Warning: Permanently added '10.128.1.245' (ED25519) to the list of known hosts.
2026/02/01 05:36:08 parsed 1 programs
[ 45.393437][ T28] audit: type=1400 audit(1769924168.815:106): avc: denied { unlink } for pid=400 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 45.564369][ T400] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 46.707019][ T434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 46.714291][ T434] bridge0: port 1(bridge_slave_0) entered disabled state
[ 46.721971][ T434] device bridge_slave_0 entered promiscuous mode
[ 46.730574][ T434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 46.737898][ T434] bridge0: port 2(bridge_slave_1) entered disabled state
[ 46.745451][ T434] device bridge_slave_1 entered promiscuous mode
[ 46.785951][ T434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 46.793119][ T434] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 46.800654][ T434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 46.808069][ T434] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 46.826275][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 46.833945][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 46.841585][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 46.849219][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 46.858917][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 46.867207][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 46.874260][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 46.883760][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 46.892830][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 46.900289][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 46.913179][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 46.922876][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 46.936225][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 46.948319][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 46.956925][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 46.964792][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 46.973315][ T434] device veth0_vlan entered promiscuous mode
[ 46.982799][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 46.991992][ T434] device veth1_macvtap entered promiscuous mode
[ 47.001368][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 47.011374][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 47.069215][ T28] audit: type=1400 audit(1769924170.485:107): avc: denied { create } for pid=452 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 47.135638][ T28] audit: type=1401 audit(1769924170.555:108): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
2026/02/01 05:36:10 executed programs: 0
[ 47.401948][ T472] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.409635][ T472] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.417819][ T472] device bridge_slave_0 entered promiscuous mode
[ 47.429213][ T472] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.436453][ T472] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.444024][ T472] device bridge_slave_1 entered promiscuous mode
[ 47.489915][ T472] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.497596][ T472] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.505091][ T472] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.512306][ T472] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.534625][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 47.542531][ T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 47.550059][ T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 47.559425][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 47.567963][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 47.575277][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 47.588043][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 47.596258][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 47.603572][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 47.615671][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 47.625213][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 47.642360][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 47.654275][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 47.662599][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 47.670722][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 47.683646][ T472] device veth0_vlan entered promiscuous mode
[ 47.694479][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 47.704078][ T472] device veth1_macvtap entered promiscuous mode
[ 47.712774][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 47.721599][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 47.730914][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 47.739646][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 47.769420][ T483] loop2: detected capacity change from 0 to 1024
[ 47.776317][ T483] =======================================================
[ 47.776317][ T483] WARNING: The mand mount option has been deprecated and
[ 47.776317][ T483] and is ignored by this kernel. Remove the mand
[ 47.776317][ T483] option from the mount to silence this warning.
[ 47.776317][ T483] =======================================================
[ 47.812815][ T483] EXT4-fs: Ignoring removed bh option
[ 47.819159][ T483] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 47.834964][ T483] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 47.844702][ T28] audit: type=1400 audit(1769924171.265:109): avc: denied { mount } for pid=482 comm="syz.2.17" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 47.861959][ T483] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.17: Allocating blocks 497-513 which overlap fs metadata
[ 47.866708][ T28] audit: type=1400 audit(1769924171.275:110): avc: denied { write } for pid=482 comm="syz.2.17" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 47.881565][ T483] EXT4-fs (loop2): pa ffff88812328a540: logic 64, phys. 193, len 20
[ 47.903069][ T28] audit: type=1400 audit(1769924171.275:111): avc: denied { add_name } for pid=482 comm="syz.2.17" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 47.911123][ T483] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 47.932070][ T28] audit: type=1400 audit(1769924171.275:112): avc: denied { create } for pid=482 comm="syz.2.17" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 47.963555][ T28] audit: type=1400 audit(1769924171.275:113): avc: denied { read write } for pid=482 comm="syz.2.17" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 47.965638][ T8] ==================================================================
[ 47.987130][ T28] audit: type=1400 audit(1769924171.275:114): avc: denied { open } for pid=482 comm="syz.2.17" path="/0/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 47.994449][ T8] BUG: KASAN: use-after-free in ext4_find_extent+0xbeb/0xe20
[ 47.994490][ T8] Read of size 4 at addr ffff88811782bc94 by task kworker/u4:0/8
[ 47.994504][ T8]
[ 48.017909][ T28] audit: type=1400 audit(1769924171.305:115): avc: denied { setattr } for pid=482 comm="syz.2.17" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 48.025448][ T8] CPU: 0 PID: 8 Comm: kworker/u4:0 Not tainted syzkaller #0
[ 48.025466][ T8] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 48.025475][ T8] Workqueue: writeback wb_workfn (flush-7:2)
[ 48.083740][ T8] Call Trace:
[ 48.087179][ T8]
[ 48.090136][ T8] __dump_stack+0x21/0x24
[ 48.094502][ T8] dump_stack_lvl+0x110/0x170
[ 48.099266][ T8] ? __cfi_dump_stack_lvl+0x8/0x8
[ 48.104382][ T8] ? ext4_find_extent+0xbeb/0xe20
[ 48.109601][ T8] print_address_description+0x71/0x200
[ 48.115294][ T8] print_report+0x4a/0x60
[ 48.119947][ T8] kasan_report+0x122/0x150
[ 48.124703][ T8] ? ext4_find_extent+0xbeb/0xe20
[ 48.129800][ T8] __asan_report_load4_noabort+0x14/0x20
[ 48.135418][ T8] ext4_find_extent+0xbeb/0xe20
[ 48.140359][ T8] ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[ 48.146340][ T8] ext4_ext_map_blocks+0x207/0x61d0
[ 48.151532][ T8] ? kasan_set_track+0x60/0x70
[ 48.156476][ T8] ? kasan_set_track+0x4b/0x70
[ 48.161228][ T8] ? kasan_save_alloc_info+0x25/0x30
[ 48.166517][ T8] ? __kasan_slab_alloc+0x72/0x80
[ 48.171523][ T8] ? slab_post_alloc_hook+0x4f/0x2d0
[ 48.176890][ T8] ? kmem_cache_alloc+0x16e/0x330
[ 48.181925][ T8] ? ext4_alloc_io_end_vec+0x2a/0x160
[ 48.187291][ T8] ? ext4_writepages+0x10e9/0x30e0
[ 48.192387][ T8] ? do_writepages+0x3a4/0x5f0
[ 48.197159][ T8] ? __writeback_single_inode+0xc6/0xad0
[ 48.203104][ T8] ? writeback_sb_inodes+0xa10/0x15d0
[ 48.208477][ T8] ? wb_writeback+0x40b/0x9d0
[ 48.213228][ T8] ? wb_workfn+0x378/0xeb0
[ 48.217631][ T8] ? process_one_work+0x71f/0xc40
[ 48.222722][ T8] ? worker_thread+0xa29/0x11e0
[ 48.227562][ T8] ? kthread+0x281/0x320
[ 48.231871][ T8] ? ret_from_fork+0x1f/0x30
[ 48.236448][ T8] ? __cfi_ext4_ext_map_blocks+0x10/0x10
[ 48.242251][ T8] ? ext4_es_lookup_extent+0x54c/0x900
[ 48.247868][ T8] ext4_map_blocks+0x9d8/0x1b70
[ 48.252703][ T8] ? __cfi_ext4_map_blocks+0x10/0x10
[ 48.258086][ T8] ? ext4_inode_journal_mode+0x19a/0x480
[ 48.263877][ T8] ext4_writepages+0x1409/0x30e0
[ 48.268806][ T8] ? debug_smp_processor_id+0x17/0x20
[ 48.274544][ T8] ? loopback_xmit+0x3db/0x570
[ 48.279507][ T8] ? __cfi_ext4_writepages+0x10/0x10
[ 48.285169][ T8] ? __cfi____update_load_sum+0x10/0x10
[ 48.290985][ T8] ? xas_start+0x317/0x3e0
[ 48.295390][ T8] ? __kasan_check_write+0x14/0x20
[ 48.300939][ T8] ? __cfi_ext4_writepages+0x10/0x10
[ 48.306661][ T8] do_writepages+0x3a4/0x5f0
[ 48.311428][ T8] ? __update_load_avg_cfs_rq+0xaf/0x2f0
[ 48.317952][ T8] ? __cfi_do_writepages+0x10/0x10
[ 48.323244][ T8] ? __kasan_check_write+0x14/0x20
[ 48.328800][ T8] ? _raw_spin_lock+0x94/0xf0
[ 48.333659][ T8] __writeback_single_inode+0xc6/0xad0
[ 48.339127][ T8] ? inode_io_list_move_locked+0x366/0x3d0
[ 48.345078][ T8] writeback_sb_inodes+0xa10/0x15d0
[ 48.350268][ T8] ? queue_io+0x4c0/0x4c0
[ 48.355191][ T8] ? __kasan_check_read+0x11/0x20
[ 48.360202][ T8] ? queue_io+0x382/0x4c0
[ 48.364521][ T8] wb_writeback+0x40b/0x9d0
[ 48.369196][ T8] ? inode_cgwb_move_to_attached+0x3e0/0x3e0
[ 48.375426][ T8] ? set_worker_desc+0x1ba/0x1f0
[ 48.380453][ T8] ? __kasan_check_write+0x14/0x20
[ 48.385568][ T8] ? kvm_sched_clock_read+0x18/0x40
[ 48.390758][ T8] ? sched_clock+0x9/0x10
[ 48.395186][ T8] ? sched_clock_cpu+0x6e/0x260
[ 48.400204][ T8] wb_workfn+0x378/0xeb0
[ 48.404440][ T8] ? __cfi_wb_workfn+0x10/0x10
[ 48.409366][ T8] ? kthread_data+0x50/0xc0
[ 48.413855][ T8] ? _raw_spin_unlock+0x4c/0x70
[ 48.418703][ T8] ? finish_task_switch+0x16b/0x7b0
[ 48.424062][ T8] ? __switch_to_asm+0x3a/0x60
[ 48.428903][ T8] ? __schedule+0xbae/0x1500
[ 48.433654][ T8] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 48.439271][ T8] process_one_work+0x71f/0xc40
[ 48.444294][ T8] worker_thread+0xa29/0x11e0
[ 48.449312][ T8] kthread+0x281/0x320
[ 48.453561][ T8] ? __cfi_worker_thread+0x10/0x10
[ 48.458833][ T8] ? __cfi_kthread+0x10/0x10
[ 48.463525][ T8] ret_from_fork+0x1f/0x30
[ 48.468019][ T8]
[ 48.471299][ T8]
[ 48.473623][ T8] Allocated by task 472:
[ 48.477929][ T8] kasan_set_track+0x4b/0x70
[ 48.482596][ T8] kasan_save_alloc_info+0x25/0x30
[ 48.487869][ T8] __kasan_slab_alloc+0x72/0x80
[ 48.492707][ T8] slab_post_alloc_hook+0x4f/0x2d0
[ 48.497931][ T8] kmem_cache_alloc_node+0x181/0x340
[ 48.503385][ T8] __alloc_skb+0xea/0x4b0
[ 48.507961][ T8] netlink_ack+0x372/0x1170
[ 48.512633][ T8] netlink_rcv_skb+0x294/0x460
[ 48.517404][ T8] rtnetlink_rcv+0x1c/0x20
[ 48.521812][ T8] netlink_unicast+0x8ab/0xa30
[ 48.526649][ T8] netlink_sendmsg+0x8b9/0xbd0
[ 48.531571][ T8] __sys_sendto+0x4ac/0x660
[ 48.536335][ T8] __x64_sys_sendto+0xe5/0x100
[ 48.541222][ T8] x64_sys_call+0x83/0x9a0
[ 48.545625][ T8] do_syscall_64+0x4c/0xa0
[ 48.550134][ T8] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 48.556215][ T8]
[ 48.558536][ T8] Freed by task 472:
[ 48.562406][ T8] kasan_set_track+0x4b/0x70
[ 48.567010][ T8] kasan_save_free_info+0x31/0x50
[ 48.572372][ T8] ____kasan_slab_free+0x132/0x180
[ 48.577561][ T8] __kasan_slab_free+0x11/0x20
[ 48.582416][ T8] slab_free_freelist_hook+0xc2/0x190
[ 48.588038][ T8] kmem_cache_free+0x12d/0x300
[ 48.592874][ T8] kfree_skbmem+0x10c/0x180
[ 48.597470][ T8] consume_skb+0xb3/0x1f0
[ 48.602142][ T8] skb_free_datagram+0x15/0x20
[ 48.607115][ T8] netlink_recvmsg+0x5e3/0xe00
[ 48.612127][ T8] __sys_recvfrom+0x354/0x4d0
[ 48.616878][ T8] __x64_sys_recvfrom+0xe5/0x100
[ 48.621920][ T8] x64_sys_call+0x7c/0x9a0
[ 48.626321][ T8] do_syscall_64+0x4c/0xa0
[ 48.631133][ T8] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 48.637074][ T8]
[ 48.639392][ T8] The buggy address belongs to the object at ffff88811782bc80
[ 48.639392][ T8] which belongs to the cache skbuff_head_cache of size 256
[ 48.654206][ T8] The buggy address is located 20 bytes inside of
[ 48.654206][ T8] 256-byte region [ffff88811782bc80, ffff88811782bd80)
[ 48.667462][ T8]
[ 48.669811][ T8] The buggy address belongs to the physical page:
[ 48.676353][ T8] page:ffffea00045e0ac0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11782b
[ 48.686767][ T8] flags: 0x4000000000000200(slab|zone=1)
[ 48.692506][ T8] raw: 4000000000000200 0000000000000000 dead000000000122 ffff888108c55200
[ 48.701352][ T8] raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000
[ 48.710018][ T8] page dumped because: kasan: bad access detected
[ 48.716554][ T8] page_owner tracks the page as allocated
[ 48.722341][ T8] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 472, tgid 472 (syz-executor), ts 47749710290, free_ts 46699096515
[ 48.741948][ T8] post_alloc_hook+0x1f5/0x210
[ 48.746901][ T8] prep_new_page+0x1c/0x110
[ 48.751525][ T8] get_page_from_freelist+0x2d12/0x2d80
[ 48.757077][ T8] __alloc_pages+0x1d9/0x480
[ 48.761928][ T8] alloc_slab_page+0x6e/0xf0
[ 48.766616][ T8] new_slab+0x98/0x3d0
[ 48.770774][ T8] ___slab_alloc+0x6bd/0xb20
[ 48.775366][ T8] __slab_alloc+0x5e/0xa0
[ 48.779959][ T8] kmem_cache_alloc_node+0x1c2/0x340
[ 48.785276][ T8] __alloc_skb+0xea/0x4b0
[ 48.789605][ T8] netlink_ack+0x372/0x1170
[ 48.794177][ T8] netlink_rcv_skb+0x294/0x460
[ 48.799067][ T8] rtnetlink_rcv+0x1c/0x20
[ 48.803483][ T8] netlink_unicast+0x8ab/0xa30
[ 48.808325][ T8] netlink_sendmsg+0x8b9/0xbd0
[ 48.813260][ T8] __sys_sendto+0x4ac/0x660
[ 48.817830][ T8] page last free stack trace:
[ 48.822579][ T8] free_unref_page_prepare+0x742/0x750
[ 48.828109][ T8] free_unref_page+0x95/0x540
[ 48.832769][ T8] __free_pages+0x67/0x100
[ 48.837167][ T8] __vunmap+0x9c0/0xb80
[ 48.841305][ T8] vfree+0x61/0x90
[ 48.845012][ T8] kcov_close+0x2b/0x50
[ 48.849251][ T8] __fput+0x1fc/0x8f0
[ 48.853316][ T8] ____fput+0x15/0x20
[ 48.857540][ T8] task_work_run+0x1e1/0x250
[ 48.862118][ T8] do_exit+0xa35/0x2660
[ 48.866607][ T8] do_group_exit+0x210/0x2d0
[ 48.871274][ T8] get_signal+0x13b5/0x1520
[ 48.875877][ T8] arch_do_signal_or_restart+0xd1/0x1140
[ 48.881784][ T8] exit_to_user_mode_loop+0x7a/0xb0
[ 48.887248][ T8] exit_to_user_mode_prepare+0x87/0xd0
[ 48.892866][ T8] syscall_exit_to_user_mode+0x1a/0x30
[ 48.898493][ T8]
[ 48.901066][ T8] Memory state around the buggy address:
[ 48.906932][ T8] ffff88811782bb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 48.915233][ T8] ffff88811782bc00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 48.923390][ T8] >ffff88811782bc80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 48.931429][ T8] ^
[ 48.935998][ T8] ffff88811782bd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 48.944042][ T8] ffff88811782bd80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[ 48.952167][ T8] ==================================================================
[ 48.962025][ T8] Disabling lock debugging due to kernel taint
[ 48.968459][ T8] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1 with error 117
[ 48.981194][ T8] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 48.981194][ T8]
[ 49.002030][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 49.016808][ T488] loop2: detected capacity change from 0 to 1024
[ 49.023519][ T488] EXT4-fs: Ignoring removed bh option
[ 49.029382][ T488] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 49.045527][ T488] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 49.064137][ T488] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3852: comm syz.2.18: Allocating blocks 497-513 which overlap fs metadata
[ 49.078838][ T488] EXT4-fs (loop2): pa ffff88812328abd0: logic 64, phys. 193, len 20
[ 49.087032][ T488] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4892: group 0, free 0, pa_free 1
[ 49.098788][ T10] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 37 with max blocks 3 with error 117
[ 49.111428][ T10] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 49.111428][ T10]
[ 49.122228][ T10] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4872: inode #15: block 36: len 1: ext4_ext_map_blocks returned -117
[ 49.137070][ T472] EXT4-fs (loop2): unmounting filesystem.
[ 49.151343][ T492] loop2: detected capacity change from 0 to 1024
[ 49.158312][ T492] EXT4-fs: Ignoring removed bh option
[ 49.164811][ T492] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 49.193691][ T2] general protection fault, probably for non-canonical address 0xc236b79ca4a37fa3: 0000 [#1] PREEMPT SMP KASAN
[ 49.205859][ T2] CPU: 0 PID: 2 Comm: kthreadd Tainted: G B syzkaller #0
[ 49.214447][ T2] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 49.224837][ T2] RIP: 0010:__kmem_cache_alloc_node+0x123/0x2c0
[ 49.231077][ T2] Code: 08 48 8b 38 48 85 ff 0f 84 e8 00 00 00 48 83 78 10 00 0f 84 dd 00 00 00 41 8b 47 28 48 8d 0c 07 49 8b 9f d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 07 48 89 f8 65 49 0f c7 08
[ 49.251021][ T2] RSP: 0018:ffffc900000279d0 EFLAGS: 00010282
[ 49.257080][ T2] RAX: 0000000000000040 RBX: 8228248a252b809c RCX: a37fa3a49cb736c2
[ 49.265528][ T2] RDX: 0000000000005eb8 RSI: 0000000000000080 RDI: c236b79ca4a37f63
[ 49.273924][ T2] RBP: ffffc90000027a20 R08: ffffffff814a15b8 R09: ffffffff814a15b8
[ 49.282534][ T2] R10: dffffc0000000000 R11: 00000000ffffffff R12: 0000000000000dc0
[ 49.290769][ T2] R13: 0000000000000000 R14: ffffffff814a15b8 R15: ffff888100042a80
[ 49.298867][ T2] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 49.308075][ T2] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 49.315000][ T2] CR2: 00007f7d9b383880 CR3: 0000000116910000 CR4: 00000000003506b0
[ 49.323353][ T2] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 49.331764][ T2] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 49.339899][ T2] Call Trace:
[ 49.343165][ T2]
[ 49.346167][ T2] ? set_kthread_struct+0xb8/0x210
[ 49.351639][ T2] ? set_kthread_struct+0xb8/0x210
[ 49.356765][ T2] kmalloc_trace+0x29/0xb0
[ 49.361193][ T2] set_kthread_struct+0xb8/0x210
[ 49.366325][ T2] copy_process+0x1042/0x3510
[ 49.371370][ T2] ? __cfi_sched_clock_cpu+0x10/0x10
[ 49.377015][ T2] ? dequeue_task_fair+0x500/0x1d80
[ 49.382303][ T2] ? idle_dummy+0x10/0x10
[ 49.386630][ T2] ? __kasan_check_write+0x14/0x20
[ 49.391897][ T2] ? __switch_to+0x517/0xe60
[ 49.396676][ T2] kernel_clone+0x22f/0x820
[ 49.401356][ T2] ? __cfi___switch_to+0x10/0x10
[ 49.406292][ T2] ? __cfi_kernel_clone+0x10/0x10
[ 49.411373][ T2] ? _raw_spin_unlock+0x4c/0x70
[ 49.416317][ T2] ? finish_task_switch+0x16b/0x7b0
[ 49.421514][ T2] kernel_thread+0x103/0x160
[ 49.426197][ T2] ? __cfi_kthread+0x10/0x10
[ 49.430861][ T2] ? __cfi_kernel_thread+0x10/0x10
[ 49.436136][ T2] ? __cfi_kthread+0x10/0x10
[ 49.440800][ T2] ? __kasan_check_read+0x11/0x20
[ 49.446002][ T2] kthreadd+0x337/0x460
[ 49.450405][ T2] ? __cfi_kthreadd+0x10/0x10
[ 49.455148][ T2] ? _raw_spin_unlock_irq+0x4d/0x70
[ 49.460333][ T2] ? calculate_sigpending+0x7c/0x90
[ 49.465609][ T2] ? __cfi_kthreadd+0x10/0x10
[ 49.470367][ T2] ret_from_fork+0x1f/0x30
[ 49.474861][ T2]
[ 49.478015][ T2] Modules linked in:
[ 49.482698][ T2] ---[ end trace 0000000000000000 ]---
[ 49.488199][ T2] RIP: 0010:__kmem_cache_alloc_node+0x123/0x2c0
[ 49.494626][ T2] Code: 08 48 8b 38 48 85 ff 0f 84 e8 00 00 00 48 83 78 10 00 0f 84 dd 00 00 00 41 8b 47 28 48 8d 0c 07 49 8b 9f d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 07 48 89 f8 65 49 0f c7 08
[ 49.514442][ T2] RSP: 0018:ffffc900000279d0 EFLAGS: 00010282
[ 49.520530][ T2] RAX: 0000000000000040 RBX: 8228248a252b809c RCX: a37fa3a49cb736c2
[ 49.528625][ T2] RDX: 0000000000005eb8 RSI: 0000000000000080 RDI: c236b79ca4a37f63
[ 49.536835][ T2] RBP: ffffc90000027a20 R08: ffffffff814a15b8 R09: ffffffff814a15b8
[ 49.544989][ T2] R10: dffffc0000000000 R11: 00000000ffffffff R12: 0000000000000dc0
[ 49.553227][ T2] R13: 0000000000000000 R14: ffffffff814a15b8 R15: ffff888100042a80
[ 49.561340][ T2] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 49.570309][ T2] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 49.577030][ T2] CR2: 00007f7d9b383880 CR3: 000000010ff05000 CR4: 00000000003506b0
[ 49.585748][ T2] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 49.594466][ T2] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 49.602703][ T2] Kernel panic - not syncing: Fatal exception
[ 49.609598][ T2] Kernel Offset: disabled
[ 49.614262][ T2] Rebooting in 86400 seconds..