x514/0x8e8 [ 50.217218][ T4215] f2fs_fh_to_dentry+0x44/0x58 [ 50.218498][ T4226] __arm64_sys_open_by_handle_at+0x80/0x94 [ 50.219822][ T4215] exportfs_decode_fh_raw+0x10c/0x49c [ 50.221509][ T4226] invoke_syscall+0x98/0x2b8 [ 50.223059][ T4215] exportfs_decode_fh+0x50/0x80 [ 50.224352][ T4226] el0_svc_common+0x138/0x258 [ 50.225676][ T4215] do_handle_open+0x514/0x8e8 [ 50.226977][ T4226] do_el0_svc+0x58/0x14c [ 50.228355][ T4215] __arm64_sys_open_by_handle_at+0x80/0x94 [ 50.229574][ T4226] el0_svc+0x78/0x1e0 [ 50.231278][ T4215] invoke_syscall+0x98/0x2b8 [ 50.232364][ T4226] el0t_64_sync_handler+0xcc/0xe4 [ 50.233765][ T4215] el0_svc_common+0x138/0x258 [ 50.235201][ T4226] el0t_64_sync+0x1a0/0x1a4 [ 50.236503][ T4215] do_el0_svc+0x58/0x14c [ 50.237796][ T4226] [ 50.238994][ T4215] el0_svc+0x78/0x1e0 [ 50.239642][ T4226] Freed by task 4203: [ 50.240744][ T4215] el0t_64_sync_handler+0xcc/0xe4 [ 50.241851][ T4226] kasan_set_track+0x4c/0x84 [ 50.243237][ T4215] el0t_64_sync+0x1a0/0x1a4 [ 50.244507][ T4226] kasan_set_free_info+0x28/0x4c [ 50.247250][ T4226] ____kasan_slab_free+0x118/0x164 [ 50.248885][ T4226] __kasan_slab_free+0x18/0x28 [ 50.249730][ T4215] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 50.250247][ T4226] slab_free_freelist_hook+0x128/0x1e8 [ 50.253839][ T4236] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 50.255121][ T4226] kmem_cache_free+0xdc/0x3b4 [ 50.257615][ T4236] CPU: 0 PID: 4236 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 50.258371][ T4226] f2fs_destroy_extent_tree+0x2d0/0x688 [ 50.261087][ T4236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 50.262693][ T4226] f2fs_evict_inode+0x32c/0x1520 [ 50.265580][ T4236] Call trace: [ 50.266929][ T4226] evict+0x3c8/0x810 [ 50.267830][ T4236] dump_backtrace+0x0/0x43c [ 50.268957][ T4226] iput+0x6c4/0x77c [ 50.270186][ T4236] show_stack+0x2c/0x3c [ 50.271296][ T4226] iget_failed+0x148/0x194 [ 50.272487][ T4236] __dump_stack+0x30/0x40 [ 50.273746][ T4226] f2fs_iget+0x58c/0x5170 [ 50.275134][ T4236] dump_stack_lvl+0xf8/0x160 [ 50.276359][ T4226] f2fs_nfs_get_inode+0x80/0x118 [ 50.277600][ T4236] dump_stack+0x1c/0x5c [ 50.278956][ T4226] generic_fh_to_dentry+0x9c/0x104 [ 50.280075][ T4236] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 50.281508][ T4226] f2fs_fh_to_dentry+0x44/0x58 [ 50.282922][ T4236] f2fs_iget+0x1a74/0x5170 [ 50.284262][ T4226] exportfs_decode_fh_raw+0x10c/0x49c [ 50.285575][ T4236] f2fs_nfs_get_inode+0x80/0x118 [ 50.287145][ T4226] exportfs_decode_fh+0x50/0x80 [ 50.288547][ T4236] generic_fh_to_dentry+0x9c/0x104 [ 50.290066][ T4226] do_handle_open+0x514/0x8e8 [ 50.291415][ T4236] f2fs_fh_to_dentry+0x44/0x58 [ 50.292707][ T4226] __arm64_sys_open_by_handle_at+0x80/0x94 [ 50.294038][ T4236] exportfs_decode_fh_raw+0x10c/0x49c [ 50.295818][ T4226] invoke_syscall+0x98/0x2b8 [ 50.297356][ T4236] exportfs_decode_fh+0x50/0x80 [ 50.298665][ T4226] el0_svc_common+0x138/0x258 [ 50.300019][ T4236] do_handle_open+0x514/0x8e8 [ 50.301408][ T4226] do_el0_svc+0x58/0x14c [ 50.302669][ T4236] __arm64_sys_open_by_handle_at+0x80/0x94 [ 50.304002][ T4226] el0_svc+0x78/0x1e0 [ 50.305709][ T4236] invoke_syscall+0x98/0x2b8 [ 50.306842][ T4226] el0t_64_sync_handler+0xcc/0xe4 [ 50.308034][ T4236] el0_svc_common+0x138/0x258 [ 50.309394][ T4226] el0t_64_sync+0x1a0/0x1a4 [ 50.310662][ T4236] do_el0_svc+0x58/0x14c [ 50.311905][ T4226] [ 50.313080][ T4236] el0_svc+0x78/0x1e0 [ 50.313718][ T4226] The buggy address belongs to the object at ffff0000c04ad0c8 [ 50.313718][ T4226] which belongs to the cache f2fs_extent_tree of size 136 [ 50.314818][ T4236] el0t_64_sync_handler+0xcc/0xe4 [ 50.319041][ T4226] The buggy address is located 0 bytes inside of [ 50.319041][ T4226] 136-byte region [ffff0000c04ad0c8, ffff0000c04ad150) [ 50.320474][ T4236] el0t_64_sync+0x1a0/0x1a4 [ 50.324216][ T4226] The buggy address belongs to the page: [ 50.327061][ T4226] page:00000000686e41bb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1004ad [ 50.329938][ T4226] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 50.332029][ T4226] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 50.334375][ T4226] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 50.336826][ T4226] page dumped because: kasan: bad access detected [ 50.338597][ T4226] [ 50.339264][ T4226] Memory state around the buggy address: [ 50.339878][ T4236] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 50.340832][ T4226] ffff0000c04acf80: fc 00 00 00 00 00 fc fc fa fb fb fb fb fc fc fc [ 50.346440][ T4226] ffff0000c04ad000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 50.348711][ T4226] >ffff0000c04ad080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 50.351014][ T4226] ^ [ 50.352947][ T4226] ffff0000c04ad100: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 50.355282][ T4226] ffff0000c04ad180: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb [ 50.357583][ T4226] ================================================================== executing program executing program executing program executing program executing program [ 50.790373][ T4241] loop0: detected capacity change from 0 to 40427 [ 50.847337][ T4241] F2FS-fs (loop0): Found nat_bits in checkpoint [ 50.876428][ T4241] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 50.888249][ T4241] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 50.890504][ T4241] CPU: 1 PID: 4241 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 50.893322][ T4241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 50.896075][ T4241] Call trace: [ 50.896954][ T4241] dump_backtrace+0x0/0x43c [ 50.898352][ T4241] show_stack+0x2c/0x3c [ 50.899515][ T4241] __dump_stack+0x30/0x40 [ 50.900750][ T4241] dump_stack_lvl+0xf8/0x160 [ 50.902104][ T4241] dump_stack+0x1c/0x5c [ 50.903328][ T4241] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 50.904812][ T4241] f2fs_iget+0x1a74/0x5170 [ 50.906053][ T4241] f2fs_nfs_get_inode+0x80/0x118 [ 50.907518][ T4241] generic_fh_to_dentry+0x9c/0x104 [ 50.908931][ T4241] f2fs_fh_to_dentry+0x44/0x58 [ 50.910338][ T4241] exportfs_decode_fh_raw+0x10c/0x49c [ 50.911934][ T4241] exportfs_decode_fh+0x50/0x80 [ 50.913230][ T4241] do_handle_open+0x514/0x8e8 [ 50.914524][ T4241] __arm64_sys_open_by_handle_at+0x80/0x94 [ 50.916275][ T4241] invoke_syscall+0x98/0x2b8 [ 50.917796][ T4241] el0_svc_common+0x138/0x258 [ 50.919025][ T4241] do_el0_svc+0x58/0x14c [ 50.920284][ T4241] el0_svc+0x78/0x1e0 [ 50.921493][ T4241] el0t_64_sync_handler+0xcc/0xe4 [ 50.922901][ T4241] el0t_64_sync+0x1a0/0x1a4 [ 50.977894][ T4246] loop3: detected capacity change from 0 to 40427 [ 51.025325][ T4245] loop2: detected capacity change from 0 to 40427 [ 51.025764][ T4246] F2FS-fs (loop3): Found nat_bits in checkpoint [ 51.029929][ T4247] loop1: detected capacity change from 0 to 40427 [ 51.038312][ T4241] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 51.048227][ T4253] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 51.057415][ T4253] CPU: 1 PID: 4253 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 51.060332][ T4253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 51.062286][ T4239] loop4: detected capacity change from 0 to 40427 [ 51.063342][ T4253] Call trace: [ 51.063349][ T4253] dump_backtrace+0x0/0x43c [ 51.063372][ T4253] show_stack+0x2c/0x3c [ 51.063382][ T4253] __dump_stack+0x30/0x40 [ 51.063393][ T4253] dump_stack_lvl+0xf8/0x160 [ 51.071050][ T4253] dump_stack+0x1c/0x5c [ 51.072209][ T4253] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 51.073738][ T4253] f2fs_iget+0x1a74/0x5170 [ 51.075023][ T4253] f2fs_nfs_get_inode+0x80/0x118 [ 51.076382][ T4253] generic_fh_to_dentry+0x9c/0x104 [ 51.077871][ T4253] f2fs_fh_to_dentry+0x44/0x58 [ 51.079169][ T4253] exportfs_decode_fh_raw+0x10c/0x49c [ 51.080543][ T4245] F2FS-fs (loop2): Found nat_bits in checkpoint [ 51.080698][ T4253] exportfs_decode_fh+0x50/0x80 [ 51.083779][ T4253] do_handle_open+0x514/0x8e8 [ 51.085216][ T4253] __arm64_sys_open_by_handle_at+0x80/0x94 [ 51.086910][ T4253] invoke_syscall+0x98/0x2b8 [ 51.088205][ T4253] el0_svc_common+0x138/0x258 [ 51.089509][ T4253] do_el0_svc+0x58/0x14c [ 51.090660][ T4253] el0_svc+0x78/0x1e0 [ 51.091805][ T4253] el0t_64_sync_handler+0xcc/0xe4 [ 51.093210][ T4253] el0t_64_sync+0x1a0/0x1a4 [ 51.095141][ T4253] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 51.111593][ T4246] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 51.123414][ T4246] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 51.127688][ T4247] F2FS-fs (loop1): Found nat_bits in checkpoint [ 51.149085][ T4239] F2FS-fs (loop4): Found nat_bits in checkpoint [ 51.163332][ T4246] CPU: 1 PID: 4246 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 51.166251][ T4246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 51.169181][ T4246] Call trace: [ 51.170075][ T4246] dump_backtrace+0x0/0x43c [ 51.171402][ T4246] show_stack+0x2c/0x3c [ 51.172575][ T4246] __dump_stack+0x30/0x40 [ 51.173788][ T4246] dump_stack_lvl+0xf8/0x160 [ 51.175104][ T4246] dump_stack+0x1c/0x5c [ 51.176295][ T4246] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 51.177849][ T4246] f2fs_iget+0x1a74/0x5170 [ 51.179168][ T4246] f2fs_nfs_get_inode+0x80/0x118 [ 51.180618][ T4246] generic_fh_to_dentry+0x9c/0x104 [ 51.182080][ T4246] f2fs_fh_to_dentry+0x44/0x58 [ 51.183477][ T4246] exportfs_decode_fh_raw+0x10c/0x49c [ 51.184912][ T4246] exportfs_decode_fh+0x50/0x80 [ 51.186355][ T4246] do_handle_open+0x514/0x8e8 [ 51.187680][ T4246] __arm64_sys_open_by_handle_at+0x80/0x94 [ 51.189346][ T4246] invoke_syscall+0x98/0x2b8 [ 51.190656][ T4246] el0_svc_common+0x138/0x258 [ 51.191956][ T4246] do_el0_svc+0x58/0x14c [ 51.193188][ T4246] el0_svc+0x78/0x1e0 [ 51.194302][ T4246] el0t_64_sync_handler+0xcc/0xe4 [ 51.195706][ T4246] el0t_64_sync+0x1a0/0x1a4 [ 51.198779][ T4245] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 51.206691][ T4245] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 51.210382][ T4245] CPU: 1 PID: 4245 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 51.213110][ T4245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 51.215926][ T4245] Call trace: [ 51.216930][ T4245] dump_backtrace+0x0/0x43c [ 51.218178][ T4245] show_stack+0x2c/0x3c [ 51.219387][ T4245] __dump_stack+0x30/0x40 [ 51.220547][ T4245] dump_stack_lvl+0xf8/0x160 [ 51.221917][ T4245] dump_stack+0x1c/0x5c [ 51.223082][ T4245] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 51.224586][ T4245] f2fs_iget+0x1a74/0x5170 [ 51.225885][ T4245] f2fs_nfs_get_inode+0x80/0x118 [ 51.227410][ T4245] generic_fh_to_dentry+0x9c/0x104 [ 51.228924][ T4245] f2fs_fh_to_dentry+0x44/0x58 [ 51.230280][ T4245] exportfs_decode_fh_raw+0x10c/0x49c [ 51.231874][ T4245] exportfs_decode_fh+0x50/0x80 [ 51.233231][ T4245] do_handle_open+0x514/0x8e8 [ 51.234692][ T4245] __arm64_sys_open_by_handle_at+0x80/0x94 [ 51.236352][ T4245] invoke_syscall+0x98/0x2b8 [ 51.237643][ T4245] el0_svc_common+0x138/0x258 [ 51.238958][ T4245] do_el0_svc+0x58/0x14c [ 51.240200][ T4245] el0_svc+0x78/0x1e0 [ 51.241354][ T4245] el0t_64_sync_handler+0xcc/0xe4 [ 51.242358][ T4246] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 51.242777][ T4245] el0t_64_sync+0x1a0/0x1a4 [ 51.247859][ T4247] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 51.250504][ T4268] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 51.253617][ T4268] CPU: 1 PID: 4268 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 51.256484][ T4268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 51.259422][ T4268] Call trace: [ 51.260377][ T4268] dump_backtrace+0x0/0x43c [ 51.261793][ T4268] show_stack+0x2c/0x3c [ 51.262969][ T4268] __dump_stack+0x30/0x40 [ 51.264310][ T4268] dump_stack_lvl+0xf8/0x160 [ 51.265579][ T4268] dump_stack+0x1c/0x5c [ 51.266777][ T4268] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 51.268242][ T4268] f2fs_iget+0x1a74/0x5170 [ 51.269527][ T4268] f2fs_nfs_get_inode+0x80/0x118 [ 51.270907][ T4268] generic_fh_to_dentry+0x9c/0x104 [ 51.272336][ T4268] f2fs_fh_to_dentry+0x44/0x58 [ 51.273664][ T4268] exportfs_decode_fh_raw+0x10c/0x49c [ 51.275241][ T4268] exportfs_decode_fh+0x50/0x80 [ 51.276620][ T4268] do_handle_open+0x514/0x8e8 [ 51.277978][ T4268] __arm64_sys_open_by_handle_at+0x80/0x94 [ 51.279582][ T4268] invoke_syscall+0x98/0x2b8 [ 51.280884][ T4268] el0_svc_common+0x138/0x258 [ 51.282246][ T4268] do_el0_svc+0x58/0x14c [ 51.283402][ T4245] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 51.283488][ T4268] el0_svc+0x78/0x1e0 [ 51.287884][ T4268] el0t_64_sync_handler+0xcc/0xe4 [ 51.289426][ T4268] el0t_64_sync+0x1a0/0x1a4 [ 51.290424][ T4247] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 51.291709][ T4268] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 51.293115][ T4247] CPU: 0 PID: 4247 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 51.296341][ T4245] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 51.298935][ T4247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 51.298949][ T4247] Call trace: [ 51.298953][ T4247] dump_backtrace+0x0/0x43c [ 51.298973][ T4247] show_stack+0x2c/0x3c [ 51.298983][ T4247] __dump_stack+0x30/0x40 [ 51.298993][ T4247] dump_stack_lvl+0xf8/0x160 [ 51.299001][ T4247] dump_stack+0x1c/0x5c [ 51.299008][ T4247] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 51.299020][ T4247] f2fs_iget+0x1a74/0x5170 [ 51.299030][ T4247] f2fs_nfs_get_inode+0x80/0x118 [ 51.299038][ T4247] generic_fh_to_dentry+0x9c/0x104 [ 51.299048][ T4247] f2fs_fh_to_dentry+0x44/0x58 [ 51.299056][ T4247] exportfs_decode_fh_raw+0x10c/0x49c [ 51.299065][ T4247] exportfs_decode_fh+0x50/0x80 [ 51.299073][ T4247] do_handle_open+0x514/0x8e8 [ 51.299083][ T4247] __arm64_sys_open_by_handle_at+0x80/0x94 [ 51.299092][ T4247] invoke_syscall+0x98/0x2b8 [ 51.299103][ T4247] el0_svc_common+0x138/0x258 [ 51.299112][ T4247] do_el0_svc+0x58/0x14c [ 51.327692][ T4247] el0_svc+0x78/0x1e0 [ 51.328818][ T4247] el0t_64_sync_handler+0xcc/0xe4 [ 51.330179][ T4247] el0t_64_sync+0x1a0/0x1a4 [ 51.331483][ T4245] CPU: 1 PID: 4245 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 51.333744][ T4239] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 51.334405][ T4245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 51.339320][ T4245] Call trace: [ 51.340232][ T4245] dump_backtrace+0x0/0x43c [ 51.341499][ T4245] show_stack+0x2c/0x3c [ 51.342665][ T4245] __dump_stack+0x30/0x40 [ 51.343855][ T4245] dump_stack_lvl+0xf8/0x160 [ 51.345221][ T4245] dump_stack+0x1c/0x5c [ 51.346389][ T4245] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 51.347861][ T4245] f2fs_iget+0x1a74/0x5170 [ 51.349189][ T4245] f2fs_nfs_get_inode+0x80/0x118 [ 51.350588][ T4245] generic_fh_to_dentry+0x9c/0x104 [ 51.352027][ T4245] f2fs_fh_to_dentry+0x44/0x58 [ 51.353366][ T4245] exportfs_decode_fh_raw+0x10c/0x49c [ 51.354850][ T4245] exportfs_decode_fh+0x50/0x80 [ 51.356225][ T4245] do_handle_open+0x514/0x8e8 [ 51.357590][ T4245] __arm64_sys_open_by_handle_at+0x80/0x94 [ 51.359221][ T4245] invoke_syscall+0x98/0x2b8 [ 51.360445][ T4245] el0_svc_common+0x138/0x258 [ 51.361758][ T4245] do_el0_svc+0x58/0x14c [ 51.362943][ T4245] el0_svc+0x78/0x1e0 [ 51.364059][ T4245] el0t_64_sync_handler+0xcc/0xe4 [ 51.365548][ T4245] el0t_64_sync+0x1a0/0x1a4 [ 51.371211][ T4239] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 51.372903][ T4245] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 51.377292][ T4239] CPU: 0 PID: 4239 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 51.377493][ T4247] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 51.380149][ T4239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 51.380162][ T4239] Call trace: [ 51.380165][ T4239] dump_backtrace+0x0/0x43c [ 51.388227][ T4239] show_stack+0x2c/0x3c [ 51.389405][ T4239] __dump_stack+0x30/0x40 [ 51.390601][ T4239] dump_stack_lvl+0xf8/0x160 [ 51.391953][ T4239] dump_stack+0x1c/0x5c [ 51.393146][ T4239] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 51.394700][ T4239] f2fs_iget+0x1a74/0x5170 [ 51.395937][ T4239] f2fs_nfs_get_inode+0x80/0x118 [ 51.397499][ T4239] generic_fh_to_dentry+0x9c/0x104 [ 51.398909][ T4239] f2fs_fh_to_dentry+0x44/0x58 [ 51.400257][ T4239] exportfs_decode_fh_raw+0x10c/0x49c [ 51.401712][ T4239] exportfs_decode_fh+0x50/0x80 [ 51.403097][ T4239] do_handle_open+0x514/0x8e8 [ 51.404408][ T4239] __arm64_sys_open_by_handle_at+0x80/0x94 [ 51.406103][ T4239] invoke_syscall+0x98/0x2b8 [ 51.407414][ T4239] el0_svc_common+0x138/0x258 [ 51.408733][ T4239] do_el0_svc+0x58/0x14c [ 51.409908][ T4239] el0_svc+0x78/0x1e0 [ 51.411119][ T4239] el0t_64_sync_handler+0xcc/0xe4 [ 51.412576][ T4239] el0t_64_sync+0x1a0/0x1a4 [ 51.415917][ T4271] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 51.423639][ T4271] CPU: 1 PID: 4271 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 51.426620][ T4271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 51.429486][ T4271] Call trace: [ 51.430393][ T4271] dump_backtrace+0x0/0x43c [ 51.431663][ T4271] show_stack+0x2c/0x3c [ 51.433007][ T4271] __dump_stack+0x30/0x40 [ 51.434263][ T4271] dump_stack_lvl+0xf8/0x160 [ 51.435516][ T4271] dump_stack+0x1c/0x5c [ 51.436650][ T4271] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 51.436784][ T4239] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 51.438121][ T4271] f2fs_iget+0x1a74/0x5170 [ 51.438146][ T4271] f2fs_nfs_get_inode+0x80/0x118 [ 51.438156][ T4271] generic_fh_to_dentry+0x9c/0x104 [ 51.438166][ T4271] f2fs_fh_to_dentry+0x44/0x58 [ 51.438174][ T4271] exportfs_decode_fh_raw+0x10c/0x49c [ 51.438185][ T4271] exportfs_decode_fh+0x50/0x80 [ 51.438193][ T4271] do_handle_open+0x514/0x8e8 [ 51.438204][ T4271] __arm64_sys_open_by_handle_at+0x80/0x94 [ 51.453001][ T4271] invoke_syscall+0x98/0x2b8 [ 51.454310][ T4271] el0_svc_common+0x138/0x258 [ 51.455692][ T4271] do_el0_svc+0x58/0x14c [ 51.456909][ T4271] el0_svc+0x78/0x1e0 [ 51.458081][ T4271] el0t_64_sync_handler+0xcc/0xe4 [ 51.460817][ T4271] el0t_64_sync+0x1a0/0x1a4 [ 51.461583][ T4272] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 51.464443][ T4272] CPU: 0 PID: 4272 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 51.467290][ T4272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 51.470077][ T4272] Call trace: [ 51.470990][ T4272] dump_backtrace+0x0/0x43c [ 51.472338][ T4272] show_stack+0x2c/0x3c [ 51.473442][ T4272] __dump_stack+0x30/0x40 [ 51.474645][ T4272] dump_stack_lvl+0xf8/0x160 [ 51.475989][ T4272] dump_stack+0x1c/0x5c [ 51.477184][ T4272] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 51.478705][ T4272] f2fs_iget+0x1a74/0x5170 [ 51.479929][ T4272] f2fs_nfs_get_inode+0x80/0x118 [ 51.481305][ T4272] generic_fh_to_dentry+0x9c/0x104 [ 51.482826][ T4272] f2fs_fh_to_dentry+0x44/0x58 [ 51.484164][ T4272] exportfs_decode_fh_raw+0x10c/0x49c [ 51.485668][ T4272] exportfs_decode_fh+0x50/0x80 [ 51.487066][ T4272] do_handle_open+0x514/0x8e8 [ 51.488394][ T4272] __arm64_sys_open_by_handle_at+0x80/0x94 [ 51.490010][ T4272] invoke_syscall+0x98/0x2b8 [ 51.491360][ T4272] el0_svc_common+0x138/0x258 [ 51.492655][ T4272] do_el0_svc+0x58/0x14c [ 51.493874][ T4272] el0_svc+0x78/0x1e0 [ 51.494996][ T4272] el0t_64_sync_handler+0xcc/0xe4 [ 51.495765][ T4271] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix executing program [ 51.496468][ T4272] el0t_64_sync+0x1a0/0x1a4 [ 51.502765][ T4272] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 51.675329][ T4274] loop0: detected capacity change from 0 to 40427 [ 51.709269][ T4274] F2FS-fs (loop0): Found nat_bits in checkpoint [ 51.727599][ T4274] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 51.783103][ T4274] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 51.785374][ T4274] CPU: 0 PID: 4274 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 51.788245][ T4274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 51.791062][ T4274] Call trace: [ 51.792111][ T4274] dump_backtrace+0x0/0x43c [ 51.793513][ T4274] show_stack+0x2c/0x3c [ 51.794686][ T4274] __dump_stack+0x30/0x40 [ 51.795921][ T4274] dump_stack_lvl+0xf8/0x160 [ 51.797250][ T4274] dump_stack+0x1c/0x5c [ 51.798406][ T4274] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 51.799873][ T4274] f2fs_iget+0x1a74/0x5170 [ 51.801164][ T4274] f2fs_nfs_get_inode+0x80/0x118 [ 51.802519][ T4274] generic_fh_to_dentry+0x9c/0x104 [ 51.803926][ T4274] f2fs_fh_to_dentry+0x44/0x58 [ 51.805269][ T4274] exportfs_decode_fh_raw+0x10c/0x49c [ 51.806696][ T4274] exportfs_decode_fh+0x50/0x80 [ 51.808043][ T4274] do_handle_open+0x514/0x8e8 [ 51.809376][ T4274] __arm64_sys_open_by_handle_at+0x80/0x94 [ 51.810972][ T4274] invoke_syscall+0x98/0x2b8 [ 51.812277][ T4274] el0_svc_common+0x138/0x258 [ 51.813646][ T4274] do_el0_svc+0x58/0x14c [ 51.814873][ T4274] el0_svc+0x78/0x1e0 [ 51.815957][ T4274] el0t_64_sync_handler+0xcc/0xe4 executing program executing program executing program [ 51.817439][ T4274] el0t_64_sync+0x1a0/0x1a4 executing program [ 51.887105][ T4274] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 51.890334][ T4289] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 51.892591][ T4289] CPU: 1 PID: 4289 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 51.895285][ T4289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 51.898184][ T4289] Call trace: [ 51.899075][ T4289] dump_backtrace+0x0/0x43c [ 51.900377][ T4289] show_stack+0x2c/0x3c [ 51.901507][ T4289] __dump_stack+0x30/0x40 [ 51.902683][ T4289] dump_stack_lvl+0xf8/0x160 [ 51.903973][ T4289] dump_stack+0x1c/0x5c [ 51.905097][ T4289] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 51.906619][ T4289] f2fs_iget+0x1a74/0x5170 [ 51.907811][ T4289] f2fs_nfs_get_inode+0x80/0x118 [ 51.909354][ T4289] generic_fh_to_dentry+0x9c/0x104 [ 51.910752][ T4289] f2fs_fh_to_dentry+0x44/0x58 [ 51.912078][ T4289] exportfs_decode_fh_raw+0x10c/0x49c [ 51.913670][ T4289] exportfs_decode_fh+0x50/0x80 [ 51.915138][ T4289] do_handle_open+0x514/0x8e8 [ 51.916479][ T4289] __arm64_sys_open_by_handle_at+0x80/0x94 [ 51.918073][ T4289] invoke_syscall+0x98/0x2b8 [ 51.919373][ T4289] el0_svc_common+0x138/0x258 [ 51.920887][ T4289] do_el0_svc+0x58/0x14c [ 51.922113][ T4289] el0_svc+0x78/0x1e0 [ 51.923214][ T4289] el0t_64_sync_handler+0xcc/0xe4 [ 51.924701][ T4289] el0t_64_sync+0x1a0/0x1a4 [ 51.960156][ T4289] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 51.968095][ T4289] ================================================================== [ 51.970561][ T4289] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 51.973021][ T4289] [ 51.973690][ T4289] CPU: 1 PID: 4289 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 51.976624][ T4289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 51.979582][ T4289] Call trace: [ 51.980484][ T4289] dump_backtrace+0x0/0x43c [ 51.981863][ T4289] show_stack+0x2c/0x3c [ 51.983043][ T4289] __dump_stack+0x30/0x40 [ 51.984296][ T4289] dump_stack_lvl+0xf8/0x160 [ 51.985580][ T4289] print_address_description+0x78/0x30c [ 51.987182][ T4289] kasan_report_invalid_free+0x4c/0x7c [ 51.988838][ T4289] ____kasan_slab_free+0x134/0x164 [ 51.990282][ T4289] __kasan_slab_free+0x18/0x28 [ 51.991605][ T4289] slab_free_freelist_hook+0x128/0x1e8 [ 51.993095][ T4289] kmem_cache_free+0xdc/0x3b4 [ 51.994541][ T4289] f2fs_destroy_extent_tree+0x2d0/0x688 [ 51.996077][ T4289] f2fs_evict_inode+0x32c/0x1520 [ 51.997581][ T4289] evict+0x3c8/0x810 [ 51.998690][ T4289] iput+0x6c4/0x77c [ 51.999742][ T4289] iget_failed+0x148/0x194 [ 52.001083][ T4289] f2fs_iget+0x58c/0x5170 [ 52.002322][ T4289] f2fs_nfs_get_inode+0x80/0x118 [ 52.003668][ T4289] generic_fh_to_dentry+0x9c/0x104 [ 52.005093][ T4289] f2fs_fh_to_dentry+0x44/0x58 [ 52.006496][ T4289] exportfs_decode_fh_raw+0x10c/0x49c [ 52.008074][ T4289] exportfs_decode_fh+0x50/0x80 [ 52.009509][ T4289] do_handle_open+0x514/0x8e8 [ 52.010790][ T4289] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.012504][ T4289] invoke_syscall+0x98/0x2b8 [ 52.013814][ T4289] el0_svc_common+0x138/0x258 [ 52.015219][ T4289] do_el0_svc+0x58/0x14c [ 52.017002][ T4289] el0_svc+0x78/0x1e0 [ 52.018259][ T4289] el0t_64_sync_handler+0xcc/0xe4 [ 52.019623][ T4289] el0t_64_sync+0x1a0/0x1a4 [ 52.020872][ T4289] [ 52.021552][ T4289] Allocated by task 4274: [ 52.022770][ T4289] __kasan_slab_alloc+0x8c/0xcc [ 52.024231][ T4289] slab_post_alloc_hook+0x74/0x408 [ 52.025686][ T4289] kmem_cache_alloc+0x1e0/0x3e4 [ 52.027046][ T4289] f2fs_init_extent_tree+0x43c/0xaac [ 52.028497][ T4289] f2fs_iget+0x10c4/0x5170 [ 52.029661][ T4289] f2fs_nfs_get_inode+0x80/0x118 [ 52.031113][ T4289] generic_fh_to_dentry+0x9c/0x104 [ 52.032603][ T4289] f2fs_fh_to_dentry+0x44/0x58 [ 52.033921][ T4289] exportfs_decode_fh_raw+0x10c/0x49c [ 52.035435][ T4289] exportfs_decode_fh+0x50/0x80 [ 52.036768][ T4289] do_handle_open+0x514/0x8e8 [ 52.038042][ T4289] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.039648][ T4289] invoke_syscall+0x98/0x2b8 [ 52.041008][ T4289] el0_svc_common+0x138/0x258 [ 52.042424][ T4289] do_el0_svc+0x58/0x14c [ 52.043627][ T4289] el0_svc+0x78/0x1e0 [ 52.044718][ T4289] el0t_64_sync_handler+0xcc/0xe4 [ 52.046138][ T4289] el0t_64_sync+0x1a0/0x1a4 [ 52.047423][ T4289] [ 52.048036][ T4289] Freed by task 4274: [ 52.049206][ T4289] kasan_set_track+0x4c/0x84 [ 52.050461][ T4289] kasan_set_free_info+0x28/0x4c [ 52.051928][ T4289] ____kasan_slab_free+0x118/0x164 [ 52.053335][ T4289] __kasan_slab_free+0x18/0x28 [ 52.054632][ T4289] slab_free_freelist_hook+0x128/0x1e8 [ 52.056215][ T4289] kmem_cache_free+0xdc/0x3b4 [ 52.057481][ T4289] f2fs_destroy_extent_tree+0x2d0/0x688 [ 52.059045][ T4289] f2fs_evict_inode+0x32c/0x1520 [ 52.060532][ T4289] evict+0x3c8/0x810 [ 52.061643][ T4289] iput+0x6c4/0x77c [ 52.062709][ T4289] iget_failed+0x148/0x194 [ 52.063947][ T4289] f2fs_iget+0x58c/0x5170 [ 52.065161][ T4289] f2fs_nfs_get_inode+0x80/0x118 [ 52.066524][ T4289] generic_fh_to_dentry+0x9c/0x104 [ 52.067953][ T4289] f2fs_fh_to_dentry+0x44/0x58 [ 52.069297][ T4289] exportfs_decode_fh_raw+0x10c/0x49c [ 52.070979][ T4289] exportfs_decode_fh+0x50/0x80 [ 52.073379][ T4289] do_handle_open+0x514/0x8e8 [ 52.074719][ T4289] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.076384][ T4289] invoke_syscall+0x98/0x2b8 [ 52.077665][ T4289] el0_svc_common+0x138/0x258 [ 52.078945][ T4289] do_el0_svc+0x58/0x14c [ 52.080107][ T4289] el0_svc+0x78/0x1e0 [ 52.081227][ T4289] el0t_64_sync_handler+0xcc/0xe4 [ 52.082586][ T4289] el0t_64_sync+0x1a0/0x1a4 [ 52.083823][ T4289] [ 52.084477][ T4289] The buggy address belongs to the object at ffff0000c04ad640 [ 52.084477][ T4289] which belongs to the cache f2fs_extent_tree of size 136 [ 52.088650][ T4289] The buggy address is located 0 bytes inside of [ 52.088650][ T4289] 136-byte region [ffff0000c04ad640, ffff0000c04ad6c8) [ 52.092317][ T4289] The buggy address belongs to the page: [ 52.093873][ T4289] page:00000000686e41bb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1004ad [ 52.096844][ T4289] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 52.099054][ T4289] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 52.101643][ T4289] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 52.104016][ T4289] page dumped because: kasan: bad access detected [ 52.105953][ T4289] [ 52.106629][ T4289] Memory state around the buggy address: [ 52.108185][ T4289] ffff0000c04ad500: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fa [ 52.110414][ T4289] ffff0000c04ad580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 52.112739][ T4289] >ffff0000c04ad600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 52.115008][ T4289] ^ [ 52.116937][ T4289] ffff0000c04ad680: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 52.119402][ T4289] ffff0000c04ad700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 52.121624][ T4289] ================================================================== [ 52.203540][ T4285] loop3: detected capacity change from 0 to 40427 [ 52.263395][ T4286] loop2: detected capacity change from 0 to 40427 [ 52.274376][ T4288] loop4: detected capacity change from 0 to 40427 [ 52.284201][ T4287] loop1: detected capacity change from 0 to 40427 [ 52.294013][ T4285] F2FS-fs (loop3): Found nat_bits in checkpoint [ 52.309020][ T4285] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 52.312843][ T4285] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 52.313568][ T4288] F2FS-fs (loop4): Found nat_bits in checkpoint [ 52.314901][ T4285] CPU: 0 PID: 4285 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 52.319384][ T4285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 52.322198][ T4285] Call trace: [ 52.323139][ T4285] dump_backtrace+0x0/0x43c [ 52.324396][ T4285] show_stack+0x2c/0x3c [ 52.325551][ T4285] __dump_stack+0x30/0x40 [ 52.326731][ T4285] dump_stack_lvl+0xf8/0x160 [ 52.327998][ T4285] dump_stack+0x1c/0x5c [ 52.329208][ T4285] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 52.330646][ T4285] f2fs_iget+0x1a74/0x5170 [ 52.331940][ T4285] f2fs_nfs_get_inode+0x80/0x118 [ 52.333333][ T4285] generic_fh_to_dentry+0x9c/0x104 [ 52.333719][ T4288] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 52.334749][ T4285] f2fs_fh_to_dentry+0x44/0x58 [ 52.338236][ T4285] exportfs_decode_fh_raw+0x10c/0x49c [ 52.339708][ T4285] exportfs_decode_fh+0x50/0x80 [ 52.341087][ T4285] do_handle_open+0x514/0x8e8 [ 52.342409][ T4285] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.344008][ T4285] invoke_syscall+0x98/0x2b8 [ 52.345384][ T4285] el0_svc_common+0x138/0x258 [ 52.346751][ T4285] do_el0_svc+0x58/0x14c [ 52.347971][ T4285] el0_svc+0x78/0x1e0 [ 52.349091][ T4285] el0t_64_sync_handler+0xcc/0xe4 [ 52.350476][ T4285] el0t_64_sync+0x1a0/0x1a4 executing program [ 52.354348][ T4285] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 52.367661][ T4285] F2FS-fs (loop3): Inconsistent error blkaddr:5634, sit bitmap:0 [ 52.368665][ T4288] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 52.369992][ T4285] CPU: 0 PID: 4285 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 52.374884][ T4285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 52.377652][ T4285] Call trace: [ 52.378588][ T4285] dump_backtrace+0x0/0x43c [ 52.379881][ T4285] show_stack+0x2c/0x3c [ 52.381133][ T4285] __dump_stack+0x30/0x40 [ 52.382391][ T4285] dump_stack_lvl+0xf8/0x160 [ 52.383707][ T4285] dump_stack+0x1c/0x5c [ 52.384896][ T4285] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 52.386427][ T4285] f2fs_iget+0x1a74/0x5170 [ 52.387708][ T4285] f2fs_nfs_get_inode+0x80/0x118 [ 52.389139][ T4285] generic_fh_to_dentry+0x9c/0x104 [ 52.390551][ T4285] f2fs_fh_to_dentry+0x44/0x58 [ 52.391906][ T4285] exportfs_decode_fh_raw+0x10c/0x49c [ 52.393405][ T4285] exportfs_decode_fh+0x50/0x80 [ 52.395611][ T4285] do_handle_open+0x514/0x8e8 [ 52.397267][ T4285] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.398970][ T4285] invoke_syscall+0x98/0x2b8 [ 52.400349][ T4285] el0_svc_common+0x138/0x258 [ 52.401622][ T4285] do_el0_svc+0x58/0x14c [ 52.402843][ T4285] el0_svc+0x78/0x1e0 [ 52.403954][ T4285] el0t_64_sync_handler+0xcc/0xe4 [ 52.405420][ T4285] el0t_64_sync+0x1a0/0x1a4 [ 52.428147][ T4288] CPU: 1 PID: 4288 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 52.431047][ T4288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 52.433825][ T4288] Call trace: [ 52.434745][ T4288] dump_backtrace+0x0/0x43c [ 52.435973][ T4288] show_stack+0x2c/0x3c [ 52.437250][ T4288] __dump_stack+0x30/0x40 [ 52.438555][ T4288] dump_stack_lvl+0xf8/0x160 [ 52.439847][ T4288] dump_stack+0x1c/0x5c [ 52.441000][ T4288] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 52.442567][ T4288] f2fs_iget+0x1a74/0x5170 [ 52.443801][ T4288] f2fs_nfs_get_inode+0x80/0x118 [ 52.445395][ T4288] generic_fh_to_dentry+0x9c/0x104 [ 52.446827][ T4288] f2fs_fh_to_dentry+0x44/0x58 [ 52.447214][ T4285] F2FS-fs (loop3): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 52.448165][ T4288] exportfs_decode_fh_raw+0x10c/0x49c [ 52.452939][ T4288] exportfs_decode_fh+0x50/0x80 [ 52.454291][ T4288] do_handle_open+0x514/0x8e8 [ 52.455575][ T4288] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.457199][ T4288] invoke_syscall+0x98/0x2b8 [ 52.458449][ T4288] el0_svc_common+0x138/0x258 [ 52.459788][ T4288] do_el0_svc+0x58/0x14c [ 52.461107][ T4288] el0_svc+0x78/0x1e0 [ 52.462210][ T4288] el0t_64_sync_handler+0xcc/0xe4 [ 52.463610][ T4288] el0t_64_sync+0x1a0/0x1a4 [ 52.520402][ T4288] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 52.525440][ T4287] F2FS-fs (loop1): Found nat_bits in checkpoint [ 52.527503][ T4301] F2FS-fs (loop4): Inconsistent error blkaddr:5634, sit bitmap:0 [ 52.542920][ T4301] CPU: 0 PID: 4301 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 52.545919][ T4301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 52.548932][ T4301] Call trace: [ 52.549885][ T4301] dump_backtrace+0x0/0x43c [ 52.551157][ T4301] show_stack+0x2c/0x3c [ 52.552337][ T4301] __dump_stack+0x30/0x40 [ 52.553602][ T4301] dump_stack_lvl+0xf8/0x160 [ 52.554897][ T4301] dump_stack+0x1c/0x5c [ 52.556098][ T4301] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 52.557579][ T4301] f2fs_iget+0x1a74/0x5170 [ 52.558989][ T4301] f2fs_nfs_get_inode+0x80/0x118 [ 52.560357][ T4301] generic_fh_to_dentry+0x9c/0x104 [ 52.561769][ T4301] f2fs_fh_to_dentry+0x44/0x58 [ 52.563093][ T4301] exportfs_decode_fh_raw+0x10c/0x49c [ 52.564643][ T4301] exportfs_decode_fh+0x50/0x80 [ 52.566055][ T4301] do_handle_open+0x514/0x8e8 [ 52.567248][ T4301] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.568713][ T4301] invoke_syscall+0x98/0x2b8 [ 52.569882][ T4301] el0_svc_common+0x138/0x258 [ 52.571209][ T4301] do_el0_svc+0x58/0x14c [ 52.572512][ T4301] el0_svc+0x78/0x1e0 [ 52.573611][ T4301] el0t_64_sync_handler+0xcc/0xe4 [ 52.574954][ T4301] el0t_64_sync+0x1a0/0x1a4 [ 52.595321][ T4287] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 52.610853][ T4286] F2FS-fs (loop2): Found nat_bits in checkpoint [ 52.625297][ T4287] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 52.628082][ T4287] CPU: 0 PID: 4287 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 52.631091][ T4287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 52.633571][ T4300] loop0: detected capacity change from 0 to 40427 [ 52.635148][ T4287] Call trace: [ 52.635155][ T4287] dump_backtrace+0x0/0x43c [ 52.639191][ T4287] show_stack+0x2c/0x3c [ 52.640295][ T4287] __dump_stack+0x30/0x40 [ 52.641449][ T4301] F2FS-fs (loop4): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 52.641564][ T4287] dump_stack_lvl+0xf8/0x160 [ 52.646145][ T4287] dump_stack+0x1c/0x5c [ 52.647332][ T4287] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 52.648845][ T4287] f2fs_iget+0x1a74/0x5170 [ 52.650139][ T4287] f2fs_nfs_get_inode+0x80/0x118 [ 52.651651][ T4287] generic_fh_to_dentry+0x9c/0x104 [ 52.653557][ T4287] f2fs_fh_to_dentry+0x44/0x58 [ 52.654922][ T4287] exportfs_decode_fh_raw+0x10c/0x49c [ 52.656441][ T4287] exportfs_decode_fh+0x50/0x80 [ 52.657854][ T4287] do_handle_open+0x514/0x8e8 [ 52.659136][ T4287] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.660874][ T4287] invoke_syscall+0x98/0x2b8 [ 52.662188][ T4287] el0_svc_common+0x138/0x258 [ 52.663586][ T4287] do_el0_svc+0x58/0x14c [ 52.664841][ T4287] el0_svc+0x78/0x1e0 [ 52.666026][ T4287] el0t_64_sync_handler+0xcc/0xe4 [ 52.667454][ T4287] el0t_64_sync+0x1a0/0x1a4 [ 52.667532][ T4286] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 52.670063][ T4287] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 52.674604][ T4309] F2FS-fs (loop1): Inconsistent error blkaddr:5634, sit bitmap:0 [ 52.676715][ T4309] CPU: 0 PID: 4309 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 52.679466][ T4309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 52.680826][ T4286] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 52.682349][ T4309] Call trace: [ 52.685571][ T4309] dump_backtrace+0x0/0x43c [ 52.686837][ T4309] show_stack+0x2c/0x3c [ 52.688047][ T4309] __dump_stack+0x30/0x40 [ 52.689279][ T4309] dump_stack_lvl+0xf8/0x160 [ 52.690628][ T4309] dump_stack+0x1c/0x5c [ 52.691794][ T4309] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 52.693262][ T4309] f2fs_iget+0x1a74/0x5170 [ 52.694524][ T4309] f2fs_nfs_get_inode+0x80/0x118 [ 52.695970][ T4309] generic_fh_to_dentry+0x9c/0x104 [ 52.697416][ T4309] f2fs_fh_to_dentry+0x44/0x58 [ 52.698868][ T4309] exportfs_decode_fh_raw+0x10c/0x49c [ 52.700362][ T4309] exportfs_decode_fh+0x50/0x80 [ 52.701733][ T4309] do_handle_open+0x514/0x8e8 [ 52.703118][ T4309] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.704786][ T4309] invoke_syscall+0x98/0x2b8 [ 52.706137][ T4309] el0_svc_common+0x138/0x258 [ 52.707429][ T4309] do_el0_svc+0x58/0x14c [ 52.708604][ T4309] el0_svc+0x78/0x1e0 [ 52.709857][ T4309] el0t_64_sync_handler+0xcc/0xe4 [ 52.711277][ T4309] el0t_64_sync+0x1a0/0x1a4 [ 52.713212][ T4309] F2FS-fs (loop1): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 52.716472][ T4309] ================================================================== [ 52.718709][ T4309] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 52.721154][ T4309] [ 52.721654][ T4300] F2FS-fs (loop0): Found nat_bits in checkpoint [ 52.721807][ T4309] CPU: 0 PID: 4309 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 52.726418][ T4309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 52.729357][ T4309] Call trace: [ 52.730228][ T4309] dump_backtrace+0x0/0x43c [ 52.731555][ T4309] show_stack+0x2c/0x3c [ 52.732752][ T4309] __dump_stack+0x30/0x40 [ 52.733980][ T4309] dump_stack_lvl+0xf8/0x160 [ 52.735309][ T4309] print_address_description+0x78/0x30c [ 52.736978][ T4309] kasan_report_invalid_free+0x4c/0x7c [ 52.738551][ T4309] ____kasan_slab_free+0x134/0x164 [ 52.740438][ T4309] __kasan_slab_free+0x18/0x28 [ 52.742713][ T4309] slab_free_freelist_hook+0x128/0x1e8 [ 52.744391][ T4309] kmem_cache_free+0xdc/0x3b4 [ 52.745676][ T4309] f2fs_destroy_extent_tree+0x2d0/0x688 [ 52.747242][ T4309] f2fs_evict_inode+0x32c/0x1520 [ 52.748658][ T4309] evict+0x3c8/0x810 [ 52.749722][ T4309] iput+0x6c4/0x77c [ 52.750762][ T4309] iget_failed+0x148/0x194 [ 52.751996][ T4309] f2fs_iget+0x58c/0x5170 [ 52.753237][ T4309] f2fs_nfs_get_inode+0x80/0x118 [ 52.754762][ T4309] generic_fh_to_dentry+0x9c/0x104 [ 52.756334][ T4309] f2fs_fh_to_dentry+0x44/0x58 [ 52.757742][ T4309] exportfs_decode_fh_raw+0x10c/0x49c [ 52.759325][ T4309] exportfs_decode_fh+0x50/0x80 [ 52.760755][ T4309] do_handle_open+0x514/0x8e8 [ 52.762168][ T4309] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.763826][ T4309] invoke_syscall+0x98/0x2b8 [ 52.765243][ T4309] el0_svc_common+0x138/0x258 [ 52.766692][ T4309] do_el0_svc+0x58/0x14c [ 52.767877][ T4309] el0_svc+0x78/0x1e0 [ 52.769101][ T4309] el0t_64_sync_handler+0xcc/0xe4 [ 52.770515][ T4309] el0t_64_sync+0x1a0/0x1a4 [ 52.771758][ T4309] [ 52.771946][ T4286] CPU: 1 PID: 4286 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 52.772432][ T4309] Allocated by task 4287: [ 52.775378][ T4286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 52.776643][ T4309] __kasan_slab_alloc+0x8c/0xcc [ 52.779530][ T4286] Call trace: [ 52.780934][ T4309] slab_post_alloc_hook+0x74/0x408 [ 52.781938][ T4286] dump_backtrace+0x0/0x43c [ 52.783471][ T4309] kmem_cache_alloc+0x1e0/0x3e4 [ 52.784767][ T4286] show_stack+0x2c/0x3c [ 52.786166][ T4309] f2fs_init_extent_tree+0x43c/0xaac [ 52.787307][ T4286] __dump_stack+0x30/0x40 [ 52.788797][ T4309] f2fs_iget+0x10c4/0x5170 [ 52.789985][ T4286] dump_stack_lvl+0xf8/0x160 [ 52.791262][ T4309] f2fs_nfs_get_inode+0x80/0x118 [ 52.792559][ T4286] dump_stack+0x1c/0x5c [ 52.793989][ T4309] generic_fh_to_dentry+0x9c/0x104 [ 52.795236][ T4286] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 52.796797][ T4309] f2fs_fh_to_dentry+0x44/0x58 [ 52.798270][ T4286] f2fs_iget+0x1a74/0x5170 [ 52.799565][ T4309] exportfs_decode_fh_raw+0x10c/0x49c [ 52.800795][ T4286] f2fs_nfs_get_inode+0x80/0x118 [ 52.802381][ T4309] exportfs_decode_fh+0x50/0x80 [ 52.803767][ T4286] generic_fh_to_dentry+0x9c/0x104 [ 52.805205][ T4309] do_handle_open+0x514/0x8e8 [ 52.806699][ T4286] f2fs_fh_to_dentry+0x44/0x58 [ 52.807985][ T4309] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.809404][ T4286] exportfs_decode_fh_raw+0x10c/0x49c [ 52.811011][ T4309] invoke_syscall+0x98/0x2b8 [ 52.812502][ T4286] exportfs_decode_fh+0x50/0x80 [ 52.813801][ T4309] el0_svc_common+0x138/0x258 [ 52.815225][ T4286] do_handle_open+0x514/0x8e8 [ 52.816589][ T4309] do_el0_svc+0x58/0x14c [ 52.817952][ T4286] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.820234][ T4309] el0_svc+0x78/0x1e0 [ 52.821950][ T4286] invoke_syscall+0x98/0x2b8 [ 52.823062][ T4309] el0t_64_sync_handler+0xcc/0xe4 [ 52.824304][ T4286] el0_svc_common+0x138/0x258 [ 52.825745][ T4309] el0t_64_sync+0x1a0/0x1a4 [ 52.827017][ T4286] do_el0_svc+0x58/0x14c [ 52.828224][ T4309] [ 52.829371][ T4286] el0_svc+0x78/0x1e0 [ 52.830009][ T4309] Freed by task 4287: [ 52.831070][ T4286] el0t_64_sync_handler+0xcc/0xe4 [ 52.832180][ T4309] kasan_set_track+0x4c/0x84 [ 52.833561][ T4286] el0t_64_sync+0x1a0/0x1a4 [ 52.834809][ T4309] kasan_set_free_info+0x28/0x4c [ 52.837614][ T4309] ____kasan_slab_free+0x118/0x164 [ 52.839022][ T4309] __kasan_slab_free+0x18/0x28 [ 52.840378][ T4309] slab_free_freelist_hook+0x128/0x1e8 [ 52.841625][ T4286] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 52.841989][ T4309] kmem_cache_free+0xdc/0x3b4 [ 52.845460][ T4300] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 52.846524][ T4309] f2fs_destroy_extent_tree+0x2d0/0x688 [ 52.850067][ T4309] f2fs_evict_inode+0x32c/0x1520 [ 52.851467][ T4309] evict+0x3c8/0x810 [ 52.852605][ T4309] iput+0x6c4/0x77c [ 52.853691][ T4309] iget_failed+0x148/0x194 [ 52.854937][ T4309] f2fs_iget+0x58c/0x5170 [ 52.856165][ T4309] f2fs_nfs_get_inode+0x80/0x118 [ 52.857567][ T4309] generic_fh_to_dentry+0x9c/0x104 [ 52.859012][ T4309] f2fs_fh_to_dentry+0x44/0x58 [ 52.860341][ T4309] exportfs_decode_fh_raw+0x10c/0x49c [ 52.861934][ T4309] exportfs_decode_fh+0x50/0x80 [ 52.863405][ T4309] do_handle_open+0x514/0x8e8 [ 52.864847][ T4309] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.866552][ T4309] invoke_syscall+0x98/0x2b8 [ 52.867817][ T4309] el0_svc_common+0x138/0x258 [ 52.869101][ T4309] do_el0_svc+0x58/0x14c [ 52.870259][ T4309] el0_svc+0x78/0x1e0 [ 52.871390][ T4309] el0t_64_sync_handler+0xcc/0xe4 [ 52.872920][ T4309] el0t_64_sync+0x1a0/0x1a4 [ 52.874202][ T4309] [ 52.874836][ T4309] The buggy address belongs to the object at ffff0000c04ad960 [ 52.874836][ T4309] which belongs to the cache f2fs_extent_tree of size 136 [ 52.877870][ T4300] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 52.878948][ T4309] The buggy address is located 0 bytes inside of [ 52.878948][ T4309] 136-byte region [ffff0000c04ad960, ffff0000c04ad9e8) [ 52.878966][ T4309] The buggy address belongs to the page: [ 52.878973][ T4309] page:00000000686e41bb refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1004ad [ 52.878986][ T4309] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 52.881461][ T4300] CPU: 1 PID: 4300 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 52.884948][ T4309] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 52.886659][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 52.889576][ T4309] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 52.891828][ T4300] Call trace: [ 52.894636][ T4309] page dumped because: kasan: bad access detected [ 52.897046][ T4300] dump_backtrace+0x0/0x43c [ 52.899808][ T4309] [ 52.902194][ T4300] show_stack+0x2c/0x3c [ 52.903106][ T4309] Memory state around the buggy address: [ 52.904951][ T4300] __dump_stack+0x30/0x40 [ 52.906228][ T4309] ffff0000c04ad800: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 52.906834][ T4300] dump_stack_lvl+0xf8/0x160 [ 52.908016][ T4309] ffff0000c04ad880: fc fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb [ 52.909586][ T4300] dump_stack+0x1c/0x5c [ 52.910772][ T4309] >ffff0000c04ad900: fb fb fb fb fc fc fc fc fc fc fc fc fa fb fb fb [ 52.913016][ T4300] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 52.914243][ T4309] ^ [ 52.917926][ T4300] f2fs_iget+0x1a74/0x5170 [ 52.919084][ T4309] ffff0000c04ad980: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc [ 52.921386][ T4300] f2fs_nfs_get_inode+0x80/0x118 [ 52.922829][ T4309] ffff0000c04ada00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 52.924893][ T4300] generic_fh_to_dentry+0x9c/0x104 [ 52.926133][ T4309] ================================================================== [ 52.928371][ T4300] f2fs_fh_to_dentry+0x44/0x58 [ 52.931812][ T4314] F2FS-fs (loop2): Inconsistent error blkaddr:5634, sit bitmap:0 [ 52.932025][ T4300] exportfs_decode_fh_raw+0x10c/0x49c [ 52.941139][ T4300] exportfs_decode_fh+0x50/0x80 [ 52.942545][ T4300] do_handle_open+0x514/0x8e8 [ 52.944054][ T4300] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.945759][ T4300] invoke_syscall+0x98/0x2b8 [ 52.947077][ T4300] el0_svc_common+0x138/0x258 [ 52.948552][ T4300] do_el0_svc+0x58/0x14c [ 52.949988][ T4300] el0_svc+0x78/0x1e0 [ 52.951167][ T4300] el0t_64_sync_handler+0xcc/0xe4 [ 52.952593][ T4300] el0t_64_sync+0x1a0/0x1a4 [ 52.954006][ T4314] CPU: 0 PID: 4314 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 52.957027][ T4314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 52.959925][ T4314] Call trace: [ 52.960836][ T4314] dump_backtrace+0x0/0x43c [ 52.962143][ T4314] show_stack+0x2c/0x3c [ 52.963373][ T4314] __dump_stack+0x30/0x40 [ 52.964579][ T4314] dump_stack_lvl+0xf8/0x160 [ 52.965871][ T4314] dump_stack+0x1c/0x5c [ 52.967046][ T4314] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 52.968546][ T4314] f2fs_iget+0x1a74/0x5170 [ 52.969822][ T4314] f2fs_nfs_get_inode+0x80/0x118 [ 52.971217][ T4314] generic_fh_to_dentry+0x9c/0x104 [ 52.972670][ T4314] f2fs_fh_to_dentry+0x44/0x58 [ 52.974051][ T4314] exportfs_decode_fh_raw+0x10c/0x49c [ 52.975655][ T4314] exportfs_decode_fh+0x50/0x80 [ 52.977093][ T4314] do_handle_open+0x514/0x8e8 [ 52.978444][ T4314] __arm64_sys_open_by_handle_at+0x80/0x94 [ 52.980109][ T4314] invoke_syscall+0x98/0x2b8 [ 52.981566][ T4314] el0_svc_common+0x138/0x258 [ 52.983015][ T4314] do_el0_svc+0x58/0x14c [ 52.984208][ T4314] el0_svc+0x78/0x1e0 [ 52.985291][ T4314] el0t_64_sync_handler+0xcc/0xe4 [ 52.986757][ T4314] el0t_64_sync+0x1a0/0x1a4 [ 52.990425][ T4314] F2FS-fs (loop2): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 53.003178][ T4300] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 53.006647][ T4316] F2FS-fs (loop0): Inconsistent error blkaddr:5634, sit bitmap:0 [ 53.011762][ T4316] CPU: 0 PID: 4316 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 53.016096][ T4316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 53.019030][ T4316] Call trace: [ 53.019922][ T4316] dump_backtrace+0x0/0x43c [ 53.021207][ T4316] show_stack+0x2c/0x3c [ 53.022418][ T4316] __dump_stack+0x30/0x40 [ 53.023658][ T4316] dump_stack_lvl+0xf8/0x160 [ 53.024938][ T4316] dump_stack+0x1c/0x5c [ 53.026111][ T4316] f2fs_is_valid_blkaddr+0xa00/0xf80 [ 53.027611][ T4316] f2fs_iget+0x1a74/0x5170 [ 53.028923][ T4316] f2fs_nfs_get_inode+0x80/0x118 [ 53.030310][ T4316] generic_fh_to_dentry+0x9c/0x104 [ 53.031739][ T4316] f2fs_fh_to_dentry+0x44/0x58 [ 53.033113][ T4316] exportfs_decode_fh_raw+0x10c/0x49c [ 53.034650][ T4316] exportfs_decode_fh+0x50/0x80 [ 53.036041][ T4316] do_handle_open+0x514/0x8e8 [ 53.037469][ T4316] __arm64_sys_open_by_handle_at+0x80/0x94 [ 53.039150][ T4316] invoke_syscall+0x98/0x2b8 [ 53.040475][ T4316] el0_svc_common+0x138/0x258 [ 53.042049][ T4316] do_el0_svc+0x58/0x14c [ 53.043242][ T4316] el0_svc+0x78/0x1e0 [ 53.044334][ T4316] el0t_64_sync_handler+0xcc/0xe4 [ 53.045771][ T4316] el0t_64_sync+0x1a0/0x1a4 [ 53.061972][ T4316] F2FS-fs (loop0): sanity_check_inode: inode (ino=8) extent info [5634, 0, 3] is incorrect, run fsck to fix [ 53.065367][ T4316] ================================================================== [ 53.067611][ T4316] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0xdc/0x3b4 [ 53.070000][ T4316] [ 53.070659][ T4316] CPU: 0 PID: 4316 Comm: syz-executor216 Tainted: G B 5.15.183-syzkaller #0 [ 53.073509][ T4316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 53.076309][ T4316] Call trace: [ 53.077202][ T4316] dump_backtrace+0x0/0x43c [ 53.078490][ T4316] show_stack+0x2c/0x3c [ 53.079679][ T4316] __dump_stack+0x30/0x40 [ 53.080899][ T4316] dump_stack_lvl+0xf8/0x160 [ 53.082194][ T4316] print_address_description+0x78/0x30c [ 53.083781][ T4316] kasan_report_invalid_free+0x4c/0x7c [ 53.085297][ T4316] ____kasan_slab_free+0x134/0x164 [ 53.086699][ T4316] __kasan_slab_free+0x18/0x28 [ 53.088107][ T4316] slab_free_freelist_hook+0x128/0x1e8 [ 53.089713][ T4316] kmem_cache_free+0xdc/0x3b4 [ 53.091011][ T4316] f2fs_destroy_extent_tree+0x2d0/0x688 [ 53.092737][ T4316] f2fs_evict_inode+0x32c/0x1520 [ 53.094100][ T4316] evict+0x3c8/0x810 [ 53.095160][ T4316] iput+0x6c4/0x77c [ 53.096195][ T4316] iget_failed+0x148/0x194 [ 53.097426][ T4316] f2fs_iget+0x58c/0x5170 [ 53.099943][ T4316] f2fs_nfs_get_inode+0x80/0x118 [ 53.101423][ T4316] generic_fh_to_dentry+0x9c/0x104 [ 53.102876][ T4316] f2fs_fh_to_dentry+0x44/0x58 [ 53.104199][ T4316] exportfs_decode_fh_raw+0x10c/0x49c [ 53.105731][ T4316] exportfs_decode_fh+0x50/0x80 [ 53.107148][ T4316] do_handle_open+0x514/0x8e8 [ 53.108504][ T4316] __arm64_sys_open_by_handle_at+0x80/0x94 [ 53.110163][ T4316] invoke_syscall+0x98/0x2b8 [ 53.111501][ T4316] el0_svc_common+0x138/0x258 [ 53.112822][ T4316] do_el0_svc+0x58/0x14c [ 53.114022][ T4316] el0_svc+0x78/0x1e0 [ 53.115289][ T4316] el0t_64_sync_handler+0xcc/0xe4 [ 53.116778][ T4316] el0t_64_sync+0x1a0/0x1a4 [ 53.118256][ T4316] [ 53.118912][ T4316] Allocated by task 4300: [ 53.120276][ T4316] __kasan_slab_alloc+0x8c/0xcc [ 53.121693][ T4316] slab_post_alloc_hook+0x74/0x408 [ 53.123242][ T4316] kmem_cache_alloc+0x1e0/0x3e4 [ 53.124690][ T4316] f2fs_init_extent_tree+0x43c/0xaac [ 53.126219][ T4316] f2fs_iget+0x10c4/0x5170 [ 53.127517][ T4316] f2fs_nfs_get_inode+0x80/0x118 [ 53.128915][ T4316] generic_fh_to_dentry+0x9c/0x104 [ 53.130555][ T4316] f2fs_fh_to_dentry+0x44/0x58 [ 53.132997][ T4316] exportfs_decode_fh_raw+0x10c/0x49c [ 53.134583][ T4316] exportfs_decode_fh+0x50/0x80 [ 53.135976][ T4316] do_handle_open+0x514/0x8e8 [ 53.137322][ T4316] __arm64_sys_open_by_handle_at+0x80/0x94 [ 53.139022][ T4316] invoke_syscall+0x98/0x2b8 [ 53.140503][ T4316] el0_svc_common+0x138/0x258 [ 53.141793][ T4316] do_el0_svc+0x58/0x14c [ 53.142907][ T4316] el0_svc+0x78/0x1e0 [ 53.144097][ T4316] el0t_64_sync_handler+0xcc/0xe4 [ 53.145516][ T4316] el0t_64_sync+0x1a0/0x1a4 [ 53.146795][ T4316] [ 53.147430][ T4316] Freed by task 4300: [ 53.148594][ T4316] kasan_set_track+0x4c/0x84 [ 53.149875][ T4316] kasan_set_free_info+0x28/0x4c [ 53.151264][ T4316] ____kasan_slab_free+0x118/0x164 [ 53.152708][ T4316] __kasan_slab_free+0x18/0x28 [ 53.154069][ T4316] slab_free_freelist_hook+0x128/0x1e8 [ 53.155600][ T4316] kmem_cache_free+0xdc/0x3b4 [ 53.156975][ T4316] f2fs_destroy_extent_tree+0x2d0/0x688 [ 53.158639][ T4316] f2fs_evict_inode+0x32c/0x1520 [ 53.160155][ T4316] evict+0x3c8/0x810 [ 53.161245][ T4316] iput+0x6c4/0x77c [ 53.162467][ T4316] iget_failed+0x148/0x194 [ 53.163828][ T4316] f2fs_iget+0x58c/0x5170 [ 53.165089][ T4316] f2fs_nfs_get_inode+0x80/0x118 [ 53.166473][ T4316] generic_fh_to_dentry+0x9c/0x104 [ 53.167976][ T4316] f2fs_fh_to_dentry+0x44/0x58 [ 53.169332][ T4316] exportfs_decode_fh_raw+0x10c/0x49c [ 53.170900][ T4316] exportfs_decode_fh+0x50/0x80 [ 53.172285][ T4316] do_handle_open+0x514/0x8e8 [ 53.173683][ T4316] __arm64_sys_open_by_handle_at+0x80/0x94 [ 53.175343][ T4316] invoke_syscall+0x98/0x2b8 [ 53.176726][ T4316] el0_svc_common+0x138/0x258 [ 53.178216][ T4316] do_el0_svc+0x58/0x14c [ 53.179426][ T4316] el0_svc+0x78/0x1e0 [ 53.180518][ T4316] el0t_64_sync_handler+0xcc/0xe4 [ 53.181969][ T4316] el0t_64_sync+0x1a0/0x1a4 [ 53.183255][ T4316] [ 53.183887][ T4316] The buggy address belongs to the object at ffff0000de96a7d0 [ 53.183887][ T4316] which belongs to the cache f2fs_extent_tree of size 136 [ 53.188064][ T4316] The buggy address is located 0 bytes inside of [ 53.188064][ T4316] 136-byte region [ffff0000de96a7d0, ffff0000de96a858) [ 53.191840][ T4316] The buggy address belongs to the page: [ 53.193500][ T4316] page:00000000085aca64 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11e96a [ 53.196444][ T4316] flags: 0x5ffc00000000200(slab|node=0|zone=2|lastcpupid=0x7ff) [ 53.198625][ T4316] raw: 05ffc00000000200 0000000000000000 dead000000000122 ffff0000c6a7d980 [ 53.201022][ T4316] raw: 0000000000000000 0000000080140014 00000001ffffffff 0000000000000000 [ 53.203575][ T4316] page dumped because: kasan: bad access detected [ 53.205315][ T4316] [ 53.205920][ T4316] Memory state around the buggy address: [ 53.207517][ T4316] ffff0000de96a680: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 53.209758][ T4316] ffff0000de96a700: fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 53.211997][ T4316] >ffff0000de96a780: fb fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb [ 53.214248][ T4316] ^ executing program executing program [ 53.216087][ T4316] ffff0000de96a800: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 53.218473][ T4316] ffff0000de96a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 53.221240][ T4316] ================================================================== executing program