Warning: Permanently added '10.128.1.5' (ED25519) to the list of known hosts.
2025/04/16 00:50:51 ignoring optional flag "sandboxArg"="0"
2025/04/16 00:50:52 parsed 1 programs
[   51.927658][   T24] kauditd_printk_skb: 31 callbacks suppressed
[   51.927669][   T24] audit: type=1400 audit(1744764652.709:107): avc:  denied  { unlink } for  pid=432 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   52.019600][  T432] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   52.493518][   T24] audit: type=1400 audit(1744764653.269:108): avc:  denied  { create } for  pid=450 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   52.610384][   T24] audit: type=1401 audit(1744764653.389:109): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   52.647222][  T459] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.654063][  T459] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.661717][  T459] device bridge_slave_0 entered promiscuous mode
[   52.669179][  T459] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.676003][  T459] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.683242][  T459] device bridge_slave_1 entered promiscuous mode
[   52.711134][  T459] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.717988][  T459] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.725045][  T459] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.731896][  T459] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.747676][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.754804][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.762505][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   52.770445][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   52.779673][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   52.787617][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.794429][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.802740][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   52.810923][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.817767][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.829401][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   52.838132][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   52.851292][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   52.861357][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   52.869272][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   52.876424][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   52.884654][  T459] device veth0_vlan entered promiscuous mode
[   52.896653][  T459] device veth1_macvtap entered promiscuous mode
[   52.903659][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   52.914001][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   52.923392][   T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2025/04/16 00:50:54 executed programs: 0
[   53.381376][  T493] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.388444][  T493] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.395493][  T493] device bridge_slave_0 entered promiscuous mode
[   53.405058][  T493] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.412033][  T493] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.419148][  T493] device bridge_slave_1 entered promiscuous mode
[   53.447848][  T493] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.454817][  T493] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.461943][  T493] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.468726][  T493] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.487680][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.495024][  T463] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.502136][  T463] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.511112][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.519313][  T463] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.526137][  T463] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.534705][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.543266][  T463] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.550215][  T463] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.560835][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.576405][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   53.584599][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   53.594712][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   53.602793][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   53.610881][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   53.619132][  T493] device veth0_vlan entered promiscuous mode
[   53.628865][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   53.638707][  T493] device veth1_macvtap entered promiscuous mode
[   53.647226][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   53.655219][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   53.664746][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   53.673607][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   53.729924][  T505] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   53.748742][  T505] EXT4-fs error (device loop2) in ext4_do_update_inode:5303: error 27
[   53.757126][  T505] EXT4-fs error (device loop2): ext4_dirty_inode:6110: inode #3: comm syz.2.16: mark_inode_dirty error
[   53.768595][  T505] EXT4-fs error (device loop2) in ext4_do_update_inode:5303: error 27
[   53.776896][  T505] EXT4-fs error (device loop2): __ext4_ext_dirty:182: inode #3: comm syz.2.16: mark_inode_dirty error
[   53.788179][  T505] Quota error (device loop2): write_blk: dquota write failed
[   53.795503][  T505] Quota error (device loop2): qtree_write_dquot: Error -27 occurred while creating quota
[   53.805205][  T505] EXT4-fs error (device loop2): ext4_acquire_dquot:6226: comm syz.2.16: Failed to acquire dquot type 0
[   53.817636][  T505] EXT4-fs (loop2): 1 orphan inode deleted
[   53.823173][  T505] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue
[   53.832316][  T505] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.832393][   T24] audit: type=1400 audit(1744764654.619:110): avc:  denied  { mount } for  pid=504 comm="syz.2.16" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   53.864366][   T24] audit: type=1400 audit(1744764654.639:111): avc:  denied  { write } for  pid=504 comm="syz.2.16" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   53.893939][   T24] audit: type=1400 audit(1744764654.639:112): avc:  denied  { add_name } for  pid=504 comm="syz.2.16" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   53.919033][   T24] audit: type=1400 audit(1744764654.639:113): avc:  denied  { create } for  pid=504 comm="syz.2.16" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   53.939310][   T24] audit: type=1400 audit(1744764654.639:114): avc:  denied  { read write } for  pid=504 comm="syz.2.16" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   53.976707][  T505] EXT4-fs error (device loop2): ext4_xattr_block_get:546: inode #15: comm syz.2.16: corrupted xattr block 19
[   53.988850][  T505] ==================================================================
[   53.996731][  T505] BUG: KASAN: use-after-free in ext4_find_extent+0xbea/0xe30
[   54.003912][  T505] Read of size 4 at addr ffff88812b65e84c by task syz.2.16/505
[   54.011285][  T505] 
[   54.013460][  T505] CPU: 1 PID: 505 Comm: syz.2.16 Not tainted 5.10.236-syzkaller-1007360-gba8b8b193394 #0
[   54.023091][  T505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   54.033002][  T505] Call Trace:
[   54.036120][  T505]  dump_stack_lvl+0x1e2/0x24b
[   54.040635][  T505]  ? bfq_pos_tree_add_move+0x43b/0x43b
[   54.045926][  T505]  ? panic+0x812/0x812
[   54.049830][  T505]  ? __getblk_gfp+0x3d/0x7e0
[   54.054253][  T505]  print_address_description+0x81/0x3b0
[   54.059642][  T505]  kasan_report+0x179/0x1c0
[   54.063997][  T505]  ? ext4_find_extent+0xbea/0xe30
[   54.068878][  T505]  ? ext4_find_extent+0xbea/0xe30
[   54.073781][  T505]  __asan_report_load4_noabort+0x14/0x20
[   54.079252][  T505]  ext4_find_extent+0xbea/0xe30
[   54.083936][  T505]  ext4_ext_remove_space+0x369/0x4e10
[   54.089143][  T505]  ? __es_remove_extent+0x14a0/0x1dd0
[   54.094367][  T505]  ? ext4_mb_unload_buddy+0x1e0/0x1e0
[   54.099567][  T505]  ? __kasan_check_write+0x14/0x20
[   54.104507][  T505]  ? _raw_write_lock+0xa4/0x170
[   54.109202][  T505]  ? _raw_write_trylock+0x1a0/0x1a0
[   54.114229][  T505]  ? ext4_discard_preallocations+0xd07/0xef0
[   54.120042][  T505]  ? ext4_ext_index_trans_blocks+0x120/0x120
[   54.125949][  T505]  ? ext4_es_remove_extent+0x297/0x460
[   54.131237][  T505]  ? ext4_zero_partial_blocks+0x1e5/0x220
[   54.137064][  T505]  ext4_punch_hole+0x720/0xb10
[   54.141758][  T505]  ext4_fallocate+0x2e8/0x1cc0
[   54.146337][  T505]  ? ext4_ext_truncate+0x200/0x200
[   54.151300][  T505]  ? fsnotify_perm+0x67/0x4e0
[   54.155801][  T505]  ? security_file_permission+0x7b/0xb0
[   54.161186][  T505]  ? preempt_count_add+0x92/0x1a0
[   54.166087][  T505]  vfs_fallocate+0x492/0x570
[   54.170561][  T505]  __x64_sys_fallocate+0xc0/0x110
[   54.175415][  T505]  do_syscall_64+0x34/0x70
[   54.179670][  T505]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   54.185401][  T505] RIP: 0033:0x7faa1d3e3169
[   54.189649][  T505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.209101][  T505] RSP: 002b:00007faa1ce55038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[   54.217331][  T505] RAX: ffffffffffffffda RBX: 00007faa1d5fbfa0 RCX: 00007faa1d3e3169
[   54.225163][  T505] RDX: 0000000000000004 RSI: 0000000000000003 RDI: 0000000000000004
[   54.233140][  T505] RBP: 00007faa1d4642a0 R08: 0000000000000000 R09: 0000000000000000
[   54.241157][  T505] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000000
[   54.248955][  T505] R13: 0000000000000000 R14: 00007faa1d5fbfa0 R15: 00007ffe2889fd28
[   54.256770][  T505] 
[   54.258938][  T505] The buggy address belongs to the page:
[   54.264531][  T505] page:ffffea0004ad9780 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x0 pfn:0x12b65e
[   54.274857][  T505] flags: 0x4000000000000000()
[   54.279373][  T505] raw: 4000000000000000 ffffffff86dffe78 ffffffff86dffe78 0000000000000000
[   54.287883][  T505] raw: 0000000000000000 0000000000000001 00000000ffffff7f 0000000000000000
[   54.296285][  T505] page dumped because: kasan: bad access detected
[   54.302552][  T505] page_owner info is not present (never set?)
[   54.308539][  T505] 
[   54.310848][  T505] Memory state around the buggy address:
[   54.316270][  T505]  ffff88812b65e700: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.324168][  T505]  ffff88812b65e780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.332271][  T505] >ffff88812b65e800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.340328][  T505]                                               ^
[   54.346576][  T505]  ffff88812b65e880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.354475][  T505]  ffff88812b65e900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   54.362371][  T505] ==================================================================
[   54.370267][  T505] Disabling lock debugging due to kernel taint
[   54.378907][  T505] ------------[ cut here ]------------
[   54.384199][  T505] kernel BUG at fs/ext4/extents.c:3180!
[   54.389762][  T505] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   54.395629][  T505] CPU: 0 PID: 505 Comm: syz.2.16 Tainted: G    B             5.10.236-syzkaller-1007360-gba8b8b193394 #0
[   54.406648][  T505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   54.416663][  T505] RIP: 0010:ext4_split_extent_at+0x121c/0x1240
[   54.422643][  T505] Code: fe c1 38 c1 0f 8c 16 fa ff ff e8 5f b7 cf ff 48 8b 54 24 58 48 8b 74 24 40 e9 02 fa ff ff e8 eb 16 92 ff 0f 0b e8 e4 16 92 ff <0f> 0b e8 dd 16 92 ff 0f 0b e8 16 9e d5 02 e8 d1 16 92 ff 0f 0b e8
[   54.442093][  T505] RSP: 0018:ffffc90004377820 EFLAGS: 00010293
[   54.447984][  T505] RAX: ffffffff81d8b73c RBX: 0000000000000000 RCX: ffff88811769a780
[   54.455880][  T505] RDX: 0000000000000000 RSI: 0000000000000010 RDI: 0000000000000000
[   54.463698][  T505] RBP: ffffc90004377990 R08: ffffffff81d8a7a2 R09: ffffc90004377920
[   54.471598][  T505] R10: fffff5200086ef25 R11: dffffc0000000001 R12: 0000000000000000
[   54.479403][  T505] R13: 0000000000000000 R14: 1ffff110256d0612 R15: 0000000000000000
[   54.487324][  T505] FS:  00007faa1ce556c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   54.496081][  T505] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   54.502487][  T505] CR2: 0000200000032000 CR3: 0000000116f63000 CR4: 00000000003506b0
[   54.510388][  T505] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   54.518305][  T505] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   54.526126][  T505] Call Trace:
[   54.529241][  T505]  ? check_panic_on_warn+0x65/0xb0
[   54.534274][  T505]  ? ext4_ext_try_to_merge_right+0x7e0/0x7e0
[   54.540095][  T505]  ext4_ext_remove_space+0x719/0x4e10
[   54.545391][  T505]  ? ext4_mb_unload_buddy+0x1e0/0x1e0
[   54.550590][  T505]  ? __kasan_check_write+0x14/0x20
[   54.555533][  T505]  ? _raw_write_lock+0xa4/0x170
[   54.560324][  T505]  ? _raw_write_trylock+0x1a0/0x1a0
[   54.565430][  T505]  ? ext4_discard_preallocations+0xd07/0xef0
[   54.571258][  T505]  ? ext4_ext_index_trans_blocks+0x120/0x120
[   54.577065][  T505]  ? ext4_es_remove_extent+0x297/0x460
[   54.582366][  T505]  ? ext4_zero_partial_blocks+0x1e5/0x220
[   54.587919][  T505]  ext4_punch_hole+0x720/0xb10
[   54.592514][  T505]  ext4_fallocate+0x2e8/0x1cc0
[   54.597103][  T505]  ? ext4_ext_truncate+0x200/0x200
[   54.602205][  T505]  ? fsnotify_perm+0x67/0x4e0
[   54.606651][  T505]  ? security_file_permission+0x7b/0xb0
[   54.612033][  T505]  ? preempt_count_add+0x92/0x1a0
[   54.616912][  T505]  vfs_fallocate+0x492/0x570
[   54.621368][  T505]  __x64_sys_fallocate+0xc0/0x110
[   54.626192][  T505]  do_syscall_64+0x34/0x70
[   54.630438][  T505]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   54.636170][  T505] RIP: 0033:0x7faa1d3e3169
[   54.640591][  T505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.660141][  T505] RSP: 002b:00007faa1ce55038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[   54.668379][  T505] RAX: ffffffffffffffda RBX: 00007faa1d5fbfa0 RCX: 00007faa1d3e3169
[   54.676370][  T505] RDX: 0000000000000004 RSI: 0000000000000003 RDI: 0000000000000004
[   54.684933][  T505] RBP: 00007faa1d4642a0 R08: 0000000000000000 R09: 0000000000000000
[   54.692888][  T505] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000000
[   54.700977][  T505] R13: 0000000000000000 R14: 00007faa1d5fbfa0 R15: 00007ffe2889fd28
[   54.708787][  T505] Modules linked in:
[   54.716161][  T505] ---[ end trace 8090decb7bfe59df ]---
[   54.721685][  T505] RIP: 0010:ext4_split_extent_at+0x121c/0x1240
[   54.727756][  T505] Code: fe c1 38 c1 0f 8c 16 fa ff ff e8 5f b7 cf ff 48 8b 54 24 58 48 8b 74 24 40 e9 02 fa ff ff e8 eb 16 92 ff 0f 0b e8 e4 16 92 ff <0f> 0b e8 dd 16 92 ff 0f 0b e8 16 9e d5 02 e8 d1 16 92 ff 0f 0b e8
[   54.747313][  T505] RSP: 0018:ffffc90004377820 EFLAGS: 00010293
[   54.753297][  T505] RAX: ffffffff81d8b73c RBX: 0000000000000000 RCX: ffff88811769a780
[   54.761392][  T505] RDX: 0000000000000000 RSI: 0000000000000010 RDI: 0000000000000000
[   54.769314][  T505] RBP: ffffc90004377990 R08: ffffffff81d8a7a2 R09: ffffc90004377920
[   54.777617][  T505] R10: fffff5200086ef25 R11: dffffc0000000001 R12: 0000000000000000
[   54.785398][  T505] R13: 0000000000000000 R14: 1ffff110256d0612 R15: 0000000000000000
[   54.793345][  T505] FS:  00007faa1ce556c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   54.802376][  T505] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   54.808915][  T505] CR2: 0000200000032000 CR3: 0000000116f63000 CR4: 00000000003506b0
[   54.816709][  T505] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   54.824864][  T505] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   54.832705][  T505] Kernel panic - not syncing: Fatal exception
[   54.838873][  T505] Kernel Offset: disabled
[   54.843003][  T505] Rebooting in 86400 seconds..