F2FS-fs (loop6): invalid crc value
F2FS-fs (loop6): Found nat_bits in checkpoint
F2FS-fs (loop6): Start checkpoint disabled!
F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
BUG: MAX_LOCKDEP_CHAIN_HLOCKS too low!
turning off the locking correctness validator.
CPU: 1 PID: 6499 Comm: syz.6.431 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
Call trace:
 dump_backtrace+0x1c8/0x1f4 arch/arm64/kernel/stacktrace.c:158
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:165
 __dump_stack+0x30/0x40 lib/dump_stack.c:88
 dump_stack_lvl+0xf8/0x160 lib/dump_stack.c:106
 dump_stack+0x1c/0x5c lib/dump_stack.c:113
 add_chain_cache kernel/locking/lockdep.c:-1 [inline]
 lookup_chain_cache_add kernel/locking/lockdep.c:3772 [inline]
 validate_chain kernel/locking/lockdep.c:3793 [inline]
 __lock_acquire+0x1b40/0x6544 kernel/locking/lockdep.c:5049
 lock_acquire+0x20c/0x644 kernel/locking/lockdep.c:5662
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0x6c/0xb4 kernel/locking/spinlock.c:162
 get_partial_node+0x44/0x3b8 mm/slub.c:2215
 get_partial mm/slub.c:2330 [inline]
 ___slab_alloc+0x690/0xec8 mm/slub.c:3131
 __slab_alloc+0x74/0xd0 mm/slub.c:3240
 slab_alloc_node mm/slub.c:3325 [inline]
 slab_alloc mm/slub.c:3367 [inline]
 __kmem_cache_alloc_lru mm/slub.c:3374 [inline]
 kmem_cache_alloc_lru+0x220/0x298 mm/slub.c:3390
 xas_alloc lib/xarray.c:377 [inline]
 xas_create+0xe6c/0x1350 lib/xarray.c:679
 xas_store+0x8c/0x14e4 lib/xarray.c:789
 __filemap_add_folio+0x500/0xfb4 mm/filemap.c:908
 filemap_add_folio+0xb0/0x20c mm/filemap.c:962
 __filemap_get_folio+0x6ec/0xab0 mm/filemap.c:2004
 pagecache_get_page+0x3c/0x16c mm/folio-compat.c:110
 find_or_create_page include/linux/pagemap.h:646 [inline]
 grab_cache_page include/linux/pagemap.h:778 [inline]
 f2fs_grab_cache_page+0x198/0x3a4 fs/f2fs/f2fs.h:2732
 f2fs_grab_meta_page+0x70/0x21c fs/f2fs/checkpoint.c:49
 f2fs_update_meta_page fs/f2fs/segment.c:2389 [inline]
 write_sum_page fs/f2fs/segment.c:2399 [inline]
 new_curseg+0x11c/0x1758 fs/f2fs/segment.c:2600
 f2fs_allocate_data_block+0x17cc/0x2e50 fs/f2fs/segment.c:3287
 __allocate_data_block+0x404/0x89c fs/f2fs/data.c:1424
 f2fs_map_blocks+0xc88/0x2a3c fs/f2fs/data.c:1608
 expand_inode_data+0x3f0/0x6c4 fs/f2fs/file.c:1803
 f2fs_fallocate+0x340/0x8bc fs/f2fs/file.c:1906
 vfs_fallocate+0x4a4/0x5f4 fs/open.c:323
 ioctl_preallocate+0x204/0x2a0 fs/ioctl.c:290
 file_ioctl fs/ioctl.c:-1 [inline]
 do_vfs_ioctl+0x17f4/0x206c fs/ioctl.c:849
 __do_sys_ioctl fs/ioctl.c:868 [inline]
 __se_sys_ioctl fs/ioctl.c:856 [inline]
 __arm64_sys_ioctl+0xe4/0x1c8 fs/ioctl.c:856
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x138 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
syz.6.431: attempt to access beyond end of device
loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427